cultural reviewer and dabbler in stylistic premonitions

  • 81 Posts
  • 332 Comments
Joined 3 years ago
cake
Cake day: January 17th, 2022

help-circle






  • i don’t usually cross-post my comments but I think this one from a cross-post of this meme in programmerhumor is worth sharing here:

    The statement in this meme is false. There are many programming languages which can be written by humans but which are intended primarily to be generated by other programs (such as compilers for higher-level languages).

    The distinction can sometimes be missed even by people who are successfully writing code in these languages; this comment from Jeffrey Friedl (author of the book Mastering Regular Expressions) stuck with me:

    I’ve written full-fledged applications in PostScript – it can be done – but it’s important to remember that PostScript has been designed for machine-generated scripts. A human does not normally code in PostScript directly, but rather, they write a program in another language that produces PostScript to do what they want. (I realized this after having written said applications :-)) —Jeffrey

    (there is a lot of fascinating history in that thread on his blog…)


  • The statement in this meme is false. There are many programming languages which can be written by humans but which are intended primarily to be generated by other programs (such as compilers for higher-level languages).

    The distinction can sometimes be missed even by people who are successfully writing code in these languages; this comment from Jeffrey Friedl (author of the book Mastering Regular Expressions) stuck with me:

    I’ve written full-fledged applications in PostScript – it can be done – but it’s important to remember that PostScript has been designed for machine-generated scripts. A human does not normally code in PostScript directly, but rather, they write a program in another language that produces PostScript to do what they want. (I realized this after having written said applications :-)) —Jeffrey

    (there is a lot of fascinating history in that thread on his blog…)






  • They have to know who the message needs to go to, granted. But they don’t have to know who the message comes from, hence why the sealed sender technique works. The recipient verifies the message via the keys that are exchanged if they have been communicating with that correspondent before or else it is a new message request.

    So I don’t see how they can build social graphs if they don’t know who the sender if all messages are, they can only plot recipients which is not enough.

    1. You need to identify yourself to receive your messages, and you send and receive messages from the same IP address, and there are typically not many if any other Signal users sharing the same IP address. So, the cryptography of “sealed sender” is just for show - the metadata privacy remains dependent on them keeping their promise not to correlate your receiving identity with the identities of the people you’re sending to. If you assume that they’ll keep that promise, then the sealed sender cryptography provides no benefit; if they don’t keep the promise, sealed sender doesn’t really help. They outsource the keeping of their promises to Amazon, btw (a major intelligence contractor).

    2. Just in case sealed sender was actually making it inconvenient for the server to know who is talking to who… Signal silently falls back to “unsealed sender” messages if server returns 401 when trying to send “sealed sender” messages, which the server actually does sometimes. As the current lead dev of Signal-for-Android explains: “Sealed sender is not a guarantee, but rather a best-effort sort of thing” so “I don’t think notifying the user of a unsealed send fallback is necessary”.

    Given the above, don’t you think the fact that they’ve actually gone to the trouble of building sealed sender at all, which causes many people to espouse the belief you just did (that their cryptographic design renders them incapable of learning the social graph, not to mention learning which edges in the graph are most active, and when) puts them rather squarely in doth protest too much territory? 🤔


  • That was me. I’m tired of FUTO fans derailing discussions about FLOSS with advocacy for their obviously-not-open-source software and insisting that it is open source.

    Every time Futo comes up, someone will insist it is open source, others will correct them, and soon more than 50% of a thread that is supposed to be about open source is people arguing about them.

    I’m pretty sure that Futo’s (now recanted) position that they were open source (despite the term having a clear definition which is very internationally recognized and which Futo’s license obviously does not meet) was an intentional marketing gimmick - “there is no such thing as bad publicity” and every time a bunch of people are arguing about them there is a chance they’ll get more customers (some of whom might even believe it is open source).

    I’ve counted 19 messages moderated

    Probably more than that even; more than I want to count. The modlog is public.

    and the post has been locked.

    The What’s the best open source keyboard for android? post where you commented has not been locked, but most of the futo-related comments in it are deleted. Note that while your comment was not advocating for futo per se, it was (successfully) encouraging others to continue the offtopic discussion. You could have answered your question by reading the modlog.

    I did lock another post in the same community (the topic of which is, again, Open Source), which was What are your thoughts on FUTO? (and I left a comment there explaining why).

    I generally try to assume good faith but I’m pretty sure some Futo proponents are actually just trolling at this point.

    I hope this answers your questions.






  • What the people here saying this “seems legit” are really saying is that, if the site is providing DRM content which you want to see, then it is indeed using this for its intended purpose (which is to prevent you from recording and/or retransmitting the stream). This is true, but, it doesn’t mean that the site isn’t also collecting your device identifiers and using them for some nefarious privacy-invasive purposes. And of course, they most likely are.

    So if I were you I would look for a pirated streaming website instead of running this proprietary software to watch a DRM’d stream. (The pirated site will probably also be privacy-invasive, but they won’t get your device ID… and you’re more likely to be able to block its ads.)




  • Arthur Besse@lemmy.mltoFediverse@lemmy.worldSuggested uncensored/open Pixelfed server?
    link
    fedilink
    English
    arrow-up
    29
    arrow-down
    2
    ·
    edit-2
    26 days ago

    What you want is not an “uncensored” server, but rather a server that is moderated in a way that you find acceptable.

    There is no such thing as an “uncensored/open” server. Or, when there is, it can’t last long. Every open server needs to delete some things, because if they don’t, their disk will soon be full of spam and CSAM and then the server will go away. Some servers claiming to be “uncensored” might allow nearly everything besides those two categories, but they tend to quickly become nazi bars.

    Sorry i don’t have any specific suggestion, but of the 61 servers listed here hopefully there is one with a moderation policy that is to your liking.