Skip to main content



Imgur: Those who cannot remember the photobucket are condemned to repeat it.

reshared this



So we have to do a bunch of security trainings again in August or whatever - and I know I hate all of the security trainings - but I was wondering about fairly seriously suggesting doing an Engineering Wide "Watch the training and mock it" session
The actual goal being to have people discuss the modules and what we think is good and bad about it - and why we think things are bad/irrelevant in a productive way, with an informal feel - in order to get real security awareness training done but without making it feel as bad
How do you feel about that?


Well, I just made this suggestion to my other half in management and see if I can get this to be formal policy

in reply to silverwizard

We don't *make* security training
We make FUN of them

I feel bad for the security training companies - they're impossible to do a good video for, it's an impossible job, and I'm sorry this is my best solution to make it engaging

Unknown parent

@Psychotic Network Ferret Come work with me and you can join in the snark?



Most linux frontends I use seem to have strongly disabled the "middle click to paste selected text" and also generally "selecting text sends it to the selection buffer", and I presume this is a paranoia thing, but it's also a huge pain because there doesn't seem to be an option to change it. And it has cratered my workflows.


Okay, so the rendering of a profile picture on here is sort of weird. I use the cropping tool, which will only let me crop a square, but then it will remember the aspect ratio of the original image, and then scale the square to match that aspect ratio. Very odd. Will need to find a square picture to use.
in reply to MatchaZed

Just cropped and scaled down a picture of my FFXIV character, still weird how Friendica scales images when you try to crop them for a profile pic.
in reply to MatchaZed

@MatchaZed The worst part is that I think Mastodon will crop it to a circle anyway.
The fediverse is fun


I think I'm going to have to accept I'm not running a single user vanity instance since we now have our 6th user @MatchaZed


Got a bunch of stuff from a contractor, including a blob of terraform.

TIL that RFC 1918 lists 100.0.0.0/8 as a private IP block!

in reply to silverwizard

You mean 10.0.0.0/8 as a private IP block, right?

datatracker.ietf.org/doc/html/…




Sandman's Shittyness and abuse

Ok - so full disclosure - I hate American Gods - it's a Bad Book (imo)

But I read up to the end of the City of Glass issue yesterday, and I feel like Neil Gaiman's Sandman is just... trying to shock me repeatedly, and its calls to empathy refuse to not try to make me feel bad for my empathy by revealing a secret that the person I was empathizing with *suuuuuucked* retroactively. "You think this woman is bad?! Well she's a lesbian! HA! You empathized with her for being a lesbian! BUT SHE'S PHYSICALLY ABUSIVE HA!", and like, that's bad empathy, and bad storytelling, and it's not *fun*.

And uh- question - Morpheus definitely is implied to have forced himself on Nada? Right? That's what the closing paragraph says? I'm supposed to like this shitty person? Or like, at least think he's worth following?

in reply to silverwizard

Sandman's Shittyness and abuse

@The Corodon alright, the second half of Volume 1 had things I didn't like, but I loved most of it

The resolution of the Doll's House arc kinda made me trust more

Unknown parent

Sandman's Shittyness and abuse
@The Corodon honestly, just, it stayed horror, it stayed intense, but good things happened!


I am running a Cyberpunk game where a corporate has their headquarters outside a city, but few onsite apartments, so the people who are *in power* all do what is known locally as The Commute, a two hour traffic jam.

The world is making it clear that there's off-road public transit available, and there's an economy of people doing bike food deliveries, prostitution, and busking along the track for the four hours a day people are spending in traffic.

All for the right to drive to work in their own car.

And - Cyberpunk hurts me

in reply to silverwizard

You'd think the CEO would jack into his (inevitably his) in-office meat-puppet if he needed to actually be there...
in reply to Darcy Casselman

@Darcy Casselman @silverwizard Interestingly enough, most Cyberpunk universes I know are pretty concerned with having diversity among soulless corporate officers.
in reply to Darcy Casselman

@Darcy Casselman No no - these are VPs and stuff the CEOs are just flying

And yeah - there's a room in the basement where people do offsite meetings.

Meaning yes, these people are commuting 2 hours to be in the office to work remotely

in reply to silverwizard

At least the SVPs get self-driving cars, so they can join meetings during their commute (and get hijacked by enterprising hacker PCs...)
in reply to Darcy Casselman

@Darcy Casselman Definitely! (Shadowrun - all cars are self driving, so all applies)

The PCs are meeting their contact in their car during his commute, because they can pose as delivery people, and it's a space he can trust!

in reply to silverwizard

To my players, "Yeah, looks like his headware was installed before he was grown enough to not have it hurt him. Kinda like a 10 year old who has botox scars from beauty pageants."

My players didn't know how toxic pageant parents are...



Hey #OpenBSD people - are you getting perl errors after upgrade to 7.3?

I've upgraded 3 servers successfully so far, but bringing up my webserver gives me:

web$ sudo sysmerge
doas (silverwizard@web.obscuritus.ca) password: 
web$ sudo pkg_add -u 
Zlib.c: loadable library and perl binaries are mismatched (got first handshake key 0xec00000, needed 0xeb80000)
web$ 

CPAN and CPANm both give me the same kind of errors. perl-migrate-modules gives a similar error. I rolled back the update and pkg_add work, and I ran perl-migrate-modules to try to get XS versions and things correct, and then I ran the upgrade again, with same issue.

web$ env
_=/usr/bin/env
LOGNAME=silverwizard
PWD=/home/silverwizard
HOME=/home/silverwizard
MAIL=/var/mail/silverwizard
PATH=/home/silverwizard/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/games
TERM=vt220
SHELL=/bin/ksh
USER=silverwizard
web$ 

My env is pretty empty, and I've tried deleting my perl5 directory, and other site packages (pkg_add explicitly no_libs them but you know).

Anyone else seeing this?

in reply to Andrew Hewus Fresh

This file: github.com/openbsd/src/blob/ma…
in reply to Andrew Hewus Fresh

@Andrew Hewus Fresh yeah, Perl migrate modules is for migrating your installed modules to a new Perl binary apparently, but yeah

Yeah, I nuked my perl5 dir and it definitely no_libbed

It definitely is weird because Zlib wasn't there but I've installed three servers successfully from this install73.iso (but used the http mirror to get the files... On all servers), and it's persistent on this server and only this one...

It's super odd



They didn't invent words for how much I love being a dad and love my kids

I can be a grumpy nerd with a beard at computers, but kids never!

in reply to silverwizard

I've been a dad for not even three months, and I feel your first sentence so deeply.
in reply to Spencer

@Spencer I know right!

I know not everyone is a good parent, and that's ok, and it's important to highlight. But literally, my most treasured memories are holding my 1 month old child.




I wish the vibe around TikTok wasn't "TikTok is fine and good" and more "HOLY SHIT Facebook and so on are doing ALL THIS?!"

Allen Stenhaus reshared this.

in reply to silverwizard

I wrote like a three page diatribe to my reps detailing all the stuff Instagram calls home about since one of my locals is sponsoring the US bill to axe tiktok and I'm sitting there thinking "do they even know, or what?"
in reply to pamela

@pamela :flan_butterfly: I know that on the legal end it's entirely about locus of power and racism. But I just got an email from a Security Company telling me that TikTok is fine (I am on too many Security Company Spam lists that I can't leave...)

But yeah! it would be so nice if this unified with the privacy law work being done!

Unknown parent

@Jonathan Lamothe It's entirely a Locus Of Power/Racism thing


I have hit the point where I can guess the producer of a kids show after watching a few episodes

This is.... a skill I never suspected I would have



Bah. Guess who spilled beer on their laptop? On a holiday weekend?

Fortunately (1) warranty service is one of the things Apple is good at and (2) I dual wield so I still have a computer while the Macbook is in for service.



Does anyone want someone to run a bug bounty program and security awareness strategy? I love doing this shit, and reporters keep being happy to have me receive their report, so I feel like I'm good at it.


I love the actor Nigel Bennett! But basically everything I've seen him in is real bad.

It's very frustrating



One of the hardest part of my job is that I have to estimate how long it will take for me to even figure out what's going on, what I need to do, and then do it
in reply to Martijn Vos

@Martijn Vos @Ji Fu Yeah - that makes sense - it's just super hard to even figure out what I want to work on when the environment is so weird
Unknown parent

@Ji Fu @Martijn Vos Sorry, want to in the sense of "I am doing this project and every time I do something I find a yak to shave"


Unknown parent

@Rivetgeek Good - I am just .... so frustrated - I don't want to change everything in my new job - but Datadog is so bad

I have CloudTrail for logs - and I wish we'd either double down on it, or stop using it. But I really wish I wasn't getting garbage shoveled into a slack channels without a link to the actually actionable information damnit.

I wish... I could just... get alerts that meant there was a problem and had info about where

Unknown parent

@Rivetgeek I just had a massive "change every tool we're using" sweep which kinda sucks, so I'm gonna hold off, but I'll definitely give it a look for when my political capital refreshes


Introducing my competitor to LLMs: SKM

The Small Keysmash Model will generate bespoke keysmash with almost no overhead!

It's a neural network I trained on me keysmashing once.



@Hypolite Petovan I am looking to buy a bunch of Lego for my son for his birthday. Is there a good tool for looking at a general view of like, weight to volume, and is there a standard bulk-lego supplier?
in reply to Andreas vom Zwenkauer See

@Andreas vom Zwenkauer See I have a hard time taking these sets with a very low price per part seriously, in part because they're standing on the shoulders of the elephant in the room. For example, I sold today a couple of LEGO sets that were released in 1993, so 30 years ago, and not only the parts I found for these sets in the bin I sorted were in great condition (albeit a little dirty), I was able to replace most missing parts seamlessly with much newer parts. These for me are proofs of an ongoing quality commitment dating back at least 30 years that none of the newer LEGO-compatible brick ventures, however well-intentioned, can ever claim to match.

One of the reasons the LEGO second-hand market has always been very strong is the normalization LEGO introduced in the 70s (!). As a result, LEGO parts always have been a known quantity, and you can build a business based on trading genuine LEGO parts because of this ongoing trust in the product itself. Is LEGO overcharging for new sets? With such an incredible engineering legacy for what was considered like mere children toys until very recently, they damn well can, and I'm absolutely not ready to quit this field because of outlandish price-per-part claims.

Let's talk about the BlueBrixx second-hand market in 30 years, shall we? 😄

in reply to Hypolite Petovan

Let's talk about the BlueBrixx second-hand market in 30 years, shall we?


Yes !

;-)




The fact that I was in BitCoin in like 2009 (it was before I started dating my wife, and that was May 2010, which leave a very thin window), and did AI stuff even before that, makes brinigng me into Crypto and AI chats incredibly weird.

I've been here since the beginning, and seen every grift and been calling it a grift and a con for longer than many people have been in the space.

in reply to silverwizard

@silverwizard Look, he already ruined electric cars, flame throwers, Mars colonization and Twitter, there's nothing out of his deathly grasp.


Having #UnknownArmies thoughts - thinking about a data mining tech company run by a cabal of Cryptomancers - not selling the data or advertising, just collecting the secrets of millions and using it for charges


My RPG group needed to evoke a dive bar correctly, so I coined the phrase "greasy beer"

This is literally the worst concept for a dive bar

in reply to silverwizard

not a dive bar, but eons ago went to the El Macombo in the middle of the day and got a pitcher of beer that was at least 1/4 foam...and the beer was pretty brutal. Funny for a bar with such a good rating. Haven't been back since, then again it's been ages since I been in Toronto for more than a few hours.
in reply to Chaslinux

@Chaslinux I was at a concert at the El Macombo in like ... 2007, but that was not my experience. Tragic.



Thinking about this again web.archive.org/web/2013092322…

That was 4 days after the domain was registered, and the day the phone was released....

in reply to silverwizard

When I see people arguing over faceid ve touchid, I find myself considering suggesting that if biometrics are secure enough for their use case then just leaving the phone unlocked should also be up for consideration.
in reply to ⛅ w chance of bears

@⛅ w chance of bears I use fingerprint because I want to make sure I don't pocket dial.

But yeah - seriously - it's... upsetting to me

So much just weird security choices




youtube.com/watch?v=EiZhdpLXZ8…
It's longrunning character Hat Dan! The Dan with a Hat


It seems incredibly impossible to email a tailor and be like "can you tailor me a pair of baggy cargo pants?"

It just...

I'm sure they'd take the commission, but it just seems wrong



As AI art gets better and better at photorealistic art, it gets worse at *art* and better at *deception*. But of course, as it gets worse, it gets worse at *art* and better at *making garbage*.

There is an obvious solution to this dilemma.

in reply to mike

@mike No I agree
I was thinking about this image I saw of someone next to a TV with a person in the TV coming out to hug them.

If an AI made it, it would look bad and dumb

If a human made it, it means something weird and personal

@mike
in reply to silverwizard

Kind of like how sometimes who the artist is matters. The context of a work’s creation changes its meaning. But, a human still made potentially thousands of creative choices in the creation of an AI generated image, in much the same way a photographer or director does. An AI didn’t decide that out of it’s quasi-infinite potential outputs, a certain one should be circulated on social media with a certain presentation.

…yet



Reporting posts to my instance admin because they're funny and I want them to see it

reshared this



I love the idea of Joke Theft and shit on social media.

Someone makes a joke, and then someone else riffs on it. Or tells a similar joke. And people get super up in arms about the joke being "stolen".

Copyright and Clout just rotting their brain until they ignore the idea of culture

in reply to silverwizard

I love how so often the "how dare you steal this joke" posts are about such low-hanging fruit, the most obvious riff a person could make about some current thing jokes. Maybe they saw that joke and reposted it, or maybe dozens of people came up with the same thing independently.
in reply to ⛅ w chance of bears

@⛅ w chance of bears Yeah

And like, maybe someone sees a joke, and would prefer a slightly better one and riffs.

you don't need to cite your Joke Sources

MLA Style Joke Citations



I just wanna be an embedded dev so I can port Android Open Source to surplus Google Glass and mount it inside a pair of ski goggles

I am a simple man



Web of Trust For Content is going around, and uh, that feels way more fragile than the other WoT
in reply to silverwizard

yeah, that's a nonstarter on like every level.

I would really love digital signatures to be on more fragments of content, like I feel like the possibility of digital signatures is severely underused. But the truth value isn't something we can ever fix technically.

in reply to серафими многоꙮчитїи

@серафими многоꙮчитїи I dunno - I don't own enough technology that I trust to own a key longterm

I don't have a device I feel like my key wont be exfiltrated from, and I am terrible at keeping reliable hardware tokens.



Are you really playing RPGs properly if one of your players is concerned about going on an adventure but says "I wouldn't have my home bees"


The biggest problem with Star Trek Strange New Worlds is that I hear it's really good - but it's related to Discovery and therefore I can't believe it