I still think it’s bullshit that 20-year-old photos now look the same as 20-second-old photos. Young people out there with baby pictures that look like they were taken yesterday.

Where did you learn to write such shitty code?

I learned it from watching you!

In the US, because the minimum required by law is so low, the actual distribution of vacation days varies a lot from employer to employer.

This chart, updated annually, shows the average by length of service time: https://www.bls.gov/charts/employee-benefits/paid-leave-sick-vacation-days-by-service-requirement.htm

Seems like the average for people in the private sector with 1 year is 7 days sick, 11 days vacation.

This fact sheet, as of 2021, breaks down the details a bit more: https://www.bls.gov/ebs/factsheets/paid-vacations.htm

Table 1 breaks it down pretty well, with people at the 1 year mark hovering mostly between 1-3 weeks, people at the 5 year mark mostly between 2-4 weeks, and people with 10 years at 3+ weeks.

People with government jobs, which is about 15% of the workforce and about 20 million workers, tend to get better benefits, including paid time off.

Shouldn’t the DE/Window Manager be handling that? Seems like doing it on a window by window basis would be inefficient (and look inconsistent).

Rick Astley has been doing this for years!

I think this is a picture before the most recent expansion. (They saw this picture and said “hmm not wide enough, too congested.”)

In the normal parts:

• 2 express/toll/HOV/carpool lanes
• 5 regular highway lanes
• 3 feeder lanes (in Texas, the highways tend to have “feeders” or “service roads” or “frontage roads” that run parallel to highways so that people can exit and enter, turn onto intersecting roads, and access local businesses, and Houston calls them “feeders”).

That’s 10 in each direction. But at any given time there might be merge lanes between the express and the regular lanes, between the highway and the feeder, or between the feeder and a turn lane. So at the widest point, around the major freeway intersection with another huge toll highway, they bump it up to one more of each type of lane, for 13 lanes in each direction.

There’s also a fair debate about whether the feeder lanes should count. After all, they have traffic lights and intersections to deal with. But on the other hand, driving on them is necessary to get on and off the highway lanes, so in a sense it’s part of the same highway.

For what it’s worth, that particular format war, the format backed by more porn studios (HD-DVD) actually lost to the one with less porn backing (Blu-ray). Personally I think that the PS3 tipped things over the edge.

The typical default configuration has the ISP providing DNS services (and even if you use an external DNS provider, the default configuration there is that the DNS traffic itself isn’t encrypted from the ISP’s ability to analyze).

So even if you visit a site that is hosted on some big service, where the IP address might not reveal what you’re looking at (like visiting a site hosted or cached by Cloudflare or AWS), the DNS lookup might at least reveal the domain you’re visiting.

Still, the domain itself doesn’t reveal the URL that follows the domain.

So if you do a Google search for “weird sexual fetishes,” that might cause you to visit the URL:

https://www.google.com/search?q=weird+sexual+fetishes

Your ISP can see that you visited the www.google.com domain, but can’t see what search you actually performed.

There are different tricks and tips for keeping certain things private from certain observers, so splitting up the actual ISP from the DNS resolver from the website itself might be helpful and scattering pieces of information, but some of those pieces of information will inevitably have to be shared with someone.

It basically varies from chip to chip, and program to program.

Speculative execution is when a program hits some kind of branch (like an if-then statement) and the CPU just goes ahead and calculates as if it’s true, and progresses down that line until it learns “oh wait it was false, just scrub all that work I did so far down this branch.” So it really depends on what that specific chip was doing in that moment, for that specific program.

It’s a very real performance boost for normal operations, but for cryptographic operations you want every function to perform in exactly the same amount of time, so that something outside that program can’t see how long it took and infer secret information.

These timing/side channel attacks generally work like this: imagine you have a program that tests if variable X is a prime number, by testing if every number smaller than X can divide evenly, from 2 on to X. Well, the bigger X is, the longer that particular function will take. So if the function takes a really long time, you’ve got a pretty good idea of what X is. So if you have a separate program that isn’t allowed to read the value of X, but can watch another program operate on X, you might be able to learn bits of information about X.

Patches for these vulnerabilities changes the software to make those programs/function in fixed time, but then you lose all the efficiency gains of being able to finish faster, when you slow the program down to the weakest link, so to speak.

This particular class of vulnerabilities, where modern processors try to predict what operations might come next and perform them before they’re actually needed, has been found in basically all modern CPUs/GPUs. Spectre/Meldown, Downfall, Retbleed, etc., are all a class of hardware vulnerabilities that can leak crypographic secrets. Patching them generally slows down performance considerably, because the actual hardware vulnerability can’t be fixed directly.

It’s not even the first one for the Apple M-series chips. PACMAN was a vulnerability in M1 chips.

Researchers will almost certainly continue to find these, in all major vendors’ CPUs.

Can’t fix the vulnerability, but can mitigate by preventing other code from exploiting the vulnerability in a useful way.

Well it’s obvious that Musk wants X to be a bank, so this isn’t unexpected.