If they have to pick up their kids in the afternoon, then it's probably better that they work closer with the other parents than of they're late risers who prefer coming to the office at 10

You start with the age verification because "think of the children" is an easy sell, then a year from now, there'll suddenly be a massive worry about criminals using their phones for "crime-stuff", so we need to track where these people are - there's then already a system in-place for easily adding such a functionality

A year after that it'll be online fraud that is apparently rampant

My reason for this conclusion is that there's no good reason that age verification should live at the OS layer. It is technically cleaner and simpler to have it as an external service - just look at the amount of issues it's causing for Linux distributions

FB are not dumb - they know this hurts Linux distributions, but they're an ad business and they need PII to sell those ads

Such an API can then be extended to provide location data to "help the police find bad guys", track purchase histories to "prevent fraud"; all the stuff that Apple and Google blocked fb from sniffing from user devices

It's circumvention of these privacy protections with added vengeance since now Google and Apple will be sitting with the cost of implementation and the liability

For some I'm sure that's the case; it wasn't in my case.

I ran docker for several years before. First docker-compose, then docker swarm, finally Nomad.

Getting things running is pretty fast, but handling volumes, backups, upgrades of anything in the stack (OS, scheduler, containers, etc) broke something almost every time - doing an update to a new release of Ubuntu would pretty much always require backing up all the volumes and local state to external media, wiping the disk, installing the new version, and restoring from the backup

That's not to talk about getting things running after an issue. Because a lot of configuration can't be done through docker envs, it has to be done through the service. As a consequence that config is now state

I had an nvme fail on me six months ago. Recovering was as simple as swapping the drive, booting the install media, install the OS, and transfering the most recent backup before rebooting

Took about 1.5 hours and everything was back up and running without any issues

If any kind of apt upgrade or similar command is run in a dockerfile, it is no longer reproducible. Because of this it's necessary to keep track of which dockerfiles do that and keep track of when a build was performed; that's more out-of-band logging. With NixOS I will get the exact same system configuration if I build the same commit (barring some very exotic edge cases)

Besides that, docker still needs to run on a system, which must also be maintained, so Docker only partly addresses a subset of the issue

If Docker works for you and you're not facing any issues with such a setup, then that's great. NixOS is the best solution for me

The quick answer is complexity and the amount of energy I have, since I'm mostly working on my homelab after a full work day

Some things also don't run that often or I don't check up on them for some time. Like hardware acceleration for my jellyfin instance stopped working at some point because I was messing around with OpenCL and I messed up something with the Mesa drivers. Didn't discover it until I noticed the fans going ham due to the added workload

I'm the beginning I was doing one change, writing that change down in some log, then doing another change (this I'll mess up in about five minutes)

Now I'm creating a new commit, writing a description for it to help myself remember what I'm doing and then changing the Nix code. I can then review everything I've changed on the system by doing a simple diff. If something breaks I can look at my commit history and see every change I've ever made

It does still have some overhead in terms of keeping a clean commut history. I occasionally get distracted by other issues while working and I'll have to split the changes into two different commits, but I can do that after I've checked everything works, so it becomes a step at the end where I can focus fully on it instead of yet another thing I need to keep track of mentally

The problem was when I had to change some obscure .ini file in /etc for a dependency to something new I was setting up. Three days later I'd realise something unrelated had stopped working and then had to figure out which change in the last many days caused this

For me this is at least 100x more difficult than writing a Nix module, because I'm simply not good at documenting my changes in parallel with making them

For others this might not be a problem, so then an imperative solution might be the best choice

Having used Nix and NixOS for the past 6-7 years, I honestly can't imagine myself using anything than declarative configuration again - but again, it's just a good fit for me and how my mind works

My understanding is it's possible to license either new contributions to a project under GPL, with the original contributions keeping EUPL or you can license a derivative work under GPL, though you still have to comply with the EUPL in regards to the original work (meaning the SaaS loophole will remain closed)

Comments URL: https://news.ycombinator.com/item?id=45060949

Points: 2

# Comments: 0

My impression is that there is an information gap about forked projects that lead to this issue

I'm on vacation right now, but when I'm back I'll try to setup a small site that lists forks of popular projects and maybe some information on when in time the project was forked

Hopefully something like that can make it more likely that these things are responsibly disclosed to all relevant projects

I'm very disappointed to hear that the researchers didn't do their due diligence and informed the OpenBao project about this issue before publishing

I imagine this is a stressful situation for everyone involved in the project, so I hope the researchers will do some reflections on how they can avoid this situation happening in the future

I'm very disappointed to hear that the researchers did not disclose these findings to the OpenBao project before publishing them, so you now have to rush a release like this

Will you reach out to the researchers for an explanation after you've fixed the issues?

It also doesn't sound like the researchers made an effort to safely disclose these findings to the OpenBao project before publishing them, which I think would have been the right thing to do

*Assuming OpenBao has a process in place for this

I'll do even more sidetracking and just state that the behaviour of "move" in Windows as described in the article seems absolutely insane.

Edit: so the article links to the documentation for "move" and states that the above is described there. I looked through that page and cannot find any such description - my spider sense is tingling, though I do not now why

In my current position I'm hired for an expected 37 hours per week. This can be more if I'm asked to work overtime, but my weekly hours cannot exceed 45 hours per week on average in a 3 month window without additional compensation

Additionally I have six weeks of paid time off every year plus public holidays

If I calculate my hourly salary it's better than what I was paid by US companies

That's not to mention the security of having a legally mandated termination period of minimum 3 months (in which you're, in most cases, not expected to work)