robryk @robryk@qoto.org

@jrose except they're not just left blank, but they have basilisk eyes drawn on them

@rossgrady

I don't think a straight up misinterpretation is the main risk here (for reasons that you mention: if someone interprets it that way the company has bigger problems). There has to be some prioritization between different kinds of potential outages for cases where you have some measure of choice. Stating things this way provides a way to prioritize them (pick one that has the lowest chance of yielding a frontpage article) that's not necessarily the intended one, and this IMO is actually somewhat likely to be picked up by totally reasonable people, especially if they are under time pressure.

@rossgrady

I always bristled at putting things that way, because taken literally it means that misleading the public is within the purview of the team. Though that might be a very academic distinction if the teams responsibility was reliability as opposed to e.g. security.

@dalias

What about getting called by defining a symbol that is normally exported by another library?

@codepope

What I think would be helpful is if there was a way to report one's suspicions to an organization that is more competent in this area and that can be generally trusted not to use the information provided for other purposes than ensuring security of software (so that doing so is something that one can do without much hesitation). (I think that many people would have lots of qualms about reporting such suspicions to the FBI, because they'd worry it would negatively affect involved people even if the suspicion was baseless).

For cases when there is no explicit ground for suspicion I still think that doing nothing (and relying on counterintelligence of your country/of the USA) is strictly better than engendering less-trust-by-default.

@codepope

As I already explicitly stated, I assert that the maintainer should not be under obligation to suspect a nation state attack in a help offer.

There's no well defined zero point on the trust scale, so I don't see what absence of trust really means. You are positing that the amount of default trust should be lower, which to me means distrusting newcomers.

You are literally asking for a suspicion campaign by saying that people should have less trust that they currently have in total newcomers.

@codepope

Because I expect that to have an effect that's worse than doing nothing. First, for many kinds of social norms this kind of distrust makes everyone uncomfortable (and even more so if the norms differ across participants). Even ignoring that, doing this is tantamount to asking laymen to do counterintelligence. We've had examples of similar things being counterproductive (many of the "look out for suspicious things" campaigns). All the counterintelligence manuals for nonspecialists that I've seen (e.g. WW2 era instruction movies) emphasized that one's estimate of trustworthiness is easy to manipulate and to not rely on it, instead sticking to action-oriented rules and reporting attempts to dissuade one from doing so, even if they seem innocent.

@codepope @losttourist @martinpitt @bagder

Please do not put words in my mouth (or rather hands).

I do not want anyone to consider it their duty to approach an offer of help with suspicion that it originates from an agent of a hostile nation state.

@_dm

Where can I find (a summary of) that evidence?

@codepope @losttourist @martinpitt @bagder

I don't think one can find future Jias with any feasible methods. Doing what you purpose would imo worsen the situation by raising the bar by a larger increment for honest contributors.

@codepope @losttourist @martinpitt @bagder

How meeting someone repeatedly irl helps in determining that they won't do something malicious in the future?

@XaiaX it seems to have an extremely low vapor pressure at room temperature (which isn't that surprising, given that it boils at nearly 200 deg C). You might have better luck trying to create a very fine caffeinated mist (which will quickly turn into caffeinated dust), which would happen with some ultrasonic humidifiers.

All that said, trying to absorb something that's a poison at achievable doses via atypical means makes me wary (for one specific thing, I am not sure how this affects uptake rate, but I'm more worried about unknown unknowns).

@jbqueru @timbray

Re test files, I don't think that is desirable, especially for parser-like it compressor-like projects. In case of anything that smells of passing, fuzzer-generated regression tests have significant positive value (one can try to write regression tests by hand instead, but it's more work for imo an infrared chance of getting it wrong) and fuzzer-generated example inputs to parsing have a very large value. Example files that were generated using weird tools or extend weird ones are also important test cases (as opposed to previous ones, not just to assert lack of crashes, but to assert correct parsing).

I think that having a better split between building (which generates all non-test artifacts) and testing (that uses already-built everything else, generates test artifacts and runs them) solves the same problem: it allows build environments to ensure that testing doesn't affect the output and that test files are not inspected by the build process. If done sufficiently well (which is admittedly hard to do in the current world) this can even allow test-only dependencies to not be visible to the build stage.

@quinn @gwcoffey

I do expect that the pitchfork mob wants credit as a group, but am somewhat surprised that individual members want credit. (I would expect them to wish to hide in the anonymity of the mob; otherwise I wouldn't expect them to form any sort of cohesive mob.) Do you have a clue whether they find retaliation implausible, don't care about it, or something else?

(Please feel more than free to point me at something longer to read on the topic.)

@oldladyplays

(It's not a loan word change: it's that in Polish there's no way to spell hard s followed by I, and yet loanwords are like that.)

"rz" is an edge case. I can't recall more that two extended word families that use it as an r followed by a z, so unless a friend of yours is called something like Zmarzlik it won't matter for names.

I've had significant difficulty with explaining the differences between ć, ś, c, s, cz, sz, ż even in person so I think that a description from a POV of someone who didn't learn them in childhood is a very useful thing.

@oldladyplays

It's not all that rosy though re regularity. "si" is pronounced differently depending on ~whether it's in a loanword (compare silos and silnik). "rz" is sometimes two phonemes (e.g. in marznąć or mierzić, but surprisingly enough not in obmierzły).

Your guide is imo very helpful. I'd quibble a bit about "cz", because the way I pronounce "ts" is closer to Polish "c" than to "cz". (The way I think about "cz" is that it's a more plosive "sz", but am not sure whether that's a helpful way for people who don't speak some language with similar phonetics natively.)