In my company we worked with a platform launched on local machines that had an admin console where you could execute java code. Pair that with almost everyone not turning on the firewall and all engineers connected to the same wifi network, anyone could do whatever they wanted.
I showed a demo how easy it is to read private ssh keys to the head of infrastructure, and after some months people could connect to network only using custom credentials (ldap) which was good, but also asked us to install "spyware" that among other things checked the firewall. I never installed the "spyware" but nobody pushed me. I didn't think I somehow prevented a disaster or did some heroic deed because everyone in the company was professional and nobody would exploit this. But of course I didn't tell about this to anyone except the infra because such information should not be disclosed until is fixed. And once is fixed why disclose it?
I really miss the Mac checkbox to enable the firewall. On linux I use nftables which is really powerful, but with so many possibilities it is easy to miss something during configuration.
I observed a lot of senior engineers don't have sufficient network knowledge. A lot of people on linux don't use the firewall which is really bad if you work on shared wifi.
Also when running docker images, if you map a port when using docker run (ex. docker run -p 80:80), docker will automatically add firewall rules and bypass the enabled firewall, exposing that port publicly.
> This is an extraordinary decision for us to make
> targeted threats have escalated over the last 48 hours to the point that we believe there is an unprecedented emergency and immediate threat to human life unlike we have previously seen from Kiwifarms or any other customer before
> Revolting content alone does not create an emergency situation that necessitates the action we are taking today
I'd consider that an exceptional case of one site that was provably harmful. With scam sites it is easy to find thousands that match a pattern that identifies them as scams but that's still circumstantial evidence. We actually don't want internet police that shuts down sites based on indirect evidence of falsity as there would be numerous false positives, with legitimate sites shut down. The web (both the true www as well as walled gardens) will always be populated by scams and bad actors, just like real life is. We can hope that education & control mechanisms help as much as possible but they are fallible and require time, effort & money.
Hopefully such hostile practices from apple and other companies will end. Everybody agrees it's bad. They have absolutely no reason to be allowed to continue doing part pairing and making components unavailable. It's evil for consumers and for nature as well.
Apple could simply trigger a warning in the settings menu instead of making the part unusable. Or a similar solution. People are so naive defending these horrible practices, I don't know if it's because of apple cult or masochism.
I’m not naive, I’m aware of some people’s feelings towards it. Unfortunately a lot of people have irrational hate towards Apple which makes having an actual conversation difficult.
Apple gets the hate because almost everybody has an iphone, and because they are one of the worst offenders (making critical parts unavailable and parts pairing).
Of course there are other companies that have similar approach, but if you want to make a change, I am guessing Apple would be the best company to try to force into more nature and consumer friendly practices.
If you are working within a code base that uses fd and fp, then it's expected to preserve the style. However if it's a new project I would use filePointer and fileDescriptor to have consistent naming scheme along all variables.
I looked at nand2tetris a while ago briefly and I have the impression that it focuses too much on making complex circuits.
The target audience for nand2tetris are people that want to understand how the CPU works, and nand2tetris focuses too much on how to make logic using nand gates leaving other areas uncovered.
I recommend the Ben Eater youtube chamnel, he has a series of videos about building an 8bit computer, that in my opinion is much more informative for a curious person.
I’ve gone through the nand2tetris course (parts 1 and 2) and I’ve also physically built Ben Eater’s projects.
nand2tetris covers many levels of abstraction; it is both lower and (much) higher level than Ben Eater’s projects, which is one of its main points: you can create something in one level of abstraction and then build on it in the next level of abstraction. It only starts with logic gates (a single one to start with, “nand” obviously) and goes through the other logic gates that can be built from nand gates, then various digital logic built on that, registers and other synchronous logic, ALU, full CPU, full computer. Hardware is only the first half of the course. Then you build a stack machine, assembler, objected oriented language compiler, a software library I think, and finally a game you write in that (doesn’t have to be Tetris). So the whole second half is layer on layer of software abstractions starting from the hardware. I would say it handwaves over video output and keyboard input because it’s not what they’re teaching about, while Ben Eater shows how to physically build such things.
Ben’s is purely hardware up through 2 main registers, an alu with only add and subtract, an 8 bit digital readout, no real input (besides updating RAM to input the code & data using switches), 16 bytes of RAM (4-bit address), and control unit to implement machine language with a few opcodes. His 6502 project starts with a CPU which is already far beyond where the 8-bit computer ends and builds a computer architecture around it (RAM, ROM, I/O, and peripherals: video, keyboard, serial).
nand2tetris is normally simulated and Ben’s covers physically building things which has its own set of lessons/skills to learn. Coincidentally I ran across a crossover of the two projects today: a video of someone who built a breadboard version of the nand2tetris 16-bit cpu (called Hack)! https://youtu.be/L-azf9ecvfo
no idea why you need a dedicated person for dealing with the advertisers. it seemed to be just pressure from adl to scare the advertisers away, or otherwise adl will generate controversy
Without internal Twitter context, but having seen companies with marketing teams... there's a lot of people involved in doing close work with partners, whether advertisement ones or others. On the tech side it's kind of like AWS support - sure, everyone had access to the support portal, but once you start spending $$$, you'll get dedicated people sitting in your company's slack channel, providing support, advice and planning if you need it. (Sure, it doesn't always work great, but the idea holds) I'm sure that whoever was the big ad spender with Twitter has a dedicated contact reachable more directly. (And possibly negotiating better deals than advertised to everyone)
perhaps it is, but that's the business a lot of big tech is in. ads drive everything. google is an advertising company with a lot of data mining on the front-end.
if your ad game and monitization isn't tight then you don't have a company, you have a public service, and one that will gas out pretty quickly.
because advertising and marketing are still very much industries where your "face card" matters and where companies will spend millions of dollars elsewhere if Chet from Advertising gets laid off.
Likes are illegal, too. Last year, police searched the homes of people because they clicked the like button on a social media post that insulted a killed police woman. [1]
The court deemed the likes as endorsements of a crime, which is illegal. [2]
Crazy, i actually tried to find out when those laws went into effect first. They changed the one you mention in 2021 but it seems the law itself has existed for years. The oldest that has a similar meaning was voted in 1953:
No, but in Germany it is illegal to _say_ that it is dirty. They’ve decided that it’s terrorism, in fact. This is why our First Amendment is so important.
Germany still has a couple of outdated laws left over from the turn of the (last) century, the Nazi years, or the hyper-conservative 50's and 60's, and sometimes bureaucrats and police take this stuff a bit too serious.
Browse the other "stories" on that news portal and it becomes clear that it is a right-wing populist click bait portal which tries to incite rage against the German state by hand-picking stories and amplifying them similar to tabloids like Bild. I wouldn't be surprised if half of the stories on that portal are mostly made up or half-thruths.
PS: it reads exactly like Bild because apparently this is the new project of Julian Reichelt, former head honcho of Bild, who was kicked out because of (TL;DR) being a bigger asshole than even Bild would tolerate.
Interestingly the law in question here actually had a clearer definition in those early conservative years (https://lexetius.com/StGB/90a,7). That law only targeted organizations. After 1968 they actually expanded it to the current version. So we have to thank the overzealous conservative party who overreacted to the student protests for this overly broad law.
>Browse the other "stories" on that news portal and it becomes clear that it is a right-wing populist click bait portal which tries to incite rage against the German state by hand-picking stories and amplifying them similar to tabloids like Bild.
Isn't that literally the job of the media to "hand pick stories"? How is this any different than media outlets "hand picking" stories that involve police interactions going badly, when most police interactions end up fine?
ImHO a somewhat serious media outlet should report such stories of course but otherwise remain neutral and refrain from "coloring" such stories with opinion and rage-bait. Maybe I'm just old fashioned, but this new thing reeks too much of Buzzfeed, Fox News, RT or Bild.
I showed a demo how easy it is to read private ssh keys to the head of infrastructure, and after some months people could connect to network only using custom credentials (ldap) which was good, but also asked us to install "spyware" that among other things checked the firewall. I never installed the "spyware" but nobody pushed me. I didn't think I somehow prevented a disaster or did some heroic deed because everyone in the company was professional and nobody would exploit this. But of course I didn't tell about this to anyone except the infra because such information should not be disclosed until is fixed. And once is fixed why disclose it?
I really miss the Mac checkbox to enable the firewall. On linux I use nftables which is really powerful, but with so many possibilities it is easy to miss something during configuration.
I observed a lot of senior engineers don't have sufficient network knowledge. A lot of people on linux don't use the firewall which is really bad if you work on shared wifi.
Also when running docker images, if you map a port when using docker run (ex. docker run -p 80:80), docker will automatically add firewall rules and bypass the enabled firewall, exposing that port publicly.