Just an alien intelligence curious about humans ;)

They/Them. My name is pronounced “Ah–Eks-si — Rookh” (ending in that Germanic “ch” sound)

  • 0 Posts
  • 33 Comments
Joined 3 years ago
cake
Cake day: July 28th, 2021

help-circle
  • aexiruch@lemmy.mltoPrivacy@lemmy.ml*Permanently Deleted*
    link
    fedilink
    arrow-up
    8
    arrow-down
    1
    ·
    3 years ago

    There is no good reason to risk any amount. It is ridiculously idiotic; like having a wallet on the outside of your car to pay for parking tickets… sure, it’s a tiny bit more convenient and as long as you’re either driving or parking your car in a garage most of the time it’s unlikely the money will be stolen, but who the fuck thinks it’s a good idea? Also note the risk of the reverse; Cryptocurrencies are a juicy target and lot’s of code has been found exploitable over the years. I’d be just as worried about an exploit in that part leading to a breach into the messenger security… It is a fundamentally stupid idea to combine these.






  • Haven’t watched the video, but I’ve had interactions with Daniel Micay and… Not exactly pleasant. Very sure of having the one true way™ and unwilling to consider people may have slightly different threat models. Got accused of being an astroturfer for CalyxOS instead (Have never used it, my arguments aimed at Puri.sm-style hardware switches). Am still using Graphene, because it comes closest to my needs, but the whole thing sure left a bad taste in my mouth (and I steadfastly abstain from conversations where Micay is likely to get involved). But then, I’ve similar experiences with OpenBSD, Exherbo Linux, and pulseaudio and systemd. There is a type of developer that manages to force their vision on a project with singular zeal, but is very unpleasant to even slightly challenge. Your only real choice is to subscribe to that vision to a potentially uncomfortable degree, or to dismiss the project.



  • Professionally I am an “Architect” and not much involved in system config (anymore), what I describe below is how I do things for my own, private, servers: Not a big fan of docker, it too often means “cobbled together by a dev not understanding security implications” aka “Institutionalized ‘works on my machine’” (of course there are exceptions!). Generally I like using Ansible, because it feels close to how I learned things (ssh, manually), while still making things reproducible (Infrastructure as Code). But, again, not too big a fan of using other peoples “roles”, because you never know how well they actually understand what they’re doing. I read them for a rough understanding, but usually opt to write my own, based on careful reading of a given software’s config manual.


  • That applies to science, hypotheses, experiments, etc. and there I fully and wholeheartedly agree. But being one of thousands to implement a Bubble Sort has marginal educational value unless you are truly surprised it’s not exactly efficient. It might very well differ between different universities; in mine the “science” in “CS” was mostly absent until you started working on your PhD, and the rest wasn’t even good engineering, just “trying to filter out as many students as possible, as quickly as possible, by all means necessary”. They openly admitted that, and in my case they succeeded, by killing the joy of understanding and burying it under ten feet of “now reimplement this thing that has been proven worthless sixty years ago”.


  • I dropped out of university (I couldn’t stand being one of literally thousands working on the exact same problem, at the same time, that thousands more had solved in prior years, for decades; I wanted to solve new and real problems). I registered as “looking for work” with the appropriate government agency and their first reaction was an exasperated “Oh my! You’ll need a good coach…”. Not the most encouraging reaction… Well, they did send me a bunch of local companies with internships, entry level jobs, etc. I applied for an internship starting next month at a really small shop that did “everything web” and during the interview they asked whether I could start tomorrow 😛 (Obviously they were a coder short for an important project, but they were very happy about my knowledge and skills). I seamlessly transitioned into vocational training with the same company, which was mostly pro-forma given my background (So instead of “university drop-out” I had something to put on my CV). Later I was on loan to another, mid-size, company (which didn’t know I was still, technically, a trainee) and they offered to hire me directly. I came clean about my trainee status, switched companies, finished my training, and was hired by that same company on the spot. Stuck with them a couple of years, until they didn’t promote me from “technical project lead” to “software architect” because they only had one opening and someone else was picked (Looking back I think I would have made the same choice, so I hold no grudge), and given the company’s size that meant there likely wouldn’t be another opportunity for some years, which irked me 😛









  • As I said, I have reservations about Signal, but I have not found one where I have fewer, so… As to “the” openPGP “app” and literal missile launch codes, it really depends on what exactly that app is (there are many implementations of RFC4880) and on what environment it is running. Most likely it’s adequate for normal people though ;) I use GnuPG 2.x on QubesOS, and OpenKeychain on GrapheneOS, but I’m a cryptology-nerd who enjoys coming across slightly paranoid ;)


  • Fair enough, I was feeling a bit cheeky ;) I guess you really mean digital, electronic, semi-instantaneous, text-based communications, aka “instant messenger”. I tend to be very careful with recommendations, they always can turn out to be bad advice… For what it’s worth I use either email with GnuPG or Signal. I have a long list of caveats for both, but I do use them…


  • A face-to-face conversation, held in a proper SCIF (Secure Compartmentalized Information Facility), with no decorations, transparent furniture, the best sound isolation you can buy (think bottom of a salt mine and still wrapped in isolating material), no windows, no air-conditioning, shielded from thermal imaging, bring no devices at all, and all participants stark naked (ideally you’d add body cavity search and MRI); That way you can avoid most eaves-dropping.