HackerTrans
トップ新着トレンドコメント過去質問紹介求人

B1FIDO

no profile record

コメント

B1FIDO
·6 か月前·議論
[flagged]
B1FIDO
·6 か月前·議論
[flagged]
B1FIDO
·6 か月前·議論
A funny thing about the "stages of grief" is that they are a total myth and the originator of the hypothesis never intended them to be abused this way.

Elisabeth Kübler-Ross did her research solely on people who were dying: people with terminal illnesses, and she studied how they coped with facing their own mortality. Not how other people did.

https://en.wikipedia.org/wiki/Elisabeth_K%C3%BCbler-Ross

And of course, even for a dying person, this may be total bunk. It is not like some programmed flowchart that people go through five stages of emotional stuff. This is just, like, a framework for further therapy.

I'm actually studying this stuff right now. In the 1980s and 1990s, "The Five Stages of Grief" were basically a household phrase, and everybody talked about them like they were real and true and invariable. But everyone doing the talking had never actually studied the research or even knew who proposed it. They were just parroting headlines.
B1FIDO
·6 か月前·議論
[flagged]
B1FIDO
·6 か月前·議論
I rented a car last July, and I specifically picked out a small one because I wouldn't need to carry any cargo or passengers around.

As soon as I drove off the lot, 3 warning indicator lamps lit up, including "Tire Pressure" so I stopped at a service station, thought for a moment, then drove back to the rental lot.

The other indicator had something to do with crash protection, and I think we worked out how to disable the system. After putting air into my tires, I was good to go.

So I'm thankful that those lamps indicated some actual conditions. I always kind of make a point of taking out the Owner's Manual and leafing through it, however briefly, just to see that it covers everything. They're still fairly comprehensive. I really appreciate that.
B1FIDO
·6 か月前·議論
"Not Gonna Lie": https://youtu.be/_ru0pnAnq7g?si=fKwnDNkRz6XQKDz5
B1FIDO
·6 か月前·議論
Sure, there's more than one way to skin a cat.

There are lots of non-technical users who navigate purely by doing a "google search" on whatever domain they're aiming for, too. Nobody said they were efficient about it.
B1FIDO
·6 か月前·議論
You may be surprised to learn that there are many types of botnets out there, and many use DNS queries for the C&C.

Although the GP wrote "53/tcp" that is a weird situation, because most (not all) DNS is over UDP.

One day I suddenly found my DNS resolver logs were very active with veritable gibberish. And it seems that my router had been pwned and joined some sort of nefarious botnet.

I only found this out because I was using NextDNS at the time, and my router's own resolver was pointed there, and NextDNS was keeping meticulous, detailed logs of every query.

So I nipped it in the bud, by determining which device it was, by ruling out other devices, and by replacing the infected demon router with a safe one.

But yeah, if your 53/udp or 25/tcp is open, you can pretty much expect to join a botnet of the DNS or SMTP-spam varieties.
B1FIDO
·6 か月前·議論
"installing software" sometimes still consists of

  curl | bash
So if you want to have a conversation about trusting curl and bash and random gists...

Like I said, I installed software in many ways back in the day. I typed it in; I loaded off cassette tape; I loaded off disk. One common denominator was loading from trusted sources. My Atari cartridges were store-bought and not homebrew. I went to B.Dalton mostly for the software, and got it shrinkwrapped from the publisher.

I had a number of classmates and colleagues who caught viruses and malware from loading and installing cracked software or untrusted programs... or even alleged porn, from shady sources. This is still a good way to get infected.

When I get on a friend's computer, I often have occasion to congratulate them for being uninfected, and it's nearly always because they "practiced good hygiene" in terms of loading only trusted software from trusted sources.

So you're correct, in that really nothing has changed. Back in 1983 you could certainly "sideload" crap from a pirate BBS and then suffer the consequences. And we all had choice words for people like that.
B1FIDO
·6 か月前·議論
Look we are talking about computers here. Computers don't understand or exercise actual trust as you describe it. Actual trust doesn't make computers work at all, because it doesn't exist in their world. So you need a proxy for it.

The security vetting, the authentication, the scans that are done, whether by Google Play or by F-Droid, are a process that tries to eliminate egregious abuses and basically curate the collection so that the users have something to actually trust. Now you understand that actual trust comes in degrees, right? I don't trust everything on Play equally. There are plenty of different types of trust relationships between me and the Play Store and the devs who put their apps on it.

But cryptographically, cybersecurity-wise, we need that CIA triad, and we need to authenticate that developers are who they say they are. And that authentication is the crux of cryptographic code signing. That we can trust that updates came from the source, and not a 3rd party injection or supply-chain attack. If Google or F-Droid countersigns it, then it's been through their vetting process as well. That's how cryptographic signing establishes trust relationships for computers.

If your computer doesn't trust an app or a driver, it won't download, install or run it. Since you cannot teach a computer "actual trust" there must be an analogue to this. And it's working fine. I don't know what you're on about "opposite to actual trust". If you don't trust Google Play, that's a you problem.
B1FIDO
·6 か月前·議論
[flagged]
B1FIDO
·6 か月前·議論
The US Civil War was along territorial lines, of course, and "Electric Boogaloo" will defy those clear delineations.

I believe we are seeing more of a https://en.wikipedia.org/wiki/Partisan_(military) type situation.

In rural areas, it may be the case that small towns and regions could be "on one side" or another, but obviously we see that in major urban centers, all different sides are mixed together, territorially speaking, and so the conflicts and "front lines" just sort of spill into the streets without a lot of uniforms or phalanxes or "us vs. them" delineation.
B1FIDO
·6 か月前·議論
While it is true that Silicon Graphics eventually acquired Cray Computer, they did it after the novel, and the film's release, but I would suppose that even before the 1996 acquisition that SGI and Cray machines were very good partners, like peas in a pod.

It is important to remember that nobody who operated a Cray did it in isolation. The supercomputers always require some extra workstations arrayed around it in order to get stuff done. Of course, there were remote connections too, but often there would be at least one sort of "dedicated user console" that was closely coupled to the supercomputer itself. I believe that some supercomputers of that era were poorly equipped to actually handle interactive user sessions, and that's why.
B1FIDO
·6 か月前·議論
Once, back around 2011 or 2012, I was using Google Translate for a speech I was to deliver in church. It was shorter than one page printed out.

I only needed the Spanish translation. Now I am proficient in spoken and written Spanish, and I can perfectly understand what is said, and yet I still ran the English through Google Translate and printed it out without really checking through it.

I got to the podium and there was a line where I said "electricity is in the air" (a metaphor, obviously) and the Spanish translation said "electricidad no está en el aire" and I was able to correct that on-the-fly, but I was pissed at Translate, and I badmouthed it for months. And sure, it was my fault for not proofing and vetting the entire output, but come on!
B1FIDO
·6 か月前·議論
[flagged]
B1FIDO
·6 か月前·議論
Well there is no "European military" per se and there will be no "Russia invades Europe" scenario, because "Europe" is a continent and not a sovereign nation.

What would happen is that Russia invades Poland, or Russia invades Romania or Bulgaria or something. Those are Eastern European countries. (I mean they all used to be Soviet bloc anyway.) Or Russia would invade Germany like the good ol' days. So whatever nation they invaded would sic their own armed forces on them, and their allies' too. NATO could jump into the fray.

Americans (and perhaps Russians too) often misunderstand how terribly small European nations are, really. They're mostly smaller than individual United States. So, less population, less time to transport stuff, fewer natural resources available in a sovereign context, etc. But lots of national borders.

So Russia won't invade "Europe" but they could go into one or more nations on the list.
B1FIDO
·6 か月前·議論
I mean actually the FSV that you refer to is a clone of the SGI IRIX utility, fsn, that was actually depicted on a live computer in the film.

SGI was well-known to the film industry, because their IRIX systems were basically the sine qua non of graphics workstations and powerhouses. SGI invested heavily in the graphical capabilities, including 3D rendering, and therefore when the industry graduated from Amigas with the "Video Toaster" they slid into SGI systems quite nicely.

So it stood to reason that a couple of them would show up in an actual film. How plausible it was to have SGI systems on-site at a Jurassic Park type lab? I don't know, but seems reasonable, if they were also crunching DNA numbers.
B1FIDO
·6 か月前·議論
What I'm talking about is actual trust. Like, there are cryptographic measures taken, certificates involved, code signing, that kind of thing.

You claim that you "can install anything" on Windows, but that is simply false. The system's Driver Signature Enforcement will prohibit the install of unsigned or invalid signatures on device drivers. Windows SmartScreen will also give you trouble by blocking unsigned apps.

So yeah, you can bypass these protective measures and "install whatever you want" ultimately, but it is basically the same process as sideloading on Android, isn't it? Disabling a bunch of protections that are there for your safety?

Your trust, honestly, doesn't mean jack shit. There is cryptographic signing, and certificate authorities, and processes to approve the certificates that authorized developers use. You don't got jack shit with your "trust" of Termux and Kodi. It means nothing to the end-user.

We do not work in "trust me bro" territory when it comes to signing software, anymore. I am sorry/not-sorry to say. It is very important to have a chain of trust that goes up somewhere above "goldenarm @ HN".
B1FIDO
·6 か月前·議論
No, that is not how you change search engines.

In Chrome on Android (and yeah, on desktop too) you just go into "Settings" and change your default search engine. I can choose between Google, Yahoo!, Bing, Yandex, or DuckDuckGo.

There are also custom searches through Wikipedia and other resources. You can use little shortcuts to get to almost any custom search you set up in advance.

This has been configurable by the user for a long, long, long time. This is not a surprise or a concession. This is built-in stuff by Google for Chrome. (Edge too, of course.)

Changing your browser, you can do, but it won't be comfortable. I have Edge installed on my Android, but it is not possible to run natively on Chromebook and the Android emulation is bad. I will not set Edge to my Default Browser because it messes things up. It is not a great experience to change your Default Browser on Android. I just go with Chrome and use Edge for specific tasks and topics.

You can set up all kinds of email services in the Gmail app, or you can install a native app. I use Outlook in both of those ways, and it's fine.
B1FIDO
·6 か月前·議論
[flagged]