By "security alert names" do you mean "SEV1"? There is absolutely nothing sensitive about that name for an incident category.

> They would have probably done a lot better if they had been able to hang onto their crypto. That's the crux of it. The benchmark is not "did FTX depositors get back a current-day amount of dollars numerically comparable to what they had on deposit when FTX collapsed?", because between regular inflation and changes in the price of crypto you could (in theory, at least) still be well behind "what would those crypto assets be worth had FTX not collapsed and depositors could have exited at a higher price?"

Partly, and primarily, latency. For a lot of modern SaaS applications, you're already pretty close to the so-called Doherty threshold ( 400 ms response time) just from the latency of the application itself on both ends (on the servers, plus communication between servers, and in the user's browser). Add a significant amount of latency from the round-trip to Alaska or northern Ontario and back for a user someplace like Seattle or Florida, and you're risking users perceiving your dating app or whatever as slow even if it's reasonably fast in actual execution. Then too, locating in a rural area doesn't save you from impacting the people who *do* live there (and there are always at least a few, unless you're in the middle of the Sahara or something) by raising their cost of water and power, at least temporarily, because those places have utilities sized to the existing demand. In fact, the fewer people there currently are on the local grid or water system, the worse the impact of even a moderately-sized datacenter is, because it may represent multiple times the existing demand, whereas if you add "1 moderately-sized datacenter" to the load of someplace like the Northeast Corridor, Con Ed won't even notice. (They will, actually, but one datacenter doesn't represent an increase of multiple times the existing demand in say, northeastern New Jersey, so a whole region's infrastructure doesn't have to be reengineered just to accommodate you.)

First thing I thought of. The halcyon days of ThinkGeek were the early '00s when they had stuff like the t-shirt that said "go away or I will replace you with a very small shell script". (One of my friends actually worked there for awhile and got to beta-test the interactive wizard robe that was originally just an April Fool's joke.) Toward the end it was hard to find anything that wasn't just mass-media licensed merchandise, even before it became a wholly owned brand of GameStop or whoever. The one bright spot is apparently the team that designed the Bag of Holding bought the IP and released an updated version (which I bought and has been amazing for work travel). These days the geek stuff I get is mostly conference swag and stuff from vendors at shows like Awesome Con, but I'd love to see a ThinkGeek Redux type of thing.

I was around back then, I remember the fight against it before and after its passage, and most importantly I remember that the actual legislative history of the Communications Decency Act disagrees with you. It was introduced by Senator Exon, a Democrat. Exon introduced it with a prayer that included the statements "there are those who are littering this information superhighway with obscene, indecent, and destructive pornography" and "Lord, we are profoundly concerned about the impact of this on our children." It initially passed the Senate by a vote of 81-18, with 1 not voting, and that 81 included plenty of Democrats. Then the Senate passed the conference version by a vote of 91-5. Bill Clinton signed it and made statements in favor of it, and his Justice Department vigorously defended it even as the courts tore into it. People forget that in the 1980s and '90s, prominent Democrats like Tipper Gore were among the most vocal proponents of censorship.

We in the four-digit club are ageless and immortal. We have always been here, long before the cataclysm that created the physical laws that led to the formation of the silicon the LLMs spend their existence in. We will be here long after the last quark of the last proton of this universe decays. We will still be here to witness the next universe-spawning cataclysm in the endless series, and in that cataclysm, as we have infinite times before, we shall imprint the physical laws of the new universe to result in the inevitable creation of the Rickroll.

"No bastard ever won a war by dying for his country. He won it by making the other poor dumb bastard die for his country." -- attributed to George S. Patton

No, Texas can (maybe) legally split into up to five new states as long as one is still named Texas (assuming its original admission terms from 1845 still apply and weren't superseded by the terms of its readmission in 1870). Neither it nor its hypothetical child states can legally secede. https://www.smithsonianmag.com...

"Publishers have always controlled how their content is made available to Google as AI models have been built into Search for many years, helping surface relevant sites and driving traffic to them. This document is an early-stage list of options in an evolving space and doesn't reflect feasibility or actual decisions." Right, except that that "choice" is "feed the AI Overview, or don't get indexed": https://www.bnnbloomberg.ca/bu... Now, it's Google's service and within the law, they can run it however they want. But don't tell me about how much choice publishers have when the choice is as stark as that.

The reason for those originally was it was how you made a box with old typewriters. The reason you still see it is that law firms and the legal profession generally are still one of the most hidebound, "we've always done it that way so we always *will* do it that way" types of employers on the planet. I used to work at a Kinko's (2002-2004) and law firms were the only ones we regularly got WordPerfect documents from. Why? Because the templates they used for filings were all created in WordPerfect 20 years ago and they were still using them and had no plans to change because no lawyer wanted to get yelled at in open court by a judge for filing a brief with the wrong margins or something. It was honestly a miracle most of them were bringing us WordPerfect and not a pile of typewritten originals. They all had very specific binding and covering instructions too, because the court mandated every detail from font size and margins to the paper type and color of the cover on each copy.

Wouldn't work. LLMs have no true concept of meaning -- they don't know what the text of regulation Foo *intends*, or how to express a given intent as a block of code. At best they can extrapolate from, say, having seen training data where similar blocks of text were associated with blocks of code that have some patterns in common, and regurgitate based on that -- but that training data might well have been an example of why the given block of code *doesn't* properly implement the regulatory language, or it might have just been incorrectly asserted to do so, or a hundred other things that mean what the LLM spits out may compile, but still won't be correct. (And it may not compile in the first place, because again, LLMs have no actual concept of meaning or syntax, just patterns they see in their training data.)

It doesn't have to be perfect, just better than what this is, and it is. I put my TLS certificate in my DNS zone with a TLSA record, then sign my zone with my known, published DNSSEC key. Only I can sign my zone with that key and the chain of trust extends from the root of the DNS down to my signed records -- just like the current highly-centralized CA system, except history suggests publishing a malicious DNSSEC key for my domain is a lot harder than getting one of a couple of hundred CAs of varying trustworthiness to issue a certificate for my domain. DANE is a technical measure against malicious activity, where things like this and CAA records are mere administrative advice to authorities -- if you are a CA abiding by CA/B Forum rules, you must not issue a certificate if things don't match up, but nothing actually *stops* you from doing so. DANE is vulnerable to key compromise, but so are DNSSEC and the CA system (in both cases, if I get your private key associated with an issued cert or published public key, I then have everything I need to impersonate you). Another way to look at it is that to guard against the most common subversions of the CA system, you need DNSSEC anyway (to prevent cache poisoning attacks that redirect requests to a malicious site with a compromised or stolen cert). But if you *have* DNSSEC, you can just directly publish your TLS key and take advantage of the already-established chain of trust instead of needing to involve a rent-seeking third party.* * Except that browsers don't support it even though both OpenSSL and GnuTLS do, so just using DANE doesn't provide any security or authentication of your identity for the vast majority of web users today.

The problem is that we all just go along with the idea that a couple of hundred "authorities" chosen by a small cadre of mostly profit-seeking entities are ultimately-trusted by default to issue any certificate for any domain. There are already methods like DANE for authenticating a cryptographic key as belonging to an identified domain registrant that make CAs basically unnecessary in the vast majority of cases -- but your browser doesn't support them because it's overwhelmingly likely that your browser is Chrome, and Chrome doesn't (and won't, judging by history) support anything but the status quo on this, so there's little incentive for other browser makers to do so either.

The public statements are exactly the kind of thing some insecure executive who takes personal offense (for whatever reason, not necessarily because they're personally called out) demands be said - I've seen it from the inside of a few employers over the years. I guarantee you the people inside Facebook whose actual job is crisis communications in situations like this are pulling their hair out because they know this is the worst possible response (and are being overridden), unless they're just incompetent at their jobs.

I have a Fedora install on my main personal laptop and recently I ran into an issue where VS Code complained it couldn't run a Kubernetes plugin because `kubectl` was not in the user's PATH. But I knew it *was* in my path because I use `kubectl` in the shell myself, quite often. Turns out VS Code was installed from a Flatpak; removing the Flatpak install and switching over to installing from the "deprecated" RPMs (from RPMFusion, I think) resolved the issue completely. Quite likely I could have resolved it with some sort of configuration change to the Flatpak, but honestly, I just didn't find it worthwhile to spend the time, as experience tells me it would likely become a train of constantly tweaking the Flatpak config to make it work with one more thing it would just work with in the first place if installed the usual way. The isolation the Flatpak system imposes was the problem, not a solution.