bme's recent activity
-
Comment on Linux privilege escalation (CVE-2026-31431) in ~comp
-
Comment on What steps can the average user do to secure their data privacy? in ~tech
bme Link ParentI am saying that none of this shit pays for itself. It's not free to live a life worried about this stuff, full of little tech rituals that are so easily bypassed. You may as well keep crystals on...I am saying that none of this shit pays for itself. It's not free to live a life worried about this stuff, full of little tech rituals that are so easily bypassed. You may as well keep crystals on top of your computer and charge them every day with incantations. For every hour spent improving your online privacy posture you could have been enjoying your life.
I have multiple yubikeys, self host my own password manager blah blah. Maybe i'm just old, but my phone never stops ringing because one CV had my phone number of it 15 years ago. Multiple credit agencies have been breached with my records on them, my bank force swapping my account to a rewards account, now all my transaction history is fair game according to the t&cs. It's a full time job to try and keep in front of it and you will fail. It's not defeatist to say you can't fly. You've got a better chance of sprouting wings than not having your data bought and sold to the point that you may have well done nothing.
I would rather have expended all that energy somewhere else, possibly in political activism, I dunno.
-
Comment on What steps can the average user do to secure their data privacy? in ~tech
bme LinkI hate to say give up, but I don't really see how you can do anything about it. Let's assume you disengage from everything, everyone is still selling everything about you that they can, credit...I hate to say give up, but I don't really see how you can do anything about it. Let's assume you disengage from everything, everyone is still selling everything about you that they can, credit records, property records, renting, mortgages, bank transactions. Unless you want to actually do cash only, and live in a squat or something, it's really hard to have many eyes on a reasonable slice of your life.
-
Comment on Interresting Reddit/Discord alternative : surikata.app in ~tech
bme Link ParentMany people are completely off the mark about the skill level of humans when it comes to coding, and completely delusional about most people's ability to reason adversarially and understand...Many people are completely off the mark about the skill level of humans when it comes to coding, and completely delusional about most people's ability to reason adversarially and understand security. I don't know that AI right now is making things net better, because AI is now allowing even more people who have no clue what they are doing to connect code to the internet but I regularly have interactions with claude / gemini that are way more helpful (especially review) than a typical interaction with another dev. Doesn't make me pleased to say that, but it's true.
-
Comment on Which Linux distro do you use, and why? in ~tech
bme Link ParentFlake deps: imo flake deps are mostly lies. In order to not have 1000 instances of nixpkgs everyone is using follows. If you do that then morally you may as well have just taken pkgs as an...Flake deps: imo flake deps are mostly lies. In order to not have 1000 instances of nixpkgs everyone is using follows. If you do that then morally you may as well have just taken pkgs as an argument, it's the same thing.
After that you obviously still want some pinning. Well there are loads of tools for that like npins or nixtamal. You don't need to give up pinning if you give up flakes.
Brought to you by the league of anti-flake revolutionaries. Sometimes it is hard to convince claude to join the cause.
-
Comment on Which Linux distro do you use, and why? in ~tech
bme Link ParentThat makes sense. I think for nix boilerplate where the only thing you are learning is the names of some symbols LLM efficient.That makes sense. I think for nix boilerplate where the only thing you are learning is the names of some symbols LLM efficient.
-
Comment on Which Linux distro do you use, and why? in ~tech
bme Link ParentHa. Only the system hardcode: you know that's a flakes thing? There are some of us that have feelings about flakes. If you use "classic" nix, you just ignore it and builtins.currentSystem just...Ha. Only the system hardcode: you know that's a flakes thing? There are some of us that have feelings about flakes. If you use "classic" nix, you just ignore it and builtins.currentSystem just handles it. Flakes also basically have no story at all on cross compilation which is what got me into nix in the first place (building stuff for embedded).
Anyway, I don't know if this is a useful comment, but I live in the nix repl. You can do so much cool stuff there! Want to explore the source of some some code?
:b pkgs.foo.src. want to read the source of some nix thing?:p pkgs.foo.meta.position. Want to dynamically inspect your options?nixos-rebuild repl -f whatever, and from there you can see both the real configured value of each option, all merged declaration sites, and all options definition sites for your config including your own options, and third party modules etc. The repl is really underrated in the community at large imo. Also a great way to try out a small expression and see what it evals to, and ofc you can always load up a file with whatever you have and play with it.Thanks for replying to my nosey comment! I enjoyed your essay. I also agree that nix lacks many conveniences for programming in the large that make it super annoying.
-
Comment on Which Linux distro do you use, and why? in ~tech
bme Link ParentTake a look at nix-ld. You can also get quite far with patchelf / the auto patch hook if you have patience for looking at the output of ldd. Especially relevant with gui tools that link Wayland or...Take a look at nix-ld. You can also get quite far with patchelf / the auto patch hook if you have patience for looking at the output of ldd. Especially relevant with gui tools that link Wayland or whatever.
-
Comment on That one study that proves developers using AI are deluded in ~tech
bme Link ParentThanks for the insight (I have some hooks, I wouldn't say I've mastered the art of them yet though!).Thanks for the insight (I have some hooks, I wouldn't say I've mastered the art of them yet though!).
-
Comment on That one study that proves developers using AI are deluded in ~tech
bme Link ParentI forgot about this. Do you have a hand off skill you'd recommend? There seem to be a lot floating about. Since this post I have written a patch skill which works pretty well but I always have to...I forgot about this. Do you have a hand off skill you'd recommend? There seem to be a lot floating about. Since this post I have written a patch skill which works pretty well but I always have to activate it manually.
-
Comment on Which Linux distro do you use, and why? in ~tech
bme Link ParentCurious about the LLM aspect of it. I probably am on slightly deeper than most to nixos (commercial codebase, hundreds of instances 10s of kloc supporting nix code). I got my start with the...Curious about the LLM aspect of it. I probably am on slightly deeper than most to nixos (commercial codebase, hundreds of instances 10s of kloc supporting nix code). I got my start with the project documentation ~ 3 years ago via the nix pills guide + nixpkgs manual. It seemed really comprehensive at the time and since then we got nix.dev which basically seems to answer 90% of the questions I see on the subreddit complaining about the docs.
I think i'm firmly in the minority of people that think that the docs are any good. Do you ever use them or is it LLM all the way?
Feel free to ignore, I'm just being nosey. NixOS 4 lyfe gang sign.
-
Comment on I miss technology that was meant to be used as a tool in ~tech
bme Link ParentI hope my response didn't come across as thought-terminating, I was trying to be empathetic :) It's something I think about a lot. There does seem to be a big paradox. Everyone has their gripes...I hope my response didn't come across as thought-terminating, I was trying to be empathetic :)
It's something I think about a lot. There does seem to be a big paradox. Everyone has their gripes about technology, but I know basically no one that will cede an ounce of convenience for anything!
For instance, many gamers hate the way gaming is, but they do nothing but feed the industries worst excesses. Why tf is anyone spending even one penny on cs or valorant skins? People complain about the endless treadmill of modern warfare games, but buy them nevertheless. EVERYONE, complains endlessly about windows, but will not consider for a second that the fact that they will not countenance running Linux at all (because then they won't be able to run some live service dollar extraction machine with kernel level anti cheat) is the very reason Microsoft continues to treat them like rubes.
Phones continue to be be massive persistent privacy violations, but suggesting to anyone that they take a hit on specs or battery life to get some of the spyware out of their pocket is met with derision.
I don't have an answer, because when I see something is bs, I don't buy it, especially if it is a luxury. I opted out of windows around windows 7 because even then it was too much. I really believe in voting with my wallet in favour of user choice / freedom and sadly it seems to be a bit of a rarity.
-
Comment on I miss technology that was meant to be used as a tool in ~tech
bme (edited )LinkThe problem is that most people could not care less (to your point about user acceptance), and so you are actively punished by your competitors and audience if you spend extra money on making...The problem is that most people could not care less (to your point about user acceptance), and so you are actively punished by your competitors and audience if you spend extra money on making something better.
The cream does not tend to rise to the top. There is also the other aspect which is that when you make something user serviceable then users try to service it. Unless you spend significant effort on making this foolproof then they will screw it up and then you are in a warranty fight potentially. AI has made this all worse. Service teams are being overwhelmed with AI slop on every communication citing non -applicable law, and it costs the author nothing, but is a huge distraction away from customers with actual problems.
It's even worse when you have to interoperate with something else. For instance the standard for AC charging your EV at home is really simple, but car OEM firmware is largely full of bugs that I have spent way too long working around. They don't answer the phone, we do. We supply telematics and detailed diagnostics, they typically don't. Who is punished? Whose CS reps get yelled at? Customers on the whole have no sense of taste or smell or technical ability and are ruled by black boxes they don't understand and the current market is a direct consequence of that.
(Work in manufacturing a b2c hardware product with a significant software component)
-
Comment on That one study that proves developers using AI are deluded in ~tech
bme LinkI think it depends on what you are doing. I honestly feel pretty gaslit on AI. fwiw, I am in a professional setting where someone else is paying for Claude, we just Google Workspace so I have...- Exemplary
I think it depends on what you are doing. I honestly feel pretty gaslit on AI. fwiw, I am in a professional setting where someone else is paying for Claude, we just Google Workspace so I have access to Gemini (3.1) as well.
Things they are good at: scanning huge amounts of code and saying general things about it. Generating documentation that needs a light edit.
Things they are ok at: boilerplatey code, teaching me where to look for docs, speeding up a first pass. Doing shell scripts that I don't really care that much about. Helping me push past a lack of energy for stuff I can't muster enthusiasm for.
Things they are bad at: being trusted to write code. They fucking love overkill regexes. For a fixed format that uses two digit numbers? REGEX. Need to strip a prefix? REGEX. They love duplicating code. They love convoluted branching. They never produce any code that I would just sign off on. I am constantly being told that if I just tuned my system prompt enough and could 20/20 foresee all the mistakes or would make them I would be more productive.
Things they are terrible at. They have no sense of smell taste or architecture. Even when trying to get them to plan out something they just trip over themselves, take any shortcuts possible to avoid dealing with the task at hand. For instance: I have a buildroot project wrapped up with nix. I have split it into a couple of parts. One cached download with all the sources. One build. I wanted to split the download into multiple parts so that changing one dependency doesn't trigger half a gig of downloads. This is a tricky task but not that hard. Good god. Here are some steps, write out a plan, here is a test strategy, off you go. Doom loop. Doom loop of trying to make patches by hand. Adjust prompt, you can do it like this, conversation gets compacted, it forgets, try to write a patch skill. Fail. Just write the patch for the bot. Implement more, adjust the plan, shit shit shit shit shit. It feels productive, because there is whirring and animations and code is flying about. In the end I gave up spoon feeding the Claude and just did it myself. I am confident I could have done it much faster had I not bothered with AI.
I am sure the tools will get better but I swear if one more person at work tries to suggest we can 10x our output I am going to eject myself out a window.
-
Comment on Hackers expose the massive surveillance stack hiding inside your “age verification” check in ~tech
bme Link ParentThese laws are being penned by internet giants for sure, but I think most of it is about removing the current liability they have for children on platform.These laws are being penned by internet giants for sure, but I think most of it is about removing the current liability they have for children on platform.
-
Comment on AI companies try to pay staff in AI tokens, not money in ~tech
bme Link ParentFirst twitter quote, sure. But I think when Altman has brought something up twice in public, it's not accidental, and the "crazy idea" framing is just softening it up so he can float the idea out...First twitter quote, sure. But I think when Altman has brought something up twice in public, it's not accidental, and the "crazy idea" framing is just softening it up so he can float the idea out there and see how people react to it. It's no indication at all about how serious or unserious he is.
EDIT: I do want to concede that the headline is absolutely terrible. No has actually tried to pay anyone in compute tokens yet.
-
Comment on open_slate: private and powerful 2-in-1 tablet in ~tech
bme Link ParentIt's the defacto standard of building Linux images for embedded (I'm more of a buildroot guy myself). The implication being if there is a yocto build then you can probably do whatever you want...It's the defacto standard of building Linux images for embedded (I'm more of a buildroot guy myself). The implication being if there is a yocto build then you can probably do whatever you want (within the constraints of hardware) if you have the time. That is cool.
-
Comment on GNU and the AI reimplementations in ~tech
bme LinkI don't like anything about what is going on with AI, but I do think either it's as good as everyone says, which means we can use it to improve user freedom by making better software more cheaply...I don't like anything about what is going on with AI, but I do think either it's as good as everyone says, which means we can use it to improve user freedom by making better software more cheaply in the open, or it isn't, in which case all the usual economics hold and these forks will fail the way forks fail today.
Obviously there will be a spectrum, and humanity will probably find a way to thread the needle to the worst of every world compromise (AI removes software engineering as a dedicated profession because the market dies for long enough as software quality declines even further under the weight of so much AI driven vibing, and the knowledge of how to better is gone in a generation or two).
-
Comment on Whatever happened to the Uber bezzle? in ~transport
bme Link ParentI remember very clearly being at an all-hands in 2013 and people confidently talking about self driving by 2016.I remember very clearly being at an all-hands in 2013 and people confidently talking about self driving by 2016.
-
Comment on Lifetime Windows user seeking feedback for improvements on my Linux setup in ~tech
bme (edited )Link ParentGood question. You will at least want to reinstall the bootloader (bootctl install, assuming systemd) so that the motherboard has the right info on where the bootloader is. You'll need to edit...Good question. You will at least want to reinstall the bootloader (bootctl install, assuming systemd) so that the motherboard has the right info on where the bootloader is. You'll need to edit your bootload entries as well, so that they point at the new partitions. You will also probably need to edit / rebuild your fstab. This file is used to decide what disks to mount.
If all of that sounds a bit too intimidating, then bear in mind that just copying your home folder to a new install is very likely to work without any problems at all (at most the uid/gid needs to be fixed up that's a single
chowninvocation). As long as you didn't customize the base system too much that won't cost you very much time at all.The most important thing with Linux is generally: don't panic. You can recover almost anything with a bit of knowledge. I'd definitely keep the old disk around, and I'd definitely prep a USB with linux so that you can chroot if required.
Feels good to be able to write a nix expression to assert that the kernel isn't vulnerable and move on with your day.