planish
@planish@sh.itjust.works
- Comment on I watch the first Star Trek Discovery episode, I didn't like it. 2 days ago:
The first like three or five episodes of Discovery are basically a different show than the rest . And a couple seasons in they change the whole premise and it’s a different show again.
- Comment on It's been a while, which Lemmy instances should I be on? 1 week ago:
I don’t think there can be that high a density of fascists. sh.itjust.works just voted overwhelmingly to defederate some kind of MAGA nonsense instance. Mostly it seems like nice folks overhere who know fascists are bad news.
It might be full of individualists with no grounding in Marxist theory, of the type that much annoyed Vladimir Lennin. I couldn’t tell you because of my poor grounding Marxist theory, and I don’t see that as a problem because of my individualism.
- Comment on Why do I always have "dreams" that give me anxiety (aka: nightmares)? Why do I never just get to re-live my happy memories in my dreams? Wtf brain?!? This is outrageous! It's unfair! 1 week ago:
I think it has something to do with your brain playing both sides of the dream. You are coming up with how to react, but you are also at the same time coming up with what happens next. So if you dream a lion and you are like “uhoh, what if the lion tried to chase me, that would be a problem, I’d have to run away,” then you’re now dreaming about a lion that is chasing you and how you are running away.
- Comment on The ancient Greeks or Chinese should have already had words for this. 1 week ago:
Wait you can not only in some sense see a-cat-on-your-hand when imagining that, but also see an imaginary cat on the hand you are actually seeing???
Do you then not see the stuff behind the cat while you are imaging the cat to be in the way???
- Comment on The ancient Greeks or Chinese should have already had words for this. 1 week ago:
I have a little more of the seeing, but I also want to reach for your ghost metaphor. Imagining a tree for me is a little like seeing a tree, but quite a bit more like having just seen a tree.
- Comment on The ancient Greeks or Chinese should have already had words for this. 1 week ago:
That’s what happens when you get character switched to.
- Comment on HP and Dell disable HEVC support built into their laptops’ CPUs 2 weeks ago:
Or plants. Or whether you should shout at people. Or sort of the concept of women.
- Comment on HP and Dell disable HEVC support built into their laptops’ CPUs 2 weeks ago:
Nah, that’s an NPU.
- Comment on New thing to ponder just dropped 2 weeks ago:
When this catches on the other meme will finally make sense.
- Comment on Screw it, I’m installing Linux 2 weeks ago:
The graphics stack is better, but the security isolation is IMHO solving a problem no one really had, at the cost of breaking a bunch of integration mechanisms people actually used.
You want UI security isolation for something like Android, where most software being run is fundamentally opposed to the interests of the user and wants to steal anything not nailed down, and you also contain things at the file system level. If Facebook could screenshot every other app all the time it absolutely would, and people would download it anyway. To some extent the enforceable promise that it can’t do that is why people are still willing to download it anyway and let it do all the other things it does to compromise a system.
In a distro shipping legitimate software, isolation at the desktop UI level is nice for defense in depth, but not really drawing a real security boundary around any program to the point where a user can trust a machine with malicious software running. It doesn’t matter if I can’t steal Firefox’s pixels if I can
echo “export PATH=$HOME/.evil-firefox/bin:$PATH” >>~/.bashrc. - Comment on Autograding tool 3 weeks ago:
Probably.
- Comment on Would you like to playtest a new indie game? Just completed first playable version of my psychological horror/moral choice simulation. 4 weeks ago:
Now I’m thinking with portals.
- Comment on Some People Can’t See Mental Images. The Consequences Are Profound 4 weeks ago:
Neither the ancient Greeks nor the ancient Chinese had video recording or even photography, which seems to be the metaphor that allows people to explain what they do or don’t have.
I must have relatively weak mental imagery? I can imagine seeing an apple, or recall the visual memory of my fruit bowl, but I’m hard-pressed to extract any definitive visual information from it, like I could if I really was looking at it. I’m visualizing the fruit bowl, but how many apples am I visualizing exactly? If I decide I’m visualizing two, now I’ve lost the relationship between the banana and the organge. It’s less like looking at a picture and more like dreaming of one.
- Comment on How Google Tracks and Scans Everything on Your Android Device 4 weeks ago:
I don’t think it is right to trivialize rape like that.
- Comment on How Google Tracks and Scans Everything on Your Android Device 4 weeks ago:
I don’t think the burden should be on users, but I do think some of the burden should be on the press. If the press just assumes Google is up to no good and never does the investigative reporting needed to show it, we will miss out on having very politically useful evidence.
- Comment on How Google Tracks and Scans Everything on Your Android Device 4 weeks ago:
Anytime I want cooperation I will need to persuade you.
That sounds suspiciously like democracy, the thing we would quite like to achieve.
- Comment on How Google Tracks and Scans Everything on Your Android Device 4 weeks ago:
But they aren’t even showing collection of data in the article. For the data to be collected, it needs to leave the phone, not just be touched by Play Services.
Play Services does collect data it shouldn’t collect, by sending it back to Google. But the difference between “I am collecting your data” and “I wrote software you are running” is important and needs defending, because obscuring it is one way that independent developers are prevented from publishing and marketing actually-privacy-preserving software. If I am deemed to have “collected” your personal data every time you type it into a text editor I wrote, I can no longer distinguish my local-only encrypted text editor from Google’s one that stores all your data unencrypted on their cloud. We both have to say we “collect” your data, and nobody non-technical can tell the difference.
- Comment on How Google Tracks and Scans Everything on Your Android Device 4 weeks ago:
You can buy a phone that arrives running GrapheneOS. This might not be advisable, because it adds another point of trust in the refurbisher who actually does the flashing, but you don’t need to have the skills or do the research to install it yourself to get access to a device that runs it.
- Comment on How Google Tracks and Scans Everything on Your Android Device 4 weeks ago:
It’s not that I want to give them the benefit of the doubt, it’s that the article neglects to bring in that whole thread of the argument that you give here. This should all be in the article.
- Comment on How Google Tracks and Scans Everything on Your Android Device 4 weeks ago:
The SensorVault data is “just” the Google Maps Timeline data though, right? Which people have always been able to turn on and off, if they knew about it.
I feel like Google not really respecting a concept of user consent and pretending people agree to poorly-publicized and often-modified tracking programs is a different, and, frankly, weirder, privacy problem than there being closed source stuff running with high permissions. If you could revoke permissions from Play Services, or if it was source available or even free software, that wouldn’t solve the problem because it would still be able to do stuff Google had manufactured consent for it to do.
- Comment on How Google Tracks and Scans Everything on Your Android Device 4 weeks ago:
Do you mean “transmits” as in “from the location service on the phone to the mapping app on the phone”?
Or do you mean the phones are all updating the wifi SSID geolocation database, which they then all can use for doing wifi-based geolocation?
- Comment on How Google Tracks and Scans Everything on Your Android Device 4 weeks ago:
The article seems to go directly from “this piece of software talks to all the sensors and isn’t well sandboxed” to “Google has directed this software to profile and surveil users” without actually providing evidence to support that leap. Is Google Play Services sampling your location so that it can send it in to Google HQ, or so that it can detect if the device has been stolen by the cops and activate anti-theft mode to protect the user’s privacy?
If we can actually show mismanagement of user data by Google Play Services, we need to shout it to the hills, because those sorts of scandals are important arguments for increased privacy protections. But we need to actually find that mismanagement occurring, not just assume it must be because Google wrote the code and it isn’t open source.
- Comment on How Google Tracks and Scans Everything on Your Android Device 4 weeks ago:
But if a Graphene device takes a non-malicious approach to data management out of the box, can’t you just buy one of those instead of doing research and taking charge of your device to proactively prevent spying? Why not just let a trustworthy organization like the Graphene project manage it for you, instead of an untrustworthy one like Apple?
- Comment on YSK before you buy a replacement for your cellphone that has stopped charging, buy the $10 cleaning kits and spend the time deep cleaning the phone's charging port. 4 weeks ago:
I had no idea these existed and they look amazing!
Where do you buy these that isn’t under boycott?
- Comment on Las Vegas deploys world’s first Tesla Cybertruck police fleet 5 weeks ago:
Or at a time of the choosing of the one rich dude who has root on all the cars.
- Comment on Minecraft is removing code obfuscation in Java Edition 5 weeks ago:
I thought they were still hoping to convince people to use Bedrock so they had to buy Windows.
- Comment on Autograding tool 5 weeks ago:
I mean if you put up an Internet-facing unauthenticated file acceptor it will quickly become stuffed with all sorts of garbage and aspiring malware. You definitely don’t want to hook that up to an untar and exec loop, even with some notion of sandboxing. It will just start mining Bitcoins or sending spam or something.
But if it is built properly, with only authorized users being able to upload stuff, and a basic understanding of not dropping stuff where the web server will happily execute every PHP web shell someone sticks in the slot, and the leverage to threaten people into not uploading pictures of their own or others’ butts or Iron Man (2009), I don’t see why all but the file-uploading professionals should immediately give up.
- Comment on Autograding tool 5 weeks ago:
You could definitely build something like this. You definitely want either human review before execution or a fair amount of sandboxing for whatever your students submit.
Do you want students trying to brute force or exfiltrate whatever test data lives in the server? If not, either they should just have the test cases already, or they can get back how many/which of the secret test cases they passed along with their grade, so showing them the results live might not be so important. Unless you want something like “you have 3 tries to pass the secret tests so you can get a hint that your own tests missed a case and go back and try to guess what it was”.
You also might want to invest time first in test harnesses for the students to run themselves, because you want them to learn good practices like coding against a test suite. If nothing else it makes it easier to make the auto-grader later if the students’ code is all already hooked up to the same test framework.
Teaching students how to use fully use a multi-user Unix system can for some topics put unnecessary faffing about between the students and what they are trying to learn (are you teaching front-end web dev or something?), but in a lot of cases your students might actually be better served by something that makes them touch the deep magic than by a slick web UI that handles everything for them, as long as you turn it into a learning experience and not a protracted period of bafflement.
Does your school not already have some kind of shared CD department server/Unix environment for the students that could get you out of account management?
- Comment on Banana 1 month ago:
Thanks Thursday Next’s Dad!
- Comment on What options of resistance are programmers creating to not submit to AI culture? 1 month ago:
This is honestly a lot of the problem: code generation tools can output thousands of lines of code per minute. Great, committable, defendable code.
There is basically no circumstance in which a project’s codebase growing at a rate of thousands of lines per minute is a good thing. Code is a necessary evil of programming: you can’t always avoid having it, but you should sure as hell try, because every line of code is capable of being wrong and will need to be read and understood later. Probably repeatedly.
Taking the approach to solving a problem that involves writing a lot of code, rather than putting in the time to find the setup that lets you express your solution in a little code, or reworking the design so code isn’t needed there at all, is a mistake. It relinquishes the leverage that is very point of software engineering.
A tool that reduces the effort needed to write large amounts of human-facing, gets-committed-to-the-source-tree code, so that it’s much easier and faster than finding the actual right way to parse your problem, is a tool that makes your project worse and that makes you a worse programmer when you hold it.
Maybe eventually someone will create a thinking machine that itself understands this, but it probably won’t be someone who charges by the token.
