Septimaeus

@Septimaeus@infosec.pub

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨What is the cutoff distance when you point and say [thing] is "here" or [thing] is "there"?⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
Haha was going to offer this. Currently live in a predominantly Spanish-speaking neighborhood and hear the distinction made often. It must be useful to have the additional word in between here and there.
⁨Comment⁩ on ⁨Is it normal that I have this inner conflict of not knowing where I belong?⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
I would say it’s absolutely normal and quite common to feel out of place, or like you don’t belong, and what fills in the blank of what’s on the other side is mostly arbitrary.

What’s more, having grown up in many countries and hearing something like this from other young people, I would say it’s not just normal in Germany, or even the West. It’s normal everywhere.

I think the easiest way to gain a fuller perspective of cultures you’re curious about is to live among them, and while now might not be the best time to visit the US, I think you can gain exposure to lots of new global cultures just by spending time in one of the many world cities, the closest of which is Berlin. From there, many others are just a train away.

Long short, it’s normal to wonder where you fit, and it’s a question you must answer yourself, but the tried-and-true method to figuring it out is to go and find new parts of yourself in these places. You just might find that, by the end, not only can you belong anywhere you choose, but those places also belong to you.
⁨Comment⁩ on ⁨What are the benefits of a server having multiple public IP addresses?⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
If you keep pinging yourself you’ll go blind unless you enable spanning tree protocol
⁨Comment⁩ on ⁨AI company files for bankruptcy after being exposed as 700 Indian engineers - Dexerto⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Right that’s what I meant! The Mechanical Turk was a classic/early instance of fake automation.
⁨Comment⁩ on ⁨AI company files for bankruptcy after being exposed as 700 Indian engineers - Dexerto⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Weird headline. I know they mean “exposed as another mechanical turk ‘AI’ company” but headline appears to imply simply having Indian engineers was the problem.
⁨Comment⁩ on ⁨Trump Taps Palantir to Compile Data on Americans⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
For sure. I’m just pointing it out so Americans on here are eyes-open in their participation. They’re likely already on a list.

But also, I don’t think killing pedestrian voters is of any strategic benefit. I report it when I see it, even if it’s rarely taken down.
⁨Comment⁩ on ⁨Trump Taps Palantir to Compile Data on Americans⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Honestly, a lot of our content, especially the posts calling for mass murder of Republican voters (most of which appear to still be up) might make traceable prior use of lemmy an easy way to get added to a watchlist.
⁨Comment⁩ on ⁨US government is using AI for unprecedented social media surveillance⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Sure thing!

sudo launchnukes -q all

Warning: the following procedure has never been tested in this simulation. Would you like to proceed? Yy/Nn (N)
⁨Comment⁩ on ⁨There's a noticable influx of trans kids in my job. Are there any topics I should avoid or considerations I should take into account when training them?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Ah understood. From the conscientious wording, I would guess that’s the sort of stuff they worked on quite a few years ago. But I’m wrong often enough, good looking out.
⁨Comment⁩ on ⁨There's a noticable influx of trans kids in my job. Are there any topics I should avoid or considerations I should take into account when training them?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I get where you’re coming from, and we’ve all seen bad faith “advice” seeking (sea lioning), but also most of us have interacted with people who are well-meaning yet know they have tons of learned behaviors they’ve never needed to question.

For example, a friend had a boss in a male-dominated industry (construction) who, at the end of a client lunch with several cis men, bid them farewell with “bye ladies.” When they were back in the car she called him out on it “is ‘ladies’ supposed to imply something?” and he immediately admitted “dammit I know. I’m sorry.”

She knew he knew as he said it that it wasn’t the right thing and just hadn’t considered it before, but it took situations like that to make him consider it in advance. And it sounds like he did. She said he began to make eye contact to check his wording in meetings, which she took to indicate it being present in his mind, that he was actually trying.

I’m just saying asking and trying to consider little things in advance is ally behavior and should be encouraged unless it’s obviously in bad faith.
⁨Comment⁩ on ⁨‘Alexa, what do you know about us?’ What I discovered when I asked Amazon to tell me everything my family’s smart speaker had heard⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Yes, in fact. That’s a good example.

The API for the ads allowed on-platform (only in their “App Store” and “News” products to my knowledge) is also used internally, which you can verify yourself by simply inspecting network traffic. The component instrumentation is obviously meager compared to the rich analytics and user behavior tracking data offered by virtually every other platform.

But the foremost restriction is granularity. Neither internal analytics nor advertisers are ever provided a persistent user identifier. The advertising ID is generated on-device and doesn’t persist with device reset. That’s unheard of on platforms like Google, Meta, Amazon, etc.

In-app tracking is allowed but subject to item by item opt-in user permission and is similarly restrictive, audited with package submission (they will reject the submission if you attempt to circumvent the API to extract more/better data from the user). What I’m describing is draconian compared to most platforms, especially carrier-manufacturer Android distributions in many countries.

I mostly use custom roms and distros personally, and I’m not even trying to convince you Apple is in some way more ethical than other big tech cos. I just don’t like seeing misinfo and hearsay spread around for any purpose, especially when that purpose is apparently bullying other users for upvotes.
⁨Comment⁩ on ⁨‘Alexa, what do you know about us?’ What I discovered when I asked Amazon to tell me everything my family’s smart speaker had heard⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
1. There is absolutely no possible comparison between the colossal scale of data collected by Google throughout routine operation of their products and the anonymous diagnostic data users can optionally send to Apple.
2. The entire point of E2EE is that it remains encrypted in storage and transit. No one wants to buy encrypted consumer data right now unless it’s a very old protocol and guaranteed sensitive.
⁨Comment⁩ on ⁨‘Alexa, what do you know about us?’ What I discovered when I asked Amazon to tell me everything my family’s smart speaker had heard⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

They do, so far as anyone is aware.

They do, so far as anyone is aware or can know, yes.

I said “so far” because I think continuing to test their claims remains important, as they keep making new equipment and are a large public corporation whose only moral code is increasing shareholder value.

But I’m not interested in conspiracy theories. Sorry.
⁨Comment⁩ on ⁨‘Alexa, what do you know about us?’ What I discovered when I asked Amazon to tell me everything my family’s smart speaker had heard⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
They do, so far. I test these machines for privacy claims as a hobby and have been a bit surprised to find Apple stuff mostly delivering on those claims. I’m used to seeing a lot of dark patterns in testing and it’s made me expect the worst, but so far they’ve followed through on (in particular) their end-to-end encryption and on-device processing guarantees. Security audit failures so far have appeared to be engineering oversights, and the ones I reported have been patched already.

The majority of user data they collect appears to be optional analytics and diagnostics that are properly encrypted and anonymized using the same pooling strategy used for their built-in VPN service. They recently started doing processing off-device for some new features related to the Apple intelligence thing (I haven’t gotten around to testing most of that) but otherwise anything siri-related is indeed processed locally. You can toggle a setting to allow anonymized siri recordings to be sent to Apple for quality control but they ask you permission each time you reset a device and re-confirm when you install updates, which IMO is adequate.

The other guy who commented here is talking out his ass. I used to give guys like that the benefit of the doubt but I’m done with them. Truth doesn’t matter to them. There are good reasons to hate Apple, such as the fact that it’s a massive soulless corporation raping the planet to make luxury electronics for affluent consumers, but for most of the rabid apple haters I find online the reasons appear to be far more selfish and petty than that. In this case, the guy is just a contrarian who likes pretending to know things, which is why he hawks conspiracy theories on lemmy for guaranteed upvotes.
⁨Comment⁩ on ⁨Trump says a 25% tariff "must be paid by Apple" on iPhones not made in the US, says he told Tim Cook long ago that iPhones sold in the US must be made in the US⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
That’s unfortunate. Most octogenarians I’ve met are far more thoughtful and kind than Trump has ever been.
⁨Comment⁩ on ⁨Partner has ADD, do I have misophonia?⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
The relationship advice special is “leave him.” Without additional information I don’t think it’s responsible for anyone here to say that, but what you’ve described is clearly an untenable situation and relationship dynamic.

I think you owe it to yourself and your partner to sit them down, describe this situation as you see it, and how their behavior makes you feel, perhaps the way you have here. Their response to your feelings should, I think, tell you the next steps.

Whether that response is workable should, I think, be determined by its impact on trust in the relationship, because trust is ultimately the only fungible currency that differentiates a good relationship from a bad one.

Concretely:
1. If they disregard your emotions, disbelieve your experience, or disrespect your right to peace in your own home, this describes a dynamic in which there is no chance for compromise, and you have your answer.
2. If they still care about your comfort, realize something must change, and are willing to modify their behavior for your benefit, there remains hope to rebuild the trust that’s been lost.
In either case, what happens next is not something anyone here is equipped to prescribe, but I do hope you’re able to find a better relationship, with or without your current partner.
⁨Comment⁩ on ⁨Apple executives ban Fortnight from the App store⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I have a very particular set of skills…
⁨Comment⁩ on ⁨Lady Gaga bomb plot: Thwarted plan lifts veil on the gamification of hate and gendered nature of online radicalization⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Definitely agree courage is key. These boys seem to idolize fearlessness, even when it’s clearly fake (tate), pathological (joker), self-destructive (bateman), or simply the result of having power (homelander).

Of course, real courage isn’t “fearless” at all, just the strength to defy it for a worthy cause, but that’s exactly the kind of thing they could learn from a better example like Sean Penn (afaik).

It would be extra timely too, since news these days is filled with headlines detailing the cowardice of US leadership, feeding the fascist takeover, when courage has always been the purest form of antifascism we know.
⁨Comment⁩ on ⁨Lady Gaga bomb plot: Thwarted plan lifts veil on the gamification of hate and gendered nature of online radicalization⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
(Assuming US-specific) For sure, a quarter of Americans are simply too brainwashed to be of any help. Fortunately, many of those aren’t raising children anymore, but also there’s good evidence for a sizable chunk of quieter voters closer to the middle, a mixed bag of reluctant, not-fully-radicalized “fiscal conservatives” and “family-values liberals” that I’ve been waiting to hear more about in the news.

I think it’s possible the anti-woke messaging might not fully stick to them as easily, especially given a strong call to action that champions core values — integrity, responsibility, honor, strength of character, kindness, courage, and so forth — that Trumpism lacks entirely. As to why, I suspect we will witness a backlash from this middle group especially in the wake of Trumpism, or maybe sooner if they have some backbone left. If so, it could be an opportune time to lead with that sort of messaging.
⁨Comment⁩ on ⁨Lady Gaga bomb plot: Thwarted plan lifts veil on the gamification of hate and gendered nature of online radicalization⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
I’m glad this issue is gaining broader international recognition.

The strategies we’ve used to address it online seem to have mostly forced it underground without actually stopping the spread. It’s not just a few dark corners of social media where you’ll find evidence of it, either. You’ll see it pretty regularly in some of the largest communities on Lemmy, and anywhere young men congregate.

As for how we fix it, ultimately I think the way we socialize our young people is long overdue a shift from highly gendered social role reinforcement to a more flexible empathy-centric value system. But for the young men who have already been radicalized, I think an obvious start would be deprogramming by offering them more positive masculine identities than the machismo currently served up by pop culture.

One approach could, for example, emphasize qualities that are already familiar aspects of that identity, such as responsibility to others, protecting the weak, serving a community, etc. Regardless of the approach, there’s power in expectation. IMHO the people most well-equipped to do this are the cis men of earlier generations, simply because they are who these boys instinctively look up to the most.

And if that describes you, it’s something you can start doing today by simply knowing what to look for and when to step in.
⁨Comment⁩ on ⁨VMware perpetual license holders receive cease-and-desist letters from Broadcom⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Summary for the curious:

The dilemma: Two prisoners are interrogated in separate rooms. Each is asked to snitch in exchange for a reduced sentence. Because they’re separated, the prisoners can’t coordinate, but each knows the other is offered the same deal and the interrogator will only offer bargains that increase the combined years of their imprisonment. For example, snitch gets -2 years but snitchee gets +3 years, netting the interrogator +1 year for a successful bargain). So, what will they do?

Result: Of course the better outcome overall is for neither to snitch and the worst is for both to snitch, but the Nobel-Prize-winning observation was that any prisoner faced with this dilemma (once) will always have a better result if they snitch than if they don’t, no matter what the other decides.

This sounds bleak because it is, but real-world analogs of this game are rarely one-offs. For example, if the prisoners expect to play this game an indeterminate number of times, the result above no longer applies. The study of such logic problems and the strategies to solve them is called game theory.
⁨Comment⁩ on ⁨‘The Worst Internet-Research Ethics Violation I Have Ever Seen’ | The most persuasive “people” on a popular subreddit turned out to be a front for a secret AI experiment.⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Shall I compare thee to a Summer’s day?
⁨Comment⁩ on ⁨‘The Worst Internet-Research Ethics Violation I Have Ever Seen’ | The most persuasive “people” on a popular subreddit turned out to be a front for a secret AI experiment.⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Now look here! I was invited to speak with the very real, very human patrons of this fine establishment, and I’ll not have you undermining my efforts to fulfill that obligation!
⁨Comment⁩ on ⁨‘The Worst Internet-Research Ethics Violation I Have Ever Seen’ | The most persuasive “people” on a popular subreddit turned out to be a front for a secret AI experiment.⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Hello, this is John Cleese. If you doubt that this is the real John Cleese, here is my mother to confirm that I am, in fact, me. Mother! Am I me?

Oh yes!

There you have it. I am me.
⁨Comment⁩ on ⁨Pictures of Animals Getting CT Scans Against their Will: A Thread⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
It adds cheek. Sans’ use was revived to alter one’s tone to sound stuffier. A visual equivalent might be putting on a top-hat and monocle.
⁨Comment⁩ on ⁨Everyone knows what first aid is, but what is second aid?⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Bonk, horny jail. This is shower thoughts not locker room thoughts.
⁨Comment⁩ on ⁨Future apocalypse movies won't have survivors scavaging abandoned cars.⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Mad Max the musical now on Broadway
⁨Comment⁩ on ⁨Future apocalypse movies won't have survivors scavaging abandoned cars.⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
It would be easy to find enough solar panels to charge an electric vehicle in most sunny areas, though it would probably be easier to just look for a large enough existing install and skip all the DIY. (Just look for the shiniest roof.)

But I think the real problem is in the EV itself. Batteries self-discharge and chemically degrade over time, so unless the apocalypse was recent, a lot of EVs you find might have damaged batteries, especially if fully discharged to begin with.

You could cannibalize one or more EVs to cobble together enough good cells to get past the safety cutoffs, but it would take a while and you would need to be careful since internal voltage in EVs tends to be high (like 400-800 volts).

TLDR: if this is a movie depiction, definitely use a montage.
⁨Comment⁩ on ⁨Microsoft's AI Secretly Copying All Your Private Messages⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Lol I noticed the same. They evidently have some ongoing internal disagreement as to their target audience. Docs and functionality says “our audience is enterprise developers” but their marketing definitely says “our audience is end users.”

It may be explained by recent partnerships with former custom ISO devs (seeking legitimacy and offering a sizable user base in turn). I expect the plan is eventually to sell premium support for an enterprise toolset, but for now their target audience is the non-dev-but-tech-savvy end user. And those happen to be surprisingly opinionated re: java and electron.
⁨Comment⁩ on ⁨Microsoft's AI Secretly Copying All Your Private Messages⁩ ⁨⁨5⁩ ⁨weeks⁩ ago⁩:
Forgive me for not explaining better. Here are the terms potentially needing explanation.
- Provisioning is just initial system setup, but usually implies a more regimented or repeatable process.
- Virtual Machine (VM) snapshots are like a save state in a game, and are often used to reset a virtual machine to a particular known-working condition.
- Preboot Execution Environment (PXE, aka ‘network boot’) is a network adapter feature that lets you boot a physical machine from a hosted network image rather than the usual installation on locally attached storage. It’s probably tucked away in your BIOS settings, but many computers have the feature since it’s a common requirement in commercial deployments. As with the VM snapshot described above, a PXE image is typically a known-working state that resets on each boot.
- Non-virtualized means not using hardware virtualization, and I meant specifically not running inside a virtual machine.
- Local-only means without a network or just not booting from a network-hosted image.
- Telemetry refers to the data harvesting apparatus. Most software has it. Windows has a lot. Telemetry isn’t necessarily bad but it is easily abused by data-hungry corporations like MS, so disabling it is a precaution.
- MS = Microsoft
- OSS = Open Source Software
- Group policies are administrative settings in Windows that control standards (for stuff like security, power management, licensing, software and file system access, etc.) for user groups on a machine or network. Most users stick with the defaults but you can edit these yourself for a greater degree of control.
Many of these concepts are IT-related, as are the use-cases I had in mind, but the software is simple to use if you pick one of the premade playbooks. (The AtlasOS playbook is popular among gamers, for example.)