I still see people who think of Putin as the anticapitalist resistance and ?????????

my resonsible disclosure/bug bounty career so far is going great, out of like 7 entities i contacted in the last month just one responded at all
the incentives to actually disclose are already basically non-existent in most cases and then you mostly get ignored anyways, why is infosec so surprised that shit gets hacked and people "dont just use their skills for good"
Show thread

The best way to align incentives for software companies - that is, to bring "most functional, useful software" in line with "most profitable software" - is to require that most classes of software have robust data portability guarantees, both in and out, before asking for money.

Only when most software is built in such a way that users can simply, easily, and quickly move between comparable solutions will software companies be forced to optimize for utility to the user, rather than lock-in or network effects.

@xerz C is simple because everything is a loaded footgun

i have beaten perl and docker into shape and the service is running in a container now.

repeatability: wouldn't it be nice to have some of that?

and now i've got alpine installing almost everything because the versions are all recent and it installs a lot faster than building them.

Show thread

docker container running. obviously there are unlisted dependencies because LOL

Show thread

i've made an attempt at it. now i just need to make a docker container to test it because it's easier than installing perl on my system.

Show thread

there doesn't appear to be any form of dependency specification. this should be good fun for a few hours.

Show thread

okay fine i will write some perl. or at least work with a perl codebase.

github actions is still crap and i'm not sure i can be bothered with it.

green-threads/stackle: right, well i suppose i ought to get testing sorted on various architectures then.

why cohost is problematic (long) :boosts_ok_gay: 

Okay, so let's talk about this cohost thing for a bit.

It sounds great on the surface - a small-scale, worker-owned, sustainable social media platform, run by some trusted people! Great, right?

Not so much, unfortunately. If you click through a bit, you'll find that it's run by "anti software software club llc", which claims to be a "non-profit software company". Except that's legally false (LLCs are not non-profit), and practically very unlikely to actually work out like you might think. In reality, it's an unaccountable power structure, and one that is bound to end in disaster.

They're not the *first* to do this - both YourAnonNews and npm (the JS package registry) have a very similar origin story. A small hobby project by some activist-minded people, trusted by the community, incorporated into a for-profit legal form to keep the lights on, promising to always keep serving the community. Of course, there's a reason I'm mentioning them - both of these projects turned into large unaccountable power structures that ended up doing far more harm than good, and significantly damaging a movement.

They scaled up, and whether through naivete or otherwise, the founders were unable to continue acting in the best interest of the community and broader society. Both of them became a blight on their respective communities, actively interfering with the efforts of others in that community to right the ship.

But they'd grown "too big to fail", too big and closed-down to replace or disavow. They ended up *controlling* the community rather than serving it.

A company is not a community. It is hierarchical; it has owners, employees, people with a specific role who decide how it gets run. This makes a worker-owned company a decent option when the decisions being made only affect the workers, as there's good representation.

But... that is not what's going on here! There is *no way* in which a worker-owned company can accurately represent the interests of a community of people *who do not actually work there*. Worker-owned companies are not magical fairy dust that guarantee equity and representation. You need actual community governance structures for that.

So... cohost is problematic. It is a power structure which is prone to abuse (deliberately or otherwise), not accountable to anybody, with no proper community governance model nor any real room in its incorporation form to *create* such a governance model, it is a proprietary and closed system that does not interoperate with other systems, and most worryingly of all it is a platform that becomes more valuable as it grows.

In other words: all the ingredients for a perfect storm of power abuses and harm several years down the line. Whether you personally trust the founders doesn't really change that - it's set up for failure from the very start, even assuming the best intentions.

As an activist community, we really need to do better on this - recognize such problematic power structures *before* they grow big enough to cause widespread harm, and encourage people to select governance models that *don't* suffer from these issues.

re: risc-v assembler 

oh, apparently mips did this shit as well. fortunately i can't support mips with stable rust so i won't have to implement it any time soon.

Show thread

risc-v assembler 

i have been learning risc-v assembler and christ, what were they smoking? i want some.

i think i need to take a break now. apparently i do remember advanced perl even if i'd rather not 😂​

Show thread

leaving aside the vagueness of "generally make this code better" (oh, i will find things to improve...), i haven't even opened a code file yet and i'm already WTFing.

Show thread
Show older
Treehouse Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!