Wes's recent activity
-
Comment on Microsoft postpones Windows Recall after major backlash in ~tech
-
Comment on Microsoft postpones Windows Recall after major backlash in ~tech
Wes Link ParentThat's interesting, thanks for sharing. I haven't bought an OEM PC in a long time so I didn't know that had policy had changed. I wonder then if they've made it a little more seamless, as in the...That's interesting, thanks for sharing. I haven't bought an OEM PC in a long time so I didn't know that had policy had changed. I wonder then if they've made it a little more seamless, as in the past it's felt very disconnected from Windows as a whole.
I'd definitely not want to upload a private key like that to an online account, but I suppose it's easier for them than having tens of thousands of people lose access to their files because they forgot their password.
-
Comment on What are you reading these days? in ~books
Wes Link ParentHandy link: https://tildes.net/~books/1geb/tildes_book_club_discussion_the_dispossessed_by_ursula_le_guin I enjoyed the book a lot too, @archevel, and had some similar thoughts as you. Wish you'd...Handy link: https://tildes.net/~books/1geb/tildes_book_club_discussion_the_dispossessed_by_ursula_le_guin
I enjoyed the book a lot too, @archevel, and had some similar thoughts as you. Wish you'd been able to participate in the discussion last month!
-
Comment on Microsoft postpones Windows Recall after major backlash in ~tech
Wes Link ParentI do understand that Recall is not a backup system. One of the primary concerns being raised though is that if your PC is compromised, that it's not just current data but historical data that is...I do understand that Recall is not a backup system. One of the primary concerns being raised though is that if your PC is compromised, that it's not just current data but historical data that is put at risk. That's why I draw the comparison to local backups, as they present a similar concern but haven't received the same scrutiny. The differences between the two isn't really important though, since I was making the larger point that the issue isn't so much about the data being stored, but that it's so easily accessed by local software.
Windows has received a number of security features over the years, such as address layout randomization, kernel driver protection, and permission requirements for some system directories (as you mentioned). These do undoubtedly help. But the problems I was talking about go deeper.
For example, software can be (and sometimes has to be) installed at the system-level instead of the user level. This means that one user can affect what another user has installed. Though I've not tested it, I bet that software can be set to auto-run.
Additionally, passwords are little more than suggestions. While it may be difficult to log in directly as a user without their password, it's trivial to read their files by spinning up the hard drive and mounting it manually. Yes both of these attacks require some kind of local access, but in the case of Recall we're assuming that the PC has already been pwned, so it's not such a reach.
Just to mention, yes I do know about BitLocker. But it's not typically used on consumer devices, and it requires a second password which is a big turn off. I would much rather see its features integrated into an encrypted filesystem, or even full-disk encryption for single-user devices.
I'm happy to concede that Microsoft has made some gains here. In particular the NTFS file system and Windows Vista's stricter rules on drivers were huge improvements to stability. Windows though is still a massive house of cards. In every release they add a new layer of paint, but those first million lines of code decisions will probably be there forever.
-
Comment on Advice for hosting (and building) a personal website in ~comp
Wes Link ParentHonestly I think you'd be happiest just building a plain old HTML website. No need for a static site generator, database, or anything complex. Just write the markup and styles yourself, throw it...Honestly I think you'd be happiest just building a plain old HTML website. No need for a static site generator, database, or anything complex. Just write the markup and styles yourself, throw it up on GitHub Pages or Netlify and point a domain at it. There's your website.
If you want to add a blog or more dynamic functionality in the future, you can always apply those skills to something new. But it's never a bad choice to start with the basics.
-
Comment on Microsoft postpones Windows Recall after major backlash in ~tech
Wes LinkI feel like while the concern raised over Recall is valid, much of it has missed the mark. The real root of the problem is that Windows is not a secure OS. If software is allowed to run, it can...- Exemplary
I feel like while the concern raised over Recall is valid, much of it has missed the mark. The real root of the problem is that Windows is not a secure OS. If software is allowed to run, it can access almost everything. There are a few areas that are loosely cordoned off (like system files), but for the most part once you have malware, your system has been completely pwned.
This is why cryptolockers are so devastating to businesses. Techniques like append-only writing need to be utilized because otherwise they can wipe out your whole system. This is also why schools and organizations tend to run extremely stripped down computers like Chromebooks, and rely heavily on VPNs. They can't trust your PC, so they build a wall and offer extremely limited ways to interact through it.
Recall is really not much worse than other backup systems like Shadow Copies or Apple's Time Machine. It's easily searchable due to its database, but it doesn't do anything conceptually different. If you get malware, your files and their history can be accessed just as usual. I don't find it surprising then that Microsoft didn't foresee the problem when designing Recall. The problem cuts deeper, and Recall only exposes it.
For obvious reason it isn't possible to rearchitect Windows at this stage. Tens of thousands of software tools are written with the assumption that they can do whatever they want once running, and introducing new walls will cause them to crash or fail in unexpected ways. Arguably Windows on ARM could have been the time to go back and redesign things, but that task is a massive undertaking, and would have made it even more difficult to create compatibility layers to support x86 applications on ARM. Most attempts at doing Windows "right" from the ground-up have failed within Microsoft.
It's too bad, because I'd love to see a modern redesign of desktop operating systems (most of them have these problems). They weren't built to be multi-user, connected to the web, or with sandboxing in mind. Everything we do is just layering on top of these legacy decisions. A lot of lessons were learned when mobile OSes were designed, so they offer much better sandboxing, isolation, and security layers. But outside of niche projects like immutable filesystems, a complete desktop overhaul is probably not going to happen soon.
It might actually be argued that one of the biggest boons to security has been the move to the web browser. Browsers are sandboxed, as well as they can be, and full sandbox escapes are rare. Even when a website is as evil as it can be, there's not a lot of damage it can actually do today. Now imagine if every website you visited required running an exe on your computer instead. Not great, right?
So today we have this problem. Windows Recall is a genuinely useful feature - especially for people like me with ADHD that constantly lose track of things. Being able to query for information instead of needing to remember exactly where it was could be tremendously helpful. But if running a feature like this (or backups, or storing anything important at all on your PC), you need to understand the risks that malware of other intrusions can also gain access. Maybe they'll be able to improve the security with some form of real-time encryption, but it's likely all stopgap measures.
Still, should the feature ever come to x86 PCs, I think I would at least try it. It's been nearly two decades since I've had a virus, and I already treat my PC with some level of suspicion. I'm also interested in AI applications, especially those that run locally. I think it's just a matter of deciding if the value proposition justifies any increase in attack surface for you. Just bear in mind that if your PC is pwned, it's probably going to be bad whether Recall is installed or not.
-
Comment on Is there a sweetspot for www programming btw. WordPress and tiny web? in ~tech
Wes Link ParentCorrect. Sorry for the acronym, I thought it made sense from context. To get ahead of it, the other acronym I used was TTFB which stands for Time To First Byte. It's a combination of a few...Correct. Sorry for the acronym, I thought it made sense from context.
To get ahead of it, the other acronym I used was TTFB which stands for Time To First Byte. It's a combination of a few different performance metrics: DNS lookup, TLS exchange, page generation, and distance between client and server. But page gen is the easiest factor to control for, without adding a CDN (content distribution network) into the mix.
-
Comment on Is there a sweetspot for www programming btw. WordPress and tiny web? in ~tech
Wes (edited )LinkIt sounds like SSGs could be a good option for your use case. They are well-suited to blogs, and content that doesn't depend on a server. I see your site does have a newsletter signup, but it runs...It sounds like SSGs could be a good option for your use case. They are well-suited to blogs, and content that doesn't depend on a server.
I see your site does have a newsletter signup, but it runs through a third-party so that will still work fine. You also don't have a contact form, so your content would translate well.
SSGs have the advantage of lower TTFBs because they're not built on demand. They're usually not "batteries included", so you're not likely to see extra JavaScript or other content that might slow down your website. If performance is a priority, SSGs are a good approach.
Now with all of that said, your current site is not particularly slow. Most of the heaviest features like the custom web font and reCaptcha library would still be included on an SSG-built site. Additionally, GeneratePress is a very fast WordPress theme. It's modular by design, and most features are opt-in.
If performance is still a concern, I'd start by conducting an audit of your plugins. Plugins are very easy to install, but many do create performance problems. For example I see that both jQuery and Dashicons are being loaded by your site, which means they're probably being enqueued by a plugin. If those features are not needed, cleaning up your unused plugins or finding alternatives might be the best approach.
Actually, why does your site load reCaptcha? I see CF7 is loading as well. Is there a form I'm missing? If not, disabling that plugin will give you an immediate performance boost. Go ahead and disable anything that's not being used.
Earlier I mentioned that SSG pages are generated in advance rather than dynamically. The one plugin I would install is a server-side caching plugin to replicate this behaviour. This will help reduce the time it takes to generate pages, and actually reduce your server resource costs (unlike most plugins). This is the only performance plugin I would recommend - many others create their own problems (such as image lazy loading).
Outside of performance, the other major consideration here is writing. How do you want to write content?
If you enjoy writing Markdown in a text editor and syncing it via git, SSGs are perfect. If you'd like a simple WYSIWYG, there are some frontends that sit in front of SSGs, though your options are more limited. Finally if you want an extensive and powerful editor, then Gutenberg, the default editor in WordPress, is actually a great option.
User experience is an important consideration and I like that you're considering the performance aspect. But your site is actually quite minimal already, and outside of some smaller optimizations I don't think it needs much work. So the writing experience is probably the biggest factor to consider.
I hope that helps. Feel free to ask if you have any questions.
-
Comment on Denmark has recalled several spicy ramen noodle products by South Korean company Samyang, claiming that the capsaicin levels in them could poison consumers in ~food
Wes Link ParentThe 2x and 3x definitely feel much hotter than peppers or sauces at similar Scoville levels. I have to assume that's because you're eating a massive quantity of it. The whole meal is at that...The 2x and 3x definitely feel much hotter than peppers or sauces at similar Scoville levels. I have to assume that's because you're eating a massive quantity of it. The whole meal is at that level, rather than a squirt of hot sauce on your eggs.
Samyang noodles are fantastic, by the way. One of my favourite ramen brands.
-
Comment on What slow-burn game is worth the time? in ~games
Wes LinkMonster Hunter: World, my first Monster Hunter game. Technically I'd played a bit of MH: Tri before on the Wii, but didn't know what I was doing. World was when I learned what a Monster Hunter...Monster Hunter: World, my first Monster Hunter game. Technically I'd played a bit of MH: Tri before on the Wii, but didn't know what I was doing. World was when I learned what a Monster Hunter game really is.
I found the game very frustrating at first. It's mechanically dense, and throws dozens of tutorial prompts at you. The original PC release had a lot of problems, especially with controls (the mouse inputs were virtualized joysticks, which felt awful). I found myself taking lots of breaks, since I was bouncing off the game pretty hard.
But I did stick with it. I began to learn each monster's movements, and how all the game's systems and mechanics worked. I eventually finished the story, all quests, and then everything else I could think of. I worked hard perfecting my build(s), and beating the toughest monsters like Extreme Behemoth.
Eventually Iceborne came out and resolved a lot of pain points I'd had with the base game. Yes the clutch claw was annoying, but so many little issues had been fixed that more than made up for it. I completed this content as well, finished all research, collected all crowns. By the time I put the game down, I'd played for almost 900 hours.
I'm really looking forward to MH: Wilds releasing next year.
Rogue Legacy is a roguelike with permanent progression ("roguelite" if you want to be persnickety). The game starts off slow, and the characters you play as are very weak. As a result it's difficult to make any progress at all. The game requires you to earn some gold, die, and then spend the gold to collect permanent upgrades.
Once you start making some headway with upgrades, the game begins to click a little more. You see a goal, and know how to achieve it. Rather than feeling frustrated at not "winning", you start to see every death as progress. Each death just means you get to be a little bit stronger for your next run.
I've finished both Rogue Legacies 1 and 2, but have definitely played a lot more of the sequel. By the time the game released out of early access, I sat somewhere around New Game+7 with the upgrades essentially maxed out. Once you get used to the combat and systems, I think the game becomes a great podcast companion.
-
Comment on Hunter Biden is convicted of all three felonies in federal gun trial in ~news
Wes Link ParentIt's usually okay to de-editorialize headlines (ie. make them more neutral in tone, or remove misleading statements), but that's different than editorializing it ourselves (ie. adding political...It's usually okay to de-editorialize headlines (ie. make them more neutral in tone, or remove misleading statements), but that's different than editorializing it ourselves (ie. adding political opinion or spin).
In this example, if the submitter wanted to remove mention of president Biden, that likely would have been seen as acceptable. His son Hunter's actions have little bearing on his presidency, so that can be seen as clickbait. However, the current title goes further by injecting opinion to downplay the situation. That is likely inappropriate for Tildes.
My suggestion would be to use the original title, but to strip Joe Biden's name and only mention those involved.
Hunter Biden is convicted of all 3 felonies in federal gun trial
-
Comment on Valve confirms your Steam account cannot be transferred to anyone after you die in ~games
Wes Link ParentUnfortunately, it's a myth. Valve has never made any public comment about stripping DRM from games on Steam, and this whole idea is impractical for any number of reasons. It's nothing but a rumour...Unfortunately, it's a myth. Valve has never made any public comment about stripping DRM from games on Steam, and this whole idea is impractical for any number of reasons. It's nothing but a rumour that subsists on wishful thinking.
-
Comment on Rabbit R1 it's a scam in ~tech
Wes Link ParentThe term was coined by Andrej Karpathy, one of the foremost computer scientists in the field, in his 2015 blog post The Unreasonable Effectiveness of Recurrent Neural Networks. It wasn't created...The term was coined by Andrej Karpathy, one of the foremost computer scientists in the field, in his 2015 blog post The Unreasonable Effectiveness of Recurrent Neural Networks. It wasn't created by a PR firm nor intended for spin.
It's a common misunderstanding to think that hallucinations are a bug or in some way unexpected. LLMs are sophisticated token generation machines. That's all they're really designed to do. The fact that emergent behaviours appear after significant training is very impressive, but it doesn't change their nature.
It's probably easier if you think of every line of text being produced as a hallucination. It just so happens that some of it is accurate. Karpathy wrote about this as well.
-
Comment on Humble Choice - June 2024 in ~games
Wes Link ParentThe teleporter gives off particle effects around it. They look like red sparks, though a few levels use different lighting that can affect the color. You also tend to get a feel for it the more...The teleporter gives off particle effects around it. They look like red sparks, though a few levels use different lighting that can affect the color.
You also tend to get a feel for it the more you play. The teleporter will usually spawn in flatter areas opposite the side you spawned in.
You learn a lot just by playing, and will build an intuition for the game and how it's played. Every death is a learning experience.
-
Comment on The leak of an internal Google database reveals thousands of potential privacy and security issues reported by employees in ~tech
Wes Link ParentI'm impressed by the process too. So much of corporate culture is based around the idea of Covering Your Ass, but here they have a process for reporting incidents to address them quickly, and to...I think the fact the database is so extensive is probably a good thing, since it shows they have a process for employees to report issues so they can address them.
I'm impressed by the process too. So much of corporate culture is based around the idea of Covering Your Ass, but here they have a process for reporting incidents to address them quickly, and to prevent them from recurring. Based on 404's own reporting, the incidents were typically addressed by deleting the data and logging the failing.
I suspect the majority of large companies would prefer instead to erase all evidence of wrongdoing, rather than use it as an opportunity to improve. I'm honestly surprised that this process can even work at a company of this size.
-
Comment on May 2024 Backlog Burner: Conclusion and Recap in ~games
Wes Link ParentI'm actually the same way. I'm often hesitant to start something new because it feels like a commitment. Especially for a large series like Yakuza or Final Fantasy, it feels like starting them is...I have a bad habit of feeling the need to stick through media, this event helped free me both from that and a certain associated anxiety with starting a game, if that makes any sense.
I'm actually the same way. I'm often hesitant to start something new because it feels like a commitment. Especially for a large series like Yakuza or Final Fantasy, it feels like starting them is taking on a massive weight.
However, that's why I appreciate that the Backlog Burner doesn't put a huge emphasis on finishing. It's just about trying things, and seeing what works for you and what doesn't. I feel more comfortable sampling a new game or genre to see if it fits my style or not.
I think for me it's a bit of an OCD tendency I need to get over. I still find myself choosing smaller games for these events (roguelikes, shorter adventure titles), but I applaud those that choose massive JRPGs or similar as their backlog titles.
I'm still trying to find that balance myself, and will probably continue to do so for a while. I may end up playing fewer titles for the next burner, but try to be more daring in choosing longer games instead. There's a lot I've been putting off that I think I'd enjoy.
So in that case, it might actually be better to play a game of golf then, which encourages fewer games that cover more aspects. Will see how I'm feeling come November. :)
-
Comment on May 2024 Backlog Burner: Conclusion and Recap in ~games
Wes Link ParentGreat write-up. Thanks for including so much detail of your process. I'd love to give Animal Crossing another go and see how the formula has evolved. I played the version for the GameCube years...Great write-up. Thanks for including so much detail of your process.
I'd love to give Animal Crossing another go and see how the formula has evolved. I played the version for the GameCube years ago, which I think was a port from an N64 version. I've heard some complaints that New Horizons is too slow, and that a lot of content is time-gated, so maybe New Leaf is indeed the way to go.
I love that people are still discovering Portal for the first time in 2024. I hope you enjoyed it as much as I did! Funny enough, I first tried the game on a console. As a PC gamer, I was extremely unfamiliar with controller-based inputs and had trouble with the final boss (I had 0 seconds remaining when I finished). You made the opposite journey and needed to learn PC controls, which I'm sure also took some getting used to. Really it's a testament to Valve's design that the game was accessible in both form factors, even to absolute beginners.
Thanks for participating, and see you next November!
-
Comment on May 2024 Backlog Burner: Conclusion and Recap in ~games
Wes Link ParentThanks, I'm glad you liked the app! I was thinking about a notes feature too. I kept a text file on the side during the Backlog Burner event to manage a list of possible games, and for jotting...Thanks, I'm glad you liked the app!
I was thinking about a notes feature too. I kept a text file on the side during the Backlog Burner event to manage a list of possible games, and for jotting down some thoughts I had while playing to include in my writeups. I think making some of that possible within the app could make sense though.
I'd like to take a little bit of a break because I went straight from working hard on the app to actually participating in the event, but I like the idea of a notes feature, and will try to include that ahead of the next event.
Regarding the hard version, while I can definitely see the value in something like that, I think that's a lot tougher to do without complicating the UI. Especially on mobile, space is already at a premium and drag actions are difficult on the web (people expect that to scroll). I like the notes approach because it works for both standard and golf modes, and is a little more general purpose (different players might choose to use it for different things).
Though I will say that there is already different logic for standard and golf modes. Golf lets you reuse game entries, but standard does not. Of course this can be overridden by customizing the specific game rules.
Thanks for the suggestions!
-
Comment on May 2024 Backlog Burner: Conclusion and Recap in ~games
Wes LinkThat was a fantastic event! Way more people participated than I was expecting, and the game picks and writeups were so good. I read every one of them (and added a few new entries to my backlog as...- Exemplary
That was a fantastic event! Way more people participated than I was expecting, and the game picks and writeups were so good. I read every one of them (and added a few new entries to my backlog as a result...).
I also think the timing was perfect. We got in just past the Helldivers 2 surge, but before the Elden Ring DLC dropped. We can only hope the timing works out that well in the future.
I love the highlights section at the top. It's good to see some numbers put to everything. 99 games is way more than I would have predicted.
Let me give a quick review of my own played list, as sorted by completion. Each links to my own review comment.
Finished (7): Open Roads, The Corridor, DS3: Archthrones mod, To the Moon, A Short Hike, Overgrowth, Vault of the Void (a few wins anyway)
Still playing (4): Blasphemous, Cook-Out, Lumino City, Trailmakers
Dropped (4): Metal: Hellsinger, Mirror's Edge: Catalyst, ScourgeBringer, Pid
Not bad, really! I finished a lot more than I was expecting. And of the four I dropped early, two I got moderately far in.
Standout games: These were the games that really stuck out to me as being worth the time, or enriching in some way.
To the Moon
The soundtrack to this game has legitimately been in my head for the last week. It just pops up with its simple melodies, asking me to think about it again. And who am I to refuse?
It was a beautiful story told in a lovely way, and I'm definitely interested in playing more from this series. I've already gone back and played the two holiday minisodes it includes. They were pretty short and sweet - maybe 30 minutes each. There's two more games in the main series, and a sort of spinoff called A Bird story which is more experimental. I'm looking forward to playing each of them.
A Short Hike
This one wasn't at all what I expected. For some reason I thought it was going to be a simple, linear platforming adventure. But the beautiful art style, relaxing atmosphere, and surprising amount of things to do really drew me in. I went back and completed all the little things I'd missed last time. It's a very cute game.
Blasphemous
Blasphemous was also better than I expected. I'm probably about 2/3rds of the way through the game now, but I expect to finish it this week. I'm including it in this list not because it necessarily spoke to me on some deep level, or that I resonated with the story (which I still find rather cryptic), but because it had a specific vision and managed to deliver on it. And mechanically I just found it fun. Blasphemous borrows a lot from Souls games, but it does so thoughtfully and selectively. A lot of games will copy all mechanics without really considering if they actually work well for their specific game or not.
While less standout, I also enjoyed playing Open Roads, Overgrowth, and Vault of the Void. DS3 Archthrones was also an incredible show of effort, but a total overhaul mod is a harder recommendation to make to a general audience.
I think at this point I'll be happy to take a bit of a break while focusing on cleaning up what games I've still got unfinished. The Backlog Burners are extremely productive, but also leave me feeling a bit worn out. So I'm looking forward to simply doing nothing for a while.
I don't think there were any dud categories. The only one I struggled with was "Has gravity manipulation", which is embarrassing because I originally suggested that category. There just weren't as many games that let you manipulate gravity as I'd first assumed.
I did have a few ideas for new categories while playing. I'd like to see some that focus more on themes, like evolution, betrayal, desperation, or pride. I think these require a little thinking to execute on, but would have a lot of valid options and lend themselves well to explanation ("here's why I picked this game...").
Another interesting category might be to play a demo or "prologue" experience, since that's a good way to try something new you otherwise wouldn't buy. Though it might clash a little with the idea of them being on an existing backlog.
By the way, for anybody wanting to clear their bingo card (either to generate a new one, or just to clean up), they can do so by clicking [Edit Rules] at the top of the page, then the [Reset] button. This will delete all site data stored in the browser.
Finally, before signing off, I'd just like to offer a huge final thank you to @kfwyre for putting this whole shebang together. Planning events like this can often take months of prep work, and the amount of effort that went into creating just the category list alone was herculean. I can't tell you how many revisions there were. Beyond that is creating the writeup for each week, engaging with everyone in the comments, and of course actually playing the games. Making a donation after all of that is just above and beyond. So that's a huge kudos from me. Thanks for putting so much into this.
Also a big thank you to everyone who participated, either by playing games, sharing their thoughts, or just following along. Tildes has a strong community spirit, and I think that's because so many here are willing to give their all in everything they do. I love that about the community.
I hope everybody has enjoyed the May Backlog Burner, and that we'll see you again next November.
-
Comment on May 2024 Backlog Burner: Week 5(ish) Discussion in ~games
Wes Link ParentBingo or not, 14 is still a very good number! I'm actually surprised at just how difficult your board ended up being. At least you are one away on the angle, with "Is beatable without killing any...Bingo or not, 14 is still a very good number!
I'm actually surprised at just how difficult your board ended up being. At least you are one away on the angle, with "Is beatable without killing any enemies" being the missing piece. But with every other line being 2-3 away, I'd almost have guessed you deliberately chose a pattern to make it hard on yourself!
Looking forward to your final thoughts when closing the event out.
I just went ahead and enabled BitLocker to test, and sure enough it appears seamless now. That's great to see! Honestly I'm really happy that Windows file systems won't be laid bare by default anymore.
Thanks for letting me know!