• 2.4GHz quad-core 64-bit Arm Cortex-A76 CPU

• VideoCore VII GPU, supporting OpenGL ES 3.1, Vulkan 1.2

• Dual 4Kp60 HDMI® display output

• 4Kp60 HEVC decoder

• Dual-band 802.11ac Wi-Fi®

• Bluetooth 5.0 / Bluetooth Low Energy (BLE)

• High-speed microSD card interface with SDR104 mode support

• 2 × USB 3.0 ports, supporting simultaneous 5Gbps operation

• 2 × USB 2.0 ports

• Gigabit Ethernet, with PoE+ support (requires separate PoE+ HAT, coming soon)

• 2 × 4-lane MIPI camera/display transceivers

• PCIe 2.0 x1 interface for fast peripherals

tl;dr

A guy found a bug in kernel on an obscure architecture no one cares about (PowerPC32) and submitted a patch. The maintainer decided the patch was no good and fixed it by himself, crediting the guy with "Reported-by" tag. A year later, the guy wrote a blogpost crying that wasn't enough.

Links

Reddit: https://old.reddit.com/r/programming/comments/16tf5ne/how_i_got_robbed_of_my_first_kernel_contribution

HN: https://news.ycombinator.com/item?id=37671991

A lie in the blogpost

I was also open to working with him, addressing his feedback and sending subsequent versions of patches. He said (paraphrasing):

Sorry, I like my version better. If you want to be a Linux kernel contributor, here's an issue you could fix.

I found this really perplexing and insulting.

The funny thing is, the above "paraphrase" is actually a lie and the kernel maintainer was very polite and respectful. This is what he actually said:

Hi Ariel,

I've added Christophe to Cc who works on ppc32.

I haven't actually reproduced the crash with gdbserver, but I have a test case which shows the bug, so I've been able to confirm it and test a fix.

Thanks for your patch, but I wanted to fix it differently. Can you try the patch below and make sure it fixes the bug for you?

I've also attached the test case I've been using.

Christophe are you able to test these on some 32-bit machines? I've tested it in qemu and on one 32-bit machine I have here, but some more real testing would be good.

If the patch works then I'll need to do manual back ports for several of the stable kernels, and then once those are ready I will publish the patch.

cheers

Comment spotlight

The maintainer did exactly what they usually do, I see absolutely nothing unexpected here, note that this was an unsolicited patch sent to a security mailing list.

If this is what the maintainer usually does then the maintainer is a wanker. If they leave the project, the project won't be losing a good person.

Indeed, maintainers are disposable. It's easy to find a codecel willing to put years of quality work into an obscure part of the kernel, for free.

Random users and drive-by contributors are much more important to the health of the project. They are much more likely to be a good person. We must not let them feel unwelcome, at any cost.

Agreed. I see the job of an experienced maintainer as a facilitator who should bend over backward to help other people's contributions land cleanly. The help often involves feedback on style and architecture consistency, but a sign of a great maintainer is someone who credits others, and mostly stays behind the curtain making sure everything goes smoothly.

You WILL bend over backwards for random people sending their shitty patches and you WILL love it.

Amazing how the hostility is perpetuating all through HN here as well.

I have seen (and sadly self experienced!) this kind of story way too often. And let me tell you this: This guy is now burned by this bad interaction and is successfully shooed away.

And some folks wonder why "nerds" and "geeks" are seen as socially inapt...

I don't even think that Mr. Ellerman had any malicious intents. But it just shows again, that the so called people skills are nothing to be neglected when choosing leading figures.

To paraphrase George Carlin: "It's a big club. And you're not in it!"

The maintainer should be immediately removed from his position and replaced with someone with good people skills. Ideally from an underrepresented demographic.

Funny how it's the small contributors that inevitably end up being the ones who have to set their ego aside and not the well known committers. Sounds very much like an old boys club.

Yeah, it's shocking that established contributors set the norms for the project.

https://news.ycombinator.com/item?id=37660256 (the article from orange site steals your back button for some reason)

tldr:

• A total of 39 of the top 50 emission offset projects, or 78% of them, were categorised as likely junk or worthless due to one or more fundamental failing that undermines its promised emission cuts.

• Eight others (16%) look problematic, with evidence suggesting they may have at least one fundamental failing and are potentially junk, according to the classification system applied.

• The efficacy of the remaining three projects (6%) could not be determined definitively as there was insufficient public, independent information to adequately assess the quality of the credits and/or accuracy of their claimed climate benefits.

• Overall, $1.16bn (£937m) of carbon credits have been traded so far from the projects classified by the investigation as likely junk or worthless; a further $400m of credits bought and sold were potentially junk.

Four carbon markets experts said the findings were based on solid methodology and shine a light on the pitfalls of market-driven climate solutions which can enable polluters to keep polluting instead of transitioning off fossil fuels.

Some examples:

In one case, a giant forest conservation project in Zimbabwe was reported to have had so many exaggerated and inflated claims – and probably shifted emissions elsewhere – that it was described as “having more financial holes than Swiss cheese”.

In the US, the most problematic project is the world's largest carbon capture and storage plant in Wyoming, which has benefited from generous taxpayer subsidies, but where the vast majority of the captured CO2 has been released into the atmosphere or sold to other fossil fuel companies to help extract hard-to-reach oil, according to the Institute for Energy Economics and Financial Analysis.

All 10 hydroelectric dams in the top 50 carbon offsets – including the Teles Pires dam in the Brazilian Amazon and the Karcham Wangtoo plant in the Himalayas, India, which have both faced opposition from tribal communities – were classified as likely junk in our analysis as the climate benefits would have happened anyway, regardless of carbon credits. A number of previous studies have shown that although large dams cut national emissions, they do not lead to new or additional reductions needed for effective carbon credits. In some cases large dams have been associated with land disputes, displacement, increased poverty and environmental damage – including some greenhouse gas emissions emitted from water reservoirs.

In another example, a program in western Kenya provides water filters so households no longer need to boil water with firewood for filters. Though the potential health and sanitation benefits are not questioned, from an emissions perspective it was classified as likely junk in our analysis due to what appeared to be inflated baseline figures on how many households used firewood to heat water, and exaggerated claims in part due to evidence of low uptake of the filters.

https://github.com/s-matyukevich/raspberry-pi-os

Angry malds all over tech subs about GHC conference having a few men in attendance. She is _really_ mad - 6 posts in the last day across /r/GirlsGoneWired and /r/csmajors.

GHC, the "Grace Hopper Celebration" (maybe don't call it a celebration if you want to be taken seriously) is "is the world's largest gathering of women and non-binary technologists." Our heroine finds it ridiculous that evil men are allowed to attend.

Profile

First post

Second post

Third post

Fourth post

Fifth post

Sixth post

I'm seeing entire groups of just men, at a conference that's sole purpose is to give opportunities to WOMEN and non-binary individuals in a male dominated field. I attended last year and did not say any male identitying student attendees. This is genuinely infuriating.

Continues sperging out in the comments -

Men are minorities there aren't they? U gotta be more accepting

Are you stupid ??? The biggest appeal of grace hopper for the actual women / nb there is to be surrounded by other women. Last year, before men fricked that up for us, it was an extremely empowering and wholesome conference. It was the ONLY place we could celebrate women. It was a safe place for us. Men are the reason we needed it. And now you've come there too.

Lmao u have ten other ppl in here trolling why u comin after me? Is it because uk I'm a man and ur discriminating against me based on gender? Considering I work around women that have as much of an impact on me as I them, I'd consider ur scales before pooping all over men. This isn't a woman vs man thing, it's about working in cohesion

I'm mad at all of you. Seriously frick all of you. None of you guys that think this shit is funny know what it's like being the only woman in a class of 50 men. None of you know what it's like being talked down to because you are the only women on your engineering team. None of you understand why we have this conference and why this is upsetting.

The tables are turned as can identify valid enbys on sight

It says women and non-binary

The men I'm complaining about are not non-binary, they have “he/him” as their pronouns. I don't know a single non-binary person that goes by “he/him”. There are some that go by they/them and he/him but never just “he/him.” And for people who are actually part of the 🏳️‍🌈 community, its not very hard to tell. It's of course possible there are non-binary people that happen to look like cis males, however hundreds of people there being nb and coincidentally looking like cis men is statistically extremely unlikely… it's very clear that is not the case.

You just openly admitted you assume peoples sexually by just looking at them... wow

Lots of pooping on OP in this thread, she wants you to know she is very angry

OP is an absolute bigot for assuming that the people posting about it are not non-binary or identifying as women.

Go back to Alabama OP these days everyone can be a women.

Lol they put “he/him” as their only pronouns on their name tags and it's definitely possible that there are some non-binary attendees but not 1/3 of the attendees.

There are plenty of nb people that have he/him as their pronouns rather than making their life even harder than it already is maybe try to lift them up.

That is true but that is not what is happening here and it is very obvious

Educate yourself, sweaty

Follow up question, do you think that men who attend Grace Hopper are more or less likely to agree with the statement "Women are unfairly given extra employment opportunities in tech," when compared to all men in tech?

Kinda seems like voting with their feet to me.

I think they would think that, yes. Because they don't understand the history and personal experience of women in this industry. They don't understand the reason we have this conference / who create it / who it was created for.

You didn't start the conference, you don't run it. Who are you to say who it's for? Seems like they belong there more than you.

Try doing some research about the conference and educate yourself.

More bonus drama

I don't go to this, I don't even live on the same continent, but I do wonder how you are telling which people are non-binary and which are men? because I am a masc-presenting non-binary person and worry you might class me as a man if you saw me there.

edit: Really not sure why I am being downmarseyd. this sub "welcomes contributions from everyone".

Because it seems you're trying to muddy things for who knows why, possibly a distinctly masculine desire to make every conversation about yourself. Non-binary people are rare, rarer than either of the binary sexes. You see a conference "for women" which is populated distinctly by non-women, it does not make any sense to think "ah, non-binary representation!"

why invite non-binary people then?

That is not the issue here, is it? When there's a room full of people of whom 50% are masc presenting, 98% of those will be men not enbies. Whether any one of them specifically could be misgendered as either male or nonbinary is... well, personally unpleasant, statistically unimportant. It's just not likely to be successful enough to invite enough of the masc enbies but bad enough at inviting women to visibly get the ratio of male seeming people to be very high.

Plenty more drama in those threads, and I wouldn't put it past to continue madposting about it until the "celebration" is over.

>completely reworks marsey rendering

>adds 13 new marsey effects

>invents an entire new language for representing these effects that is way too complicated for the smoothbrains of rdrama to understand

>creates parser/tokenizer to parse this language

>writes actually helpful PR description

>does all of this without telling anyone what she is doing, including @A

>does this on a project where the average PR looks like this

!codecels, kneel before your GOD, @transb-word

Merge?

Btw andril industries is such a meme. Their salary bands for software developers is 84k (lmao) -150k (junior-tier) and senior salary is 150 (junior tier) -192 (2 yo experience tier). Absolute garbage.

Why shouldn't they? You've arranged to have product you didn't create shipped to a warehouse you don't operate to be stored by a system you don't maintain to be sold on a storefront under a brand you made up and that you didn't create to be fulfilled by a shipping apparatus instead of you going to the UPS Store. What exactly are YOU doing here that merits a payday? Mediating a relationship between Amazon and a Chinese manufacturing firm? They already have tons of those.

Maybe your point just sucks because finding some cheap garbage on AliExpress that you can sell with instagram ads isn't actually all that hard, or that much work, which is probably why this exact business model was sold to people who, as stated by people selling it, had low skills and no interest in acquiring them, so they can generate passive income by operating an automated storefront on Amazon.

https://news.ycombinator.com/item?id=37668690

Say what you will about their means of getting it, but this person did 100% of the leg work of getting that sale. That sale doesn't exists without them.

What leg work? Customer acquisition? They paid amazon for that. Delivery? They paid amazon for that. Manufacturing? They paid China for that.

The sale wouldn't exist without anyone in the pipeline (Amazon, manufacturer in China, shipping merchant, etc.)

I think it's actually worse than that. The merchant is the only party that is not needed.

In fact, calling a lot of these folks "merchants" at this point is probably a little too generous. Amazon is the merchant. Many of these other guys are sourcing and marketing "partners" for Amazon and the manufacturers.

https://news.ycombinator.com/item?id=37666435

That's literally the meaning of being a monopoly: There are no other distribution channels that can compete with Amazon. They are a distribution monopoly.

There is no monopoly in distribution. The vast majority of items are bought offline. Walmart, Costco, Target, Kroger and on and on and on and on.

The world wide web + google and facebook make finding eyeballs open for all. Fedex, UPS and USPS make shipping products open to all. Stripe makes accepting payments open to all. Cheap 3rd party manufacturing makes making things open to all.

We've probably never been further from a monopoly in any of the areas in question. The reason it's so darn hard to make any money selling random products is that there is just so much competition.

https://twitter.com/8teapi/status/1706520893621784780

Vicious Self-Degradation

you Google

Quora spots query and id's as frequent

Quora uses ChatGPT to generate answer

ChatGPT hallucinates

Google picks up Quora answer as highest probability correct answer

ChatGPT hallucination is now canonical Google answer

I recently discovered a program on GitHub that'd let me shove images in batches to some cmd which will use OCR to translate and auto place the text for manga.

Issue is that I need an openai key for pretty accurate translating but I'm poor.

So I was wondering if, you know, the keys one could find on GitHub through search dorking could be used? Hypothetically, since apparently openai has a deal with GitHub to automatically detect keys and alert the owner because so many are r-slurred. And, hypothetically, is that a crime, especially one that could be traced?

If so I'll just be a good boy and spend five bucks or whatever since crime is bad

https://t.co/SOUklLQpI9 pic.twitter.com/Nlfto9dIMY

— ❤️🧸j e l l y📷🎃 (@jellojellyjewwy) September 25, 2023

Other post https://old.reddit.com/r/neoliberal/comments/16rag1i/gen_z_vs_boomers_young_adults_are_victims_of

Gen Z falls for online scams more than their boomer grandparents do

The generation that grew up with the internet isn't invulnerable to becoming the victim of online hackers and scammers.

Anyone can get scammed online, including the generation of Americans that grew up with the internet.

If you're part of Generation Z — that is, born sometime between the late 1990s and early 2010s — you or one of your friends may have been the target or victim of an online scam. In fact, according to a recent Deloitte survey, members of Gen Z fall for these scams and get hacked far more frequently than their grandparents do.

Compared to older generations, younger generations have reported higher rates of victimization in phishing, identity theft, romance scams, and cyberbullying. The Deloitte survey shows that Gen Z Americans were three times more likely to get caught up in an online scam than boomers were (16 percent and 5 percent, respectively). Compared to boomers, Gen Z was also twice as likely to have a social media account hacked (17 percent and 8 percent). Fourteen percent of Gen Z-ers surveyed said they'd had their location information misused, more than any other generation. The cost of falling for those scams may also be surging for younger people: Social Catfish's 2023 report on online scams found that online scam victims under 20 years old lost an estimated $8.2 million in 2017. In 2022, they lost $210 million.

“People that are digital natives for the most part, they're aware of these things,” says Scott Debb, an associate professor of psychology at Norfolk State University who has studied the cybersecurity habits of younger Americans. In one 2020 study published in the International Journal of Cybersecurity Intelligence and Cybercrime, Debb and a team of researchers compared the self-reported online safety behaviors of millennials and Gen Z, the two “digitally native” generations. While Gen Z had a high awareness of online security, they fared worse than millennials in actually implementing many cybersecurity best practices in their own lives.

So, why? Why is the generation that arguably knows more about being online than any other (for now) so vulnerable to online scams and hacks?

There are a few theories that seem to come up again and again. First, Gen Z simply uses technology more than any other generation and is therefore more likely to be scammed via that technology. Second, growing up with the internet gives younger people a familiarity with their devices that can, in some instances, incentivize them to choose convenience over safety. And third, cybersecurity education for school-aged children isn't doing a great job of talking about online safety in a way that actually clicks with younger people's lived experiences online.

“I think Gen Z is thinking about it. We have to live with these threats every day,” says Kyla Guru, a 21-year-old computer science student at Stanford who founded a cybersecurity education organization as a teenager. When she teaches classrooms of students about email safety or phishing or social engineering, she said, there's often an instant recognition. “They'll be like, ‘Oh my God, I remember getting something really similar.' Or, ‘I've seen a ton of these kinds of spammers in my Instagram DMs.'”

The kinds of scams that target Gen Z aren't too dissimilar to the ones that target everyone else online. But because Gen Z relies on technology more often, on more devices, and in more aspects of their lives, there might just be more opportunities for them to encounter a bogus email or unreliable shop, says Tanneasha Gordon, a principal at Deloitte who leads the company's data & digital trust business. Younger people are more comfortable with meeting people online, so they might be targeted with a romance scam, for instance.

“They shop a lot online,” Gordon said, “and there are so many fraudulent websites and e-commerce platforms that just literally tailor to them, that will take them from the social media platform that they're on via a fraudulent ad.” Phishing emails are also common, she said. And while a more digitally savvy person might not fall for a copy/pasted, typo-riddled email scam, there are many more sophisticated, personalized ones out there. Finally, Gordon added, younger people will often encounter social media impersonation and compromised accounts.

Older Americans also date, shop, bank, and socialize online. But for every generation except for Gen Z, the technologies that enabled that access weren't always available. There's a difference between someone who got their first smartphone in college and someone who learned how to enter a password into their parents' iPad as a kid — the latter of which is much more the experience of a Gen Z or Gen Alpha, the generation following Gen Z that is rapidly approaching teenagerhood. Millennials, particularly older millennials, had occasional access to computers in school, but younger generations may have been issued laptops by their school district to use in the classroom at all times.

Taken together, these differences have led to some educated speculation on what that shift might change about how people approach cybersecurity. If online mayhem feels like part of the cost of being online, might you just be a bit more accepting of the risks using the internet entails? This generational difference might lead younger people to choose convenience over security when engaging online with their devices, according to Debb.

Social media apps like Instagram and TikTok are convenient by design. Install the app on your phone and you'll stay logged in, ready to post or browse at a moment's notice. The app will send alerts with updates and messages, designed to get you to open it up. Debb offered a hypothetical: If Instagram made users log out every time the app closed and re-log in with two-factor authentication in order to reopen it, then Instagram would probably be more secure to use. It'd also be extremely frustrating for many users. Older generations might be a little more accepting of this friction. But for those who grew up with social media as an important part of their self-expression, this level of security could simply be too cumbersome.

But Gen Z's online experience isn't really a black-and-white choice, where convenience lives behind one door and safety the other. Instead, online safety best practices should be much more personalized to how younger people are actually using the internet, said Guru. Staying safer online could involve switching browsers, enabling different settings in the apps you use, or changing how you store passwords, she noted. None of those steps necessarily involve compromising your convenience or using the internet in a more limited way. Approaching cybersecurity as part of being active online, rather than an antagonist to it, might connect better with Gen Z, Guru said.

“We're the ones changing the scene in the future, right?” said Guru. “We're the ones doing activism around climate change or reproductive rights. And so I think your threat model changes the moment that you take on those kinds of responsibilities or those roles.”

There's another factor here, too: Many experts say that the responsibility for remaining safe while using these apps should not fall solely on the individual user. Many of the apps and systems that are designed to be convenient and fast to use could be doing a lot more to meaningfully protect their users. Gordon floated the idea of major social media platforms sending out test phishing emails — the kind that you might get from your employer, as a tool to check your own vulnerabilities — which lead users who fall for the trap toward some educational resources. Privacy settings should also be easier to access and understand.

But really, Guru says, the key to getting Gen Z better prepared for a world full of online scams might be found in helping younger people understand the systems that incentivize them to exist in the first place.

“Why do these scams happen, who is behind them, and what can we do about them? I think those are the last synapses that we need to connect,” she said.

this anti-encryption ad in williamsburg is wild pic.twitter.com/SVYdVSsnUO

— tux (they/she) 🏳️‍⚧️🏴🧨 (@__tux) September 23, 2023

Was talking to this guy, and after the fact my friend (who knows him much better than I do) said that he clocked me based on the fact that I use Rust. Fellow rustaceans, how do you make your Rust pass? !cuteandvalid !codecels

How useful would an rdrama webring be? If you have an account you could submit a link to the webring and have a rotating purview of cool stuff.

!besties thoughts?

EXAMPLE OF WEBRING :

https://lilibyte.net/node/webring

https://foreverliketh.is#2-lainchan-webring

https://xn--sr8hvo.ws/directory

https://hotlinewebring.club

Sadly it's not a real estate management platform

This is the best summary of this situation, as one understood it as someone from the outside looking in.

https://mastodon.art/@simcha/111103704573744361 is firing back that this is all due to low-key bigotry by the admin of artisan.chat inside secret groomercord channels, which has been going on for a while. Blogposts linked with accusations against each other.

https://lemmy.world/post/5545374

The White House is considering requiring cloud computing firms to report some information about their customers to the U.S. government, according to people familiar with an upcoming executive order on artificial intelligence.

>executive order

In this case, the rules are intended to create a system that would allow the U.S. government to identify potential AI threats ahead of time, particularly those coming from entities in foreign countries. If a company in the Middle East began building a powerful large language model using Amazon Web Services, for example, the reporting requirement would theoretically give American authorities an early warning about it.

Don't worry citizen, it's for national security again. After you lose a few more freedoms we'll all be safe for sure

If the measure is finalized, it would be a win for organizations like OpenAI and the RAND Corporation think tank, which have been advocating for similar know-your-customer mechanisms in recent months. Others argue it could amount to a surveillance program if not implemented carefully.

Yes, RAND corp and OpenAI certainly have my best interests at heart

Yes I upsneeded it