@ktemkin@chaos.social
@ktemkin@chaos.social avatar

ktemkin

@ktemkin@chaos.social

Performance art piece written live by a collective of hardware hackers & low-level engineers. We make tools to help you do cool things, hack HW, and make educational materials. 🏳️‍🌈⚢.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

ktemkin, to random
@ktemkin@chaos.social avatar

perks of the name “kate” — you get to know every time another matrix user talks about KDE’s text editor

ktemkin, to random
@ktemkin@chaos.social avatar

wow, being plural has gotten way more complicated in this modern working age

ktemkin,
@ktemkin@chaos.social avatar

as our own manager, I just don’t know if I can approve this

ktemkin, to NixOS
@ktemkin@chaos.social avatar

nix users: what bothers you most about nix (ux-wise or otherwise)? what seems the most mysterious to you?

ktemkin,
@ktemkin@chaos.social avatar

(seems like as good a point as any to make some educational materials, and this is one of the Areas of Interest)

ktemkin,
@ktemkin@chaos.social avatar

@raito wait raito you have opinions regarding nix~?

ktemkin,
@ktemkin@chaos.social avatar

@raito ah, the diplomatic stance =P

ktemkin,
@ktemkin@chaos.social avatar

@erincandescent there‘s exactly one feature that‘s really valuable in their current implementation, in our humble opinion — and that’s the ability to have “lockable” sources; rather than requiring inline hash updates for things you expect to update periodically

the rest of flakes around that makes it difficult to use, though

(okay, if we’re being fair, there’s also the fact that we approve of anything that gets rid of any behaviors that depend on NIX_PATH)

ktemkin,
@ktemkin@chaos.social avatar

@adingbatponder interesting — what services/configurations have you found finicky? (this is actually the one area where nixos seems to do pretty well, in general)

also keep in mind that in nix is just a tool to deterministically put files in places, so really it’s a generator for things like “run these shell scripts” >.>

ktemkin,
@ktemkin@chaos.social avatar

also interested in former nix users and users who tried nix and gave up or decided it wasn’t for them!

ktemkin,
@ktemkin@chaos.social avatar

(thank everyone so much for the input so far — feel free to keep it coming! this is all getting collated into a big document which will hopefully help us help everyone!)

ktemkin, to random
@ktemkin@chaos.social avatar

wearing poorly-glued fake mustache

hello, yes, I have heard about all of your recent xz troubles! I am real m4 auditor; just let me in to PR your repos and I will fix, for you, your m4! very non-suspiciously priced, mhm!

ktemkin,
@ktemkin@chaos.social avatar

this would be the perfect scam for the moment; if only anyone actually understood m4 macros enough to pull it off

ktemkin, to random
@ktemkin@chaos.social avatar

also in general if your advice to the average server owner is “audit every piece of every piece of code you’ll ever run” then it seems very possible you’ve lost your sense of scale and perspective

ktemkin,
@ktemkin@chaos.social avatar

@JoeUchill it’s important because you never know what chemicals the government is putting in your electrons

ktemkin,
@ktemkin@chaos.social avatar

@Pashhur ah, yes --- applied statistics* never** lie*** ^_^

ktemkin,
@ktemkin@chaos.social avatar

@Pashhur (honestly can't be sure if a bayesian of frequentialist joke would be funnier here)

ktemkin, to random
@ktemkin@chaos.social avatar

for everyone waxing poetic about the xz backdoor: please, please, please remember that risk acceptance is as important to threat modeling as risk reduction / abatement

you’re not going to come up with a single, all-encompassing piece of security advice that works for everyone — security always is a balancing act between capability, risk, and potential outcomes

sometimes you legitimately have to accept that these kinds of things are possible and move on*

ktemkin,
@ktemkin@chaos.social avatar

*to either coming up with a defense-in-depth strategy that assumes layers will be compromised and protects what you specifically care about

or, equally reasonably, to something else that’s more immediate and important to your project (like more commonly exploited vectors, incident recovery strategies, or just generally improving your product!)

ktemkin, to random
@ktemkin@chaos.social avatar

LB: we really should have seen it coming when the source had BACKDOOR nestled between its 1s and 0s

that’s just sloppy reviewing

ktemkin, to random
@ktemkin@chaos.social avatar

you know, as fun as it is to be mysterious on this account, we should spend more effort to be publicily and visibly plural

ktemkin, to random
@ktemkin@chaos.social avatar

so, are you the "let binding hoisted to an akward place" kind of girl or the "unnecessarily recursive attrset" kind of girl

ktemkin, to random
@ktemkin@chaos.social avatar

hot take: english needs the essen/fressen distinction because it is just so useful

ktemkin,
@ktemkin@chaos.social avatar

@jason specifically we use it to describe our cat’s two modes of eating; so it’s kind of the opposite in this case — ascribing human qualities to nonhumans

ktemkin,
@ktemkin@chaos.social avatar

we actually use this with our cat; if she’s eating normally/daintily she gets the human essen; but she gets fressen when she’s gone absolutely wild for something

ktemkin,
@ktemkin@chaos.social avatar

@elbosso oh, we have a bunch of phrases that work in this place, but none that have the right Feel

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • thenastyranch
  • rosin
  • GTA5RPClips
  • osvaldo12
  • love
  • Youngstown
  • slotface
  • khanakhh
  • everett
  • kavyap
  • mdbf
  • DreamBathrooms
  • ngwrru68w68
  • provamag3
  • magazineikmin
  • InstantRegret
  • normalnudes
  • tacticalgear
  • cubers
  • ethstaker
  • modclub
  • cisconetworking
  • Durango
  • anitta
  • Leos
  • tester
  • JUstTest
  • All magazines
    •