planish

@planish@sh.itjust.works

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Autograding tool⁩ ⁨⁨5⁩ ⁨days⁩ ago⁩:
Probably.
⁨Comment⁩ on ⁨Would you like to playtest a new indie game? Just completed first playable version of my psychological horror/moral choice simulation.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Now I’m thinking with portals.
⁨Comment⁩ on ⁨Some People Can’t See Mental Images. The Consequences Are Profound⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Neither the ancient Greeks nor the ancient Chinese had video recording or even photography, which seems to be the metaphor that allows people to explain what they do or don’t have.

I must have relatively weak mental imagery? I can imagine seeing an apple, or recall the visual memory of my fruit bowl, but I’m hard-pressed to extract any definitive visual information from it, like I could if I really was looking at it. I’m visualizing the fruit bowl, but how many apples am I visualizing exactly? If I decide I’m visualizing two, now I’ve lost the relationship between the banana and the organge. It’s less like looking at a picture and more like dreaming of one.
⁨Comment⁩ on ⁨How Google Tracks and Scans Everything on Your Android Device⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I don’t think it is right to trivialize rape like that.
⁨Comment⁩ on ⁨How Google Tracks and Scans Everything on Your Android Device⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I don’t think the burden should be on users, but I do think some of the burden should be on the press. If the press just assumes Google is up to no good and never does the investigative reporting needed to show it, we will miss out on having very politically useful evidence.
⁨Comment⁩ on ⁨How Google Tracks and Scans Everything on Your Android Device⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

Anytime I want cooperation I will need to persuade you.

That sounds suspiciously like democracy, the thing we would quite like to achieve.
⁨Comment⁩ on ⁨How Google Tracks and Scans Everything on Your Android Device⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
But they aren’t even showing collection of data in the article. For the data to be collected, it needs to leave the phone, not just be touched by Play Services.

Play Services does collect data it shouldn’t collect, by sending it back to Google. But the difference between “I am collecting your data” and “I wrote software you are running” is important and needs defending, because obscuring it is one way that independent developers are prevented from publishing and marketing actually-privacy-preserving software. If I am deemed to have “collected” your personal data every time you type it into a text editor I wrote, I can no longer distinguish my local-only encrypted text editor from Google’s one that stores all your data unencrypted on their cloud. We both have to say we “collect” your data, and nobody non-technical can tell the difference.
⁨Comment⁩ on ⁨How Google Tracks and Scans Everything on Your Android Device⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
You can buy a phone that arrives running GrapheneOS. This might not be advisable, because it adds another point of trust in the refurbisher who actually does the flashing, but you don’t need to have the skills or do the research to install it yourself to get access to a device that runs it.
⁨Comment⁩ on ⁨How Google Tracks and Scans Everything on Your Android Device⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
It’s not that I want to give them the benefit of the doubt, it’s that the article neglects to bring in that whole thread of the argument that you give here. This should all be in the article.
⁨Comment⁩ on ⁨How Google Tracks and Scans Everything on Your Android Device⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
The SensorVault data is “just” the Google Maps Timeline data though, right? Which people have always been able to turn on and off, if they knew about it.

I feel like Google not really respecting a concept of user consent and pretending people agree to poorly-publicized and often-modified tracking programs is a different, and, frankly, weirder, privacy problem than there being closed source stuff running with high permissions. If you could revoke permissions from Play Services, or if it was source available or even free software, that wouldn’t solve the problem because it would still be able to do stuff Google had manufactured consent for it to do.
⁨Comment⁩ on ⁨How Google Tracks and Scans Everything on Your Android Device⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Do you mean “transmits” as in “from the location service on the phone to the mapping app on the phone”?

Or do you mean the phones are all updating the wifi SSID geolocation database, which they then all can use for doing wifi-based geolocation?
⁨Comment⁩ on ⁨How Google Tracks and Scans Everything on Your Android Device⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
The article seems to go directly from “this piece of software talks to all the sensors and isn’t well sandboxed” to “Google has directed this software to profile and surveil users” without actually providing evidence to support that leap. Is Google Play Services sampling your location so that it can send it in to Google HQ, or so that it can detect if the device has been stolen by the cops and activate anti-theft mode to protect the user’s privacy?

If we can actually show mismanagement of user data by Google Play Services, we need to shout it to the hills, because those sorts of scandals are important arguments for increased privacy protections. But we need to actually find that mismanagement occurring, not just assume it must be because Google wrote the code and it isn’t open source.
⁨Comment⁩ on ⁨How Google Tracks and Scans Everything on Your Android Device⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
But if a Graphene device takes a non-malicious approach to data management out of the box, can’t you just buy one of those instead of doing research and taking charge of your device to proactively prevent spying? Why not just let a trustworthy organization like the Graphene project manage it for you, instead of an untrustworthy one like Apple?
⁨Comment⁩ on ⁨YSK before you buy a replacement for your cellphone that has stopped charging, buy the $10 cleaning kits and spend the time deep cleaning the phone's charging port.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I had no idea these existed and they look amazing!

Where do you buy these that isn’t under boycott?
⁨Comment⁩ on ⁨Las Vegas deploys world’s first Tesla Cybertruck police fleet⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Or at a time of the choosing of the one rich dude who has root on all the cars.
⁨Comment⁩ on ⁨Minecraft is removing code obfuscation in Java Edition⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I thought they were still hoping to convince people to use Bedrock so they had to buy Windows.
⁨Comment⁩ on ⁨Autograding tool⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I mean if you put up an Internet-facing unauthenticated file acceptor it will quickly become stuffed with all sorts of garbage and aspiring malware. You definitely don’t want to hook that up to an untar and exec loop, even with some notion of sandboxing. It will just start mining Bitcoins or sending spam or something.

But if it is built properly, with only authorized users being able to upload stuff, and a basic understanding of not dropping stuff where the web server will happily execute every PHP web shell someone sticks in the slot, and the leverage to threaten people into not uploading pictures of their own or others’ butts or Iron Man (2009), I don’t see why all but the file-uploading professionals should immediately give up.
⁨Comment⁩ on ⁨Autograding tool⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
You could definitely build something like this. You definitely want either human review before execution or a fair amount of sandboxing for whatever your students submit.

Do you want students trying to brute force or exfiltrate whatever test data lives in the server? If not, either they should just have the test cases already, or they can get back how many/which of the secret test cases they passed along with their grade, so showing them the results live might not be so important. Unless you want something like “you have 3 tries to pass the secret tests so you can get a hint that your own tests missed a case and go back and try to guess what it was”.

You also might want to invest time first in test harnesses for the students to run themselves, because you want them to learn good practices like coding against a test suite. If nothing else it makes it easier to make the auto-grader later if the students’ code is all already hooked up to the same test framework.

Teaching students how to use fully use a multi-user Unix system can for some topics put unnecessary faffing about between the students and what they are trying to learn (are you teaching front-end web dev or something?), but in a lot of cases your students might actually be better served by something that makes them touch the deep magic than by a slick web UI that handles everything for them, as long as you turn it into a learning experience and not a protracted period of bafflement.

Does your school not already have some kind of shared CD department server/Unix environment for the students that could get you out of account management?
⁨Comment⁩ on ⁨Banana⁩ ⁨⁨3⁩ ⁨weeks⁩ ago⁩:
Thanks Thursday Next’s Dad!
⁨Comment⁩ on ⁨What options of resistance are programmers creating to not submit to AI culture?⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
This is honestly a lot of the problem: code generation tools can output thousands of lines of code per minute. Great, committable, defendable code.

There is basically no circumstance in which a project’s codebase growing at a rate of thousands of lines per minute is a good thing. Code is a necessary evil of programming: you can’t always avoid having it, but you should sure as hell try, because every line of code is capable of being wrong and will need to be read and understood later. Probably repeatedly.

Taking the approach to solving a problem that involves writing a lot of code, rather than putting in the time to find the setup that lets you express your solution in a little code, or reworking the design so code isn’t needed there at all, is a mistake. It relinquishes the leverage that is very point of software engineering.

A tool that reduces the effort needed to write large amounts of human-facing, gets-committed-to-the-source-tree code, so that it’s much easier and faster than finding the actual right way to parse your problem, is a tool that makes your project worse and that makes you a worse programmer when you hold it.

Maybe eventually someone will create a thinking machine that itself understands this, but it probably won’t be someone who charges by the token.
⁨Comment⁩ on ⁨Insuranace is a joke⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:
Insurance being a negative expected value isn’t the scam. Insurance not paying for the thing you bought the insurance to pay for is the scam. They’re supposed to be working from the same agreement you’re working from, not some other one they made up that’s worse for you at random.
⁨Comment⁩ on ⁨Insuranace is a joke⁩ ⁨⁨4⁩ ⁨weeks⁩ ago⁩:

Or to put it another way: insurance should pay out the amount you could get if you sold your car, not the cost to buy another similar car.

Why would an insurance company think that OP would get less money selling the car than anyone else would get selling the same kind of car, though? It’s one thing if all the listings are for much higher prices, but if those listings are selling at that price, then that’s the market value and the insurance company is provably misunderestimating.
⁨Comment⁩ on ⁨Supporting the future of the open web: Cloudflare is sponsoring Ladybird and Omarchy⁩ ⁨⁨1⁩ ⁨month⁩ ago⁩:
Cloudflare wants the web to be made of web pages. But they also have an interest in the web being at least slightly dangerous (so there’s an incentive to buy their protection services), and at least somewhat hard to make work well when served from a potato (so there’s an incentive to use their CDN to shave off those milliseconds of latency). And, as a large provider of excellent and often free services, they end up as an administrative single point of failure and thus a potential point of control. It’s a lot easier to wiretap one Cloudflare DoH resolver than thousands of ISP routers across dozens of ISPs, for example.

None of this is because Cloudflare is somehow Bad People; they’re powerful and thus dangerous, but not, as far as I can tell, evil. The worst thing about them seems to be that they’d prefer to stay out of content moderation completely rather than try to find and boot all the Nazis, which looks like it might be an incorrect position that is possible to support with arguments.
⁨Comment⁩ on ⁨How do AI data centers manage to *consume* water, but when I cool my house, my A/C *makes* water?⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
Why would they design around evaporative cooling when water consumption is a problem?
⁨Comment⁩ on ⁨Age Verification Is Coming for the Whole Internet⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
Is it filled with the type of people that one might wish major governments could stop, though?
⁨Comment⁩ on ⁨Age Verification Is Coming for the Whole Internet⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:

ZeroNet

What’s up on ZeroNet these days?
⁨Comment⁩ on ⁨Age Verification Is Coming for the Whole Internet⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
Capitalism runs on top of government. Governments create and enforce the notion that a human, or a fictional human with fractional ownership (corporation), can in turn own arbitrarily large and important objects.

This is often done at the behest of said arbitrarily-large-and-important-thing-owners, who also come up with other similarly terrible ideas to have the government do.
How do AI data centers manage to *consume* water, but when I cool my house, my A/C *makes* water?
Submitted ⁨⁨3⁩ ⁨months⁩ ago⁩ to ⁨nostupidquestions@lemmy.world⁩ | ⁨62⁩ ⁨comments⁩
⁨Comment⁩ on ⁨As governments around the world are set to make the Internet more restrictive and privacy-invading, we need a solution⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
Probably not any existing systems; you can still finger and thus demand censorship from a block producer, and you end up with situations where you just can’t host the chain anymore because it’s full of pirated MP3s or whatever now.

And they introduce new problems around having to globally replicate everything and thus getting the net performance out of the system that you get from the worst server involved.

If you need to track some kind of root signing key for a whole p2p system, or something, maybe you can stuff it into Ethereum somewhere. But I don’t think you can get very far trying to actually run a service out of a globally replicated database, and even then you’d have hundreds of operators in legal trouble rather than no operator.
⁨Comment⁩ on ⁨As governments around the world are set to make the Internet more restrictive and privacy-invading, we need a solution⁩ ⁨⁨3⁩ ⁨months⁩ ago⁩:
Something like Tor only solves half the problem. A Tor hidden service still has physical reality and a person who is hosting it, and who can be held responsible for failing to register the thing with the feds or file a moderation transparency report or whatever the latest nonsense is. The anonymity network helps to hide where the equipment and who the operator ism but there’s still a single point of failure.

We need a way to run online communities that are not online services: no single point of failure, no individual or partnership describable as a service’s operator, and no meaningful way in which one person provides access to the system to another person.