There's quite a bit of a spectrum between "trying to make a living doing open source" and "asking for people to pay for a house in one of the most expensive cities in the country - plus a private jet. It's also quite grating to see it written like we should be grateful that we are even allowed to donate to her.
And if she's even half the genius she's claiming to be, why aren't the big tech companies in a bidding war over who get to pay her a million-dollar salary?
From what I've read of her in the past she seems to be a pretty damn good developer. But in the open source world those are a dime a dozen. If you want to make a living off of it you've got to market yourself, and this... isn't how you do that.
> From what I've read of her in the past she seems to be a pretty damn good developer. But in the open source world those are a dime a dozen
Not exactly. Very few people in recent decades have achieved anything comparable to αcτµαlly pδrταblε εxεcµταblε and Cosmopolitan libc - they're in the category of "that should not even be possible". Of course, Tunney's work doesn't touch Fabrice Bellard in terms of sheer breadth and impact, but they're arguably in the same category.
> it's a sequence of instructions that either runs to completion atomically or doesn't
The way I read it, it either runs to completion in one go, or gets restarted from the beginning. This means the sequence as a whole isn't executed atomically, as the already-executed instructions during an interrupt aren't rolled back.
It can be used to build atomic actions, but it is up to the developer to create a sequence of instructions where the very last instruction "commits" the entire operation, with the side-effects of partial execution being harmless.
Yes, it's either atomic or the last instruction is guaranteed not to have run. I made this a little harder to read by inserting another clause in the sentence.
There is no such thing as an "operator's email". Over time there has been a wild growth of webmaster@, admin[istrator]@, root@, postmaster@ and so on, but having access to them proves very little. Some email operators just aren't very restrictive with their allowed usernames, and that's before we get into the corporate world where the first-line helpdesk person weeding out the email received on that address probably isn't supposed to issue certificates!
This method has been (mostly?) banned for a reason, see for example CA/B's ballot SC080v3.
They did, yes. Any CA caught issuing a non-logged cert would be in big trouble.
> ... and will not accept such a certificate
Do they not?
According to RFC 9162 including CT information inside the cert itself is optional, and the extension is noncritical. Clients are not required to support CT, and they MAY fetch inclusion proofs. Servers are supposed to send CT info via one of various methods - but they aren't required to supply a complete proof of inclusion. Considering how OCSP was implemented in practice, I highly doubt any browser is willing to completely block the connection until it has managed to fetch an inclusion proof - both from a speed perspective and a privacy perspective.
CT's main value is in giving the browser vendors a stick to hit the CA with in case of non-logging, which is indication that something fishy is going on. Send the cert itself to a mailing list and anyone can check with the logs. Log getting DDoSed? Just try again tomorrow, the CAs judgement can wait another day. This is completely different from having a browser verify the proof in realtime while setting up the connection, and having it fail hard if it can't be 100% sure.
And a lot of the time pressing back will take you to some other article on the website instead of where you came from. Because the site used history.pushState in JavaScript to manipulate your history.
Unfortunately you need cookies for any good user analytics; and no, I don’t mean the invasive kind that Marketing put in - I mean the kind which allows you to figure out why your site is broken.
Which ironically are the same tools you’d need to find out if your users are experiencing unintentional dickovers.
Another thing to keep in mind is that CPU processing of denormals tends to be extremely slow - I vaguely recall running into something like a 10x slowdown a decade ago.
For a lot of applications the difference between a denormal and zero is small enough to be irrelevant, so if you expect near-zero values to be common, enabling a denormals-to-zero compiler flag might give you a pretty nice performance boost for free.
> CPU processing of denormals tends to be extremely slow - I vaguely recall running into something like a 10x slowdown a decade ago
Intel CPU processing, where slowdowns can be as bad as couple hundred cycles. AMD CPUs penalize them much more mildly, usually single-digit cycles. (No idea about ARM.)
Denormal processing is slow only on certain CPUs, where the designers have been lazy, so when denormals are encountered that is handled by a microprogrammed sequence.
During the last half of century there have been plenty of CPUs where denormals have been handled in hardware, so that any slow down caused by them is negligible.
Except for generating graphic images seen by humans or in ML/AI applications, neither flushing results to zero nor treating denormal inputs as zero are acceptable, because they can lead to huge errors.
Whoever fears that denormals can slow down an application, must enable the underflow exception. In that case denormals are never generated, but the underflow exceptions must be handled, because when denormals are not desired but underflows happen, that means that there are bugs in the program, which must be fixed.
Denormals have been created so that people can mask the underflow exception and avoid to handle it, without dire consequences.
However this habit of no longer handling the floating-point exceptions, like before the IEEE 754 standard, has created younger developers who are no longer aware of how FP arithmetic must be handled to avoid errors, so now there are too many who believe that the use of "-ffast-math" is permitted in general-purpose programs, not only in special applications where result accuracy does not matter.
For correct results, you must use either denormals or underflow exception handling. There is no third choice. The third choice, like in GPUs, is only for when correctness is irrelevant.
cpus that aren't Intel are plenty fast on denormals. Intel is the only one where denormals are 100x slower. (and Intel has fixed that on their new cpus, but only on their e cores)
Agricultural subsidies exist primarily due to lobbying, the "we don't want to starve" argument is nothing more than an excuse used to justify the fortunes handed out to corporate-scale farmers.
You can't just use percentages for this kind of thing.
Barring a very good cause that the vast majority of the population can get behind, there will be riots when the bananas and coffee disappear.
We grow enough in our garden that I could probably reach "100%" pretty easily if shit hit the fan, but I'm about tired of eating radish greens right now even that being related to a national crisis.
In the case of something like a world war, which is the type of scenario we're talking about here, I think people would begrudgingly accept that bananas and coffee are unavailable or very expensive.
> Agricultural subsidies exist primarily due to lobbying,
That's mostly true, but it's also true that we don't want to starve. There are 330 million hungry mouths in the US and we've got to keep production way above that level or it becomes a big political problem real quick.
If we just let the market set prices, in years where farms are all producing bumper crops, oversupply would push profits way down. This would force many producers to sell their farms (most likely to corporate-scale farmers) and leave the sector. Subsidies keep a nonzero number of producers producing independently. Granted, the corporate-scale farmers (who also accumulate funds via subsidies) can buy out producers who want to sell, but with subsidies, more producers can afford to say no and stay independent.
You're moving the goalpost from "prevent starving" to "fully self-sustaining".
You don't need 99% variety of cuisine in case of a big war, you need calories. A lot of calories.
UPDATE: and BTW, if world population is growing (no global starvation), then it's clearly self-sustaining, no? So some countries must be self-sustaining just by math. At least one country must produce more than it consumes, otherwise, if everyone produced less, then we would have global starvation.
Yes, because it is the start of enforcement. That's how it works, not just a one-and-done slap on the wrist.
If they don't fix it, it'll eventually continue to the "20% of worldwide revenue" kind of fine everyone on HN was so afraid of when the GDPR was introduced. But that's not what it starts with.
This is a key observation and I also remember those dumb discussions. The top end of the fine scale is more or less theoretical if you demonstrate any willingness to improve. Looks like Temu has engaged in really bad practices, and they still only get what's (to them) a gentle reminder that there are rules.
So you're saying if I start a company in the EU that violates safety standards, copyright, trademarks, ... I will be allowed to profit of that for 3 years (let's pretend it's just 3 years that Chinese producers have been doing that) before facing any consequences and at that point STILL only be required to clean up my act (ie. not face any consequences for violations already done)?
I find this incredibly, incredibly hard to believe.
Does it have enough to submit 1 chinese package to a safety inspector every 10 year? You know, because:
1) we all know it would only take a single one
2) they didn't do this for 20 years
In all seriousness. Does ANYONE believe that the EU commission/parliament did not know about this (despite millions of complaints) and only now discovered the problem? Is that seriously your point?
Or is it somewhat more believable that they did this with the express purpose of destroying local industry and the change is happening now because we have "Mercosur" causing the same issue, but moving from China to South America.
If you start the company in China and ship to EU. If you start it in a EU country I think local laws will stop you much faster than the EU commission. Still there are plenty of grifters that start fraudulent companies in the EU and roll assets into a new one as they bankrupt, and they can operate for decades before they eventually get stopped.
Also a big problem is that the GPDR is a law in the style of all EU laws:
1) they are NOT laws. Despite what's published everywhere you get zero legal rights from the GPDR. A legal right is some right you have, and if someone violates that right you can ask a court to intervene. With the GPDR, there is no such right. No court will help you under the GPDR.
The executives of member state governments (and ~40 "international organizations", most famously Interpol) have the right to enforce GPDR. You can only complain to these new, totally separate from any other enforcement mechanism (ie. they're not police) organizations. And they, of course, generally don't listen.
If you go check the complaints lists are full of people complaining that their medical files were leaked by hospitals (because private doctors are in revolt to the GPDR) to various other government organizations, with very large consequences. For instance medical files being used to decide on insurance status, immigration status, unemployment/long term illness status, and family law status. There is no reaction to this, even when it does violate the GPDR. And my next paragraph is why it generally doesn't.
Second, the executives of member state governments have the right NOT to enforce GPDR. Specifically, the executive has the right to grant exceptions to the GPDR to any organization they want (including transitively: allowing a government contractor not only violate the GPDR themselves but to allow anyone else they use to violate the GPDR. For example, this is the reason Google, Amazon and Microsoft have essentially all medical files of everyone in the EU, and Palantir has some 20%)
These exceptions are made transitively AND after-the-fact. Neither of which is legal, but the only one who can complain is the government itself.
2) It means there is no point for individuals to file GPDR complaints. Normally there is "1831", which is a legal principle which refers to a particular law. Essentially that if you damage someone else by violating the law, you are responsible for that damage (ie. you can be made to pay for them). This applies to essentially every EU law. But not GPDR (and also not to other famous EU laws like DMA)
To illustrate the common problem: you go to the hospital, because you took drugs. Maybe you're scared it'll have serious consequences, whatever. Now you go to your insurance ... and they will no longer cover your treatment for heart arythmia. "It's your own fault, because you did drugs". Now what happened is that the hospital updated your medical file, and sent it to the government. Medical insurance is national, so they have access to medical files. Of course, it is a VERY serious GPDR violation that the information leaked, and with any other law this would mean that a judge will convict the hospital to pay for what you lost, say in this case, they would be forced to pay, WITHOUT the insurance covering it, your heart treatment.
Not with the GPDR. Even if you get the government to go after it, and you get them convicted, you get nothing. Nor is the insurance forced to change their decision.
This is how most new EU law works. The crucial difference is that for essentially all these laws, the EU commission holds all the cards. They then use their position of power to negotiate and come to an understanding with all these organizations. That's how they work, how they've always worked.
And it's one more reason I'm very opposed to the EU. Europeans will THOROUGLY regret giving the commission this power, that's a certainty in my mind.
Specifically what the commission does is to give companies exceptions to these rules. For example, Teresa Ribera, as well as Ursula Von Der Leyen, personally (and without any parliament approval) have the right to extend Apple's exemption to the DMA (and thus Apple's 30% cut to all transactions involving an iPhone in the EU). Both were born rich (Ursula Von Der Leyen is a member of a noble family that has been very wealthy for at least 400 years. Notably, her family's wealth survived WW2 in Germany ...) How is such enormous power in the hands of individuals used? Well, look up how and why a communist served for 8 years as the chairman of Goldman Sachs International.
My M3 Macbook Pro's palm rests get uncomfortably warm during regular IDE use. It doesn't get hot enough to spin up a fan, but it is enough to be distracting.
Haven't used PHPStorm but I know Android Studio does a lot of stuff in the background so I wouldn't be surprised if other JetBrains IDEs do the same. Although PHP isn't compiled...
There's still indexing, linting and code analysis tools running as well as multiple Docker containers (those are pretty much idle outside of running tests or migrations to be fair) and whatever else it could be doing in the background.
I spend 95% of the time with just PHPStorm and other stuff like the terminal, slack and ticketing open. And the browser of course (safari). Xcode and Android Studio are rarely opened. Mostly when I want to test out something in the apps that isn't on testflight / firebase yet.
And if she's even half the genius she's claiming to be, why aren't the big tech companies in a bidding war over who get to pay her a million-dollar salary?
From what I've read of her in the past she seems to be a pretty damn good developer. But in the open source world those are a dime a dozen. If you want to make a living off of it you've got to market yourself, and this... isn't how you do that.
reply