-
Congratulations @alynpost :) This is good news.
-
The author made a massive mistake early on: voting software has never proven itself effective even against accidents. And planes and elevators definitely are designed to protect against intentional attacks. The entire first part of the article is flawed.
Also, the assertion that
software is better than the mechanical machines they replacedis also wrong. A bunch of mechanical things in my car have been replaced with software, and none of the ones I care about work as effectively as the mechanical thing they replaced. :(The rest of it goes on like that. The entire thing is ridiculous.
-
voting software has never proven itself effective even against accidents
Quite the opposite - here’s a recent article about voting machines reporting 243% turnout in Georgia, for example. That particular mistake was fixed by adjusting the number of eligible voters, but other failures are alleged and it’s not obvious that there is a reliable audit trail to follow up on these allegations.
A couple of other points from the article that made me itch:
It’s actually really hard for the Russians to hack voting machines, as they have to be attacked them on a one-by-one basis. It’s hard for a mass hack that affects them all.
I’m not convinced this is true: voting systems are supposed to be airgapped after a vendor sold them with remote access software installed but systems like Voatz’ proposed online vote-by-cellphone setup presumably undo this.
The author goes on to say:
It’s much easier to target the back-end systems that tabulate the votes, which are more often normal computers connected to the Internet.
I agree! And since these are an important part of the counting process for electronic voting systems, I don’t see how this is in any way an argument in favour of voting machines.
-
-
Currently most of my reading has been juggling political philosophy books.
My main list is: The Origins of Capitalism, Carceral Capitalism, Why I’ve Stopped Talking (To White People) About Race, and October (by Mieville)
However, I usually keep on having to stop reading these, because, in the case of Meiksins’ book, the density, and in the case of the rest, people have a habit of being disgusting creatures when The System tells them it’s acceptable. One part of October describes how, in the run-up to the revolution, a right-wing ‘protest’ where they locked a town-full of jewish people inside a church and set it alight…
So for the inter-rim between those books, I’ve been ripping through Whipping Girl, it’s ridiculously accessible and a very good deconstruction of gender and how society deals with it. I also recently obtained a copy of Bruce Lee’s “Fighting Method” for fitness reasons.
Another book I obtained recently was Morton’s “Humankind: Solidarity with non-human people”, which rather surprisingly turned out to be a Marxist argument for the better-treatment of animals. The first five pages demonstrate the author has clearly done his philosophical research, however, so I am rather looking forward to it.
-
The Origins of Capitalism is an excellent book. The way it traces the development and solidification of institutions, and the way they channel human behavior and potential, dissolved a whole bunch of my preconceived notions about the nature of things.
You might also like A Brief History of Neoliberalism by David Harvey
-
-
Been looking for some books like this (and the Mieville has been on my list for some time), those look worth a shot - thanks. I have the same problem with political/history books, for what it’s worth’ I can only take so much depressing history before I need to clear my head with something lighter.
-
-
- How to think like a mathematician by Kevin Houston. It’s a basic maths/logic text in the vein of How to Solve It but more aimed at people looking to read maths at university. It’s been on my list since somebody posted a free extract here and I’m finally getting stuck into it.
- Stalin’s Nose by Rory MacLean. It’s a fictionialised travel story in which the main character travels post-Communist Europe in a Trabant, with his toothless aunt and the pig that killed his uncle. I’m finding it a little drier than the author’s second book, The Oatmeal Ark, but still a good read.
I’m looking forward to reading Gnomon next on the fiction side, I hear good things.
-
owent
1 month ago
|
link
| on:
Atlassian announces new partnership with Slack, will discontinue Hipchat and Stride
I nearly posted this as an ‘ask’: Slack is not good for $WORK’s use case because it does not have an on-premise option. What on-premise alternatives are people using/would you recommend?
-
-
-
-
We’ve used mattermost for a few years now, it’s pretty easy to setup and maintain, you basically just replace the go binary every 30 days with the new version. We just recently moved to the integrated version with Gitlab, and now Gitlab handles it for us, even easier now, since Gitlab is just a system package you upgrade.
-
-
-
-
-
-
I really want to love NixOS: the ideas, the tools, how things are supposed to work… All they propose sound like future to me. Be able to have my config, which defines how I want my computer to behave, and just plug it in all the machines I may need to use sounds mindblowing.
And personally, I am finding the learning curve to be steep as hell. Not only because the documentation seems to assume that the one reading is slightly familiar with the environment and how things work, also because I need to modify certain habits to make them work with NixOS. For example, one of the must-haves for me is my Emacs configured as I like. I can tell Nix to clone my Emacs configuration to the home folder, and it should already be able to start downloading the packages it needs; but in reality that is not trivial because it seems to expect the packages to be downloaded from the Nix configuration instead of the Emacs one (to ensure the system to be deterministic, it makes absolute sense). I am used to have everything available from everywhere, but NixOS has most things isolated by default to keep the purity.
I will keep on fighting with stuff until I find things out, but I am sure that as the project grows all these corners will be polished to make it more accesible to newcomers.
-
For what it’s worth, I’ve been a heavy user of Nix, NixOS and Emacs for years, but still haven’t bothered configuring Emacs with Nix. The Emacs package I use is
emacs25.override { withGTK2 = false; withGTK3 = false; }(this causes it to compile with the lucid toolkit, avoiding http://bugzilla.gnome.org/show_bug.cgi?id=85715 ). I do everything else with a~/.emacs.dthat’s been growing for years, across various distros, and is a mixture of Emacs Prelude (which I started with), ELPA/MELPA/Marmalade and (more recently)use-package. I just install any dependencies into my user profile or NixOSsystemPackages. Actually, I define a package calledallwhich depends on everything I want; that way I can keep track of it in git, rather than using commands likenix-envwhich can cause junk to accumulate. It looks like this:with import <nixpkgs> {}; buildEnv { name = "all"; paths = [ abiword arandr audacious cmus (emacs25.override { withGTK2 = false; withGTK3 = false; }) gensgs mplayer picard vlc w3m # and so on ]; }There are certainly some aspects of Nix which require “buy in” (it looks like Guix is slightly better in this regard), but there are others which allow “business as usual”.
For example, if you want to make a Nix package that just runs some bash commands, you can try
runCommand, e.g.with import <nixpkgs> {}; runCommand "my-package-name" {} '' # put your bash commands here # the "result" of your package should be written to "$out" # for example mkdir -p "$out/bin" printf "#!/usr/bin/env bash\necho hello world\n" > "$out/bin/myFirstProgram" ''Whether this will work obviously depends on what the commands do, but if it works then it works (you can even run stuff like
wget,git clone, etc. if you want to; although I’d include a comment likeTODO: use fetchurl or fetchgit). If your scripts need env vars to be set, put them between the{}. If you want some particular program available, putbuildInputs = [ your programs here ];between the{}.Another example is programs which assume the normal FHS filesystem layout: making them work is sometimes as easy as using
steam-run(e.g. https://www.reddit.com/r/NixOS/comments/8h1eu5/how_do_you_deal_with_software_that_is_not_well/ ).Whilst there’s complicated infrastructure in Nixpkgs to support packages which use Python, Haskell, autotools, etc. sometimes we can get away without having to go ‘all the way’ :)
-
Woah, thank you, that was super useful! I think I got it, but I still have to test it and have my own gotcha moments :)
-
-
-
You’re not alone - I installed NixOS recently and like what I’ve seen, but haven’t been able to put in enough time to get over the learning curve yet. Until I do, I’m fairly sure I’m missing several chances to “do things properly” because I’m not sure what that looks like under NixOS. This post and comments have been quite reassuring at least!
I guess that’s the beauty of open source - now we all have to go and fix the documentation?
-
I guess that’s the beauty of open source - now we all have to go and fix the documentation?
Well… I guess. I’ll make some coffee.
-
-
-
Politics, preferences, and arguments aside, Guido’s work on Python is really appreciated and I hope he’s not leaving with a foul taste in his mouth.
-
-
For me as a programmer, what I need is just a stable Operating System which can always provide latest software toolchains to meet my requirements, and I don’t want to spend much time to tweak it.
Why is this? As a programmer I find I rarely need bleeding edge. I’m sure not going to install bleeding edge to production. It can be fun for hacking around but I don’t see why as a programmer it’s needed.
-
-
-
I don’t want bleeding edge in general, but “your issue has been fixed in the latest version” get old quickly.
-
-
I’m going to propose an alternative argument: that the debate over full-stack vs. front-end/back-end demonstrates that our ability to develop user interfaces is broken.
I want to be specific here, because I’m not talking about developing user experiences. Taking an abstract set of requirements and turning it into an implementable series of interactives is absolutely a unique and complex skill. The same is true of design.
But this front-end/back-end dichotomy strikes me as… okay, as someone who’s done plenty of both, front-end is needlesly complicated because our front-end targets are absolute garbage. The browser offers an absolutely awful target for applications, and your basic front-end “hello world” these days takes 15 pages of boiler plate and 1,024 dedicated frameworks.
Front-end development shouldn’t be complicated. Our tools make it complicated, but that’s because we have bad tools
-
The author of the article quotes a tweet from, er, himself at one point which I think supports your view more effectively than it supports the argument he makes in the article:
If we spent as much time thinking about users as we do about the titles we give front-end developers then the web would be a much better place.
I think this is a good way of looking at it.
-
-
Well done.
Ethics is not something we can turn off during working hours, to maximise profits.
Technology is just the continuation of Politics by other means.
-
-
Main work/life news for me is that I signed a contract to start next year (January 2019) as Assistant Professor of Computer Science at American University in Washington, DC. So I’ll be moving back to the US. Should be interesting and will definitely be a change of pace, though I’ll miss living in this beautiful seaside town in Cornwall.
In work-adjacent noodling, added a feed to my paper-reading log per a request. The structure of Atom is simple enough that it was pretty easy to DIY it using a Mustache template.
Besides that, working on something for the General Video Game AI competition. My goal isn’t necessarily to build an agent that performs well, but to better understand the structure of the space. Characterize the different types of challenges encountered by agents in these kinds of arcade games, understand how algorithm/compute/etc. choices relate to performance, and so on.
-
-
Missed an opportunity to pick up http(s)://crate.rs, surely
-
-
I would like to add that, for some websites (such as mine,) being AMP-compliant requires adding more stuff (CSS, JS, some HTML,) resulting in worse load-times. Google already incentivises performance; ensuring every website I’ve helped out on scores 100/100 on PageSpeed Insights has resulted in a significant ranking boost. Why, then, do heavier AMP pages get preferential treatment? Maybe Google’s CDN is faster than the one I use, I don’t know, but does it matter when the page loads in < 200ms anyway? Out of non-scientific curiosity, I tossed a few AMP pages into PageSpeed and Pingdom speed test, and they were all substantially slower.
-
-
Because the AMP initiative is fundamentally about control, namely getting more user data. This is being pushed under the guise of “fixing” problems created by the organizations/developers themselves, as this article does a good job of laying out.
It’s funny how some will say it is “unreasonable” to de-bloat a website, while AMP is a “good idea.” The lack of critical thinking by the developer community at large is quite scary on this issue. :(
-
Having worked at a high-traffic news website, my (anecdotal) experience is that many professional frontend developers understand the problems of bloat and want to fix them. Unfortunately as always it can be a hard sell to management to fix technical debt.
We were lucky enough to have some excellent product owners who really fought and made thr argument that speed improvements would bring business benefits, but even then there is limited time and budget available.
By contrast the management sell for AMP is that Google will give you better search results for comparatively little developer time.
For what it’s worth, much the same value proposition is driving publishers to Apple News and Facebook’s Instant Articles, which are AMP clones to some degree. It’s partly fear of missing out on an audience.
-
which are AMP clones to some degree
Apple News scrapes existing websites, RSS/ATOM feeds, and an apple-defined JSON spec from news sites, and presents articles to the user. Which part of that is the same as “force news sites to deliver their content using a shitty JS renderer that routes all traffic via google’s CDN” ?
-
That’s fair.
From the publisher’s perspective it feels similar in that content is taken from your site and presented in a format largely outside your control.
My point was that this is accepted because publishers don’t want to lose out on a potential audience, but it’s not necessarily a good deal otherwise. For example, advertising is managed by the provider and the publisher is cut in at some set rate. It’s hard to negotiate with a giant like Google, Apple or Facebook and so you take the rate you’re given.
I’m actually ok with anything that forces people to rely less on advertising as a source of revenue - my personal opinion is that it’s a hostile experience and not sustainable.
However, I think it’s fair to say that many publications will feel that a reader on AMP/Apple News/Facebook is worth less in terms of advertising revenue than a direct website reader.
-
-
-
-
-
-
I think it’s worth splitting hairs on another dimension of remote:
Some companies allow remote, but you have to “remote desktop in”. I often work for one of those, since apparently it makes some kind of banking contracts easier/simpler. I hate that part, since it’s hard to be effective on a plane or on a train, but since my “office” is in Ireland and I live in London, at least the online latency isn’t that bad.
Other companies are “remote” but allow you/expect you to work in your own environment (or in a cloud/container environment). This latter is much easier to be “remote”, but leaves you more at the mercy of the worst IT person in the world (yourself).
-
-
-
Oh, I know what you mean. I’m just suffering with IT at my current job. I’m not allowed to set anything up myself but it takes them months - literally months - to spin a up single VM. And that’s after weeks of form filling and discussion to kick off the process. As a result, everyone does their best to avoid IT, so we all have incompatible systems running on machines we bought on the company credit card and hid under our desks.
-
We’re slightly better than that: Cloud Change is on Wednesdays, and Network Requests get done over the weekend. And (thankfully) not all projects need to go through this process; For the most part, if you write the ticket “correctly” you’re fine, but “correctness” still feels like a moving target at times. I’d much rather them just know enough to sort me out so I can start doing the things I know how to do…
-
-
-
-
What do you mean by “remote desktop in”? Like, you need a stable connection, or need to work in the same place every time (like your own home office)? Regarding your last topic, ideally, if your company really wants to allow remote, the IT part of it shouldn’t be a pain to setup (VPN would be a standard), if it is, I’d question the motivations to allow it in the first place. There are some businesses though (like banks) where IT setup is very strict.
-
What do you mean by “remote desktop in”?
I mean RDP or PCoIP. (The company I’m with now: it’s RDP)
if your company really wants to allow remote, the IT part of it shouldn’t be a pain to setup (VPN would be a standard), if it is, I’d question the motivations to allow it in the first place.
The company lets me live where I live because I want to live there. It’s a “remote friendly” situation, but the client still has their requirements on the company and we can’t do anything about that.
-
-
I have never heard of this. I assume you mean something different to “I need access to the VPN to connect to a staging database?”. What difference does supposedly it make whether you’re “remote desktop in” or working on your laptop? The same code gets written either way. Is it a compliance thing?
-
This is often done for compliance reasons, or at least for client reassurance where financial data is handled.
Staff are given very locked-down desktop computers and work is performed from those workstations. If you work from home you must use SSH, RDP or equivalent to connect to and work on your PC.
In many cases private data should be airgapped from developer workstations anyway, but it’s another layer of protection against accidental leakage. It also means you never have to have the “somebody left their laptop on the train” conversation with an auditor.
-
Yes, it’s a compliance thing. There needs to be a complete and documented chain of custody from the contents of my brain to the customer. No stack overflow or third-party code. All access needs to be secure and documented.
I have a remote terminal I can access using one of these. From there, I’m allowed to write code and interact with either the dev or preqa environments.
The alternative is that I go into an office with a PC set up exactly like may terminal.
In either case, I can use a VPN and a different token to reach the UAT (but I cannot reach its database, etc., since it often contains customer data). Any screens I look at there are logged.
-
-
-
Just back from a holiday and I have a couple of weeks of C++ classes to catch up on. If I have time, I’d also like to stick my nose into this year’s BSides London challenges, as they’re always fun.
At work I’ll be further building out our Kubernetes install: I’m also looking into getting involved in the documentation SIG so I can hopefully give a little back to the community.
-
Thanks for the tip on Hemingway Editor! I consider myself a fairly good writer but I often need to work hard to strip down my writing and this looks useful.
-
This is a nice summary, thanks for sharing it. Combined with this tweet: https://twitter.com/kellabyte/status/996429414970703872
…I’m inclined to wonder how much time/bandwidth would be saved at larger sites if people cleaned these up, although I suspect that “size of HTTP headers” is not the worst bottleneck for most people.
-
-
I suspect the impact is minimal. It’s a few hundred bytes at worst, and the site is probably more affected by 3rd party adtech or unoptimized pictures.
-
Somewhat related, but even small changes to the request/response can have large impact on the bandwidth consumed.
From Stathat “This change should remove about 17 terabytes of useless data from the internet pipes each month” https://blog.stathat.com/2017/05/05/bandwidth.html
-
Optimized Images alone would most likely save a lot more since they can save a lot more too. A recent google blog loaded a 8MB GIF image to show a few second long animation in a 250x250 thumbnail. 2 minutes in ffmpeg reduced that to about 800KB.
Imagine if people did this on sites with more traffic than some random google product announcement blog…
-
-
-
I’m 100% sure I would break my phone if I tried this (I don’t own an iPhone, so it wouldn’t do me much good. But for the sake of argument).