Email or username:

Password:

Forgot your password?
11 posts total
Dave Anderson

This morning for no obvious reason, I remembered the Fuel Rats.

Elite:Dangerous is an MMO space sim game, with a big galaxy in which you fly a spaceship doing stuff. Spaceships need fuel, which you buy at stations, or if you have a fuel scoop you can skim the surface of certain stars to get usable fuel.

Space is big though, and it's quite possible to run yourself low on fuel in a way that you can no longer warp to any inhabited system to refuel. At which point you're screwed.

Show previous comments
S. Co1

@danderson What a fun memory to surface ☺️

Being a Fuel Rat was the most fun thing I ever did in E:D and kept me in the game much longer than I would have otherwise. After classes were done for the day I would just pop up some Netflix, poke around aimlessly in Fuelum, and hang out in the IRC channel until it was time to roll out. The only thing I ever fired at a player ship was a limpet!

Graham Spookyland🎃/Polynomial

@danderson Valheim has a similar thing. If you accidentally wander into a biome you can't handle and get killed, and can't get your stuff back, there's a loot retrieval squad you can get in touch with. You give them your game details and they'll hop in and grab your stuff back for you.

The game has random events and some of the late game ones are triggered when certain items are present in game, so they figured out what gear and items they can bring in for recovery without screwing up the game.

Adam R. Wood

@danderson I was completely ignorant of all of this. Thank you for sharing it, it's beautiful.

Dave Anderson

I would like to quote something

Typesetter: **uncontrollable sobbing**

A sample of typographic quoting styles and how they vary bizarrely across languages
Dave Anderson

Relearning modern HTML, and amazed to find that <a> tags have a "ping" attribute that just fire off an async POST to whereever you like when someone follows the link. Explicitly designed for tracking user activity, and has been in browsers since 2011.

According to MDN, Firefox is the only browser that doesn't send them by default. Not for any particularly noble reason, there's just an 11 year old open bug to finish shipping it and it's not done yet.

Dave Anderson

"Electronics isn't magic"

"Also, here is the protective sigil to cast when working with DRAM"

Part of the state diagram for working with dynamic RAM, which is organized such that the many arrows going all over the place form what looks like an occult pentagram type shape.
Show previous comments
Milly

@danderson Electro-magic-netics is my name for eletromagnetics because it fricking is. Digital electronics are just captured and channeled magic. Abstracted magic if you will. Or magitech if you want to sound cool.

Happy chanting!

Dave Anderson

Welcome to Having a Normal One, I'm your host and today we're reading the ANSI specification for rectangular holes in standard IBM punched cards.

The digitized cover sheet of an old ANSI standard document. It exudes a deep sixties vibe, with an austere sans-serif font on khaki background. The title reads "Ansi national standard: rectangular holes in twelve-row punched cards". A smaller box informs the reader that this standard has been adopted for use by the US federal government, as FIPS publication 13.
Dave Anderson

Not much of a read if I'm honest, once you get past the foreword, the list of agencies that signed off, the list of contributors and the index, it fits on a single two-sided sheet of paper: the punch holes must be 0.125" by 0.055", ±0.001".

The centers of the holes are laid out on a grid. Twelve lines 0.250" apart on the short axis, N lines spaced 0.087" on the long axis. Each intersection is the center point of a hole. ±0.010" center position error allowed when punching, ±0.018" when reading.

Dave Anderson

Speaking of language, sometimes I remember how incredibly weird it is that a software feature designed to help you achieve something is canonically called a "wizard".

Oh I need help configuring this, lemme light the beacon and call for the aid of Digital Gandalf

Dave Anderson

Also implies that the default state of software is, I dunno, an orc or a barbarian or something. Something that you need a wizard to help you with, certainly.

Dave Anderson

How to tell your OSS is ridiculously popular: people aren't 100% sure they _didn't_ embed it, and tack on the software equivalent of "packaged in a facility where peanuts were also present" to the license list.

This watch contains software, so statistically probably contains at least traces of curl.

A photo of a Garmin smartwatch on my wrist. It's showing the mandatory list of open source stuff and licenses, which I found deep in some menu. The centered text says: this product may contain Curl, distributed under the MIT/X license.
Show previous comments
stevenray

@danderson @mralex hilarious. I’ll have to see if my Garmin has the same thing.

Elric

@danderson (to the tune of Sex Bomb) SBOM, SBOM, where's that SBOM ... You can give it to me so I know what's going on.

Dave Anderson

"I just want an apolitical project where each can contribute according to their ability, to a common purpose to be enjoyed by each according to their need. Why do all these commies keep showing up, it is truly a mystery"

Dave Anderson

Yesterday I ended up taking a random walk through "the rust memory model is more what you'd call "guidelines" than actual rules".

Today I took a wrong turn and ended up on the LKML, in which I learned that the kernel has its own unique memory model, but also now contains rust code which follows the rust memory model (whatever that turns out to be), and also it's necessary to be able to exchange data back and forth between memory models.

Some days, I'm just amazed that computers sometimes work.

Dave Anderson

No diss on anyone involved, to be clear. The kernel has reasons for its own memory model, Rust obviously has _some_ memory model even with edge cases (and in some places delegates to c++20, which I'm assuming is partly a consequence of going through LLVM and inheriting a lot of stuff from C++). People are doing hard and productive work to get all these things nailed down and be confident in how computers work.

It's just... could computers work by themselves every now and then please

Dave Anderson

As the xz thinkpieces start showing up about What Should Be Done, a couple of questions I'd encourage you to keep in mind while reading them:
- Is this advocating security nihilism and giving up because stopping 100% of badness is impossible?
- Is this pushing a random hobby horse like "sign your commits" that wouldn't have helped this incident in any way?
- Is this equating employment/nationality/notoriety with trustworthiness?
- Is this pushing a technical solution to a social problem?

Dave Anderson

I suppose this post also counts as a thinkpiece about the incident, arguably. Feel free to derive your own critical thinking rule of thumb from it, I guess :)

Brendan Molloy :ferris:

@danderson arguably the badness was stopped because professionals noticed something fishy and found the root cause. If anything, to my mind, the system (if it can be called one) is actually working quite well given the fallibility of humans and the systems we create.

Matt Campbell

@danderson It seems to me that dismissing all technical solutions because the problem is social is itself a form of giving up because stopping 100% of badness is impossible. If the option of hijacking crypto code in the sshd process through an obscure dynamic linking feature and an underfunded library hadn't been an option, for example, would the attacker have gotten nearly as far as they did?

Dave Anderson

The poor original maintainer of xz is on it now, and has already found another "fun" thing: git.tukaani.org/?p=xz.git;a=co . The configure check for enabling the Landlock sandboxing facility was subtly broken, so that Landlock support would never get enabled. The original malicious commit landed around the same timeframe as the main backdoor, also at an abnormal time of day compared to the new maintainer's historical activity pattern.

David Andersen

@danderson that one is deliciously clever. I didn't see it when I looked at the diff despite having been primed to look for something evil.

Samantaz Fox

@danderson That one is tricky!

I'm so sorry for Lasse, who now has double the amount of work, to review again every line of code added by the malicious actor.

Matt Campbell

@danderson I want to support the original maintainer or show my appreciation if I can. But I feel like sending an email just to say thanks or ask how to help would just add to the stress; there must be a ton of emails coming in already.

Go Up