* Posts by Roml0k

12 posts • joined 12 Feb 2018

China and Russia join to battle 'illegal internet content,' which means what you fear it does


Satellite internet's a'comin

Since Musk, Amazon, and others are planning on peppering global LEO with internet satellites, I don't care. I'm still free; you can't take the sky from me.

This won't end well. Microsoft's AI boffins unleash a bot that can generate fake comments for news articles


the commentards are going to have a lot of fun in this article .

The gig (economy) is up: New California law upgrades Lyft, Uber, other app serfs to staff


Bug bounty platforms

> Bug bounty platforms also give clear criteria over the work product that they will pay for – which can be taken as directing work. And they pay people for their time and skills, as well as repeatedly refer to the “work” that the people that sign up to their platforms perform.

From my understanding as someone who has used HackerOne to receive bug reports on behalf of a company, it's the company whose products are being tested that sets the critera over what work will be paid for, and which decides and makes the payments (bounties) to hackers. AFAICT the platform merely facilitates the communications and transactions.

That said, HackerOne do offer paid managed accounts to companies, so it's possible this could affect their business relationship with those they contract directly to manage and triage those accounts, but they're not the ones doing the pen testing.

AR upstart Magic Leap reveals majorly late tech specs' tech specs


I am not able to apprehend the kind of confusion of ideas that could provoke such a question.

Why the heck are people even asking about multiplayer? Do they not understand the difference between hardware and software?

"I just got a new 8K HDR monitor!"

"Does it do multiplayer?"


Tesla inches toward GPL compliance in low gear: Source code forcibly ejected into public


Re: Fishy

> Uhh, no. If you play with the GPL, why aren't you forced to make available the modifications that you distribute in a timely fashion? Seems that the SFC are a little too cozy with Tesla.

They're damned if they do, and damned if they don't.

Bring a lawsuit (even after years of negotiations) and you get criticized for scaring companies away. Take time trying to convince them to open up voluntarily, and you get criticized for letting them get away with it for so long.

DevOps: Social, cooperative... It's gotta be really diverse, right?


> Maybe the only difference is that women put up with less shit.

This is somewhat borne out in studies of quitting rates (women are apparently 2x more likely to quit a job than men), but even this does not necessarily correlate to leaving STEM entirely.

The only stats quoted in the article compared STEM women to non-STEM women. I would be interested to see comparable stats for STEM non-women and non-STEM non-women before I'd make a claim that an issue is worse for any particular subgroup.

Eurocrats double down on .eu Brexit boot-out


> Or someone pointed out .eu was for Europe not the EU?

Judging by this latest proposal, it seems more like .eu is for Eurovision.

Tor ‘sunsets’ secure Messenger that never exited beta


Security is necessary but not sufficient

> “Why bother?” seems apt given the good range of secure messaging tools on offer these days.

If security were all Tor cared about, then the Tor browser project would have been shut down when HTTPS became mainstream.

No, the goal of the Tor project is to provide anonymity for the user. This is a much harder problem than just implementing end-to-end encryption on top of a centralised service. It requires not sharing, or leaking, any metadata to any party not directly involved a communication.

Happy as Larry: Why Oracle won the Google Java Android case


Re: Turning it around

> Where do you get the idea that your work should be "protected" against copying by other people?

Perhaps because of the amount of creative thought necessary to craft an intuitive, consistent, thorough, and future-proof interface to a system or application?

> An API, as a collection of names and definitions, is really just an emergent property of a software program. Even if you don't sit down in advance and plan an API in detail, one will spring into existence all by itself anyway, as a direct consequence of the existence of the program.

That's the kind of thinking that gives us unplanned, undesigned, agglomerated nightmares like PHP, or anything from Microsoft.

If that's your attitude to API design, then I can see why you'd think they can't be copyrighted, and perhaps some APIs shouldn't be. But I certainly hope to never again have to develop against such a thoughtlessly assembled API.

Fleeing Facebook app users realise what they agreed to in apps years ago – total slurpage


Re: This is what could really do Zuckwit and his company serious harm

> But if they've slurped data on INCOMING texts and calls and used that to build up data graphs on the phone numbers who made the calls and texts (who may well have not installed FB's app and therefore not given permission) then their goose is truly cooked according to some European countries' privacy laws.

I wonder if this kind of slurping doesn't also run afoul of California wiretapping law, which requires consent from all parties involved. IIRC, a 2015 ruling affirmed that collecting metadata without all-party consent can also count as a breach of wiretapping laws.

April FAIL as IETF's funny-but-dodgy draft doc arrives a week early


Trollptical illusion

Does the troll have an overbite, sharp teeth, and a wide nose; or does it have no nose, two tusks, and a spiky beard?

You can resurrect any deleted GitHub account name. And this is why we have trust issues


Re: Source code, source code, source code

> Doctor Syntax: What do you suggest?

All that's required, at minimum, is for the code-hosting sites to create a project-overview page, which allows the user to see the current status of all forks of a codebase. Importance of forks (eg. which comes top of the list) should be determined either democratically (eg. stars) or algorithmically based on metrics such as commit quantity; frequency; recency, bug reports, pull activity, etc.

> AC: I disagree that, on the balance of things, they are doing a disservice.

I disagree that you disagree!

I do indeed believe that GitHub & co. have been a net positive to development and collaboration in the free/open-source software community. I was only meaning that this particular issue of developer primacy was sub-optimal, and possibly harmful to sustained development.


Biting the hand that feeds IT © 1998–2019