159 Matching Annotations
  1. Last 7 days
  2. Jun 2021
    1. DigiNotar was a Dutch certificate authority owned by VASCO Data Security International, Inc.[1][2] On September 3, 2011, after it had become clear that a security breach had resulted in the fraudulent issuing of certificates, the Dutch government took over operational management of DigiNotar's systems.[3]

      Dutch Certificate Authority gets hacked.

  3. May 2021
    1. First of all, I would start off presenting yourself: Dear XYZ support team I am the web developer in charge of example.com website. By presenting you this way, you are establishing the frame to treat you, hinting that you should be presupposed to be somewhat proficient, so they could choose to answer in a more technical detail.
    2. Feel free to hint, brag, or both! The best CS reps should easily take a hint from clear language and a signature like John Appleseed, JavaScript/Ruby Developer, but any will catch on with a simple line like "I know what I'm doing, so I'd appreciate an extra-technical explanation!"
    3. Hey, I'm a PhD in [field] and do [whatever] professionally. Before calling you, I've narrowed down the problem to [something on their end], so that's what needs to be addressed. If I could speak to an engineer about [specific problem], that'd be great; but if we've gotta walk through the script, let's just knock it out quickly. If they end up requiring the script, then the best way to use your expertise is to run through it quickly. Keep the chit-chat to a minimum and just do the stuff efficiently. If they start describing how to perform some step, you might interrupt them with, "Got it, just a sec.", then let them know once you're ready for the next step.
    4. However, what speaks against just straight up telling them that you're working as [Insert title of your position] and you know what you're talking about?
    5. OP is referring to letting people know they can speak like proper adults when talking about technical terms, without going through the usual nanny-like discourse that tech support has to provide to non-techies. For instance, it happened to me with Amazon support. The speaker told me exactly where to touch in order to clear the cache of the Android Amazon App Store. Given that I work as an app developer the guy could have just said "please clear the cache". No need to go through "tap here, then here, now you should see this, tap that"...
    6. I have tried different tactics of showing the tech support that I am proficient in their field of work (I work as a web developer). Specifically: using accurate terms and technologies to show my knowledge of them and telling the support that I am the "administrator" of the website in question.
    7. How to let tech support subtly know that I am proficient without showing off?
  4. Apr 2021
    1. The privacy policy — unlocking the door to your profile information, geodata, camera, and in some cases emails — is so disturbing that it has set off alarms even in the tech world.

      This Intercept article covers some of the specific privacy policy concerns Barron hints at here. The discussion of one of the core patents underlying the game, which is described as a “System and Method for Transporting Virtual Objects in a Parallel Reality Game" is particularly interesting. Essentially, this system generates revenue for the company (in this case Niantic and Google) through the gamified collection of data on the real world - that selfie you took with squirtle is starting to feel a little bit less innocent in retrospect...

    2. Yelp, like Google, makes money by collecting consumer data and reselling it to advertisers.

      This sentence reminded me of our "privacy checkup" activity from week 7 and has made me want to go and review the terms of service for some of the companies featured in this article- I don't use yelp, but Venmo and Lyft are definitely keeping track of some of my data.

    1. The good news: everyone had a genuine blast. We knew we had experimented our way into something fun, even if the rules and designs still needed a lot of work.
  5. Mar 2021
    1. Software that is not currently being used gradually becomes unusable as the remainder of the application changes.
    2. Infrequently used portions of code, such as document filters or interfaces designed to be used by other programs, may contain bugs that go unnoticed. With changes in user requirements and other external factors, this code may be executed later, thereby exposing the bugs and making the software appear less functional.
    1. Yes, but honestly, and no offense intended, but I don't see the harm in these type questions, nor why some people are offended when they are asked. If I owed a website, I wouldn't mind it because it just creates more pages that can be indexed. I see it as helping the website. But, I did look and didn't see a simple answer. Again, no offense is intended. I've just never understood the complaints.
    1. Almet ji dafa tooy.

      Les allumettes sont mouillées.

      almet ji -- (French) matches.

      ji -- the (indicates nearness).

      dafa -- are (?).

      tooy v. -- to be/get wet, humid, to be soaked; be fresh, be green.

      https://www.youtube.com/watch?v=fQWvy_lYlv0

  6. Feb 2021
    1. Literally, everything in this example can go wrong. Here’s an incomplete list of all possible errors that might occur: Your network might be down, so request won’t happen at all The server might be down The server might be too busy and you will face a timeout The server might require an authentication API endpoint might not exist The user might not exist You might not have enough permissions to view it The server might fail with an internal error while processing your request The server might return an invalid or corrupted response The server might return invalid json, so the parsing will fail And the list goes on and on! There are so maybe potential problems with these three lines of code, that it is easier to say that it only accidentally works. And normally it fails with the exception.
    2. exceptions are not exceptional, they represent expectable problems
    3. Exceptions are not exceptional
    1. cultural capital

      Introduced by Pierre Bourdieu in the 1970s, the concept has been utilized across a wide spectrum of contemporary sociological research. Cultural capital refers to ‘knowledge’ or ‘skills’ in the broadest sense. Thus, on the production side, cultural capital consists of knowledge about comportment (e.g., what are considered to be the right kinds of professional dress and attitude) and knowledge associated with educational achievement (e.g., rhetorical ability). On the consumption side, cultural capital consists of capacities for discernment or ‘taste’, e.g., the ability to appreciate fine art or fine wine—here, in other words, cultural capital refers to ‘social status acquired through the ability to make cultural distinctions,’ to the ability to recognize and discriminate between the often-subtle categories and signifiers of a highly articulated cultural code. I'm quoting here from (and also heavily paraphrasing) Scott Lash, ‘Pierre Bourdieu: Cultural Economy and Social Change’, in this reader.

  7. Jan 2021
    1. while Fascism died in 1945 with the collapse of the Axis powers

      I would (not) like to introduce you to Francisco Franco and Spain until the 1970s.

    2. that first began in the United States

      Oh. Hell. No.

      Aside from the British example above, the authors seem to have forgotten that "movements to abolish slavery" included movements not run by White abolitionists, such as rebellions by enslaved people. One modest example roughly contemporaneous with the creation of the Bill of Rights: the Haitian Revolution. Or if you're hung up on White people abolitionists, Bartolome de las Casas (late in life). Who the hell even thinks the US invented abolitionism? WTF?

    3. But the people do not directly exercise their sovereignty, for instance, by voting directly in popular assemblies.

      False. In New England states, they actually do. And there's this little thing called the referendum...

      (Y'know, it's not like they're wrong about representative institutions. It's that they insist on putting in stupid false shit when they didn't even need to.)

    4. The first was the sundering of civil from religious law with the advent and widespread adoption of Christianity.

      WHAT THE EVERLOVING FUUUUUCK??

      HAHAHAHAHHAHAHAHAHAHA Hang on I gotta roll on the floor for a minute HAHAHAHAHAHAHAHAHAHA

      Ahem.

      MAY I INTRODUCE TO YOU CHRISTIAN MONASTICISM? THE HOLY ROMAN EMPIRE? EMPEROR CONSTANTINE? THE POPE? ALL THE POPES? INCLUDING THE TIME THERE WERE TWO POPES?

      The sundering of--

      Children. Sit down and let the adults do history.

      Needless to say:

    5. to write the document which we have today.

      Incorrect. They came up with what we have today minus twenty-seven important bits of it that comprise most of what the United States has spent the last 240 or whatever years fighting over. The Bill of Rights--the "but mah freedoms" part of the Constitution--didn't come along for four more years.

    6. The second momentous change was the emergence of multiple denominations within Christianity that undid Christian unity and in turn greatly undermined political unity.

      OK wait. So...civil law was sundered from religious law because of Christianity in the last sentence, but in this sentence, schisms in Christianity (which, remember, had sundered political and religious law) undermined political unity?

      (I mean, there were a lot of wars because of the various reformations and counter-reformations, but

      • there was no prior Christian unity, as I'm sure the Orthodox would like to remind us, to say nothing of the heretics the Inquisition enjoyed killing all over western Europe
      • political unity? Really? Like Europeans weren't over there killing each other even if they were all at least nominally Catholic?

      Look, it's like somebody thinks the multi-national, polyglot monastery in The Name of the Rose was representative of pre-Reformation Europe and forgot that The Name of the Rose is a murder mystery.

      (They didn't think that. These people wouldn't make it ten pages in anything by Eco. Bear with my nerd analogies.)

    1. If you’re not a huge fan of Snap packages, but love using Ubuntu, this guide is for you. In it, we’ll go over how you can remove Snap from your Ubuntu system and make it so that your system will no longer have access to the Snap store or anything like that.
    2. Snap packages are quickly becoming the primary way that Ubuntu users consume software. Despite Snaps dominating Ubuntu, many users still opt to avoid Snap packages in favor of Apt packages that have long been available in Ubuntu.
  8. Dec 2020
    1. Better contribution workflow: We will be using GitHub’s contribution tools and features, essentially moving MDN from a Wiki model to a pull request (PR) model. This is so much better for contribution, allowing for intelligent linting, mass edits, and inclusion of MDN docs in whatever workflows you want to add it to (you can edit MDN source files directly in your favorite code editor).
  9. Nov 2020
    1. There is no rerender, when you call listen, then all scroll events will warn on chrome. See this entry from svelte: breaking the web

      Even the author of this library forgot this about Svelte?? :) (Or maybe he didn't and this response misunderstood/falsely assumed that he had.)

    1. I think what the author intended to do was check if the second argument was a non-empty string (which is not the same thing as checking whether there are more than 1 argument, as the second argument could be passed but be the empty string).
    1. In Rust, we use the "No New Rationale" rule, which says that the decision to merge (or not merge) an RFC is based only on rationale that was presented and debated in public. This avoids accidents where the community feels blindsided by a decision.
    2. I'd like to go with an RFC-based governance model (similar to Rust, Ember or Swift) that looks something like this: new features go through a public RFC that describes the motivation for the change, a detailed implementation description, a description on how to document or teach the change (for kpm, that would roughly be focused around how it affected the usual workflows), any drawbacks or alternatives, and any open questions that should be addressed before merging. the change is discussed until all of the relevant arguments have been debated and the arguments are starting to become repetitive (they "reach a steady state") the RFC goes into "final comment period", allowing people who weren't paying close attention to every proposal to have a chance to weigh in with new arguments. assuming no new arguments are presented, the RFC is merged by consensus of the core team and the feature is implemented. All changes, regardless of their source, go through this process, giving active community members who aren't on the core team an opportunity to participate directly in the future direction of the project. (both because of proposals they submit and ones from the core team that they contribute to)
    1. For both the tailor-customer and doctor-patient examples, personal data is an input used to improve an output (dress, suit, medical treatment) such that the improvement directly serves the interests of the person whose information is being used.

      This reminds me of "Products are functions" where your personal data is a variable than enters into the function to determine the output.

  10. Oct 2020
    1. So while Solid's JSX and might resemble React it by no means works like React and there should be no illusions that a JSX library will just work with Solid. Afterall, there are no JSX libraries, as they all work without JSX, only HyperScript or React ones.
  11. Sep 2020
    1. The node-resolve plugin doesn't like failing to resolve module IDs (because it usually indicates a bug, like you forgot to install the package in question), so it will throw an error rather than letting Rollup print a warning.
    1. using modulesOnly behaves exactly as expected when it warns you that the listed npm libraries do not use the ES6 format and are in fact ignored. This option is meant as a way to determine if you still have commonjs libraries in your dependencies that require special treatment via rollup-plugin-commonjs. Your code will probably not work since the listed dependencies will be missing. You should remove modulesOnly and instead add rollup-plugin-commonjs.
    1. User experience above all
    2. balancing developer and user experience
    3. You oftentimes see packages list react as a peer dependency. Since this prevents react from being installed into that package's node_modules, this is another way of preventing Rollup from bundling the module. This is also nice _if_ you want the application to install react from npm, because if an application forgets to install a peer dependency, npm will issue a warning.
    1. There is a good amount of properties that should mostly be applied from a parent's point of view. We're talking stuff like grid-area in grid layouts, margin and flex in flex layouts. Even properties like position and and the top/right/left/bottom following it in some cases.
    2. The main reason using classes isn't a great solution is that it completely breaks encapsulation in a confusing way, the paren't shouldn't be dictating anything, the component itself should. The parent can pass things and the child can choose to use them or not but that is different: control is still in the hands of the component itself, not an arbitrary parent.
    3. The RFC is more appropriate because it does not allow a parent to abritrarily control anything below it, that responsibility still relies on the component itself. Just because people have been passing classes round and overriding child styles for years doesn't mean it is a good choice and isn't something we wnat to encourage.
    4. Ideally: Only let a parent control those specific CSS properties, and never let a child use them on the root element.
    5. margin, flex, position, left, right, top, bottom, width, height, align-self, justify-self among other is CSS properties that should never be modified by the child itself. The parent should always have control of those properties, which is the whole reason I'm asking for this.
    6. new style RFC
    1. the notion that any given component should be in charge of its own thing, and not do something outside of itself. I.e., loosely coupled components in a sandbox, not tightly coupled to something outside of its own scope.
    1. when choosing community building activities that ask students to disclose information about themselves, and especially about how they are feeling, it is important to recognise the risk of unintended harm.

      Most faculty in a teaching setting chooses to do certain activities that can make a student very uncomfortable. In high school my teachers would do "icebreakers" and I would hate them because that meant I would have to talk in front of people and sometimes the topic would be a little too personal.

    1. Personally, I think class is too blunt an instrument — it breaks encapsulation, allowing component consumers to change styles that they probably shouldn't, while also denying them a predictable interface for targeting individual styles, or setting theme properties globally
    2. ...but ultimately the component itself has control over what is exposed, and can specify its own fallback values using normal CSS custom property syntax:
    1. A component should be in complete control of itself. Not only should a component's styles not leak out but other component's style should never leak in. Consider this 'Encapsulation part 2' if you will. When writing a component, you have certain guarantees that not only will the styles you write be contained within the component, but nothing from the outside should affect you either. You have a certain confidence that if it works in isolation, then it will continue to work when embedded within a complex application.
    2. By adding constraints, we have managed to create a simple API and a performant output.
    1. I think this is such a fantastic viewpoint. Sometimes in order to reach our overall goal, we have to "cast down our bucket" in compromise or be the first to extend the olive branch. I like that he used this same analogy for the white southerners as well. We all have to compromise to some degree to reach progress.

    1. Designing with constraints. Using inline styles, every value is a magic number. With utilities, you're choosing styles from a predefined design system, which makes it much easier to build visually consistent UIs.
  12. Jul 2020
  13. Jun 2020
    1. “The alarming truth,” warned the researcher, “is that the average number of permissions requested by a flashlight app is 25.”
    2. “Asking for too many permissions is dangerous,” ESET malware researcher Lukas Stefanko explains. “These permissions can be misused as an exploit to access more device components, such as call logs, phone numbers, and browsing history.”
    3. At the heart of Google’s challenge has been so-called permission abuse—millions of apps requesting the rights to access device data and functions beyond those needed to deliver their own functionality.
    4. The security feature in Android 11 is a long overdue crackdown on this permission abuse.
    1. Google’s novel response has been to compare each app to its peers, identifying those that seem to be asking for more than they should, and alerting developers when that’s the case. In its update today, Google says “we aim to help developers boost the trust of their users—we surface a message to developers when we think their app is asking for a permission that is likely unnecessary.”
  14. May 2020
    1. Requested Dormant Username Enter the username you would like to request, without the preceding URL (e.g., "User" instead of "gitlab.com/User")

      Problem Type: Dormant Username Requests

    1. The GitLab.com support team does offer support for: Account specific issues (unable to log in, GDPR, etc.) Broken features/states for specific users or repositories Issues with GitLab.com availability
    2. Out of Scope The following details what is outside of the scope of support for self-managed instances with a license.
  15. Apr 2020
    1. Having said all that, I think this is completely absurd that I have to write an entire article justifying the release of this data out of fear of prosecution or legal harassment. I had wanted to write an article about the data itself but I will have to do that later because I had to write this lame thing trying to convince the FBI not to raid me.
    2. I could have released this data anonymously like everyone else does but why should I have to? I clearly have no criminal intent here. It is beyond all reason that any researcher, student, or journalist have to be afraid of law enforcement agencies that are supposed to be protecting us instead of trying to find ways to use the laws against us.
  16. Mar 2020
    1. Rojas-Lozano claimed that the second part of Google’s two-part CAPTCHA feature, which requires users to transcribe and type into a box a distorted image of words, letters or numbers before entering its site, is also used to transcribe words that a computer cannot read to assist with Google’s book digitization service. By not disclosing that, she argued, Google was getting free labor from its users.
    1. Get phrasebooks to start studying basic terminology. Phrasebooks are lists of expressions made for travelers to foreign countries. These lists give you an example of the sentence structure a language uses and what kind of words are useful. Find a phrasebook in the language you wish to learn and treat it as a foundation you can build upon as you learn more.
    1. Are you telling your customers that you are willing to invest $0 in providing them with a proper translation? Are you prepared to signal that those markets or languages aren’t a priority for your organization? That is a dangerous message to send, primarily if you rely on your global audience for significant amounts of your total revenue. 
  17. Jan 2020
  18. Dec 2019
    1. There are thousands of to-do list apps out there, in part because no system works perfectly for everyone. I’m not going to say todo.txt is the exception, and that it will work for everyone, because that would be crazy. But todo.txt is the most flexible tool I’ve come across. In part, this is because of the sheer number of clients available, but also because the simplicity lends itself to improvisation.

      First time I've seen improvisation used like this.

  19. Aug 2019
    1. Now, I'd rather pay for a product that sticks around than have my personal data sold to use a free product that may not be around tomorrow. I value my privacy much more today. If you're not paying for the product... you are the product being sold.
  20. Oct 2018
  21. Sep 2018
    1. Snapchat says it reaches 28.5 to 30 million 18-24 year old users in the U.S. According to a recent survey of Instagram users, approximately 32 percent of its 1 billion-strong user base is 18-24.

      Snapchat reaches around 30 million 18-24 year old users; important ages that are more recently able to vote and take political action. Instagram and snapchat are most popular amongst younger users.