If China is bad, and the US is good, then why wouldn’t we want our military to have access to the same (or better) tooling than they have access to.

I’m so morally dilemma’d here

Meta, a US company, allows the US military to use its models. Omg! Let me clutch my pearls.

What’s the moral dilemma? China already took their model and is using it in their military.

Do you guys not want our military to have access to all of the possible tools they can?

You mad about Ford and GM building trucks and vehicles parts for the military too? Are you mad about Microsoft selling windows to the govt?

You just upset that it’s the military?

Where’s this line that’s been drawn where this is a moral dilemma??

My thoughts on it are: as a developer, if you flag the issue for your management, and they want to move forward, then you’ve done your part.

Maybe put an extra comment in the code for posterity’s sake.

It’s not ultimately your problem and what else are you going to do? Work unpaid nights and weekends to fix it for some guy who might run into a problem 8 years from now?

I don’t know exactly how crowd strike works, but this sounded like a “virus signatures” update (IE not a software update per se). And thats what caused the issue.

I think “real time virus protection” is why people use it so they expect the signatures to get updated asap/with little to no human intervention.

This is a crowd strike epic fail…for how they let their software blue screen systems with a virus signature update.

And roll it out in a controlled fashion: 1% of machines, 10%, 25%…no issues? Do the rest.

How this didn’t get caught by testing seems impossible to me.

The implementation/rollout strategy just seems bonkers. I feel bad for all of the field support guys who have had there next few weeks ruined, the sys admins who won’t sleep for 3 days, and all of the innocent businesses that got roped into it.

A couple local shops are fucked this morning. Kinda shocked they’d be running crowd strike but also these aren’t big businesses. They are probably using managed service providers who are now swamped and who know when they’ll get back online.

One was a bakery. They couldn’t sell all the bread they made this morning.

It depends on the software and situation of course, but if you are paying a contractor to develop/write a solution for you aka “government built” then the contractor that writes the code owns 0 of that code. It’s as if it was written by Uncle Sam himself.

Now, if the government buys software (licenses), the companies will retain ownership of their code. So if Uncle Sam bought Service Now licenses, the US doesn’t “own” service now. If service now extended capability to support the govt, the US still doesn’t own the license or that code in most cases.

Sometimes the government will even pay for a company to extend its software and that company can then sell that feature elsewhere. The government doesn’t get any benefit beyond the capability they paid for–ie they don’t own that code. That can work to the governments benefit though, because it can be used as a price negotiation point. “we know you can sell this feature to 50 different agencies if you develop it for us, so we only want to pay 25% of what you priced it at”.

But like it said, if it’s a development contract and the contractors build an app for the government, all of the contracts I’ve ever seen, have Uncle Sam owning it all. The govt could open source it if they wanted and the contractor would have no say.

That’s what we call GOTS products https://en.m.wikipedia.org/wiki/Government_off-the-shelf#:~:text=Government off-the-shelf (,for%20which%20it%20is%20created.

Vs COTS:

https://en.m.wikipedia.org/wiki/Commercial_off-the-shelf

With COTS, that’s where you’d see the ownership (depending on the contract/license agreement of course) remain with the vendor.

They explicitly do not, at least with every US federal contract I’ve ever seen. The govt owns the code that is written full stop.

If it’s working again all of the sudden I would lean towards f2b. I don’t know what your “timeout” is, but if f2b got tripped it would explain why you couldn’t get in yesterday but today it works (assuming your ban expires in 24hrs or so).

How does zellij do copy and paste? That’s the only thing keeping me from diving into tmux (beyond using it as a persistent terminal).

Apple wants the next generation. Kids love their watches. Parents don’t want to spend $500+ on a kids watch.

GPU with a ton of vran is what you need, BUT

An alternate solution is something like a Mac mini with an m series chip and 16gb of unified memory. The neural cores on apple silicon are actually pretty impressive and since they use unified memory the models would have access to whatever the system has.

I only mention it because a Mac mini might be cheaper than GPU with tons of vram by a couple hundred bucks.

And it will sip power comparatively.

4090 with 24gb of vram is $1900 M2 Mac mini with 24gb is $1000

Like he was saying, it’s more than just power loss. It’s a way of “sanitizing” the power as it comes in. This is “usually” not a problem. But dirty power is arguably worse than power outages. If the voltages fluctuate or get low for whatever reason that puts a big strain on your power supplies.

This could happen because you run a vacuum on the same circuit and your house is old, guy down the street electrocutes himself or the power coming in from the electric company is ‘dirty’ because they have an issue with transformers or up stream somewhere. It can be imperceptible to you, but your tech notices.

He didn’t. He wanted freax or something dumb. Someone talked him into Linux.

This comment chain made me chuckle. It’s such an “internet comment section” …trope? I don’t know the right word.

I know.

My response was to the previous comment.

In a non Tesla, if someone is locked in a car, what happens? There isn’t some secret “let me in” button. You just break a window. This is a dumb story.

Then break the fucking window if it’s an actual emergency.

Why did you get kicked out?

I switched the the snap package and it’s been rock solid and pain free the entire time.

I welcome any and all comments on why snap is Satan.

It highlighted some pretty glaring weaknesses in OSS as well. Over worked maintainers, unvetted contributers, etc etc.

The XZ thing seems like we got “lucky” more than anything. But that type of attack may have been successful already or in progress elsewhere. It’s not like people are auditing every line of every open source tool/library. It takes really talented devs and researchers to truly audit code.

I mean, I certainly couldn’t do it for anything semi advanced, super clever, or obfuscated the way the XZ thing was.

But I agree, that the fact we could audit it at all is a plus. The flip side is: an unvetted bad actor was able to publish these changes because of the nature of open source. I’m not saying bad actors can’t weasel their way into Microsoft, but that’s a much higher bar in terms of vetting.

It’s pretty hilarious when people act like being open source means it’s “more secure”. It can be, but it’s absolutely not guaranteed. The xz debacle comes to mind.

There are tons of bugs in open source software. Linux has had its fair share.