NaibofTabr

@NaibofTabr@infosec.pub

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨I hate this image because idiots will see it, not understand what its showing, and make up some crazy shit based on it.⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
“the exact center of the Big Bang” is not a phrase that makes sense.
⁨Comment⁩ on ⁨I hate this image because idiots will see it, not understand what its showing, and make up some crazy shit based on it.⁩ ⁨⁨1⁩ ⁨day⁩ ago⁩:
If you can’t tell which person in your group is having a stroke right now, it’s probably you.
⁨Comment⁩ on ⁨WWJD⁩ ⁨⁨2⁩ ⁨days⁩ ago⁩:
Supply Side Jesus intensifies
⁨Comment⁩ on ⁨Experience with refurbished and recertified HDDs?⁩ ⁨⁨4⁩ ⁨days⁩ ago⁩:
I recommend getting familiar with SMART and understanding what the various attributes mean and how they affect a drive’s performance and reliability. You may need to install smartmontools to interact with SMART, though some Linux distributions include this by default.

Some problems reported by SMART are not a big deal at low rates (like Soft Read Errors) but enterprise organizations will replace them anyway. Sometimes drives are simply replaced at a certain number of Power-On Hours, regardless of condition. Some problems are survivable if they’re static, like Uncorrectable Sector Count - every drive has some overhead of extra sectors for internal redundancy, so one bad sector isn’t a big deal , but if the number is increasing over time then you have a problem and should replace the drive immediately.

Also keep in mind, hard drives are consumables. Mirroring and failovers are a must if your data is important. New drives fail too. There’s nothing wrong with buying used if you’re comfortable with drive’s condition.
⁨Comment⁩ on ⁨After 40 years of being free Microsoft has added a paywall to Notepad⁩ ⁨⁨6⁩ ⁨days⁩ ago⁩:
So… who wants to bet that the new version of Notepad is not constantly scraping anything you type into it and feeding it into the AI, regardless of whether you’re paying for this feature or not?
⁨Comment⁩ on ⁨how could i talk to someone about them being aggressive without invalidating them but also without enabling/downplaying it?⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Do you want to help this person be better, or do you want to protect yourself from them?

The first will require that they are receptive in some way to being helped, so it may be impossible.

The second… well, you’ve described a deeply insecure person. The need to constantly remind other people how much better they are demonstrates a real fear of being found to be inadequate. If you can determine the source and/or subject of the insecurity you can potentially weaponize it against them. That’s risky though, it may make you more of a target for retribution.

Remember, you can’t fix someone else, they can only fix themselves. You can offer guidance, but that only works if they’re open to being guided.

Perhaps the best course of action is more zen… let them learn their own lessons. Isolate yourself from damage as much as possible, and just wait for them to crash and burn. Make popcorn.
⁨Comment⁩ on ⁨Can we please make a viable (federated!) amazon alternative? I have an idea!⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

Amazon is basically glorified dropshipping

This premise is not correct. As I’ve described, Amazon’s business is providing services to other businesses, many services, which make their platform attractive for sellers due to ease-of-use. Therefore…

Let’s make an amazon alternative.

This objective is not really possible. An alternative that does not provide all of those services is not actually an alternative.
⁨Comment⁩ on ⁨Can we please make a viable (federated!) amazon alternative? I have an idea!⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

Sellers need to sell there to survive

Amazon is a service provider. Sellers sell there because Amazon provides product advertising (every product page is essentially an ad), order processing, payment processing, warehousing, order fulfillment (via the warehouse staff), shipping, dispute resolution, return processing (which is its own logistics nightmare), and even resale of returned/refurbished products in some cases, and all of it is coordinated through their data systems.

It is extremely convenient to sell a product on Amazon because they handle all of the customer-facing parts of selling, all you have to do is describe what you’re selling, and arrange for Amazon to get the product somehow. It’s the convenience that keeps sellers on their platform. It’s the convenience that makes it worth the cost of doing business with Amazon.

Now yes, each individual service could be replaced, but splitting them out is going to cause coordination problems. It’s going to slow down the order fulfillment, and it’s basically shunting the operation cost (both time and money) back onto the seller. That’s going to mean fewer sellers interested in using the alternative, because now they have to do for themselves what they could simply pay Amazon a percentage of their sale price to do. And because this alternative is slower and can’t provide the same kind of return guarantees that Amazon can, fewer customers are going to want to use it.
⁨Comment⁩ on ⁨Can we please make a viable (federated!) amazon alternative? I have an idea!⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I think there’s some misunderstanding here. Amazon is a massive logistics system. The retail storefront is a tiny part of what Amazon is today.

AWS exists because Amazon needed to solve an internal data handling problem in order to solve their logistics problems so that they could scale up. After building that system, they started selling it as a product to other businesses. The point being, Amazon’s real success is based on providing business-to-business services. The retail website is the tiny public-facing bit, but it depends on the rest of the organization structure in order to operate properly.

What you’re proposing is more like an eBay alternative, where the system is basically just the storefront, and the sellers listing products are responsible for their own logistics. eBay still provides dispute resolution for buyers though, and that’s hard to achieve without some centralized control.

There’s also the legal problems. At some point someone will use such a system as a silk road - probably sooner rather than later. Whoever is administrating and hosting it will be liable for criminal activity in the countries where the crime occurs. It will not end well.
⁨Comment⁩ on ⁨⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
What we need is a new system
⁨Comment⁩ on ⁨⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
The transition from ALSA to Pulse never really fully happened and a lot of backend stuff is still dependent on ALSA. If you ever find that you have an audio channel that is just not working for no apparent reason (like audio input), run alsamixer and check if the channel is muted there.

I’ve found this multiple times on new Ubuntu-derivative installs, and the channel muting in ALSA is not reflected anywhere in the desktop GUI audio settings and can’t be adjusted through them, but nothing is technically broken - you just have to raise the volume on that channel via alsamixer. It’s a very annoying gotcha.
⁨Comment⁩ on ⁨All of Humane's AI pins will stop working in 10 days⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
If nothing else, the list of customers who were interested enough to spend money on such a product might be valuable to them.
⁨Comment⁩ on ⁨Ukraine isn’t invited to its own peace talks. History is full of such examples – and the results are devastating⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
OK so now you’re admitting that Russia broke the peace intentionally because of ‘fear’, and moving the goalpost you set earlier about Ukraine not wanting peace.

Classic bad-faith argument practice.
⁨Comment⁩ on ⁨Ukraine isn’t invited to its own peace talks. History is full of such examples – and the results are devastating⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
What the fuck source are you even quoting from?

NATO aggression is one of Putin’s favorite talking points. If you’re just going to parrot his propaganda then no one rational should listen to anything you have to say.

Moscow responded by backing Ukrainian Russian speakers’ demands for the minority rights

Where “backing” means “sending Russian military across the Ukrainian border illegally in order to conduct an invasion based on a flimsy pretext”, yeah, Russia backed them.
⁨Comment⁩ on ⁨Ukraine isn’t invited to its own peace talks. History is full of such examples – and the results are devastating⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
Ukraine already made peace when they gave up their nuclear weapons in exchange for Russia’s promise that they would respect Ukraine’s sovereignty in the Belarus Memorandum in 1994. A promise which Russia broke repeatedly.

Russia has demonstrated over and over again that it will not abide by its own peace agreements. Russia cannot be trusted to honor any treaty. There can be no peace so long as they are duplicitous.
⁨Comment⁩ on ⁨New Junior Developers Can’t Actually Code⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:

ever since libraries have been a thing, the majority of developers have just used the libraries without really understanding what goes on inside them. And that’s not necessarily a bad thing — the entire point of abstraction is so that developers can focus on the stuff they need to get done while ignoring the already solved problems.

Nobody but nobody has time to know what’s in every library they might need to use. Who among us truly understands their network stack, all 8 layers?

senior devs have to spend all their time doing code reviews and editing and refactoring codebases that nobody else understands.

That’s OK we will just train AI to review and refactor for us! I’m sure everything will be fine.

Vulnerable code will be with us forever. The system will always be Swiss cheese. If you think you understand common mistakes, enough that you can review other peoples’ code for them, there’s work for you in infosec for sure.
⁨Comment⁩ on ⁨For those of us that can spot the URL for "Never Gonna Give You Up" at a glance, we are getting rickrolled without ever clicking the link.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
And now for something ~~completely~~ different: youtu.be/ahnfLZKwnTg
⁨Comment⁩ on ⁨Fingerprinting: Critics say Google rules put profits over privacy.⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
For-profit corporation makes profit-motivated decisions. Film at eleven.
⁨Comment⁩ on ⁨OpenAI whistleblower’s deemed suicide⁩ ⁨⁨1⁩ ⁨week⁩ ago⁩:
I think you accidentally a word.
⁨Comment⁩ on ⁨Amazon’s killing a feature that let you download and backup Kindle books⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
You will own nothing and ~~like it~~ have no recourse.
⁨Comment⁩ on ⁨Onboarding experience needs to be simpler for mass adoption⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Do we want ‘mass adoption’? and if so, why? and what would that look like, if we had it? how would we know that we had got it, and what good would the getting do us?
⁨Comment⁩ on ⁨Onboarding experience needs to be simpler for mass adoption⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:

hexbear (RIP)

Rest In Perdition
⁨Comment⁩ on ⁨hexbear.net comically loses its domain name⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Beyond just the general tankiness that others have mentioned, I think the worst thing about Hexbear is how they aggressively claim to be pro-LGBTQ+ while zealously supporting Russia and China, nations which actively persecute anyone who is not hetero-normative. Putin actively jokes about killing homosexuals, and the PRC will black-bag you and put you in a reeducation camp.

I’ve always felt there was something deeply sinister in this hypocrisy, probably having to do with intentionally targeting marginalized people and attempting to influence and/or radicalize them - your basic cult recruitment tactics.
⁨Comment⁩ on ⁨hexbear.net comically loses its domain name⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Tell me you have no idea how DNS works without saying you have no idea how DNS works.
⁨Comment⁩ on ⁨hexbear.net comically loses its domain name⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
At least they stopped dumping the yellow pages on my porch every year…
⁨Comment⁩ on ⁨hexbear.net comically loses its domain name⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
The elders of the Internet?
⁨Comment⁩ on ⁨hexbear.net comically loses its domain name⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
No no no, see, DNS is bad, that’s the whole point. No touchy.
⁨Comment⁩ on ⁨hexbear.net comically loses its domain name⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
Ah, you’re right, I should just look up IP addresses in my NAT table. Maybe I should add comments to it so I know which IP is which.
⁨Comment⁩ on ⁨hexbear.net comically loses its domain name⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
See? If you dont like DNS, you don’t have to use DNS, it’s not so hard.

And IPv6 won’t be that much harder, it’s only… uh… 32 hex digits you’ll have to remember, for each website. No big deal.
⁨Comment⁩ on ⁨hexbear.net comically loses its domain name⁩ ⁨⁨2⁩ ⁨weeks⁩ ago⁩:
I mean… OK then just remember the IP addresses of the sites you use and don’t use the domain names?