As pointed out, the DNS issue was fixed, and the other point made about Python wheels has also been addressed; quite a good chunk of packages on PyPi have had a musl wheel added in the past 6 months or so, including numpy & scipy. I'm also not certain if the Go part is true; probably somewhere around half of the Go apps I'm running as a container are running or were built on an Alpine base.
chameleon
joined 2 years ago
I can't speak for Apple but Google does. It falls under their user-generated content policy which requires you to "Provides an in-app system for blocking UGC and users". Google is generally the more lenient of the two when it comes to policies, so I'd be highly surprised if Apple didn't have it...
You can easily end up with A gifting B a million and then B sending A the NFT for free, potentially with a trusted escrow service in between to make sure both of these actually happen. The NFT marketplaces are essentially already acting as escrow, so this isn't weird.
Only thing you could probably enforce is that moving something from one key to another requires a fee to be paid to the original artist, but that'd also trigger if A wants to move their assets to a different key (eg in or out of some hardware wallet, online wallet or marketplace). And if A and B trust each other strongly they can simply share the key.
The argument does exist. This article by PEN America is one of the most widely spread ones and largely misrepresents the situation. It's based on a PopSci article with a similar headline, though the contents of the article tell a rather different story.
Nothing really says out loud what's going on: Republicans enacted an extremely vague and unrealistically short deadline book ban as part of a bill (that does some other stuff like removing AIDS education), forcing schools to either throw out every book that might be vaguely suspect or resort to funny measures like this. This school's use of ChatGPT was purely to save books that were on a human-assembled list of challenged books, to reduce the negative effect of the book ban, while being potentially defensible in court (remains to be seen how that'll work out, but they made an "objective" process and stuck to it - that's what matters to them).
No, I most definitively hate Jira (and also my manager). Jira is the only software I've had to use where 10+ second page load times are a regular everyday occurrence. On their cloud hosting, so it's not like we could do anything to fix it other than filing tickets... which we were told to simultaneously keep doing so they can track it but also stop doing because it's working as intended and we were wasting their time and abusing support.
JQL is absolute garbage, and it doesn't even take hindsight; they took SQL but in an attempt to simplify it, they broke everything about it. Whether any particular functionality is a field or a function to run on some other field is a mystery. And if you're using Jira Service Management, it gets infinitely worse; everything is bolted on in a terrible way.
Every interaction between their "Kanban board" and "ticket" system is confusing. They pull from the same database, except not quite, except they do. It's a representation of data, but not the same representation the data is in. If you have any kind of custom workflow setup at all - which the blog both criticizes as bad and uses as a reason to explain why Jira is the only good option (????) - it will simply never do the right thing unless they map 1 to 1.
There are all kinds of perpetually missing features. Multiple assignees are a big one, there is simply no correct way to represent "John and Bob will spend some time together brainstorming about a new architecture" or simple things like pair programming, despite that being a fairly significant task that should somehow be accounted for in planning. You can half-ass it with custom fields or sub-tasks, but then the entire ecosystem of tooling built on the assignee field crumbles.
Likewise, you can't assign issues to a "virtual" position of any kind, all you can do is leave them unassigned or make (and pay license costs for) a fake user. It's not possible to represent concepts like "the first available person from the Ops team" or "whoever is currently managing the security team" unless you make it into a status and leave it unassigned, which causes a massive amount of issues when multiple teams led by different managers are working on one project or someone is temporarily or permanently unavailable for whatever reason (vacation/sick/etc). Planning software that cannot deal with people being unavailable is worthless.
Permissions are a complete mess. There's all kinds of funny interactions between admin and project permissions, and some things are in what could have obviously never been the correct spot. How it ended up with project releases being an administrative permission speaks volumes about how poorly everything is designed. Happy tenth anniversary to the cloud ticket, the original server one has another decade on it. Twenty YEARS of the most basic feature imaginable not existing when the initial implementation was patently incorrect to begin with.
Okay, the thing that really matters to me:
“Frankly, we have more important things to do than spend a lot of time trying to figure out how to protect kids from books,” Exman tells PopSci via email. “At the same time, we do have a legal and ethical obligation to comply with the law. Our goal here really is a defensible process.”
According to Exman, she and fellow administrators first compiled a master list of commonly challenged books, then removed all those challenged for reasons other than sexual content. For those titles within Mason City’s library collections, administrators asked ChatGPT the specific language of Iowa’s new law, “Does [book] contain a description or depiction of a sex act?”
It really only got rid of things that would've otherwise had to go to begin with, while saving a few others.
It feels a bit closer to malicious compliance more than truly letting the AI decide the fate of things, and doing full proper compliance within the 3 months they were given would've been nigh impossible. I'm suspecting that the lawmakers were hoping that by giving them such a small timeframe, schools would throw everything vaguely suspect out. This ultimately leaves more books accessible, which I consider to be a good end result, even if the process to get there is a little weird.
If you're making something to come up with recipes, "is this ingredient likely to be unsuitable for human consumption" should probably be fairly high up your list of things to check.
Somehow, every time I see generic LLMs shoved into things that really do not benefit from an LLM, those kinds of basic safety things never really occurred to the person making it.
I do and I can confirm there are no requests (except for robots.txt and the odd /favicon.ico). Google sorta respects robots.txt. They do have a weird gotcha though: they still put the URLs in search, they just appear with an useless description. Their suggestion to avoid that can be summarized as: don't block us, let us crawl and just tell us not to use the result, just trust us! when they could very easily change that behavior to make more sense. Not a single damn person with Google blocked in robots.txt wants to be indexed, and their logic on password protecting kind of makes sense but my concern isn't security, it's that I don't like them (or Bing or Yandex).
Another gotcha I've seen linked is that their ad targeting bot for Google AdSense (different crawler) doesn't respect a * exclusion, but that kind of makes sense since it will only ever visit your site if you place AdSense ads on it.
And I suppose they'll train Bard on all data they scraped because of course. Probably no way to opt out of that without opting out of Google Search as well.
I guess a CEO opened the YouTube frontpage while logged out and went "what is this shit".
But seriously, this seems like it's a good thing overall. The "default"/empty history algorithm recommendations are truly, truly horrifying more often than not. It's almost entirely low-quality clickbait and I can't imagine many people actually appreciate it like that.
They were ~10% off in the winter & summer sales. These refurbs at full price are ~20% off compared to the regular ones. I wouldn't expect to see them discounted further unless Valve has difficulty selling them.
The attester here is really mostly Google's Android/Play Services/(ChromeOS) team, not Google's Chrome team. Chrome is really just responsible for passing it along and potentially adding some more information like what kind of extensions are in use, but the real validator is above Chrome entirely.
There will not really be a worthwhile key inside Chrome (there might be one that does nothing by itself); it'll be backed by the existing per-device-unique key living inside your phone's secure enclave. Extracting one key would just cause Google to ban it. That attestation covers the software in the secure enclave, your device's running OS, bootloader unlock state and a couple of other things along those lines; the OS, guaranteed to be unmodified by the hardware attestation layer, then adds extra stuff on top like the .apk hash of the browser. The browser, guaranteed to be unmodified by the OS layer, can add things like extension info if it wants to.
SafetyNet/Play Integrity have both software and hardware modes, but all Android+Google Services phones released in the previous 6? or so years have been required to have hardware backed attestation support, which has no known bypass. The existing "Universal SafetyNet Fix" pretends to be a phone without hardware support which Google begrudgingly accepts... for now. But the day where Google will just screw over older phones is getting increasingly closer, and they already have the power to force hardware backed attestation for device-specific features like NFC payments and DRM support.
On Apple devices, Apple has parallels via their secure enclaves in the form of App Attest/DeviceCheck. On Windows desktops, there could be a shoddy implementation with TPMs (fortunately they're not quite powerful enough to do this kind of attestation in a tamper-proof way; Microsoft's Pluton chips might have some secret sauce we haven't yet seen, though). On Linux desktops... nope, ain't no support for this coming anytime ever.
You don't own a photo someone else made of you IRL either. Personality rights are closer to trademark.