• 0 Posts
  • 18 Comments
Joined 3 years ago
cake
Cake day: June 30th, 2023

help-circle
  • Going for less known names can also help, as they are trying to build/maintain a reputation in addition to sales.

    IKEA is an interesting brand because it spans from incredibly cheap to nice quality, and personally, I find the cheapness is more in the material selection than the design. Like the furniture I got from them at my last place all survived the move to my current place, even the one I got frustrated with and stopped caring if it made it when taking it apart, it still stands solid today. They are one of the few that has decent value, though their prices can get pretty high at the high end.


  • Yeah, it’s more of a late stage capitalism “luxury” where the difference isn’t so much in the quality as in the price because people conflate “price” with “quality” and “desireability”.

    And I do understand it, at least to a degree. I try to do research on more expensive items or ones I’m looking for quality in, but it’s kinda exhausting, and often a cycle of “I want thing, see it in store and remember I want it, look at options, no idea which (if any) are decent and which suck, start looking online, decide I don’t want to do this right now, move on, forget to do research, repeat next time I’m at that store”.

    The easy mode of doing that would be look at options, assume cheapest ones suck, most expensive is too much, get one of the ones a little cheaper. At which point, the seller just needs to set a higher price to get a sale on the crappy ones.





  • If you want a demo on how bad these AI coding agents are, build a medium-sized script with one, something with a parse -> process -> output flow that isn’t trivial. Let it do the debug, too (like tell it the error message or the unwanted behaviour).

    You’ll probably get the desired output if you’re using one of the good models.

    Now ask it to review the code or optimize it.

    If it was a good coding AI, this step shouldn’t involve much, as it would have been applying the same reasoning during the code writing process.

    But in my experience, this isn’t what happens. For a review, it has a lot of notes. It can also find and implement optimizations. The weighs are the same, the only difference is that the context of the prompt has changed from “write code” to “optimize code”, which affects the correlations involved. There is no “write optimal code” because it’s trained on everything and the kitchen sink, so you’ll get correlations from good code, newbie coders, lesson examples of bad ways to do things (especially if it’s presented in a “discovery” format where a prof intended to talk about why this slide is bad but didn’t include that on the slide itself).





  • An alternative that will avoid the user agent trick is to curl | cat, which just prints the result of the first command to the console. curl >> filename.sh will write it to a script file that you can review and then mark executable and run if you deem it safe, which is safer than doing a curl | cat followed by a curl | bash (because it’s still possible for the 2nd curl to return a different set of commands).

    You can control the user agent with curl and spoof a browser’s user agent for one fetch, then a second fetch using the normal curl user agent and compare the results to detect malicious urls in an automated way.

    A command line analyzer tool would be nice for people who aren’t as familiar with the commands (and to defeat obfuscation) and arguments, though I believe the problem is NP, so it won’t likely ever be completely foolproof. Though maybe it can be if it is run in a sandbox to see what it does instead of just analyzed.


  • If she asked if she was annoying, she knew on some level.

    When I was younger, I used to get so annoyed at hinting disinterest rather than outright stating it, but I eventually realized that if someone is interested and doesn’t have barriers to getting involved, they won’t be coy about it. If they are busy but otherwise interested in a date when asked, they’ll usually say more than “I have plans that day”, like “but I’m free on x day” or “maybe another time?” or “I’d love to go on a date with you but can’t that specific time”.

    If they are evasive at all about it, they are either not interested in general and are just trying to be polite (NOT really for your sake, so don’t start about how you’d rather they be clear, it’s to protect themselves from the pieces of shit that get aggressive when they realize they don’t have a chance), or they have other shit going on that complicates any interest (like it’s hard for them to schedule a date ahead of time because they are already in a relationship and need a good excuse to get away for a date).




  • Fwiw, just because a dumb phone doesn’t give you access to “smart” features doesn’t mean the capabilities aren’t present on the phone. It’s just a matter of what could be hidden on the circuit board (lots can be hidden in chips), and what can be hidden in usual expected traffic (if bandwidth requirements are low, even timing of packets could be used to encode hidden data that would never show up in any logs).

    Plus the simple tracking of cellphones is necessary for them to function at all.


  • I’m disappointed that it took seeing that ad for so many people to realize what should have been obvious: ring, along with teslas, and any voice assistant listening devices, or any other cloud-based tech that monitors video, audio, or even other data, can be used to set up an unprecedented surveillance network. Phones are a part of it, too, at the very least as tracking beacons, assuming the mics and cameras aren’t being tapped more often than that little activity dot indicates.

    There’s a reason why the venn diagram of people who really understand tech and people who are enthusiastic about most new tech in the last decade and a bit aren’t the same circle. The Snowden revelations weren’t surprising on the “what they are capable of” side of things, though there had been hope before they came out that they weren’t crossing the lines that tech would have easily allowed them to. Just like when zuck bragged about the information fb users just gave him, that wasn’t all new but there was an unspoken (and perhaps naive) rule that admins should respect their users’ privacy.

    When I was on the webteam for a gaming community, it would have been trivial to set up the login page to also store all user/password/email combos in a location none of the other team would be likely to notice. We hashed the password in the db, but I could change the source code to do whatever. Even if it was hashed on the client, I could have added a temporary unhashed field and get all the plaintext credentials to check who uses the same password for their email. I didn’t because I respected our users, but from then on just assumed that any site admin could see my credentials and never reuse passwords.

    That also applies to Lemmy, btw. At the very least, you shouldn’t use the same password for you email and anything else (though also be aware emails are just sent as plaintext to a bunch of servers while being routed to your email provider).