"of course real branches happen in GPU code"

My understanding was that they don't. All executions inside a "branch" always get executed, they're simply predicated to do nothing if the condition to enter is not true.

That's only if execution is incoherent. If all threads in a warp follow the branch the same way, then all of the instructions in the not taken branch are skipped.

In my experience there is hardly a garment less comfortable than a suit.

Ha!, that’s interesting – my experience is exactly the opposite.

I will note my surprise when I learned that this was my preference!

I did have to find the right material to fit between me and the environment. I live in a cool climate but am always running a little too hot for indoors. For me the most comfortable clothing is a suit of medium-fine and somewhat “porous” wool. Very lightweight for the warmth it gives outside. Breathes well inside and I can take off the jacket to cool down. Lightweight shirt to be able to bleed off heat.

I do not at all enjoy wearing cotton or synthetic suits.

The fit is important of course. I’m blessed with haphazardly fitting well into off-the-shelf suits… if I can mix and match the pants one size up or down to the jacket. –It’s kind of random which way it goes.

Then I take a size smaller motorcycle gloves than the similarly-sized runway model would — and a size bigger dirt bike helmet. The reader will note that I’m not at all perfectly shaped :)

What about your shirt, you don't go with cotton?

I think I’d feel better in something other than cotton but I haven’t come across anything. Just lucked out once when I needed a suit and grab the seemingly lightweight shirts off the rack; Have yet to get serious, you know?

Kmart suit Yes. But in general whole point of suit was comfort, just look at pictures of factory workers from 150 years ago, every single working man in a suit. Also google Van Damme suit kick

A $20,000 suit? A suit hand tailored to (in his case) his tiny bottom, including matching braces?

I wouldn't be able to relax for fear of damaging or soiling the suit. Cats, dogs, children, food, bushes and trees, mud, not spot-clean metro cars - everything is an enemy.

Having just stalked his Instagram page to see what other watches he owns - I don't think he needs to worry.

Buy second hand! It's much easier to wear a $1000 coat to a bar knowing you only paid $125 for it!

This is how I feel about my fursuit. The thing should just about be kept in a humidity controlled display cabinet.

Imo wool trousers are more comfortable than jeans. It's like wearing pyjamas.

A good fit and quality fabric make a lot of difference. Granted, sweatpants and a hoodie are still more comfortable.

A suit that (sic) suits your morphology and isn't made on the cheap is very comfortable.

get it tailored and report back :)

I have bought a number of tailored suits, albeit never bespoke.

Fitted worse than off-the-rack. I figured you need to keep adjusting the measurement at your tailor until you find the perfect fit, which is too much effort for me.

Or find an outstanding professional, which is just too expensive.

what is this German-speaking part of Belgium you speak of?

I also prefer Sublime Text to all of the clones.

I'm more of less forced to use VS Code at present and it's an overengineered slow mess.

As a non-web person, I find everything related to this auth business needlessly complicated and arbitrarily limited. Most of the time it's not even implemented correctly anyway (many application not checking the JWT audience...) because web devs just use libraries without understand what actually provides the security.

As an application writer, I want the user to feed me a token signed by a trusted entity that proves he is who he claims he is and has the necessary accesses enabled for my application.

Whether this happens transparently via a redirect to the trusted entity login webpage and back to my app or whether I request the user to go to a specific url on their own while I wait for them to do so is just an UX detail. Why every approach needs to be labeled a "flow", authorized separately, and come with their own limitations is beyond me.

Because web browsers are a massive hack and nothing works 100% so theres 10 different flows to cover which sort of broken is acceptable to your use case.

> Whether this happens transparently via a redirect to the trusted entity login webpage and back to my app or whether I request the user to go to a specific url on their own while I wait for them to do so is just an UX detail. Why every approach needs to be labeled a "flow", authorized separately, and come with their own limitations is beyond me.

The reason they're called flows is because they each compose one or more single steps from the OAuth2 "toolbox" (i.e. endpoints). Many flows will have overlapping or even identical "steps", but the order of things matter and the modes in which they interact matter, which is why the second layer of delineation is necessary (or useful, at least).

because web server, browser and protocol developers, after implementing HTTP Basic Auth punted and said this is gross and hard. They then gave up on the problem.

The problem still existed, and other developers took a stab, but they weren't protocol or cryptography people, so we got a bunch of mostly broken stuff. Some cryptographers came along and pointed out the disasters, and since then it's been slowly getting better, but it's still a giant mess.

Companies have decided, since we have to solve it for us, we can just solve it for you too, and now we have "social logins" where we tell Microsoft, Apple or Google everything we login to. They appreciate the extra information to help themselves, so it's a worthwhile incentive for them.

The web browser developers got a little involved with passkeys, but the UX is still not idiot proof. Better than their last two tries at implementing public key auth though(TLS client certs and DOD auth).

>i want the user to do this very particular thing in an absolutely correct way

good luck

> As a non-web person,

Yes, indeed.

> I find everything related to this auth business needlessly complicated and arbitrarily limited.

You find a subject you do no understand or were bothered to learn about to be needlessly complicated and arbitrarily limited?

> Most of the time it's not even implemented correctly anyway (many application not checking the JWT audience...) because web devs (...)

You seem to be very opinionated over things you clearly know nothing about.

Among the many ways you manifested your cluelessness, OAuth is not a "web dev" thing. It's a "software communicating over a network" thing. Desktop apps must support it, so do mobile apps, and web services need to support it both as client apps and resource services.

Also, to drive home your clueless ignorance, "checking the JWT audience" is not a authentication thing, which is the responsibility of OAuth. The full name of OAuth2 is "OAuth 2.0 Authorization Framework". It covers delegating authorization to third parties so that clients can access a user's claims. Claims are not authorization either.

In the end you were awfully critical of something you don't even know what is?

> (...) just use libraries without understand what actually provides the security.

I think you should take a step back and meditate over your post. It says nothing about OAuth, and everything about how little understanding you have over OAuth and how vocal you are on a topic you know next to nothing.

I've implemented those components from scratch in C++ to provide single-sign-on authentication across a variety of distributed sensitive applications, without using any libraries, so I'd say I'm fairly familiar with how they actually work.

JWT is by far the most important building block here, and while it's not part of OAuth, realistically it's how anyone sane would use OAuth.

> JWT is by far the most important building block here, and while it's not part of OAuth, realistically it's how anyone sane would use OAuth.

There's a degree of confusion in your comment. I pointed out the fact that OAuth handles authentication, not authorization. Those who fail to understand this clearly don't know the basics of the whole system. This is what I posted in my previous reply to your post.

The same applies to JWTs. They are the output of an authentication process. They do not authorize anything. They bundle a set of claims along with metadata used to prove they can be trusted and when they are valid. They are designed in a way that resource servers can validate them locally before actually handling any authorization concern.

The authorization part is handled by the systems which check these claims. It's a separate concern, handled separately by separate systems. If you were familiar with any OAuth flow, you'd be aware that this part takes place only after any of the flows take place, and is way outside of their scope.

This is what I'm talking about. If you do not understand the problem domain then you are in no position to criticize or complain about how solutions are implemented. You can only complain about the time you're wasting criticizing things you know nothing about.

Authorization is derived from authentication; authentication is the core concept underpinning security, while authorization is about defining the scope of the access.

Restricting the scope is mostly useful for when you need to interact with services that talk to other underlying services without granting them full access to those, but in practice, that's not a very common case outside of the web.

Ultimately that distinction doesn't really matter, what's important at the end of the day is how you implement the access control. Using an opaque token and an introspection endpoint is a terrible idea. JWT is a good solution. All of the OAuth flows do is just provide convoluted ways for the user to authenticate with a identity provider, generating a JWT on his behalf, and do not contribute to security in any meaningful way.

JWT doesn't support revocation, which is a pretty fundamental flaw.

Tokens typically expire after 8 hours at most.

Why are you so condescending?

It's always very jarring to come across a post that is so drastically different in tone when you're just trying to follow a comment thread.

> I think you should take a step back and meditate over your post.

I wish you'd follow your own advice.

Stopped reading at the word "Kafka".

fair

Interestingly enough, the French do it the other way around, and start counting from the final year (they also start at 0 so it's offset by one).

That's arguably a better system since you can keep adding earlier and earlier years (mandatory school starting age has drifted from 11 to 6 to 3 over the years) while keeping everything consistent.

Unfortunately they messed it up in 1959 by renaming 12th to 7th and giving matching names to the new 13th/14th.

Actually, it's more complex than this in France. There is 5 systems:

- depending of the Ministry of Eduction :

   - for toddlers : maternelle (3-6 yo)

   - Primary : CP (6 yo, primary), CE1 (elementary 1), CE2, CM1 (middle 1), CM2

   - Secondary :

       - College (not the US one!) : 6th (~11 yo), 5th, 4th, 3th (with exam at the end)

       - Lycée : 2nd (~15 yo), 1st, Terminal (with 'Baccalauréat' exam at the end)

then depending of Ministry of Research : University or Post BAC schools

However, I think that in some other french-talking countries (Belgium, Swissland) they did it simpler

Maternelle years also have names: PSM, MSM, GSM.

GSM, PS, CE1, CE2, CM1, CM2 used to be called 12th to 7th, as I said.

Your primary classification is incorrect -- maternelle is part of primary. Non-maternelle primary is called elementary.

That's for classic education (General, when you want to make longer studies), there are also professional or technical Lycée)

The P in CP doesn't stand for "primary" but for "preparatory"

Nothing compared to the order I went through in Germany: 1, 2, 3, 4 (elementary school until here), then VI (read in Latin, sexta), V (quinta), IV (quarta), lower III (tertia), upper III, lower II (secunda), 11, 1st semester, 2nd semester, 3rd semester, 4th semester.

Does anyone still use these Latin terms? When I went to school in the 90s and early 00s we just counted from 1st to 12 and university just was it's own thing and how many semesters you were in didn't matter that much because there was no class structure.

French and Brits do a lot of things the other way around, like imperial system, ATON/NATO, driving on the other side of the road.

Just mentioned the age bracket. Kids who are younger or older are outliers.

The French for NATO is completely reversed: OTAN

As a resident of the UK I found the British persona somewhat offensive.

Normally, you learn during high school that when you take any exam, you should not reply with the best or smartest answer, but with the answer the teacher expects.

The same applies to interviews.

But that was the correct answer after all: screw the interview, have fun trolling the interviewers (you won't get the job anyway), then write a cool blog post and post it here. There is already someone in this thread asking for contact.

If you are interviewing for a job - the "answer the teacher expects" can tell you a lot about the company you are potentially going to work for, as can the exam which you are given to prove your worth.

Job market kinda suck for employee so cant be picky I guess

Stupid questions deserve stupid answers.

Discrimination against the neurodivergent.

The world is discriminatory against people who are different.

Learn to blend in if you want to function into society.

What do you think they expected when they said not to use numbers? Is there a "normal" answer to that? It seems like a very freeform kind of crazy restriction to me.