Sounds sooooo second class to me. I only deal with first class languages so I can enjoy my curry with a satisfying closure 🎩 👌

That’s a lot of dough

I think this one can be attributed to, “mere poor taste” and a lack of imagination.

If I were in charge of the leading image in the article I’d replace “cloud” with “shitstorm emoji” in the prompt. Then it would make more sense and be more applicable to VMWare.

I have a Giant Sulcata Tortoise. She’s almost 100lbs.

Super easy to care for. She mows the lawn to eat but St Augustine grass doesn’t have all the nutrition she needs so we supplement her diet every two days with some fresh lettuce, fruit, and tortoise pellets.

Right now our yard is full of pumpkins donated by our neighbors that she enjoys very much (her poops turned a bit orange, haha). Watching her eat them is a surprisingly satisfying and relaxing experience.

Her home is an old lawnmower shed that my father-in-law had lying around and she goes into it every night (we cut a tortoise-shaped hole in the front and put some “baggage flaps” over it to keep the heat in). Interestingly, we didn’t need to “train” her to go in there she just figured it out on day 1 and settled in the very first night.

She comes when she’s called and loves to come see us when we’re out in the yard (hoping for treats!). We often get the leftover produce from Publix that’s going to be thrown away and feed her that. She doesn’t care that the lettuce has gone all wilty or about damaged fruit so it’s better than sending it into the trash 👍

Skintimidators

They never even got a license to do it in the first place!

Maybe we should take a page from the Trumpers here and declare it a conspiracy!

The deep state doesn’t want people following Harris! They don’t want you to know about it. They think they know better than you!

“Let me tell you, folks, I know how to follow people and this Twitter situation smells. I know all about smelling. Smells. Smelling. Smell… Ling! The word just sounds awful, right? They want you to smell things. They’re coming for your smells!”

Haha, yeah… This is Elon Musk’s X.com we’re talking about. It’s just sheer incompetence and the usual buggy bullshit. We should expect this as normal X behavior at this point. Is anyone really surprised that X is suddenly throwing errors when users try basic functionality? Come on. The platform is garbage and that’s not even taking account the garbage present on the platform.

At my company I use a virtual desktop and it was restored from a nightly snapshot a few hours before I logged in that day (and presumably, they also applied a post-restore temp fix). This action was performed on all the virtual desktops at the entire company and took approximately 30 minutes (though, probably like 4 hours to get the approval to run that command, LOL).

It all took place before I even logged in that day. I was actually kind of impressed… We don’t usually act that fast.

what common “basic hygiene” practices would’ve helped

Not using a proprietary, unvetted, auto-updating, 3rd party kernel module in essential systems would be a good start.

Bank in the day companies used to insist upon access to the source code for such things along with regular 3rd party code audits but these days companies are cheap and lazy and don’t care as much. They’d rather just invest in “security incident insurance” and hope for the best 🤷

Sometimes they don’t even go that far and instead just insist upon useless indemnification clauses in software licenses. …and yes, they’re useless:

https://www.nolo.com/legal-encyclopedia/indemnification-provisions-contracts.html#:~:text=Courts have commonly held that,knowledge of the relevant circumstances).

(Important part indicating why they’re useless should be highlighted)

I don’t think anybody is facing any consequences for contracting with CrowdStrike.

This is the myth! As we all know there were very serious consequences as a result of this event. End users, customers, downstream companies, entire governments, etc were all severely impacted and they don’t give a shit that it was Crowdstrike’s mistake that caused the outages.

From their perspective it was the companies that had the upstream outages that caused the problem. The vendor behind the underlying problem is irrelevant. When your plan is to point the proverbial finger at some 3rd party you chose that finger still–100% always–points to yourself.

When the CEO of Baxter International testified before Congress to try to explain why people died from using tainted Heparin he tried to hand wave it away, “it was the Chinese supplier that caused this!” Did everyone just say, “oh, then that’s understandable!” Fuck no.

Baxter chose that Chinese supplier and didn’t test their goods. They didn’t do due diligence. Baxter International fucked up royally, not the Chinese vendor! The Chinese vendor scammed them for sure but it was Baxter International’s responsibility to ensure the drug was, well, the actual drug and not something else or contaminated.

Reference: https://en.wikipedia.org/wiki/2008_Chinese_heparin_adulteration

everyone’s real time, budget, energy, and attention is almost always focused on the next big release, or bug fixes in app code, and/or routine desktop support issues pointless meetings, unnecessary approval steps that could’ve been automated, and bureaucratic tasks that have nothing to do with your actual job.

FTFY.

Yes but only in Windows land do you see jillions of (proprietary) drivers made by 3rd parties. Many of which self-update.

Turn It Up by Tobu: https://open.spotify.com/track/5PZNin9mayGvwAZvEkjZOg?si=P0FqY40CSF2MkcE5oIbPLQ

…and as a bonus here’s the music that plays when I enter a room:

https://open.spotify.com/track/2mvqeeSqy3MupNzgykYLVa?si=PH34Z_0nSTqjualZij23qA (We Stan a Good Puppo by Lil Hank)

That’s probably why Goldman Sachs is against AI all the sudden: They didn’t invest much in it and now everyone else is reaping gains in the stock market that they failed to take advantage of.

There’s not even any evidence that anyone actually printed it 😤

I can answer one of these criticisms regarding innovation: AI is incredibly inefficient at what it does. From training to execution, it’s but a fraction as efficient as it could be. For this reason most of the innovation going on in AI right now is related to improving efficiency.

We’ve already had massive improvements to things like AI image generation (e.g. SDXL Turbo which can generate an image in 1 second instead of 10) and there’s new LLMs coming out all the time that are a fraction of the size of their predecessors, use a fraction of the computing power, and yet perform better for most use cases.

There’s other innovations that have the potential to reduce the power requirements by factors of one thousand to millions such as ternary training and execution. If ternary AI models turn out to be workable in the real-world (I see no reason why they couldn’t) we’ll be able to get the equivalent of ChatGPT 4 running locally on our phones and it won’t even be a blip on the radar from a battery life perspective nor will it require more powerful CPUs/GPUs.

Why limit it to black VS white? Go lizard or amphibian or fish or something. Just making the people black isn’t that interesting.

How to tie her shoes the instant/quick way. She’ll be the coolest kid to all her peers and even amaze other parents who witness it…

https://youtu.be/Q5qZpQe_4EA?si=6fPhLyHs5BwJoaoA

(I have no affiliation with that channel it was just the first thing that came up when I searched)

This is a, “it’s turtles all the way down!” problem. An application has to be able to store its encryption keys somewhere. You can encrypt your encryption keys but then where do you store that key? Ultimately any application will need access to the plaintext key in order to function.

On servers the best practice is to store the encryption keys somewhere that isn’t on the server itself. Such as a networked Hardware Security Module (HSM) but literally any location that isn’t physically on/in the server itself is good enough. Some Raspberry Pi attached to the network in the corner of the data center would be nearly as good because the attack you’re protecting against with this kind of encryption is someone walking out of the data center with your server (and then decrypting the data).

With a device like a phone you can’t use a networked HSM since your phone will be carried around with you everywhere. You could store your encryption keys out on the Internet somewhere but that actually increases the attack surface. As such, the encryption keys get stored on the phone itself.

Phone OSes include tools like encrypted storage locations for things like encryption keys but realistically they’re no more secure than storing the keys as plaintext in the application’s app-specific store (which is encrypted on Android by default; not sure about iOS). Only that app and the OS itself have access to that storage location so it’s basically exactly the same as the special “secure” storage features… Except easier to use and less likely to be targeted, exploited, and ultimately compromised because again, it’s a smaller attack surface.

If an attacker gets physical access to your device you must assume they’ll have access to everything on it unless the data is encrypted and the key for that isn’t on the phone itself (e.g. it uses a hash generated from your thumbprint or your PIN). In that case your effective encryption key is your thumb(s) and/or PIN. Because the Signal app’s encryption keys are already encrypted on the filesystem.

Going full circle: You can always further encrypt something or add an extra step to accessing encrypted data but that just adds inconvenience and doesn’t really buy you any more security (realistically). It’s turtles all the way down.

It’s not enough that they’re cross. They want you to be cross too!