Notices by Todd Knarr (tknarr@mstdn.social)

@dalias OK, I get why they did that. What I don't get is why they WANTED to do that?

@dalias Betcha that disabling IPv6 privacy (randomizing the host part of the address) fixes it.

Just got the news, Tugrik died after a long series of medical problems. You probably don't recognize the name if you're not in furry fandom, but if you have a Wi-Fi hotspot with cel backhaul? He built the first one for Burning Man. You like how well GPS works on your phone? He was a key part of the AGPS installs that allow that. He was one of the good ones.

@stux @Zyranka Did someone say cat?

@AdrianVovk @dalias Why would that be in a system database though? There's a long-standing convention of storing that under the user's account, usually in dot-files in the user's home directory, .plan and .project for example. .userphoto would be an easy addition. GECOS isn't that complex, it's just a comma-separated list of items and the display name is the first one so trivial to parse out.

@dalias @AdrianVovk That shouldn't require different UIDs, though. X11 has authentication that operates per-session, not per-user, so that applications opened on one display can't access windows from a session on another display even if both sessions belong to the same user. I ran into this a lot and had to create login scripts that played games with xauth to allow cross-session access.

@dalias @AdrianVovk More importantly, gdm shouldn't be running anything untrusted so the only way an attacker would be able to spy on gdm windows is if they've compromised the gdm user account itself by some other route, in which case you've got bigger problems. The usual solution there is session-based authentication with the information not persisted to the gdm user's .Xauthority file.

@dalias @AdrianVovk I can think of a use: logging in using one session with a new desktop environment to check it's configuration without having to log out of my old desktop environment first. But in that case I absolutely want the new session to be the same UID as the older one because I want to be the same user as far as the system's concerned, not someone else.

@dalias Reject that commit. And block the committer, because that kind of thing leads to breakage when glibc changes things or something other than glibc is required.

@aral This is breaking down, though. The last decade I've noticed developers are less and less interested in understanding their code and working on it. They want to just get something that passes tests and move on to the next thing, and if it breaks in production they'll put that in the queue to fix.

@glynmoody Now aim them at C&C elements instead of front-line soldiers.

@dalias @bedast The servers involved belong to Tesla and are part of the sysadmins' responsibilities. This is something too many people fail to grok.

And in too many cases the sysadmins aren't just allowed to look, they're legally required to look and to act on what they find.

@bedast It goes back a lot further. Rule #1 as far back as the age of mainframes is that the sysadmins can see *everything* you do. That's pretty much their job. It's just that, for the most part, we didn't care that much. Your porn was, frankly, nothing we hadn't seen dozens of times before and as long as you weren't interfering with normal operations we had more important things to do with our time.

@glynmoody I'm not sure they have the physics of that right. It's pressure differential that drives the flow, and it sounds like they're handwaving away the pressure from the water column in the output line. They may be depending on the siphon effect, but I'd want some independent analysis of the math behind this. If just running a vertical pipe to that depth doesn't result in flow out the top of the pipe, I can't see how this is going to work the way they say it does.

@glynmoody And if he can't do it, he'll claim he can and do it anyway.

@hrefna I understand the term quite well. When I dealt with it, "collateral damage" meant "block all email from entire ISPs and all their customers". And I was fine with that, because measures that didn't go that far had been tried repeatedly for years and weren't working. Email spam was still a massive problem even with individual anti-spam measures in place. So, massive collateral damage it was. And you know what? It worked. ISPs started to clean up their acts.

@hrefna And yes, we were called unreasonable then too, for many of the same reasons. We noticed patterns in the people who called us unreasonable, too.

@hrefna Yes there's collateral damage. That's the point, and I want it to happen. I'm using that list because their being a transphobe is enough of a hard nope for me that I don't want to interact with them on any other subject either except under exceptional circumstances.

@hrefna As someone who'd use such a list, I'd disagree. JKR is a canonical example of who I'd expect such a list to block. If the list doesn't block her, what other well-known transphobes will it also not block? If I want transphobes automatically blocked, having the most obvious ones not blocked limits it's utility to me.

@glynmoody I'd love to see that. Maybe they can solve the unit-price problem with it?