This is about foreign customers only, so as an attempt to abolish the constitution, it is severely flawed in respecting it enough to keep its distance.
I can't think of any US service I am using that doesn't already require KYC? None of the large providers will let you get far without a credit card, as far as I remember?
Since the discussion here will consider itself mostly with upright revolutionaries being disenfranchised by such insult to their liberties, it is worth noting that when the revolutionaries are foreigners, the US often doesn't have the same incentive to disenfranchise them as it might have for domestic troublemakers.
In fact the US has quite a track record of granting rights to foreigners in excess of what they find at home, and even when it concerns allies: request by European courts and law enforcement are regularly rejected based on US norms when, for example, someone hosts their hat speech blog with an US-only provider.
> I can't think of any US service I am using that doesn't already require KYC? None of the large providers will let you get far without a credit card, as far as I remember?
There are several credit card vendors that do not require KYC that are easily available. I don't know of any banks that don't require KYC that you would use to pay those CC bills, but I wouldn't be surprised if they exist.
Providing a credit card is a far cry from KYC. But it also highlights that we probably don't need IAAS businesses to implement KYC as long as the payment providers already do.
I have all the love and appreciation in the world for enjoying a weekend spent in configuration files. But I feel the need to state the obvious:
This is a long blog post ending with a preview to "future installments of the guide" to use nix, while almost everything that you need to know with homebrew is `brew install/update/upgrade/uninstall`, and I have rarely run into any trouble with brew, and none at all in recent memory.
My biggest issues with homebrew were dealing with versions of dependencies. If major updates for a package came out and you ran a `brew upgrade` (or a new member joins the team and installs it for the first time), it often wasn't trivial to switch back to the old version. Or if two projects have conflicting dependencies, for example one project was updated for imagemagick 7 but another still needed 6, that was an absolute nightmare to manage when using homebrew.
With nix, each project can define its own dependencies that have no impact on other projects. Combined with direnv, all you need is to `cd` into your project and you have the all of the dependencies at the right versions in your PATH.
Additionally, while definitely more complicated, nix (with nix-darwin and home-manager) can do way more than homebrew does. You can declaratively define pretty much the entire configuration for your machine.
I got a new Mac last week and with just a `git clone` and a few commands I had all my CLI tools installed, dotfiles setup, desktop apps installed, and even all of my macOS system settings configured.
I'm recently back on macOS for work, and I wanted to love nix-darwin, but just couldn't get it even installed / basics running well enough to start to enjoy configuring things with it. The whole flakes mess really doesn't help.
(Maybe if you're already running NixOS and familiar with the latest it's a lot easier.)
I couldn't even uninstall it cleanly, since the Mac was new I gave up after some time and decided it was easier to reinstall macOS (which takes several hours but at least I can just leave it and then know that it's done).
So I'm back to (purely) brew (and scripts to `defaults write` etc.).
My frustration with brew is that it's getting increasingly opinionated, and those opinions are not familiar to me from any other OS/package manager... Like if you want postgres v15 you have to `brew install postgresql@15`, and then even if that's your only installed version it's 'keg-only', which means it's not on your PATH, and their suggestion is to dump some stuff at the end of your ~/.zshrc, which aside from the fact you're not using zsh and they could tell that, just seems dumb.
Then there's python & npm packages... They're deprecated and being removed as independent formulae, so don't do it like that. You're not allowed to install them with the python/node formula you installed, so don't do that. So what do you do, `python -m venv ~/system-python-venv` or something, activate it, and install in there. And now remember to activate that every time you want to use a command that happens to be a python package so you had to install it there. Or dump it in the end of your zshrc, I guess!
The hardest part of Nix module systems for foreign operating systems, like Nix-Darwin and Home Manager, is absolutely installing them. The difficult bits are the bits they don't control— the parts where they plug into the underlying OS.
If you wanna give Nix-Darwin another go, I'm happy to help. Feel free to hit me up in the main Nix / NixOS channel or the Nix on macOS channel on Matrix. Getting everything working shouldn't take long with a little guidance.
(I can also help you get it cleanly uninstalled without reinstalling macOS, if you come away unsatisfied. I have manually uninstalled (i.e., not using the uninstaller) before.)
Any advice on getting the determinate installer and nix-darwin (via flakes) to be more seamless together? I have a decent setup, but the install/remove is clunkier than it needs to be because
1) on install, nix-darwin complains about the nix.conf that determinate sets up
2) on uninstall, determinate complains about nix-darwin being installed
1. I don't think this could be called seamless. But I just don't use the normal Nix-Darwin installer. I:
a. build darwin-rebuild from the Nix-Darwin flake
b. do a darwin-rebuild build --flake of the target system
c. delete all of the files Nix-Darwin will complain about colliding with upon first install, including `/etc/nix/nix.conf`
d. run the activation scripts in the built system directly, like
./result/activate-user
sudo ./result/activate
For (d), make sure you run them in that order because it's actually the user activation script which ensures that /run/current-system exists.
For (c), just inspect the files in `result/etc` (or wherever you put the symlink to your built system, or directly from the Nix store) and compare them to what already exists in `/etc`, e.g.,
find result/etc/ -type l | sed -E 's|^result||g' | xargs -I{} sh -c "test -f '{}' && echo '{}'"
should give you a list of files to nuke or back up or whatever, if you're trying to automate this.
2. Nix-Darwin has its own uninstaller whose job is to go remove all the references to `/etc/static` from `/etc` and some launchd crap, which are the bits and pieces that the Determinate Nix Installer finds and complains about when you try to uninstall Nix with an active Nix-Darwin installation. The uninstaller gets installed by default (try `less $(which darwin-uninstaller)`), but if it's missing for some reason you can also run it from the flake like `nix run github:LnL7/nix-darwin#darwin-uninstaller`.
Yeah, I actually have a slightly more streamlined version of step 1 by running the flake directly, I am just annoyed that I have to manually get involved (and I also have to manually reconcile options that determinate sets in the nix.conf, by translating them into my nix-darwin config).
> and I also have to manually reconcile options that determinate sets in the nix.conf, by translating them into my nix-darwin config
This is what I used to do to appease the installer before. After some options changed and I was like 'you know what, I'm happy with the ones I set; if I have already built the system before I run the activation script, then it's fine to delete /etc/nix/nix.conf.'.
The Nix-Darwin installer isn't a great option for me anyway because it assumes your darwin-config will live in ~/.nixpkgs/darwin-configuration.nix, but I like to keep it in /etc/nix-darwin/configuration.nix for a more NixOS-like convention.
>This is civil law, not criminal. Presumption of innocence doesn’t apply.
If the court is so sure that the plaintiff will prevail, why even have a trial? The answer is that until the court rules, barring 100% certainty of the plaintiff prevailing, you have to wait for the court's deliberation or you have only oppression and no justice at all. Both sides must have a chance to make their case.
In civil law, the roles of plaintiff and defendant are largely interchangeable. If you order food and don't like it, the restaurant might sue you for payment. Or you need to sue the restaurant if you already paid. It's rather arbitrary, being only based on the order of the exchange of food and money.
In any case, take it up the law, because it is as I said: the burden of proof is different, its "preponderance of the evidence", i. e. 50%.
You are talking punish first, then have a trial later. Regardless of the rules of evidence, or who is suing who, the reason we have courts and trials is to allow both sides to be heard, and a decision be made on who violated the law, and then on how to remedy it. You cannot have justice if one side is not heard, or is put out of business before getting to make their case.
“They’ve decided that picking the cotton is better than refusing to do so”.
Edit, because people share a characteristic with heavy metals: the point is that a “choice” made under economic duress is not made freely. Slavery is an extreme example used to make the point more obvious. The threat of violence used to compel people to work the fields is obviously worse than, but not necessarily qualitatively different from, the threat of abject poverty if one refuses to take low-paying insecure jobs.
You can't just say this, you have to say why. It's going to be a hard case to explain how you can't compare two types of work.
I'm not even sure how you can explain what free market labor is without referring to slavery, or explain what slavery is without referring to free market labor i.e. I don't think it's possible not to compare them and rationally talk about either of them.
Nope, 300 years ago we had slavery and now we have gig work. I think that's the same universe ;)
In all seriousness, refusing to compare two things because you think they're "just too different" is simply acting irrationally. Look at the objectives, pressures, and outputs of each system and you may see more similarities than you'd like.
Well, first of all, “tweets” don’t “trend”. Terms do. So this description feels off, already.
Next, I wonder, but don’t care enough to look it up, if this guy is adequately summarized by only mentioning his concern for children?
Screw that, I did look him up: https://en.m.wikipedia.org/wiki/Jay_Bhattacharya#COVID-19_pa.... He was one of the people behind the “Great” Barrington Declaration and, kn the early months of the pandemic, argued, among other things, that COVID is rather harmless. He also took money from the airline industry without disclosing as much in his publications.
It’s arguable if Bhattacharya’s reach needed to be limited. What’s really hard to argue is that the thing about children is an adequate characterization of his statements during the pandemic. This is prime evidence that this story is not presenting anything close to a fair interpretation of the documents they have been given, and that you have, unfortunately, fallen for it.
He's a Dr. and a Stanford professor of medicine. The Great Barrington Declaration was signed by almost a million doctors. They were warning about the harm lockdowns would do to kids and they were correct.
Even if they weren't, this would still be unacceptable.
As I said, it’s debatable if the guy’s reach needed to be limited, the point you are arguing.
What’s not debatable is that the breathless outrage-bait under discussion misrepresented the case for limiting the Dr’s reach with a straw-man argument, and so did you.
If we can now expect the leading health experts in the world to be potentially speaking in hyperbole, then we can't expect the public to trust what they say to be accurate.
Surely, you can't be serious. The setting isn't a paper but a news interview, where they want the general idea of a study, not the details. In a news interview, saying "people who smoke get cancer" is perfectly acceptable (and not likely to "get people killed"), even though not 100% of them do.
Twitter being one of the largest communication platforms in the world is something that I am much more concerned about than a much smaller internet forum.
... and I've worked on Reveddit for four years. Less than 1% of Redditors know that all removed comments are secretly removed.
It's hard to make people care about this stuff. Most of us only start to see the harm of something when it's shown in context. Just showing that something can be theoretically harmful isn't enough.
TYVYS shadowbanning and silently removing comment is such cowardly behavior. Against spam bots, fine. But against what are obviously real people? It's wrong.
>“It’s shaping up to be one of the highest-impact things that we’ve done,” the chief executive, Jack Dorsey ,said of the update, which will change how tweets appear in search results or conversations. “The spirit of the thing is that we want to take the burden off the person receiving abuse or mob-like behavior.”
> The new system will use behavioral signals to assess whether a Twitter account is adding to – or detracting from – the tenor of conversations...
> The updated algorithm will result in certain tweets being pushed further down in a list of search results or replies, but will not delete them from the platform.
Not when the platform (a) benefits from network effects that make it immune from private sector free market competition (b) actively colludes with government officials
Transparently removing content is the normal way to moderate a forum. This research [1] suggests it reduces mod workload because users learn the rules. Discourse doesn't secretly remove content and is popular.
It isn't accurate to say secrecy increases site quality. No such qualitative study has been done.
That's talking about article submissions, not comments. Couldn't read the PDF because the link is broken.
More than 95% of the time I see a flagged account on HN, they post complete garbage that leads to more flaming replies if not removed promptly. HN has a very limited set of moderators, like one or two, who cannot police every comment 24/7.
>Discourse doesn't secretly remove content and is popular.
Popular where? In corporate and niche business use cases? What are some public Discourses that allow everyone to post?
> That's talking about article submissions, not comments
Shadow moderation was implemented without doing any research. I agree it's about time more studies are done on all types of content and all platforms in order to assess whether or not this functionality furthers the platforms' goals.
> Couldn't read the PDF because the link is broken
Good call. Blog post summarizing [1] and pdf [2]
> Popular where? In corporate and niche business use cases? What are some public Discourses that allow everyone to post?
All of them that don't use the ShadowBan add-on, I guess.
Indeed shadow moderation appears to have made platforms more popular. I won't disagree there. But I also think it's clear it has contributed to echo chambers and increased isolation and tribality.
I think we're reaching a point where the public wants to know what's going on in social media. Its harmful nature is not just driven by preference-driven news feeds, which we already know can be toxic, it's also driven by shadow moderation. That's the other shoe that may be dropping here.
You could have just use the menu to find it, it only took a few seconds. There's a preprint available there if you need it.
https://shagunjhaver.com/research/
No. I don't assume I have any rights other than vis-a-vis the government. I've dealt with a lot of corporate bullshit from tech companies, it's an annoyance but I just handle it and don't make a career out of whining about it as some do.
I've been arrested and kept in jail overnight on false charges for being a political activist, people complaining about being in Twitter or facebook jail don't impress me much (especially when almost all of them have a backup account).
Presumably you eat at restaurants whose food you like and buy hardware whose quality you like. It's the same with social media. You can give attention to systems you support and share information about them. The alternative you propose sounds like cowering to company overlords.
And where are you that it is illegal to be a political activist?
And a complication that is bad practice because a malicious party can detect the blind handoff to shell and serve malware.
e.g.
wget file.sh ; vi file.sh
and you get safe code
curl file.sh | bash
and you get malware.
This attack requires a malicious server, but it’s still bad practice.
I feel like when you diss journalists, it should generally be for something they actually did wrong, not preemptively based on your imagination.
If they are so terrible, there should be no need to invent stuff.
When people read something like this post, and they are predisposed to the idea, it’ll reinforce their skepticism of „the mainstream media“. If you want to test yourself, make a bet of how many media outlets will run with the story in the manner outlined above, then check in a few days. My prediction: you won’t see it in the NYT, WSJ, BBC, or on CNN.
I put 'news' in quotes for this reason. I wasn't as much implying that this would be actual news, but instead would be used in clickbait articles on lesser publications. I admit I am being hypothetical, but this does reflect observation on how these kinds of discussions has been get picked up and spread and thus has made me want to avoid such writing style.
So… a federal jury found this guy guilty, but here we have a friend of his who is going to be totally neutral in a reevaluation?
So they set out to describe it as „an accident“ because „blameless post-mortems“ are something people really like?
Also this article falls into the trap of trying to sound smart by using, sorry, „by effecting the usage of“ big fancy words. I’ve read Supreme Court transcripts and judgements, and I can understand them. This is overtaxing my buzzword ingestion.
> So they set out to describe it as „an accident“ because „blameless post-mortems“ are something people really like?
As someone who has operated bug bounty programs, understanding what processes might have prevented things from going off the rails _in spite of_ internal actors with different motivations is very helpful to me. Placing all of the blame on an individual removes the opportunity to improve things.
> Placing all of the blame on an individual removes the opportunity to improve things.
It seems to me that there's another option. Describe the problem thusly:
> A Lyft employee grabbed our data storage access keys from Github. He, or someone else then used these keys to grab PII that Uber was legally required to safeguard. Uber management and/or legal actively worked to cover all of this up and mislead the FTC about the nature and size of the breach.
>
> Given these facts, what processes and procedures can we change or create to ensure that the PII we're charged with safeguarding remains safe and guarded, that any threat to or breach of said information is detected as soon as is reasonably possible, and that any attempts of management and/or legal to cover up any such incidents are detected and reported to the appropriate authorities?
But the bug bounty policy was very clear on all of this and this extortionist never concealed his intentions. And all this text can come up with is "what if we loop in even more people". Indeed this description made it very clear that the existing processes were intentionally subverted; what can more processes do for avoiding that when it happens by decision of the CSO and CEO?
An example of a complicating factor identified by this postmortem is that the CSO was simultaneously a Dep. GC, and was made a DGC in part to facilitate direct reporting relationships with the CEO that ended up short circuiting the normal GC process.
Further factors identified in the postmortem involve responses given to the FTC that weren't properly vetted, but easily could have been by a typical counsel's team.
The point isn't to determine Sullivan's guilt or innocence. That's already happened. The point is to mine actionable information for other startups out of it. That's McGeehan's whole M.O. with all of his writing.
I can't think of any US service I am using that doesn't already require KYC? None of the large providers will let you get far without a credit card, as far as I remember?
Since the discussion here will consider itself mostly with upright revolutionaries being disenfranchised by such insult to their liberties, it is worth noting that when the revolutionaries are foreigners, the US often doesn't have the same incentive to disenfranchise them as it might have for domestic troublemakers.
In fact the US has quite a track record of granting rights to foreigners in excess of what they find at home, and even when it concerns allies: request by European courts and law enforcement are regularly rejected based on US norms when, for example, someone hosts their hat speech blog with an US-only provider.