Is he io bound? Is there no reasonable way for git hosting services to actually cache git checkouts?
DDoS / DoS should only be used, in my opinion, when the server goes down complelty not if it has a little bit of load and i still haven't seen anything which indicates that this is a real issue?
And i don't want to come across negativly, i just don't get the issue.
Given that Google decides to do that effectively out of bad design.
What if your website hosted 100 Go modules and it scales linearly, that's 400GB, still not a problem? What if every programming language did that?
I don't really understand how that's not an issue. Sure it's not a big deal, if just one service does that, but it's still something that should be fixed. If you are Google it should be expected that this fix is not taking over a year.
- smoking is an exceptionally harmful habit, so just by coming up with any other activity at random one is likely to end up healthier
- this also means advising smokers to switch to vaping even without knowing the health effects of vaping makes sense
- marketing vaping to non-smokers should be severely limited though
- marketing vaping to kids like juul does, should be downright illegal
do/did they actually do this? I did a quick Google search and I can find a lot of articles making this claim but the only evidence given is that they have twenty-somethings and bright colors in their ads. if this is "marketing to kids", then that bar seems awfully low.
> Last summer, with public concern about teenage vaping growing, Juul Labs paid a charter school organization in Baltimore $134,000 to set up a five-week summer camp to teach children healthy lifestyles.
> The curriculum was created by Juul — maker of the very vaping devices that were causing the most alarm among parents, health experts and public officials.
> In April 2017, a Juul representative visited the Dwight School in New York City to meet with students — with no teachers present — and told them the company’s e-cigarettes were “totally safe.”
>> In April 2017, a Juul representative visited the Dwight School in New York City to meet with students — with no teachers present — and told them the company’s e-cigarettes were “totally safe.”
this one is pretty damning, but it's only one occurrence. I doubt NYT would have held back if they had any more such anecdotes to offer.
as for the rest of the article, the education programs seem a bit sketchy, but they could just as easily be a poorly conceived PR campaign.
> but they could just as easily be a poorly conceived PR campaign.
We have decades of experience with terrible tobacco and alcohol companies and that's pretty persuasive that Juul knew what they were doing and didn't care.
you are correct; people just get rightly alarmed that it took off with high school students. their marketing is pretty typical in that it’s aimed at young people but i’ve never seen anything particularly nefarious.
> switch to vaping even without knowing the health effects of vaping makes sense
That is exactly my point. You're presuming it's healthier, yea? If you can link to any proper long term study saying that, I'd be more than happy to agree with this.
Ten euros worth of Amazon gift cards as birthday gift from the company.
That amount has a great way of signaling that the company is too cheap to do anything real, but too unsophisticated to realize they then should have just given a slice of cake or a birthday card.
Talking about Firefox, I've recently heard some people getting annoyed that Firefox now depends upon Rust and Rust doesn't build on their obscure legacy platform.
I'm in turn getting annoyed at the complete lack of cost/benefit analysis that this entails.
Every software project has to deal with limited resources and the attitude that the vast majority of people running on more mainstream platforms should forsake improvements (in security or usability by Rust for example) in order to support Solaris, Illumos, HP-UX or any of those niche platforms, well that just pisses me off.
I still have a 32bit Debian installation (originally installed around 2003 and been Ship of Theseus-d over the years so it actually has 64bit hardware now) that I didn't have the time or motivation to upgrade, but if 32bit support would go away tomorrow I'd understand. What's the percentage of 32bit vs 64bit users? 0.3%?
The other way to view this is as rich software developers asking the rest of the world to pay to upgrade their hardware, or else forgo security patches. That may be hard if you're in a poor country, or are otherwise living near the poverty line.
Commercial interests have little incentive to serve this demographic, due to their lack of buying power. That leaves open source projects that were created for the public good.
> According to Frau-Meigs, independent funding for academics as well as journalists is extremely important. “Google and Facebook are paying these partnerships from their direct marketing arm, not through more neutral foundations,” she says.
This seems to be implying that Facebook and Google are paying these partnerships partly or mainly to coopt the researchers in order to avoid public relations or regulatory issues.
> we quickly discovered that software mitigation of all possible leaks due to Spectre was infeasible.
Are there many other security issues that are easier to exploit with potentially higher impact? Sure. Does this mean that Spectre is fixed or can be mitigated in software? No. It's a bit like the formerly theoretical timing attacks against TLS: attacks only get better.
As said in that very blog, no attacks have been observed. Spectre has been out for a year and a half. Can you show me any indication of any feasible attack on firefox or chrome, that has a PoC or at least proof that it can be utilized for anything remotely useful?
However this conversation might be meaningless, as it seems we have a different definition of what constitutes a feasible attack.
I still maintain my opinion that not turning on mitigations is safe for personal computing.
Google clearly considered it an important enough issue to spend considerable resources on trying to mitigate Spectre and in the end only gave up because they didn't find a feasible way to do so. They emphatically didn't conclude that it's fine because attacks are impractical.
This attitude was learned the hard way though: about a decade ago the PoC or gtfo attitude was prevalent among browser makers and large tech companies. Theoretical vulnerabilities were dismissed if no immediate proof of concept was provided.
What changed this was a bunch of security/cryptographical vulnerabilities. MD5 was known to be theoretically week for years and years, but when researchers minted their "can break every SSL/TLS connection" intermediate certificate to finally make browser vendors move on the issue, it was too late.
You see with systemic issues, in cryptography or hardware, by the time you actually demonstrate a PoC, things are way too late: it takes years if not half a decade (as in MD5's case, or with older TLS versions) to deprecate insecure things, if you look at the timelines.
So for issues in fundamental building blocks, it's more or less irrelevant if there is a working PoC today or not: if we don't move to fix the underlying issue and start acting on a roadmap to move away from insecure things, people _will_ come up with a working exploit that allows practical attacks. If mitigation is only attempted at that point then we're being left vulnerable for years to come.
>it's more or less irrelevant if there is a working PoC today
By that logic, all current crypto is already broken and we should only use quantum safe crypto.
You guys threat model for your personal computers are way beyond most of the planet, so I will concede and agree that you should not use browsers or run untrusted code until new CPU's are released. That is pretty much the only thing that will match your threat model.
This comes from a government in which the junior coalition partner is the far-right FPÖ, an openly pro-Putin and authoritarian party.
This law is part of their campaign to browbeat the press and public sphere into submission and it is following attempts to rein the austrian public broadcaster (orf) in.
The proposed law is useless for any legitimate purpose, as anonymity was never a problem with hate speech or other things. People are willing to engage in hate speech, libel or just in overall awful things with their name attached without reservation already.
Putin even attended the wedding of Austrian foreign minister last year[1] and nobody was outraged, in fact Austrians on social media applauded it. Vienna is also crawling with Russian spooks.
The problem in Austria is that the Russians have started buying a lot of property there decades ago. Property prices in Kitzbühel have been going through the roof thanks to Russian oligarchs buying up everything. Russians love Austria (as much as Cyprus) because it's a great place to hide and launder money, see[2]:
Peter Pilz, a member of parliament from the opposition Greens party, said the Italian mafia, especially the Calabria-based ‘Ndrangheta, had years ago used Austria as a money-laundering centre, cleansing around 2 billion euros.
“Now it is mainly a matter of Russian money. A lot of banks must be afraid that the Russians will take their millions and flee to Asia,” he said.
I don't think he controls them. What it reminds me of is how USSR supported pretty much any political movement anywhere in the world, so long as it was in opposition to the capitalist West. The important part was that last one, but most such movements were left-wing.
But that was there and then. We don't have any strong hard left movements of that kind in Western countries today. We do, however, have far right / "third position" movements of that kind. And ideologically, they align pretty well with Russia's own internal politics, so they're more reliable allies, as well. So, while there is some support for left-wing anti-establishment movements, most of it goes to the right. And hence we're mostly talking about that.
It's weird that technology oriented people see code/IT in terms of infrastructure, but too little from a city as such.
I'm living in Vienna, Austria which is a city consistently rated to be in the top 5 most livable cities by multiple independent evaluations.
How did that happen? A strong sense of ownership and infrastructure thinking over a _century_.
Just to mention the obvious, property prices do not exist in a vacuum and cities where property prices go through such a steep and continuous rise as in London, Moscow, San Francisco etc. are not a reflection of desirability or market forces but rather the total abdication of planning and responsibility from the local authorities.
There are dozens of things local leadership can do to fix infrastructure and living standards issues, never let anyone tell you otherwise.
It also helps that Vienna's population has been basically flat for many years.
By contrast the prior #1 most liveable city - Melbourne - has grown from 2 million 30 years ago to 5 million currently, forecast to get to 8 million by 2050, all due to mass immigration. Livability has fallen directly in line with population growth.
I've lived in a lot of cities around the world and think there is a 'sweet spot' population number: big enough to allow the provision of niche services and the agglomeration of talent, yet not too big as to introduce costly dis-economies of scale (usually through very expensive housing and transportation.) That level seems to be about 1-3 million.
It depends what you build for. San Francisco, the dystopia as described in the article, has under a million residents. Its wounds, and that of the bay area in general, are entirely self-inflicted.
Could it be that change is painful? When people settle down, they want things to mostly stay the way it is until they die. A city in growth or decline interferes with that.
Immigration to Australia is mostly low-wage male workers from poor, non-European countries entering on student visas (the country is one of few to allow international students to work). They serve to drive down labour costs and increase cost of living pressures (water shortages in many cities for example - requiring expensive desalination).
The opposition to mass-immigration (the country is growing at about 1.6% annually, with the same annual level of immigration as the UK, a country with 3x the population) is completely justified and it is not in the long-term interests of the country or of individual Australians.
Its not only the formal mechanics - the whole system is rorted, with a lot of fraud. A Chinese businessman bribing federal politicians for citizenship is a current news item.
Finally Australia makes its way in the world by mining and selling off its fixed endowment of minerals. The rest of the economy is not particularly competitive, mostly just domestic services and real estate. More people means a smaller slice of natural resources per person. This is not theoretical - wages are flat and cost of living pressures are high in the country. Public healthcare, education and transportation are all overcrowded.
Cities like SF have a strong survival bias. People who disagreed, tried to change things, etc are leaving or already left. Over time you end up with a place that’s broken and a group of people who want it that way.
I'm originally from Vienna too and now living in London and I can see the differences very well, but the main reason why Vienna is rated so highly is because the population has remained mostly consistent for a long period of time.
However, Vienna isn't without its faults. In Vienna you have a huge segregation between better and worse off people. You have a lot of low income people living in places like the 10th district and people in higher income brackets living in Doebling for example. This is counter productive in the long run as it will slowly create "ghettos" and mono cultures within the city. In London the wealth gap is much higher than in Vienna and yet people live more closely together. You can walk down a millionaires street one second and in the next moment be surrounded by council housing. In my opinion this is much better, as it prevents places from turning into ghettos and helps to keep the city in a sane state. There is a lot of gentrification happening in some parts of London too, but this is more of a side effect of the consistent growth rather than segregation.
The other problem which I see is that the average person in Vienna does not own any property. Most people are in rental properties for most of their lives and they mostly rely on a future state pension in order to retire. To me this is a fragile system, because it forces the country/makes it reliant on a highly taxed middle class. It is extremely difficult to prosper from middle class to being rich in Vienna - for the better or worse.
The entry barrier to creating a new company and the huge amount of regulation also makes it extremely unfriendly for startups and innovation.
Long story short, socialist cities in a capitalist Western country only thrive as long as the population is small enough and stable for a long period of time. It takes many years to build new schools, hospitals, GPs, train lines and bus routes, whereas it takes only a few weeks for an individual family to settle in a new place. If a city undergoes a massive growth in population then it doesn't even matter if everyone who moves into the city is a hard working high tax paying person, because the new money which they bring in will not be able to keep up with building the necessary infrastructure to comfortably accommodate everyone. It will take decades to catch up and only if there ever will be a slow down of growth, otherwise it will be a never ending chase.
He complains about outgoing traffic of 4GB/day. On a server. In 2022.
If this is an issue he should not be hosting Go modules on his own servers.