I've never forgiven Reagan for removing the solar panels from the White House. That idiotic decision has cost us decades of lost progress toward renewable energy and -- because it forced us to remain dependent on oil -- has strongly influenced our international policies and military decisions. We've paid an enormous price for that act of arrogance.

On to the present: generating power isn't just about "how": it's also about "when" and "where". Addressing the "when" means dealing with energy storage -- for nights, cloudy days, peak demand, all that things that result in a mismatch between "power we can generate right now" and "power we need right now". Addressing the "where" means dealing not just with generation facility locations, but power transmission...and that last one is where nuclear has a big problem. Most people are okay with the idea of a solar farm near their homes, almost nobody is okay with having a nuclear plant nearby. (And with good reason) Power transmission means more infrastructure, more maintenance -- and more energy loss, increasing monotonically with distance.

There's certainly a subset of people pushing hard for nuclear, but it's a bad idea. We're much better off with solar and wind, with as much generation as close as possible to consumption in order to minimize transmission losses.

The biggest risk with any cloud storage is that it goes away without notice.

"That never happens" but it does. If they flag and shut down your account(s) they can, and have, hung people/small businesses out to dry that either didn't have a proper backup-to-the-backup solution or needed too long to restore the data and transition to another platform.

Your data is not private on DropBox and there's no option for Zero Knowledge Encryption/BYOK. 3rd party tools exist (ugh Vera) but they make the experience even worse.

I dislike Apple's ecosystem, but that's one thing they do extremely well, and pretty much seamlessly. I wish MS/OneDrive had a consumer-level option for this.

I used to get crashes out of DropBox years back when I moved many (many) thousands of files repeatedly and the database couldn't keep up but otherwise it was fine-just-fine in that regard.

> Winning
You would like losing a LOT less.

I'm no highly respected scholar on the middle east like you clearly are but a nuclear-armed terrorist-state doesn't tickle my happy places.

Nuclear weapons would give them actual /control/ of the Strait of Hormuz vs the temporary interdiction while they ensure the rest of their middle-eastern 'brothers' want nothing to do with them.

Trump is good at making enemies, but they still need him for better or worse.
Iran is making lots of enemies, none of which want or need them at all. Heck, even Russia who quite possibly would have /lost/ their war if not for drones and drone tech from Iran is doing fuck-all to help them out.

For those who don't deal with email infrastructure: there are several technologies (DKIM, SPF, etc.) that have been deployed in attempts to stop email forgery. Each works slightly differently, but the overall concept is that a receiving email server can check that a sending email server is authorized to send messages from the message sender's domain (e.g., "this message presented by mail3.example.net claims to be from joe@example.com; is mail3.example.net allowed to originate email from example.com?") and that messages are cryptographically signed by the sending domain's email server(s). I'm oversimplifying a lot but that's the general idea.

Worth noting is that tells you nothing about the message, i.e., it's of no value in figuring out if the message is spam or ham. That's because spammers can set up all of this too, and most of them have. It's of no help with the big email providers either: the two biggest sources of spam observed here are Gmail and Outlook, and of course all of those messages pass every one of these checks.

Which brings me to this problem. And that is: if someone gains control of an email account (or an email server) then they can send whatever they want from it until someone notices and shuts it down. And all of those messages will pass all of these checks -- which means that they're highly likely to be accepted by recipient email servers and highly likely to be read by the addressees. And then it gets worse: some of those addressees are using email clients that check message validity and signal it to the user with a green checkmark or the word "verified" or something like that. So even if the message content seems a little sketchy, that might well be enough to convince the person reading it that is IS legitimate...and then bad things happen.

We've spent decades trying to train users to be suspicious of anything that doesn't look right -- with mixed results, of course. But the combination of these technologies and email user interfaces that use them is undoing that training. Users are being conditioned to believe what their email client tells them to believe, and this is going to have dire consequences.

"Seemingly to dispel the notion that these "podcasts" will be AI audio slop [....]"

Narrator: These podcasts will, of course, be AI audio slop.

This. A thousand times this, especially the last point. We've held out education as a means to a happy, successful life -- and it's not. Not any more. It's become a means to barely surviving in an increasingly bleak world ruled by fascists and billionaires.

And the kids know it. They may not be able to articulate it quite so succinctly, they may not even know what the problem really is - -but they know it because it's all around them. They see it in their parents' faces and hear it in the news. They know that many things have seriously gone wrong.

We have to fix those things if we want those kids to have some hope. And one of things that we have to fix is the Republicans' half century of war on education -- of all kinds, at all levels. Republicans figured out, in the 1970's, that intelligent, educated, literate, thinking people were increasing leaving their party. And rather than introspecting and changing themselves, they decided to destroy education. We are where we are now because they've spent half a century wrecking it and they're still doing it today. They're working to create an illiterate and uneducated electorate because that's their core constituency: those people are easy to manipulate into voting for the very people who are destroying them.

This tool does one thing and only one thing, which is exactly how tools should be designed and written. Overly-complex tools are a sign of a poor design process, and they actually make things much more difficult than simple tools which can be combined to perform complex tasks. I'm not happy that this had to be written, because we find ourselves in an unfortunate position just now, but I'm delighted that Nuyens took the correct approach to the problem, wrote a tool to handle it, and stopped there.

I've got a copy of this and am going to spend part of this evening combining it with our monitoring environment, so that I can track the systems that has been run on/needs to be run on. I anticipate that to be easy because of everything I wrote in the first paragraph.

...this seems like a very bad no good awful idea. Any attacker that penetrates OpenAI will be one hop from every bank account connected to ChatGPT.

OpenAI admits compromise: OpenAI caught in TanStack npm supply chain chaos after employee devices compromised

Of course, OpenAI is minimizing the extent of that because that's what everyone always does: they lie, because it's profitable and there are no penalties for doing so. But I have no doubt whatsoever that (a) this breach is much worse than they're letting on (b) it's not the first breach (c) it's not even the only current breach and (d) it certainly won't be the last one. Those are easy bets because OpenAI is skimping on everything except hype, and their operational security is neither operational nor security.

TL;DR: if you hand over your bank account to ChatGPT, you're handing it over to everyone who hacks OpenAI -- and that won't be a short list.

...that you built. Pervasive surveillance looks and feels a bit different from the inside, doesn't it?

On the other hand: it's well past time for programmers, sysadmins, network engineers to unionize, so if this happens to kickstart such a movement, I'm certainly in favor of that.

One phone call to Bezos, or Pichai or any of the others, and even the most sensitive EU data will be in the hands of the US government within hours. (Surely nobody can think these leashed pets will say no.) There's zero respect for security, privacy, national sovereignty, or the conequences.

The same thing is happening in Canada, and it will happen elsewhere. The Cloud Act plus the descent of the US into a fascist oligarchy has made this inevitable, and all of these countries have realized that they need to plan tech, and defense, and energy, and everything else to work with zero reliance on the US.

The US response to this be threats and tariffs, of course. They won't work: they'll only convince the EU to move faster.

I've spent most of the past decade working (for free) on an archiving project for a nonprofit organization. This is a labor of love for me: it's a chance to use a lifetime of technical skills to help preserve the past for the future. I've put in every spare minute that I can, and have given up most other things in my life to do so. I have to: there isn't anyone else with the requisite skill set to do this work for free, and the organization certainly can't afford to pay anybody.

The AI companies have created two massive problems for us. The first is their web scraping, which is way beyond abusive: it's an attack. Yes, YES, I know about all the techniques to block it and I've deployed a bunch of them, but every minute spent doing that is a minute not spent doing actual archiving work. And even if I managed to blunt most of these attacks, at least one will get through, and they'll steal everything we've posted (for free) and use it (for profit), against our terms of service and against the express wishes of the people who donated materials to us...which is making it vastly harder to convince donors to help us.

The second is the topic of this discussion: disk drives. We don't need the biggest and the fastest, but we need a lot of them because we're maintaining replicas of the archive in geographically distributed locations. And like everyone else, we either can't find them or we can't afford them. I've been using eBay and Craigslist and I've even been going to estate states to try to pick up used external USB/firewire drives and old desktop PCs so that I can pull the disks and hope they test okay. Again: every minute spent doing that is a minute not doing actual archiving work. (Also: because some of these disks have a lot of hours on them, I have to consider probable remaining lifetimes and account for that.)

This is maddening and heartbreaking at the same time. And the thing is: I've spent a lot of time interacting with other people in this space: GLAM (galleries, libraries, archives, museums). Everybody has this problem. All of these people, who definitely aren't doing their jobs because of the lavish pay and spectacular benefits but because they appreciate and love the cultural area(s) they're in, are all struggling. And none of these institutions have the money to truly address the situation: they're all underfunded because they've always been underfunded.

TL;DR: this is cultural vandalism conducted by billionaires who are willing to burn the entire world down for money and power.

1. A few decades ago, universities/colleges ran their own IT infrastructure: email, web, applications, etc. But grossly-overpaid administrators decided that competent, experienced IT staff making far less were expendable and they began outsourcing everything they possibly could -- because, of course, reducing the number of administrators and their compensation was never an option.

The consequences of that are now here. What were 8,000 targets are now: 1. And this isn't the only such application -- for example, much the same thing is true of email. And thus attackers now have luxury of focusing their efforts on a single target andl leveraging that into extortion against 8,000. None of the clueless, selfish, ignorant administrators responsible for this debacle will admit any responsibility -- ever. They're too busy enjoying their mansions while graduate students struggle to afford ramen for breakfast, lunch, and dinner, and junior faculty are forced to moonlight in order to make ends meet.

2. Instructure is following the standard playbook here: lie, lie, lie. They're doing that because they know they can and because no will ever hold them accountable. It's clear from what we already know that this was a very thorough hack, Instructure knows it was a very thorough hack, and they're doing everything they can to hide that fact. And as a result of that, they're deliberately making it impossible for everyone at those 8,000 institutions to understand what really happened and to take appropriate defensive measures (if any, if possible). Instructure isn't in the least bit concerned about the damage done to all the students and faculty; Instructure only cares about itself.

Exactly so. And exacerbating the situation is that distribution losses mean that running 1000 minicenters will use MORE power than 1 center with 1000 times the capacity.

Then, as you noted, there's the cooling problem, which also doesn't scale. Neither does the noise problem: people live in quiet places because, well, quiet. A thousand little data centers running 24 hours a day isn't going to mesh well with that.

This entire concept is insanely stupid -- but no doubt some VCs will throw money at these morons and they'll profit handsomely.

All it would take is one phone call from Diaper Donnie to his pet fascist Elmo and every bit of data/metadata available on those terminals would be furnished to the Russians and thus would shortly be in the hands of the IRGC. (And if you're about to ask why in the world he would do that: keep in mind that we're talking about a moron with accelerating dementia who is incapable of understanding ANY concept, who cannot formulate a coherent plan for anything, and whose only values are his ego and his money.)

Less dramatically: if you're an insurgent force in a modern country, the last thing in the world that you want to do is communicate by any form of electronic network. Surveillance and detection methods for these are well-known and readily available. And even if the communications themselves are encrypted, the metadata available enables traffic analysis, correlation with external events (including those arranged for the purpose), and endpoint identification.

In such an environment, it's much better to use encrypted memory cards distributed by couriers and dead drops. The cost of attempting to disrupt such an effort is many orders of magnitude higher, both in terms of money and personnel, than the cost of disrupting electronic distribution.