1. The FCC responds to my ATSC 3 encryption complaint – they want to hear from you
Total comment counts : 22
Summary
Lon Seidman is calling on people who signed a petition to object to the introduction of DRM encryption in ATSC 3.0 standard to also file a comment in the FCC’s docketing system. So far, fewer than a dozen complaints have been filed. Filing a comment in the system is easy and only takes a few minutes. Providing sufficient detail is important and the FCC values such feedback as it helps to build a strong argument. Seidman urged people to write about how DRM encryption would make it difficult for them to consume over the air television as this would help to build a better case.
Top 1 Comment Summary
The article argues that OTA (over-the-air) TV is a matter of public interest because the electromagnetic spectrum belongs to the public and public broadcast licenses are meant to keep the public informed. The move towards encryption in OTA TV is seen as an attempt to monetize a public resource, which the article’s author objects to. They express their intention to comment on the issue.
Top 2 Comment Summary
The article states that archivists may suffer due to the loss of fascinating YouTube videos which are recorded on devices like VHS or TiVo, as the videos require encryption and this may make it difficult to retrieve them in future. The article highlights two examples of such videos - one recording of the 1989 sf earthquake during the World Series and another showing a tornado. The loss of these videos would be significant.
2. Brute-forcing a macOS user’s real name from a browser using mDNS
Total comment counts : 23
Summary
The article discusses a potential privacy vulnerability in Apple devices where a user’s first name can be revealed without permission using the multicast DNS (mDNS) protocol. The article provides a proof of concept demo showing that a user’s first name can be leaked through a browser by timing attacks. The technique can be utilized to discover devices such as printers, smart TVs, and smart speakers as well. The article acknowledges that the attack is not practical due to inherent weaknesses and numerous limitations but aims to explore the boundaries of internet privacy.
Top 1 Comment Summary
The author uses Little Snitch on their macOS, which is set to ask the user for explicit permission before allowing a network request. They have encountered issues when remote logging in, as the Little Snitch blocks certain requests and the user must physically go to their desk to allow them. However, the author notes that this is intended behavior and it is common to set systems to silently allow local network requests.
Top 2 Comment Summary
The author is questioning if there is a way to stop websites on the Internet from making network requests to their local network, as they do not see a reason why this should be allowed. However, they do not want to reintroduce the Local Intranet Zone permission from Internet Explorer.
3. Patching GCC to build Actually Portable Executables
Total comment counts : 14
Summary
The author of the article wrote a gcc patch to simplify building Actually Portable Executables with Cosmopolitan Libc. The patch allows popular software like bash, curl, git, ninja, and gcc itself to be built with Cosmopolitan Libc via the ./configure or cmake build system, without changes to source code, and run on Linux, FreeBSD, MacOS, OpenBSD, NetBSD, and sometimes even Windows. The patch rewrites switch statements and struct initializations that rely on system values being compile-time constants for use with the Cosmopolitan Libc API. The author initially tried using sed and a Python script to automate the conversions, but used a gcc plugin instead for the necessary AST rewrite. Ultimately, the author patched gcc itself, which allowed for seamlessly building a lot of software with Cosmopolitan Libc. The author concludes by stating that software can now be ported to Cosmopolitan Libc with less than ten lines of code change in most cases and that many popular software builds seamlessly with the patch.
Top 1 Comment Summary
The article discusses a patch for GCC that allows the building of portable executables with Cosmopolitan Libc and jart’s Actually Portable Executable format. It lists various pieces of software that have been built using this technique, including vim, git, and gcc, and provides a link to a repo for building GCC using Cosmopolitan Libc.
Top 2 Comment Summary
The article mentions a ticket in Go’s repository regarding a certain issue. A link to the ticket is provided in the article.
4. There is no data engineering roadmap
Total comment counts : 35
Summary
The idea that data engineering is not an entry-level role is a form of toxic gatekeeping, according to the author. While there is no single path to becoming a successful data engineer, learning SQL is crucial, as it is still the only skill that every data engineer uses every day. Due to the fact that SQL is very poorly standardized and each database customizes and extends it to do what it needs, picking any database to learn with is best. Specializing in a specific database can come later. Additionally, inexperienced data engineers should avoid “influencers” that often push expensive courses and instead focus on absorbing knowledge from colleagues to learn something every day.
Top 1 Comment Summary
The job of a data engineer is much like that of a water main or sewer fixer: they are expected to keep the data pipeline running smoothly and without interruption. However, when things do go wrong, data engineers are responsible for identifying, communicating, and resolving the issues. The article warns that some organizations may place blame solely on data engineers for data outages, leaving executives and leadership unaccountable. Despite the technical rewards of the job, the article cautions that data engineering can be stressful and challenging during times of crisis.
Top 2 Comment Summary
The author of the article, who has a background in low-level search and database systems coding, has mixed feelings about data engineering because it is SQL dominated. They find that there is a lot of big-ball-of-inscrutable-SQL work that breaks unpredictably when changed, and the cultural traditions of testing and validation are underdeveloped because SQL has no core testing story. The author suggests using pandas or similar tools for data engineering as it allows for testable library code, although this is not the norm in the SQL-dominated field.
5. Guam: The America that Americans forget
Total comment counts : 30
Summary
The article cannot be summarized as it is a message prompting the user to enable JavaScript and disable ad blockers to view the content.
Top 1 Comment Summary
I’m sorry but the link provided is not accessible. Please provide a valid article link for me to summarize.
Top 2 Comment Summary
The article highlights the frustration of purchasing flights to Guam, as airlines don’t offer many direct flights from the mainland, with most flights originating from Asia. Any flight with a US origin to a US destination cannot be sold by an Asian carrier, providing US airlines with a monopoly that restricts competition, even though US airlines barely operate flights to Guam, many of which are operated by Asian airlines.
6. Windows: A software engineering odyssey (2000)
Total comment counts : 12
Summary
The article discusses the history and development of Windows NT over the first ten years. It covers topics such as the design and longevity goal setting, the development environment and team, source code control systems, process management, team size, defect rates, development environments, and productivity gains. The article also includes a timeline of Windows NT and Unix over the first twenty years.
Top 1 Comment Summary
The article describes a situation where the code being written by developers sounds incredibly chaotic and disorganized, to the point where it seems they are hoping that it will run correctly without even testing it. The author expresses surprise that this approach has led to any success at all.
Top 2 Comment Summary
The head of AR software at Google, MarkL, has left the company due to changes in the VR/AR organization. He cited the unstable commitment and vision as the reasons for his departure.
7. Europe’s agenda for undersea internet cables
Total comment counts : 12
Summary
The European Union is developing several projects to ensure the resilience of undersea critical infrastructure, in light of concerns over malicious actors targeting internet infrastructure and eavesdropping. The EU’s Global Gateway plan includes fibre-optic cables, space-based secure communication systems, and data centres. A new project under consideration is EurAfrica Gateway, which would run from the Iberian Peninsula to the Democratic Republic of Congo along the Atlantic coast of Western Africa. The project is designed to connect underserved countries and build links with strategic partners in the region, like Nigeria. There are, however, questions about how the EU selects and designs such projects and allocates funding. Some EU officials have suggested that lobbying plays a big part in the decision-making process, which is neither fair nor transparent.
Top 1 Comment Summary
Approximately 80% of internet traffic between the UK and mainland Europe goes through the Channel Tunnel. This makes the tunnel a harder target for cutting the internet connection without being noticed.
Top 2 Comment Summary
The article discusses two risks associated with fiber optic communication: eavesdropping and physical damage to the fiber optic cables. The first risk can be mitigated through encrypting everything and encouraging users to encrypt their data. Point-to-point encryption can also be added on top of the encryption. The second risk can be addressed by having multiple fiber optic links to prevent damage to all of them at once.
8. Mandatory enforcement of indirect branch targets
Total comment counts : 7
Summary
Theo de Raadt has updated innovations.html to include an item regarding the work which has been done to enforce indirect branch target restriction (on the amd64 [Intel] and arm64 platforms). The main commits that enabled the protection were this and this, after extensive testing in snapshots that turned up various problems that needed fixing in developer tools as well as several different applications.
Top 1 Comment Summary
Intel’s Indirect Branch Tracking (IBT) feature is designed to insert an “end branch” instruction in each function prologue in its effort as a defense in depth against Jump-oriented programming (JOP) and Code Reuse attack (COP). If this feature is enabled, an exception will be triggered if the location that the indirect branch passes control to does not begin with the “end branch” instruction. This means that entire functions will be the only “widgets” available, making it far harder for attackers to exploit and chain.
Top 2 Comment Summary
The article criticizes Theo for taking a jab at Linux in an announcement about OpenBSD, suggesting that he should just focus on what OpenBSD is doing and how it differs from Linux instead of speculating about Linux’s future. The author acknowledges Theo’s intelligence but also comments on his tendency to quickly become defensive and resort to insults and name-calling.
9. On Becoming a VP of Engineering
Total comment counts : 21
Summary
The article is part of a series about the experience of being a VP of Engineering at Honeycomb. The author reflects on the lack of candid writing about paths to the VP of Engineering role and shares their experience in the hope of encouraging others from underrepresented backgrounds in the role. They discuss how they joined Honeycomb as an engineer with no intention of becoming an executive but eventually became the first VP of Engineering. The author also talks about their transition from managing individual contributors to managing managers and how the role of a VP of Engineering is contextual and can shift over time. They emphasize the importance of recognizing and promoting high performers from within the company.
Top 1 Comment Summary
The article argues that company founders do not necessarily need specific qualifications or characteristics to become leaders, as they choose themselves for leadership and then choose their friends as the first employees. Hierarchical, subservient thinking is strange, and corporate ladder climbing is essentially political.
Top 2 Comment Summary
The author suggests that when joining a startup, it’s important to look for an executive or founding team that focuses on building up high-performing employees for internal promotions and quickly recognizing and rewarding those who are already making an impact outside their defined roles. The author notes that this approach is rare in most startups, where the default is to hire externally when a higher level in the hierarchy becomes available. The author finds this trend demotivating and prefers a culture of promotion and progression within the company.
10. Personal relations as a manager
Total comment counts : 30
Summary
The article discusses the importance of maintaining a professional distance between managers and their team members. The author argues that the hierarchical nature of the manager-subordinate relationship can lead to feelings of superiority/inferiority and dehumanization. While being a friendly and approachable manager is important, it is also necessary to maintain a level of professionalism in order to effectively manage and make difficult decisions, such as giving feedback, promoting/demoting employees, and firing under-performing team members. The author suggests finding a balance between being personable but still respected, and taking on the responsibility and power that comes with managing a team.
Top 1 Comment Summary
The article discusses the issue of power dynamics in management and the tendency for managers to want to dictate the relationship with their employees in order to show dominance. However, this approach can be unfair and ineffective. Instead, managers should focus on the reality of the situation, acknowledge their power, and strive to be fair and reasonable in their actions. The article emphasizes the responsibility of managers to lead their team towards improvement and highlights the importance of avoiding neglecting leadership duties and avoiding using one’s power for selfish reasons.
Top 2 Comment Summary
The author believes in putting coworkers above one’s own career and being transparent. They are willing to quit before throwing coworkers under the bus or remaining silent if they are treated unfairly. They also help coworkers optimize their career growth, even if it means those coworkers may one day overtake them. The author suggests alternatives and invests personal time in helping coworkers apply for a transfer or an outside job if they don’t think those coworkers are likely to be successful in their current team or company. The author would refuse to mislead people on matters that are important to their long-term wellbeing and accept getting fired as a consequence. The author believes there is space for genuine friendships in the workplace, but emphasizes the importance of respecting personal and professional boundaries and not acting to coworkers’ detriment for one’s own selfish gain.