@malware@hachyderm.io
@malware@hachyderm.io avatar

malware

@malware@hachyderm.io

Kin at Fictive Kin: https://fictivekin.com/

Software, Pythonista, Rust amateur. Dealing in only the finest free-range inorganic electrons.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

malware, to random
@malware@hachyderm.io avatar

I recently learned that the word for “ankle” in Japanese translates to “leg neck”, and wrist translates to “hand neck”, and I can’t stop thinking about how smart that is

malware, to random
@malware@hachyderm.io avatar

"chucklefuck" is such a rare and brilliant insult, and it needs to make a comeback.

malware,
@malware@hachyderm.io avatar

@awoodsnet IMO this is pretty accurate: https://www.urbandictionary.com/define.php?term=chucklefuck

derickr, to random
@derickr@phpc.social avatar

Being jealous of all y'all north Americans having an eclipse to watch today.

Best recommendation I can give: don't bother to try to photograph it. They'll be shit, and you'll be missing a spectacular event. Live the experience and marvel at professional's photos later.

malware,
@malware@hachyderm.io avatar

@derickr I'm one of those very lucky people! Will just need to step out onto my balcony to see it.

sean, to random
@sean@scoat.es avatar

“Hello. I have good intentions. I would like to explain my good intentions. Here’s a whole bunch of extra work to justify our good intentions. It’s really swimming against the stream but we’re trying our best here to stick to our principles.”

“But what if you have bad intentions? Checkmate.”

I forgot what it’s like to be on Hacker News.

malware,
@malware@hachyderm.io avatar

@sean I read those comments. Really annoying :-/

I don't know how to respond to that kind of thing, since their arguments aren't based in logic. If we never try to do good because there's the possibility that our actions can be morphed into evil at a later time, then what's the point of doing literally anything?

malware,
@malware@hachyderm.io avatar

@sean The crux of their argument is that point-in-time malevolence cannot be countered. Like, no shit? If Apple suddenly gets sold to North Korea and they inject keyloggers into all app updates, what are you gonna do?

sean, to random
@sean@scoat.es avatar

For the past ~2 years, I’ve been working on a neuroscience startup (called Matter). We have an app that—by its nature—needs to operate on private user data. Some of that data is so private that we never actually want to handle it ourselves. So we don’t.

We can’t leak data we don’t have. We can’t mishandle private info that never leaves the control of the user.

We’re taking a mostly-unique approach to user data at Matter, and I’ve finally written a little bit about it:

https://seancoates.com/blogs/matter-and-privacy

malware,
@malware@hachyderm.io avatar

@sean You may be interested in Prio, the privacy-preserving metrics aggregation system developed at Stanford: https://crypto.stanford.edu/prio/paper.pdf

ISRG, the people behind LetsEncrypt, are creating a service that implements that protocol/system: https://divviup.org/ Not public yet, but you can sign up for their waitlist.

malware, to random
@malware@hachyderm.io avatar

I'm getting really frustrated by the huge amount of AI generated blogspam that I have to filter through.

While researching some esoteric Postgres operation I came across an (unrelated) article that was adamantly suggesting that you can perform batch DELETE operations in Postgres with a LIMIT clause, with full examples and output/results.

Well dear reader, Postgres has never allowed LIMIT in anything except SELECT statements. The whole article was hallucinated GPT shit.

malware,
@malware@hachyderm.io avatar

@wyri I'm starting to think that's a decent blog filtering strategy. This isn't the first time I've come across something blatantly wrong that is the fever dream of some AI that was tasked with generating clickthrough content!

grmpyprogrammer, to Laravel
@grmpyprogrammer@phpc.social avatar

#laravel #php folks using Laravel 10 — how are you doing validation at the model level? We have a need for this at $dayjob — things like “this field that is a percentage value cannot be more than 100 or less than 0 when the record is saved”

malware,
@malware@hachyderm.io avatar

@grmpyprogrammer Not exactly the question you asked, but an even stricter guarantee for those conditions are CHECK constraints in the database. Available in postgresql and mysql.

malware,
@malware@hachyderm.io avatar

@grmpyprogrammer ah, then check constraints aren't going to help you, there - too late in the process 😕

pamelafox, (edited ) to random
@pamelafox@fosstodon.org avatar

Do your lips get all tingly/hurty after eating an orange?

malware,
@malware@hachyderm.io avatar

@pamelafox I'm no expert, but that does sound suspiciously like a mild allergic reaction 😬

pamelafox, to random
@pamelafox@fosstodon.org avatar

What level do you expect Python packages (like SDKs) to log at, INFO or DEBUG? INFO for some things, DEBUG for other things? What's the heuristic? Or DEBUG for everything?

malware,
@malware@hachyderm.io avatar

@pamelafox All I know is whatever level you choose, it's going to be the wrong one 🥲

malware,
@malware@hachyderm.io avatar

@pamelafox Only custom one I've seen that I thought was useful was TRACE, which was configured as logging.DEBUG - 5.

And to answer your initial question for real: I expect most packages to log major internal state changes at INFO, and lower level things like network request payloads at DEBUG.

malware,
@malware@hachyderm.io avatar

@pamelafox oh yeah, definitely don't put network payloads in INFO. At most, tell me you're making a network request at INFO!

malware,
@malware@hachyderm.io avatar

@pamelafox Thinking about this more, I intuitively use a heuristic whereby if there's a chance that the logging output could contain PII and/or secrets and access tokens, that's only ever DEBUG.

In the disaster scenario where you end up revealing/publicly dumping log data from a production system by mistake, you don't want PII/secrets in there. I can see a situation where a prod system logs at INFO, but you'd never log at DEBUG (exceptional circumstances notwithstanding).

malware, to random
@malware@hachyderm.io avatar

The complete disaster that is cookie consent popups on nearly every single web property is surely one of the most laughable public policy failures targeting digital media in the last decade, right?

malware,
@malware@hachyderm.io avatar

@grmpyprogrammer

People have been trained to mindlessly click "accept" without reading, and move on with their day. The policy was about informed consent, but I think has failed at that goal.

Also, I would be willing to bet that forcing the popups on folks has changed less than 0.1% of user habits to those sites, and an even lower percentage of sites that have actually modified their data collection policies.

malware,
@malware@hachyderm.io avatar

@grmpyprogrammer Hence my point of it being a failure - the shrug reaction is effectively what everyone feels.

So much time, effort, capital (human and physical) invested into creating a policy that has done, to first order approximation, absolutely nothing.

malware,
@malware@hachyderm.io avatar

@ramsey @grmpyprogrammer Agreed - my issue, as you've nailed, is that the requirements were drafted in such a way as to make their inevitable implementation, by everyone, completely impotent.

malware, to random
@malware@hachyderm.io avatar

holy fuck do I feel old

malware,
@malware@hachyderm.io avatar

@grmpyprogrammer my eyes twitched when I realized that I've used most of the VCS the author considers "ancient" 😅

malware,
@malware@hachyderm.io avatar

@mwop @grmpyprogrammer I too have used RCS and CVS for real projects in the early 2000s. I remember discovering Subversion and just gushing over how much better it was than CVS!

malware,
@malware@hachyderm.io avatar

@ljrk SCSS is code archaeology at this point!

malware,
@malware@hachyderm.io avatar

@tux0r @mwop @grmpyprogrammer many years ago I used to have to wait 20 minutes for SVN to merge branches in a large open source repository. When git did the same thing in 1s, I was sold.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • thenastyranch
  • rosin
  • GTA5RPClips
  • osvaldo12
  • love
  • Youngstown
  • slotface
  • khanakhh
  • everett
  • kavyap
  • mdbf
  • DreamBathrooms
  • ngwrru68w68
  • provamag3
  • magazineikmin
  • InstantRegret
  • normalnudes
  • tacticalgear
  • cubers
  • ethstaker
  • modclub
  • cisconetworking
  • Durango
  • anitta
  • Leos
  • tester
  • JUstTest
  • All magazines
    •