Pup Biru

i think the latest is that china has managed to create a GPU that’s ~7 years behind. i’m not sure that’s “a GPU from 7 years ago” or “it will take them 7 years, acknowledging that there’s a known path so will take less time”

AFAIK they’ll have to figure out EUV or some other method of lithography at that scale, which they’re trying really hard at but it’s one heck of a difficult thing to do which is why only TSMC currently actually has it working

given the complexity of doing in hardware, and the simplicity of doing it software, you’d hope yes (in which case perhaps there will be firmware hacks) but you can never truly account for the stupidity of hardware companies

new ones sure but there are a bunch of these broken machines out there now: far more than there otherwise would be, because microslop forced the upgrade for windows 11

i guesssss if they do it soon enough the existing models will still be in their support period and they’d kinda be forced to update, assume it’s a software or firmware fix

well that’s what they should have done but now what it’s implemented there are a lot more parties that need to come to the table to fix the mess… some hardware might not be able to fix the mess, but i’d be surprised if this shit show were implemented on hardware rather than firmware

technicality remains more important than ever in your current political climate

the law is not intended to deceive. the words are complex by necessity, but complexity is not sophistry

law is the profession of specifics… it’s not sophistry; it’s technicality

just like trump is not a convicted rapist: he was convicted of sexual assault

well see when you’re too lazy to design a schema and just want to throw broken data into a black hole where you may or may not be able to retrieve it and deal with the repercussions in production - or better yet let the ops team handle it at 3am - then that’s when you’d choose mongodb

i’m not a member of a church, i’m very atheist, but also i kinda put churches around the same place as sports clubs… they’re largely non-profit entities that exist for the benefit of members… kinda like a co-op too

i think given that - ie their mission isn’t based around making money, but providing free services - it’s fair to put them on the same level as other membership-based orgs

all of these orgs have a “not for me” crowd, but just because it’s not for you doesn’t mean that they don’t provide services to their members in the same way that sports clubs, maker spaces, car clubs, youth clubs, etc all provide things and shouldn’t be taxed in addition to the income tax that their members already pay

Maybe fix the way taxes are spent and I’ll support

not the way taxes work mate

don’t want to see the money people give out of their sense of faithfulness to be used to pay for

why does faith give them an exemption from participation in civilised society?

i’d love for tickets to various pride events not to be taxed, but they are… so why do i pay tax for participating in my culture and “faith” is exempt?

taxes largely only apply to profits, so if you’re being an actual charitable organisation, you won’t have too many profits and thus not a large tax burden… right?

yall already have 501c7 which is membership organisations like sports clubs

well, it’s probably a similar thing to a 501c7: membership organisations like sports clubs

they’d still have to pay various payroll taxes and things, and they still buy things: tax exemption in australia for example means you neither have to charge GST (our version of VAT) to customers, and you get to claim it back from any purchases you make

since GDPR came in TBH i haven’t heard of any EU data leaks… like sure they happen in the US all the time, but where the fines actually happen

same with australia: we’ve had pretty good privacy laws since like the 90s, and really we haven’t had a whooooole lot of breaches. there have been some high profile ones, but security is never a 100% kinda thing yknow

well then they get massive fines for any data they leak

yeah… here we are: Europeans with right to be forgotten and opt out of data collection

so now you’re paying a private entity in this round about bullshit way for a service that isn’t actually the service you want but the service you want kinda is a side hustle for them in order to bring down their costs

insurance may be the way forward because the situation is so far beyond fucked it’s incredible

… but insurance shouldn’t be the answer

just make the insurance compliance stuff law and also make sure to add that if the rules aren’t followed you’re on your own

or undersea cables… wait… i’ve seen this movie on the news

guess we should abandon undersea cables in favour of starlink

why are we punching down on sex workers now? sex work is real work…

drug dealer? sure

amway? sure

… adobe? sure

but there’s nothing inherently untrustworthy about sex work and sex workers

saying Microsoft requires that you go out and obtain a signed certificate that proves your identity as a developer

clearly that’s not the case if this was exploitable… again, N++ has an auto update mechanism that they current use. if they used a microsoft signing key to sign a builds hash, this hijack would not be possible

thus they have an update mechanism that works around microsoft signing… how is irrelevant. that is the current state of the software

The update mechanism was successful hijacked because integrity checks and authentication checks were not properly in place

that part we definitely agree on

Notepad++ even said that they moved hosting providers after this happened to them

side note: doesn’t remotely solve the problem… software updates should be immune to this to start with. it’s a problem that the hosting provider was compromised, but honestly we’re talking about a state sponsored hack targeting other states: almost no hosting provider would include this in their risk assessment, let alone shared hosting providers

Can you point out an existing open source application that runs on Windows that only uses GPG signatures?

again, that’s irrelevant… the concept that we’re talking about isn’t even specific to GPG. signing a hash using a private key is basic crypto, and GPG is a specific out of the box implementation

if we remove microsoft signing as an option for whatever reason (which we have) then it’s still very possible, and very easy to implement signed updates into your own custom update mechanism