> if you try to sit down and try to start the work and just CANNOT emotionally bring yourself to do the work or get your brain to engage, then it's probably something more than just normal procrastination
I've had so many problems with this in high school and college, it's unreal. I've only started to fully comprehend my problems with anxiety this past semester but reading all of this makes me wonder if there's something more to it than just that.
If it's really that hard to get engaged into something that you aren't innately interested in but that you know you "should" do, I would seek an ADHD diagnosis. It's a pretty big symptom. Sometimes it really is not possible and even if it is it's extremely difficult and you feel dumb for it (but obviously you shouldn't, it's not your fault). It's like your mind throwing a tantrum and refusing to engage with the work at all.
The difference is really not being able to focus if it's not interesting. Your brain will constantly turn to other stimulation if it's not getting it from the current task. Sometimes you might be able to do it, and other times you won't. That's one of the most frustrating parts of ADHD. You feel like you've done it before, so why can't you do it now? "Normal" people can still focus (or get started) even if something is not interesting, they just have to start.
Most people won't like to do uninteresting things, but the threshold for boredom is extremely low in those with ADHD so they will struggle a lot more to stay focused. It's a spectrum unfortunately, so there's no one definitive measure that says "that's definitely ADHD". To be honest, if you find yourself seriously questioning/wondering about whether or not you have ADHD it probably means you're struggling to an extent and aren't 'normal'. Otherwise, it wouldn't be something you are questioning.
Not wanting to do it and not being able to do it are two different things. To an adhd person boring tasks aren't just boring to do, they are impossible to do even if they were paid a million dollars to do it.
I call it not being able to put one foot in front of the other. You will find all kinds of distractions to try to not think about it, because to think about it is almost physically painful.
Would second this, if the though of doing the dishes is equivalent to someone shooting your dog emotionally then you have an issue. It just seems like life cannot go on to get yourself to drag yourself to the sink and start washing them. Now I do them almost every time I take a break.
No, you're absolutely right. The author complains that with physical possession of the device that it's possible to transfer Signal's private key material to a new device, leaving the old safety number intact.
The author apparently expects the safety number to change in order to alert the person on the other end that there "might be a hostage situation," evidently not realizing that the attacker could just, well, use the unlocked phone right in front of them.
Well, if I assume that I just got temporary access to someone’s unlocked device, then it would probably be a lot more convenient for me to quickly transfer the account to one of my own devices and then access it from there instead of accessing it from my targets device which I might lose access to any moment.
So from that point of view it would be legitimate to argue that I might want to get notified if one of my contacts transfers his account. I can then double check : “Did you just transfer your signal account to a new device or was that an attacker?”
That might only be interesting for high-risk users though and could impair the UX. Why not make it optional?
Configurable security posture is the sort of thing that got RSA into trouble. For the huge majority of users, opinionated security is a much better approach, even ignoring the maintenance problems of having special features.
The temporary access threat model is a common criticism that people use, but it is largely incoherent. Once you are making human judgements like "enough time to transfer a signal account but not enough time to install a rootkit" things quickly break down into meaninglessness.
I don't really like trusted computing, but it is part of the mobile security model. There's a distinction between Signal deliberately facilitating extraction of the keys, and having to break a device's security to do so.
Signal has a PIN, too. If that's required for the transfer, then it would prevent this in the case of brief, surreptitious access. A hostage scenario is impossible
> There are many cases where an attacker can access a device for a short time and/or without the owner realizing that the phone was tampered with.
This is what you originally responded to. I paraphrased it. The "heavy lifting" meme that you've employed is rarely more than a shallow dismissal. Be better.
TL;DR of article: Signal transfers key material upon migrating to a new device if you use the "transfer messages" workflow. As a result, safety numbers do not change.
I don't see how this is a problem at all. This was actually a feature that many Signal users wanted to use - they didn't want to re-verify safety numbers every time that they had to reinstall Signal or switch to a new phone.
> We don't want anyone to get hurt by way of trusting privacy guarantees which may be more conditional than they appear from the docs!
> If Bob notices the chat safety number with Alice has changed and then Alice sends a bunch of suspect-sounding messages or asks to meet in person and Bob has never met Alice in person before, for example, Bob should be wary. After Alice for example is forced to provide device passcode or unlock their device with their fingerprint or face, Alice's device could be cloned over to a new device by way of quick transfer functionality without Alice's consent, and the messages could be coming from the cloned device rather than Alice's actual device.
Respectfully, this doesn't make any sense. Signal provides security from device to device, it doesn't stop someone from pointing a gun to your head and looking at your messages or pretending to be you after stealing your phone. If someone has the physical possession of your phone necessary to perform a device transfer, then you're already screwed. The idea that a safety number change would alert the person on the other end that you're being held hostage is outlandish and is completely divorced from any normal use of Signal.
You assume here that you are aware of the fact that your device is in the hands of someone else.
I could ask you for your device under the pretense of making a phone call and then secretly transfer your account to my device. I could then secretly read your chats from my device and no one would be aware of it - until you check the amount of active sessions in settings.
I would say "requires" rather than "reduces to". Just like all security requires vetting personnel. There are just a lot of checkboxes that need to be ticked as table stakes in the security game.
I would state that physical security is both necessary and sufficient to protect information.
Vetting personnel isn’t necessary, nor is it sufficient, to protect information.
Protecting more than just the information, is a different argument.
If we’re talking about securing personal information that has a physical footprint of a cell phone, vetting personnel is irrelevant. Never let your phone leave your person, on pain of death, so to speak.
If we’re talking about securing a building, vetting personnel is just an extension of physical security, anyways.
All of those checkboxes will ultimately reduce to being an extension of physical security.
You don't have to associate with anyone as a private individual if you don't want to. In the present case, the school district is an arm of the state and cannot punish a student for constitutionally protected speech.
I don't think the city council is oppressing anyone by having the police issue citations to people who wake me up at night with their obnoxious mufflers.
The personal satisfaction from having a loud muffler is actually less important than my ability to sleep at night.
I may be misunderstanding, but having a city council isn't an antithesis to self organizing societies.
In my understanding abandoning self organizing societies that could have more or less noise friendly communities in favor of top down politics that more closely resemble a centrally planned society/dictatorship.
Allowing a city to define what it means to live within it is generally accepted as not the same as a centrally planned society. Certainly that is the case within the United States, where there are very many options for what kind of city one wants to live in. We are not talking about city-states like Singapore. So yeah, we can penalize the noisemakers and not lose any sleep that we're degrading into a dictatorship.
The Coase Theorem suggests that, with sufficiently frictionless microtransactions, people who prefer to make noise and people who prefer not to hear noise could all be happier.
Maybe a phone app with a decibel-meter and a distance metric to each other such app within hearing distance, with pre-authorized amounts to transfer for each decibel level created/experienced?
Lots of them would be happier to get a small amount of money for being just a little bit quieter. People preferring peace and quiet would be happy to pay a small amount of money to get fans of noisemaking to stay below their annoyance threshold.
Rough sketch of a potential process: Harley Q. is riding through the hills with the throttle open when her phone buzzes, indicating she's approaching an area with residents willing to pay above her threshold for <80db experienced noise. She rolls off the throttle and coasts through the upcoming neighborhood, or takes the long way around. Maybe a small extra payment would be put in escrow if she doesn't approach that area while making noise for a few more weeks.
Please note that the apparent bias toward paying the noisemaker is an artifact of existing noise ordinances. Coase can only help us from where we currently are, not from an imaginary utopia.
If we place this in a hypothetical city with a 40db noise restriction, which allows neighborhoods to accept louder noises by consensus, the payments reverse; Ms. Q will try to select the cheapest neighborhood she can enjoy her noise through, and its residents will end up collectively richer in exchange for suffering through the noise.
That's like saying, "I'll stop punching you if you pay me $50, but until then I'm really enjoying punching you." Assholes are assholes and should not be paid to not be assholes, they should just stop it or pay others whenever they cross the line (via fines or other means).
> That's like saying, "I'll stop punching you if you pay me $50, but until then I'm really enjoying punching you."
It's not at all like that, because punching people is currently illegal, and making noise up to a certain threshold is legal. I like peace and quiet more than I like making noise, so I wouldn't mind a lower legal threshold; but the advantage of paying people instead of fighting to change laws is that there's no actual fight.
The advantage of casting things as a moral struggle instead of a difference in preferences is, of course, that you might be able to gather enough allies to defeat the other side and take their stuff.
The starting point for a Coase bargain is here, now. If you successfully get the laws changed before bargaining, that gives you a different starting point for bargaining.
If you do have the ability to reliably get laws changed at some expense, you should bring that up while bargaining; it will give you a stronger position. You should be able to get a deal that's better than actually spending whatever resource it would take to change the law.
Lots of reading game theory & economics, and saying "that doesn't make any sense," then reading it again until it made sense. The "rationalsphere" is where I read most of it; sites like lesswrong, overcomingbias, putanumonit, and thezvi.
Sounds like a magnet for noisemakers to route their trips through while staying just at or under the annoyance threshold -- a threshold which, with increased sensitivity, may be shifting lower.
You'll note that I already suggested a small additional payment in escrow for noisemakers to stay away for a few weeks or whatever. I also doubt even the most noise-sensitive neighborhoods would be willing to pay enough to make regular, special trips just for noise-profiteering worthwhile. If they were, it would probably approach the strength of preference that they'd be willing to fight to change local noise ordinances and get an enforcement push.
My willingness to accept your loud muffler bottoms out at $100,000 per 100 mS per decibel over 40 dB. If you're willing to put up $4-5 million every time you drive by my house, I'm willing to let you pay me for the privilege of ruining my sleep for your stupid car.
Are you Jeff Bezos? You must be crazy rich to not accept less that $4m for a minute of inconvenience. I'd endure it for $100 - with just a couple bikes per day, I wouldn't have to work!
Unless you have a government under your thumb, you'll never compel a population to install this app and all use it. Even if you did manage to convince people to use it, participants will game it into submission before it ever gained relevancy.
> you'll never compel a population to install this app and all use it.
Everyone who uses the app gets something they individually want. Noisemakers get the opportunity to be paid to be quiet, and quiet-likers get the opportunity to enjoy peace and quiet for a bit of money.
There's no coercion necessary, although it does rely a bit on geographically local network effects to be useful at all.
Well, if we're willing to go the financial incentives route, we could just slap their ass with a $250 ticket when they ride through town with loud pipes. No need to get all complicated with phone apps and tracking such.
And the "Didn't-Think-This-Through-Did-You" Department asks if one really thinks the Loud Pipes Save Lives and Freeduhm! crowd is going to use a location-tracking app? If the answer is yes, boy, has the head of that department got some bad news for you.
> Well, if we're willing to go the financial incentives route, we could just slap their ass with a $250 ticket when they ride through town with loud pipes.
I could see the Harley crowd being reluctant to install such an app, but I could also see it going the other way with the right marketing. After all, your phone already tracks your location and reports it to any company willing to pay. And what if, instead of just cash, the app gave discount points for a local leather chaps store?
I feel like this would be the one legitimate criticism of Section 230, but I don't really know how you would "solve" this problem. Maybe a DMCA-esque system for defamation, but on the other hand I feel like that's also ripe for abuse and would hamper online anonymous speech. Is it fair use to post a picture of someone if the text accompanying that picture is libel?
From the pattern and other things I've seen from employers, it seems likely to be a response to particular content complaints where the specific content is something the employer doesn't want to draw more attention to from anyone who hasn't seen the initial complaint.
Colleen Oefelein's posts on Gab and Parler are publicly available and appear to be nothing more offensive than reposts of her tweets. I don't think that there is any more than meets the eye here. Her announcement that she was using the offending platforms was enough to raise a twitter mob against her to put pressure on her employer. More here:
Respectfully, how exactly would federation have helped with this outage?
Signal's own official clients failed to properly back off from spamming the server with incessant requests. I'm not entirely sure how more third party clients would have helped with this issue.
It would not have prevented the outage. But there would have been other servers where people could register and communicate during the outage. At least with Mastodon this seems to be working in practice. Over-populated instances usually switch to invite-only registration.
Federation would, technically, decentralize the network and ensure there is no single point of failure. Federation would mean Matrix is about as likely to have a network-wide outage as email (or, for a more apt comparison, Mastodon).
Realistically, I understand that the Matrix.org homeserver is an enormous part of the network and an outage there would be comparable to this one.
However I believe that to be an orthogonal problem that also should be solved.
I'm actually curious, why does Matrix promote the Matrix.org homeserver so strongly? Why isn't there an easy link to community-run homeservers?
If you look at Mastodon for example [0], their onboarding process directs you to a registry of community servers [1], which actively promotes diversity in the network and therefore network resilience and reliability.
Matrix meanwhile, just links you to element.io, which creates an account on the matrix.org homeserver.
Synapse (Matrix reference server implementation) had for a long time severe performance issues when dealing with large rooms. Clients would try to enter a room and would take literally forever to be able to get messages for that room.
Also, the natural reaction from people upon seeing how some rooms from bigger instances were causing problem was to create their own instances and their own rooms.
Can somebody clarify if I'm correct in believing that feature flags are client features that can be activated server-side (as opposed to an app update)?
I've had so many problems with this in high school and college, it's unreal. I've only started to fully comprehend my problems with anxiety this past semester but reading all of this makes me wonder if there's something more to it than just that.