Something reminded me today of @chadaustin's argument that Go isn't a good language for application servers, laid out in this 2016 post: chadaustin.me/2016/04/two-kind… That post gives reasons why Haskell is better, while acknowledging its relatively poor usability. I wonder how Rust compares. I see people argue that Rust is better for special-purpose infrastructure servers than for application servers, because for the latter you want garbage collection, not Rust's ownership model.
I haven’t written Haskell or any serious product or business logic since then! I don’t personally enjoy Rust that much (to my surprise) but it has excellent compositional properties for large systems. And I think IMVU switched to C# on the backend to avoid dealing with GHC’s GC.
I do miss monads. No other mainstream language lets you restrict effects. Being able to say “you cannot do non-database IO inside of a transaction” was so good.
Accessibility is mainly a set of practices that allow practitioners to build their product in a way that does not introduce obvious barriers for users.
Have been listening to some of the episodes of this Computer Talk magazine from the 90's. oneswitch.org.uk/art.php?id=36…. I'm amazed at some of the stuff that these guys were getting up to, there is an article in one of the magazines which talks about using boot menus in DOS 6! I feel we've lost a bit of that technical prowess with the younger blind generation, maybe that's an overall decline?
“It cannot be stressed enough: Violence should have no place in American political life. But one cannot let the matter rest there…It took only minutes for Trump’s allies and supporters to turn the bloody episode into a battering ram against Democrats…” thebulwark.com/p/truth-about-p…
If you miss defragmenting your C drive, there's a website that lets you recreate the experience complete with hard-drive chunking sounds (visit defrag98.com/, the site is very accessible surprisingly enough) pcgamer.com/hardware/if-you-mi…
Provided to YouTube by OpusMožno · Pavol Hammel · PrúdyZvoňte zvonky℗ 1969 OPUS a.s.Lyricist: Ján MasarykComposer: Marian VargaAuto-generated by YouTube.
Love this story about Finland getting rid of private education and just making all schools good - and accessible - instead. There’s a reason the same countries keep coming top of the education charts inews.co.uk/inews-lifestyle/fi…
Heli Litja, 45, was one of the first students in a reformed Finland. Here, she explains what the UK might look like if private schools were abolished altogether
This only works well as long as you can trust your current government and all future governments that might possibly get elected.
Poland's system is a bit like that, and there are a lot of good things to be said about it to be sure, but the conservative government we had for the last 8 or so years has definitely abused the control they had over schools.
They massively increased the amount of time spent on teaching history, in a "Poland good, Germany bad" way of course, sacrificing of other subjects, particularly STEM. They also limited social studies / citizen's education and removed parts of the curriculum that were not quite favorable to that government's worldview.
The new government seems to be undoing some of this damage, but that's only going to last for as long as they're in power.
But who's going to implement the protections and what's going. to stop the government from just removing them?
Such a system would work if the protections are enshrined in some kind of constitution or an American-style "you can't change this for 30 years without a supermajority" bill, but if that's impossible, you need some kind of objective reality (like private schools) that makes this more difficult to do than changing some law.
@miki Existence of private education doesn't solve that. It just lets the elite opt out of caring when shit goes bad. The real mitigation is organizing and public backlash, not a pressure relief valve for the upper class.
Today I learned: There's a significant difference in mental wellbeing between liberals and conservatives, in favor of conservatives. It's most visible among young liberal Americans in recent years (which shouldn't be a surprise to anybody paying attention), but it has probably existed forever and has been consistently demonstrated in many different countries and age groups.
In a recent essay for Social Science & Medicine–Mental Health, epidemiologist Catherine Gimbrone and coauthors identified a significant gap in depressive attitudes between liberal and conservative teens.
Die Deutsche Telekom bietet seit vielen Jahren B2B-Dienstleistungen um Nutzer*innen auch mit wechselnden IPs tracken zu können. Mit festnetz.cool gründete ich ein disruptives Startup, welches…
Ne, kecám. Potřeboval jsem z Obi přivést žebřík a po cestě potkal Lenku s nákupem. Ale stejně mě baví vozit věci, který by se na kolo asi moc dávat neměly :D
Want to send a quick video message, postcard, image or announcement for the DebConf video loop? Just follow the instruction https://lists.debian.org/debconf-announce/2024/07/msg00000.html #debconf24 #debian
📣 Do-It-Blind DIB online Besprechung am Montag, 15. Juli, um 19:00 Uhr. Du bist eingeladen! bbb.metalab.at/rooms/joh-szv-o… Wöchentlich am Montag um 19:00 besprechen wir neue Formen der digitalen und inklusiven Zusammenarbeit. Mach mit! 🛠️ #make #blind #inklusion
Learn using BigBlueButton, the trusted open-source web conferencing solution that enables seamless virtual collaboration and online learning experiences.
Somewhat spicy headline this time, but been thinking about how GitHub's been feeling to me for awhile and seeing a feature I rely heavily on get worse made me realize: it feels like "GitHub", the traditional website, is being treated as a legacy product from corporate's perspective. It exists, lots of people use it, but it doesn't feel like the *future* of the site. Maybe time for me to really learn about other hosts and git clients.
Offensichtlich hat die DTAG offene Schnittstellen, die es jedem ermöglichen, umfangreiche Daten zu einem beliebigen Anschluss abzurufen. Einschließlich einer "Permanent ID" – Vorratsdatenspeicherung willkommen, Richterbeschluss unnötig 🤯
#Datenschutz #dsgvo – beides offensichtlich Schnuppe. Oder bei der DTAG opt-in, weiß ich nich so genau…
zu einem beliebigen oder nur zu dem, an dem man gerade hängt? Also aus "Dating-App" Server-Sicht, wo der Cookie-ablehnende, Inkognito-Surfende, sich anonym wähnende Nutzer hinter hängt?
festnetz.cool has been acquired by Deutsche Telekom AG 📠
Nach tagelanger harter Arbeit, weselskisch anmutenden Verhandlung und einem 7-stelligen Angebot hat die Deutsche Telekom AG im Rahmen eines People und Knowledge buyouts festnetz.cool übernommen.
Berlin, 11 July 2024 – LibreOffice 24.2.5 Community, the fifth minor release of the free, volunteer-supported office productivity suite for office environments and individuals, the best choice for privacy-conscious users and digital sovereignty, is a…
@iuvi Hi! You can submit enhancement requests here: bugs.documentfoundation.org – But of course, we're a volunteer-driven project with very limited resources. To get a new feature more quickly, you can consider helping our volunteers, or funding a developer. Thank you ☺️👍
You want do do many trains? And you want to do them from September on? And you want to do them 20% off?
Then I might want to tell you Interrail is on sale again!
https://www.interrail.eu/en/ni/discover-offseason-europe
@jm_rtr Wir haben den Grundriss im SVG Format aufgeteilt auf Mauern, Türen und Fenster und verschieden hoch linear extrudiert. Weiters haben wir unseren Beschriftungserzeuger verwendet. Die Quelle wird nach den Tests veröffentlicht werden. gitlab.com/projekt-define/defi…
In the wake of a certain ad-funded browser company bundling adtech into its browser yet again, some people have been recommending Ungoogled-Chromium (UGC). I think it’s fine to recommend UGC with caveats, such as the fact that it disables component updates that include:
Certificate revocation. Chromium uses downloaded CRLSets for revocation; it does not support OCSP.
Out of band security patches. When browser components have exploits in the wild, they need to be patched ASAP; updating billions of installations within time-frames measured in hours often means restartless out-of-band updates.
Out of band certificate bundle updates.
If you assume Google uses its component update server logs maliciously, you may wish to consider a fork that still offers component updates provided by a different party’s servers.
UGC disabled mDNS at one point. This exposed local IP addresses over WebRTC for years, but they seem to have shipped a fix in May 2023 to disable non-proxied UDP.
UGC also disables the Chrome Web Store in favor of installing extensions out of band. Make sure you regularly update your extensions installed out-of-band, since UGC won’t do it on its own. Some scripts and a special extension re-implement some of this functionality.
Overall, UGC is still safer than QtWebEngine despite making heavy compromises to security for privacy (though I can’t see how either benefited from disabling mDNS: I’m not aware of threat models under which revealing a local IP to every application is preferable to revealing it to just Google). Running UGC is fine if you understand these trade-offs and have accounted for them. I use it in headless mode to run accessibility and performance tests.
My personal IndieWeb site. I write about and develop software to promote user autonomy. Topics include accessibility, security, privacy, and software freedom.
oh and I never recommend QtWebEngine-based browsers. No component updates and extremely behind on regular updates, almost never built with Chromium’s LLVM toolchain hardening, extra fingerprintable…the list goes on. QtWebEngine is great for rendering mostly-trusted webpages but is definitely not ready to be a fully capable browser.
Re. toolchain hardening: to be fair, distros often don’t build Chromium itself with its toolchain hardening and most replace vendored hardened dependencies with system libraries. Fedora and Arch do it well enough (they still make it use system libraries without LLVM hardening but otherwise build it right); older Fedora versions patched Chromium to build with GCC!
@lispi314 something equivalent to the Tor Browser’s “safest” profile would make if better, but not adequate for most people. ideally it’d have something to handle certificate revocation and a faster-updating certificate bundle.
It’s hard to target browsers’ secure profiles. Safari’s Lockdown Mode disables a dozen or so APIs and a handful of other features; the Tor Browser disables
CRL vs OCSP vs OCSP Stapling vs OCSP Must-Staple. Everyone knows Steve Gibson is a highly unreliable source on infosec, but his old post about the certificate revocation problem is mostly accurate. grc.com/revocation/ocsp-must-s…
@niconiconi @lispi314 Google is pushing for lower lifetimes instead. Lifetimes under 10 days make OCSP obsolete; if enough certs do this revocation becomes a lot easier to manage.
Must-Staple is essentially a short-lived certificate that only certain clients benefit from. Hell, even curl doesn’t check revocation status by default.
I use and recommend must-staple but I also recognize that only a small minority of sites will adopt it, and the right solution is to gradually reduce cert lifetimes to reduce the amount of revoked certs in circulation and make CRLSets/CRLite/Let’s-Revoke easier to pull off.
@niconiconi @lispi314 Outright stripping support for OCSP from your TLS stack, as Google did to BoringSSL and Chromium, is 100% premature though. We should move away from OCSP only after the alternatives are enough.
@niconiconi I'm not sure I'm a fan of certificate lifetimes that start getting dangerously close to the downtimes people can have in areas with crumbling infrastructure.
@lispi314 @niconiconi Incremental improvements reduce the odds of exploitation. Not all sites need to make this transition, and every little reduction reduces the odds of a bad cert being in circulation. At scale, this translates to a reduction in incidents.
Domains that can’t do short lifetimes can benefit from the now-less-crowded revocation lists.
TLDR: every week we shave off from the average certificate lifetime, the less revocation incidents occur. The less revocation we have to deal with, the simpler the problem becomes. This isn’t an all-or-nothing situation.
It's tragic to me that the KDE world gave us KHTML which became the basis for WebKit and later Blink, but now Blink is the only viable browser engine in Qt. 😒
@LadyStrawberries @RL_Dane khtml has not been ported to KF6, IIRC (I might be wrong!). so current versions have no KHTML support. If you wrote such a port it’d support the option.
All distros I know of make QtWebEngine’s KF6 wrapper a dependency of Konqueror (I think it’s calls KWebEngine or something) and make it the default renderer.
D'ya think it's fine that the Jellyfin desktop app uses't assuming I trust my Jellyfin instance admins? Idk but we always had bugs w Jellyfin in-browser for some reasons but w the desktop app't works fine.
that thread made me skim the implemtation bugzilla.mozilla.org/show_bug.… and it is pseudo mdns supposed to only exist within the ice transport... too-clever over-engineered hacks like this WILL have bugs as soon as nobody is looking. should have been just a 2 line ip alias hack. freaking googlers astroturfing complexity for promotions.
the policy change assumes proxied udp is an option. some people may not have NAT loopback. mdns is the most robust option here, and it’s already been part of chromium for longer than it was used for WebRTC privacy.
This blog post is the text version of an infographic created for Instagram, with minor tweaks to formatting. It is meant to serve as a jumping off point for research, as one post can only hold so much. We encourage you to check out the citations.
Beta3 of NVDA 2024.3 is now available for download & testing. Changes from Beta2 include Add-on update notifications no longer appear when running the NVDA installer & updates to translations. Read more & download from: nvaccess.org/post/nvda-2024-3b…
Highlights of 2024.3 include notification of add-on updates, Unicode normalisation options, Help Tech Activator Pro display support, mouse wheel scrolling commands, bug fixes for emoji panel & browsers
Beta3 of NVDA 2024.3 is now available for download and testing. For anyone who is interested in trying out what the next version of NVDA has to offer before it is officially released, we welcome yo…
As antisemitism is rising globally. And as a result, it is swelling online. It is a duty for not just the Jewish community, but for the people who claim to be our allies, to know this information.
yet again, some people have been recommending Ungoogled-Chromium (UGC). I think it’s fine to recommend UGC with caveats, such as the fact that it disables component updates that include:
Chad Austin
in reply to Matt Campbell • • •Matt Campbell
in reply to Chad Austin • • •Chad Austin
in reply to Matt Campbell • • •I haven’t written Haskell or any serious product or business logic since then! I don’t personally enjoy Rust that much (to my surprise) but it has excellent compositional properties for large systems. And I think IMVU switched to C# on the backend to avoid dealing with GHC’s GC.
I do miss monads. No other mainstream language lets you restrict effects. Being able to say “you cannot do non-database IO inside of a transaction” was so good.