If you want emails from some random internal machine, you can use one of the HPE SMTP servers. There was one for internal email, another for external iirc although I'm not sure there was a difference in practice. Those SMTP servers would do a DNS lookup before accepting the email.
When I set this sort of thing up, I'd get myself a hostname on an internal subdomain. But that was a truly miserable experience. It was a multi-stage form submission on a server I imagine to be the closest possible relation to an actual potato. It was soul-destroyingly slow. Alternatively, you could just pretend your machine was hpe.com - the hostname was valid, even if the IP was totally wrong, and the SMTP server would accept it.
My guess is that there was a bunch of stuff that pre-dated the HP/HPE split and they took the quick and dirty option whenever the old internal domain name got yanked during the changeover. And if your process runs as root, you get root@hpe.com and hope there's something in the subject/body to identify the specific machine.
I can't speak to the Airs, but I went from an Intel Pro to a M3 Pro in a previous job and the battery life improved massively. I used to be able to heat my study by running a linter, but after the switch I remained chilly. I'm now on a M2 and have broadly observed the same.
I'm not sure if you've misunderstood, so apologies if this is old news. US companies may have teams of engineers in various other countries. But they almost always pay local market rate. In much the same way US companies will pay teams in India their local market rate (which is less again).
My last company paid 2-2.5x a UK salary for a US engineer. Perhaps the ratio for a company like Meta is closer, but I doubt it's equal. For startups you may find random roles that have equal pay globally, but they're relatively uncommon.
Technically we did abolish the monarchy back in the 17th century, but the replacement was so bad we brought them back about 10 years later, which I think makes us a minority of one and even more weird.
Anyway, back on topic: this is a ridiculous law that is forcing services to erode their security while smart criminals can just use some nice free open-source software somewhere else for E2E communication. And a lot of this is definitely down to lawmakers not understanding technology.
You’re correct, however I gave GP the benefit of the doubt and assumed they meant Secretary of State ;-)
And, to be fair, while I’m generally a small r republican, I’m seeing benefits of having a non politically aligned head of state after J6. While the monarch has limited power, booting out a PM that can’t command the confidence of Parliament is one of them. The question of whether Johnson would accept being dethroned a la Trump was always silly given his consent was never needed.
I’ve become a bit of fan of it over the last few years. That said, I don’t think the UK can be replicated.
It wraps ultimate power up in a contradiction, you have it but you can’t use it. Sure, technically you could but it would be your last act.
Another important aspect, the for and against is currently split between parties, so there’s somewhat of unification factor between parties on that divide as well.
It gets a lot of hate, because it is imperfect, but I don’t think it gets its fair shake. My views more of, if it ain’t broke is it really worth the risk changing it.
The UK monarch's power is largely based on convention more than active decision making. For example, a government is formed at the invitation of the monarch, but that's long reflected the results of an election. Getting rid of a PM generally happens when they run out of luck. That sometimes coincides with the ruling party/coalition imploding. The next PM is then shortlisted by MPs and selected by a minority of the electorate.
I guess the US equivalent is the leader of the house being unable to hold their majority together. In some ways the presidential election feels more democratic if a relative outsider (like Trump was) can win. But a 2 year lead up is crazy.
It's not even just your users. I work on a S3-compatible service where a good chunk of the test suite is built on the AWS SDK.
In reality, AWS are the reference S3 implementation. Every other implementation I've seen has a compatibility page somewhere stating which features they don't support. This is just another to add to the list.
It's basically a DSL used by a bunch of Hashicorp products.
It's sort of a programming language. Someone I worked with implemented 1 or 2 advent of code exercises with it a couple of years ago, but it's far from a general purpose language.
Is Tiktok genuinely manipulated by the CCP? I could never quite tell if that was merely scaremongering and hypothesising by American politicians, or based on evidence of past transgressions.
I can't speak for Tiktok, but the CCP did explicitly shut down Bytedance's very popular Neihuan Duanzi humor app, and put pressure on them to change the Toutiao algorithm because it was promoting inappropriate content. It's not much of a leap to think that by the time Douyin started getting popular Bytedance had learned their lesson and would proactively moderate their platforms to stay well within the party lines. In theory Tiktok should be independent of that since it targets foreign users, but in practice any media product coming out of a Chinese-owned company is going to be influenced whether explicitly or incidentally by CCP policy.
Of course Americans have the freedom to access thousands of other media outlets not influenced by the CCP, so it seems pretty silly to just restrict this one.
But I can say it's far beyond CPC's capability, Americans like talking abt CPC like it's some kind of secret darkness powerful villain in Gotham City, no, it's not that good.
If CPC executed any order to a company operated in US by Americans, there'll be clear and strong evidence about it, CPC is not good at hiding schemes, if you didn't see such evidence, it means there's no such thing, at least for now
ccp bans certain brain rot contents which the algorithms hm happily spreads in the west.
the biggest problem for western competition (insta & co) is the dramatically "better" (more addictive) algorithm. But trump and Co happily use tiktok to grab power, see the most recent Romanian elections.
I can never really tell, but I hope it's not malicious. When I was in college, a dorm neighbor told me that Obama had said/did something bad. I don't remember what, but it was incredibly dubious. I told him I didn't believe it and asked him to prove it; I'd even accept a Fox News article as evidence. He was red in the face because he couldn't find any article suggesting anything close to what he had said. Looking back on it now, I realize he genuinely believed what he had heard, but he had fallen for well-crafted language that created a new reality. It was so well-crafted, all that remained was the idea he was propagandized to believe rather than even a remnant of the title of the original article.
This same thing has happened to me over the years - I read an article and then it becomes relevant in some future discussion. I find the article (which is hard to find, because I'm searching by what the author[s] wanted me to think, not the actual article content) and read it again, only to find out that, upon a more critical reading, it doesn't say what I thought it said at all! Or the conclusion is much weaker than I had originally thought.
It's pretty amazing to see, though. Weak evidence used to support very strong American propaganda about seemingly weak Chinese propaganda. The goal posts inevitably get moved too - oh we have strong evidence of it, but we might tip off the Chinese! Like, huh? What does it matter if they're tipped off if you're going to force the sale?
I also don't think TikTok was ever a national security threat, at least not any more than any other social media platform. What are (were?) all the DoD recruiters and other military influencer accounts on TikTok like Nikko Ortiz (a counter intelligence agent from '18-'23) doing on TikTok? It was wild to see how during certain recruitment pushes, my FYP would be like a direct view into a platoon headquarters. (And yes, before anyone responds, US military social media policies like being aware of adversaries using social media predates the popularization of TikTok, no need to speculate about them not knowing that TT was a threat, especially not after the first ban attempt during the Trump administration)
I think the question is actually asked incorrectly in the reverse.
Maybe start with the not at all controversial position that China is effectively an authoritarian dictatorship who is well known to use censorship and public manipulation as one of its key levers of control and then ask if you have any evidence whatsoever that for some reason they wouldn’t include TikTok in that mix?
The way actual professionals in the field look at this problem is through a lens of:
1. Do they have the capabily to take this specific action? (A resounding yes)
2. Do they have the intent to take this action? I mean this is where you would look at literally all of the other instances where they did choose censorship over free expression and also come to a resounding yes.
3. Do they have the opportunity to take this action? Which is also a clear yes as defined by their own national security laws and other methods of control over what TikTok does.
Thats how people have come to the conclusion that it’s a legitimate threat even in the absence of some smoking gun where people wrote everything down and then conveniently leaked it for you.
At some point you have to be able to make decisions in the absence of perfect information and this is specifically how threat modelling works just to provide some context because some of the comments here are incredibly low quality.
I agree overall with your analysis. Nonetheless when one says that there is good evidence for something, rather than that there is good circumstantial evidence or that there are very reasonable grounds to assume something, one is making a different claim.
We must also ask whether circumstantial evidence or reasonable assumptions alone should be enough to force a company to divest its assets.
The thing about nation state level conspiracies is that they rarely are kind enough to write down all of the details about their intents in any format you’re going to see. That is the very nature of a conspiracy.
And so knowing this you are going to need some kind of framework in order to make decisions off in the absence of perfect information.
The one I outlined above is the same one that was used in this case and is really at the foundation of everything to do with threat modelling, this isn’t some kooky thing I just made up.
This is actually so cool it's the first study I have seen that tries to use numbers kind of hilarious they did not filter scrapped posts by date to account for TikTok being a newer platform. Some data engineer got a promotion off that study too probably :)
Another thing they did not take into account is the presence of social engineering botnets that can be used by both sides (if record labels have them I'm sure anyone rlse can too)
Yes, read about the kind of things employees of TikTok have to agree to. The summary is that they essentially have to uphold the goals of the Chinese government. They also have two different managers, one in America and a second handler from mainland China.
That seems like short-sighted advice. My company probably isn't paying me to write crypto, web frameworks, database drivers, etc. If it's not where I'm adding business value, I would generally try to use a third-party solution, assuming there's no stdlib equivalent. That likely means my code is an overwhelming minority of what gets executed.
If C dominates your codebase or you're squeezing out every inch of performance, then sure, you may well have written everything libc is missing. In Python, or another language that had a thriving ecosystem of third-party packages, it seems wasteful to write it all in-house.
They aren't paying you to integrate a bunch of third-party dependencies either, especially not when you could be using the time to generate actual business value.
The specific examples you listed are usually fine for generic SAAS companies (I'd usually object to a "full" web framework), but advice of the flavor "most code should be your own" is advocating for a transitive dependency list you can actually understand.
Anecdotally, by far the worst bugs I've ever had to triage were all in 3rd-party frameworks or in the mess created by adapting the code the business cares about into the shape a library demands (impedence mismatches). They're also the nastiest to fix since you don't own the code and are faced with a slow update schedule, forking, writing it yourself _anyway_ (and now probably in the impedence-mismatched API you used to talk to the last version instead of what your application actually wants), or adding an extra layer of hacks to insulate yourself from the problem.
That, combined with just how easy it is to write most software a business needs, pushes me to avoid most dependencies. It's really freeing to own enough of the code that when somebody asks for a new feature you can immediately put the right code in the right spot and generate business value instead of fighting with this or that framework.
"They aren't paying you to integrate a bunch of third-party dependencies either, especially not when you could be using the time to generate actual business value."
They might, but in my experience, it's bottom of the barrel clients playing out of their league. Example, a single store that is using shopify and wants to migrate to their own website because the fees are too high, might pay 500-1000$ for you to build something with wordpress and woocommerce, or worse, a mysql react website.
You win most of the time, until you get log4jed or left-padded. Then my company survives you.
Also I might win even without vulns. I don't write frameworks, I just write the service or website directly. And less abstractions and 3rd party code can mean more quality.
https://github.com/localstack/localstack
reply