Square Singer

hEy, yOu lEaRnEd A bUzZwOrD aNd rEcEnTlY dIsCoVeReD tHe sHiFt KeY!!! cOnGrAtS!?!

hEy, yOu lEaRnEd A bUzZwOrD aNd rEcEnTlY dIsCoVeReD tHe sHiFt KeY!!! cOnGrAtS!?!

hEy, yOu lEaRnEd A bUzZwOrD aNd rEcEnTlY dIsCoVeReD tHe sHiFt KeY!!! cOnGrAtS!?!

But this issue wasn’t found because of code analysis per se, but because of microbenchmarking.

Oh, we play dumb ad-hominem without any basis in reality?

I can play this too: Was your last school homework hard?

If the vulnerability is in the wild, what other security mechanisms do you have until it’s patched?

The only real downside on the open source side is that the fix is also public, and thus the recipe how to exploit the backdoor.

If there’s a massive CVE on a closed source system, you get a super high-level description of the issue and that’s it.

If there’s one on an open source system, you get ready-made “proof of concepts” on github that any script kiddy can exploit.

And since not every software can be updated instantly, you are left with millions of vulnerable servers/PCs and a lot of happy script kiddies.

See, for example, Log4Shell.

Yeah, that’s more due to need than due to technical difficulty.

Even in 2024 it’s still common that you have to print out documents to sign them or tickets for some event or something like that. All these (quite relevant) use cases just don’t work if you don’t have a 2D printer.

As much as I like my 3D printer, and as much as I recommend everyone to have one, is not nearly as necessary.

In regards to how difficult they are to make, consider the price.

2D printers have an advantage due to their much higher sales numbers (economy of scale) and they are subsidized by the manufacturer selling expensive ink. And still, a half-decent inkjet costs €100 or more, and a color laser easily costs €300 or more.

3D printers usually have much lower sales numbers and people usually buy 3rd party filament, so the printer needs to be expensive enough to generate money for the manufacturer. And still you can get a decent Ender 3 for as low as €150.

What’s different? Basically the whole thing.

A 3D printer (talking here about FDM because SLA really shares nothing at all with a 2D printer) is basically a tiny hot glue gun being moved on three axies by stepper motors. Of course, the temperature and extrusion controls are much more accurate than a hot glue gun, but that’s the basic principle. You got a single “printing point” that gets moved around and it only extrudes filament from that single point.

An inkjet printer has one stepper motor that moves the paper and another that moves the print head from left to right. So there too are axies moved on stepper motors. A very simple trait also shared by e.g. CD and disk drives, slot machines, camera lenses and many other things. All these things are as close to a 2D printer as a 3D printer.

The real magic of an inkjet printer is the print head. A print head doesn’t have a single nozzle but an array of many nozzles. This way, a printer cannot only print one dot at a time, but instead a few lines at a time. These nozzles are much tinier that the nozzles on a 3D printer, and they also are much more complicated to operate.

A 3D printer just uses a stepper motor to push filament into the printhead, where it melts and is then pushed out of a hole.

On an inkjet printer, you need to either rapidly boil the ink, so that a single vapor bubble appears that pushes just a tiny drop of ink on the paper, or you have a tiny piezoelectric transducer that creats a vibration that then pushes out ink.

This is orders of magnitude more difficult than a 3D printer, and much tinier. You won’t be DIYing a working 2D printer from scratch, while that isn’t all that hard for a 3D printer. With access to a decent toolshop, you can make all relevant parts of a 3D printer. The same is not true for 2D printers.

To rephrase your question: Why is it that so many people build DIY desktop PCs, but nobody is making a DIY flagship smartphone? What’s the difference?

Basically everything.

I do understand what you mean, and it makes much more sense than advocating for venting.

But I still feel that putting emotions into a discussion about work performance isn’t the right way, especially when done in public.

In a situation like that where something caused a lot of negative emotions (that go beyond your work performance is bad), I think you should have two separate talks. One about the factual things where one is boss and the other is employee, and one about the hurt/emotions the behaviour caused and in this talk, both are just people resolving their personal problems.

Something like the issue in the OP really shouldn’t cause anger on Linus’ side, since it’s a totally factual issue. A propper response would have been to decline/revert the change while publically saying “This change validates that rule of the project” and then privately contacting the maintainer in question and tell him, “We talked about this repeatedly, if you don’t stop, we need to take consequences.”

Emotions should really only enter the picture when personal offenses where comitted before or maybe if the employee did something with the intent to hurt the project/company/manager.

But if you get really angry because your employee did something wrong, then that’s a problem on the side of the manager and not on the side of the employee.

That said, I think it’s totally ok to tell the employee about the consequences of their actions (“We lost X amount of money” or “It took Y amount of time to correct it” or something like that).

You want some stern words?

You are a useless peace of dead weight in this community. Your comments suck and you have no idea how people work and how to professionally communicate. I hope you never have a job, let alone one in a management role. You should leave and never come back. Get aborted retroactively! You make the world a worse place by your mere existance!

How do you feel about that? Are you going to change your behavior because of these “stern words”? Or are you going to think “What an idiot” and ignore everything I said?

And we both are just anonymous randos on the internet and while this comment is public, not a lot of people are going to read it and it will have zero impact to either of our lives.

Now imagine I was your boss, both of us are publically known people and I post this on the company social media account together with your full name.

And people still dig this up 10 years later to laugh at it.

Please reconsider your interpersonal behaviour.

I hope I never meet you. You really don’t know how to human.

I think removing someone’s maintainer status does communicate disappointment in their performance quite well.

And as for anger and frustration, these things really don’t matter in this circumstance. Work is not therapy. If you need to vent anger and frustration, get a therapist. Employees are employed to do their job, not to be the emotional punching bag for a manager who can’t control their temper.

If an employee doesn’t perform to expectations repeatedly and even after you had a few constructive one-on-ones, then demote them or fire them. No need to vent your anger on them and lose your professionalism.

Tbh, the first time a boss of mine loses their temper and verbally attacks a colleague like Linus did here, they have also lost all of my respect for them. And at that moment I will start to look for another job.

I think that emulates anarchism pretty well.

dd if=/dev/random of=anarchism bs=1024 count=1024;chmod 755 anarchism;./anarchism

True, but when it was unpopular it also didn’t use code/software that was commonly used on a more popular system.

Well, anything unpopular that doesn’t use any software (even low-level software) that is also commonly used in popular environments. For example, game consoles, embedded devices or car entertainment systems often use outdated versions of popular browser engines. So to hack these, you don’t need to be a highly skilled hacker, you just need to be able to try some older vulnerabilities.

And there are enough malicious websites that will just automatically check for these vulnerabilities. And then it’s enough to accidentally open one of these malicious websites and even though nobody wrote the hack specifically for your car, you might catch some malware regardless.

I never said that Temple OS is usable ;)

It was, 25 years ago. Same as Windows’ security was absent at that time.

But people never update their prejudices, so all the jokes are from the last millenium.

If you want an OS that is really malware-free, you need to run temple os.

Does Mac prohibit other browser engines like they do on iOS?

Doesn’t do a lot of good, that they let you use other browsers if they are just reskins for Safari.