/tech/ - Technology

Welcome to the internet captain obvious.
I mean, anon. I'm not trying to be an asshole, but. This doesn't come as a surprise to anyone lurking this board who knows shit about computers. It's basic opsec to know that everything can be hacked and nothing is completely secure.

Might help if you explained what the hell "CRA" is first, OP.

>Like the RUST programming language that has eliminated a hole class of memory-leak security flaws
I play Veloren regularly and it has literally had a memory leak for well over a year (if not years). Rust hype is fucking stupid.

>>12822
CRA stands for "cyber resiliency act".
It's EU legislation that's supposed to improve IT security.
But might end up screwing over Open source and small tech

>>12823
>I play Veloren
I approve of your taste in video games
>and it has literally had a memory leak for well over a year
chances are this is caused by a graphics api.
>Rust hype is fucking stupid.
It got approved by the Linux kernel dev team tho.

>>12823
OP is dumb but so are you. Rust eliminates memory safety issues, but memory leaks are not categorized as such because it is impossible for a compiler or even a runtime to determine if memory allocations are leaks or intentional.

>>10070
>le choice of language
You will never get anywhere, just give up

>>12790
idk why you're necrobumping but yes coding MUST be fun for side projects otherwise you will get nowhere.

>>12796
What you are saying is correct.

However a surprising amount of code gets copy-pasted from stack-overflow and then tweaked to fit the application. Recently people have begun a similar praxis by prompting large language models, and tweaking the output of that. Neither is particularly fun.

>>12799
ChatGPT has made programming way more fun for me. I'm blocked a lot less often, I can delegate the boring stuff to it and focus on solving slightly higher level problems. It's been a game changer tbqh.

>>12801
>ChatGPT has made programming way more fun for me.
I haven't tried it to be honest. Tho I watched online videos of people using llm code. It didn't look compelling to me. People spend as much time refactoring the generated code as it would have taken them to write it from scratch. To be fair it's been a few months since i last looked at this, it might have improved since.

I could see this as a great way to learn a new programming language, and possibly as a tool to detect bugs and perhaps security flaws.

I'm not sure about using a online llm services for production software tho. I would be too paranoid about the code-generators being used to slip malicious code into programs. Consider that Code-llms scrape all of github, which means that if somebody figures out how to spike "delicious" code-snippets, that the llms like to pass on to users, they only have to upload that to github and then loads of people get pwnd. If i wrote programs for other people i would use a airgapped computer, and then upload the finished software from a connection-point that is not predictable. For fears of getting hacked and abused as a vector for distributing malware.

Security conscious developers worry allot about supply chain attacks and go to great length like encrypting the ram on their machines because that somehow makes it harder to compromise software at the point of compiling binaries.

the FUNmetric
My take is that "llm-prompt-coding" will be fun once it becomes more like a sudo programming language with predictable output and less like a code lottery. My concept of fun is playing the same game over and over while incrementally improving my skill level until i reach a plateau. So the code lottery aspect looks frustrating to me.

>>12775
>1 ton hitting you at 100 miles per hour will paste you with no issue.
Cars can be made lighter than that. I figure 650kg/1400pounds are doable. A top speed of 135km/h 85mph is probably good enough. As far as potential energy stored as kinetic momentum goes, that's no longer scary. This won't break through any barriers intended to keep cars from exiting the road with destructive consequences. For the politics of control since this type of car can be contained with a simple barrier, there is no need to install a back-door/murder-switch into it.

If you want to get radical with optimizing the design, you can go 6 wheels. That'll reduce capital costs because 6 small off-the-shelf industrial-motors will make enough power to move such a light car. Hence no need for bespoke motors. Spreading the load 6 ways instead of 4 will let you get away with lighter/simpler suspension, smaller wheels and less structural strength for the car-frame. Rear wheels stay fixed, middle wheels can rotate while being spring centered and front wheels steer like normal. Making smaller parts but more of it, means you can get away with smaller machine capital. Letting the smaller machine run longer to make more small parts is cheaper, especially now that so much of car assembly is automated.

If you go electric with this, a small and light car, means you can get away with a smaller battery, and battery swapping for quick-recharge situations might even become economical. Or you could go with a tiny commuter range build in battery using standard battery-chem like Lithium-Ion, Lithium-phosphate or Sodium-Ion. And then for long range trips you have a single use Zink-Air or Aluminum-Air cells that'll give you a crazy range of around 3000km 1900miles. Those have to be mechanically refurbished after every discharge, but that can be done in the already existing metal recycling industry. Unused, these cells have indefinite shelf-life, which means unlike gasoline and diesel those won't spoil, and that'll make logistics easier. And there's an upgrade path to H2-fuel-cell range extender packs once we figure out economical H2storage.

>a 30% efficiency improvement
That's huge. 30% more efficient times how ever many hundreds of millions of cars, will make a big dent. The 0.65 tonne cars i have in mind will net yPost too long. Click here to view the full text.

>>12777
I am not an expert but I still very much doubt the impotency of any thing measured in hundreds of pounds going over 40 miles per hour.

The 6 wheels idea is cool. I believe it would increase rolling friction, but would still be interested to see it. My idea which I have not idea of practicality is to electrify the roads so you're usually not using a battery at all, and make cars capable of hooking together with the car in front, increasing efficiency more. Even more of a pipe dream than your ideas, I'm sure.

I doubt you can shrink lanes and parking spaces with smaller vehicles and keep comfort and safety margins. I've seen small city cars bang their mirrors off on busses on a historic street near me. Til you have self driving, humans are too imprecise so most of the lane extra space is there for human error, not car variation from what I can tell.

I'd guess it'll be luxury/business cars and no cars. I doubt a small car saves more than say… 35% the costs of a current toyota corolla to build and operate over its life, so once the costs start going up, through government or market, proles will be priced out period unless they have a high willingness to pay. You see it today with aircraft- many status symbols luxury models at different price points from upper class to billionaire, many business models like cropdusters and airbusses. Not many prolemobiles. I'm sure there are some different factors here of course. Also, I'm not totally sure public opinion matters that much. There are plenty of airports in the US, despite most general aviation probably being bad for the poor. Could be wrong here- going over the sound barrier is still illegal over the US.

>>12779
>I am not an expert but I still very much doubt the impotency of any thing measured in hundreds of pounds going over 40 miles per hour.
40mph or 65km/h is a speed that you can go with a bicycle if you are really fit or going down a long and steep slope. But you are mostly correct in your assessment. For a 0.65 tonne vehicle the maximum comfortable cruising speed is 90km/h 55mph. The top speed of 135km/h 85mph is something only useful for a brief period during an overtaking maneuver. Keep in mind that e-cars get the benefit of a low center of gravity which improve stability.

>The 6 wheels idea is cool. I believe it would increase rolling friction, but would still be interested to see it.
Yes there would be a very marginal increase because you add 2 additional bearings. Friction with the road surface does not change, 6 small wheels would have the same contact area with the road than 4 larger wheels. However this is academic. For light vehicles the dominant type of friction is atmospheric drag.

>My idea which I have not idea of practicality is to electrify the roads so you're usually not using a battery at all, and make cars capable of hooking together with the car in front, increasing efficiency even more.
It's economical to add induction charging loops into high traffic roads, that keep car batteries topped up. Linking car-columns into adhoc trains can be done but in a different way. You build a high speed cargo train. It needs special train-stations and train-cars, that allow for quick access via automobiles. So you and a bunch of others drive their cars ontop of trains, and then the trains take passengers inside their cars to a far away destination at high speed around 400km/h 250mph. The extra effort needs to yield a efficiency and a speed bonus, to make it worth it for people to bother with the extra steps.
>a pipe dream
If you accept my modifications than all of that already exists.

>I doubt you can shrink lanes and parking spaces with smaller vehicles and keep comfort and safety margins.
You can't shrink road lanes anyway because buses and large utility vehicles like firetrucks still need to fit. But you can shrink parking spaces. If we are going to do Post too long. Click here to view the full text.

>>12782
Everything you said seemed reasonable and in accordance with what I've seen. I wasn't thinking about the massive value of the land used on automobile transport. I wonder if you could really miniaturize the prole-mobile into something like a large electric wheelchair, so they'd pack well into trains, and could lock to the floor, allowing for safe high speed high density travel, and really solving the parking issue, since you could just stay in it all day, or they'd be small enough to stack much more efficiently. With self driving, you could be napping, reading or working/playing on a laptop not only on the 'drive to work,' but the 'walk from the parking lot' or even while standing in line. Sort of like in the movie wall-E.

I really would like people to be able to preserve having their own private compartment in, as I think it's more psychologically healthy, what with our being adapted only to know so many people, and have so much to focus on. I think changing transportation has the potential to free up such a massive amount of productive time, but I hope it won't all go to dealing with stressful changing environments full of strangers. At some point though, density must conflict with privacy and low stress. Do you think people could sit on a large electric wheelchair with walls and not be too claustrophobic? IDK, just an idea I find interesting to play with. All I've got on my end is idle chit chat about this very interesting topic. Do you think there's anything I ought to be doing? I could try make a startup lol, but that's 99.9% not going to happen. Thanks again for your post.

>>12784
WallE hoverchairs are technically doable but putting maglev-tech into all the roadways that'll be very pricey. On the more affordable side of things, there's the so called micro-cars. But those are kinda niche atm and don't work well out-side of a city, at the moment it's mostly wealthy urbanites that buy these as a second car.

I'm unsure how well you can miniaturize this. A well optimized and small 1 person transport machine already exists and it's an electric bicycle or motorcycle. I know you want some kind of personal-space compartment. But at that size, were talking a tube-frame with fabric stretched over it. If you shrink a container, volume decreases much faster than surface area, so in relative terms the body will make up a much bigger fraction of the weight. If you put a metal body on a tiny vehicle it'll get heavy and sluggish. The question becomes do people want tiny tent-cars? To make this economical We're looking at an empty-vehicle weight-goal of about 165kg 360pounds. And you want to spend about half of that on a battery-pack. Aiming for a top speed of 55km/h 35mph.

My guess is that claustrophobia would be ameliorated by having large windows in it. Also the point of optimizing transport to have a small footprint isn't really about crowding people. You can use the gained space for nice things like green patches.

>Do you think there's anything I ought to be doing? I could try make a startup lol, but that's 99.9% not going to happen.
I'm probably the last person you should ask for business advice, but it doesn't really look like the current economic structure accommodates starting a business. The Neo-liberals give all the money to wall-street, the military complex, the surveillance complex and large corporations. Currently the predominant business-model in the consumer space is enshitification, basically copy something old that works well enough and make it worse by adding a subscription fee and spyware. If soc-dems get into political power and redistribute wealth, regular people will once again get enough "disposable income" to give small companies that just "started up" a chance and try out their new product ideas. That's probably the time to build something like this. I guess that at present you could work out all the technical details so that you have something ready to go once thePost too long. Click here to view the full text.

>>12762
>It's something you could do locally but it's just cheaper to hire them then build your own backbone to the internet.
I thought the point of CDNs was to make a website load fast for users that are far away from the web-server. So that functionality is not something you could do locally, because the hole point is for it to have an effect far away.

>Really? I've never considered infrastructure.
I will admit i don't have a good grasp on how CDNs work, i considered it infrastructure because it's something that most websites seem to use.

So what's your take, why is the IP mafia attacking this ?

Is that not how 8chan got taken down, they pressured their CDN?

>>12764
Yes. CDNs are effectively a protection racket today. Play by their rules or get DoS'd when they revoke your service.

Hopefully I2P/tor/one of those nets where hosting is distributed will save us long term.

>>12762
TBF most this applies to most real world infrastructure. You CAN treat your own water and generate your own electricity if you're rural and are willing to spend a decent chunk of your wages. The infrastructure line seems like one of those excuses which will be tossed aside by the powers that be when convenient though. Hopefully structural change will come.

>>12774
>Hopefully
>one of those nets where hosting is distributed will save us
Indeed.

Maybe open systems where no gate-keeper can impose them self's are temporary. It appears that nice people build a pleasant open system, and then people are free for a while. But eventually the horrible people that try to subjugate everybody figure how to break in and close it down. So in order to have a open system that stays open, the nice people have to keep re-configuring their open systems continuously, to stay ahead of the horrible people trying to clamp everything down.

>long term.
Maybe there is a permanent fix that prevents the emergence of gatekeepers. I think we might have figured it out for roads, the vast majority of roads are free from gatekeepers in our time. Compare that to feudal times where about half the roads were blocked by some kind of feudal thug that was extorting travelers for unmolested passage. I wonder what the materialist causes for the liberation of roads were and whether we can learn from that.

>>12770
Oh look, there goes Euros. Making themselves irrelevant nobodies in the name of safety again.

>>12771
I think that's not an entirely fair assessment.

The reason the US has big-tech companies and Europe doesn't, has little to do with regulations.

The US developed these technologies in the public sector with public funding and handed them over to silicon valley, where big finance pumped huge sums of money into those tech companies so they could grow faster than anything else doing regular market stuff, like re-investing profits of the previous quarter to grow a little bit next quarter.

The question is what do you want from AI. Do you want one giant mega-AI that does everything ? if so the US method will give you that.

I find the big tech platforms frustrating to use. They're sort of alright if you have no idea and just want to follow their template. But if you know what you want, it gets really complicated and difficult.

To me a few hundred small AIs that are specialized to a narrower field sounds a lot more appealing. I think at the moment this can only exist as small open source projects that are funded by donations from individuals, public grants and private companies that use the tools they make. Regular small businesses that make a proprietary tech thing tend to get gobbled up by massive corporations that mostly just ruin and then ditch the tech thing. I'm not sure if these EU regulations will deliver that or not, i'm kinda waiting for policy experts to analyze that.

Another thing is that there are 2 stages to the current AI-race. The first one is figuring out these Ai models, once these crystalize into known quantities and are fully optimized software. There will be a second race to build the most efficient hardware-stack to run them. I'm guessing that will need lots of different accelerators, so that might favor open architectures like RISKV where it's easy to mix and match.

>>12772
uygha, you really need to work on brevity

I'm posting this in this thread because it's vaguely related

Latest Draft of UN Cybercrime Treaty Is A Big Step Backward
https://www.eff.org/deeplinks/2023/12/latest-draft-un-cybercrime-treaty-big-step-backward

<A new draft of the controversial United Nations Cybercrime Treaty has only heightened concerns that the treaty will criminalize expression and dissent, create extensive surveillance powers, and facilitate cross-border repression.
<The proposed treaty, originally aimed at combating cybercrime, has morphed into an expansive surveillance treaty, raising the risk of overreach in both national and international investigations. The new draft retains a controversial provision allowing states to compel engineers or employees to undermine security measures, posing a threat to encryption.

It feels almost like there is a cabal going around that is inserting their poising into all kinds of political institutions, in the form of horrendous policy drafts. That cabal seems to have a special hard-on for surveillance and fucking with encryption.

<This draft retains the concerning issue of expanding the scope of evidence collection and sharing across borders for any serious crime, including those crimes that blatantly violate human rights law.
That probably means that if some country goes bad and makes nonsense laws like for example, classifying insulting the flag as a serious crime, every country that is a treaty signatory would be compelled to help persecute people for making the pole-cloth feel bad.

Was it always like this ?
It feels like it's gotten worse somehow.
Was there ever a time when people decided that the risk of enabling persecution was too high and policing powers had to be reduced to protect people from overreach ?

>>10760
Next post will probably be how to optimize the output of a factory using Kantorovich's method *if I can get a grip on this shit*

>>10762
i understood zero of what you said
i don't own a factory man

I've been looking into what's needed for both leftychan and leftypol sites to be converted into the latest kurobas. It looks like it just needs to be imported more than anything with the correct type of chan engine.

I'm not a coder but I'm not too dumb in understanding what might be required for conversion. I've found the original source code and two potential forks we can use.

I'll make an update on this next weekend.

If you know how to do java, please let me know. We might can get this fixed way easier and probably even leave directions when shit hits the fan again.

There's two major apps that we could use moving forward.
Blue Clover: https://nnuudev.github.io/BlueClover/
Kuroba-Ex: https://github.com/K1rakishou/Kuroba-Experimental

We were very close with Kuroba-Ex but the developer is a bit of a dick and asshole. Thus why I moved to Blue Clover.

Sauce: https://github.com/K1rakishou/Kuroba-Experimental/issues/780

>>12758
based thank you

>>12496
I remember reading about people proposing ideas to make a java-syntax compatible replacement-script with dramatically reduced functionality but also much greater security. Something that was supposed to work for the basic stuff that most websites use.

Anybody know what happened to that, maybe that would be useful for this.

If you cared about security, you wouldn't add java-script and then add another program ontop of it to disable it.

>>12569
>Maybe chown root the extensions folder?
I tried chmod u-w on the extensions folder, this resulted in TBB starting up but when I tried to open a website it just kept re-downloading the page over and over but it never displayed it.

>>12571
>Tor is open source.
I tried to compile TBB once but couldn't figure out how to do it. Maybe I'll try again.

And it seems they are rewriting the Tor daemon in Rust.
https://blog.torproject.org/arti_119_released/

Compiling Rust requires tons of free disk space (like 10+GB) and half a day on a mediocre multi-core machine.
Problem, gentoo users?

>>12572
Post too long. Click here to view the full text.

>>12573
>If it is turing-complete it is potentially vulnerable.
A solution for websites that need JS for whatever reason would be to distribute gpg-signed browser extensions. At least that way the code can be audited.
But if your site requires JS, it might be worth considering to release it as software instead…

Last time my TBB updated, it didn't reinstall NoScript.
So it seems someone got through to the devs. Let's hope it stays that way.

>>12496
>Well, maybe because addons are a great way to inject JavaScript and potentially use one of a gazillion JS engine vulnerabilities to expose the user's clearnet IP.
If you can be deanonymized with javascript then the noscript extension is really not the problem. If you don't know how to configure a tor-only firewall then use a system like tails or whonix which does it for you.

>Let's not forget that TBB devs once before joined forces with the FBI and changed NoScript settings
<ctrl-f noscript
<Phrase not found.
If you feel the need to lie that means you can't even convince yourself with this argument.

>It seems (((someone))) has a strong interest to keep this addon around.
The whole point of tor browser is to protect non-technical users who have a tenancy to fuck things up by accident. If they were malicious they would hide backdoor code in the browser itself not an extension you can just delete.

Forgot link to disinfo site:
https://www.2uo.de/myths-about-urandom/

>>12710
there are 2 kinds of people who might want to fuck with the random number generator.

The first group is indeed glowies who want to undermine cryptography. They don't seem to care that they're making the hole infrastructure vulnerable. I wonder what the logic behind that is. Maybe they think the ability to destroy something = having power over something. Maybe they're self-deluding that they'll be the only ones that can figure out the security holes they poke into the system.

The second group is people who don't use the random number generator for anything where true randomness is critical (like adding artistic blur to a picture) they just want it to be simple and fast, and they try to take out all the extra steps that improve the quality of randomness.

The people who don't need random numbers for security are probably going to stop bugging you if you make it fast enough. Low entropy pool did actually cause delays where some applications would halt for a few seconds until they loaded.

For the glowies you'd probably have to understand why and how they operate before you can fix anything , you'd have to figure out why they're trying to sabotage our systems. Like why aren't they trying to help making it more secure. Is something wrong with their organizational incentives ?

For the standpoint of making the technical infrastructure more secure i guess you want to avoid single points of failure, and have more than one random number generator contribute. Maybe you also want to add automatic checks. You know give the system more depth to make it more complicated to compromise it.

>Thoughts?
I think the big-picture is that information systems that can get compromised will eventually fail. There is some tolerance for error, but it's really low. So what has to happen for this situation to improve ?

>>12710
What do you make of the entropy seed generator in X86 processors ?

https://farside.link/invidious/watch?v=aEJB8IAMMpA