Hazel's recent activity
-
Comment on Google gets its way, bakes a user-tracking ad platform directly into Chrome in ~tech
-
Comment on An Internet of PHP in ~comp
Hazel I'm rather skeptical of that 77% mark. W3Techs, BuiltWith and similar sites all have one major flaw: they only include sites "whose server-side programming language we know". That's obviously hard...I'm rather skeptical of that 77% mark. W3Techs, BuiltWith and similar sites all have one major flaw: they only include sites "whose server-side programming language we know". That's obviously hard to avoid, but it will significantly skew the results when a lot of major PHP applications are incredibly "loud" about what they are. It's really hard to masquerade WordPress as being something else. PHP itself is also fairly loud, with
expose_php
being turned on by default and sending anX-Powered-By: PHP/x.y.z
header.For a reproducible example, both W3Techs and BuiltWith fail to identify Tildes as being built on Python. Likewise, the site for Python's Django framework is not currently identified as Python or Django (despite publicly available source code showing it is), it only manages to find the Discourse/Ruby forum and some mentions of the former Trac/Python install.
Going through 7 non-PHP sites I've worked on in some capacity, none of them are identified correctly; not even the relatively obvious Python+Django one that has a few mentions of it in its HTML. The 4 PHP sites I've worked on are all identified as PHP, though one is incorrectly identified as being WordPress (it's custom spaghetti stemming from 200x).
I don't have better numbers, I don't think those numbers can exist. But it's obvious that these are junk.
-
Comment on The Electronic Frontier Foundation, kiwifarms, death, harassment: a critique in ~tech
Hazel The means have already existed and been in use for a very, very long time. All kinds of "possibly illegal" stuff like botnet C&C servers, ransomware payment portals, phishing sites, spam...The means have already existed and been in use for a very, very long time. All kinds of "possibly illegal" stuff like botnet C&C servers, ransomware payment portals, phishing sites, spam operations and the like get shut down rather fast without any type of law enforcement coming into play. Even if you're merely hosting a server that gets compromised, a common scenario is that you get an email telling you all of your stuff was null-routed and you better come up with a good reason they should keep you as a customer within some rather pressing time-frame. Verisign will just casually erase you from the .com zone if any of the organizations they're affiliated with ask them to, sometimes as part of the multi-ISP "DNS Abuse Framework" and sometimes other stuff not related to that. There are similar policies for pretty much every service provider providing every type of service.
There is, of course, an understanding that service providers can't directly control what their clients do. Nearly every service provider relies on others in some fashion, so the standard operating procedure is to start as late in the chain as possible and slowly send things up the chain until the complaint is reasonably solved and unlikely to reoccur. If your site shows any real signs of legitimacy and is responsive to abuse complaints, you'll be included in that chain and provided with that reasonable doubt. It should be fairly obvious at this point that KF does not fit that bill, and neither do the providers that continue to host it. Normally, the providers later in the chain rarely have to enforce their terms. This doesn't mean it never happened; for example, HE was also involved in the 2008 McColo shutdown.
Any argument that these types of shutdowns should only ever be left to slow-to-respond legal channels would be challenging all those types of shutdowns as well. It would indeed be nice and optimal if the legal channels were responsive, but they aren't, and until they are, the processes already in place give power to the corporations providing the services.
-
Comment on AWS eIP price change. What's your plan? in ~tech
Hazel Eh, it's both really. AWS rarely increases their prices directly and this is certainly a way of making more money from existing customers. A quick back-of-the-envelope calculation based on their...Eh, it's both really. AWS rarely increases their prices directly and this is certainly a way of making more money from existing customers. A quick back-of-the-envelope calculation based on their published ip-ranges.json file (and I hope I did the math right on that) tells me they have around 136014718 (136M) usable IPv4 addresses. Hard to say how much of those are unallocated, in use by them internally or effectively billed at a lower rate via enterprise agreements, but given one IP costs $43.8/year under this new pricing, an extra billion or two a year is almost guaranteed.
-
Comment on Stack Overflow didn’t ask how bad its gender problem is this year in ~tech
Hazel It's somehow even worse when "do Y or Z" is appropriate for the original asker and it's something they accept/appreciate, but when you stumble on it in a search engine 5 years later it is...It's somehow even worse when "do Y or Z" is appropriate for the original asker and it's something they accept/appreciate, but when you stumble on it in a search engine 5 years later it is definitively not appropriate for your own environment. If you ask the question again, it will absolutely get closed as a duplicate, and nobody on SO is going to be answering 5 year old questions with an accepted answer in a different way.
-
Comment on Permanent archival formats. Do they exist? in ~tech
Hazel To move the goalpost a little: I'm not exactly confident generic PC-based DVD & Blu-Ray readers will last anywhere near 100 years. The article about floppy disks on the front page is pretty much...To move the goalpost a little: I'm not exactly confident generic PC-based DVD & Blu-Ray readers will last anywhere near 100 years. The article about floppy disks on the front page is pretty much what I expect to happen to today's optical standards ~50 years from now on. People find solutions in scavenged hardware, new addons for that scavenged hardware (like USB<->FDD translators with new cases) and drive emulators, but the supply of working scavenged hardware is starting to run out and emulation is no good if you want to read existing media. 3.5" seems to be barely clinging on to life, working 5.25" drives seem to be getting rather pricey and 8" is practically extinct.
PC Blu-Ray readers in particular have had very little market adoption, so I think that once production of drives stops, it'll become difficult to find new hardware rather quickly. DVD stands a better shot at surviving the test of time, but even then I expect that the hardware will become incredibly tough to find in about 30 years and essentially extinct in 50.
I have similar concerns for a lot of other long-term archive media. A "living archive" where a human transfers it to a new thing every 10 years or so seems like the only real option to me.
-
Comment on The main problem with the Fediverse is that people mostly just use it to talk about the Fediverse in ~tech
Hazel Every time a platform dies and users flock somewhere else, you get the triple whammy of a huge influx of new users for who the widely accepted "dead horse" meta talk is still new, existing users...Every time a platform dies and users flock somewhere else, you get the triple whammy of a huge influx of new users for who the widely accepted "dead horse" meta talk is still new, existing users having some new meta stuff to talk about (why the other platform failed and if there are lessons to be learned), and new users first exposure to the platform being in this "meta mode" making it more likely that people interested in meta talk will sign up while scaring away people tired of meta talk.
For Fedi in particular, it's even worse because both Reddit and Twitter are transforming at the same time, and the wider Fediverse harbors both sides with some interconnectivity here and there.
Those are yours, but they can get quite a bit more specific. In the "evolution from FLoC" chapter, it's claimed that they were chosen to avoid sensitive subjects, but comparing the V1 taxonomy found in the same repo with the V2 one makes me think that is not going to hold. One example V2 topic I don't like is "/Law & Government/Labor & Employment Law". If I was an employer that absolutely hated unions, I would probably throw resumes straight into the trash can if someone with that interest submitted them.
Google's solution seems to be to lock everything behind an enrollment system managed by Google, which raises a lot of entirely different concerns.