Isn't it β¦ odd β¦ that Trump just "happened" to meet an adoring devotee at Chick-Fil-A in Atlanta, a Black woman who hugged him, proving that Black people are just head over heels in love with Trump β
And she turns out to be an employee of the Georgia GOP?
All staged to create viral videos and all deeply insulting to African American voters, with the implication that they can be easily deceived and manipulated.
My startup (gettruss.io) released a few LLM-heavy features in the last six months, and the narrative around LLMs that I read on Hacker News is now starting to diverge from my reality, so I thought Iβd share some of the more βsurprisingβ lessons afterβ¦
Zum neuen Schuljahr erhalten SchΓΌlerinnen und SchΓΌler in #Hamburg ein bundesweit gΓΌltiges 0-Euro-Ticket. Die Aktion soll Familien entlasten β und kΓΆnnte dazu beitragen, dass der Fahrschein bundesweit dauerhaft erhalten bleibt."
Zum neuen Schuljahr erhalten SchΓΌlerinnen und SchΓΌler in Hamburg ein bundesweit gΓΌltiges 0-Euro-Ticket. Die Aktion soll Familien entlasten β und kΓΆnnte dazu beitragen, dass der Fahrschein bundesweit dauerhaft erhalten bleibt.
Ok wtf. So you're telling me that #Google #Chrome's #V8 #JavaScript engine was more #insecure than #Mozilla's #Spidermonkey after all these years? Because I'm pretty sure SM has been already doing plenty of the things mentioned in this article (I've touched on SM code plenty of times, so much more than I wanted because I worked on separating Spidermonkey from the monolithic #libxul, it's still hurting my brain...), even before the #Quantum rewrite. So even #PaleMoon which has been commonly trashed for being "old and insecure" is apparently more secure than Chrome, but most crucially it also disproves the long-standing blind belief by security freaks out there that Chrome is "more secure" than #Firefox when it's the other way around on many fronts...
Security isnβt a one-dimensional axis, but Firefox is making good progress. From 2020 to 2023, it did a good job catching up to Chromiumβs process separation with its Utility Process Overhaul: Firefox now has process separation between its components comparable to Chromiumβs.
Right now, SM is catching up to V8 on many areas; it removed its ineffective W^X mitigation in favor of focusing on making JIT Spraying implausible, which will take a long time to implement. Toolchain hardening is also catching up, as it looks like work on exploring CFI has resumed (no word on shadow call stacks or memory tagging but I imagine one of those will follow). Iβm optimistic that by the end of 2025, SMβs JIT will be safe for security-conscious users to enable.
Moreover, the V8 sandbox isnβt the same as the sandbox used to isolate content processes in Chromiumβs site/origin isolation, let alone what Firefoxβs Fission uses. There isnβt a Firefox equivalent to this yet.
WebAssembly in SM is JIT-only. Edge has a wasm interpreter (DrumBrake) which Chromium declined to upstream. So Edge is the only browser that can do wasm without JIT.
Jitless performance is usually fine, but sometimes very lacking.
MiniDebConf Belo Horizonte 2024 with presentations on Debian and Free Software, mostly in Brazilian Portuguese, is about to start in 2 weeks. Registation is still possible and volunteers are very welcome; the schedule is now available. See bh.mini.debconf.org/en/micronews.debian.org/2024/1713β¦ #debian
Features: βοΈ Navigate through your progress β Filter done/pending exercises βοΈ Skip to / continue at some exercise π Reset an exercise to start over
I am very excited about version 6 (coming soon) π
The Federal Republic joins 20 countries which have passed laws allowing people to declare their own legal gender. I hope someday this will apply across the whole EU.
On a more personal level, this means I can finally change my own legal gender to #nonbinary ππ³οΈββ§οΈ
If this ever applies across the whole EU, Poland is going to have one hell of an interesting problem. We encode gender as a single bit (the oddness or evenness of a specific digit in our national identification number). This is going to break so many things.
To be clear, I would fully support such an initiative, but the fallout would be quite interesting to watch.
If you're struggling or just want to improve, consider therapy with our sponsor BetterHelp ππ» https://betterhelp.com/mentourpilot for a 10% discount on you...
An anonymous reader quotes a report from The Guardian: Hospitals -- despite being places where people implicitly expect to have their personal details kept private -- frequently use tracking technologies on their websites to share user information wiβ¦
She's a former noble from Edafos* that developed a barbaric rage which she cannot control. Said rage lead her banishment to Asphodei*, left to her own devices. Begrudgingly, she's began to use the rage to her advantage, working as a mercenary. *these are both locations from our custom setting :PCW for image: Eye contact, a little blood, machetes #mastoart#art#pathfinder#ttrpg
πβοΈ Delighted to say that Tuta Mail protects you against βHarvest Now, Decrypt Laterβ attacks. Welcome to a quantum-safe email experience! π
What about emails between providers? Would you release some tool that'd allow encrypting/decrypting emails using TutaCrypt like you are able with PGP? Would tuta even allow sending encrypted emails to other recipients in that case? (Having to go to your website and decrypt emails using password does not count.)
As Snikket is still not available on the #Google Play Store, we've published a longer blog post about the situation, how to work around it using #FDroid, and the long path of stupid Google review responses that led us here.
very minor clarification: Google had accepted the version that reinstated the contact permission. This was live for a couple of days/weeks until they suddenly changed their mind. They didn't just outright rejected the update. gultsch.social/@daniel/1120841β¦
Interesting that you still had contact list integration soft disabled. That confirms that Google believes contact permission == uploads data. Considering how Google makes money that kinda makes sense I guess...
Google had accepted a version of #Conversations_im with address book integration that explicitly asks the user for consent to process the contact list locally on their device before requesting contacts permission. Our privacy policy included explicit wording w.r.t. local processing of the contact list.
However itβs unthinkable for Google that someone would request contacts permission and then not upload them. A few days later they changed their mind and threatened to remove the app again. #XMPP
When I was a very small person, my grandparents had a grandfather clock that sounded very much like this one. I called it the "uh oh" clock, because, to me, it was saying "uh oh," and it was usually associated with either bed time, or time to go home. I usually didn't want to do either of those things. That clock broke sometime before I turned four years old.
Some excellent modules just went totally open-source and public domain - and there are livestreams and educational benefits if you're trying to learn module design. Nice. cdm.link/2024/04/super-synth-oβ¦
via #spon
Seirdy
in reply to Job Bautista • • •Security isnβt a one-dimensional axis, but Firefox is making good progress. From 2020 to 2023, it did a good job catching up to Chromiumβs process separation with its Utility Process Overhaul: Firefox now has process separation between its components comparable to Chromiumβs.
Right now, SM is catching up to V8 on many areas; it removed its ineffective
W^Xmitigation in favor of focusing on making JIT Spraying implausible, which will take a long time to implement. Toolchain hardening is also catching up, as it looks like work on exploring CFI has resumed (no word on shadow call stacks or memory tagging but I imagine one of those will follow). Iβm optimistic that by the end of 2025, SMβs JIT will be safe for security-conscious users to enable.Seirdy
in reply to Seirdy • • •Tanith the Gay
in reply to Seirdy • • •Y, tho? Like, does'tve any meaningful performance advantages? Microsoft's Edge developers seemeda think't doesn't, at least in Chromium-based stuff.
Seirdy
in reply to Tanith the Gay • • •WebAssembly in SM is JIT-only. Edge has a wasm interpreter (DrumBrake) which Chromium declined to upstream. So Edge is the only browser that can do wasm without JIT.
Jitless performance is usually fine, but sometimes very lacking.