2,334 Matching Annotations
  1. Last 7 days
    1. App of the Week

      Best App of the week comes with all the great innovations around the globe. Might be some of these apps bring fortune to your business.

    1. The task of "making a thing satisfying our needs" as a single responsibility is split into two parts "stating the properties of a thing, by virtue of which it would satisfy our needs" and "making a thing guaranteed to have the stated properties". Business data processing systems are sufficiently complicated to require such a separation of concerns and the suggestion that in that part of the computing world "scientific thought is a non-applicable luxury" puts the cart before the horse: the mess they are in has been caused by too much unscientific thought.

      Dijkstra suggested that instead of concerning ourselves with a software system that meets the user's needs, we should first separate our concerns.

      We should first concern ourselves with the user's needs and draw up careful specifications – properties to which the system should adhere should it satisfy the user's needs.

      With those specifications in hand we can concern ourselves with making a system guaranteed to have stated properties.

      The problem with this thinking, which the software industry would later discover, is that a user's needs cannot be accurately or completely determined before building the system. We learn more about what is needed by the process of building.

      This is an instance of the [[Separation of concerns]] not working.

      This is also why the industry has settled on a technique to build iteratively (Agile), always leaving the option open to change course.

    2. Some time ago I visited the computing center of a large research laboratory where they were expecting new computing equipment of such a radically different architecture, that my colleagues had concluded that a new programming language was needed for it if the potential concurrency were to be exploited to any appreciable degree. But they got their language design never started because they felt that their product should be so much like FORTRAN that the casual user would hardly notice the difference "for otherwise our users won't accept it". They circumvented the problem of explaining to their user community how the new equipment could be used at best advantage by failing to discover what they should explain. It was a rather depressing visit.... The proper technique is clearly to postpone the concerns for general acceptance until you have reached a result of such a quality that it deserves acceptance. It is the significance of your message that should justify the care that you give to its presentation, it may be its "unusualness" that makes extra care necessary.

      When you've developed an idea, you will typically want to communicate that idea so that it can be understood and used more generally. Dijkstra calls this reaching "general acceptance".

      To do so, you must communicate the idea in a way so that it can be properly understood and used. For certain ideas this becomes a challenging problem in and of itself.

      Many forgo this challenge, and instead of figuring out what new language they need to invent to most accurately communicate the idea, they use legacy language and end up communicating their idea less effectively, in pursuit of general acceptance.

      Dijkstra says that the proper way of dealing with this dilemma is to separate your concerns. You separate your concern of the solution from the concern of communicating the solution.

      When you've reached a solution that is of such high quality that it deserves communicating – and only then – do you concern yourself with its presentation.

    1. using SSH is likely the best approach because personal access tokens have account level access

      personal access tokens have account level access ... which is more access (possibly access to 10s of unrelated projects or even groups) than we'd like to give to our deploy script!

    1. In some contexts, "ops" refers to operators. Operators were the counterparts to Developers represented in the original coining of the term DevOps.

      I have always believed the Ops was short for Operations, not Operators.

      https://en.wikipedia.org/wiki/DevOps even confirms that belief.

    1. For the past few years, we've run GitLab.com as our free SaaS offering, featuring unlimited public and private repositories, unlimited contributors, and access to key features, like issue tracking, code review, CI, and wikis. None of those things are changing! We're committed to providing an integrated solution that supports the entire software development lifecycle at a price where everyone can contribute. So what's changing? Over time, the usage of GitLab.com has grown significantly to the point where we now have over two million projects hosted on GitLab.com and have seen a 16x increase in CI usage over the last year.
    1. presentation was nearly always considered separately, rather than being embedded in the markup itself
    2. This concept is variously referred to in markup circles as the rule of separation of presentation and content, separation of content and style, or of separation of semantics and presentation.
    3. First proposed as a somewhat less unwieldy catchall phrase to describe the delicate art of "separating document structure and contents from semantics, presentation, and behavior"
  2. May 2020
    1. Allowing port 80 doesn’t introduce a larger attack surface on your server, because requests on port 80 are generally served by the same software that runs on port 443.
    1. Collective agency occurs when people act together, such as a social movement
    2. cooperation between two subjects with a mutual feeling of control is what James M. Dow, Associate Professor of Philosophy at Hendrix College, defines as "joint agency."
    3. Individual agency is when a person acts on his/her own behalf
    4. describes three types of agency: individual, proxy, and collective
    1. Table of Contents

      The ideas included here are just a start. The hope is that the community helps add, refine, even remove ideas that don't meet our bar. If you see some ideas or disciplines that you think are missing, let us know! https://ltcwrk.com/contact/

    1. Blogs tend towards conversational and quotative reuse, which is great for some subject areas, but not so great for others. Wiki feeds forward into a consensus process that provides a high level of remix and reuse, but at the expense of personal control and the preservation of divergent goals.

      And here it is, the key to the universe!

      We need something that is a meld between the wiki and the blog. Something that will let learners aggregate, ponder, and then synthesize into their own voice. A place where they can create their own goals and directions.

    1. Out of Scope The following details what is outside of the scope of support for GitLab.com customers with a subscription.
    2. The GitLab.com support team does offer support for: Account specific issues (unable to log in, GDPR, etc.) Broken features/states for specific users or repositories Issues with GitLab.com availability
    3. Out of Scope The following details what is outside of the scope of support for self-managed instances with a license.
    1. Code Owners allows for a version controlled single source of truth file outlining the exact GitLab users or groups that own certain files or paths in a repository.
    1. quantum blockchain

      Do they really use a quantum blockchain? What exactly do they mean by that? Probably just a buzzword they're using to attract interest but aren't actually meaning literally.

    2. Did the marketing team create a new landing page that isn't searchable? Osano is aware of hidden pages and keeps you in the loop about what is loaded where – everywhere on your site.

      How would it "know" about hidden pages unless the site owner told them about their existence? (And if that is the case, how is this anything that Osano can claim as a feature or something that they do?) If it is truly hidden, then a conventional bot/spider wouldn't find it by following links.

    1. Most web browsers are set by default to protect your privacy unless you opt for tracking yourself. For example, Internet Explorer automatically enables its “Do Not Track” option and Google Chrome blocks any 3rd-party cookies by default.
    1. These options have almost deceptively similar wordings, with only subtle difference that is too hard to spot at a glance (takes detailed comparison, which is fatiguing for a user):

      1. can use your browser’s information for providing advertising services for this website and for their own purposes.
      2. cannot use your browser’s information for purposes other than providing advertising services for this website.

      If you rewrite them to use consistent, easy-to-compare wording, then you can see the difference a little easier:

      1. can use your browser’s information for providing advertising services for this website and for their own purposes.
      2. can use your browser’s information for providing advertising services for this website <del>and for their own purposes</del>.

      Standard Advertising Settings

      This means our ad partners can use your browser’s information for providing advertising services for this website and for their own purposes.

      Do Not Share My Information other than for ads on this website

      This means that our ad partners cannot use your browser’s information for purposes other than providing advertising services for this website.

    1. Taxonomy, in a broad sense the science of classification, but more strictly the classification of living and extinct organisms—i.e., biological classification.

      I don't think the "but more strictly" part is strictly accurate.

      Wikipedia authors confirm what I already believed to be true: that the general sense of the word is just as valid/extant/used/common as the sense that is specific to biology:

      https://en.wikipedia.org/wiki/Taxonomy_(general) https://en.wikipedia.org/wiki/Taxonomy_(biology)

    1. The GDPR permits data transfers of EU resident data outside of the European Economic Area (EEA) only when in compliance with set conditions.
    2. In order to comply with privacy laws, especially the GDPR, companies need to store proof of consent so that they can demonstrate that consent was collected. These records must show: when consent was provided;who provided the consent;what their preferences were at the time of the collection;which legal or privacy notice they were presented with at the time of the consent collection;which consent collection form they were presented with at the time of the collection.
    3. Because consent under the GDPR is such an important issue, it’s mandatory that you keep clear records and that you’re able to demonstrate that the user has given consent; should problems arise, the burden of proof lies with the data controller, so keeping accurate records is vital.
    4. Keeping comprehensive records that include a user ID and the data submitted together with a timestamp. You also keep a copy of the version of the data-capture form and any other relevant documents in use on that date.
    5. they’ve contested its accuracy
    6. Territorial point of view
    1. Customizability is a popular word that arose of jargon in software and computer related circles . It is not yet a formally recognized and would not be correct utilized it is not yet a formally recognized and would not be correct utilized in formal writing outside of its common reference to the flexibility of a design and it's ability to be altered to fit the user.
    1. The folks at Netlify created Netlify CMS to fill a gap in the static site generation pipeline. There were some great proprietary headless CMS options, but no real contenders that were open source and extensible—that could turn into a community-built ecosystem like WordPress or Drupal. For that reason, Netlify CMS is made to be community-driven, and has never been locked to the Netlify platform (despite the name).

      Kind of an unfortunate name...

    1. after nearly 10 years of continuous improvement

      Not necessarily a good or favorable thing. It might actually be preferable to pick a younger software product that doesn't have the baggage of previous architectural decisions to slow them down. Newer projects can benefit from both (1) the mistakes of previously-originated projects and (2) the knowledge of what technologies/paradigms are popular today; they may therefore be more agile and better able to create something that fits with the current state of the art, as opposite to the state of the art from 10 years ago (which, as we all know, was much different: before the popularity of GraphQL, React, headless CMS, for example).

      Older projects may have more technical debt and have more legacy technologies/paradigms/integrations/decisions that they now have the burden of supporting.

    2. open source

      So open-source that there is no link to the source code and a web search for this product did not reveal where the source code is hosted.

      They're obviously using this term merely as a marketing term without respect for the actual meaning/principles of open source.

    1. "linked data" can and should be a very general term referring to any structured data that is interlinked/interconnected.

      It looks like most of this article describes it in that general sense, but sometimes it talks about URIs and such as if they are a necessary attribute of linked data, when that would only apply to Web-connected linked data. What about, for example, linked data that links to each other through some other convention such as just a "type" and "ID"? Maybe that shouldn't be considered linked data if it is too locally scoped? But that topic and distinction should be explored/discussed further...

      I love its application to web technologies, but I wish there were a distinct term for that application ("linked web data"?) so it could be clearer from reading the word whether you meant general case or not. May not be a problem in practice. We shall see.

      Granted/hopefully most use of linked data is in the context of the Web, so that the links are universal / globally scoped, etc.

    1. This change was made because GitLab License Management is now renamed to GitLab License Compliance. After review with users and analysts, we determined that this new name better indicates what the feature is for, aligns with existing market terminology, and reduces confusion with GitLab subscription licensing features.
    1. Thickness of the neck

      However you represent the head, whether it is relatively simply yet characteristic, or incredibly refined, you can now identify the start of the neck from the chin. The digastric plane is the bottom plane, it gives the head thickness. It will be useful when drawing the head from other angles - the biggest hurdles is working in a flat 2d plane while seeking to depict volume.

      The gesture from the chin to the bottom of the neck is curved and downward. It is better to make the neck a little too long than too short. You then come from the bottom of the skull, the key here will be not to make the back of the neck too skinny.

      Notice that the neck starts very low in the front and very high in the back. Think of your shirt collars, it sits high in the back and low at the front.

    1. Sure, anti-spam measures such as a CAPTCHA would certainly fall under "legitimate interests". But would targeting cookies? The gotcha with reCAPTCHA is that this legitimate-interest, quite-necessary-in-today's-world feature is inextricably bundled with unwanted and unrelated Google targeting (cookiepedia.co.uk/cookies/NID) cookies (_ga, _gid for v2; NID for v3).
    1. This kind of cookie-based data collection happens elsewhere on the internet. Giant companies use it as a way to assess where their users go as they surf the web, which can then be tied into providing better targeted advertising.
    2. For instance, Google’s reCaptcha cookie follows the same logic of the Facebook “like” button when it’s embedded in other websites—it gives that site some social media functionality, but it also lets Facebook know that you’re there.
    1. For convenience, conventions have been developed about the precedence of the logical operators, to avoid the need to write parentheses in some cases. These rules are similar to the order of operations in arithmetic. A common convention is:
    1. Explicit Form (where the purpose of the sign-up mechanism is unequivocal). So for example, in a scenario where your site has a pop-up window that invites users to sign up to your newsletter using a clear phrase such as: “Subscribe to our newsletter for access to discount vouchers and product updates!“, the affirmative action that the user performs by typing in their email address would be considered valid consent.
    2. It’s always best practice to either simply follow the most robust legislations or to check the local anti-spam requirements specific to where your recipients are based.
    1. the data subject has explicitly consented to the proposed transfer, after having been informed of the possible risks of such transfers for the data subject due to the absence of an adequacy decision and appropriate safeguards;
    2. In the absence of an adequacy decision pursuant to Article 45(3), or of appropriate safeguards pursuant to Article 46, including binding corporate rules, a transfer or a set of transfers of personal data to a third country or an international organisation shall take place only on one of the following conditions:

      These conditions are individually sufficient and jointly necessary (https://hyp.is/e0RRFJCfEeqwuR_MillmPA/en.wikipedia.org/wiki/Necessity_and_sufficiency).

      Each of the conditions listed is a sufficient (but, by itself, not necessary) condition for legal transfer (T) of personal data to a third country or an international organisation. In other words, if any of those conditions is true, then legal transfer is also true.

      On the other hand, the list of conditions (C; let C be the disjunction of the conditions a-g: a or b or c ...) are jointly necessary for legal transfer (T) to be true. That is:

      • T cannot be true unless C (one of a or b or c ...) is true
      • if C is false (there is not one of a or b or c ... that is true), then T is false
      • T ⇒ C
      • C ⇐ T
    1. generic-sounding term may be interpreted as something more specific than intended: I want to be able to use "data interchange" in the most general sense. But if people interpret it to mean this specific standard/protocol/whatever, I may be misunderstood.

      The definition given here

      is the concept of businesses electronically communicating information that was traditionally communicated on paper, such as purchase orders and invoices.

      limits it to things that were previously communicated on paper. But what about things for which paper was never used, like the interchange of consent and consent receipts for GDPR/privacy law compliance, etc.?

      The term should be allowed to be used just as well for newer technologies/processes that had no previous roots in paper technologies.

    1. it has been inferred by many that the validity of consent could degrade over time
    2. Where a processing activity is necessary for the performance of a contract.

      Would a terms of service agreement be considered a contract in this case? So can you just make your terms of service basically include consent or implied consent?

    3. “Is consent really the most appropriate legal basis for this processing activity?” It should be taken into account that consent may not be the best choice in the following situations:
    1. EU law prohibits the personal data of EU citizens from being transferred outside the EU to countries which do not ensure an adequate level of protection for that data.
    2. This framework serves the purpose of protecting Europeans’ personal data after the transfer to the US and correlates with GDPR requirements for Cross Boarder Data Transfers.
    1. Though not always legally required, terms & conditions (also called ToS – terms of service, terms of use, or EULA – end user license agreement) are pragmatically required
    2. It’s useful to remember that under GDPR regulations consent is not the ONLY reason that an organization can process user data; it is only one of the “Lawful Bases”, therefore companies can apply other lawful (within the scope of GDPR) bases for data processing activity. However, there will always be data processing activities where consent is the only or best option.
    1. If you’re a controller based outside of the EU, you’re transferring personal data outside of the EU each time you collect data of users based within the EU. Please make sure you do so according to one of the legal bases for transfer.

      Here they equate collection of personal data with transfer of personal data. But this is not very intuitive: I usually think of collection of data and transfer of data as rather different activities. It would be if we collected the data on a server in EU and then transferred all that data (via some internal process) to a server in US.

      But I guess when you collect the data over the Internet from a user in a different country, the data is technically being transferred directly to your server in the US. But who is doing the transfer? I would argue that it is not me who is transferring it; it is the user who transmitted/sent the data to my app. I'm collecting it from them, but not transferring it. Collecting seems like more of a passive activity, while transfer seems like a more active activity (maybe not if it's all automated).

      So if these terms are equivalent, then they should replace all instances of "transfer" with "collect". That would make it much clearer and harder to mistakenly assume this doesn't apply to oneself. Or if there is a nuanced difference between the two activities, then the differences should be explained, such as examples of when collection may occur without transfer occurring.

    1. Though not always legally required, a Terms & Conditions (T&C) document (also known as a Terms of Service, End-user license agreement or a Terms of Use agreement) is often necessary for the sake of practicality and safety. It allows you to regulate the contractual relationship between you and your users and is therefore essential for, among other things, setting the terms of use and protecting you from potential liabilities.
    2. For this reason, it’s always advisable that you approach your data processing activities with the strictest applicable regulations in mind.
    3. Meet specific requirements if transferring data outside of the EAA. The GDPR permits data transfers of EU resident data outside of the European Economic Area (EEA) only when in compliance with set conditions.
    1. the GDPR restricts transfers of personal data outside the EEA, or the protection of the GDPR, unless the rights of the individuals in respect of their personal data is protected in another way
    1. it buys, receives, sells, or shares the personal information of 50,000 or more consumers annually for the business’ commercial purposes. Since IP addresses fall under what is considered personal data — and “commercial purposes” simply means to advance commercial or economic interests — it is likely that any website with at least 50k unique visits per year from California falls within this scope.
    1. What I don't like is how they've killed so many useful extensions without any sane method of overriding their decisions.
    2. I know, you don't trust Mozilla but do you also not trust the developer? I absolutely do! That is the whole point of this discussion. Mozilla doesn't trust S3.Translator or jeremiahlee but I do. They blocked page-translator for pedantic reasons. Which is why I want the option to override their decision to specifically install few extensions that I'm okay with.
    3. The only reason why your workaround isn't blocked as well is because it has additional steps that don't explicitly breach Mozilla's policies. But it certainly defeats the spirit of it.
    4. What's terrible and dangerous is a faceless organization deciding to arbitrarily and silently control what I can and can not do with my browser on my computer. Orwell is screaming in his grave right now. This is no different than Mozilla deciding I don't get to visit Tulsi Gabbard's webpage because they don't like her politics, or I don't get to order car parts off amazon because they don't like hyundai, or I don't get to download mods for minecraft, or talk to certain people on facebook.
    5. They don't have to host the extension on their website, but it's absolutely and utterly unacceptable for them to interfere with me choosing to come to github and install it.
    6. I appreciate the vigilance, but it would be even better to actually publish a technical reasoning for why do you folks believe Firefox is above the device owner, and the root user, and why there should be no possibility through any means and configuration protections to enable users to run their own code in the release version of Firefox.
    7. I will need to find a workaround for one of my private extensions that controls devices in my home network, and its source code cannot be uploaded to Mozilla because of my and my family's privacy.
    1. potentially dangerous APIs may only be used in ways that are demonstrably safe, and code within add-ons that cannot be verified as behaving safely and correctly may need to be refactored
    2. If the add-on is a fork of another add-on, the name must clearly distinguish it from the original and provide a significant difference in functionality and/or code.
    1. Apparently Firefox does have translation built-in, it's just not enabled due to lack of usage agreement / API keys. https://hg.mozilla.org/mozilla-central/rev/a3eb8e502006