Depends on the email. Sometimes it’s needed.
I can spend 10-20 min writing an email that basically says “no your idea is dumb and won’t work” to customers in such a way where by the end of it they agree with me.
It can take a bit of effort but with high stakes communication it’s needed.
If you’re just sending an email to your teacher or whatever it doesn’t really matter.
Think of it like the flooded house analogy. They could paint the dry wall while tearing it out at the same time. But why would they?
They’re not refusing. They’re actually doing the opposite. But they needed to get their house in order first.
The 3.0 upgrade was the result of the getting their house in order and modernizing. Doing cosmetic changed before hand would have made no sense because those changes would have been thrown away when they would have to modernize things anyways.
I think I have an analogy.
Gimp was like an old American style wooden house that was flooded. After the water recedes you could try to make things look nicer by plastering and painting the walls etc. But as goes with flooded houses if you do this the mold will rot everything out.
In order to save a flooded house you need to remove all the dry wall and use fans to dry out the internals. Once things are dry then you can plaster and repaint things.
Gimp 3.0 was them ripping out dry wall and air drying the internals. Now that that is done it now makes sense to clean up the UI.
If you clean up the UI before you dry the walls out it’s just a waste of time because those improvements would need to be ripped out with the dry walls always.
It’s not perfect as far as an analogy goes but it’s close. Gimp should have never let the house flood in the first place. (Analogy breaks down here a bit). But since they did. They needed to fix the fundamental before it would be worth fixing the UI.
This all being said they could at this point genuinely refuse to change things UI wise. I hope they choose to pull a Blender or Krita but they don’t have to.
I mean the whole point of doing the mega rewrite to gtk3 was specifically to enable such forward looking progress.
What they did in the 3.0 release was, largely, a massive modernization of a dinosaur code base.
Now that it’s done it makes sense to do a UI overhaul. Before 3.0 it made no sense to even try, now it does.
It’s government reporting data. If you find a better source I say go for it. But I used that data for salary negotiations in the past successfully.
I’m not talking about take home. I’m talking about total annual compensation including things like RSU payouts etc.
Even if we throw out the ones you doubt there are many 300k to 400k entries with the AI researcher title. If we add annualized RSU payouts we easily hit over €500k.
At this point t though you are free to doubt me.
Maybe not with just if statements. But with a heuristic system I bet any site that runs a tar pit will be caught out very quickly.
When I worked in the U.S. I was well above $160k.
When you look at leaks you can see $500k or more for principal engineers. Look at valves lawsuit information. https://www.theverge.com/2024/7/13/24197477/valve-employs-few-hundred-people-payroll-redacted
Meta is paying $400k BASE for AI Reserch engineers with stock options on top which in my experience is an additional 300% - 600%. Vesting over 2 to 4 years. This is to H1B workers who traditionally are paid less.
Once you get to principal and staff level engineering positions compensation opens up a lot.
https://h1bdata.info/index.php?em=meta+platforms+inc&job=&city=&year=all+years
ROI does not matter when companies are telling investors that they might be first to AGI. Investors go crazy over this. At least they will until the AI bubble pops.
I support people resisting if they want by setting up tar pits. But it’s a hobby and isn’t really doing much.
The sheer amount of resources going into this is beyond what people think.
That and a competent engineer can probably write something on the BEAM VM that can handle a crap ton of parallel connections. 6 figure maybe? Being slow walked means low CPU use which means more green threads.
I see your point but like I think you underestimate the skill of coders. You make sure your timeout is inclusive of JavaScript run times. Maybe set a memory limit too. Like imagine you wanted to scrape the internet. You could solve all these tarpits. Any capable coder could. Now imagine a team of 20 of the best coders money can buy each paid 500.000€. They can certainly do the same.
Like I see the appeal of running a tar pit. But like I don’t see how they can “trap” anyone but script kiddies.
Fair. But I haven’t seen any anti-ai-scraper tarpits that do that. The ones I’ve seen mostly just pipe 10MB of /dev/urandom out there.
Also I assume that the programmers working at ai companies are not literally mentally deficient. They certainly would add .timeout(10) or whatever to their scrapers. They probably have something more dynamic than that.
They want to reduce the bandwidth usage. Not increase it!
TIL. Very cool.
Solaris was beautiful. But it could have been more secure if it had Mandatory Access Controls. One compromised app running as root, or one privilege elevation exploit and without mandatory access controls you’re done.
Even with user contained exploits without MAC you expose way too much.
Edit: Turns out Solaris had a MAC enabled variant called Trusted Solaris! I could have seen myself using this if Sun was still around and OpenSolaris had panned out.
https://en.m.wikipedia.org/wiki/Trusted_Solaris
In conclusion Solaris was not junk.
I like the fact that it is a solid mandatory access control system. With SELinux you are substantially more safe than without.
For example. Let’s say you are running a compromised version of OpenSSH. Threw a XZ style back door a hacker gets in as OpenSSH (which runs as root).
Without SELinux the system is fully owned. With SELinux the attacker can only access what OpenSSH needs to access even if they have root. They can’t just chmod files and folders wherever. That means your photos and application data are still secure. With the pre written SELinux policies this applies not just for OpenSSH but for every piece of software installed on your system. Everything is limited to the exact folders, ports, and system capabilities that it needs and no more. Even stuff like seperate websites being served under Nginx. You can have Nginx-subgroup-1 and Nginx-subgroup-2 where the applications can’t see each other even though they are being run as the Nginx user.
I don’t trust any Linux distro without this security layer.
It’s a little difficult to learn and master, but it’s totally worth it if you care about security.
Redhat put out a comic about it a few years ago explaining the basics. https://people.redhat.com/duffy/selinux/selinux-coloring-book_A4-Stapled.pdf
Thank goodness for selinux. Without it Linux would not be a secure OS.
And no AppArmor does not do the same thing. You need the mandatory part for mandatory access controls to work.
I mean they’re synced super fast to every file system. It works really well. Wayyy wayyy faster than nextcloud too. You can access them on that file system. If you want to “directly” access them you can always use the fuse driver. This being said there isn’t really a need to because all the files just are synced to your file system.
Yah that term isn’t an official term. I just meant it in the sense of a IPv6 prefix. Without knowing more about how your router firewall works / in set up I can’t be too specific.
But in general the way things work with ip addresses is that your ISP provides you with a block of IPv6 address. This block is the prefix/first part of any given ipv6 address on your network. Each host uses that prefix and generates a suffix that it adds in to it in order to generate a full globally reputable IPv6 address.
By default most hosts use the IPv6 privacy extension to random suffixes and cycle through them. This is good for privacy but bad for hosting a public service. You need to turn off the privacy extension and the second half of the IPv6 address will stay static.
Next up you need to write a firewall rule to allow traffic to that globally routable IPv6 address. In an IPv6 system the router does not intercept or rewrite the packets like it does with IPv4. So all a router does is act as a firewall saying “Yup outside hosts can or can’t make inbound connections to certain hosts/ports”
The trick with a consumer IPv6 address space is that just like IPv4 addresses given to your router, the IPv6 prefix can change randomly.
It would be annoying to have to update the firewall rule every time this happened. That’s why the idea of masking matters. You tell the firewall “ignore the prefix of this firewall rule. Just allow or deny based on the static suffix.”
The way to write such rules is different on different firewalls. Most consumer devices don’t have a way to configure such things. Even professional networking equipment mostly makes you use the cli to manage such things.
I hope this helps.
I’m glad you got it working with IPv4. For the record though the way to do such a thing in the future is to think in IPv6. In IPv6 there is no nat or port forwarding. Even if you have host exposure. You need to set an appropriate rule in your router firewall.
On the host itself you need to use public IPv6 addresses. Then on the router firewall you set a firewall rule with an appropriate delegation mask allowing traffic to the specified port.
It’s different than IPv4 but once you learn IPv6 it’s easy.
That’s insane. I would consider a ipv4 -> ipv6 cloud hosted haproxy style setup if this was my only option.
i would just ask for an Ipv4 address. I asked Vodafone for one and they just gave it to me for free.
Different customers are dumb in different ways and different customers have different personalities.
If I sent a template email I would probably offend most of my customers. Lol.