deafboy @[email protected]

Design vs. Users

Bug in #Segwit, which can be a security vulnerability for hardware wallets and similar.
#Bitcoin isn't vulnerable itself, but users of Segwit wallets should ensure they upgrade if affected, before *sending* any new transactions.
(The solution is to not use a new technical-internals feature Segwit introduced.)

https://blog.trezor.io/details-of-firmware-updates-for-trezor-one-version-1-9-1-and-trezor-model-t-version-2-3-1-1eba8f60f2dd

So this works

"Google bans Podcast Addict app after 9 years for letting users play podcasts that reference COVID-19" -> https://reclaimthenet.org/google-play-suspends-podcast-addict/

"Google bans my events app for referencing Covid-19, or related terms"-> https://news.ycombinator.com/item?id=23221447

"Ask HN: How long has Google been censoring YouTube comments critical of China?"-> https://news.ycombinator.com/item?id=23221264

"Google deletes “communist bandits” 共匪 comments on Youtube globally."->https://news.ycombinator.com/item?id=23223219

🤔 Is there a new trend here? or just an old one?

Google is deleting YouTube comments including the word "共匪" within about 30 seconds of being posted. The word means "communist bandits" and is often used in comments critical of the Chinese government.

Source: https://news.ycombinator.com/item?id=23223219

https://drewdevault.com/2020/05/05/We-are-complicit-in-our-employers-deeds.html

https://drewdevault.com/2019/11/20/China.html

@sir It gets worse:

SYSTEM PROMPT (HUMAN-WRITTEN)
In a shocking finding, scientist discovered a herd of unicorns living in a remote, previously unexplored valley, in the Andes Mountains. Even more surprising to the researchers was the fact that the unicorns spoke perfect English.

MODEL COMPLETION (MACHINE-WRITTEN, 10 TRIES)
The scientist named the population, after their distinctive horn, Ovid’s Unicorn. These four-horned, silver-white unicorns were previously unknown to science.

Now, after almost two centuries, the mystery of what sparked this odd phenomenon is finally solved.

Dr. Jorge Pérez, an evolutionary biologist from the University of La Paz, and several companions, were exploring the Andes Mountains when they found a small valley, with no other animals or humans. Pérez noticed that the valley had what appeared to be a natural fountain, surrounded by two peaks of rock and silver snow.

Pérez and the others then ventured further into the valley. “By the time we reached the top of one peak, the water looked blue, with some crystals on top,” said Pérez.

Pérez and his friends were astonished to see the unicorn herd. These creatures could be seen from the air without having to move too much to see them – they were so close they could touch their horns.

While examining these bizarre creatures the scientists discovered that the creatures also spoke some fairly regular English. Pérez stated, “We can see, for example, that they have a common ‘language,’ something like a dialect or dialectic.”

Dr. Pérez believes that the unicorns may have originated in Argentina, where the animals were believed to be descendants of a lost race of people who lived there before the arrival of humans in those parts of South America.

While their origins are still unclear, some believe that perhaps the creatures were created when a human and a unicorn met each other in a time before human civilization. According to Pérez, “In South America, such incidents seem to be quite common.”

However, Pérez also pointed out that it is likely that the only way of knowing for sure if unicorns are indeed the descendants of a lost alien race is through DNA. “But they seem to be able to communicate in English quite well, which I believe is a sign of evolution, or at least a change in social organization,” said the scientist.

source: https://openai.com/blog/better-language-models/

The UI/UX department of the future will have only two employees, a hipster and a dog. The hipster will be there to feed the dog. The dog will be there to bite the hipster if they change the UI/UX.

Overheard on HN

the year is 2050. GTK is still preparing the move to version 4, and has collaborated with the FBI to assassinate anyone who mentions the filepicker thumbnail bug. qt stil has an open source version, but it requires you to have create an account with a valid email address and physical address, and limits applications to only containing one window.

microsoft is still "transitioning away from winforms" to the Multiversal Windows Platform, For Real You Guys, We're Doing It Platform. iOS desktop (formerly macOS) has deprecated all system widgets in favour of the cloud. google has created an artificial intelligence to randomly create and deprecate new GUI frameworks, rendering it essentially impossible for anybody but them to create android apps with "native GUIs".

the only usable framework is electron, but everybody hates it because bloat.

as people struggle to find a desktop ui framework that hasn't been bogged down into uselessness by licensing issues or lack of features, a saviour emerges from the heavens: java swing

Don't pay for expensive PDF editing tools – use LibreOffice Draw! Since LibreOffice 6.4, it lets you consolidate (join) multiple text boxes into a single one, which is great if you've imported a PDF and the text content is split up into lots of chunks: https://blog.documentfoundation.org/blog/2020/03/06/libreoffice-power-feature-join-text-boxes-after-importing-pdfs/

@sir

You're looking at a website describing some new tech which solves some problem

They're really excited about this project. A little bit too excited.

An uneasy feeling start to gnaw in the back of your head as you read on.

You scroll down. There it is.

"Blockchain"

*close tab*

"... a remote attacker within proximity can silently execute arbitrary code with the privileges of the Bluetooth daemon as long as Bluetooth is enabled. No user interaction is required ..."

https://insinuator.net/2020/02/critical-bluetooth-vulnerability-in-android-cve-2020-0022/

#security #infosec #android

The web was a mistake

A practical consequence of this is that I dislike the use of codes of conduct as an objective document. They're just boilerplate on top of "don't be a dickhead", which is the real missive enforced by project leadership. It's more important to identify if your values align with the leadership than if they align with a code of conduct, because at the end of the day the leadership is enforcing their values.

If the leadership tries to suspend their values to enforce the letter of a code of conduct, they leave loopholes large enough for bad actors to drive a truck through by weasel wording their behavior to be within the letter of the CoC, if not the spirit of it.

So instead, in my opinion, it's better to just skip this entirely. Projects should make clear who's in charge, and then govern themselves based on their own values, which they were going to do anyway. Participants should then consider if the leader's values align with their own, which they should be doing anyway. No further formalisms are necessary.