Just alias pdoman=podman. I do that with all my common typos.
thesmokingman
joined 1 year ago
I’ve got friends at Boeing on DoD contracts. Not only is it waterfall, it gets tested hardcore. My experience in private industry is the exact opposite. A consultancy I know of just lost (pretty sure) a state contract because they opened shit up to the public because, surprise surprise, they didn’t test their infra changes.
Now I will say that when I have had to manage client SLAs and there is a cost to post-release defects and change requests, testing increases. Not to the level I’m super comfortable with (which is well below perfect, mind you; I like shipping more than once in a lifetime), but a bit more.
You highlighted the wrong portion of this article.
The complaint cites statements including from a March 5 conference call where Kurtz characterized CrowdStrike’s software as “validated, tested and certified.”
If the CEO is making claims that the software is tested and certified, then the CEO should be able to prove that claim, no matter where the software lives. It is very reasonable to say, at face value, the CrowdStrike testing pipeline was inadequate. There is a remote possibility that there were mitigating factors, eg some other common software update released right before from another vendor that contributed; given CrowdStrike’s assurances and understanding of where it falls in most supply chains I consider that to be bullshit. I personally haven’t seen anything convincing that shows a strong and robust CI pipeline magically releasing this issue.
Now shareholder lawsuits are bullshit in general and, as someone constantly pushed to release without fucking any confidence, I think it’s really fucking dumb to ever believe any software passes any inspection until you have actually looked at the CI/CD process in-depth.
The problem is the underlying API. parseInt(“550e8400-e29b-41d4-a716-446655440000”, 10) (this is a UUID) returns 550. If you’re expecting that input to not parse as a number, then JavaScript fails you. To some degree there is a need for things to provide common standards. If your team all understands how parseInt works and agrees that those strings should be numbers and continues to design for that, you’re golden.
A few different things contribute to this and, unfortunately, there’s very little you can do to fix it. I’ve spent (wasted) a ton of time trying to prevent it on my end.
- If you used your phone number on your voter registration, reregister immediately without your phone number. This is public information and it’s where these things start.
- Find contact info for your local, county, and state parties. All sides. Call them up and ask that your information be removed from their database(s). You might have to escalate a bit because usually phone bankers don’t know how to do it or don’t understand why you want privacy. Worst case scenario you can pull out a sob story about an abusive ex and how your information isn’t supposed to be public at all. That will usually get your shit pulled.
- While you’re on those calls, try to find out where they either send or pull their data from. Next go there and do step 2 again.
- Repeat step 3 as many times as it takes.
However, individual candidates who may have received a copy of your data or canvassed you might not get the notice. Eventually their copies of your data might get leaked. You have no control over this and no recourse. I know this from personal experience. Through a unique mixup with a name, I have slowly watched my data go from politician to politician to now general spam. It’s not coming from data brokers because the only place the mixup happened was with political data.
Best of all, the FTC doesn’t give a shit. If someone “manually” sends you a political text, it doesn’t require prior consent. The “manual” setup for this is a bunch of VoIP shit that doesn’t actually go back to a real human ever and is about as “manual” as the fully automated assembly lines from How It’s Made where a human is standing nearby with a clip board saying “yup that’s a widget.”
I have not actually been able to use any Reddit results for awhile. It might be that I force old[.]reddit[.]com and Reddit has finally cracked down on that?
The correct way to get someone to move to FOSS is to show them how to do it, not tell them it exists. OP already said they can do the YouTube -> captioned gif in 10min so you need to provide a simple tutorial that identifies the tools to use, how to set them up, and how to create a workflow to achieve the goal of some format with captions in under 10min.
Notice how I explained what was wrong and how to do it? That’s what’s missing from most “you need to use FOSS” posts, including yours.
You realize that Bitcoin is traceable, right? You kinda picked the wrong crypto to use as an example. Unless you’re completely in the Bitcoin system and never connect to any outside system or interact with anyone who interacts with an outside system or interact with anyone who interacts with someone who interacts with an outside system or so on (it’s not quite ad infinitum), you are most likely traceable. Tools like Chainalysis have been used by governments for almost a decade.
Your other points aren’t really valid if you ever want to convert Bitcoin to something that isn’t Bitcoin. I’m not aware of complete supply chains and grids that exist solely on Bitcoin (or any combination of crypto for that matter) so things like having control of your money, needing ID, and trusting centralized entities (sure, exchanges plural) are a huge part of Bitcoin.
It doesn’t sound like you have a good grasp on the differences between this case and Ross Ulbricht.
I wasn’t aware Silk Road was taken down via FISA. I’ve read all of the long form accounts of it that I’m aware of and I don’t remember FISA being mentioned at all. Can you share a source?
I can’t find this being a problem. What circles do you move in where “jerk” is a problematic word?
This is a common problem. Same thing happens with AWS outages too. Business people get to manually flip the switches here. It’s completely divorced from proper monitoring. An internal alert triggers, engineers start looking at it, and only when someone approves publishing the outage does it actually appear on the status page. Outages for places like GitHub and AWS are tied to SLAs that are tied to payouts or discounts for huge customers so there’s an immense incentive to not declare an outage even though everything is on fire. I have yelled at AWS, GitHub, Azure, and a few smaller vendors for this exact bullshit. One time we had a Textract outage for over six hours before AWS finally decided to declare one. We were fucking screaming at our TAM by the end because no one in our collective networks could use it but they refused to declare an outage.