What is gambling? Does it need to involve money? What is money? Money is a human invention.
So is gambling about resources, power and status? If so then can gambling CS skins count? What about candy crush lootboxes?
If gambling is about risk, does parkour and base jumping count?
One of the most insidious forms of "gambling" I've seen is probably PvP matchmaking. I am fairly certain that games from Supercell have rigged their matchmaking to engineer a degree of frustration to keep you hooked. When you tie that to a ranking ladder it can get quite easy to get hooked
Cool story, homosexuality was a mental illness according to your Bible at some point...
Almost as if science was a fluid thing, almost as if we updated our knowledge as we go, almost as if this was only possible through debating opposing views, very weird....
But you're probably right we should stop even thinking about it, the DSM doesn't talk about it so why would we
> sluggish performance of a 2015 iMac since practically the day we bought it
I wish I had found this website when my MacBook Pro was still alive, maybe Chrome actually killed it after all. The low performance was so bad I moved to Windows 10 ("the last Windows system" they said), but after it notified my system can be upgraded to 11 I quickly moved to Ubuntu. I'm currently experiencing a few hiccups and reduced them with some memory tweaks, but still the experience is much better than Mac and Windows.
It's interesting to compare that guide "How to report bugs effectively with ESR's "How to ask questions the smart way" [1]. They both cover similar material, but the styles are extremely different. The latter is rather hostile to the reader: "If ... then you are one of the idiots we are talking about." "If you decide to come to us for help, you don't want to be one of the losers." It's also heavy on "us vs them", how we are experts and you need to treat us properly.
You know, it just occurred to me that the "How to ask questions" document is targeted as much at hackers and how they should maintain their "standards" than at users who are asking questions. For example, the document has approving examples of "logically impeccable but dismissive" hacker answers; these make more sense as instructions on how a hacker should respond than as something relevant to a user.
I guess my point is that I had read the "How to ask questions" document for decades and viewed it as an objective document, not realizing how arrogant and "gatekeeping" it is.
I agree, that "how to ask questions the smart way" article always left a bad taste in my mouth. Perhaps there should be a "how to answer questions" companion piece.
esr seems to have a pretty big ego, just based on his writings. (e.g. at one point he declared that he can tell if someone is smart or not just by looking at them)
He actually at one point wrote that he was a reincarnation of the god Pan, so he has/had a very literal god complex, too. It's such a shame that he was the person to interpret hacker culture for those of us in the future, because he's hardly a good lens
I don’t disagree with your sentiment, but that wasn’t meant as a literal “I am the god Pan” — it was figurative, hyperbole. At least, that’s my recollection from when I read it a couple of decades ago.
I've read it more recently, and he did mean it literally. I've cut this together because it's far too long to quote en masse, but the full thing is at [1]
Desperate for something to feed my jones, I snaffled my other sister's
abandoned flute. And wow! I was a natural...immediately better with it than
with the guitar I'd been hacking at for months. [...] This was delightful but
mystifying. All I'd had to do was learn to play a scale, and this amazing river
of music poured forth with barely an effort on my part. It seemed almost as
though my hands and lips had always known what to do, had been waiting for me
to pick up the flute. [...] I got these stunning rushes of pure timeless joy,
when my consciousness seemed to expand outwards from the limits of my skin to
fill the universe and I could no longer tell whether I was playing the music or
the music was playing me. Nor were these effects just going on inside my own
head. [...] I was walking home, idly puzzling over this peculiar incident, and
damn near fell over when I finally got it. That girl had been trying to cope
with a theophany; she had looked at me and seen a god. A particular god. And I
knew, suddenly, with utter shattering certainty, which one it was. And that it
probably was not the first time I had inadvertently triggered such an
experience, and would almost certainly not be the last. [...] Not that I took
any of it seriously as a description of the real world. It was an intellectual
chew-toy, perhaps at best a way of understanding the pathologies that prevented
human beings from living the infinitely more desirable life of reason and
science. Until I realized, finally, belatedly, what had been happening to me.
Until the Great God Pan reached out of my hindbrain and thundered "YOU!". And
his gift is music and his chosen instruments the pipes and flutes. And his, too
the power of joy; magic so strong that when it flowed out of me, even before I
knew what I was doing, it amazed people into awe and incoherence and poetry.
[...] (And, oh, yes. The first time I handled a set of pan-pipes I could play
them. Fluently. Effortlessly. And knew I could before I touched them.)
The https://WhatHaveYouTried.com guy backtracked after a few years in the linked follow-up article, ashamed of giving the geek world another way to gatekeep and tell unworthy people to get lost.
Gemmell made a mistake in assuming the shame and guilt of the people who abused his article. The article is just a tool. We should hold the abusers responsible for their gatekeeping and telling others to get lost.
It's probably fine, if you put it in a separate section, clearing indicating that you are guessing.
At work we have an optional "diagnostic" section in our ticket template, mainly intended for the team, but I'd be happy to see a user try to fill it. At worse it's harmless, at best it gives the actual reason, somewhere in the middle it can give ideas even if it is wrong.
I wish. It happens very often that such speculation derails the whole investigation. It really shouldn’t, but people are people. If the title of the bug report says that the foobar is broken it might take weeks until someone realises that they were wrong and actually the problem is in the frobnicator which feeds the foobar.
Especially when because of this we assing the investigation to the wrong team. The foobar people don’t want to appear as if they don’t take the bug seriously, but all they check everything looks normal on their side.
The above filter causes a problem with gmail as reported by some user. The below filter seems to work properly on search according to the ublock team member.
Were they really that significantly more secure? You still needed to do regular maintenance on the underlying image, etc. Same with Docker. The only big difference I see is that yes, breaking out of a container is easier than out of a VM. But are there any other significant vectors I should be aware of?
They were not more secure, just more isolated. The challenges are different.
Containers are just namespaced processes that share the same kernel as the host. A host has access to all container processes, uids, gids, file systems, and networks. Cgroups are used to limit resource access.
To run containers securely you need to understand how to protect running processes. You need to use unprivileged users where possible, drop all kernel capabilities not required, run Linux Security Modules (AppArmor, SELinux) to prevent processes from doing things they shouldn’t; and, run containers based on the smallest image possible, since a container should only have files that are absolutely required to run a process, and nothing more.
Even when you do it all right, in a multi tenant environment, it’s not safe to run all containers on the same hosts.
So if I am understanding this correctly the challenges of setting up a secure linux VM and a container are more or less the same?
The point about multi-tenancy is absolutely understandable. Isn't this an old story from the PHP world with multi-tenancy? I think a good generalization is: don't run on multi-tenant systems if you do anything (!) critical (e.g. authentication or payments)?
But that of course disregards the fact that when people _can_ do something, they _will_ do it even though they shouldn't (like running E-Commerce systems in multi-tenant environments).
Another thought regarding isolation: aren't VMs essentially just running on one host as well? Is that why you said "VMs are _more_ isolated"?
That's a very important difference, because isolation and the associated increase in overall security of the system is a core purpose of any virtualization technology. Docker promises a lot here, but a lot of those promises remain unfulfilled in reality.
Yes, containers are inherently easier to break out of than VMs, but even with that caveat there is room for improvement in container security. That alone is enough reasons for me not to be a big fan of docker in production.
But there are other vectors. With a VM you get a whole linux distribution, which of course increases the attack surface, but at the same time you also get much better isolation and that distribution's team of maintainers looking over your software, providing security patches, advisories, a simple way to update the system and so on. On the other hand there exist 'docker best practices' tutorials (not the posted one) that recommend not updating your base system at all in the name of reproducibility. Docker's solution to update management is manual image tagging and manual updates, possibly with help of external tooling. I don't think that's a good solution for that problem.
Imo the overall best solution is to run stuff in VMs and pick a lightweight distro for that.
