@glyph@mastodon.social avatar

glyph

@glyph@mastodon.social

he/him

You probably heard about me because I am the founder of the Twisted python networking engine open source project. But I’m also the author and maintainer of several other smaller projects, a writer and public speaker about software and the things software affects (i.e.: everything), and a productivity nerd due to my ADHD. I also post a lot about politics; I’d personally prefer to be apolitical but unfortunately the global rising tide of revanchist fascism is kind of dangerous to ignore.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

glyph, to random
@glyph@mastodon.social avatar

Until there is a definitive adjudication of the copyright status of LLM training data, it is deeply irresponsible to use Github Copilot for open source. I will refuse contributions created with it on any project I'm involved with, as well as permanently ban any user caught sneaking in Copilot-generated code in defiance of this rule. I would strongly encourage all maintainers to take this stand as well. License headaches are already bad enough without secret poison pills being injected.

eb, to security
@eb@social.coop avatar

Unfolding now: https://news.ycombinator.com/item?id=39865810

An incredibly technically complex in xz (potentially also in libarchive and elsewhere) was just discovered. This backdoor has been quietly implemented over years, with the assistance of a wide array of subtly interconnected accounts:

The timeline on this is going to take so long to unravel

glyph,
@glyph@mastodon.social avatar

@eb "I never thought a sophisticated APT would backdoor my volunteer-maintained infrastructure that I got for free" sobs entire industry who voted for the "volunteer-maintained infrastructure that I get for free with no defense against sophisticated APTs" party

glyph,
@glyph@mastodon.social avatar

@eb I really hope that this causes an industry-wide reckoning with the common practice of letting your entire goddamn product rest on the shoulders of one overworked person having a slow mental health crisis without financially or operationally supporting them whatsoever. I want everyone who has an open source dependency to read this message https://www.mail-archive.com/xz-devel@tukaani.org/msg00567.html

glyph, to random
@glyph@mastodon.social avatar

The difference between “continuous deployment”, “continuous delivery” and “continuous integration” is the difference between the eternal torments of sisyphus, tantalus and prometheus, respectively

glyph, to random
@glyph@mastodon.social avatar

Proposed new jargon: “toothbrush botnet” to mean “unfounded public panic about an information security threat derived from incompetent journalism about hypothetical scenarios”

Example usage: “it turns out juice jacking was just a toothbrush botnet”

glyph, to random
@glyph@mastodon.social avatar

Today's Redis news is an unfortunate reminder that while open source itself is a public benefit to society, within our economic system if you are the provider of a public benefit to society, that's an inefficiency in your business that there will be constant pressure to eliminate. The more capital investment the provider accepts from others, the more pressure there will be on management to remove that inefficiency.

glyph, to random
@glyph@mastodon.social avatar

One of my litmus tests for a software product these days is that, if it has search, I should be able to search for a nonsense phrase and get an answer that says “no results”. Every website and app is so damn thirsty for clicks now that it will just show an infinite scroll of useless garbage no matter what I’m looking for, which means I can’t get “no results” and then refine my search quickly, I have to page through the “results” to see if they’re plausibly related to my query. Please stop it.

glyph, to random
@glyph@mastodon.social avatar

what if we prepared for doomsday by just preventing doomsday

glyph, to random
@glyph@mastodon.social avatar

New Blog: A Grand Unified Theory of the AI Hype Cycle https://blog.glyph.im/2024/05/grand-unified-ai-hype.html?utm_source=dlvr.it&utm_medium=mastodon

glyph, to random
@glyph@mastodon.social avatar

Super mad at Apple again tonight as I realize that you cannot have the Music app without Radio, the TV app without trailers for TV+, the or the Podcasts app without an un-hideable screen full of hideous murder-related content or the app store without exploitative IAP gambling-for-kids garbage. I can lock down a device so that a child can't listen to songs with the F-word in them but there is no way to say DO NOT SHOW THEM ENCOURAGEMENTS TO GAMBLING ADDICTION.

glyph,
@glyph@mastodon.social avatar

I do not want to be given iron-fisted control over my child's media habits, particularly as they grow up, but every "parental controls" app and setting is based on the idea that I need a way to prevent my kid from learning that trans people exist or that people say "shit" sometimes, not that I want to just give them a device which has the stuff that we have put on it that does not advertise other things to them constantly. I have no interest in preventing them from seeking out information.

glyph, to random
@glyph@mastodon.social avatar

Yesterday my kid was explaining how to do something on their iPad, and they told me "first you have to go into the debugger", which really threw me for a loop. After asking a few questions about it, it became clear that the "debugger" was the multitasking view. When I asked why they were calling it the "debugger", they said "because that's where you go if an app has a bug, you throw it off the screen to get the bugs out". Apparently "debugger" was a word of their own invention, in this context

glyph, to random
@glyph@mastodon.social avatar

I just want to write some code, maybe make some music, maybe draw some pictures.

I don't want to be mad about blockchains, I don't want to be mad about GenAI, I don't want to be mad about terrible backfiring "think of the children" legislation, I don't want to be terrified about the rising tide of bigoted, racist fascism ending democracy in my lifetime.

I don't want you to have to be mad about all that either.

I wish the world would leave us all alone for a little bit.

glyph, to random
@glyph@mastodon.social avatar

My latest article, "Safer, Not Later: How “Move Fast and Break Things” ruined the world by escaping the context that it was intended for."

https://blog.glyph.im/2023/12/safer-not-later.html

glyph, to random
@glyph@mastodon.social avatar

It seems silly but mastodon’s retreat from the language of “toots” and now even “boosts” ( they’re “reblogs” in the official app now ) is exactly the same dumb-as-rocks discarding of a recognizable brand that Xitter is doing

glyph, to random
@glyph@mastodon.social avatar

I have worked on date/time systems https://xkcd.com/2867/

glyph, to random
@glyph@mastodon.social avatar

Hello UI designers. Please stop putting present-relative dates on things. It’s bad. If you put “1 second ago” on some data and I leave the tab open, I will be dismayed when I look at it 3 hours later and the thing that I thought should have happened 3 hours ago happened 1 second ago. Before you say you are going to keep things up to date with javascript or websockets: no you aren’t. You’re going to fuck it up. Correction: you already fucked it up. 1 second ago.

glyph, to random
@glyph@mastodon.social avatar

New Blog: Software Needs To Be More Expensive https://blog.glyph.im/2024/03/software-needs-to-be-more-expensive.html?utm_source=dlvr.it&utm_medium=mastodon

glyph, to random
@glyph@mastodon.social avatar

I'm pretty sure I'm not the first to come up with this scenario, but one possible outcome of the various bits of copyright litigation and AI hype this year is that data with a strict chain of custody or timestamp that can be validated as pre-2019 or so will be a new category of highly valuable artifact, "low-background training data", the low-background steel of the information age https://en.wikipedia.org/wiki/Low-background_steel

glyph, to random
@glyph@mastodon.social avatar

My kid just wanted to do an impression of me giving a talk and they shifted into a much louder register and said “blah blah blah apple blah blah blah python blah blah blah docker blah blah blah” and I have never been roasted so hard in my life

glyph, to random
@glyph@mastodon.social avatar

New Blog: How To PyCon https://blog.glyph.im/2024/05/how-to-pycon.html?utm_source=dlvr.it&utm_medium=mastodon

glyph, to random
@glyph@mastodon.social avatar

This is a subtoot of like nine different things at once, but, fellow progressive/left-leaning friends: please for the love of all that is good in the world just stop ranting about "capitalism". if you think some feature of our current market system is bad, just like, describe the market mechanism and the incentive it creates and the bad outcomes of the incentive. Criticizing "capitalism" is like criticizing "evil" at this point. it's so nonspecific and nebulous that it's counterproductive.

glyph, to random
@glyph@mastodon.social avatar

As everyone under 40 in infosec tires of the “Hackers” aesthetic plastered on everything by us tedious elder millennials, one thing that I think gets lost, particularly for younger folks, is that the movie isn’t just goofy camp. I mean, obviously, it’s heavily fictionalized, but there really was a hacking subculture kind of like the one depicted in it in New York in the 1990s. I barely grazed the outer periphery of it myself, and I sometimes wonder if anyone did a serious ethnography of it.

glyph,
@glyph@mastodon.social avatar

At one point as a teenager I did arrange a physical swap of “hacking” software on floppy disks in a series of posts on a BBS using coded language. We rollerbladed to a laser tag arena and traded the disks inside. Everything I have done since then has been determinedly less cool, so I understand the yearning for the prelapsarian past, even if I recognize the impulse as problematic and reactionary. But we did lose something.

glyph, to random
@glyph@mastodon.social avatar

LB: if you are a founder of an actually useful business that uses "AI" technology in some defensible way, you should be glad that everyone viscerally hates it so much in public. the sooner we can get out of this "AI" hype cycle, the sooner your investors will stop demanding that you slather "AI" branding all over everything, the sooner you can talk about what your product specifically does and what value it provides and stop blathering about "AI" vaguely.

glyph,
@glyph@mastodon.social avatar

I think this is why GenAI sounds so much like a cryptocurrency scam to a lay audience. When Microsoft launched the Xbox they didn't spend hours talking about the wafer lithography they used for the GPU, they just told you about video games. The iPhone announcement talked about listening to music and using a web browser, the relative merits of capacitive and resistive touchscreens. But Blockchain and GenAI hype both have this obsession with minor details that really should not be user-visible.

glyph, to random
@glyph@mastodon.social avatar

As someone who genuinely loves many apple products and would like to see the company do better, this makes me very happy. As @mcc has previously noted, my expectations for the outcome of this process are low (the antitrust system in the US famously does not function very well) but the rhetoric alone here has the chance of changing some behavior. https://toot.cafe/@slightlyoff/112134855225973806

glyph,
@glyph@mastodon.social avatar

Even if you're an Apple stan and think the company really has no motivation but a sincere desire to protect users, and government regulators are bad product designers and this will make things worse… even so, this is Apple's fault. The handwriting has been on the wall for years. They should've figured out a way to self-regulate by now. Because the appearance of impropriety clearly exists, and has now been called out on multiple continents. This is not one regulator with a bias.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • thenastyranch
  • rosin
  • GTA5RPClips
  • osvaldo12
  • love
  • Youngstown
  • slotface
  • khanakhh
  • everett
  • kavyap
  • mdbf
  • DreamBathrooms
  • ngwrru68w68
  • provamag3
  • magazineikmin
  • InstantRegret
  • normalnudes
  • tacticalgear
  • cubers
  • ethstaker
  • modclub
  • cisconetworking
  • Durango
  • anitta
  • Leos
  • tester
  • JUstTest
  • All magazines
    •