There's so much going on that I can't post disapproving posts for every single thing. So here's just one blanket one.
It's all wrong. You know, everything. All of it. Not just in the US, but it's happening, or starting to, everywhere. The rule of law is abandoned and people are shipped off to uncontrolled foreign prisons. People's right to be who they are is removed. Institutions to help and better other people are disbanded.
We need to get back to caring about other people. Care about the next generation's ability to get educated. No matter the skin colour, no matter the social class, care about whether people can buy food. Care about people getting a fair trial. Care about people whether they are your gender or not, or have the gender you think they have, or even have a gender.
Care about other people, no matter what kind of 'other' they are.
If your world view consists of white cowboy hats and black cowboy hats you may want to check whether your white cowboy hats aren't just black cowboy hats that have been spray painted white.
Pinned post, about following from multiple addresses
Hi, when I follow someone I usually do this from multiple accounts, with different servers and platforms. This is partially as backup. It’s also because different software has different features. E.g. at the moment of writing I mainly post from my Friendica server, but it doesn’t yet support polls, or account migrations. So I also follow from my Pleroma server, which does notify me someone has migrated.
I also sometimes use platforms that support nomadic identity, that allows my channels on multiple servers to be synced. From software that doesn’t support that, a follow request looks like multiple separate requests from those channels.
Hi, this me from my Friendica instance. I also post from @GidiKroon@mastodon.social, @gidi@pleroma.gidikroon.eu as well as from Twitter, Instagram and Tumblr as @GidiKroon but I'm mainly using my own Friendica for now. Even though I have been on the fediverse for a few years, I've never done an #Introduction post, so let's do one for this channel.
I tend to post about actresses and singers I'm a fan of, sharing news about their new projects as well as my thoughts about films and tv I watch. In between I give my take on political things as well as about the fediverse. When I learn new things hosting a fediverse server or other technical things, I try to share them here too. Longer posts may end up on my blog gidikroon.eu (which you can follow at @GidiKroon@gidikroon.eu).
In real life I work as a software developer, but I keep work separate from a private account like this. I play (beach) volleyball when I can, at a very low level. I live
... show more
Hi, this me from my Friendica instance. I also post from @GidiKroon@mastodon.social, @gidi@pleroma.gidikroon.eu as well as from Twitter, Instagram and Tumblr as @GidiKroon but I'm mainly using my own Friendica for now. Even though I have been on the fediverse for a few years, I've never done an #Introduction post, so let's do one for this channel.
I tend to post about actresses and singers I'm a fan of, sharing news about their new projects as well as my thoughts about films and tv I watch. In between I give my take on political things as well as about the fediverse. When I learn new things hosting a fediverse server or other technical things, I try to share them here too. Longer posts may end up on my blog gidikroon.eu (which you can follow at @GidiKroon@gidikroon.eu).
In real life I work as a software developer, but I keep work separate from a private account like this. I play (beach) volleyball when I can, at a very low level. I live in the Netherlands and occasionally cycle and take photographs. I read and watch sci-fi and fantasy, and am interested in ways to achieve social justice, gender and race equality, sustainable energy use and climate justice.
Feel free to follow, as I will also follow other accounts I find interesting without expectation of them following back. Feel free to share (boost, repeat) my posts if you want, using whatever share function comes with your platform. I tend to close DMs to only allow people I follow. I check my fediverse accounts only one or a few times a day, typically on my phone or tablet, so I tend to not be part of live discussions.
I felt bad about not using redundancy features in what I'm running online. Well, only a little bit bad, I'm only a single person doing unimportant stuff. But apparently major corporations are also not running redundancy either, so I feel a bit better.
What is worrying about the AWS outage in New York however, is that it seems to have affected critical things in EU and UK as well. And wordle. #AWSOutage
I don’t know the details, but it’s easy to do stuff like this when it’s DNS. The DNS infrastructure might not be down or non redundant. If you publish the wrong DNS record, or you accidentally delete a record that is vital to a lot of services, it looks like this. The infrastructure can be up and running perfectly, but just providing the wrong answer.
Justine's experiments with film photography: 'The art of getting it wrong'. Includes the quote: "If you're deep in the phase where nothing is working, stay there a little longer". youtu.be/yl7CqKggMYo?si=vEPjLZ… #Photography
Still recovering, but happy I did a better time than expected this year on the quarter marathon, at the Eindhoven Marathon event. 1:17:10, though friends did almost the same time on double the distance... Anyway, for me it was ok. #EindhovenMarathon
I really love seeing Joséphine Jobert in Saint-Pierre. Almost makes up for her not becoming the inspector in Death in Paradise. #JoséphineJobert #SaintPierre
Doobydobap does London and it's an amazing multicultural food experience. She finds all the special places. What I would like to know from people that know London, did she cover some foodie experiences that you didn't know yet? youtu.be/nXeFDt1_Ud0?si=B9-mn5…
Most people don’t think twice when they ask ChatGPT a question or to summarize an email but they should. AI is working hard for us, but our planet is working even harder.
Ireland rejected planned data centers from Microsoft and Amazon because the state-owned network operator fears a blackout • 11 percent of Ireland's total electricity demand would already go to data centers • Ireland's data centers consume more electricity than all urban households combined theguardian.com/world/article/… • Irish state grid operator Eirgrid estimates that by 2029, nearly 30 percent of Ireland's annual electricity demand will be accounted for by data centers. gizmodo.com/data-centers-are-p… • Data center boom threatens Ireland's power grid heise.de/news/Blackout-Risiko-…
Irland ist der am schnellsten wachsende EU-Markt für Datacenter. Das Stromnetz ist darauf aber nicht ausgerichtet, die Klimaziele drohen verfehlt zu werden.
In many places around the world, data centers are already operating at full capacity • Server farms belonging to Amazon, Google, Microsoft, and Meta required more electricity than Czechia in 2021 • All data centers worldwide consumed approximately as much electricity as Spain in 2022 • Data centers house cloud infrastructure and thus also AI systems • The largest providers of AI systems are either cloud operators (Microsoft, Google, Amazon) or operate the systems for these three • Meta, Google, and others are therefore trying to build their data centers in places where a lot of (green) energy is available (Iceland, Finland, Norway, etc.)
Amazon: Acquires Cumulus Data's nuclear data centers: $650 million. Purchases 480 MW of electricity from Susquehanna power plant. For at least 10 years, it will supply electricity to a nearby data center – at a fixed price that is 50 percent above the current electricity price n-tv.de/wirtschaft/Amazon-zahl… • Microsoft: Damaged nuclear power plant for AI. Power plant in Pennsylvania was the site of the most severe meltdown and largest radiation leak in US history in 1979 sueddeutsche.de/wirtschaft/mic… heise.de/news/KI-Server-mit-At… OpenAI asks the US for approval of energy-guzzling 5GW data centers, according to a report arstechnica.com/?p=2052285
last, because I could go on…. AI processors installed in 2023 (newly added) consume 7-11 hours (TWh), which is about 0.04% of global electricity consumption. sciencedirect.com/science/arti… • Goldman Sachs: A ChatGPT query requires almost ten times as much electricity as a Google search. Search heise.de/news/ChatGPTs-Stromve… • ChatGPT currently requires around 205,860,000 kilowatt hours of electricity per year => More than 70,000 four-person households could be supplied with electricity during the same period • What's more, it's not just the chips and processors themselves that need electricity, but also their cooling systems: these consume a significant portion of the energy required by a data center – up to 40 percent, according to Intel intel.com/content/www/us/en/ne…
Google says: In its annual environmental report, the company also announced that its emissions in 2023 rose by 13% compared to the previous year. gstatic.com/gumdrop/sustainabi… • Greenhouse gas emissions rose by 48% over the last five years theguardian.com/technology/art… • Google processes more than three trillion searches in a year = The electricity could power around 340,000 four-person households for a year de.statista.com/themen/651/goo… • Llama 4 requires ten times more computing power than its predecessor heise.de/meinung/Kommentar-zu-… 500,000 tons of CO2 are to be removed from the air in Texas on behalf of Microsoft and pumped into the ground. A record. heise.de/news/KI-needs-electri…
Google: Report published last year: AI could reduce global emissions by up to 10%. = total carbon pollution of the European Union by 2030 blog.google/outreach-initiativ… • “AI plays a really important role in combating climate change,” said Kate Brandt, Google's Chief Sustainability Officer, in December, describing the technology as a “tipping point” for making significant progress on environmental goals. wsj.com/articles/googles-cso-k…
IEA estimates: Total electricity consumption of data centers could double from 2022 to 2026 to 1,000 TWh (terawatt hours) = approx. Japan's electricity demand computerwoche.de/article/28352… • IEA: Data centers already accounted for 1 to 1.5% of global electricity consumption in 2022! Before the AI boom with the launch of ChatGPT at the end of the year iea.blob.core.windows.net/asse… • According to an analysis by The Guardian, the actual emissions from the company-owned data centers of Google, Microsoft, Meta, and Apple are likely to be 662% higher—or 7.62 times higher—than officially reported between 2020 and 2022. theguardian.com/technology/202…
According to Google, a new data center already consumes as much electricity as 750,000 households • The Californian company's existing data centers will require more than 24 TWh in 2023 According to the IEA, this corresponds to up to ten percent of the global electricity consumption of data centers and around 0.1 percent of the general global electricity demand • Spent $1.1 billion to feed excess heat from its main data center in Finland back into households. This is how the company intends to achieve its climate goals after all. computerwoche.de/article/28352…
Growing AI power demand means that doubling data centers to keep pace with the industry will lead to an 80% increase in greenhouse gas emissions, even if measures are taken to improve the energy efficiency of these centers, according to a new report by a coalition of several environmental groups foe.org/wp-content/uploads/202… • Goldman Sachs: Data center power demand will increase by 160% by 2030 goldmansachs.com/insights/arti… • Morgan Stanley: Predicts that emissions from data centers will rise to 2.5 billion tons of CO2 equivalent worldwide by 2030 reuters.com/markets/carbon/glo…
According to calculations by research company SemiAnalysis, AI will cause data centers to consume 4.5% of global energy production by 2030. theguardian.com/technology/art… • AI data centers could require more electricity than the Netherlands by 2027 datacenterdynamics.com/en/news… cell.com/joule/fulltext/S2542-… AI is likely to increase energy consumption and accelerate climate misinformation. theguardian.com/technology/202… • Demand for AI services will grow by 30-40% annually over the next 5-10 years. One estimate suggests that global AI-related energy consumption could be 10 times higher in 2027 than in 2023. nature.com/articles/d41586-024…
The first version of the Stable Diffusion image generator was trained for 200,000 hours in Amazon's AWS data centers on the US East Coast, reportedly generating 15 tons of CO2 equivalent in the process. arxiv.org/ftp/arxiv/papers/210… • Assumption: Google answers all search queries with artificial intelligence=> Ten times as much electricity – equivalent to the demand of around 3.4 million four-person households asociace.ai/wp-content/uploads…
"Another interesting finding is that Google who set the goal of being net-zero in carbon emissions by 2030, quietly removed the net-zero carbon goal from its website."
Al useful for some stuffs but implementing 💯 %ai in everything not good. What kind of world we are living, where people's speak about privacy and don't want to share normal chat or pics with someone but on other hand they are really ready to give all permission to see/watch/control everything of person life 😂😂... Ai and extra tech stuffs making people dumb....
@koalou oh god I thought this was just a cute little micro fiction. Japan has actually started work on one. Literally. We live in the weirdest timeline
Today was the first time I forgot to put a cup under the Senseo and tested the efficiency of the collection tray, despite fearing to do that many times before. The test results: that collection tray works really well, holds at least a full cup of coffee, and its design is such that there is no coffee splashed anywhere. Much impressed.
Thanks for this. The “shoes tied together” analogy is a good one. “But you got by just fine. Why do you need <meds, accommodations, different clothes, ear defenders> now?”
“Because I wasn’t fine. I was struggling every single day, thinking that all I needed was to focus more / stop being so sensitive / be like other people and 56 years of doing that had left me a shrivelled husk. I was sad, frustrated, angry, and desperate every single day. But I didn’t show it because, well, it was all my fault, and I’d already screwed up being normal so much, already disappointed so many people, I didn’t want to bring down the shame one more time by admitting I was struggling. The meds turned off the 26 radios that had been playing in my head nonstop for 56 years. I would think. I could reason. I could plan and organize. And my autism could have a voice. I love being autistic. But if I had to go off the ADHD meds and revert to sea fog brain, I don’t know how I would manage.”
#
... show more
Thanks for this. The “shoes tied together” analogy is a good one. “But you got by just fine. Why do you need <meds, accommodations, different clothes, ear defenders> now?”
“Because I wasn’t fine. I was struggling every single day, thinking that all I needed was to focus more / stop being so sensitive / be like other people and 56 years of doing that had left me a shrivelled husk. I was sad, frustrated, angry, and desperate every single day. But I didn’t show it because, well, it was all my fault, and I’d already screwed up being normal so much, already disappointed so many people, I didn’t want to bring down the shame one more time by admitting I was struggling. The meds turned off the 26 radios that had been playing in my head nonstop for 56 years. I would think. I could reason. I could plan and organize. And my autism could have a voice. I love being autistic. But if I had to go off the ADHD meds and revert to sea fog brain, I don’t know how I would manage.”
Today marks 30 years since the premiere of 'Xena: Warrior Princess' back in 1995. A show that was never ashamed of its campiness, but at the same time managed to be groundbreaking on multiple levels. Setting new standards for female action heroines, featuring a main character that was messy and flawed, physically strong and athletic, who started as a villain seeking redemption.
Xena, despite its cheesiness and often ridiculous premise, succeeded in pushing the boundaries of queer representation, challenged stereotypes, defied several of the sexist tropes of '90s media, explored LGBTQIA+ themes, even themes of gender identity, and made a clear statement against the stigma surrounding HIV/AIDS at the time.
It may not be a flawless masterpiece, but it's a beloved cult classic for good reason.
In regards to Xena making a statement against the stigma surrounding HIV: in the episode 'Here She Comes... Miss Amphipolis', Xena enters a beauty pageant undercover. There, she encounters Miss Artiphys, a character played by the late Karen Dior, an HIV-positive actor, singer, former adult performer, and drag queen (reports on Dior’s gender identity are contradictory, and probably also affected by '90s culture).
When Xena discovers that Miss Artiphys was an AMAB character who entered the competition presenting as a woman, the latter explains her actions with the line: "You really don’t get it, do you? I guess being born a woman you wouldn’t. This is a chance to use a part of me most people usually laugh at, or worse. A part I usually have to hide. Only here that part works for me, you see?" expecting Xena to force her to drop.
Instead, Xena encourages her to stay in the competition, never reveals her secret, never disrespects her, and in the end, she ends up being crowned winner. After her victory, Xena and Artiphys share a kiss. That was an intention
... show more
In regards to Xena making a statement against the stigma surrounding HIV: in the episode 'Here She Comes... Miss Amphipolis', Xena enters a beauty pageant undercover. There, she encounters Miss Artiphys, a character played by the late Karen Dior, an HIV-positive actor, singer, former adult performer, and drag queen (reports on Dior’s gender identity are contradictory, and probably also affected by '90s culture).
When Xena discovers that Miss Artiphys was an AMAB character who entered the competition presenting as a woman, the latter explains her actions with the line: "You really don’t get it, do you? I guess being born a woman you wouldn’t. This is a chance to use a part of me most people usually laugh at, or worse. A part I usually have to hide. Only here that part works for me, you see?" expecting Xena to force her to drop.
Instead, Xena encourages her to stay in the competition, never reveals her secret, never disrespects her, and in the end, she ends up being crowned winner. After her victory, Xena and Artiphys share a kiss. That was an intentional statement against the widespread misinformation surrounding AIDS and the transmission of HIV that reportedly Lucy Lawless insisted on being included.
It is near impossible to fully explain how *ridiculously* groundbreaking it was that this entire plot happened in the mid '90s.
I think quite a few packages are impacted, potentially some very high volume ones. I gotta hop on a subway to make a plane though so it’s going to be hard for me to keep digging.
Determines if an object can be used as an array. Latest version: 0.3.3, last published: an hour ago. Start using is-arrayish in your project by running `npm i is-arrayish`. There are 1528 other projects in the npm registry using is-arrayish.
If you want an idea of scale of trojan attempt - 'color' alone had 32m downloads in a week, the combined attempt was pushing a billion due to upstream dependencies.
Hunt tip: look for registry.npmjs.org in proxy logs, package names are in the URLs.
@leoluk Draconian systems that limit who can write and publish code are NOT the solution here.
The solution is not having LPMs (language package managers) that pull code from unvetted package repositories in an automated manner, and languages that encourage using thousands of random garbage microdependencies rather than well-vetted, versioned libraries.
Given they got 2FA phished, OpenPGP would solve exactly nothing, you'd get a new key with the name of the dev on it and people would just accept it at face value, remember NPM has 0 vetting.
And if you'd want to actually verify it's the correct key… good luck, almost no one makes sure to put copies of their OpenPGP keys in multiple places.
@lanodan @leoluk @stevel This. The only real solution is not putting authors in a place of directly being able to push code for immediate automatic consumption. This would have been a non issue if new versions not tagged for immediate review as security fixes and reviewed as such had a 5-10 day waiting period before they'd be pulled. I'm not saying delay is the only or necessarily best way, but you've gotta stop making these gratuitous and dangerous update channels.
@lanodan @leoluk @stevel Also let's not forget that no 2FA or signing key security theater would prevent the version of this attack where a maintainer transfers ownership to a malicious party (selling out), decides to go rogue, or whatever.
Yeah, at best is could make it noisier, like with the developer receiving at least one email about account updates, which given the phish they could see as normal given those notifications typically don't tell you what was changed.
In fact it also reminds me that I don't think I've ever seen a website actually verify that the emails listed in the OpenPGP key can actually use said key (I would know, one of the entries in mine isn't email but my fediverse ID). Something which has been the normal workflow for SSL/TLS certificates for decades.
don't you see the actual problem in the culture of depending on single file random shit from Generic JavaScript Guy 487 instead of just copying it or writing yourself. Those were transitive dependencies of big important libraries like Babel.
I looked at the libraries and most of them are like one function and some boilerplate for npm. One is just an array of color names in css
Yeah that's pretty much the root of the problem, you need some form of vetting/code-review.
And sadly it seems to always be there whenever you put a language-package-manager (LPM) early on with the language, instead of having it very late so it's preferable to use distro packages instead. Specially as those LPMs also end up shoving binaries at you (For example: rollup and esbuild on npm, cryptography on pypi, …).
@Standard_Phil Every time npm fetches the source code counts as a download. This usually happens when running “npm install” on a system that doesn’t have the source cached. A lot of those downloads are caused by CI/CD builds because they usually fetch the source for every dependency into a clean environment for running tests, packaging builds, etc.
Help a dumb security guy out? I haven't been a developer since the 90s and I'm out of touch.
Has-ansi was downloaded 12 million times this week - does that mean 12 million applications currently under development added it to their codebase this week?
Or applications using it were deployed to 12 million endpoints this week?
Or 12 million web sessions pulled this JavaScript code this week?
Or....something else entirely?
I've tried to find an answer to this via Google but no joy.
@alex @Standard_Phil I think it was a Docker build and there was no local cache of components or managed repository pulls. There was apparently just a list of URLs that were where the components were grabbed from during the build. Person was having problems because the downloads were timing out.
Ruri Ohama talks about the effects of AI on the economy and on jobs. I don't think she covers what the current video title says, but that's just because apart from a smart woman she's also a smart youtuber. It's very interesting nonetheless.
Just found out that the ASML Marathon Eindhoven will no longer provide a secure area where you can hand over your bag and valuables, but require you to rent a locker for €6,50. These are the extra costs for travelling by public transport I guess, which apparently is not promoted...
Sometimes I have posts on my mind for so long that I need to do a search to check I haven't posted it already... Sorry for duplicates if the search failed. (Meta if this is the duplicate)
YouTube thumbnail: How to do "x" YouTube title: Tips to learn doing "x" Actual YouTube video: Subscribe to my course to learn doing "x" Course, presumably: Buy my book
When people say "What is the worst thing that can happen?" to motivate you to do something, it is just an utter failure of the imagination on their part. And shows the cushy life they lived so far.
This is one people here will like I think: find out if you will survive the zombie apocalypse in 28 questions, by Crystal: youtu.be/uvUF6f4gey4?si=GQoNXj…
This is AI in a nutshell. Think about the AI 'artists' who can't even fix their AI creations. Or the AI 'writers' who wouldn't know how to make prose interesting or even grammatically coherent.
In the Netherlands there's one point where two highways cross with traffic lights. To solve this, they are "pushing a tunnel for the A59 underneath the A27", within 100 hours.
I mean, what?
Apparently they dig a gap in one highway, drive the concrete tunnel in that gap, and restore the highway over that new tunnel...
All these steps happen in one weekend, this weekend. This is a time lapse of the tunnel being driven into that gap, which has just finished. It's quite amazing.
Dit weekend kom je op de #A27 in beide richtingen afsluitingen tegen bij knp. Hooipolder. We voeren namelijk werkzaamheden uit, waarbij we in 100 uur een onderdoorgang in de A27 schuiven. Benieuwd hoe dat eruitziet? Volg het via een livestream en liveblog: a27houtenhooipolder.nl/project…
I've disabled the Activitypub feature of my WordPress while I investigate the regular server overloads over the past few days. I'm not really suspecting these plugins to be the problem, but the only increased traffic I can see is of Activitypub. Even though that is still only a few requests per minute, a pittance in normal server terms, it may be too much for a simple WordPress on the smallest shared hosting.
These Activitypub requests are always coming from the same Mastodon server, and don't seem to relate to normal interactions with my posts. So blocking that server on the firewall is another thing I can try.
There are of course a lot of requests from search index and ai bots, and blocking these is also a next step, but that doesn't seem increased lately.
Cleared cache and reconfigured the caching, also blocked some crawler IPs that did more storming than crawling. With that, even after reenabling the Activitypub features, it hasn't had a new outage.
Gidi Kroon
in reply to Gidi Kroon • •Glow Eindhoven 2025
Canon R10, RF-S 10-18 and RF 24 F1.8.
#Photography #Glow2025 #GlowEindhoven
like this
Andrew "Ace" Arsenault and Wilfried Strang like this.