Need to let loose a primal scream without collecting footnotes first? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful you’ll near-instantly regret.
Any awful.systems sub may be subsneered in this subthread, techtakes or no.
If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post — there’s no quota for posting and the bar really isn’t that high.
The post Xitter web has spawned soo many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be)
Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them.
(Semi-obligatory thanks to @dgerard for starting this.)
ai fan asks chempros about their use of lying boxes: majority opinion is that this shit is useless, leaks confidential information and is a massive legal liability https://www.reddit.com/r/Chempros/comments/1hgxvsj/ai_in_the_workplace_how_have_chemistsscientists/
top response:
It’s a good trick to be instantly dismissed. No, really, that’s the latest I had in terms of company policy. If you’re caught using AI for anything, you’re out the door. It’s a lawsuit waiting to happen (and a lawsuit we cannot defend against). Gross misconduct, not eligible for rehire, and all that. Same as intentionally misrepresenting data (because it is). (Pharma)
From the replies:
In cGMP and cGLP you have to be able to document EVERYTHING. If someone, somewhere messes up the company and authorities theoretically should be able to trace it back to that incident. Generative AI is more-or-less a black box by comparison; plus how often it’s confidently incorrect is well known and well documented. To use it in a pharmaceutical industry would be teetering on gross negligence and asking for trouble.
Also suppose that you use it in such a way that it helps your company profit immensely and—uh oh! The data it used was the patented IP of a competitor! How would your company legally defend itself? Normally it would use the documentation trail to prove that they were not infringing on the other company’s IP, but you don’t have that here. What if someone gets hurt? Do you really want to make the case that you just gave Chatgpt a list of results and it gave a recommended dosage for your drug? Probably not. When validating SOPs are they going to include listening to Chatgpt in it? If you do, then you need to make sure that OpenAI has their program to the same documentation standards and certifications that you have, and I don’t think they want to tangle with the FDA at the moment.
There’s just so, SO many things that can go wrong using AI casually in a GMP environment that end with your company getting sued and humiliated.
And a good sneer:
With a few years and a couple billion dollars of investment, it’ll be unreliable much faster.
AI could be a viable test for bullshit jobs as described by Graeber. If the disinfotmatron can effectively do your job then doing it well clearly doesn’t matter to anyone.
In further bluesky news, the team have a bit of an elon moment and forget how public they made everything.
https://bsky.app/profile/miriambo.bsky.social/post/3ldq2c7lu6c25 (only readable if you are logged in to bluesky)
Not A Sneer But: “Princ-wiki-a Mathematica: Wikipedia Editing and Mathematics” and a related blog post. Maybe of interest to those amongst us whomst like to complain.
Y’all, with Proton enshittifying (scribe and wallet nonsense), I think I am never going to sign up for another all-in-one service like this. Now I gotta determine what to do about:
- Proton Mail
- Proton VPN
- Proton Drive
- Proton Calendar
and I’d be forced to reassess my password manager if hadn’t already been using BitWarden when Proton Pass came out.
Self-hosting is a non-starter (too lazy to remember a new password for my luggage). Any thoughts? Are other Proton users here jumping ship? Should I just resign myself to using Proton until they eventually force some stupid ass “Chatbot will look at the contents of your Drive and tell you which authorities to surrender yourself to”?
For VPNs, at least, I can offer some suggestions. If you wanted to securely access a specific box or network of yours, tailscale is pretty great and very painless to use. If you wanted to do stuff without various folk noticing then that’s a bit trickier but I’ve been happy using mullvad… they’re not the cheapest, though they have some splendid anonymous payment mechanisms (you can literally mail them a wad of banknotes with a magic code on a bit of paper… you don’t even need to muck about with bitcoin).
I have a subscription for Private Internet Access that I was using before subscribing to Proton Mail (which comes with Proton VPN). I figured it was all the same (they all have a slightly skeezy feel to me).
Then I checked out Mullvad’s website and it’s really quite awesome. Everything about their service has a “we want to make this accessible to everyone” vibe, which I appreciate. I am going to try it out. <3
Oh yeah I forgot to mention that in my comment: drop PIA. Never touch anything owned by PIA or Kape. Ever.
also, how are you liking bitwarden?
I really need to kill off my current password manager and bitwarden’s looking like the least worst of current options (esp. when paired with something like vaultwarden instead of running a fucking nodejs sync server on the internet), but also some of it seems quite stunted[0]
it’s gotten so bad that I’ve started pondering writing my own, because good god does basically every option out there depress me
[0] - no global hotkeys? the fuck
They have a CLI app though which you can hook up to dmenu or rofi or whatever to get global shortcuts.
https://github.com/firecat53/bitwarden-menu
Their desktop app is a bit shit anyway. I just use the CLI and the Firefox extension and it’s working solid.
alas: my main workstation is (non-slate) macos, and it’s unchangeable for the foreseeable future
good to know those (already) exist as options, though. if I can find some spoons I’ll try look around and see if there’s maybe something similar I can hack up/agglutinate from what’s around
Their desktop app is a bit shit anyway
I haven’t even tried it yet because I’m real “ehhhhhhhhhhhhhh” about even the idea of a js-/ts-based gui client for my password manager. largely because I’ve met too many js/ts devs and I outright don’t trust their competence and processes. so your post is definite motivation for me to eyeball some of the other clients too
also, how are you liking bitwarden?
I am happy with it. That they only charge $10 a year for services I don’t even need (I could use a separate 2FA app) and allow you to self-host is a good sign. I plan to eventually set up a workflow in Sway (Wayland tiling WM) with a CLI tool (e.g. https://crates.io/crates/rbw, or the official one), so the interface is not terribly important to me. I would definitely recommend trying a free account to see if it fits into your workflow.
it’s gotten so bad that I’ve started pondering writing my own, because good god does basically every option out there depress me
I am in the same boat, except all of the software I’ve ever written has been TeX, or giving contrived examples to undergrads to demonstrate why dp[i][j] is a shit table name or why ∞ is better than float('inf') or MAX_INT in pseudocode. So I am only theoretically up to the task, which is … IDK maybe I should start grifting?
But for real, I have considered writing my own:
- VPN client where we don’t have to jump through the hoops of learning a new shitty client, or finding out that their client runs like ass in Linux (Proton)
- Password Manager
- Config editor, so I don’t have to edit
/home/${USERNAME}/.config/sway/config.d/90-fuckyou-this-is-where-we-keep-system-suspend-shit.confevery time I want to change something. “Oh no you gotta edit the Kanshi config for that one.” It’s tedious to remember where various programs look for the config and whatever particular syntax is chosen (isn’t this fucking solved withtomlfiles already?) - An Android reminder app that isn’t some stupid Taylorist metric-worshipping bullshit.
PS: There is Goldwarden which I know absolutely nothing about but looks neat. It does suggest that you could just write your own that is bitwarden compatible.
I am in the same boat, except all of the software I’ve ever written has been TeX
I’m sorry
giving contrived examples to undergrads to demonstrate why
dp[i][j]is a shit table name or why∞is better thanfloat('inf')orMAX_INTin pseudocode
that sound you can hear is my despairing screaming[0]
VPN client where … jump through the hoops of learning a new shitty client
(not a pitch, but multiple commercial references) I really liked how simple tunnelbear made this for a lot, and also quite like how slick the wireguard desktop-style handling is (you can see this for example with fly.io’s integration to that). I think there’s long context here, and if you buy me a beer I could rant in detail
PS: There is Goldwarden
oh good, it’s in Go, my other code allergy
shitposting aside, re the password manager thing: @self and I have co-ranted in dms, and about similar gripes.
so, by way of idea, loose laundry list for foundations/design: modern crypto (jfc why is so much still going “yeah gpg is fine”), crdt sync, a sane fucking language to build everything on, own-devices friendly (in the “you can sync device to device peer-wise” sense, vs the “there’s a remote server broker” sense), and pretty okay™ interfaces for client building/extensibility
last time it came up, tuta was the least worst of the mail options. it’s not the same offering as proton’s in-garden encrypted, but nothing is afaik. rest of it is pretty okay (I have some (not all[0]) domains on there)
the rest of the things I don’t have a direct recommendation in part because [0] and in part because I don’t use computers entirely like how a lot of people do. that said
storage: backblaze storage pricing is not bad. they might have a desktop app thing? calendar: caldav is a dark art beyond my ken - I haven’t even got that shit playing nice on my own things[3]. fuck knows who does this well. vpn: mullvad[1] (has quite recently had another full assessment published). maybe njalla[2]?
[0] - I’m one of those crotchety fuckers that still has a whole pile of self-hosted things that have been going 15~20y
[1] - seems okay and to have their head on straight. haven’t used myself.
[2] - also haven’t used it myself, comes from some of the folks of the TPB gang
[3] - admittedly I haven’t tried that hard because I don’t need it much, but it is extremely goddamn annoying to debug from clients
I use Posteo for mail and calendar now (they’re not encrypted between users like Proton but you can just hook it up to any mail client and PGP your shit) .Mail is IMAPS, calendar is CalDAV, contacts are CardDAV, etc. Depending on where you fall on the security-convenience sliding scale, that might be an option. I’ve decided that I care more about portability and standards than super-thick encryption which made me choose them over Tuta, because Tuta offers no way to access the mail over IMAP whatsoever, not even an optional bridge like Proton, and that was a total dealbreaker for me. Posteo also claim they’re 100% green energy which is a nice bonus.
For drive I use Filen.io now. They’re relatively new so I can’t make any assumptions about how long they’ll be around but the price is fair and they offer lifetime payments too. Also their Linux client is pretty solid and doesn’t fucking eat my RAM for breakfast. They’re also in the process of adding support for rclone as per a GitHub issue I’m following.
VPN I pretty much don’t use because I’ve never felt I needed it, so no recommendations there from me.
I was in the exact same boat til recently, but switching off of Proton was actually surprisingly easy even though I had it tied into a bunch of accounts and infrastructure. I actually ended up saving a lot of money compared with Proton Unlimited, and it’s a relief to not have all my eggs in one basket, especially since stuff like Proton’s no logs policy is effectively worthless, and if you’re a whistleblower or similar you’re expected to use a VPN or Tor to access your mail every time to keep from being arrested… but most likely your VPN (and possibly Tor client) is Proton too if you’re paying for it, with the same worthless no logs policy.
some quick recommendations:
Proton Mail
Proton Calendar
tuta does both of these. their mail is e2e and fine — it’s jankier than proton but also less resource-intensive. it’s also the only other choice for now :(
I haven’t used their calendar yet, but from a distance it looks good. I should give it a shot sometime soon.
Proton VPN
this depends on what you’re using your VPN for. actual security? fucked if I know. high bandwidth fuckery? airvpn is pretty good and they’ll let you allocate ports.
Proton Drive
tuta’s getting this soon apparently. otherwise, I can second Backblaze being very reasonably priced if you don’t mind having to choose and set up your own e2e software.
Bluesky’s approach to using domain names to mean identity is now showing cracks that everyone can see: https://tedium.co/2024/12/17/bluesky-impersonation-risks/
(it was always shaky, but mostly only shown by infosec folks who signed up as amazon s3, etc)
TL;DR: scammer buys .com domain for journalist’s name, registers it on bluesky, demands money to hand it over or face reputational damage, uses other fake accounts with plausible names and backgrounds to encourage the mark to pay up. Fun stuff. The best bit is when the sockpuppets got one of the real people they were pretending to be banned from bluesky.
