jj4211

jj4211 , 2 months ago

Both can be true. The big powers don’t mind murderous lunatics, so long as they export some sweet hydrocarbons and keep the violence directed at their own people or people the big power in question doesn’t like. Note I didn’t limit that sentiment to the west.

jj4211 , 2 months ago

I think this is the disconnect.

We have legitimate rental use cases. During college, owning a house would have made little sense since I had no idea where my life would take me. If someone is on an overseas assignment for 3 months, buying a house would be nuts.

On the other hand, out of state companies have bought every house in my neighborhood that has come up for sale over the past 5 years. The tenants I have talked to are there not because their arrangements should be temporary, but because all housing stock is purchased by companies.

So yes, there should be some medium-term rental for certain cases between days to a couple years long. It should not however smother even the possibility of home ownership for people with longer term plans.

jj4211 , 2 months ago (edited 2 months ago)

To offer a counter perspective.

My house has been paid off for a decade. The mortgage was a significant cost, but unlike rent it went away (and stayed at a flat rate as rents went up). I spent a boatload replacing the HVAC, but it was “working”, it just sucked. If I were renting it would have just stayed at “suck”. I replaced the roof once, but because I wanted solar panels, which again if I were renting it would never happen. So over the last 20 years, I’ve put up with only two significant items and both were elective. When I was renting the only thing that the landlord had to cover was when the 15 year old water heater rusted through and he just had a cheap low end unit swapped in, probably a 600 to 800 dollar job at the time.

For the past 6 years it’s been nothing but insurance and property tax. I’m getting boatloads of money from not having to pay rent or mortgage. This is the light at the end of the tunnel of a mortgage that is nowhere in sight for perpetual renter.

Have a colleague that opts for home warranty to own house but not be surprised by big repair expenses. I’d be skeptical, but he says his has honored their warranty reasonably.

jj4211 , 2 months ago

Back when I was in school, it was a few single story buildings and then a trailer park of more classrooms.

jj4211 , 2 months ago

Well, not always hands on wheel. I have spent over an hour straight on an interstate with hands off. Ford’s system watches your eyes and lets your hands stay off if it’s decent conditions and on a LIDAR-mapped freeway. Note I wouldn’t trust it at night (there have been two crashes, both at night with stopped vehicles on freeway), but then I wouldn’t really trust myself at night either too much (there are many many more human caused crashes at night, I’m not sure a human at freeway speed could avoid a crash with a surprise stationary vehicle in middle of the road).

jj4211 , 2 months ago (edited 2 months ago)

This presumes the options are only:

• Human and no autonomous system watching
• Autonomous system, with no meaningful human attention

Key word is ‘assisted’ driving. ADAS should roughly be a nice add, so long as human attention is policed. Ultimately, the ADAS systems are better able to react to some situations, but may utterly make some stupid calls in exceptional scenarios.

Here, the bar of ‘no human paying attention at all’ is one I’m not entirely excited about celebrating. Of course the conditions are “daytime traffic jam only”, where risk is pretty small, you might have a fender bender, pedestrians are almost certainly not a possibility, and the conditions are supremely monotonous, which is a great area for ADAS but not a great area for bored humans.

jj4211 , 2 months ago

The conditions for the system to work are such that if you could find a policy to cover only those conditions, it’d probably just be like a couple dollars a month. Even behaving “badly” you would be unlikely to have an accident and even if you caused an accident, it’s probably just going to be a couple thousand in property damage with no medical implication.

jj4211 , 2 months ago

While I see a lot of posts that would have this problem, at least the discussion are a bit more balanced compared to when the same stuff would happen on Reddit. So for example fuck cars is about the same in terms of posts, but here I tend to see a bit more back and forth and a balanced perspective on how the comments are up voted. On Reddit, any comment vaguely questioning the circle jerk will be down voted into oblivion and receive nothing but angry replies.

The amount of apolitical posts is a bit disappointing though.

jj4211 , 2 months ago

A wealth tax would be more of a property tax than an income tax. That sort of percentage is consistent with those sorts of taxes.

jj4211 , 2 months ago

Actually, a private company would likely not count. At least one of the “certainly rich” people in my region that would be a billionaire, is not because his gigantic company is private.

jj4211 , 2 months ago

The tricky part is that has implications for business control. Other people speculate the market cap into 50m and then they take over control of your company, because you are forced to sell off your stake. So an arbitrary coalition of 3 rich dudes can just take over your company on a whim, if it is vaguely important enough. A coalition of rich people is not likely going to treat the customers or employees better.

jj4211 , 2 months ago

They are counted as income. When company grants stock, it appears in W2, for example.

The rub is when their extrapolated value changes, and this would be fine if they sold, as there is a tax system for handling that too, but there are gaps with borrowing where they can game the system by borrowing against the value instead of selling. By needlessly living in debt, they can manage their tax burden in ways unavailable to mere mortals.

jj4211 , 2 months ago

Well, maybe not the laughing, but if the wealthy can play in the nuance more confidently and accurately, even if you are right broadly you’ll have a more uphill battle trying to win. If they point to the rhetoric and are and to highlight incorrect details, they say “see, they just don’t understand things, so clearly ignore them”. Or if you “win” they play in the nuance to stack the deck in a different way so they win again, despite you ostensibly getting what you drive for.

However if you have on point critiques and suggestions to consider, maybe it’s easier to drive for a system that reigns then in better, and is less likely to just let them move the loopholes.

As SunTzu wrote: If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat.

jj4211 , 2 months ago

Well, sure. Just have to accurately describe what to stop. Usually calls to action don’t understand the actual scheme in play, so folks ask for things that either don’t make sense or already exist. Within that context hard to fight when you don’t even know what to fight

jj4211 , 2 months ago

Then the shares would be capital assets and count. Yes the company’s assets count (real estate, and such,) but a big part of the wealth of the head of a publicly traded company is the value of the “company” apart from actual assets. This part of a private company as far as I know frequently “doesn’t exist”. At least not in a way that figures into “net worth” of the owner. Valuation is based on extrapolation of observed shares of company being transacted, if you have sole ownership, there’s no market rate to use for accounting.

jj4211 , 2 months ago

Speaking of that house to buy, I’m getting taxed on my “unrealized gains” in my home value being estimated higher, despite it being where I live and not really primarily intended as an “investment vehicle”.

So if property tax can apply to stuff I’m not using as “money”, then I have a hard time objecting to the same general principle applied to stocks. The same arguments that can be made about stocks can apply to any property tax.

jj4211 , 2 months ago

Depends on the structure. If it’s 3% on value over 5 million, then the bottom 95% will not even have a dent. If it is paid by even average retirement funds, but funds more expensive Medicaid or your kids college education, you still win. It all depends on the details.

I suppose there might be some sell off to cover the tax bills if the wealthy, but it probably wouldn’t shake the markets too much.

jj4211 , 2 months ago

At some scale it isn’t but at some scale it is. If you are saying no one would give musk 240 billion actual dollars for all his shares, you are right. However he could definitely get a million dollars for the 1/240000 of his stock. Hence why any wealth tax assessed against stock needs to be a low percentage.

The total valuation of the s&p 500 is way way over the number of dollars that “actually exist”, so it’s obviously not able to be made into real liquid in entirety, yet plenty of people do make money on the subset that trades.

Same thing can be said of houses, but we seem to find it normal to tax based on the extrapolated value anyway.

jj4211 , 2 months ago

I’m saying that we already have the concept of small tax rates against unrealized “gains” for the common folk, so it’s not crazy to think that unrealized gains for the rich folk could be some sort of fair game, on a roughly analogous scale. Mostly the same concerns about unrealized stock value apply to real estate property. The exceptions that I can conceive of would be:

• Housing already has the typical property tax priced in. So whatever the effects of the wealth tax would be, it would be novel and thus some sort of adjustment would occur.
• Housing has some intrinsic use and is not just a financial vehicle. People want to be in a house and most don’t even want to think of it as an ‘asset’ if they don’t have to. So one’s desire to reside in a primary residence is not dissuaded if you had reason to think you could “earn more” elsewhere. Stock is a more purely speculative financial instrument, so behaviors could be different. If a 3% tax across the board were levied, suddenly the effect is that investment vehicle is handicapped by 3%. So the average S&P return is 10% today, and thus would be effectively 7%, which might trigger some moves. Or if you say ‘3% over 10m’, then you get a shift where relatively less moneyed investors become an advantaged class, which might be interesting.

jj4211 , 2 months ago

Okay but if you take out a loan then you need to repay the loan with income which is taxed, so…

Part of the problem is there are shell games around the repayment. I thought this could be handled by any use of the stock as collateral should count as a ‘sale’ for tax purposes, and any taxes on those proceeds that would be “double taxed” as folks are so afraid of can be offset by tax credits if the loan is ‘properly’ repaid in a normal way. So if you loan but repay normally, ok, you gave the government a ‘0% loan’, but you are still “fairly” taxed other than that, and the 0% loan is a small price to pay for access to your wealth.

jj4211 , 2 months ago

That would be interesting to know. If it’s a whole bunch of people, I could easily see that. We have some analogous relationships and I can’t recall anyone ever getting this weird over a few dollars. Of course the only expenses that anyone covers anyone for is pretty much cash tips at restaurants, and things like attending a catered party, where it would be incredibly classless to ask people to pay for it to attend.

jj4211 , 2 months ago

To be fair, that’s an accurate representation of a human Gab user

jj4211 , 2 months ago

I’ve been sick of him from the first moment I met an adherent. I mentioned how I like to avoid debt and pay it down early and the person said “Oh, so you listen to Dave Ramsey?” I confessed to having no idea who they were talking about, and they swore that I was being obtuse because I couldn’t have come up with “interest sucks” on my own.

jj4211 , 2 months ago

I guess we could be grading on a curve of people that view Ramsey as brilliant…

jj4211 , 2 months ago

Yeah, I’ll confess to not bother looking too deep into his stuff, but I occasionally see an exchange where someone asked for advice and it is always the exact exchange over and over: “I make minimum wage but I just had to buy a 90 thousand dollar truck and an having a hard time with finances” “You shouldn’t have bought that truck, get rid of it and don’t borrow money like that”

Like why would any vaguely functional human ask that same question when they have to already know the answer. I’m wagering that most of the “questions” are fake. I just can’t believe there are that many people that wouldn’t already know his answer if they vaguely know of him.

jj4211 , 2 months ago

But you were in debt, and the example given of a home mortgage is pretty definitively a debt worth taking on, as rent and increasing housing costs will easily outpace accrued interest.

You should pay that debt down quickly, unless you’re mortgage rate is crazy good and investment returns are crazy high, but that’s not usual. But taking on a mortgage is about the only way you can get into owning a house except for being a trust fund baby.

Some people may have to suck it up and tolerate a car payment, of they can’t afford a 6 to 9 thousands dollar car, because they need transportation to get to work, and any car cheaper than that will be very expensive to repair.

Carrying over any balance on a credit card? Yeah, that’s always a terrible idea.

jj4211 , 2 months ago (edited 2 months ago)

Broadly, I wonder if these folks have no memory for how they were regarded.

The silent generation was broadly characterized as all being lazy beatniks.

The boomers were all characterized as being lazy hippies.

Of course gen xers, millennials, and z have all had their turn.

Every generation broadly bemoans the laziness of the young generation. I recall reading someone who sampled media going back to 19th century, repeatedly finding the “young folks are lazy” rhetoric that is always present.

jj4211 , 2 months ago

I’ll say that at least a few months ago, on a brand new system I went to YouTube and it looked pretty much like this, with a fresh history and no login. I thought it was unusual and then I logged in and they mostly went away.

jj4211 , 2 months ago

Yes. For a long time I was trying to “play nice” and not go adblock. I didn’t mind ads that were unobtrusive and figured I’d roll with the ads for the sake of the sites. With things looking like this, and deliberately having ads load a little late and relayout the page to replace a link just as you were about to click in it, and ones that slipped even the pretense and pop up and ad instead of the actual link or button the first time. I would tend to just close such sites in disgust, and told my Google feed to not give me contemt from a couple of the worst owners that recurred.

The final straw was a site that made the play embedded video function be ads the first two times on clicking it, as well as looking like that. On top of just having to give up on sites more and more.

I read that majority of Internet users now use ad blockers. That didn’t used to be the case, and the large chunk of sites like this I’m sure is why.

jj4211 , 2 months ago

The other day sometime similar happened to me. I mean I was used to that sort of crap on some dubious downloads, but most recently it was a pretty reputable software from it’s actual reputable site, and there were like a half dozen “DOWNLOAD” buttons in boxes and arrows and like a tiny actual download link. Made me research whether that site has been hijacked since I had last used it, and folks were saying it just went that way. Still very reluctant to grab it on any system I vaguely care about or keep anything remotely sensitive, since indulging in those sorts of ads destroys any twist I might have had.

jj4211 , 2 months ago

which currently only has about one year of support left, officially

Well, no, “Version 23H2” only has one year of support. The 24H2 update will likely happen and likely have support until 2026. They do not list a retirement date for “Windows 11”, only for the updates.

You are right that for 10, the formal documentation listed an EOL. I can also believe that the “last version” was started by a misunderstanding. However, that “Windows 10 is the last version” spread hard and Microsoft made no effort to correct that at all. If there’s one thing internet sites love more than over-speculating about a potential mis-speak, it’s showing their fellow internet sites to be morons by posting Microsoft statements clarifying things. So Microsoft had to have noticed and still opted not to interject. I wouldn’t be surprised if there was some “we are going to make Windows 10 a rolling release” sentiment bouncing around at Microsoft. It would be consistent with how they declared that new features and deprecations would come twice a year.

jj4211 , 2 months ago

Well, on one hand you had one line in a table in a formal web page.

On the other, you had that very awkward phrasing (if he merely meant ‘latest’):

because Windows 10 is the last version of Windows, we’re all still working on Windows 10,

But maybe that was a misunderstanding and he did mean ‘latest’, but in the flurry of internet coverage, Microsoft never issued a statement highlighting the misunderstanding. Instead they let that run rampant.

In fact, it was very consistent with a lot that happened with Windows 10:

• The mass “free to upgrade for everyone going back to 7” toward the goal of getting their userbase largely on a consistent vintage that is more supportable
• The twice a year major updates that were pitched as ‘new features and functions’, with a more ‘rolling release’ feel

So while certainly that one lifecycle page did have it stated, I have to wonder why Microsoft was mum on the subject even as their community was ‘getting it wrong’. I wouldn’t be surprised if the reality is that they were seriously considering it. That guy might have even meant ‘last’ because he thought the ‘eternal update’ camp were going to win out.

jj4211 , 2 months ago

The issue being we’ve never seen an actual trial of UBI. It’s always some sample of the population for a known limited time. UBI as a concept doesn’t lend itself to “trials”, we won’t really know until at least a number of entire cities are indefinitely implementing UBI, and probably would be 3 or 4 years before people start actually acting like it is indefinite.

jj4211 , 2 months ago

Problem is part of the standard allows the server to require attestation. So congratulations, they only bless their app, or maybe they only bless iphones.

If the service ignores that, then yes, it’s great. It’s as yet unpopular so it’s hard to know, but in adjacent industries I have seen them lock down the to the point it’s as asinine as “open your app to continue”

jj4211 , 2 months ago (edited 2 months ago)

It’s maybe possible, but perhaps even unlikely still.

Overwhelmingly thorough security review is time consuming and expensive. It’s also not perfect, as evidenced by just how many security issues accidentally live long enough to land Even in enterprise releases. That’s even without a bad actor trying to obfuscate the changes. I think this general approach had several aspects that would made it likely to pass scrutiny:

• It was in XZ, which was likely not perceived as a security critical library. A security person would recognize any thing as potentially security critical, but they don’t always have the resources and so are directed to focus on obviously security related and historically security incident magnets.
• it was carried out by someone who spent years building up an innocuous reputation. Investigation may even show previous “test samples” to be malicious but not caught, or else it was a red herring to get people used to random test samples getting placed in the project.
• The only “source code” he touched was “just build scripts”. Even during a security audit, build shell scripts are likely going to be ignored, they are just build scripts and maybe you run some tests on all scripts, but those tests aren’t going to catch this sort of misbehavior.
• The actual runtime malicious code was delivered as portions of ostensibly throw away test sample xz files. The malicious code is applied by binary patch of the build output. A security audit won’t be thinking too hard about a sea of binary files that are just throwaway samples as fodder for test.

So while I see the point about logical fallacy about it accidentally not getting far enough to see if the enterprise release process would have caught it, I think we know track records well enough to deem this approach likely to get through. Now that it has been caught, I could see some changes that may mitigate this in the future. Like package build scripts deleting all test samples and skipping tests when building for release, as well as more broad scrutiny.

There’s also the reality that a lot of critical applications deem themselves too cool to settle for “old crusty enterprise distributions”. They think that approach is antiquated and living on the edge is better. Admittedly I doubt theyd go as far as arch, tumbleweed, or rawhide, but this one could have easily made it to Debian testing, fedora release, or an Ubuntu release.

jj4211 , 2 months ago

The answer is the same as closed source software: sometimes.

But that’s beside the point, a security audit is not perfect. Plenty of audited codebases are the source of security vulnerabilities in the wild. We know based on analysis that the malicious actor’s approach would have a high chance of successfully hiding from a typical security audit.

jj4211 , 2 months ago

Also, the malicious code only activated if it detected being built as dpkg or rpm.

jj4211 , 2 months ago

This wasn’t easily spotted. They use words like sloppy, but it all started with someone digging in because starting ssh season was about a half second slower that it used to be. I could easily imagine 99.99% of people shrugging and deciding just something in the chain of session startup took a bit longer for a reason not worth digging into.

Also, this was a maintainer that just started two years ago. xz is much older than that, just he took over.

jj4211 , 2 months ago

There’s plenty of closed source packages or components with a single actor ultimately accountable for it.

Imagine a tester even bothering to open a bug that starting a session takes 500ms longer to start than it used to. Imagine what the development manager is going to do with that defect. Imagine a customer complaining about that and the answer the company will give. At best they might identify the problematic component then ask the sole maintainer to give the “working as designed” explanation, and that explanation won’t be held to scrutiny, because at that point it’s just a super minor performance complaint.

No, closed source is every bit as susceptible, of not more so because management is constantly trying to make all those tech people stop wasting time on little stuff that doesn’t matter, and no one outside is allowed to volunteer their interest in investigating.

jj4211 , 2 months ago

The issue is that it implies that open source has a problem due to volunteers that is not found in closed source, which is not really the reality.

You can look at a closed source vendor like Cisco and see backdoors, generally left over from developer access, yet open for abuse. The nature of those is so blatantly obvious any open review would have spotted it instantly, yet there it was

With this, you had a much more device obfuscated attack that probably would have passed through even serious security audits unnoticed, yet it was caught because someone was curious about a slight performance degradation and investigated. Having been in the closed source world,I can tell you that they never would have caught someone like this. Anyone even vaguely saying they wanted to spend some time investigating a session startup delay of half a second would be chastised for wasting time.

Further, open source projects are also the fodder for security researchers to build their resumes. Hard to prove your mettle without works, and catching vulnerabilities in OSS code is a popular feather in their cap.

It also implies that open source is strictly a volunteer affair. Most commercial applications of a Linux platform involve paid employees doing some enablement, and that differs place to place. There’s of course red hat paying for security research, Google, Microsoft also. I know at least one company that distrusts everything and repeats a whole bunch of security audits, including paying external companies to audit open source code. I would wager that folks downstream of say centos stream or certain embedded platforms can feel pretty good about audits. Of course all bets are off when you go grab yarballs, npm, pip, etc.

jj4211 , 2 months ago

Having worked with closed source, whatever they project externally, internally they are generally lazy and do the bare minimum. If there is a security review, it might just be throwing it at something like bdba that just checks dependencies against cve. Maybe a tool like coverity or similar code analysis. That’s about as far as a moderately careful closed source so goes. It is exceedingly rare for them to fund folks to endlessly fiddle with the code looking for vulnerabilities, and in my experience actively work to rationalize away bugs if possible, rather than allocating time to chasing root cause and fix.

There may be paragons of good closed source development, but there are certainly bad ones. Same with open source.

I also think most open source broadly is explicitly employee work nowadays. Not just hobbyist, except for certain niches.

jj4211 , 2 months ago

The same argument can be made about open source, some projects are very carefully and festidously managed, and others not so much.

Main difference is with closed source, it’s hard to know which sort of situation your are dealing with, and no option for an interested third party to come along and fix a problematic project.

jj4211 , 2 months ago

To be fair, we saw formerly what Apple without jobs did, it was a failure. So one might wonder when the new Apple might run out. The catch being that the iPhone, app store, and iTunes are all indefinite money machines, except maybe iPhone one day. So they had a steak of ever increasingly wildly successful products that culminated in the iPhone and then no mind blowing follow-up, but they don’t need one. Folks may like the narrative that Jobs death coincided with their last big product category though

We also saw Jobs without Apple, also pretty much a failure.

jj4211 , 3 months ago

she’s not interested in being an educator.

I think it’s probably better to say: " she’s not interested in being an educator anymore. "

You are probably right now, but I’m willing to believe that she did at one point want to be an educator, but the financials didn’t work that way. Can’t blame her.

jj4211 , 3 months ago

I don’t even know if it’s the habitual aspect that would weigh on you.

I know folks that objectively have it easy, but are bothered by a lack of perceived “value” to society. That being a soulless middle management in some certain company does nothing that feels valuable, but you get crap tons of money. Then someone else who makes real changes in the lives of young folks, but society feels like keeping them around poverty level. Feeling both of those can weigh on someone with a conscious. I was doing something important and couldn’t eat, but now I can eat, but it makes no sense that this should be valued more.

jj4211 , 3 months ago

“I’m a teacher” will elicit significantly different responses than “i used to be a teacher” or “I’m an onlyfans model.”

This sums up the key point. Being financially on good footing is a part of happy living, but being proud of your contribution to the world is another. This is not just because it’s taboo, but because it just doesn’t feel like it should be as valuable. I’d say the same problem could befall a firefighter turned corporate lawyer.

jj4211 , 3 months ago

Hmmm, when you get down to it, we look like the flying spaghetti monster. Guess we are made in his image.

jj4211 , 3 months ago

Ultimately, in terms of what they can do, well technically you can do anything without any container or virtualization strategy, so from that angle, they are all the same.

It reallyboils down to what the humans are comfortable with, and that’s where there’s some divergence.

Sure, one could make technical arguments about one can be multi kennel, one has arguably somewhat stronger likelihood of isolation, and one has a bit more efficiency than the other, but it’s really down to human factors and familiarity.

Developers tend to like container based approach because the “image” is transparent and usually provides nice cheap options to somewhat track history and “fork” from common points with some flexibility. VMs kind of have some of that, but practically speaking it’s far more awkward.

Conversely some operators find managing container based solutions too “developery” and find comfort with virtual machines. It’s also more straightforward to just carve out a vm, hand it over, and give them the keys and let them deal with it. Then you commonly have VMs at one layer, and at least some of your tenants self managing some container management layer on top of their slice of the world.

While there is some overlap, general comparison of VMware vs Docker is a bit apples and oranges.