guitars are real

Do you also hand out copies of your car and house keys to strangers you meet in parking lots?

Open source is just another commons, and companies have a way of uncontrollably exploiting common resources until they collapse.

In the case of open source, it’s healthy in the sense that money is flowing, we have companies sponsoring projects, tons of code is available for inspection and reuse, etc. Very nice. But if you go back to the original concepts of free software, in many cases we struggle with actually exercising the four freedoms. Red Hat has engineered an EULA that basically lets them ban practices that had been thought protected by the GPL for at least a generation, and so on and so forth. So is the open source community healthy or dying? Doesn’t the answer to that depend on your priorities?

I think it would make a lot of sense to try to create an economic model that can fund open source software development without relying on corporate injections of cash. It’s not that they don’t pay for it ever, they just pay for it to the bare minimum extent. IE, the heartbleed fiasco – tons of companies were freeloading off one guy and like half the Internet’s security got fucked for it. Imagine if OpenSSL had had some kind of economic support structure in place to allow for, uh, more than one guy to manage the encryption library for like half the Internet before something insanely stupid and predictable like that happened. Well, we can never have that with corporate-controlled open source.

Hi, sorry I just saw this. “SFF” is short for “small form factor.” It’s just industry jargon for “a small PC.” They tend to be designed to use less power which makes them a good fit for home servers. Pretty much any line of PC sold to businesses, like Dell Optiplex or HP EliteDesk, will have small form factor variants.

Yeah, but I don’t know any other language where the fact a program is written in that language is used as a selling point. I never cared that Linux was written in C, I cared that it does its job. I’ve heard about Redox many times, yet never once has there ever been anything said about it other than “it’s written in Rust! :D” Literally, the fact that it’s a UNIXY operating system written in Rust is the first thing about the OS on their home page.

Hey, Linux started as a learning project, you learn more about programming by writing code, so I’m not saying it’s bad, I just can’t understand why I’d care about something that at this stage seemingly is just a learning project.

Shout out for ODROID, their product revision cycles take too long (lmao why are they still selling a 32-bit chip that was an iffy investment back in 2013), but when they drop new stuff, it tends to be great.

deleted by creator

Bonus: there is a literally endless supply of used x86 SFF hardware from large institutions, so unlike SBC’s, there’s no special, weird supply chain managed by an English educational nonprofit that could just suddenly decide to not sell to the public for years at a time.

I’m not against Rust, per se, the idea of a systems programming language with some more advanced memory safety features sounds nice, but what is with the emphasis on creating a Rust version of everything? Like why should we want an OS written only in Rust?

I also gagged when I saw the name, but it’s a team of researchers at Western Sydney University in southern Australia, who are probably simply too high up in their ivory tower to realize/care what Deep South means in America. According to them, it’s an homage to a couple other systems:

The supercomputer is aptly named DeepSouth, paying homage to IBM’s TrueNorth system, which initiated efforts to build machines simulating large networks of spiking neurons, and Deep Blue, which was the first computer to become a world chess champion. The name is also a nod to its geographical location.

Considering that the web was explicitly architected to allow users to control how they render documents, arguing that adblocking is bad or should be prohibited is exactly as arbitrary and ridiculous as claiming that Google is trying to “steal” my bandwidth by forcing me to download ads. That’s literally not how the web works. That’s why they had to consolidate a near browser monopoly so they could force this on everybody as a product policy.

Encrypting your disk only provides at-rest protection, meaning there are entire swathes of physical attacks it provides zero protection against. Tons of stuff a malicious actor can do during runtime with physical access that you’d never notice. it quite literally only protects against thugs smashing your door in and physically walking away with the disk.

So if you’ve painted yourself into a corner with a baby’s first config, what you can do to step up your level of data protection (until you can redo your setup properly) is creating an encrypted filesystem or filesystem image (use fallocate to create a large empty file, then connect it to a loopback device, encrypt with LUKS, and use it as a virtual filesystem), rsync your data directory to it, and then unlock/mount it at boot under the directory where Nextcloud is configured to store your data. It’s god-awful, but this should be more or less transparent to Nextcloud if you do it right, and then at least your data directory gets at-rest encryption, and tbqh if someone is smash and grabbing your hard drive they are probably more interested in your data than they are your OS config.

I wouldn’t say this is an acceptable or preferable alternative to FDE, but it sounds like you’re still figuring out the best ways to set these things up, and this will get you more protection than none. But, realistically, you should probably not worry about it too much and should think about the security of your setup as a learning exercise/study in best practices.

or maybe it’s trying to highlight that it’s also secure?

It was a really bad look to scramble to get him back once he triggered a mass exodus. Having him at the helm is either so dangerous for AI safety they had to push him out with a bureaucratic coup, or it isn’t. Doing that severely hurts their credibility on multiple levels (did they really not realize how popular he was within the company and that the price was going to be some of their top researchers?) and after pushing him out the way they did, they should hardly be surprised that Microsoft hoovered him up before the weekend was even over. Why would they give him a few days to process the betrayal and maybe come back around?

After this, we shouldn’t be surprised if Microsoft suddenly starts sabotaging OpenAI until it has no choice but to sell itself off to MS, at which point Altman gets all his toys back.

Stuff like this is why I never took their safety mission all that seriously. It was going to bump up against the business imperatives before long, and given the level of interest business has in AI… what else was the outcome going to be other than corporate sabotage and malfeasance?

Hate that Altman guy, he’s Zuckerberg with more important technology, but somewhere in the mix of articles I read one of the board members complained that “this board is not the group of people you want to see spearheading AI safety.” Yeah, I guess not!

The most useful philosophy I’ve come across is “make the OS instance disposable.” That means an almost backups-first approach. Everything of importance to me is thoroughly backed up so once main box goes kaput, I just have to pull the most recent copy of the dataset and provision it on a new OS, maybe new hardware if needed. These days, it’s not that difficult. Docker makes scripting backups easy as pie. You write your docker-compose so all config and program state lives in a single directory. Back up the directory, and all you need to get up and running again with your services is access to Docker Hub to fetch the application code.

Some downsides with this approach (Docker’s security model sorta assumes you can secure/segment your home network better than most people are actually able to), but honestly, for throwing up a small local service quickly it’s kind of fantastic. Also, if you decide to move away from Docker the experience will give you insight into what amounts to program state for the applications you use which will make doing the same thing without Docker that much easier.

Watching videos is like an order of magnitude easier than reading for large swathes of the population. Fully 18% of the US adult population is functionally illiterate – they can pass a reading test, but their reading level is so low it hardly matters. These folks can still watch YouTube/Dystopian Vine (sorry, TikTok).

Also, this much is just my own speculation, but A/V media is a lot easier to push people’s emotional buttons with because it’s much, much faster and easier to consume content via video and we’re likely hardwired to pay more attention to audio/visual stimuli than abstract imagery in our heads. A video+audio track of an explosion is always going to hit people harder than a careful description of the same explosion, and if people expect it to be easier and to provide a larger emotional impact, they’re more likely to go for the thing that makes them feel something more easily.

We are all governed by dopamine more than we like to admit.

It’s like… could they go do some reading, figure out a good strategy, implement it, then make a video about how to do it properly? Well no, that would only be one video per topic, wouldn’t it?

What mistakes are you going to make “building” a Synology? Getting ATA drives?

Hey, it can be the current directory!

deleted by creator

Come back after you rm -rf / or remove glibc, you whipper-snapper! shakes cane