HackerTrans
TopNewTrendsCommentsPastAskShowJobs

dmattia

no profile record

comments

dmattia
·2 года назад·discuss
They are sometimes required. Say you are on a mailing list for some company you gave your email to at some checkout counter one time, and you want to unsubscribe. You probably don't have an actual account with a login with that retailer, they just have your email address.

In this case, what alternative is there than having a magic link in the footer of that email that says "unsubscribe" that includes a token unique to that email address that acts as proof of owning an email account when you then click that link and ask to unsubscribe?
dmattia
·2 года назад·discuss
In California under CCPA, it actually goes beyond just frontend regulation and cookie banners, and into the realm of backend tracking management: https://oag.ca.gov/news/press-releases/attorney-general-bont...

The California Attorney General ruled that if a user presents a GPC signal, the company should update all of their backend systems to opt out of tracking in the same way as if the user clicked a "Do Not Sell My Personal Information" button.
dmattia
·2 года назад·discuss
Will it let me feel the breeze at the top of Half Dome?

Or have me chase a squirrel around after it stole my snacks?

Or have me feel the pride of accomplishing a long hike that I trained for?

Or let me talk with interesting people along the route and hear about their travels?

Or help me find an incredible pizza restaurant with concepts that aren't in my local suburban area?

Or give me the health benefits of hiking outdoors?

I'm not sure how a headset could ever obviate the desire for travel
dmattia
·2 года назад·discuss
It's almost certainly for the companies to pay less money, but with a more generous reading, I think it could be argued that that doesn't necessarily have to come out of employee salaries. That data could be used to:

- Set reasonable ranges to find the right candidates they are looking for faster and minimize hiring friction

- Standardize payment levels in a way that reduces legal liability in certain states like Colorado/California. Or the most generous reading of "reduces legal liability" would be "promoting fairness".

- Reduce the time spent by HR/other teams of negotiating or setting salaries, as they can simply target some target like "we want to pay more than 60% of companies like us"

- For budgeting/forecasting with new hires, this allows companies to have more confidence in their estimates as they plan hiring.

- Some companies now offer calculators even before you're hired with what your salary/compensation might look like, such as https://posthog.com/handbook/people/compensation

But yes, overall I do believe that most companies also expect a general reduction in salaries when they use these tools.
dmattia
·2 года назад·discuss
This seems to be only partially true when I read into it. The EU said that Microsoft would need to move their security tools into user-space (or at least to use the same APIs as are available in user-space). If they did that (like Apple has done), they could kick everyone out of kernel-space if they wanted.
dmattia
·2 года назад·discuss
They shouldn't. Microsoft should have APIs that enable security vendors to work in userspace.

The EU didn't say that Microsoft couldn't kick vendors out of the kernel, just that they couldn't do so without having the APIs available that would let security vendors operate outside the kernel.

Mac and Linux have such APIs, so CrowdStrike operates in user-mode on those platforms, so those platforms do not give security vendors the ability to crash the operating system.
dmattia
·2 года назад·discuss
This is fascinating, thank you for the info! If I am understanding, it would have then been difficult/impossible for CrowdStrike to create a user-mode only sensor without these equivalent APIs.

So I guess I'm not sure I see validity in the claims of those blaming the EU here. It seems as though the EU would have allowed Microsoft to kick users out of kernel-space if they had APIs that allowed making security products in user-space. Like Linux/Mac already appear to have.
dmattia
·2 года назад·discuss
Agreed, I definitely understand their reasoning. But I also found it a bit funny that the word "CrowdStrike" appears 27 times in a fairly short blog
dmattia
·2 года назад·discuss
I suppose I was expecting something more authoritative here. They confirm that there was an attempted read-out-of-bounds, as CrowdStrike said, but that's not really new information at this point. I suppose we'll need to wait for more detailed analysis from CrowdStrike at some point.

This post explains why security software has historically run in kernel-mode, and really seems to be pushing new technology that Microsoft has that would push security vendors into user-mode (with APIs that attempt to assist with many of the reasons why they have historically used kernel-mode).

Crowdstrike already runs in user-mode on both Mac and Linux (from what I can tell), and it seems like running in user-mode on Windows would significantly lessen the risk of catastrophic failures like a blue-screen-of-death. I know the bulk of the failures here belong to CrowdStrike, but I can't help but think about the fact that Apple kicked security vendors out of kernel-mode a ways back, and that if Windows had done similarly, an issue like this probably wouldn't have been possible. By even offering kernel-mode options to external vendors, I believe Microsoft is creating risk for themselves.
dmattia
·2 года назад·discuss
I used to like using homebrew on personal machines. But then as the person in charge of the dev environments at my company, I tried using homebrew packages for our devs but it just went horribly because homebrew don't have old versions.

- Different folks ran `brew install <foo>` at a different time? They may see different behavior

- I ran `brew install <foo>` after a coworker did? I may not be able to replicate whatever issues they are facing

- Someone new ran `brew install <foo>` on their new laptop? They may have an entirely separate major version of that library with breaking changes.

- Do I know if folks are using vulnerable, old packages? Nope!

- Does production use some database with version X, but homebrew only supports a client for version Y? Eh whatever, just have folks locally use version Y. What could possibly go wrong with using a different version locally vs in production.

I kept our own homebrew tap for a while and pinned versions. That was fine. But then I had to maintain that tap, and there wasn't any easy way I found for checking if the versions we kept in that tap had any vulnerabilities on any registry I could find.

Then I found Github Codespaces / devcontainers, switched everyone to use Linux inside Docker, used linux package managers to install pinned versions of everything we needed (using the same exact packages as we bundle into production), and scan my containers using a container vulnerability scanner nightly.

Instantly, 10+ hours of work per week for me vanished and I can now at least reproduce problems and fix them for everyone when they come up.
dmattia
·2 года назад·discuss
In my case, my wife has an iPhone, so I was able to setup an Apple Watch as my primary phone, while I do not have any phone other than my watch. So if you're on a family plan, maybe that's an option
dmattia
·2 года назад·discuss
Beautifully shown, thank you for making this. As a full-time RVer that spends a lot of time in national parks, this is quite useful.

Fun things I noticed:

- All the mountain parks are summer focused, which stinks a bit as I want to see them all but have limited time

- Great Smokey Mountains and Shenandoah have nice fall weather/leaves, and it's cool to see a bump in fall for them

- People go to Great Sand Dunes most in summer, which is when the sand is so hot it's painful to touch. There's great opportunity to camp there during the less busy seasons

- Likewise, it seems like too many people go to Zion when it's crazy hot. It's wonderful for a lot of the year, I just wouldn't go in Summer

- I'm shocked at how busy Isle Royale is compared to other parks, never would have guessed that
dmattia
·2 года назад·discuss
Disclaimer: I used to work on Google Search Ads quality models

> Google obviously tracks everything you do for ads, recommendations, AI, you name it. They don’t even hide it, it’s a core part of their business model.

This wasn't the experience I saw. Google is intentional about which data from which products go into their ads models (which are separate from their other user modeling), and you can see things like which data of yours is used in ads personalization on https://myadcenter.google.com/personalizationoff or in the "Why this ad" option on ads.

> and it’s very much not necessary or even a sound business idea for them to do something else

I agree that Apple plays into privacy with their advertising and product positioning. I think assuming all future products will be privacy-respecting because of this is over-trusting. There is _a lot_ of money in advertising / personal data
dmattia
·2 года назад·discuss
Say I have a pico cluster with a few service nodes and a few upstream clients register themselves, and then I deploy a new version of the service nodes where all existing service nodes are taken down and replaced.

Can the client still talk to the service nodes? Is this over the same tunnel, or does the agent need to create a new tunnel? What happens to requests that are sent from a proxy-client to the service nodes during this transition?

Or at a much higher level: Can I deploy new service nodes without downtime?
dmattia
·2 года назад·discuss
Looks like there is from the instructions in the getting-started guide: https://github.com/andydunstall/pico/blob/main/docs/getting-...
dmattia
·2 года назад·discuss
Thanks for confirming! Could you maybe update https://supabase.com/docs/guides/storage/s3/compatibility to include s3-esque presigning as a feature to track?
dmattia
·2 года назад·discuss
Yeah for sure! So you sort of need a phone paired with it, but only as in you need a family member (or someone on your phone plan) to have an iPhone, but the watch owner themselves doesn't actually need any other phone that the watch.

It's called "Family Setup": https://support.apple.com/en-us/109036, and it lets me use the watch in what is sometimes called "Standalone mode" or "Companion mode" in different apps.

If you go down this route, know that many apps in the app store will not be downloadable, as they don't support "Companion mode", but I can still get everything I personally needed just fine.

As far as the SIM goes, I think I'm using an electronic sim card? I'm not positive
dmattia
·2 года назад·discuss
I had a dumbphone for two years, it was fine.

For the past two years though, I've been using just an Apple Watch, which I was able to connect my old phone number to. It has maps, texting, calling (works best via bluetooth), weather, heart rate monitoring, alarms, email, sports scores, and some music apps. When attached to my wife's phone plan, it costs me $5 per month for all service.

I think the unfortunate reality of dumbphones is that of the folks searching for dumbphones, we all have fairly specific ideas on which features we want and which ones we don't, but there are only like 5 reasonable options available, and most don't hit the mark for many of us. If you want good maps, that rules out many. If you want a camera, that would rule out the watch like I use. If you want reasonable texting ergonomics that isn't speech-to-text, that rules out pretty much all of them
dmattia
·2 года назад·discuss
+1, my device is unfortunately too old to upgrade to iOS 17 and I wouldn't imagine this app would use too many new features
dmattia
·2 года назад·discuss
My understanding is that your docker image must have the lambda runtime interface client installed on the image in order to work.

It's not a huge step usually to add the RIC, but it's a bit more tied in to AWS than CloudRun is, which can run arbitrary docker images, if I understand.