US politics, privacy 

Looking at it on OpenStreetMap, the U.S. Capitol is much further from the White House than you might expect. It's right across from the Supreme Court, though.

To show you the power of cultural unity, I sawed this Roman Empire in half!

*several hundred years later*

Oh.

The Linux-stable maintainer, and some other kernel maintainers, currently recommend disabling Simultaneous Multi-Threading/Hyper-Threading due to similar vulnerabilities, esp. in Intel chips. Again, it's probably better to take the performance hit. Think hard about the risks before leaving yourself unprotected if you have any sensitive information.

It's going to be a while before CPU manufacturers figure out how to ensure the safety of CPU-overcommit features like SMT and speculative execution.

A lot of people still haven't fully grasped the severity of speculative execution vulnerabilities like Spectre and Meltdown.

> All Intel processors manufactured since circa 1995 are thought to be vulnerable, except some specific/old models, such as some early Atoms.

These vulnerabilities affect almost all modern CPUs in very serious ways, and they can only be partially defended against in software.

Install the patches and take the hit. It's better than losing a private key or something.

Websites should work without JavaScript. If you disable JavaScript and your site becomes unusable, you need a redesign. It doesn't have to work as well as with JavaScript (if that were the case, you wouldn't use JS at all, right?), but it should still function well enough to read or use.

Someone: What are your bad takes?
Me: On the advice of my counsel, I must respectfully decline to answer on the grounds that my response may be interpreted so as to incriminate me.

There's an apocryphal (as far as I know) story that Netscape considered embedding Python as the Web scripting language at one point.

It is horribly saddening to me, if this is true, that they chose to roll their own instead, and we ended up with JavaScript.

Being a programmer hurts sometimes because you see some software for sale and your reaction is "I could make that in a couple hours tops" but you don't have the free time and so some idiot continues making $20 every time someone wants to [insert simple task].

DSS 14 receiving data from MAVEN at 11b/s.
IN LOCK OFF 1 MCD2

Out of curiosity I installed the Microsoft Edge 2.x beta at work. It actually has an anti-tracking feature. When I checked the history for the anti-tracking system, the top of the list was that it had blocked 6 Microsoft trackers

I think Microsoft is shooting themselves in the foot a bit... I don’t know if it's the Edge people shooting the ad people in the foot, or vice versa, or if it's a sort of mutual foot-shootage situation, but somebody's getting shot in the foot.

I am a
[ ] Man
[ ] Woman
[x] Programmer
looking for a
[ ] Man
[ ] Woman
[x] Code reviewer

:blobnotlike: blocking ads is evil grr
:blobuwu: HTTP is a pull-based medium. it is within the original philosophy of HTTP to selectively pull the data, for example, a device that doesn't support images won't download them. by circumventing ad "blocking", you are spitting in the face of HTTP. a more accurate term would be ad rejection. ads are not "blocked", they are simply not asked for.

What are your preferred FOSS licenses?

I use MPL2 for my Real Projects, MIT/Expat for non-serious projects, and Creative Commons Zero for code samples or things that I don't want credit for (because they are awful).

x-posted from Twitter 

Show more
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.