Maybe that section of highway could easily be cleared in time with a warning system, like when we warn for crossing trains. A wall doesn't have to be the only solution.
My modern dishwasher is also very kind, and displays the time to end in minutes throughout the wash. Counting down from an hour. But I don't know what kind of upbringing it had, for some reason, the sneaky bastard always adds another 25 minutes, when there is supposedly only 10 minutes left.
I guess dishwasher years are like dog years. At least it definitely behaves like a teenager at 2 years old, finishing when it wants to finish. Estimates be damned.
Why the hell does npm support a postinstall script? There really shouldn't be a need to run arbitrary code provided by the package for something like this.
The package itself is arbitrary code. You're running arbitrary code either way whether it's preinstall, install, post install, or when the package code gets ran.
It's common to need to setup tool chains for code that gets compiled (i.e. a node module that adds language bindings to a C library)
NodeJS isn't very sandboxed. Many "dev libraries" are native and will either download and link to binary blobs, or build e.g. C code, which AFAICT is what all the various install scripts are for.
It seems like a bad design choice, that, besides allowing for running untrusted code directly at download time, also makes it difficult to properly mirror artifacts, and I'd assume, make platform portability inconsistent, at best.
The xz backdoor was an example of exploiting this disconnect. It was not present in the repository, it was inserted only into the release artifacts. Anyone getting xz by checking out the repository and building it themselves, would not be affected by it.
Right but it was injected from data in a "corrupt" xz file in the repo under certain conditions
>This injects an obfuscated script to be executed at the end of configure. This
script is fairly obfuscated and data from "test" .xz files in the repository.
>The files containing the bulk of the exploit are in an obfuscated form in
tests/files/bad-3-corrupt_lzma2.xz
tests/files/good-large_compressed.lzma
committed upstream
I have a toddler, and that has changed my view on it a bit, from the same starting point you are expressing.
With the social pressure going on, I expect she'll get a smartphone earlier that I'd honestly prefer (not that we are there any time soon), and quite a bit before she's a teenager.
So I honestly expect we'll be location sharing for a while, but I don't expect it to continue into the teenage years. By then it'll be up to her, if she wants to continue sharing it.
Why would her having a smartphone lead to an expectation of location sharing? I completely expect my five year old son to have the freedom to just not have his future gadgets on him if he so prefers when he gets to the age that a smartphone is unavoidable, and I certainly don't expect him to let us track him.
Hopefully the age where a smartphone becomes a requirement to not be marked as a social outcast will gradually rise again.
> With the social pressure going on, I expect she'll get a smartphone earlier that I'd honestly prefer (not that we are there any time soon), and quite a bit before she's a teenager.
Our kids (8 & 10) keep telling us nearly every kid in their class has a smartphone, but we're still not letting them have one. Fuck social pressure; that's an important lesson to be learned in itself.
I do not understand how anyone can be so categoric about this - it should not depend on peer pressure but also it should not be dictated by some ideologies. Phones (instant communication actually) is part of modern world and is here to stay and children should learn it as fast as they are able to handle it. Otherwise there is a danger of being left out for them. And at their age there is few other equal things that can make or break their future as being accepted by their peers.
And of course not all children are the same so you need to know yours and decide on case by case basis (my dauther got her first phone when she was 9, my son on the other hand will have to wait)
> And at their age there is few other equal things that can make or break their future as being accepted by their peers.
Hard disagree to this idea as justification for purchasing something for a kid.
The most useful gift that my parents gave me is a cultivated disregard for what is popular. It's not that I go out of my way to alienate my peers—I try to get along well with everyone and it mostly works—but the habit of wanting to participate with the crowd is one that I've watched hamper many a life, and the lack of that habit has allowed me to get a lot further in my career and in my personal and social life than most of my peers.
I'm guessing you are in software dev or something auxiliary to it? And probably you were passable in STEM topics at school?
Then maybe, just maybe, your whole career is just happy accident of right time (software eating world) and right predispositions (STEM).
I know mine is.
And if I would not have that I would be earning what 85% of my peers here in Poland do (barely enough to pay bills).
The only ones that are doing ok without this are the ones that invested everything in social skills (by happy accident of not having socially akward parents or by themselfs intuitively knowing that your group is everything).
So this is just implementation of my deepest believe that the best what we can do for our children is to make them as socially sklled as possibile. And limiting channels of communication does not look like a good way to this.
Of course Im not advocating unlimited access to everything for everyone - it depends on emotional development and predispositions.
Jonathan Haidt’s The Anxious Generation and other books and investigations on the topic of childhood smartphone usage are only starting to get traction.
They are pointing out that what the previous commenter said was ridiculous, by saying the same thing with merely other variables swapped in which more obviously illustrates how ridiculous the original statement was.
Yes, it's called a "false analogy", a typical informal fallacy.
There is nothing ridiculous about the fact that people-that-use-more-than-average (over-users: p>.5) are compensated by people-that-use-less-than-average (under-users: p<.5) to establish an average... it's called spread.
Maybe we can agree they are still _mostly_ at gateway. But their ambition to answer your question through zero-clicks (i.e., show the answer right in their search results) does make them profit from direct copying. The copyright owner will not get any clicks, show any adds, or get any other kind of feedback to their work, in those cases.
Yeah, for sure, Google wants to show the answer on the results page, and for many search queries they're able to achieve this in one way or another -- either through the knowledge graph, the question-answering slop, or in the snippets of text pulled from the search results themselves. They do, at least, show links to sources in these cases, which is better than ChatGPT (or Bard, to the extent that it's used). But I agree that there's not a lot of short-term incentive for Google to cite sources in a prominent way, and there is a lot of incentive for them to develop features that replace the websites that made them valuable in the first place. There's always been an uneasy bargain between Google and webmasters, and there's always been a tension between what's best for the Google user, best for Google, and best for the Web. If there's a similar bargain with OpenAI, I don't see them approaching it with nearly as much respect: source attribution has not been prioritized in any meaningful way.
We'll find a way to use up what they can provide :-)
With 64GB ram and our infrastructure defined with NixOS, I find myself building and spinning it up locally (in test mode) as part of working on it. Having ~10 VMs running locally with 2-3 GB of ram each quickly adds up.
It feels a little dirty, but it's really nice to have the possibility. :-)
reply