orclev
@orclev@lemmy.world
- Comment on Paralyzed Jockey Loses Ability to Walk After Manufacturer Refuses to Fix Battery For His $100,000 Exoskeleton 2 days ago:
That would run face first into proprietary info and corporate classified info.
Behold all the fucks I do not give. If it’s that critical they lose all claim to being propriety. It’s just like patent, there’s no such thing as a secret patent, so anything that safety critical doesn’t get to stay secret either.
Regulation won’t detail what a company does to that level. They might say something like “fasteners shouldn’t come loose” but it wouldn’t have a torque spec.
It doesn’t now but it’s utterly trivial to fix that. Just make the regulations say that components must meet the manufacturer specifications and require manufacturers to publish and maintain all the specifications of all safety critical components. If they want to keep it secret then that means it’s not safety critical and they’re responsible for any accidents resulting from its failure.
- Comment on Paralyzed Jockey Loses Ability to Walk After Manufacturer Refuses to Fix Battery For His $100,000 Exoskeleton 2 days ago:
It’s OK for manufacturers to say using aftermarket parts voids the warranty, it’s not OK for them to prevent using them entirely. Likewise if there’s a safety concern that should be handled by regulation and things like safety inspections, not by forcing all repairs to go through the manufacturer. If whatever it is is that critical to the safe operation it should be publicly documented so that third parties can manufacture it correctly to the needed tolerances.
- Comment on NIST proposes barring some of the most nonsensical password rules 2 days ago:
Banks usually have the absolute worst password policies. It’s typically because their backend is some crusty mainframe from the 80s that limits inputs to something absurdly insecure by today’s standards and they’ve kicked the upgrade can down the road for so long now that it’s a staggeringly monumental task to rewrite it all. Thankfully most of them have upgraded at this point, but every now and then you still find one that’s got ridiculous limits like a maximum password length of 8 and only alphanumeric characters (with no 2FA obviously).
- Comment on NIST proposes barring some of the most nonsensical password rules 2 days ago:
Trimming whitespace from the start and end of a password is fine but you absolutely should not remove whitespace from the middle of a password.
- Comment on Microsoft finally officially confirms it's killing Windows Control Panel sometime soon 5 weeks ago:
But not really. The Settings menu has never been as useful as Control Panel and there’s still a ton of functionality that can only be accessed from the Control Panel. This is many other moves by MS recently are why Windows 10 is the last version of Windows I’ll be using. With the work Valve has done to support SteamDeck I can finally go 100% Linux.
- Comment on With SteamOS coming, Microsoft needs to up its game in the handheld gaming market 5 weeks ago:
For now. If enough of the market shifts to Linux those companies will support Linux. Particularly since the CrowdStrike fiasco has spurred Microsoft to crack down on kernel level access which means the days of anti-cheat rootkits are numbered. It’s not going to be long before there’s no functional difference between gaming on Windows and gaming on Linux.
- Comment on Regarding this picture, where do you think quantum computers lie and why? 5 weeks ago:
It’s debatable if D-Wave is actually a quantum computer at least in the sense most people use the term. There’s a lot of unanswered questions still on exactly how to use and design a quantum computer and we’re not likely to get those answers until we can reliably produce and run systems with at least 8 qubits. Maybe DARPA and the military/CIA has such systems, but I don’t think anyone else does.
Quantum computers are still mostly theoretical. We have some of the building blocks of one, but there’s still a few critical pieces missing. Quantum computers are in about the same place as fusion reactors are. Theoretically possible but not currently producible in a form that’s useful without a few more technological breakthroughs.
- Comment on 1 month ago:
Seems to be a combination of students too distracted playing on their phones and difficulty policing behavior on social media bleeding into school time. They give an example of students filming a student being bullied on school grounds and the video being uploaded and shared on social media. I’m not sure banning smart phones during school hours is the right solution, but it’s certainly a tricky problem to deal with.
- Comment on Reddit CEO teases AI search features and paid subreddits 1 month ago:
I’m sure in his wet dreams Reddit is no longer a community site but a thinly veiled astroturfing platform that’s paid billions by large corporations to get their
adsposts in front of users. - Comment on Reddit CEO teases AI search features and paid subreddits 1 month ago:
That sounds like the only acceptable use of that sub to me.
- Comment on Discussion about Ceramic Keycaps: CeraKey Ceramic Keycaps 1 month ago:
Topre, for when chocolate keycaps are too mainstream and you want even fewer choices. Seriously though, that’s the tradeoff with a super niche format. Anything besides cherry and you’re going to have a hard time finding cap options.
- Comment on Elon Musk's Boring Company Hasn't Produced Anything but Safety Violations 1 month ago:
Yeah, that was the laughingstock I mentioned. It’s basically a really terrible highway underground that’s worse in just about every possible way from a normal highway. If I recall it’s a 2 lane road and the top speed was only like 35 mph or something. It’s a complete joke.
- Comment on Elon Musk's Boring Company Hasn't Produced Anything but Safety Violations 1 month ago:
Have they not gone bankrupt yet? I just kind of assumed they had once their “prototypes” turned into a complete laughing-stock and having not heard anything from them in years.
- Comment on What's with all the hate for Chinese phones? 2 months ago:
Many Chinese manufacturers don’t have close ties to the government,
Citation severely needed. Any company operating in China has close ties to the government, it’s literally a requirement to get a business license there.
and any non Chinese phone that you can buy also has backdoors, and quite frankly, for average Joe, their local government may be scarier than the chinese gorvernment.
Maybe, but it really shouldn’t and if it does that’s a problem. It’s a question of non-Chinese phone might have a backdoor, vs. Chinese phone that definitely has a backdoor. Either way saying “other options are just as bad” doesn’t make it a good option.
Also, your data is being used by the Googles, Microsofts, Apples, etc… in vast quantities daily. We are the product generally.
Yes, and that’s a major problem. It’s why there are various replacement firmwares to de-google your phone as well as other techniques to block or disable collection. Once again though, this doesn’t excuse Chinese phones doing this.
Also, remember that most brands manufacture in China, and there are ways to substitute components where the brand would be unsuspecting of the switch.
Sure, supply chain attacks are a thing. In theory there are ways to combat that but it’s a tricky problem. If a Chinese manufacturer got caught doing that though it would be a major international incident. Yet again though just because that might be a risk with any phone doesn’t mean you should just accept and use a phone that’s known to have a backdoor.
- Comment on What is Firefox supposed to do? 2 months ago:
I’m willing to work with websites to find a way to pay for them. I’m not willing to work with ad companies. Websites that want my business either come up with a way to make money that doesn’t rely on ads or they put up with ad blocking. That’s it, those are the only two options.
- Comment on What is Firefox supposed to do? 2 months ago:
Assuming both the ad and the JS to track said ad are served from a 3rd party (or at least a different domain) that would hold at least so far as recording impressions goes. On the other hand there’s still the conversions part of this to consider, although without recordings of impressions the utility of that (and privacy risk) is debatable.
Ultimately I don’t like being opted into anything that collects data, theoretically anonymized or not. I don’t like that this DAP process is running in the background and randomly sending data to some 3rd party (once I figure out that hostname it’s absolutely getting blackholed at the network level).
Ads are a plague, you give them even an inch and they’ll eventually take everything. It started with broadcast TV, then ads overran it. So they introduced cable. Sure it was expensive, but no ads! Then ads started creeping in and before you knew it cable was a complete ad infested shitshow. Then along comes streaming, a breath of fresh air. Watch what you want, we you want, and best of all no ads. Where are we now? The ads are slowly creeping back in and before long it will be just as bad as cable, 40 minutes of ads in every hour of video.
For a while we’ve been winning the war on the internet, able with some effort to hold back the tide, and Firefox was one of the last bastions that seemed to be working with us instead of against us. This though looks like a crack in the armor. It’s the first step along a path we don’t want to go down. I don’t want Mozilla wasting development time pandering to ad companies, I want them improving the browser for us the users. The only ad related content I want to see from Mozilla is improved ad blocking.
- Comment on What is Firefox supposed to do? 2 months ago:
Maybe, but I’m not seeing anything that suggests that would be possible.
Here is the technical documentation for how this feature works. The short version is that it exposes some new JS functions that sites can invoke to register various ad related activities. That data in turn gets forwarded by the browser to a 3rd party using a protocol called DAP which can be considered out of band for the purposes of website interactions. I see no evidence at all that uBlock would be able to block the DAP calls, and limited evidence it could effectively block the JS functions.
uBlock works primarily by blocking network requests using a series of rules. Here is the syntax supported by uBlock for defining its blocking rules. It primarily works by inspecting hostnames, although there is some capability to match on things like HTTP headers, or raw text. There is the capability of blocking an entire
script
element if it matches specific text E.G.navigator.privateAttribution
, however doing so is likely to break sites quite drastically. There is very limited ability to surgically remove such things. Maybe if you injected some JS into each page that overwrites thenavigator.privateAttribution
namespace with stub functions that do nothing (I believe this is actually what the browser does when you opt-out of that feature), but I’m not sure if that’s even possible or if the browser would simply ignore attempts to write to that namespace.It’s possible Firefox is being “smart” and if it sees you have uBlock or similar ad blocking extensions loaded it disables this feature. It’s possible that there’s some extra tricks uBlock or other extensions can pull to block this at a more fundamental level that just aren’t obvious from looking at their documentation. But nothing in the documentation for this feature seems to guarantee any of that, and it’s frustratingly vague in several areas. Regardless none of that changes the fact that this should have been opt-in from the start instead of opt-out. Mozilla argues that they made this opt-out because they wanted to insure a large enough user base to anonymize the collected data, but that alone suggests there might be privacy problems with this entire thing. This wouldn’t be the first time that a supposedly anonymized data set could be at least partially de-anonymized.
- Comment on What is Firefox supposed to do? 2 months ago:
They can certainly try (and many already do with the anti-adblocking attempts) but I’ve yet to see one succeed. It’s trivially easy to evade nearly all attempts at browser identification, and even trying to detect ad blocking is hard to accomplish.
- Comment on What is Firefox supposed to do? 2 months ago:
I do follow release notes which is how I knew to disable it, but the point is that I shouldn’t need to. The reason Mozilla didn’t ask before enabling this “feature” is because they know most people would disable it. That should be a pretty big clue that this isn’t something their users want.
- Comment on What is Firefox supposed to do? 2 months ago:
That’s fine but it should have been opt-in or at least asked before enabling it. I have ad blockers and anti-tracking extensions, but they don’t do anything against this new feature because it’s the browser itself doing it. If I hadn’t read about it and gone in and disabled it I would be providing data to ad companies without even knowing it and that’s unacceptable.
- Comment on What is Firefox supposed to do? 2 months ago:
My browser is responsible to me, not advertisers so it should do what I want. If websites want my business they’ll support my browser. Realistically browsers shouldn’t matter because everyone should be implementing to standards not some random ass quirk of one particular browser, I thought everyone learned that lesson back in the 90s with IE. I literally don’t care if advertisers throw a hissy fit because they no longer have access to everyone’s personal details. The internet existed before ads infested it like the parasites they are and it will still exist after they’re exterminated.
- Comment on NASA's Curiosity Rover Uncovers Trove of Yellow Crystals on Mars 2 months ago:
I’ll save you a click, they’re sulfur crystals. This is interesting because although they can naturally form in volcanic regions this area is non-volcanic. The other way they naturally form is via microbial actions which may offer a clue about Mars past.
- Comment on don't use ladybird browser lol 2 months ago:
It’s encoded as a regex which you can find here: github.com/LemmyNet/lemmy/blob/…/slurs.rs#L74
It’s honestly not a terrible list, but there’s at least one entry in there that falls victim to the scunthorpe problem, and it sucks that it’s not something administrators can easily customize.
- Comment on don't use ladybird browser lol 2 months ago:
They run lemmygrad and are dedicated communists, as well as having a very opinionated “bad words” filter that’s hard coded into the lemmy server software and not configurable without building it yourself.
- Comment on Mozilla roll out first AI features in Firefox Nightly 2 months ago:
That’s one of the things, but it’s also adding a dedicated sidebar for AI. That’s the sort of thing that should just be an extension, there’s absolutely no reason at all why that needs to be something built into the browser.
Developers should be providing alt text themselves, but in cases where they aren’t having a local image recognition model running to provide a description isn’t terrible as long as it’s either 100% local or completely opt-in.
The dedicated sidebar on the other hand feels very much like a cheap attempt to cash in on the AI fad.
- Comment on Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack 2 months ago:
That’s a shame. If you can convince them to use TypeScript that would be for the best, otherwise good luck, you’re going to need it. I can’t say you couldn’t pay me to write JavaScript, but I can say what I would demand to do it is way more than anyone would be willing to pay.
- Comment on Windows 11 is now automatically enabling OneDrive folder backup without asking permission 2 months ago:
Been running Windows 10 on my gaming desktop for a while now and refusing to “upgrade” to 11 because of how much worse it was. Going to be doing a hardware refresh in a couple months and when I do I’m installing Linux. Thanks to Valve and a few major open source projects Linux gaming has finally reached a point where I can tell MS to fuck off with their enshitification.
- Comment on Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack 2 months ago:
Of course I thought the same with JavaScript but was forced to learn it last year
Use TypeScript. It’s still built on a giant steaming pile of shit but at least if you’re careful most of your own code can be reasonably correct.
- Comment on Mozilla roll out first AI features in Firefox Nightly 2 months ago:
Pretty sure the only thing I wouldn’t object to AI being used for in Firefox would be ad blocking. Surely they’re going to use this for that right?
…
Right?
…
Shit.
- Comment on Firefox users are unhappy with privacy tweaks in the browser's latest version 2 months ago:
More like Firefox users are surprised to find out some journalist thinks they’re unhappy with “privacy tweaks” they hadn’t even noticed.