If you see something strange, say something strange
Just beat my move goal while sitting at a restaurant eating spicy food
Something else I noticed after updating to Sonoma: although I’ve tried many times in the past to extinguish it, the text replacement omw has once again returned, almost like a cicada.
Realized since having a baby why YouTube face is so annoying: it’s an exaggerated face we make for babies. It’s like the baby talk of facial expressions. YouTube face in non-baby contexts is like listening to an obsequious couple in the next booth baby-talking to each other.
Cool thought experiment
Whenever I think about Kerberos I think about the frequent time I spent at Barnes and Noble in high school, sitting on the floor of the computer books section, reading everything I could about Unix, trying hard to understand Kerberos and many other things
I’m not trying to make everyone mad, but I gotta say, an Alpine Linux that used systemd for everything would solve a lot of problems for me.
- Claws: sharpened
- Chitin: waxed
- Splines: reticulated
- Glands: excreting
👹
Patterns
My favorite math scratchpad app Soulver is available on iPhone again - way nicer than a spreadsheet for simple algebra, especially on a phone
I really wish they would like, put a murderous dictator in charge of HDMI (and all) versioning. if you do not stamp the version number on the cables in a way that can be read after it’s been in my garage for 50 years, you get dropped in the piranha tank
Quoting Ryan Tomayko on how many levels of headers you really need in your documents:
Remember that Feynman covered all of physics – heavenly bodies through QED – with only two levels of document hierarchy (The Feynman Lectures on Physics, 1970).
Operating system feature wish: userspace programmable files
Wednesday, July 12, 2023
I frequently find myself wishing for the ability to really treat the filesystem as an API. Imagine a file that:
- returns the current date/time in a certain format when it is read
- transparently download binaries from github and assemble them into .deb/.rpm/.apk packages
- … maybe more
I am aware the FUSE and plan9 exist, however, I’m imagining something easier. Imagine if a file could run a shell script, interpreted program, or compiled binary on read/write! It would be so powerful.
UGC privatization could improve AI models
Monday, July 3, 2023
An off the cuff idea:
AI training on public data is driving privatization of user-generated content (eg Reddit API). This could push users with a real need for the information who today rely on public google search to build private archives. For instance, keeping a copy of the most insightful StackExchange answers that help you do your job.
If that happens, AI companies that figure out how to ingest private archives will have a training advantage, even if doing so is a gray area legally, as training based on sci-hub was for modern models.
It might even mean that the quality of the training goes up even as the amount of publicly available UGC goes down, since the private archives are curated by humans, and curation is a quality signal.
Browsers need better account primitives
Wednesday, June 14, 2023
Michał Sapka notes that PhpBB is a good way to create a small community. I’d like this to be true, but I think this makes the barrier to entry too high for normie participation.
I think part of the reason Reddit has been so successful is that website account creation is such a chore. If every subreddit required a separate account, would they have a tenth of their users? A hundredth? Less?
Currently if you’re a small blog or community and want to provide persistent identity for commenting/forums, you need to allow some subset of account creation with email and integration with identity providers like Apple, Google, Github, etc. But you can’t reasonably offer all of them, because there are too many! It’s a front end design problem: do you want commenting on your blog to require searching through the list of all possible identity providers? Sounds very 2007.
And email as the identity manager is just awful: not only do you have to share a password or use a password manager, but you have wait for the site to send you an email and click a link before your account can be set up.
What if the browser stored a user’s preference for identity provider? Support everyone, let the browser prompt the user to log in with the one they already selected. No overdramatic interstitial “WARNING: THIS WILL ALLOW THE WEBSITE example.com READ ONLY ACCESS TO YOUR: PUBLIC PROFILE” (the user already accepted it), no email link.
It’s also unphishable, as it happens in browser chrome.
I am seeing more and more bad hyphenation recently, this is just so sad :(
Copiloting LLMs building GUIs
Tuesday, May 23, 2023
Hypothesis: LLMs will enable developers like me to build apps that require a serviceable but not world class graphical UI. This could unlock a deluge of applications built from or inspired by existing open-source command-line apps that don’t have a GUI complement, especially mobile apps.
One reason I’ve always liked the command line is that it’s easy to build a decent UI - even a good one. I’ve churned out a few dozen lines of python to create a great little CLI many times over the years, and it only takes a few minutes now. But GUIs are such a deep subject that require their own expertise, and all the GUIs I’ve built have taken weeks.
I started a SwiftUI app in Xcode yesterday and found myself missing Copilot immediately. I haven’t used Swift in a long time, and I’ve never used SwiftUI, so the median Copilot suggestion would have been extremely welcome. But what I realized I really wanted to ask a hypothetical XCode Copilot is “what’s the normal way to build an app that has one main screen and some sub-views in SwiftUI?”. I had no idea how to do this, and I wasn’t contexted enough in SwiftUI to ask the right questions.
In my experience with actual Github Copilot, and also with ChatGPT, questions about the normal way to do something get the best results. I’ve never seen a useful answer inventing new techniques, but they can certainly give you the average quicksort implementation (and explain it too). If they can do that for building simple GUIs, that will let a lot of command-line programmers like me graduate to baby’s first mobile app.
All of this would be really great even for users, because it might be the rising tide that takes open source software GUIs from subpar to good enough. I am guessing that there are thousands of useful apps that have very simple UIs with just a few screens, and that maybe there are thousands more that complement existing open source command-line programs which could be built if making the GUI was easier.
I’m not sure if the LLMs are there today; I haven’t built any graphical UIs with Copilot. I wonder what the state of this is at Google with Android Studio, or at Microsoft with whatever its mobile app GUI system is, or at Microsoft with Visual Studio (the big one, not VS Code). It seems like it’s too early to be optimized in any direction yet, but maybe they have this already. Would be neat to try it out.
Homelab aesthetic quotes from computers are bad
Thursday, May 18, 2023
And I think that’s how I became the person I am today: I want computer networks to operate in as straightforward and tangible a fashion as they did in 2009. And I want a lot of cabling.
…
Pihole forms part of a split-horizon DNS arrangement on the top-level domain I use, which is such a nice name I made it available on FreeDNS where it is used by a dozen poorly run Minecraft servers. This introduces an interesting set of DNS hijacking and misconfiguration hazards, which I find aesthetically pleasing.
A router-enforced EULA for IoT devices
Wednesday, May 17, 2023
A recent shower thought: consumer routers could enforce good IoT manufacturer behavior by placing devices on a secure, contained network by default, and allowing full access only if a device is receiving security updates.
The default network would be slower and heavily limited in endpoints it could hit, and in particular would not allow accessing any other devices on the local network. If an IoT manufacturer commits to security updates, they could be allowed on the full network. Defection could be subject to legal liabilities, up to a lawsuit in the worst case.
Over time, the feature could become more sophisticated, for instance by providing a better EOL experience. Currently, IoT manufacturers just leave their waste with the customer and mostly don’t even tell them (a recent example). This system might:
- offer an API on the router that devices call to register their EOL date
- inform users when a device approaches EOL
- show a dashboard of devices and how long they’re supported
- automatically contain devices that reach EOL
Come to think of it, there’s nothing that would technically restrict this to IoT devices. PCs could opt into this too. Probably most useful as a form of parental management of children’s devices – baby’s first mdm.
Router manufacturers would have to step up their own game, but they also would get upside: more customer touchpoints.
The best version of this would be an open standard, preserving consumer choice and competition. The hope would be that it improves baseline, even if industry consensus is hard. In the worst case, the consumer isn’t served because the standard is captured by the industry, which could then mislead in product ads and/or abuse the customer communications channels with ads.
Ironic to use social sanctions (“climate incinerating”, etc) against cryptocurrency people. The whole point of proof-of-* systems is that social sanctions don’t work. An attack that the targets are inoculated against by definition.
Qubes + Whonix is one of the best ways to make sure you don’t leak your identity on Tor but I keep getting nerd sniped. Should I use split SSH?; I don’t use GPG for anything but maybe I could…; Oh neat, automatic VM creation with Salt; …