1. 1

    “I should confess that the title of this article was chosen primarily to generate attention.”

    1973 clickbait :)

    1. 1

      Interesting, is there any flag that can warn on int promotions being done?

      1. -1

        Finally 1080p webcam! and it only took a global pandemic and millions of dead people to happen!

        Thanks 

        1. 6

          It’s pretty neat that Apple is collecting and uploading so much health data, including reproductive and sexual health self reported data. That’s got to be amazing for their ad targeting and probably pretty handy when subpoenaed for various kinds of court cases.

          1. 3

            You seem to be saying that Apple is in the business of harvesting personal data for ad targeting. I am interested to know more about this.

            1. 3

              they are in the business of making money

              1. 4

                Yes, but as far as anyone is aware, Apple does not make their money from targeted advertising or data harvesting/selling like, say, Google and Facebook do. Apple makes their money the old-fashioned way: by selling their goods and services.

              2. 2

                I asked a search engine about “apple resell user data” and was informed that not only is there reputable evidence, but folks have taken Apple to court for allegedly reselling user data. I also asked about “apple breach user data” and was informed that health data provided to Apple was exposed via third-party breaches. While it’s true that Apple is primarily a fashion company and not a data broker, they have definitely acted and continue to act as a data brokerage.

                1. 3

                  I asked a search engine about “apple resell user data” and was informed that not only is there reputable evidence, but folks have taken Apple to court for allegedly reselling user data.

                  I asked a search engine about that case and found it was dismissed:

                  The complaint fails to plausibly allege with enough facts that Apple disclosed plaintiffs’ personal listening information to third-party data brokers and similar entities, which caused plaintiffs overpayment, loss of value in personal information, unwarranted junk mail, and risk of identity theft.

                  etc.

                  I also asked about “apple breach user data” and was informed that health data provided to Apple was exposed via third-party breaches.

                  I read your provided link and it begins:

                  Researchers discovered an unsecured GetHealth database with over 61 million fitness records in plain text, most detailing Fitbit and Apple HealthKit users.

                  Nowhere in the article does it state or even allege that Apple provided data surreptitiously to this third party. Neither is it stated or alleged in the report the article was based on. And if you keep digging a bit you’ll find out why no such allegations were made – because the the breached party did not obtain the data from Apple. The breached party was in the business of providing integrations for popular wearable health and fitness devices:

                  According to GetHealth’s website they can sync data from the following: 23andMe, Daily Mile, FatSecret, Fitbit, GoogleFit, Jawbone UP, Life Fitness, MapMyFitness, MapMyWalk, Microsoft, Misfit, Moves App, PredictBGL, Runkeeper, Sony Lifelog, Strava, VitaDock, Withings, Apple HealthKit, Android Sensor, S Health.

                  I wonder why you didn’t do that extra thirty seconds or so of reading/researching on either of your provided links?

                2. 1

                  I was being medium tongue-in-cheek. They appear (based on what ads they show me in the App Store) to be using my behavior to present me ads that will drive revenue. When I had kids I experienced the shift in advertising as various advertisers correlated my search / browse / buy habits to guess that I was interested in diaper ads so hey, if you’ve got someone’s menstrual cycles, sexual activity and cervical mucus quality maybe you can do even better!

                  1. 4

                    It’s a very big jump from “Apple’s store used my purchase history in that store to recommend things to me in that store” to “Apple is harvesting my health data to sell me things”.

                    Would you like to back up the latter claim with evidence?

                  2. 1

                    A very related thing: I’ve never ever seen “ikea” show up as a suggested app store search term before. But I went to an ikea store last week, and the app store showed me “ikea” as the highest suggested search term. So they’re certainly using position data or nearby wifi networks or some other info for advertising, and I think that’s very creepy.

                    (And yes, putting a brand name at the top of the suggested search terms is advertising. And location data is personal data in my book.)

                    1. 3

                      Ever since they started enforcing it a while back, you’ve had the ability to see privacy disclosures for every Apple app and every app you get from their app stores.

                      Which will lead you to some honestly pretty plain-English descriptions like this one. And instructions for how to turn off “personalized” ads in Apple’s own apps.

                      So there’s no need to wonder about what’s going on or how they’re deciding what ads to show you. You can literally ask any app for its privacy statements and read them.

                1. 10

                  ahah those quotes are real!

                  “Rust held onto it’s spot as the most beloved language among the professional developers we surveyed. That said, the majority of developers who took the survey aren’t familiar with the language.”

                  in:

                  https://stackoverflow.blog/2020/05/27/2020-stack-overflow-developer-survey-results/

                  1. 3

                    Plurality ≠ majority.

                    But the rest of the quotes are pretty funny.

                    1. 1

                      feel you

                    1. 1

                      POSIX requires the cc and c99 command to be available.

                      1. 3

                        How will this impact battery lifetime? Can an estimation be given by what has been put forward by Apple?

                        1. 2

                          Relative to the ML processing done to classify the photo in other ways (e.g. contains a dog) it would be a minuscule drop in the ocean. Processing of the back catalogue would almost certainly be restricted to when the phone is locked and charging.

                        1. 31

                          On a technical level it’s implemented very well.

                          It is matching against a list, so unlike a general recognition AI, there’s very little chance of misidentification.

                          The blocklist and matching process is split between client-side and server-side, so it can’t be easily extracted from the phone for nefarious purposes.

                          Apple has spent a considerable effort to cryptographically ensure they know nothing until multiple matches are found. Phone even sends dummy traffic to obscure how many potential matches are there.

                          So as far as scanning for the intended purpose, it’s a careful well thought-out design.

                          I am worried about governments putting pressure on Apple to add more kinds of unwanted images to this list. The list is opaque, and for obvious reasons, it can’t be reviewed.

                          1. 6

                            This is an improvement over their existing policy of giving authoritarian governments access to iCloud keys for their users: https://www.reuters.com/article/us-china-apple-icloud-insight/apple-moves-to-store-icloud-keys-in-china-raising-human-rights-fears-idUSKCN1G8060

                            This technology will allow Apple to expose only content that governments specifically ban rather than having to give them access to everything. We should be celebrating this for both its ability to combat child abuse and that it protects Apple’s customers from over-broad privacy invasion.

                            1. 1

                              This technology will allow Apple to expose only content that governments specifically ban

                              Do governments always make fair and righteous decisions in when deciding what images to ban? I see this situation as disastrous for human rights because you know darn well countries like China will bully Apple into including whatever images they want in that database.

                              1. 1

                                But China including whatever images they want is WAY better for privacy than today when China simply has access to all of Apple’s Chinese users’ data.

                                1. 1

                                  That’s not the case, unless you mean to say China bullying Apple into giving them a user’s decryption key? That scenario is possible with or without this system.

                                  1. 1

                                    This has been the status-quo for the past 3.5 years: https://www.reuters.com/article/us-china-apple-icloud-insight/apple-moves-to-store-icloud-keys-in-china-raising-human-rights-fears-idUSKCN1G8060

                                    China demand access to user data so many large American tech companies don’t have a significant presence there. Some American companies that are less committed to privacy comply with the conditions that China places for operating there. It’s a huge market so it’s been a great business move for Apple.

                                    Having the ability to scan users’ content in device might be a way to achieve censorship without such indiscriminate access to user data.

                                    1. 1

                                      The article makes many speculations, but there is nothing concrete regarding the Chinese government having the kind of access you described written in it.

                                      Also see this more recent article: https://www.nytimes.com/2021/05/17/technology/apple-china-censorship-data.html

                                      Documents reviewed by The Times do not show that the Chinese government has gained access to the data.

                                      1. 3

                                        Apple user data in China is not controlled by Apple, it’s controlled by GCBD, a company owned by a Chinese regional government. Instead of using standard HSMs they use a hacked up iOS system. Apple’s security chips are vulnerable to local attacks. https://arstechnica.com/information-technology/2020/10/apples-t2-security-chip-has-an-unfixable-flaw/

                                        So there’s a government owned company that controls the user data which is encrypted with keys stored in an insecure system. If user data is not being accessed that’s a choice that the Chinese government is making, not a restriction on their access.

                                        1. 1

                                          GCBD is the Chinese company that provides apple with datacenter type services. This is not the same as “controls the user data”.

                                          1. 2

                                            From the New York Times article you linked:

                                            U.S. law has long prohibited American companies from turning over data to Chinese law enforcement. But Apple and the Chinese government have made an unusual arrangement to get around American laws.

                                            In China, Apple has ceded legal ownership of its customers’ data to Guizhou-Cloud Big Data, or GCBD, a company owned by the government of Guizhou Province, whose capital is Guiyang. Apple recently required its Chinese customers to accept new iCloud terms and conditions that list GCBD as the service provider and Apple as “an additional party.” Apple told customers the change was to “improve iCloud services in China mainland and comply with Chinese regulations.”

                                            The terms and conditions included a new provision that does not appear in other countries: “Apple and GCBD will have access to all data that you store on this service” and can share that data “between each other under applicable law.”

                                            So to get around US privacy laws and comply with Chinese surveillance laws a Chinese government owned company is the iCloud “service provider” (with Apple listed as an “additional party”) and per the ToS “will have access to all data that you store on this service”.

                                            It was a great business decision. They’re the only major western tech company making a lot of money from the huge Chinese market. I personally wouldn’t want to work there but the people who do are doing very well.

                            2. 2

                              Could such a feature be “pretty easily” fooled to trigger law enforcement to someone as the article implies?

                              Is it plausible to assume that they scan the cached Telegram/Whatsapp/Browser images? If so, how would it behave if someone sends you a set of known infractor images? (an evil chat bot, for example)

                              1. 6

                                Apple says they scan only images in the iCloud library, so images in 3rd party apps and browsers won’t be scanned, unless you save them or screenshot them to your iCloud library. Of course, Apple devices belong to Apple, not you, so Apple could later decide to scan whatever they want.

                                With the current scheme, to cause someone trouble, you’d first have to have multiple banned images to send to them. I hope obtaining actual CSAM is not “pretty easy”.

                                My big worry was that a plaintext blocklist on the phone could be used to generate arbitrary new matching images, but fortunately Apple’s scheme protects against this — the phone doesn’t know if images match. Therefore, you can’t easily make innocent-looking images to trick someone to save them.

                                1. 3

                                  Of course, Apple devices belong to Apple, not you, so Apple could later decide to scan whatever they want.

                                  Is there a source for this information?

                                  1. 3

                                    What’s your source for the “multiple banned images” part? Skimmed through Apple’s technical PDF descriptions a bit but didn’t find that part right away.

                                    1. 4
                                    2. 2

                                      Apple says they scan only images in the iCloud library, so images in 3rd party apps and browsers won’t be scanned, unless you save them or screenshot them to your iCloud library.

                                      I believe pictures in a lot of messaging apps are automatically uploaded to iCloud. So you could just send someone some pictures over WhatsApp, email, or whatnot. Not 100% sure of this though; I’d have to check. I disabled all the iCloud stuff because it kept nagging.

                                      1. 1

                                        That or you can generate adversarial images that trigger known hashes. It isn’t using cryptographic hashes, it is using perceptual hashes.

                                        1. 1

                                          No, you can’t, because the device doesn’t know if it has got a match.

                                          1. 1

                                            And you think there will be no other way to get ahold of any of the perceptual hashes that are being scanned for?

                                            1. 2

                                              What I’m saying is that you can’t easily abuse Apple’s implementation for this. They’ve anticipated that problem and defended against it.

                                              If you get hold of some hashes or banned images from another source, that’s not Apple’s fault.

                                  1. 15

                                    Please consider signing the open letter against these changes: https://appleprivacyletter.com/

                                    1. 10

                                      Are you going to post an open letter for Microsoft, Google, DropBox, Facebook, Twitter, and all the other companies who have used the exact same database for this exact purpose for the last decade?

                                      1. 8

                                        Which provider has previously used this list against images that aren’t stored on their infrastructure?

                                        1. 4

                                          Images sent via iMessage are stored on Apple’s infrastructure.

                                          1. 1

                                            I think the question had implied “stored in plain text”. iMessage doesn’t do that.

                                            1. 6

                                              Right. So, every other provider has direct access to your photos, and scans for CSAM with their direct access. Apple, rather than give up their E2E messaging, has devised a privacy-preserving scheme to perform these scans directly on client devices.

                                              I really don’t understand how Apple is the bad guy here.

                                              1. 4

                                                Other providers that scan cleartext images are off the hook, because they’ve never had E2E privacy guarantee.

                                                [smart guy meme]: You can’t have encryption backdoor if you don’t have encryption.

                                                Apple’s E2E used to be a strong guarantee, but this scanning is a hole in it. Countries that have secret courts, gag orders, and national security letters can easily demand that Apple slip in a few more hashes. It’s not possible for anyone else to verify what these hashes actually match and where they came from. This is effectively an encryption backdoor.

                                          2. 3

                                            If I understood what I read, although the private set intersection is done on device, it’s only done for photos that are synced with iCloud Photo Library.

                                            1. 2

                                              Apologies to all in this thread. Like many I originally misunderstood what Apple was doing. This post was based on that misunderstanding, and now I’m not sure what to do about it. Disowning feels like the opposite of acknowledging my mistake, but now I have 8 voted based on being a dumbass 🙁

                                              1. 2

                                                iCloud Photos are stored on Apple infrastructure.

                                            2. 4

                                              This page gets the scope of scanning wrong in the second paragraph, so I’m not sure it’s well researched.

                                              1. 3

                                                how so? can you explain?

                                                “Apple’s proposed technology works by continuously monitoring all photos stored or shared on a user’s iPhone, iPad or Mac, and notifying the authorities if a certain number of objectionable photos is detected.”

                                                seems like an appropriate high-level description of what is being done, how is it wrong?

                                                1. 7

                                                  I may be wrong but, from what I understood, a team of reviewers is notified to check manually the photos once a certain number of objectionable photos is detected, not the authorities… If (and only if) the team of reviewers agrees with the hashes matches, they notify the authorities.

                                                  This is a detail but this introduces a manual verification before notifying the authorities, which is important.

                                                  From MacRumors:

                                                  Apple’s method works by identifying a known CSAM photo on device and then flagging it when it’s uploaded to ‌iCloud Photos‌ with an attached voucher. After a certain number of vouchers (aka flagged photos) have been uploaded to ‌iCloud Photos‌, Apple can interpret the vouchers and does a manual review. If CSAM content is found, the user account is disabled and the National Center for Missing and Exploited Children is notified.

                                                  Link to the resource: https://www.macrumors.com/2021/08/05/apple-csam-detection-disabled-icloud-photos/

                                                  1. 1

                                                    Second paragraph of the AP article

                                                    The tool designed to detected known images of child sexual abuse, called “neuralMatch,” will scan images before they are uploaded to iCloud

                                                    This resource from Apple also states that only images uploaded to iCloud are scanned.

                                                    1. 2

                                                      This quote you cite figures nowhere within the page.

                                                    2. 1

                                                      Apple’s proposed technology works by continuously monitoring photos saved or shared on the user’s iPhone, iPad, or Mac.

                                                      Only photos uploaded to iCloud Photos are matched against known hashes.

                                                  2. 4

                                                    Or just don’t buy an Apple device. Do you really think a trillion dollar company cares about digital signatures?

                                                    1. 6

                                                      I think this is a good statement of intent though.

                                                      I just bought an iPhone 12 and would be otherwise unlikely to be noticed as a lost sale until the iPhone 14~ since most people don’t upgrade a single minor version.

                                                      Giving them warning that they have lost me as a customer because of this is a good signal for them. If they choose not to listen then that’s fine, they made a choice.

                                                      Also the more noise we make as a community; the more this topic gains attention from those not in the industry.

                                                      1. 4

                                                        I didn’t mean to make some sort of “statement” to Apple. I find that idea laughable. What I meant is that if you are really concerned about your privacy to the point where scanning for illegal images is “threaten[ing] to undermine fundamental privacy protections” (which I think is reasonable), then why buy Apple in the first place? This isn’t the first time they have violated their users’ privacy, and it certainly wont be the last.

                                                        1. 6

                                                          What’s your proposed alternative?

                                                          I think Apple making a stance on privacy, often posturing about it a lot, does cause a lot of good will and generally those who prefer to maintain privacy have been buying their products. (myself included). You can argue that it’s folly but the alternatives are akin to growing your own vegetables on a plot of land in the middle of nowhere connected to no grid (a-la rooted android phones with f-droid) or google owned devices which have a significantly worse privacy track record.

                                                          1. 3

                                                            You oughta update your intel about the “alternative” smartphone space. Things have come a long way from “growing your own vegetables on a plot of land in the middle of nowhere connected to no grid.” The big two user-friendly options are CalyxOS and LineageOS with microG. If you don’t feel like installing an OS yourself, the Calyx Institute, the 501(c)(3) nonprofit which develops CalyxOS, even offers the Pixel 4a with CalyxOS preinstalled for about $600.

                                                            I’m running LineageOS on a OnePlus 6T, and everything works, even banking apps. The experience is somewhere between “nearly identical” and “somewhat improved” relative to that of the operating system which came with the phone. I think the local optimum between privacy-friendliness and user-friendliness in the smartphone world is more obvious than ever, and iOS sure ain’t it these days.

                                                          2. 2

                                                            It does seem folly to make a statement by not buying something, but consider this: When you vote, there are myriad ways that politicians have to dilute your impact (not going to enumerate them here but it’s easy to do). By comparison, when you make an economic choice, ever dollar is counted in full, one way or another. So if you vote, and you should, then there’s every reason to vote with your pocketbook as well.

                                                    1. 31

                                                      I prefer to see this type of project that builds upon what it considers the good parts of systemd, instead of systemic refusal and dismissal that I’ve seen mostly.

                                                      1. 15

                                                        Same. Too often I see “critiques” of systemd that essentially boil down to personal antipathy against its creator.

                                                        1. 22

                                                          I think it makes sense to take in to account how a project is maintained. It’s not too dissimilar to how one might judge a company by the quality of their support department: will they really try to help you out if you have a problem, or will they just apathetically shrug it off and do nothing?

                                                          In the case of systemd, real problems have been caused by the way it’s maintained. It’s not very good IMO. Of course, some people go (way) to far in this with an almost visceral hate, but you can say that about anything: there are always some nutjobs that go way too far.

                                                          1. 3

                                                            Disclaimer: I have not paid close attention to how systemd has been run and what kind of communication has happened around it.

                                                            But based on observing software projects both open and closed, I’m willing to give the authors of any project (including systemd) the benefit of the doubt. It’s very probable that any offensive behaviour they might have is merely a reaction to suffering way too many hours of abuse from the users. Some people have an uncanny ability to crawl under the skin of other people just by writing things.

                                                            1. 6

                                                              There’s absolutely a feedback loop going on which doesn’t serve anyone’s interests. I don’t know “who started it” – I don’t think it’s a very interesting question at this point – but that doesn’t really change the outcome at the end of the day, nor does it really explain things like the casual dismissal of reasonable bug reports after incompatible changes and the like.

                                                              1. 4

                                                                I think that statements like “casual dismissal” and “reasonable bug reports” require some kind of example.

                                                              2. 3

                                                                tbf, Lennart Poettering, the person people are talking about here is a very controversial personality. He can come across as an absolutely terrible know-it-all. I don’t know if he is like this in private, but I have seen him hijacking a conference talk by someone else. He was in the audience and basically got himself a mic and challenged anything that was said. The person giving the talk did not back down, but it was really quite something to see. This was either at Fosdem or at a CCC event, I can’t remember. I think it was the latter. It was really intense and over the top to see. There are many articles and controversies around him, so I think it is fair that people take that into account, when they look at systemd.

                                                                People are also salty because he basically broke their sound on linux so many years ago, when he made pulseaudio. ;-) Yes, that guy.

                                                                Personally I think systemd is fine, what I don’t like about it is the eternal growth of it. I use unit files all the time, but I really don’t need a new dhcp client or ntp client or resolv.conf handler or whatever else they came up with.

                                                                1. 4

                                                                  tbf, Lennart Poettering, the person people are talking about here is a very controversial personality.

                                                                  In my experience, most people who hate systemd also lionize and excuse “difficult” personalities like RMS, Linus pre-intervention, and Theo de Raadt.

                                                                  I think it’s fine to call out abrasive personalities. I also appreciate consistency in criticism.

                                                          2. 4

                                                            Why?

                                                            1. 7

                                                              At least because it’s statistically improbable that there are no good ideas in systemd.

                                                              1. 1

                                                                Seems illogical to say projects that use parts of systemd are categorically better than those that don’t, considering that there are plenty of bad ideas in systemd, and they wouldn’t be there unless some people thought they were good.

                                                                1. 2

                                                                  Seems illogical to say projects that use parts of systemd are categorically better than those that don’t

                                                                  Where did I say that though?

                                                                  1. 2

                                                                    I prefer to see this type of project that builds upon what it considers the good parts of systemd

                                                                    Obviously any project that builds on a part of system will consider that part to be good. So I read this as a categorical preference for projects that use parts of systemd.

                                                            2. 2

                                                              There have been other attempts at this. uselessd (which is now abandoned) and s6 (which still seems to be maintained)

                                                              1. 4

                                                                I believe s6 is more styled after daemontools rather than systemd. I never looked at it too deeply, but that’s the impression I have from a quick overview, and also what the homepage says: “s6 is a process supervision suite, like its ancestor daemontools and its close cousin runit.”

                                                                A number of key concepts are shared, but it’s not like systemd invented those.

                                                                1. 1

                                                                  s6 I saw bunch of folks using s6 in docker, but afaik that’s one of most not user friendly software i’ve been used.

                                                            1. 4

                                                              “On the other hand, it is a real challenge to generate code that is maintainable and scal- able over time in these types of languages. In 2010, Rust emerged as a new programming language designed for concurrent and secure applica- tions, which adopts features of procedural, object-oriented and functional languages.”

                                                              My C code from 2010 runs just fine today. The same cannot be said about 10 year old rust code.

                                                              1. 6

                                                                How’s your BCPL code running? In 2010 the Rust project was in very early stage and looked more like Ocaml-flavored Erlang.

                                                                Rust as we know it has been released in 2015. Since then it has been remarkably stable and backwards compatible. In the 54 releases so far I had to change less code than it takes to make C work with more than one compiler.

                                                                1. 2

                                                                  The point being that the article specifically mentioned Rust as a language that emerged in 2010 as being scalable and maintainable, as in lower-effort than C, when in fact it was only considered stable in 2015 with a revision that says (quoting) “Since it’s the default edition, there’s no way to port your code to Rust 2015; it just is.”[0]

                                                                  In regards to the two points that you specifically raise:

                                                                  1. BCPL is not mentioned in the paper, I fail to see the point you are taking here.
                                                                  2. The effort taken to make C work with more than one compiler is not something that can be compared to Rust (there is only one compiler, and likely will ever be).

                                                                  To the same extent, I could take such an arrogant stance and ask you:

                                                                  “How’s your effort in making your Rust code work with more than one compiler?”

                                                                  But I won’t.

                                                                  [0] https://doc.rust-lang.org/edition-guide/rust-2015/index.html

                                                                  1. 1

                                                                    You’re really hanging on to the semantics of “emerged”/“came to light”. The paper isn’t even about this, and doesn’t make claims about historical versions of Rust. They’re just giving some background in the abstract.

                                                                    And 5 years untill stable isn’t even unusual. C has “emerged” in 1972, K&R in 1978, ANSI C 1989.

                                                              1. 3

                                                                My oldest remaining presence:

                                                                1. deviantart profile (2004)
                                                                2. blogspot blog (2006)
                                                                3. twitter profile (2007)

                                                                Unfortunately my older personal pages are gone, this includes the university page, and a 90s user page on a local pages provider :(

                                                                1. 4

                                                                  Why use C89 in 2021? That’s a 32 year old standard. We have C17 now.

                                                                  1. 9

                                                                    Especially with C89 you have a huge variety of compilers available allowing you to run your code on nearly every architecture as well as checking your code for maximum standard compliance (some compilers are more liberal than others).

                                                                    With any C standard that is >= C99 you are effectively forced using clang or gcc.

                                                                    1. 4

                                                                      Can you give an example of an architecture that is only supported by a C89 compiler?

                                                                      1. 3

                                                                        MS VisualC++ only began to add C99 support in Visual Studio 2013, and I’m not sure they support anything newer. So you’re no longer limited to C89 for Windows code these days, but there’s a long tradition of “keep your expectations very low if you want to write C and be portable to the most popular desktop OS”.

                                                                        1. 3

                                                                          According to this blog post they were working on C11 and C17 support last year. I don’t know how far they are with things they listed as missing.

                                                                    2. 4

                                                                      Later versions of the C standard are a lot less portable and a lot more complex. I use C89 when I want to write software that I know will be portable across many different machines and will work with nearly any C compiler. IMO, it doesn’t really make sense to target anything later than C11; C17 doesn’t make enough notable and useful changes to warrant using it.

                                                                      1. 1

                                                                        Some old code bases, especially in the embedded space, are still written for it.

                                                                      1. 2

                                                                        “The next optimization is both significant and controversial: disabling speculative execution mitigations in the Linux kernel. Now, before you run and get your torches and pitchforks, first take a deep breath and slowly count to ten. Performance is the name of the game in this experiment, and as it turns out these mitigations have a big performance impact when you are trying to make millions of syscalls per second.”

                                                                        Here is one highly optimized word: No.

                                                                        1. 2

                                                                          If it’s an EC2 instance running a single app server, the risk is minimal as he explains.

                                                                          1. 2

                                                                            Honest question, if you were running this server on a dedicated server, wouldn’t turning off those speculative execution mitigations be a good thing? In the author’s case since he’s on AWS it may not be super ok but on my own actual hardware? I thought it would be fine.

                                                                          1. 6

                                                                            Awesome! updating later tonight.

                                                                            The music is very zen :D it resembles using OpenBSD as a server, no worries, no problems, just flow.

                                                                            1. 3

                                                                              I loved reading this article. It is amazing how far the shit pyramid gymnastics can stretch.

                                                                              1. 6

                                                                                I am trying to find new ways to draw geometric shapes. No comercial intentions.

                                                                                1. 2

                                                                                  Do you have a repo available? That sounds interesting!

                                                                                  1. 1

                                                                                    Thanks!

                                                                                    sorry for the long delay in answering. Things are scattered in a couple of repos that I keep changing.

                                                                                    The main one is this: https://github.com/HugoDaniel/shape-the-pixel (still disorganised and not ready to be followed I think).

                                                                                    The most recent experimentation is this https://github.com/HugoDaniel/OnlyLines that will be merged soon(wish) in the shape-the-pixel one.

                                                                                    In summary I am trying to do the most simple drawing app possible. In order to achieve that I work with a set of limitations and rules that are in opposition to what is commonly done:

                                                                                    1. No buttons, no clickable icons, no menus
                                                                                    2. Click/Touch/Select is not the main action
                                                                                    3. The agent owns the app and not the user (an agent is an intractable persona, like “clippy” in microsoft word, but more powerful)
                                                                                    4. Zooming triggers functionality (its a ZUI in the base of it all, zooming is not only an action but it allows for different sets of actions to happen in different zoom levels) -> and zooming works in an opposed fashion to what is common in drawing/design apps -> in what I am doing you have to zoom out to see the pixels, which has proven way more intuitive from a drawing perspective.

                                                                                    Dragging is the main action, and infinite lines are the base shape. When dragging in an open space a new line is formed. When lines intersect a point is made, those points can then be dragged to form circles. Then there is a lot of other small things that come and go as experimentations keep proving them more or less useful.

                                                                                    I am trying to avoid overthinking things too much, and keeping it as simple as possible, this is very hard for me to achieve and it is the fruit of many experimentations and failed attempts throughout the years.

                                                                                    Here is the most recent video with the current state of it:

                                                                                    https://twitter.com/mr_hugo/status/1382462369499086848

                                                                                    I am not sure why I am doing this, sunk cost maybe, but yeah :) thanks for asking about these, it feels great :D

                                                                                1. 14

                                                                                  This is bad. Bad advice and bad practice overall.

                                                                                  Why not just properly partition the disk and keep things separated? An 8GB empty file won’t help if you can’t even log into the machine to delete it. Besides deleting the file does not imply that the space gets immediately available.

                                                                                  1. 1

                                                                                    I was under the impression that OpenID died with the Web 2.0 and its promise of an open connected world.

                                                                                    Apparently this OpenID “Connect” is a reboot of the concept on top of OAuth. Good work :)

                                                                                    1. 2

                                                                                      Thank you. OpenID Connect is a kind of a “2.0” from the original, which aims at being a simple “shim” on top of existing OAuth 2.0 infrastructure. Is what Google uses for its “Sign in with Google” integrations. It’s been getting a lot of adoption. I think in your country (is it Spain?), Talkdesk is a known implementer of the functionality.