@prologic@twtxt.net @carsten@yarn.zn80.net

There is (I assure you there will be, don’t know what it is yet…) a price to be paid for this convenience.

Exactly prologic, and that’s why I’m negative about these sorts of things. I’m almost 50, I’ve been around this tech hype cycle a bunch of times. Look at what happened with Facebook. When it first appeared, people loved it and signed up and shared incredibly detailed information about themselves on it. Facebook made it very easy and convenient for almost anyone, even people who had limited understanding of the internet or computers, to get connected with their friends and family. And now here we are today, where 80% of people in surveys say they don’t trust Facebook with their private data, where they think Facebook commits crimes and should be broken up or at least taken to task in a big way, etc etc etc. Facebook has been fined many billions of dollars and faces endless federal lawsuits in the US alone for its horrible practices. Yet Facebook is still exploitative. It’s a societal cancer.

All signs suggest this generative AI stuff is going to go exactly the same way. That is the inevitable course of these things in the present climate, because the tech sector is largely run by sociopathic billionaires, because the tech sector is not regulated in any meaningful way, and because the tech press / tech media has no scruples. Some new tech thing generates hype, people get excited and sign up to use it, then when the people who own the tech think they have a critical mass of users, they clamp everything down and start doing whatever it is they wanted to do from the start. They’ll break laws, steal your shit, cause mass suffering, who knows what. They won’t stop until they are stopped by mass protest from us, and the government action that follows.

That’s a huge price to pay for a little bit of convenience, a price we pay and continue to pay for decades. We all know better by now. Why do we keep doing this to ourselves? It doesn’t make sense. It’s insane.

@prologic@twtxt.net @carsten@yarn.zn80.net

(1) You go to the store and buy a microwave pizza. You go home, put it in the microwave, heat it up. Maybe it’s not quite the way you like it, so you put some red pepper on it, maybe some oregano.

Are you a pizza chef? No. Do we know what your cooking is like? Also no.

(2) You create a prompt for StableDiffusion to make a picture of an elephant. What pops out isn’t quite to your liking. You adjust the prompt, tweak it a bunch, till the elephant looks pretty cool.

Are you an artist? No. Do we know what your art is like? Also no.

The elephant is “fake art” in a similar sense to how a microwave pizza is “fake pizza”. That’s what I meant by that word. The microwave pizza is a sort of “simulation of pizza”, in this sense. The generated elephant picture is a simulation of art, in a similar sense, though it’s even worse than that and is probably more of a simulacrum of art since you can’t “consume” an AI-generated image the way you “consume” art.

ChatGPT and Elasticsearch: OpenAI meets private data | Elastic Blog

Terrifying. Elasticsearch is celebrating that they’re going to send your private data to OpenAI? No way.

Escape Speed
⌘ Read more

@prologic@twtxt.net yeah. I’d add “Big Data” to that hype list, and I’m sure there are a bunch more that I’m forgetting.

On the topic of a GPU cluster, the optimal design is going to depend a lot on what workloads you intend to run on it. The weakest link in these things is the data transfer rate, but that won’t matter too much for compute-heavy workloads. If your workloads are going to involve a lot of data, though, you’d be better off with a smaller number of high-VRAM cards than with a larger number of interconnected cards. I guess that’s hardware engineering 101 stuff, but still…

On LinkedIn I see a lot of posts aimed at software developers along the lines of “If you’re not using these AI tools (X,Y,Z) you’re going to be left behind.”

Two things about that:

1. No you’re not. If you have good soft skills (good communication, show up on time, general time management) then you’re already in excellent shape. No AI can do that stuff, and for that alone no AI can replace people
   
2. This rhetoric is coming directly from the billionaires who are laying off tech people by the 100s of thousands as part of the class war they’ve been conducting against all working people since the 1940s. They want you to believe that you have to scramble and claw over one another to learn the “AI” that they’re forcing onto the world, so that you stop honing the skills that matter (see #1) and are easier to obsolete later. Don’t fall for it. It’s far from clear how this will shake out once governments get off their asses and start regulating this stuff, by the way–most of these “AI” tools are blatantly breaking copyright and other IP laws, and some day that’ll catch up with them.
   

That said, it is helpful to know thy enemy.

I played around with parsers. This time I experimented with parser combinators for twt message text tokenization. Basically, extract mentions, subjects, URLs, media and regular text. It’s kinda nice, although my solution is not completely elegant, I have to say. Especially my communication protocol between different steps for intermediate results is really ugly. Not sure about performance, I reckon a hand-written state machine parser would be quite a bit faster. I need to write a second parser and then benchmark them.

lexer.go and newparser.go resemble the parser combinators: https://git.isobeef.org/lyse/tt2/-/commit/4d481acad0213771fe5804917576388f51c340c0 It’s far from finished yet.

The first attempt in parser.go doesn’t work as my backtracking is not accounted for, I noticed only later, that I have to do that. With twt message texts there is no real error in parsing. Just regular text as a “fallback”. So it works a bit differently than parsing a real language. No error reporting required, except maybe for debugging. My goal was to port my Python code as closely as possible. But then the runes in the string gave me a bit of a headache, so I thought I just build myself a nice reader abstraction. When I noticed the missing backtracking, I then decided to give parser combinators a try instead of improving on my look ahead reader. It only later occurred to me, that I could have just used a rune slice instead of a string. With that, porting the Python code should have been straightforward.

Yeah, all this doesn’t probably make sense, unless you look at the code. And even then, you have to learn the ropes a bit. Sorry for the noise. :-)

@chunkimo@twtxt.net lol. go walrus!!

slides/go-generics.md at main - slides - Mills – I’m presenting this tomorrow at work, something I do every Wednesday to teach colleagues about Go concepts, aptly called go mills() 😅

e-scooters go like the clappers

Qualifications
⌘ Read more

In case you didn’t notice, I deleted my Twitter and Keybase accounts. Going full indieweb.

Flatten the Planets
⌘ Read more

Lymphocytes
⌘ Read more

@prologic@twtxt.net it is from the generator. But in the actual go implementation methods are represented with a unsigned short. So 65k is the hard limit in go.

Oof.

@prologic@twtxt.net I get the worry of privacy. But I think there is some value in the data being collected. Do I think that Russ is up there scheming new ways to discover what packages you use in internal projects for targeting ads?? Probably not.

Go has always been driven by usage data. Look at modules. There was need for having repeatable builds so various package tool chains were made and evolved into what we have today. Generics took time and seeing pain points where they would provide value. They weren’t done just so it could be checked off on a box of features. Some languages seem to do that to the extreme.

Whenever changes are made to the language there are extensive searches across public modules for where the change might cause issues or could be improved with the change. The fs embed and strings.Cut come to mind.

I think its good that the language maintainers are using what metrics they have to guide where to focus time and energy. Some of the other languages could use it. So time and effort isn’t wasted in maintaining something that has little impact.

The economics of the “spying” are to improve the product and ecosystem. Is it “spying” when a municipality uses water usage metrics in neighborhoods to forecast need of new water projects? Or is it to discover your shower habits for nefarious reasons?

@prologic@twtxt.net the rm -rf is basically what go clean -modcache does.
I think you can use another form that will remove just the deps for a specific module. go clean -r

Any good ideas on how to maintain ~/go/pkg/mod and to remove old garbage?

Understanding Contexts in Go in 5(-ish?) Minutes - YouTube

What’s with all these tech companies going through massive layoffs. The latest one is Intel, but instead they’re cutting salaries to avoid laying off.

@eldersnake@we.loveprivacy.club Several reasons:

• It’s another language to learn (SQL)
  
• It adds another dependency to your system
  
• It’s another failure mode (database blows up, scheme changes, indexs, etc)
  
• It increases security problems (now you have to worry about being SQL-safe)
  

And most of all, in my experience, it doesn’t actually solve any problems that a good key/value store can solve with good indexes and good data structures. I’m just no longer a fan, I used to use MySQL, SQLite, etc back in the day, these days, nope I wouldn’t even go anywhere near a database (for my own projects) if I can help it – It’s just another thing that can fail, another operational overhead.

@prologic@twtxt.net @movq@www.uninformativ.de this is the default behavior of pass on my machine:

Image

I add a new password entry named example and then type pass example. The password I chose, “test”, is displayed in cleartext. This is very bad default behavior. I don’t know about the other clis you both mentioned but I’ll check them out.

The browser plugin browserpass does the same kind of thing, though I have already removed it and I’m not going to reinstall it to make a movie. Next to each credential there’s an icon to copy the username to the clipboard, an icon to copy the password to the clipboard, and then an icon to view details, which shows you everything, including the password, in cleartext. The screencap in the Chrome store is out of date; it doesn’t show the offending link to show all details, which I know is there because I literally installed it today and played with it.

@mckinley@twtxt.net very weird things going on for me.. i can see your twt but its not showing up as a reply or fork?

Image

@prologic@twtxt.net see where its used maybe that can help.
https://github.com/sour-is/ev/blob/main/app/peerfinder/http.go#L153

This is an upsert. So I pass a streamID which is like a globally unique id for the object. And then see how the type of the parameter in the function is used to infer the generic type. In the function it will create a new *Info and populate it from the datastore to pass to the function. The func will do its modifications and if it returns a nil error it will commit the changes.

The PA type contract ensures that the type fulfills the Aggregate interface and is a pointer to type at compile time.

one that i think is pretty interesting is building up dependent constraints. see here.. it accepts a type but requires the use of a pointer to type.

https://github.com/sour-is/ev/blob/main/pkg/es/es.go#L315-L325

I learned how to make gopls syntax highlight go templates in VSCodium.

By adding the following to my config

Image

Image

Image

Data Point
⌘ Read more

Tutorial: Getting started with generics - The Go Programming Language – Okay @xuu@txt.sour.is I quite like Go’s generics now 🤣 After going through this myself I like the semantics and the syntax. I’m glad they did a lot of work on this to keep it simple to both understand and use (just like the rest of Go) 👌

Image

ChatGPT is good, but it’s not that good 🤣 I asked it to write a program in Go that performs double ratcheting and well the code is total garbage 😅 – Its only as good as the inputs it was trained on 🤣 #OpenAI #GPT3

I started reading the proposal to introduce operator overloading in Go version 2 that I like to see: https://github.com/golang/go/issues/27605 Now a few hours later I ended up at this gem. Write a program that makes 2+2=5: https://codegolf.stackexchange.com/questions/28786/write-a-program-that-makes-2-2-5 There are some awesone solutions. :-)

Circling back to the IsPreferred method. A hasher can define its own IsPreferred method that will be called to check if the current hash meets the complexity requirements. This is good for updating the password hashes to be more secure over time.

func (p *Passwd) IsPreferred(hash string) bool {
	_, algo := p.getAlgo(hash)
	if algo != nil && algo == p.d {

		// if the algorithm defines its own check for preference.
		if ck, ok := algo.(interface{ IsPreferred(string) bool }); ok {
			return ck.IsPreferred(hash)
		}

		return true
	}
	return false
}

https://github.com/sour-is/go-passwd/blob/main/passwd.go#L62-L74

example: https://github.com/sour-is/go-passwd/blob/main/pkg/argon2/argon2.go#L104-L133

Hold up now, that example hash doesn’t have a $ prefix!

Well for this there is the option for a hash type to set itself as a fall through if a matching hash doesn’t exist. This is good for legacy password types that don’t follow the convention.

func (p *plainPasswd) ApplyPasswd(passwd *passwd.Passwd) {
	passwd.Register("plain", p)
	passwd.SetFallthrough(p)
}

https://github.com/sour-is/go-passwd/blob/main/passwd_test.go#L28-L31

Here is an example of usage:

func Example() {
	pass := "my_pass"
	hash := "my_pass"

	pwd := passwd.New(
		&unix.MD5{}, // first is preferred type.
		&plainPasswd{},
	)

	_, err := pwd.Passwd(pass, hash)
	if err != nil {
		fmt.Println("fail: ", err)
	}

	// Check if we want to update.
	if !pwd.IsPreferred(hash) {
		newHash, err := pwd.Passwd(pass, "")
		if err != nil {
			fmt.Println("fail: ", err)
		}

		fmt.Println("new hash:", newHash)
	}

	// Output:
	//  new hash: $1$81ed91e1131a3a5a50d8a68e8ef85fa0
}

This shows how one would set a preferred hashing type and if the current version of ones password is not the preferred type updates it to enhance the security of the hashed password when someone logs in.

https://github.com/sour-is/go-passwd/blob/main/passwd_test.go#L33-L59

I made a thing. Its a multi password type checker. Using the PHC string format we can identify a password hashing format from the prefix $name$ and then dispatch the hashing or checking to its specific format.

ahh this is useful https://go.dev/doc/modules/managing-dependencies. the go culture doesn’t typically have large dependency graphs like Ruby or JS.

@prologic@twtxt.net the go get and go mod tidy wont fetch new changes. that’s all a manual affair AFAIK

I’ve started playing with Go today, just understood the basics and still a bit confused about the module and goroutine parts.

I’ll try to make something interesting soon.

@movq@uninformativ.de yeah.. i rewrote it a few times because i thought there was something breaking.. but was mistaken
though now i am seeing a weird cache corruption.. that seems to come and go.

Image

Tell me you write go like javascript without telling me you write go like javascript:

import "runtime/debug"

var Commit = func() string {
  if info, ok := debug.ReadBuildInfo(); ok {
    for _, setting := range info.Settings {
      if setting.Key == "vcs.revision" {
        return setting.Value
      }
    }
  }

  return "" 
}()

https://developers.redhat.com/articles/2022/11/14/3-ways-embed-commit-hash-go-programs#3__using_runtime_debug_package

@prologic@twtxt.net Alright, there’s some erroneous markdown parsing going on, I reckon. In my original twt I have a code block surrounded by three backticks. The code block itself contains a single backtick. However, at least for rendering, yarnd shows three backticks instead (not sure if my markdown is invalid, though):

Image

Estoy empezando a programar Web en Go… Iré poniendo los ejemplos acá https://go.gemugami.com

it uses the queries you define for add/del/set/keys. which corrispond to something like INSERT INTO <table> (key, value) VALUES ($key, $value), DELETE ..., or UPDATE ...

the commands are issued by using the maddycli but not the running maddy daemon.

see https://maddy.email/reference/table/sql_query/

the best way to locate in source is anything that implements the MutableTable interface… https://github.com/foxcpp/maddy/blob/master/framework/module/table.go#L38

I was inclined to let this go so as not to stir anything up, but after some additional thought I’ve decided to call it out. This twt:

Image

is exactly the kind of ad hominem garbage I came to expect from Twitter™, and I’m disappointed to see it replicated here. Rummaging through someone’s background trying to find a “gotcha” argument to take credibility away from what a person is saying, instead of engaging the ideas directly, is what trolls and bad faith actors do. That’s what the twt above does (falsely, I might add–what’s being claimed is untrue).

If you take issue with something I’ve said, you can mute me, unfollow me, ignore me, use TamperMonkey to turn all my twts into gibberish, engage the ideas directly, etc etc etc. There are plenty of options to make what I said go away. Reading through my links, reading about my organization’s CEO’s background, and trying to use that against me somehow (after misinterpreting it no less)? Besides being unacceptable in a rational discussion, and besides being completely ineffective in stopping me from expressing whatever it is you didn’t like, it’s creepy. Don’t do that.

@prologic@twtxt.net It’s called “cgod” and it isn’t written in C or Go? I want my money back…

I also like Gopher more than Gemini. The problem Gemini is trying to solve is better solved by just writing static HTML 4.01 pages.

I love parsers in go : https://dev-nonsense.com/posts/incremental-parsing-in-go/

time to go to twittertext sleep I think

@prologic@twtxt.net, business is slow (I also just got off that hyoo-män illness that is going around named COVID), so that leaves me some free time on my entrepreneurial hands. 😂 I have always lurked every couple of weeks or so. I see yarn has regressed on the UI! 😬😩

📣 NEW: Announcing the new and improved Yarns search engine and crawler! search.twtxt.net – Example search for “Hello World” Enjoy! 🤗 – @darch@neotxt.dk When you have this, this is what we need to work on in terms of improving the UI/UX. As a first step you should probably try to apply the same SimpleCSS to this codebase and go from there. – In the end (didn’t happen yet, time/effort) most of the code here in yarns will get reused directly into yarnd, except that I’ll use the bluge indexer instead.

2045
⌘ Read more