Show newer
robryk

@_thegeoff @mcc

But what would happen with the sodium?

1
robryk

@_thegeoff @mcc

I remember getting something I believed to be water soluble (maybe I was very silly and was fooled by a very fine suspension?) by leaving a nail in a jar of brine on a radiator for a week. I guess I'll need to reproduce that and make sure (a) I remember everything correctly (b) it's actually a solution.

1
robryk

@_thegeoff @mcc

Hm, I must be wrong. Sodium is much more electronegative than iron, so it's extremely unlikely anything like that would happen (based on my directional intuitions only; I'm very bad at chemistry).

So what the heck is that soluble thing that you get when rusting iron in saltwater?

1
robryk

@_thegeoff @mcc

IIRC when you rust iron in saltwater you get partially water-soluble rust (in contrast to rusting it in freshwater). I always assumed that the soluble part is iron chloride (which is pretty well soluble and supposedly has a matching color of solution), and that you'd still get that in absence of dissolved oxygen. But maybe I'm wrong~~

1+
robryk

@mcc

Even rusting that doesn't involve oxygen?

1
robryk

@koniectorowiburaki

Czy ten ptaszek jest pusty w środku?

1
robryk

@_thegeoff @freemo

Maybe Scrapheap Challenge? (But it might be way less commonly known.)

1
robryk boosted
Geoff 🏴󠁧󠁢󠁳󠁣󠁴󠁿

80s: The A-Team
90s: MacGyver
00s: Mythbusters
10s: The Martian

What's today's kids' reference for "locked in a room with a bunch of random stuff and a problem to solve"? Asking for a high school science technician...

1+
robryk

pol, drm 

@lumi

Because you anyway need to trust the manufacturer of the CPUs (as they are able to create fake attestations), because tamper resistant hardware is basically impossible, or for some more reasons?

1
robryk

@lumi

Have you noticed the weirdnesses around "visible to followers only"?

The technical weirdness is that when you reply to that, you end up replying (by default in Mastodon) with a reply visible to _your_ followers. (And depending on various antispam setups, you might not even be able to reply in a way visible to OP's followers[1].

The nontechnical weirdness is that it's followers and not followees. The latter is a collection you always control yourself, and a reason for having someone in there you don't want to share stuff with is less likely to materialize than for followers.

[1] You can only get OP's instance to forward to them (w3.org/TR/activitypub/#inbox-f), which requires signed objects (because you might have no clue who the OP's followers are, if they hide the collection, so you can't let them fetch the post from you) that people don't want to use because it makes things nonrepudiable. Even if they do, then most likely such messages would be pushed only (and not pullable), so would have less reliably delivery.

1
robryk

pol, drm 

@lumi

> from a failure mode perspective, yeah, remote attestation where the remote server is the verified one has a much worse failure mode

Sorry, I think I wasn't clear. I meant that my example number two (HSM) has worse failure modes than my example number one (buying computational resources). I agree completely that it'd be better if we didn't have remote attestation.

> in the HSM case, well, that's the thing, you need to trust whoever you ship it off to, attestation can't make it trustworthy

If attestation works, you can surely ship it off only to someone who can attest as being an enclave that runs the same software as you? (More precisely, only encrypt it to public keys s.t. you trust that the corresponding private key is only present in an enclave that runs a copy of yourself.)

1
robryk

pol, drm 

@lumi

BTW I don't really see a reason to use enclaves without remote attestation (apart from weird implementation details that cause them to be better than just virtualisation at combating side channel bugs in CPUs).

1
robryk

@blaine

It is used for reply discovery. If you visit a post with your client, your instance will be looking for replies in (a) posts it already knows about (b) that collection.

Re subreplies: it's not a thing you can change later. If you decide that subreplies are simply replies to replies and not controlled by OP, you can't retrofit that later. The reason why I think deciding that only direct replies are moderatable by the post's author is that it creates a weird situation where they might have to choose between moderating out a reply they're fine with and not moderating out a subreply they are not fine with (but the reply's author either is, or haven't noticed yet). We have similar problems in APub already (things along the lines of A blocks B, B sends a post that mentions A, C replies to that post and that reply gets sent to A) that cause people to desire to e.g. block instances because they don't block some other instance, which creates churn, collateral damage (that people might feel wronged by), and encourages all instances to converge to the same moderation policy.

0
robryk

pol, drm 

@lumi

The second one is worse than first one, because second one has larger vulnerability windows (potentially even unlimitedly large).

Yeah, first situation is basically the same thing as SafetyNet but with socially important properties switched around.

In the second case I mean an HSM that's running somewhere (and has standard rules for being asked to perform operations with keys it stored, no attestation involved there), but can migrate/duplicate itself to a different host (so that it doesn't die if the host dies). That requires some reason to trust that whoever we ship off a copy of all our secrets to will behave just as we behave (or rather, whoever has the session key that will decrypt the secrets we're shipping out).

1+
robryk

@mcc @munin

If we talk about rewards for me and denote moves by [my move][other's move] and assume symmetric game then normal prisoner dilemma has deco>coco>dede>code. You are proposing that code has a larger reward. Do you mean that it's between coco and dede (so deco>coco>code>dede)?

1
robryk

@mcc @munin

You mean if it was better than "both cooperate" but worse than "I defect, the other cooperates"?

1
robryk

@munin @mcc

If your cost of wearing a mask is sufficiently high (so that it's larger than the benefit from reduction of likelihood of getting infected by _also_ wearing a mask).

1+
robryk

pol, drm 

@lumi

I agree on undesirability, but want to point out two situations when it can be a security feature (if there wasn't a stream of exploits against the variants I know of): selling computational power without ability to see what the buyer is doing and poor man's cloneable HSM with potentially much more complicated logic inside (which would export keys, but only to instances of itself running someplace else).

1
robryk

@_thegeoff

Maybe driving an acoustic guitar like a speaker? (The more interesting way that I haven't seen done would be to do it via conductive or ferromagnetic strings. Vibrating the body could still be interesting on its own, because you ~won't be able to excite some modes from some locations.)

1
robryk

@blaine

You technically could do that with ActivityPub (each post has a replies collection that whoever hosts the post can control) and technically can have a client that will refuse to show replies that aren't present there.

Sadly (I think), replies to replies would be under the control of the first replier (as opposed to OP). For that reason I think that every system that has the property you want needs to treat posts and replies as different kinds of entities.

1
Show older
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.

Trending now

Resources

Developers

What is Mastodon?

qoto.org

More…

v3.5.19-qoto · Privacy policy