Need to let loose a primal scream without collecting footnotes first? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful you’ll near-instantly regret.

Any awful.systems sub may be subsneered in this subthread, techtakes or no.

If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post — there’s no quota for posting and the bar really isn’t that high.

The post Xitter web has spawned soo many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be)

Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them.

(Semi-obligatory thanks to @dgerard for starting this.)

  • swlabr@awful.systemsEnglish
    14·
    1 day ago

    Screenshot of an insta post of a screenshot of a tweet

    Tweet:

    I can’t believe ChatGPT lost its job to AI

  • BigMuffin69@awful.systemsEnglish
    21·
    1 day ago

    Neo-Nazi nutcase having a normal one.

    It’s so great that this isn’t falsifiable in the sense that doomers can keep saying, well “once the model is epsilon smarter, then you’ll be sorry!”, but back in the real world: the model has been downloaded 10 million times at this point. Somehow, the diamanoid bacteria has not killed us all yet. So yes, we have found out the Yud was wrong. The basilisk is haunting my enemies, and she never misses.

    Bonus sneer: “we are going to find out if Yud was right” Hey fuckhead, he suggested nuking data centers to prevent models better than GPT4 from spreading. R1 is better than GPT4, and it doesn’t require a data center to run so if we had acted on Yud’s geopolitical plans for nuclear holocaust, billions would have been for incinerated for absolutely NO REASON. How do you not look at this shit and go, yeah maybe don’t listen to this bozo? I’ve been wrong before, but god damn, dawg, I’ve never been starvingInRadioactiveCratersWrong.

    • bitofhope@awful.systemsEnglish
      10·
      1 day ago

      The advanced sinophobia where the Chinese are so much better at everything than the west that even when they make better and cheaper bullshit machines than the Americans do and hand them out for free, it has apocalyptic consequences.

    • ShakingMyHead@awful.systemsEnglish
      12·
      1 day ago

      It’s wild that Yudkowsky saw a binary choice of “nuclear holocaust” and “superintelligence” and chose “nuclear holocaust” in the first place.

      • BigMuffin69@awful.systemsEnglish
        14·
        1 day ago

        Like, even if I believed in FOOM, I’ll take my chances with the stupid sexy basilisk 🐍 over radiation burns and it’s not even fucking close.

        • YourNetworkIsHaunted@awful.systemsEnglish
          10·
          1 day ago

          I don’t want to say with absolute confidence that there’s no scenario I can imagine to which a nuclear apocalypse would be preferable (the real kind, not the Fallout kind). But I have yet to hear one.

          • Soyweiser@awful.systemsEnglish
            10·
            17 hours ago

            The upcoming firestorms of climate change, while patrolling the Mohave desert almost make you wish for nuclear winter. Ow wait not like fallout you said

            • skillissuer@discuss.tchncs.deEnglish
              6·
              13 hours ago

              nuclear winter is not a thing that can possibly happen, from what i understand

              sagan et al overstated amount of soot put in upper atmosphere over 10x, for no particular reason other than trying to make a point

              notice how no one talked about it after desert storm? oilfield fires provided negative evidence

              • Soyweiser@awful.systemsEnglish
                6·
                10 hours ago

                Another dream shattered. Not sure if the oilfield fires were big enough. Volcanoes can cause some cooling right? pokes old yeller

                • rook@awful.systemsEnglish
                  1·
                  15 minutes ago

                  We’ve had recent eruptions in all be big categories, so we’re not due another one for a while and trying to cheat by setting one off early won’t allow sufficient pressure for a proper bang.

                  Not that I want to discourage you, but don’t be sad if you try for a year without summer and get a couple of weeks without flights instead.

  • saucerwizard@awful.systemsEnglish
    10·
    1 day ago

    I’m not going to link Andy Ngo but random rationalist transwomen are being accused of terror sympathy…and Aella is doing this ‘leopards ate my face’ dance.

    edit: it was @jessi_cata who tipped Ngo off of all people.

    • sc_griffith@awful.systemsEnglish
      5·
      9 hours ago

      tbh I don’t understand this post at all. aella isn’t trans so why would she be a target for leopards? I must be misinterpreting

      • saucerwizard@awful.systemsEnglish
        4·
        9 hours ago

        thats just me trying to use an unfamiliar meme (and just trying to narrate what I’m seeing on twitter that maybe isn’t worth a link). she was actually complaining that people had gone to Ngo.

    • YourNetworkIsHaunted@awful.systemsEnglish
      12·
      1 day ago

      Goddammit why can’t the murder cult story just stay morbidly fascinating? Now I’ve got to worry about implications and how the worst people are gonna use this as ammo.

    • swlabr@awful.systemsEnglish
      6·
      1 day ago

      Ok you brought aella up so now I can post this:

      Heard this song for the first time the other day and it reminded me of aella.

      side note: what’s a good way to post links to music that isn’t youtube?

    • Amoeba_Girl@awful.systemsEnglish
      8·
      1 day ago

      i don’t think it’s the first time i see jessicata acting like a total piece of shit in her completely emotionless way and it’s incredibly creepy. she doesn’t even seem to be aware of the harm she can cause.

    • David Gerard@awful.systemsMEnglish
      10·
      2 days ago

      that thread is a work of genius and answers what the next tech boom needs to be

      dicks in mousetraps I MEAN whatever wastes electricity most, preferably with Nvidia cards

      • YourNetworkIsHaunted@awful.systemsEnglish
        6·
        2 days ago

        I do actually have a mechanism for using the sharp edges of NVidia cards for dick mouse trapping purposes. And we could - hypothetically - use the extraneous power inputs to mine Bitcoin or something, maximizing efficiency!

    • gerikson@awful.systemsEnglish
      9·
      2 days ago

      this was mentioned in last week’s thread

      what I don’t get is why the admins chose to both backdate the entries and re-use poster’s handles. If they’d just tried to “close” open questions using GenAI with the current date and a robot user it would still be shit but not quite as deceptive

      • rook@awful.systemsEnglish
        5·
        2 days ago

        The whole thing is just weirdly incompetent. Maybe they just had everything configured wrong and accidentally deployed sone throwaway tests to production? I could almost see it as a way to poison scrapers, given that there are some odd visibility settings on the slop posts, though the owner’s shiftiness and dubious explanations suggest it wasn’t anything so worthy.

  • khalid_salad@awful.systemsEnglish
    3·
    1 day ago

    Spent the last week playing with some security shit (thinking about a career change, since it looks like I will be mastering out of my PhD program) and fuck me everything about hardening your personal devices is exhausting. We are nowhere close to accessible privacy and security in our computers. The best solution right now may be “buy a Macbook and learn MacOS”, which is so depressing.

    Still deciding on a web browser. Used to be I could recommend Firefox because Righteous-Opposition-to-Google, but that doesn’t really track anymore with Mozilla’s behavior. Now I guess I would recommend Chrome, but it feels so gross (and I am unsure about things like Ungoogled-Chromium, for security reasons).

    the basic laptop hardening
    • Install Fedora Silverblue
      • Be sure to set a good LUKS password
    • Set a BIOS password and disable USB booting
    • Rebase to secureblue
    • Follow the Post Install Readme
      • I personally couldn’t figure out how to set the GRUB password. I will probably get around to it eventually.


    As far as passwords, the only password I have to memorize is the one to my Bitwarden vault. Everything else is stored in Bitwarden. The passwords (except for my phone PIN) are 16 characters if I ever need to type them in manually (e.g. LUKS password), whereas passwords that will always be copy-pasted are 128 characters. I am looking into integrating a yubikey, but am leaning towards “fuck that shit, why would anyone actually want to use this?” If anyone here has comments on this (am I missing an obvious pitfall? do yubikeys suck as much as it looks like they suck?) I would be happy to hear them.

    Anyway tl;dr is I spent the last week hardening all my devices and it sucks. In some cases it was a complete waste of time (my Steam Deck does not appear to have a way to set a password in the BIOS). In other cases (e.g. my Framework), it was probably worth it but a deeply terrible experience.

    • rook@awful.systemsEnglish
      6·
      24 hours ago

      Last time I tried it, ungoogled chromium had some issues with yubikeys (see https://ungoogled-software.github.io/ungoogled-chromium-wiki/faq#how-to-get-fido-u2f-security-keys-to-work-in-google-sign-in) which I don’t think have been fixed yet. That was enough to be a deal breaker for me.

      do yubikeys suck as much as it looks like they suck?

      Without knowing why you think they suck, it’s hard to say. I like having unphishable uncopyable credentials, and it irritates me that they aren’t more widely supported. On my desktop or laptop, they’re less irritating than TOTP, for example, which is neither unphishable nor uncopyable but much more widely used.

      whereas passwords that will always be copy-pasted are 128 characters

      Whilst there isn’t really such a thing as “too secure”, it is the case that things like passwords are not infinitely scaleable. Something like yescrypt produces 256-bit hashes (iirc) so there’s simply no space to squish all that extra entropy you’re providing into the output… it might not be any more secure than a password a quarter of its length (or less!).

      128 bits of entropy is already impractical to brute force, even if you ignore the fact that modern password hashes like yescrypt and argon2 are particularly challenging to attack even if your password has low entropy.

      • khalid_salad@awful.systemsEnglish
        2·
        18 hours ago

        Without knowing why you think they suck, it’s hard to say. I like having unphishable uncopyable credentials, and it irritates me that they aren’t more widely supported. On my desktop or laptop, they’re less irritating than TOTP, for example, which is neither unphishable nor uncopyable but much more widely used.

        I’ve come around a bit since posting yesterday (after looking into the various hardware key options, like OnlyKey). The biggest issue I have is that the firmware cannot be updated (which I realize is somewhat a matter of taste regarding your threat model). Other than that, it’s the added complexity of “use this physical device” and the concern I had about recovering accounts if I lost the Yubikey. Their page on spare devices does not inspire confidence.

        Whilst there isn’t really such a thing as “too secure”, it is the case that things like passwords are not infinitely scaleable. Something like yescrypt produces 256-bit hashes (iirc) so there’s simply no space to squish all that extra entropy you’re providing into the output… it might not be any more secure than a password a quarter of its length (or less!).

        128 bits of entropy is already impractical to brute force, even if you ignore the fact that modern password hashes like yescrypt and argon2 are particularly challenging to attack even if your password has low entropy.

        Fair point! I chose 128 because it’s the maximum allowed in Bitwarden (if it’s going to be copy-pasted anyway, who cares). Assuming I didn’t fuck up basic math, the entropy of a passphrase of length n selected uniformly at random from characters in A is given by nlog|A|, so to reach 128 bits of entropy with 70 chars (lower + upper + digits + special) requires a passphrase of length 21.

        • rook@awful.systemsEnglish
          2·
          12 hours ago

          The biggest issue I have is that the firmware cannot be updated (which I realize is somewhat a matter of taste regarding your threat model). Other than that, it’s the added complexity of “use this physical device” and the concern I had about recovering accounts if I lost the Yubikey.

          The solokey v2 and the nitrokey v3 (I think) have some firmware upgradability, but they’re not as capable as a yubikey (the last time I checked I couldn’t use either of them to unlock a keepassxc password vault, for example). Whilst it would be a right hassle to deal with a lost device, I generally lock my accounts with a main key and two spares that get stored safely and make a note in my password database of which accounts can use which keys so there’s little risk of locking myself out of anything, and I can get a list of sites to visit to revoke credentials from. In any case, the minor inconvenience is a good tradeoff for me, given the significant security guarantees the keys offer over other authentication mechanisms.

          But also, “added complexity” is just a thing with two factor authentication, and most of my use of U2F keys involves less effort than unlocking my phone, then unlocking my TOTP application, then searching for the account and site I’m trying to unlock, then waiting for the timer to reset because I can’t authenticate before the current code expires, etc.

          Assuming I didn’t fuck up basic math,

          Beats me! I just use off-the-shelf entropy calculators and hope they’re right. They mostly seem to agree that ~128 bits of entropy from a 10-word (70-85-ish characters) passphrase from the EFF large wordlist, or ~24 characters from uppercase/lowercase/numeric. Both might be reasonably considered overkill, if you can be sure that the thing that’s hashing the password is using a modern algorithm (which often you can’t, sadly).

          I also dislike unreasonably long passwords because more modestly-sized ones can be typed out manually when needs be, or even read over the phone in an emergency. I wouldn’t fancy doing that with 128 character passwords! You may of course never need to do those things, but I’ve needed to do both, at work and otherwise.

    • nightsky@awful.systemsEnglish
      8·
      1 day ago

      The best solution right now may be “buy a Macbook and learn MacOS”, which is so depressing.

      Depends on whether you include “my personal data is sent to the manufacturer of the computer against my wishes” in your threat model… Apple does many good things for security, and I wish PC hardware makers would take security-related things even just nearly as seriously as them. But I can’t trust Apple anymore either.

      (Explanation: the whole iCloud syncing stuff is such a buggy mess. I don’t want it, I don’t need it, so I want it off. But I guess Apple just doesn’t test enough how well it works when you turn it off, maybe they can’t imagine someone not wanting it. The problem is, iCloud sync settings don’t stay off. Settings randomly turn themselves back on, e.g. during OS updates, and upload data before you even notice it. I’m not claiming that’s intentional, I assume it’s just bugs. But I’ve observed such bugs again and again in the past 9 years, and I’ve had enough. Still have a Macbook around, but I use it very rarely these days, only when I need some piece of software on MacOS that has no suitable Linux equivalent.)

      While a PC+Linux setup can avoid the specific issue of “don’t randomly upload my data somewhere”, the setup of it all can be a mess, as you say. And then security is still limited by buggy hardware and BIOS/firmware that is frequently full of security holes. The state of computers is depressing indeed (in so many ways, security just being one of them)…

      • khalid_salad@awful.systemsEnglish
        6·
        1 day ago

        A note to the effect of:

        You have basically no control over how Apple handles your data. When iOS users opted out of data collection, Apple still collected the data, they just didn’t allow third-party access to it.

        is a good idea if I ever do recommend a Mac.

    • sinedpick@awful.systemsEnglish
      6·
      2 days ago

      I don’t think I could ever recommend chromium-based browsers due to the MV3 switch. Does ungoogled-chromium do any patching to get around this? If not I think FF is the only sane option still.

      • khalid_salad@awful.systemsEnglish
        3·
        1 day ago

        I believe ungoogled-chromium does have MV2 support. Unfortunately, there are still real security concerns with Firefox. The good news is that Trivalent (a hardened version of Chromium developed by the Secureblue folks) has ad/content blocking built in. I am still mostly using Firefox, but the small amount that I have used Trivalent has been good.

    • bitofhope@awful.systemsEnglish
      14·
      2 days ago

      I get being privacy conscious and that sharing crash dumps and logs you don’t really understand yourself can be scary. Making demands of urgent free tech support from strangers is just rude, though.

      • self@awful.systemsEnglish
        4·
        5 hours ago

        my least favorite thing about old forums, which carried over to a lot of open source spaces, is how little moderation there is. coming into the help forum with a “no fuck you help me the way I want” attitude should probably be an instant ban and “what the fuck is wrong with you” mod note, cause that’s the exact type of shit that causes the community to burn out quick, and it decreases the usefulness of the space by a lot. but somehow almost every old forum was moderated by the type of cyberlibertarian who treated every ban like an attack on free speech? so you’d constantly see shit like the mod popping in to weakly waggle their finger at the crackpot who’s posting weird conspiracy shit to every thread (which generally caused the crackpot to play the victim and/or tell the mod to go fuck themselves) instead of taking a stand and banning the fucker

        and now those crackpots have metamorphosed into full fascists and act like banning them from your GitHub is an international incident, cause they almost never receive any pushback at all

    • BigMuffin69@awful.systemsEnglish
      17·
      2 days ago

      Folks around here told me AI wasn’t dangerous 😰 ; fellas I just witnessed a rogue Chinese AI do 1 trillion dollars of damage to the US stock market 😭 /s

    • nightsky@awful.systemsEnglish
      9·
      2 days ago

      Is it too early to hope that this is the beginning of the end of the bubble?

      Also, does someone know why broadcom was also hit so hard? Is it because they make various networking-related chips used in datacenter infrastructure?

      • SGforce@lemmy.caEnglish
        7·
        2 days ago

        When hedge funds decide to flip the switch on something the reaction never looks rational. Meta was green today ffs.