HackerTrans
TopNewTrendsCommentsPastAskShowJobs

geofft

no profile record

comments

geofft
·قبل 4 سنوات·discuss
In general "factual information" is not a defense to a whole bunch of things that society generally recognizes as not protected by free speech (the broad concept, not solely the legal right). I cannot claim to be lawyer and provide you with legal advice, even if that legal advice is correct. I cannot redistribute copies of Taylor Swift's latest album, even if (perhaps especially if) it is a faithful copy. I cannot make a public list of all the black people at my company who show up late to work and leave the white people off that list, even if I'm accurate about when they're showing up. If I am a doctor, I cannot publish transcripts of all the conversations I have with patients.

And a few of these aren't even heinous! If I happen to be self-taught in the law and I am particularly good at giving wise and helpful legal advice, but I am not actually admitted to the bar, nobody is directly hurt by my advice, but society has decided the potential for harm in this situation is high enough that I still shouldn't be allowed to do that.
geofft
·قبل 4 سنوات·discuss
Then how do you decide what is (or should be) a right and what is not? Suppose someone claims a right to gay marriage, or a right to employ only people of their race, or a right to bear arms - how does society (the citizenry, the legislature, and/or the courts) decide whether that is indeed a right?

Absent a holy constitution given to us by the divine, the way we decide what is and isn't a right is we look at its effect. Places that recognize a right to bear arms, for instance, do so because they believe that arming the citizenry protects them against abuses of the government. Places that don't do so because they believe that disarming the citizenry protects them against crimes from other citizens. To the extent that one of these views is correct and the other is not, it is not because they guessed wrong about the nature of the universe - it is because one argument is correct and another is not.

Free speech is not axiomatic. Free speech is a right (and I agree it is a right!) because it has particular positive effects on society, through the benefits of open and unfiltered public discourse.

And the same reasoning helps us define exactly what "free speech" is. We make significant restrictions on free speech - classified information, copyright and trademark law, slander and tortious interference, electioneering laws, unauthorized practice of medicine or law, fraud, etc. - in the expectation that those restrictions serve to benefit society, and in the understanding that if we were to allow these forms of speech, they wouldn't really serve the goals which we see free speech, overall, as helping. If I were to say "I am a licensed doctor and I think you should take two pounds of Vitamin D a day," we understand that the benefit of me adding that statement to the public discourse is nil, and the harm is great, and so we don't recognize that as protected by free speech.
geofft
·قبل 4 سنوات·discuss
No, but he happened to be wrong for it.

The NSPA's goal was never to actually hold a march. They never did hold a march in Skokie, after that defense. Their goal was to harass Jewish communities through the process of applying for the march, which Goldberger, for all his good intention, assisted them with.

As the article notes, they sent letters to a whole bunch of suburbs asking for a permit to hold a march. They never followed up with the suburbs that ignored them, nor did they march in those suburbs either.

The whole thing was a bad-faith tactic which today we'd call trolling. They weren't fighting for their right to speak freely in Skokie, they were fighting for their right to use the legal process to harass the city of Skokie.
geofft
·قبل 4 سنوات·discuss
"Moon" is the name of the person who spoke the thing above that is being discussed in this thread.

Advising underage people through a wiki on how to make hormones at home is neither sexual assault nor grooming as the term is conventionally understood. How could it be? You can't get in contact with an anonymous reader of information that has been published to the public. You have no idea what they do with that information. So I am not really understanding what its relevance in this thread is.

(If anything, it's an example of free speech. You might not be a fan of it, which is totally fine, but information that advises people of any age on knowledge that people would prefer to be un-known is obviously at least as deserving of free speech protection - both in the legal sense of protection from government interference and in the moral sense that lovers of a free society should support it having a platform - as anything posted on Kiwifarms.)
geofft
·قبل 4 سنوات·discuss
Absolutely agree, but how do you do that in practice?

Do you self-host your services on some Linux distro? How many FAANG employees have upload access to that distro or maintain its infrastructure?

(Or maybe you audited everything yourself and you're 100% confident in your audit, somehow, and you've turned off automatic updates. How many FAANG employees are working on fuzzers to automatically find new exploitable security vulnerabilities and scale out those fuzzers on their employers' infrastructure?)
geofft
·قبل 4 سنوات·discuss
It protects the user's privacy against attackers other than Google.

To be fair, this is an entirely reasonable threat model for a lot of people. For instance, if you're a reporter in an authoritarian country, Google is almost certainly not colluding with the attackers who are literally trying to kill you, and using a Chromebook and Gmail is probably the best option out there. Your threat model is "Don't die," not "Don't be subject to surveillance capitalism."

But it's also something we should collectively be pushing back on. The motivating example for these products is "intelligent ambient systems," i.e., things like Nest hubs and doorbells that capture audio/video all the time. These products probably shouldn't exist at all, and to the extent they do, they should process data locally and discard it as soon as they can.
geofft
·قبل 4 سنوات·discuss
> But you have to keep in mind that RMS advocates the free software philosophy - the complete left end of the software spectrum

I don't think this is true! There are notable portions of the free software community that are farther left (or whatever direction you may consider it to be) than Stallman and GNU.

Debian, for instance, rejects the GFDL as a non-free license when the "invariant sections" or "cover texts" mechanisms are used. These are clauses that allow GFDL documents to include words or even entire chapters that cannot be modified or removed from copies of the document. Stallman uses this clause to include a section about the ethics of the free software movement in documents like the GCC manual. Now, explaining the ethics of the free software movement is of course an important cause. But the manner in which this is done - preventing the GCC manual, or portions of it, from being freely modified in its entirety, from being recombined freely with other documents or code with otherwise-compatible licenses - is, in the view of Debian and others, incompatible with the free software philosophy.

This is a farther / more radical view. Stallman's view is that making some unmodifiable and unremovable sections in an otherwise-free work is an acceptable compromise. Debian's view is that there is no room for compromise. And Debian is an entire (and quite influential) Linux distribution.

Or take the AGPL, for instance, sponsored by now-defunct startup Affero. There are many people (myself included) who believe the AGPL is a restriction on use, freedom 0, because it prevents you from using AGPL software in certain contexts where the requirements cannot be fulfilled. Suppose I find some AGPL code with a neat algorithm for a session cache, or something, and I want to incorporate that into a TLS library. There is absolutely no way to fulfill the AGPL's requirement to make source code available to users who interact with my code over the network. The clause triggers, because users are indeed interacting over the network, but since there's no TLS extension to offer source, I can't actually do so. This is, it seems to me, as much of a restriction on use as "You can't use this in commercial settings" or "You can't use this for military applications." There's a reason that even GNU still uses the GPL for much of its software - they know the AGPL would make lots of their code effectively unusable in contexts where it ought to be usable.

Or, in the left-libertarian direction, consider the folks who want to abolish copyright entirely. The GPL fundamentally relies on copyright law, else it cannot have its particular effect over the MIT/BSD/etc. licenses where it requires redistributing source along with binaries. The GPLv2 itself starts by saying, "To protect your rights, we need to make restrictions" - there is a coherent political view that this is contradictory. There is certainly a popular view, popular among the BSDs and others, that those licenses are freer than the GNU ones. But there is also the farther and more radical view that even the MIT and BSD licenses are a compromise, and the goal should be questioning the validity of software copyrights the same way much of the free software community questions the validity of software patents.

(In fact, among non-experts, you can find a very common view that because something is released to the public in certain ways it ought to be "public domain." The Berne rule of every creative work being automatically copyrighted isn't clearly obvious to the general public, and it's a relatively recent rule, too!)

Stallman is influential, yes, and very passionate. But that's entirely different from him being all the way at the end of the range of discourse. It is worth listening to folks whose positions are less well-known but more radical.
geofft
·قبل 5 سنوات·discuss
Ah, thanks! That makes more sense and that explains the "we".
geofft
·قبل 5 سنوات·discuss
> In the case of Wayland, the “vague authority” are a bunch of volunteers who have devoted tens of thousands of hours of their free time [...]

> We’ve sacrificed our spare time to build this for you for free. [...]

> You’re gonna maintain Xorg yourself, because we’re not going to volunteer our time, sacrifice our weekends and evenings staying up late for your sake [...]

This surprises me - I thought Wayland was developed mostly by people who were being paid full-time to develop it, at the various commercial Linux vendors (Red Hat etc.) or companies like Collabora. (And I thought the same was true of Xorg, and has been true for many years.) Is it really true that Wayland is primarily volunteer-driven?

It's true that most people are nonetheless getting Wayland for free (and, to be absolutely clear, harassment is unacceptable even to people being paid to work on the project), but the dynamics of the situation change a lot based on whether the developers are volunteers or paid by some company.
geofft
·قبل 5 سنوات·discuss
I don't know that it does - the author has, as far as I can tell, three small commits in Wayland:

https://gitlab.freedesktop.org/wayland/wayland/-/commits/mas...
geofft
·قبل 6 سنوات·discuss
If their goal is to promote savory behavior, isn't it beneficial to have an internal voice trying to guide the company's direction?

There is no shortage of engineers who would happily take a job at Google. If the folks raising concerns decided to all leave, isn't the net result that Google would operate much as it does today (maybe a little bit slower to get products to market) but without any internal check on its behavior?

And since the issue under dispute here is AI ethics, shouldn't we the non-Googlers want to make sure people willing to voice concern about unethical behavior remain at Google?
geofft
·قبل 6 سنوات·discuss
The process is determined by Google, yes, but there is a written, established process, which management did not abide by.

Now it is technically true that management does not have to abide by it and can redefine the process at any time, but that doesn't mean saying "The established process is not an anonymous feedback process, what is going on" is doxxing anyone.

Last week at work I was told that a particular internal product was being wound down and was not considered strategic in 2021 planning, and I asked who expressed that desire because my team has a particular technical need for it and I think there are ways to run it more efficiently, and I wanted to have a conversation with them and find an answer that's good for the business. I would have been confused if I was told "I can't tell you that." Was I trying to dox someone?
geofft
·قبل 6 سنوات·discuss
Wanting to know which coworkers are raising feedback in a process that does not provide for anonymous feedback in the first place is not "doxxing" them.

(EDIT: Note that this particular process was not a peer review process - academic peer review is done by people from another institution, and selected by the venue after submitting a paper. This was a pre-submission internal review process which has never been billed as academic peer review.)
geofft
·قبل 6 سنوات·discuss
Her job was AI ethics research. Also, she did get it reviewed and it was accepted, as Jeff Dean's letter confirms. Management just changed their mind and decided the review procedure wasn't enough because they realized they didn't want someone taking their AI ethics job seriously.
geofft
·قبل 6 سنوات·discuss
She offered to resign on a particular schedule to work out things with her team if they insisted on retracting the paper. They terminated her employment immediately, while she was on vacation, because of an email she sent to the ERG about it, and they didn't even inform her direct manager.

Whatever they accepted, it wasn't the resignation she offered.

(And even if they had done so, I expect the folks here to remain unhappy about the circumstances that lead up to her offering her resignation. It's not a thing you do if things are going well.)
geofft
·قبل 6 سنوات·discuss
Yes, that's obviously the preferred option, but in this particular case it seems like it didn't happen.
geofft
·قبل 6 سنوات·discuss
Hm, is this illegal in the US? From a brief search, I think that since the 2008 amendments to the ADA, temporary but severe injuries give you protection under the ADA, and being able to sit during standup seems like an entirely reasonable accomodation.
geofft
·قبل 6 سنوات·discuss
The Nick Coghlan quote seems a bit out of context - sure, there are all these things it does that multiprocessing doesn't do, but multiprocessing allows concurrency at all and this doesn't. The comparison makes sense if it's talking about no-shared-state concurrency, but this PEP is quite clear that it's only proposing no-shared-state ... single-threaded operation.

The rest of the section is sparse on what you actually do with it. It says that it "has the potential to be a powerful tool" but not what you do with the power. It says it's about "enabling the fundamental capability of multiple isolated interpreters" but it's not clear what the capability brings you. The only thing with some details is the first sentence - "Running code in multiple interpreters provides a useful level of isolation within the same process." But what is the level? It sounds like it gives you isolation for most things but not all, which is about as useful as a face mask with a breathing hole cut out in it.

It'd help to see a concrete answer of something you can build with this that you can't build without it (or perhaps not as easily/performantly/reliably/etc.). The Ceph PR, where they do something similar themselves (https://github.com/ceph/ceph/pull/14971), gives a good answer: "Notably, with this change, it's possible to have more than one mgr module use cherrypy." (But it's still not clear to me why the mgr can't just use multiple Python interpreters... ceph-mgr is kind of an amalgam of various useful services for your Ceph cluster, and it's never been clear to me why it has to be "the" manager with some modules instead of various independent services you can turn off/on as you need.)
geofft
·قبل 6 سنوات·discuss
From the PEP: https://www.python.org/dev/peps/pep-0554/

> A common misconception is that this PEP also includes a promise that subinterpreters will no longer share the GIL. When that is clarified, the next question is "what is the point?". This is already answered at length in this PEP. Just to be clear, the value lies in:

    * increase exposure of the existing feature, which helps improve
      the code health of the entire CPython runtime
    * expose the (mostly) isolated execution of subinterpreters
    * preparation for per-interpreter GIL
    * encourage experimentation
I think I'll ask the followup question - what is the point of those? Why should we increase exposure of an existing feature we know is not fully baked and we know will cause problems with NumPy/SciPy? How will the exposure improve the code health of CPython and who will do the improvement? What is the advantage in exposing isolated execution of subinterpreters? In what way does exposing this feature help prepare for a per-interpreter GIL? What experiments are being encouraged specifically?
geofft
·قبل 7 سنوات·discuss
Largeish company (engineering staff around 1000, I think?), and my team owns the OS platform (packaging, config management), hardware purchasing, and the installer, as well as our private cloud, which hosts a good chunk of services (notably including dev machines, notably excluding the most money-making parts of the business). A separate team is first-line sysadmin+SRE for most of the company, so we don't respond unless you can't install machines or if every machine is broken, or if the private cloud (as infrastructure, not a specific VM on it) is acting up.

Private cloud was originally a separate team, and we had about 5 people on a weekly rotation, where you'd do support and 24/7 on-call for a week. Now that we've merged, it's about a dozen people on the on-call rotation, though we still have a subteam of about 5 for the weekly rotation of who's paying attention to private cloud support tickets during working hours.

Thanks to some work that we did a bit after I joined, we got the off-hours paging to be much less frequent - in particular we no longer page if any hypervisor is down, only if either a whole availability zone is down, or a hypervisor hosting personal dev machines is down and it's business hours. (Otherwise, higher-level services ought to have failover between multiple VMs, and devs working odd hours can use backup machines.) Usually that second condition gets noticed by the support person (in Jira) before it escalates to the on-call person. So it's rare to have anyone actually paged, and it usually means something unexpected is on fire. So, any member of the team is as good as any other at figuring out what broke and whether it can wait until morning, which is why we were able to throw all of the combined team into the rotation without training them all in everything.

There are still improvements I want to do, but the expected number of pages rounds to zero (it looks like we've had 6 off-hours pages this year) so it's certainly manageable.