Maybe it's just me, but the idea that the average web project out there is a complicated mess and thank God we have AI so we can finally think about the things that matter while AI deals with the mess... it makes me sad.
As far as I know, access points only identify via their SSID. Which is a string like "Starbucks". So there is no way to tell if it is the real Starbucks WiFi or a hotspot some dude started on their laptop.
There is nothing wrong with using public networks. It's not 2010 anymore. Your operating system is expected to be fully secure[1] even when malicious actors are present in your local network.
[1] except availability, we still can't get it right in setups used by regular people.
And when you connect to a non-public WiFi for the first time - how do you make sure it is the WiFi you think it is and not some dude who spun up a hotspot on their laptop?
Why does it matter? I mean I guess it did in this case but that is considered a top priority bug and quickly fixed.
I guess my point is the way the internet works is that your traffic goes through a number of unknown and possibly hostile actors on it's way to the final destination. Having a hostile actor presenting a spoofed wifi access point should not affect your security stance in any way. Either the connection works and you have the access you wanted or it does not. If you used secure protocols they are just as secure and if you used insecure protocols they are just as insecure.
Now having said that I will contradict myself, we are used to having our first hop be a high security trusted domain and tend to be a little sloppy there even when it is not. but still in general it does not matter. A secure connection is still a secure connection.
Hmm. Are you sure that your stack wouldn't accept these discovery packets until after you've successfully authenticated (which is what those chains are for) ?
Take eduroam, which is presumably the world's largest federated WiFi network. A random 20 year old studying Geology at Uni in Sydney, Australia will have eduroam configured on their devices, because duh, that's how WiFi works. But, that also works in Cambridge, England, or Paris, France or New York, USA or basically anywhere their peers would be because common
sense - why not have a single network?
But this means their device actively tries to connect to anything named "eduroam". Yes it is expecting to eventually connect to Sydney to authenticate, but meanwhile how sure are you that it ignores everything it gets from the network even these low-level discovery packets?
I may be missing something, but it is almost a guarantee that you would not receive a RA in this scenario? eduroam is using WPA2/WPA3 enterprise, so my understanding is that until you authenticate to the network you do not have L2 network access.
Additionally, eduroam uses certificate auth baked into the provisioning profile to ensure you are authenticating using your organizations IdP. (There are some interesting caveats to this statement that they discuss in https://datatracker.ietf.org/doc/html/rfc7593#section-7.1.1 and the mitigation is the usage of Private CAs for cert signing).
Companies like apple should be liable to pay many millions in damages for this kind of shit. The people should make it hurt so much for them that they think twice before doing it without having a clear and working appeal process where you are clearly explained what happened and guided through it.
Facts my friend, facts. You may not like them, you may think they are out of context and/or misused, but they are still facts.
Another fact is that the money saved went to fund a (small) portion of the big beautiful bill, which doesn't exactly focus on helping the average american Joe.
For someone at the level of Terence Tao, this may be a good idea if a university is willing to hire him, even if it were for a temporary position until 2029 when (hopefully) the regime changes and the destruction is over. I’m sure Terence Tao will have no problems finding such a university or institution.
It’s researchers who are not at the top of their fields who will have a much harder time leaving America to find research positions, since academic positions and funding haven’t been easy to obtain in places like Canada, Europe, Australia, and Japan for at least two decades.
What will most likely be the case is that scientific careers will be halted temporarily or permanently from these funding cuts. Graduate admissions are harder than ever now, it’s harder to find a research position, and I can’t imagine how much more difficult tenure will be to obtain if professors can’t fundraise and publish. Industry isn’t always an option, either. A lot of researcher’s careers will face major setbacks, some unrecoverable, all due to the capriciousness of our rulers.
Yes, I agree with you that it's going to be difficult for researcher that are not at the top of their field. But if some of the top researchers started the flow, and goverments in other countries woke up and took advantage of the situation, I believe things could change.
There is nowhere to run and hide. Europe is worse than the US on this front. China also demands party loyalty. In a sense this is just the human condition. The ruling faction demands loyalty. Only a very advanced human civilization could move past that and allow criticism of the ruling class. Maybe the US had achieved that for a brief movement in the past or maybe it was just an illusion.
EDIT: For people wondering why I think it's worse in Europe, it's because in Europe the ruling class and the universities are on the same side. And when I say Europe, I mean UK, France and Germany.
My PhD friends are moving to Canada and Hong Kong now. Neither are perfect, but they are better than America now in terms of academic freedom, and won't yank your funding in the middle of a 5 year research project just for petty revenge. Half of what you hear about China is propaganda - America is the bad place now.
I'm in Europe. It's not even close to being worse than the US on that front. Places like the Fraunhofer Institute and the Max Planck Institute are perpetually well-funded, and are largely unaffected by politics. Good places to do research.
As a German government funded scientist, is it safe to criticise Israel or use the 'G' word for what Israel is doing? Or would they do the same thing they did to Helen Fares?
In any case, penalties would apply to the perpetrators themselves, as individuals. I've never heard of a case where the institution itself would suffer from a significant funding cut, to say nothing of a very sudden funding collapse.
> but free speech is much more sacred in the United States than in Germany.
In the abstract. In actual practice, it's not clear, and you could even build quite a strong case for the opposite view. "Cancellation" over mere words has been commonplace for over ten years, and is much more common to the US than to Europe. And as for laws... What just happened to Tao and UCLA has, to the best of my knowledge, never taken place in Europe in recent decades.
>Fraunhofer Institute and the Max Planck Institute are perpetually well-funded, and are largely unaffected by politics
Oh, so I can freely go up against the German government's policies and have my career in academia unaffected and keep my government funding?
I lived in Germany and don't remember people or organisations ever being able to break government rules with no consequences (unless they had high friends in politics).
In this case, the analogy should be "Go work in German academia *where the students* criticize the FOREIGN government of Israel."
AFAICT, no German academic institutions have lost funding as a result of the student's protests. Those protests were stopped, police action etc., but no funding change to the academic institutions.
Sorry I don't buy it. Which examples are there of academics going against the government policies and still keeping their jobs and funds?
I lived in Germany and the moment you don't do what the government says you get the full shaft. Nobody let's you rebel against the government with no consequences, not in US, not in Germany, not in UK, nowhere.
People painting Germany like a bastion of free speech are coping hard. Only if you consider free speech doing and saying only what the government says.
It's hard to prove a negative. Can you show us an example of anything like what's happening at UCLA (collective punishment of an entire institution) or an example of an individual professor being harshly penalized or sanctioned for expressing personal political opinions?
Don't spin this around, what I asked you is not a negative.
People here argued that the US is fascist because in academia you can't get away with breaking governments rules getting you defunded and pointing at Germany for being superior in this regard.
So then I asked for proof that in other countries you can get away in academia with breaking the government's rules and not get defunded. It really is that simple.
That's not what people have complained about. People complained about that in the US a government rule seems to be "don't criticize the government".
What about Christian Drosten who criticized a lot of the Corona decisions, Jan Boehmermann who is very critical but still employed by state-financed TV. Fridays for Future?
> Jan Boehmermann who is very critical but still employed by state-financed TV.
What did he criticize? Did he ever criticize all the crimes due to illegal migrants? Of course not because that's not allowed by the state.
He is just a government mouthpiece acting like a jester to give people the illusion that the government allows criticism, but he's not a proper critic of the government, as those are banned.
It's hard to prove what you're asking because it's intrinsically not newsworthy -- whereas the reverse is. Surely if it's so bad in Germany, you should be able to dig up an example or two?
Generally, I do agree that in most if not all places, if you get government funding, you can't go against government policy.
However, in this case, it's quite hard to argue that Terrence Tao had anything to do with antisemitism or anything against Trump's policies. Actually I don't think Terrence Tao did anything that Trump cared about. This isn't really a free speech issue, it's more like some fundamental instability in the US, and maybe the US government is running out on money and trying to cut down on research expenditure using excuses.
In fairness, it can be either, and which it is depends if in the specific case it's more accurate to phrase it as "the ruling classes are on the side of the universities" (good) or as "the universities are on the side of the ruling class" (bad).
Yeah, it was called the United States and if it was an illusion it would not have been the weakness exploited in this way. America was real and can well be again: turns out allowing such diversity and multiculturalism gave rise to things like New York City, California etc etc. known for being giant piles of messy commerce and influence from all over the place.
It's never been any different, all the way back to when Germans or Irish or whoever were the 'demonized immigrants'. This is what made America great. Anytime we want it, those conditions can return. It was no illusion.
On the front of funding research? Considering that one is constantly adding more funds for research, while the other one is removing funds, I'm not sure how accurate that is.
I wouldn't say it's "just as bad", but I also couldn't imagine a big university publicly and strongly going against the federal government in Germany on "culture war" issues.
If you're fully aligned, there's no telling what would happen if you weren't, and you can't use "nothing happens" as evidence that nothing would happen - you're always allowed to share the opinions of whoever funds you.
If Germany got a right-wing government on the federal level, I expect to see either funding being slashed or universities adjusting their positions.
It's silly to say that EU is better jut because people don't see the government interfere with universities in the EU, when EU universities would never go against the central government to begin with, because that's where all their money comes from. Why would you bite the hand that feeds you?
Meanwhile universities like Harvard have so much private money they can publicly tell Trump to shove it. EU universities don't have this privilege so they exercise a degree of self censorship based on how the government tells them to dance.
Like the German diplomats recently speaking out against their governments policy on Gaza and Israel?
Or Dutch professors openly criticizing the plans by the right-wing government (which just fell) as being damaging, unproductive amd sometimes unconstitutional?
The only examples I see are the opposite of what you say. Can you name any examples in Germany, Sweden, Norway or Holland? (Those are the countries that I'm confident talking about at least)
That works in numerical libraries because you can encapsulate the loops into basic operations that you then lower to C.
In a domain like type checking it's not nearly as easy/doable.
> This is what you should be doing when working with C/C++
I genuinely wonder if you actually have ever written c/c++, there is plenty of code that is perfectly valid and safe (mostly involving multiple pointers to mutable memory being alive) that the borrow check cannot accept because it has to draw a line to things it can prove are correct.
It's like saying that the only valid math is the one that an automated theorem prover can prove, it's not even close to being true.
> I genuinely wonder if you actually have ever written c/c++
I have; enough for one lifetime if you ask me. It was hunting use after delete which made me stop.
I kinda agree with you, with the caveat that both can be true. If you want to write safe-ish C++ you’ll use defensive containers from the start and watch iterators like a hawk. You can also take a more cavalier approach and live with the consequences (which might not happen and then you win big).
Rust wants you to basically not use references unless your data fits the one writer xor many readers model (painfully including struct members, recursively) and the cavalier approach is very strongly discouraged on the language level. This forces you towards safety, but I also agree with everyone else who say that isn’t how computers actually work. The impedance mismatch is an engineering tradeoff to make.
My friend, Amazon being legally allowed to behave like a schmuck doesn't imply the community can't point that out and complain about it. AWS (legally) exploits open source projects, and that's a fact.
There are many actions and behaviours in life that are not illegal but actively worsen society at large if you do them.
That companies that are the main contributors to OSS are forced to take drastic measures is just consequence of AWS not being a team player, you should have at least the decency of not commenting here.
PS. I don't have a horse in the race, I'm not a Redis user, I'm just appalled by your behavior.
reply