Federated Republic of Sean @freakazoid@retro.social

Due to the influx of Tumblr refugees and spambots, I will not accept follow requests from people without profiles or a posting history that is interesting enough to make it clear you're not a bot.

If I've followed you and never authorized you to follow me, that's a mistake, so please let me know if you're in that situation. Not that you'll see this.

FTR the only thing I get at all irritated about people not CWing is super long posts that require a bunch of reading for me to decide if I'm interested in reading it or not. Well, and super long posts generally, but I'll acknowledge that not auto-collapsing those is a misfeature in the various frontends.

I'll gladly CW stuff that triggers people who follow me because of past trauma or whatever. But if it's just stuff you don't want to read, this is why we get to choose whom to follow.

I made a post that I can direct people at so they're not surprised when I say stuff they don't like, just because I happened to also say some stuff they did like.

https://undergroundeconomist.com/post/178417661943

Please fill out a profile and post some stuff before trying to follow me, or send me a DM introducing yourself.

Walking into Lush as a dude they're like "YOU LOOK LIKE YOU NEED HELP!"

And I did. So that's nice.

Apparently FreeBSD versions prior to 11.2-something could potentially allow unprivileged users that could talk to it over NFSv4 to execute arbitrary code. It seems unlikely that you're running FreeBSD with NFS open to the Internet, but I did recently say that was a perfectly valid thing to do.

https://nvd.nist.gov/vuln/detail/CVE-2018-17157

Superconductivity at temperatures that are no longer in any sense cryogenic (250K), but at huge pressure (170 gigapascals). Cost is really what's important from a practicality standpoint, but this is still interesting because of the model that successfully predicted it, which could lead to more materials.

https://www.technologyreview.com/s/612559/the-record-for-high-temperature-superconductivity-has-been-smashed-again/

Google managed to introduce YET ANOTHER SECURITY HOLE into G+, so they're shutting down the consumer version EVEN FASTER. This tells me that they're unwilling to put effort into software that doesn't make them money, so we should expect to see security holes and surprise shutdowns in everything except Search and Ads.

https://blog.google/technology/safety-security/expediting-changes-google-plus/

https://cloud.literati.org/index.php/s/gAJB2MJ5Yzo9w7R

San Jose is about to unveil it's "Emergency Sleeping Cabin" prototype. Emergencies are by definition temporary, but the housing crisis in the SF Bay Area has no end in sight.

(Or realizes that their graphql queries become SQL queries on the backend.)

Oh, you wanted to limit your query, not LIMIT your query.

I need to remember that not everyone thinks in SQL.

If you think you're only scaling the need for human intervention linearly as you scale up your service, you're almost certainly scaling it superlinearly in reality, because by default it will scale not only with the number of servers, but with the number of different interdependencies as well. Scaling the need for human intervention linearly or below requires careful design.

It's only technical debt if you have a plan to pay it back. Otherwise it's just bad technical decisions.

Just took NPM's interminably long survey. Only a couple questions even indirectly addressed security; the only way to say "I think NPM security is a trash fire" was to NOT check "Community code is safe" as an option in one of the questions.

Guess we aren't going to be seeing any security improvements anytime soon.

Turned off auto-renew on all my domain names and transferred the ones I want to keep from Google Domains to Gandi. Anyone want forktheweb.org?