- Aug 2020
-
docs.gitlab.com docs.gitlab.com
-
When you encounter new information not available in GitLab’s documentation (for example, when working on a support case or testing a feature), your first step should be to create a merge request (MR) to add this information to the docs. You can then share the MR in order to communicate this information.
-
-
github.com github.com
-
I really can't see how we can trust browsers accept headers. :'( More about the situation than about your statement.
-
-
github.com github.com
-
I will have to look at code to be sure but the rule that */* trumps all is applied only when the request is not an ajax request. So if you are making ajax request then you should be good.
-
I could add .json on the end, but that would mean hacking away at angularjs, which is doing the right thing. I would rather find a good solution and hack away at rails, which is doing the wrong thing :)
-
In that case I would suggest to use .xml or .json format to eliminate accept header parsing issue.
Avoid using a perfectly good feature (accept header negotiation) just because browsers screwed things up?
-
Safari sends following order application/xml (q is 1) application/xhtml+xml (q is 1) image/png (q is 1) text/html (q is 0.9) text/plain (q is 0.8) \*/\* (q is 0.5) So you visit www.myappp.com in safari and if the app supports .xml then Rails should render .xml file. This is not what user wants to see. User wants to see .html page not .xml page.
-
-
www.nber.org www.nber.org
-
Fujita, Shigeru, Giuseppe Moscarini, and Fabien Postel-Vinay. ‘Measuring Employer-to-Employer Reallocation’. Working Paper. Working Paper Series. National Bureau of Economic Research, July 2020. https://doi.org/10.3386/w27525.
-
-
en.wikipedia.org en.wikipedia.org
-
Historically, it was defined as one minute (1/60 of a degree) of latitude along any line of longitude. Today the international nautical mile is defined as exactly 1852 metres (about 1.15 miles).
-
-
www.nber.org www.nber.org
-
Correa, R., Du, W., & Liao, G. Y. (2020). U.S. Banks and Global Liquidity (Working Paper No. 27491; Working Paper Series). National Bureau of Economic Research. https://doi.org/10.3386/w27491
-
-
www.matthewbarby.com www.matthewbarby.com
-
having a completely distributed team can make it very difficult for team members to get to know each other on a personal level
There is lots that gets missed from the chance encounters of in-person interactions.
I've found this to be a challenge when onboarding at a new company.
Many of the ways we happen to meet people in a normal office environment can go away, the chance encounters need to become intentional ones.
It can feel awkward reaching out to someone over slack to ask for something if you have never had any kind of casual conversation or interaction with them before.
-
-
hyperlink.academy hyperlink.academy
-
Course as community onboarding
I like this idea - as when joining a community figuring out the 'rules of engagement' can be hard, and also
- who to go for what
- what do I need to know to start
- how does this community work
For team on-boarding, project on-boarding, etc - it can also guide people towards other courses / resources that may be more ongoing or of other types
-
-
-
As a result, I end up quoting multiple people, sometimes quoting several people back-to-back, before even writing my reply. In those instances it feels like I'm not properly citing those individuals. I feel like it might seem I'm not providing new readers appropriate context for a given quote. It might also be implied that separate quotes are from the same person, leading to mis-attribution.
-
-
gitlab.com gitlab.com
-
As a later iteration, it might be cool to see a link between the quoted content and my comment
-
-
unix.meta.stackexchange.com unix.meta.stackexchange.com
-
I went against the grain, applying other tools that people have written over the years to directly perform the job at hand which do not involve entering a program for awk or a shell to run, with answers like https://unix.stackexchange.com/a/574309/5132 and https://unix.stackexchange.com/a/578242/5132 . Others have done similar. https://unix.stackexchange.com/a/584274/5132 and https://unix.stackexchange.com/a/569600/5132 are (for examples) answers that show alternative tools to answers employing shell script and (yet again) awk programs, namely John A. Kunze's jot and rs (reshape), which have been around since 4.2BSD for goodness' sake!
-
"When an OP rejects your edit, please do not edit it back in!" Correspondingly, when a user repeatedly does try to edit, understand that something in your framing isn't working right, and you should reconsider it.
-
-
en.wikipedia.org en.wikipedia.org
-
It reused many ideas and classes from Doug Lea's Collections package, which was deprecated as a result.
-
-
blog.pragmaticengineer.com blog.pragmaticengineer.com
-
GTD strategies
Author refers to the [Getting Things Done book](https://www.goodreads.com/book/show/1633.Getting_Things_Done) by David Allen.
Also recommend complementing above with J. Knapp's excellent Make Time book
-
- Jul 2020
-
-
In our series, learning linked data, we've covered several topics related to querying linked data using several SPARQL features and techniques, producing linked data using RDFa and working with JSON-LD.
I don't see a link to the other articles in this series...
-
-
stackoverflow.com stackoverflow.com
-
Note that the point of JSON-LD is that it's just JSON, in this case using the schema.org context to interpret the values.
-
-
www.w3.org www.w3.org
-
Even as machine-readable data begins to permeate the web, it is typically distributed in a separate file, with a separate format, and very limited correspondence between the human and machine versions.
-
-
github.com github.com
-
But I'll definitely take underscore mixins over extending String.prototype or other clunky implementations any day.
-
-
lwn.net lwn.net
-
"that text has been removed from the official version on the Apache site." This itself is also not good. If you post "official" records but then quietly edit them over time, I have no choice but to assume bad faith in all the records I'm shown by you. Why should I believe anything Apache board members claim was "minuted" but which in fact it turns out they might have just edited into their records days, weeks or years later? One of the things I particularly watch for in modern news media (where no physical artefact captures whatever "mistakes" are published as once happened with newspapers) is whether when they inevitably correct a mistake they _acknowledge_ that or they instead just silently change things.
-
-
www.theregister.com www.theregister.com
-
"AOO is not, and isn't designed to be, the 'super coolest open source office suite with all the latest bells and whistles,'" Jagielski continued. "Our research shows that a 'basic,' functional office suite, which is streamlined with a 'simple' and uncluttered, uncomplicated UI, serves an incredible under-represented community.
-
-
-
The second situation occurs when a person says unpleasant things about another when he or she ought to have known they are false. A reasonable person generally refrains from sharing negative information about others if he or she has reason to doubt its veracity.
-
-
injury.findlaw.com injury.findlaw.com
-
Lastly, in order for a statement to be defamatory, it must be unprivileged. You cannot sue for defamation in certain instances when a statement is considered privileged. For example, when a witness testifies at trial and makes a statement that is both false and injurious, the witness will be immune to a lawsuit for defamation because the act of testifying at trial is privileged.
-
-
ecampusontario.pressbooks.pub ecampusontario.pressbooks.pub
-
Classes (synchronous sessions)
Read this during the day tomorrow
-
-
www.graphitedocs.com www.graphitedocs.comGraphite1
-
amp.dev amp.dev
-
The content should always be the same. For news articles, specify the “NewsArticle” type. The headline should match your article’s title. The image object refers to the hero image of the article.
-
If you can, use AMP like any other JavaScript library to build your site and forget about the canonical linking. Using AMP to build a whole website dramatically reduces your maintenance burden.
-
-
marketplace.digitalocean.com marketplace.digitalocean.com
-
real-time and paragraph-locking co-editing modes
-
-
www.iubenda.com www.iubenda.com
-
Under the GDPR, users have the right to object to certain processing activities in relation to their personal data carried out by the Controller. In a nutshell, the user can object to the processing of their data whenever the processing is based on the controller’s legitimate interest, or the performance of a task in the public interest/exercise of official authority, or for purposes of scientific/historical research and statistics. The user has to state a motivation for their objection, unless the processing is carried out for direct marketing purposes, in which case no motivation is needed to exercise this right.
-
-
github.com github.com
-
edpb.europa.eu edpb.europa.eu
-
Other examples of detriment are deception, intimidation, coercion or significant negativeconsequences if a data subject does not consent. The controller should be able to prove that the datasubject had a free or genuine choice about whether to consent and that it was possible to withdrawconsent without detriment.
-
Article 7(3) of the GDPR prescribes that the controller must ensure that consent can be withdrawn bythe data subject as easy as giving consent and at any given time. The GDPR does not say that givingand withdrawing consent must always be done through the same action.
-
consent is obtained through use of a service-specific user interface (for example, via a website, an app,a log-on account, the interface of an IoT device or by e-mail), there is no doubt a data subject must beable to withdraw consent via the same electronic interface, as switching to another interface for thesole reason of withdrawing consentwould require undue effort.
-
The controller informs customers that they havethe possibility to withdraw consent. To do this, they could contact a call centre on business daysbetween 8am and 5pm, free of charge. The controller in this example doesnotcomply with article 7(3)of the GDPR. Withdrawing consent in this case requires a telephone call during business hours, this ismore burdensome than the one mouse-click needed for giving consent through the online ticketvendor, which is open 24/7.
-
Controllers have an obligation to delete data that was processed on the basis of consent once thatconsent is withdrawn,assuming that there is no other purpose justifying the continued retention.56Besides this situation, covered in Article 17 (1)(b), an individual data subject may request erasure ofother data concerning him that is processed on another lawful basis, e.g.on the basis of Article6(1)(b).57Controllers are obliged to assess whether continued processing of the data in question isappropriate, even in the absence of an erasure request by the data subject.
-
For example, as the GDPR requires that a controller must be able to demonstrate that valid consentwas obtained, all presumed consents of which no references are kept willautomatically be below theconsent standard of the GDPR and will need to be renewed. Likewise as the GDPR requires a“statement or a clear affirmative action”, all presumed consents that were based on a more impliedform of action by the data subject (e.g.a pre-ticked opt-in box) will also not be apt to the GDPRstandard of consent.
-
Also,mechanisms for data subjects to withdraw their consent easily must be available and informationabout how to withdraw consent must be provided.
-
If a controller receives a withdrawal request, itmust in principle delete the personal data straight away if it wishes to continue to use the data for thepurposes of the research.
Tags
- consent
- proportionality
- consent: right to withdraw
- implied consent
- detriment/disadvantage
- consent: obtaining renewed consent
- easy to use
- consent: must be as easy to withdraw/reject as it is to give/accept
- right to be forgotten
- GDPR
- consent: updating consent due to adding something new that needs consent
Annotators
URL
-
-
www.iubenda.com www.iubenda.com
-
have EU based users (i.e any website running cookies that isn’t actively blocking EU based users);
-
-
www.iubenda.com www.iubenda.com
-
The cookie banner will be displayed any time a user visits your site for the first time or when you have decided to add a new vendor to your list of vendors (since it’s a new disclosure and potentially a consent request for that vendor may be required).
-
-
amp.dev amp.dev
-
If you have worked with emails before, the idea of placing a script into an email may set off alarm bells in your head! Rest assured, email providers who support AMP emails enforce fierce security checks that only allow vetted AMP scripts to run in their clients. This enables dynamic and interactive features to run directly in the recipients mailboxes with no security vulnerabilities! Read more about the required markup for AMP Emails here.
-
⚡4email
-
-
www.ghacks.net www.ghacks.net
-
Not only do changes need to be tested against Ice Cream Sandwich's codebase, it is also often necessary to use workarounds due to API restrictions.
-
-
amp.dev amp.dev
-
Beyond that, the core AMP library and built-in elements should aim for very wide browser support and we accept fixes for all browsers with market share greater than 1 percent.
-
-
www.reddit.com www.reddit.com
-
Thank you. I appreciate your reply after all this time.
-
-
bugs.ruby-lang.org bugs.ruby-lang.org
-
These seem to be better reasons to support sub-nanosecond resolution. I think either storing picoseconds or storing sec fraction as 64-bit integer are better approaches than storing a rational. However, either change would be very invasive, and it seems unlikely to be worth the effort.
-
So, which is better? t.inspect # => "2007-11-01 15:25:00 8483885939586761/68719476736000000 UTC" t.inspect # => "2007-11-01 15:25:00.123456789000000004307366907596588134765625 UTC"
-
-
onlinelibrary.wiley.com onlinelibrary.wiley.com
-
O’Connor, D. B., Aggleton, J. P., Chakrabarti, B., Cooper, C. L., Creswell, C., Dunsmuir, S., Fiske, S. T., Gathercole, S., Gough, B., Ireland, J. L., Jones, M. V., Jowett, A., Kagan, C., Karanika‐Murray, M., Kaye, L. K., Kumari, V., Lewandowsky, S., Lightman, S., Malpass, D., … Armitage, C. J. (n.d.). Research priorities for the COVID-19 pandemic and beyond: A call to action for psychological science. British Journal of Psychology, n/a(n/a), e12468. https://doi.org/10.1111/bjop.12468
-
-
bugs.ruby-lang.org bugs.ruby-lang.org
-
Just to provide some context on the extent of the issue. Running the spec suite for Discourse results in 2,698,774 rows being printed to STDERR.
-
-
code-examples.net code-examples.net
-
JSON parsing is always pain in ass. If the input is not as expected it throws an error and crashes what you are doing. You can use the following tiny function to safely parse your input. It always turns an object even if the input is not valid or is already an object which is better for most cases.
It would be nicer if the parse method provided an option to do it safely and always fall back to returning an object instead of raising exception if it couldn't parse the input.
-
-
-
Gleeson, J. P., Onaga, T., Fennell, P., Cotter, J., Burke, R., & O’Sullivan, D. J. P. (2020). Branching process descriptions of information cascades on Twitter. ArXiv:2007.08916 [Physics]. http://arxiv.org/abs/2007.08916
-
-
osf.io osf.io
-
Wishart, A. E. (2020). Towards equitable evolution & ecology learning online: A perspective from a first-time instructor teaching evolution during COVID-19. https://doi.org/10.31235/osf.io/8srv3
-
-
docs.gitlab.com docs.gitlab.com
-
We also use a home-made RspecFlaky::Listener listener which records flaky examples in a JSON report file on master (retrieve-tests-metadata and update-tests-metadata jobs).
-
-
www.kqed.org www.kqed.org
-
that interest can help us think more clearly, understand more deeply, and remember more accurately
Really interesting finding! It makes sense from personal experience
-
-
turbotax.intuit.com turbotax.intuit.com
-
I've used TurboTax for the previous 8 years. Loved it. Sadly, that's changed. Rather than simply allowing you to choose TurboTax's products you're pushed into choosing an increasingly more and more costly set of services and are no point allowed an opportunity to choose which services you actually need. I may actually need the services that TurboTax provided, however, because of the manner that I was pressured into their services and the lack of clear options and explanations I feel like I was taken advantage of. That feeling is what I will remember from using TurboTax this year. It is a feeling I will not experience again.
-
-
-
In the Set class we already called this - and difference, which it is ok but not really accurate because of the previous explanation, but probably not worthwhile to change it.
Is this saying that the name difference is inaccurate?
Why is it inaccurate? You even called it the "theoretic difference" above.
Is that because "relative complement" would be better? Or because the full phrase "theoretic difference" [https://en.wiktionary.org/wiki/set-theoretic_difference] is required in order for it to be accurate rather than just "difference"?
-
-
bugs.ruby-lang.org bugs.ruby-lang.org
-
I have pixelized the faces of the recognizable people wearing a red cord (as they don't want to appear on pictures). I hope is fine.
-
While the modifying version will occasionally be useful, in general, we should gently push people towards using non-modifying code.
-
-
bugs.ruby-lang.org bugs.ruby-lang.org
-
Matz, alas, I cannot offer one. You see, Ruby--coding generally--is just a hobby for me. I spend a fair bit of time answering Ruby questions on SO and would have reached for this method on many occasions had it been available. Perhaps readers with development experience (everybody but me?) could reflect on whether this method would have been useful in projects they've worked on.
-
-
stackoverflow.com stackoverflow.com
-
Creating and calling a default proc is a waste of time, and Cramming everything into one line using tortured constructs doesn't make the code more efficient--it just makes the code harder to understand.
The nature of this "answer" is a comment in response to another answer. But because of the limitations SO puts on comments (very short length, no multi-line code snippets), comment feature could not actually be used, so this user resorted to "abusing" answer feature to post their comment instead.
See
-
-
www.verywellmind.com www.verywellmind.com
-
Can Boost the Effects of Stimulants Clonidine can be prescribed in addition to a stimulant medication, which often enhances the effectiveness of the stimulant.
Will need to read up on that. Is that just for ADHD, or other conditions as well?
-
-
twitter.com twitter.com
-
while Array#+ is left untouched because at some point I’m sure that made sense.
-
-
bugs.ruby-lang.org bugs.ruby-lang.org
-
I imagine it's rb_ary_eql instead of rb_ary_eql_p due to history.
Tags
Annotators
URL
-
-
bugs.ruby-lang.org bugs.ruby-lang.org
-
I agree in general splitting an array, according to some property using the order of the elements (no take_drop_while) or to some other array (this request) is more difficult than it could be.
-
-
github.com github.com
-
Problem is, everyone's busy, so it can be days or even weeks before even a small PR is merged. So I'm stashing my stuff here as I write it. I'll still try to keep the PRs in motion, to gradually get some of this merged.
-
-
-
Kizilcec. F. R., Reich. J., Yeomans. M., Dann, C., Brunskill, E., Lopez. G., Turkay., S., Williams, J. J., Tingley. D., (2020) Scaling up behavioral science interventions in online education. PNAS. Retrieved from https://www.pnas.org/content/117/26/14900.short?rss=1
-
-
-
Davies. S., (2020/06/12). Architects are redesigning cities to help with social distancing. Retrieved from https://www.weforum.org/agenda/2020/06/architects-covid19-urban-infrastructure-cities-social-distancing
-
-
stylo.ecrituresnumeriques.ca stylo.ecrituresnumeriques.ca
-
[vérifier référence]
reste à faire
-
-
psyarxiv.com psyarxiv.com
-
Miller, J. G., Chahal, R., Kirshenbaum, J. S., Ho, T. C., Gifuni, A. J., & Gotlib, I. (2020). Heart Rate Variability Moderates the Link Between COVID-19 Stress and Emotional Problems in Adolescents: Evidence for Differential Susceptibility [Preprint]. PsyArXiv. https://doi.org/10.31234/osf.io/mp7wt
-
-
docdrop.org docdrop.org
-
Made analogy with internal combustion engine, which has 1000s of parts, with the "radical simplicity" approach taken by Tesla: they use an electric motor, which only has 2 components!
comparison: Sapper vs. Gatsby
-
- Jun 2020
-
medium.com medium.com
-
According to our understanding of the inconsistencies, the feature was likely trying to support too many edge cases. All caching strategies have weaknesses and eventually break down if the usage is not properly scoped.
-
-
medium.com medium.com
-
State management is also easier. Instead of importing hooks and using setters, you just define a property within the script tags. You then change the value by re-assigning it (not mutating the original value).
-
But it’s impossible to argue with the value binding. You don’t have to worry about defining the value property and an onChange event for an input box in Svelte, bind:value does it all
-
As an engineer, it’s important to explore different technologies. It’s important to identify the tools available to tackle problems. And it’s important to expand your horizons because then you can look cool on your CV.
-
-
blogs.unicef.org blogs.unicef.org
-
Can we count on parents to help their children learn at home? (2020, May 8). Evidence for Action. https://blogs.unicef.org/evidence-for-action/can-we-count-on-parents-to-help-their-children-learn-at-home/
-
-
twitter.com twitter.com
-
Prof Shamika Ravi on Twitter: “1) ACTIVE cases...shows which countries have 1) Peaked: Germany, S Korea, Japan, Italy, Spain... 2) Plateaued: France 3) Yet to peak: US, UK, Brazil, India...active cases still rising. 4) Second wave: Iran and.... Spain (?) https://t.co/C5c3gAhINc” / Twitter. (n.d.). Twitter. Retrieved June 2, 2020, from https://twitter.com/ShamikaRavi/status/1267664491040440322
-
-
stackoverflow.com stackoverflow.com
-
Wish more questions are asked that way
-
-
twitter.com twitter.com
-
Mason Porter on Twitter: “I am here to help. https://t.co/JBQbTAPTQX” / Twitter. (n.d.). Twitter. Retrieved June 17, 2020, from https://twitter.com/masonporter/status/1273054551583555585
-
-
wordpress.org wordpress.org
-
In addition, if the option, An administrator must always approve the comment, is set in Administration > Settings > Discussion, this e-mail address will receive notification that the comment is being held for moderation. Please note this is different than the address you supplied for the admin user account; the admin account e-mail address is sent an e-mail only when someone submits a comment to a post by admin.
They're trying to make a distinction between "administrator" address and "admin" (short for administrator) account. Hmm. Maybe they should have called them different words. Anyway, this could be made less confusing.
-
-
app.getpocket.com app.getpocket.com
-
Measure your success by engagement not the number of followers.
Vanity Metric
Tags
Annotators
URL
-
-
github.com github.com
-
No need for DatabaseCleaner (rolling back transactions are usually faster than truncate).
-
-
news.ycombinator.com news.ycombinator.com
-
The Paradox of Abundance: The average quality of information is getting worse and worse. But the best stuff is getting better and better. Markets of abundance are simultaneously bad for the median consumer but good for conscious consumers
-
-
edgeguides.rubyonrails.org edgeguides.rubyonrails.org
-
Sometimes, the line between 'bug' and 'feature' is a hard one to draw. Generally, a feature is anything that adds new behavior, while a bug is anything that causes incorrect behavior. Sometimes, the core team will have to make a judgment call.
-
-
github.com github.com
-
“allow/deny are simply clearer terms” — now that’s an actual, technically useful argument.
-
-
stackoverflow.com stackoverflow.com
-
www.nytimes.com www.nytimes.com
-
Zimmer, C. (2020, June 1). How You Should Read Coronavirus Studies, or Any Science Paper. The New York Times. https://www.nytimes.com/article/how-to-read-a-science-study-coronavirus.html
-
-
www.windowscentral.com www.windowscentral.com
-
but it launched with a plethora of issues that resulted in users rejecting it early on. Edge has since struggled to gain traction, thanks to its continued instability and lack of mindshare, from users and web developers.
-
-
forums.phpfreaks.com forums.phpfreaks.com
-
I know you acknowledged your response was late and you're just trying to help but please don't resurrect very old threads.
This is better than creating a duplicate new thread.
There is no better place to respond to an existing topic than in the existing thread for that topic.
-
-
opensource.com opensource.com
-
Using OpenBTS, which we will be including in FreedomBox soon, and with cheap additional hardware, a FreedomBox can talk directly to GSM handsets, to provide alternatives to commercial mobile services.
-
-
www.engadget.com www.engadget.com
-
The app was still stuck in beta testing years after its debut, and the creators had to ignore bug reports and feature requests due to the limited resources.
-
-
signal.org signal.org
-
Some large tech behemoths could hypothetically shoulder the enormous financial burden of handling hundreds of new lawsuits if they suddenly became responsible for the random things their users say, but it would not be possible for a small nonprofit like Signal to continue to operate within the United States. Tech companies and organizations may be forced to relocate, and new startups may choose to begin in other countries instead.
-
Bad people will always be motivated to go the extra mile to do bad things.
-
Meanwhile, criminals would just continue to use widely available (but less convenient) software to jump through hoops and keep having encrypted conversations.
-
As billions of conversations transition online over the coming weeks and months, the widespread adoption of end-to-end encryption has never been more vital to national security and to the privacy of citizens in countries around the world.
-
Proponents of this bill are quick to claim that end-to-end encryption isn’t the target. These arguments are disingenuous both because of the way that the bill is structured and the people who are involved.
-
For a political body that devotes a lot of attention to national security, the implicit threat of revoking Section 230 protection from organizations that implement end-to-end encryption is both troubling and confusing. Signal is recommended by the United States military. It is routinely used by senators and their staff. American allies in the EU Commission are Signal users too. End-to-end encryption is fundamental to the safety, security, and privacy of conversations worldwide.
-
The EARN IT act turns Section 230 protection into a hypocritical bargaining chip. At a high level, what the bill proposes is a system where companies have to earn Section 230 protection by following a set of designed-by-committee “best practices” that are extraordinarily unlikely to allow end-to-end encryption. Anyone who doesn’t comply with these recommendations will lose their Section 230 protection.
Tags
- bad actor
- irony
- taking guns/encryption/etc. away from good people won't stop bad actors from continuing to obtain/use it
- hypocrisy
- security: end-to-end encryption
- timely
- the liability/risk may be too much/great to bear/afford
- outrageous
- liability
- large companies have greater means
- tech companies/organizations
- legislation that undermines encryption
- unfair
- safe harbor protections from liability of user-generated content
- disingenuous
- makes the U.S. an undesirable place to operate a business
- innovation
Annotators
URL
-
-
-
Matrix provides state-of-the-art end-to-end-encryption via the Olm and Megolm cryptographic ratchets. This ensures that only the intended recipients can ever decrypt your messages, while warning if any unexpected devices are added to the conversation.
Tags
Annotators
URL
-
-
-
More than two billion users exchange an unimaginable volume of end-to-end encrypted messages on WhatsApp each day. And unless an endpoint (phone) is compromised, or those chats are backed-up into accessible cloud platforms, neither owner Facebook nor law enforcement has a copy of those encryption keys.
-
users will not want to see data mining expanding across their WhatsApp metadata. But if that’s the price to maintain encryption, one can assume it will be a relatively easy sell for most users.
-
Security agency frustration at the lack of lawful interception for encrypted messaging is understandable, but the problem with global over-the-top platforms is that once those weaknesses are inbuilt, they become potentially available to bad actors as well as good.
-
-
www.forbes.com www.forbes.com
-
They also argue that it cannot fall to them to determine good actors from bad—not all governments are forces for good, and who decides how each one should be treated.
-
“End-to-end encryption,” NSA says, “is encrypted all the way from sender to recipient(s) without being intelligible to servers or other services along the way... Only the originator of the message and the intended recipients should be able to see the unencrypted content. Strong end-to-end encryption is dependent on keys being distributed carefully.” So, no backdoors then.
-
On April 24, the U.S. National Security Agency published an advisory document on the security of popular messaging and video conferencing platforms. The NSA document “provides a snapshot of best practices,” it says, “coordinated with the Department of Homeland Security.” The NSA goes on to say that it “provides simple, actionable, considerations for individual government users—allowing its workforce to operate remotely using personal devices when deemed to be in the best interests of the health and welfare of its workforce and the nation.” Again somewhat awkwardly, the NSA awarded top marks to WhatsApp, Wickr and Signal, the three platforms that are the strongest advocates of end-to-end message encryption. Just to emphasize the point, the first criteria against which NSA marked the various platforms was, you guessed it, end-to-end encryption.
-
And while all major tech platforms deploying end-to-end encryption argue against weakening their security, Facebook has become the champion-in-chief fighting against government moves, supported by Apple and others.
-
While this debate has been raging for a year, the current “EARN-IT’ bill working its way through the U.S. legislative process is the biggest test yet for the survival of end-to-end encryption in its current form. In short, this would enforce best practices on the industry to “prevent, reduce and respond to” illicit material. There is no way they can do that without breaking their own encryption. QED.
Tags
- who decide which actor is good or bad/evil?
- irony
- law enforcement vs. encryption
- security: backdoors
- best practices
- NSA
- security policy
- can't give special exception/backdoor to one government without risking bad actors using it too
- security
- security: end-to-end encryption
Annotators
URL
-
-
www.forbes.com www.forbes.com
-
One thing that would certainly be a game-changer would be some form of standardized RCS end-to-end encryption that allows secure messages to be sent outside Google Messages.
-
You should not use a messaging platform that is not end-to-end encrypted, it really is as simple as that.
-
The answer, of course, is end-to-end encryption. The way this works is to remove any “man-in-the-middle” vulnerabilities by encrypting messages from endpoint to endpoint, with only the sender and recipient holding the decryption key. This level of messaging security was pushed into the mass-market by WhatsApp, and has now become a standard feature of every other decent platform.
-
-
www.forbes.com www.forbes.com
-
Despite its opposition, EARN-IT is the clearest threat yet to end-to-end encryption, given this clever twist in pushing the onus onto the platforms to avoid transmitting illegal content, rather than mandating a lawful interception approach.
-
-
news.sky.com news.sky.com
-
The US president has claimed the social media platform is "interfering in the 2020 presidential election" and "completely stifling FREE SPEECH" after it added a warning to two of his tweets on Tuesday.
-
-
-
OK, so what about regular messages? Turns out they are not encrypted after all. Where Signal implements the security and privacy protocols right from the start, Telegram separates the two and offers an additional option. The problem is that not everyone is aware of the Secret Chat option and first-time users may send sensitive information in the regular chat window unknowingly.
-
-
securitytoday.com securitytoday.com
-
“We have a responsibility to protect your data,” said Zuckerburg, in March. “And if we can’t, then we don’t deserve to serve you.”
-
-
www.bloomberg.com www.bloomberg.com
-
“End-to-end encryption” sounds nice — but if anyone can get into your phone’s operating system, they will be able to read your messages without having to decrypt them.
-
-
www.quora.com www.quora.com
-
Just like Blackberry, WhatsApp has claimed that they are end to end encrypted but in fact that is not trueWhatsApp (and Blackberry) decrypt all your texts on their servers and they can read everything you say to anyone and everyoneThey (and Blackberry) then re-encrypt your messages, to send them to the recipient, so that your messages look like they were encrypted the entire time, when in fact they were not
-
The only messaging app that has been proven, by an independent authoritative agency, is Apple’s Messages app (which uses Apple’s iMessage protocol that is truly end to end encrypted, Apple cannot read any of your texts which means that no one can read any of your texts)
-
-
www.thelancet.com www.thelancet.com
-
Department of Error. (2020). The Lancet, 0(0). https://doi.org/10.1016/S0140-6736(20)31249-6
-
-
www.humblebundle.com www.humblebundle.com
-
content Gray Hat Python
PAY $1 OR MORE TO ALSO UNLOCK!
Teach Your Kids to Code: A Parent-Friendly Guide to Python Programming MSRP: $23.95 Already had
Invent Your Own Computer Games with Python, 4th Edition MSRP: $23.95 Already had
Black Hat Python: Python Programming for Hackers and Pentesters MSRP: $27.95 https://www.amazon.com/Black-Hat-Python-Programming-Pentesters-ebook/dp/B00QL616DW/
Gray Hat Python: Python Programming for Hackers and Reverse Engineers MSRP: $31.95 https://www.amazon.com/Gray-Hat-Python-Programming-Engineers-ebook/dp/B007V2DNEK/
PAY $8 OR MORE TO ALSO UNLOCK!
Mission Python: Code a Space Adventure Game! MSRP: $23.95
Python for Kids: A Playful Introduction to Programming MSRP: $27.95
Cracking Codes with Python: An Introduction to Building and Breaking Ciphers MSRP: $23.95
Python Playground: Geeky Projects for the Curious Programmer MSRP: $23.95
Math Adventures with Python: An Illustrated Guide to Exploring Math with Code MSRP: $23.95
PAY $15 OR MORE TO ALSO UNLOCK!
Python Crash Course, 2nd Edition: A Hands-On, Project-Based Introduction to Programming MSRP: $31.95
Automate the Boring Stuff with Python, 2nd Edition: Practical Programming for Total Beginners MSRP: $31.95
Python Flash Cards PDF ONLY MSRP: $27.95
Serious Python: Black-Belt Advice on Deployment, Scalability, Testing, and More MSRP: $27.95
Impractical Python Projects: Playful Programming Activities to Make You Smarter
-
- May 2020
-
psyarxiv.com psyarxiv.com
-
Blanchard, M. A., & Heeren, A. (2020). Why We Should Move from Reductionism and Embrace a Network Approach to Parental Burnout? [Preprint]. PsyArXiv. https://doi.org/10.31234/osf.io/y34cq
-
-
github.com github.com
-
Deepset-ai/haystack. (2020). [Python]. deepset. https://github.com/deepset-ai/haystack (Original work published 2019)
-
-
www.theguardian.com www.theguardian.com
-
Boseley, S. (2020, May 12). Millions with health conditions at risk from Covid-19 “if forced back to work.” The Guardian. https://www.theguardian.com/world/2020/may/12/millions-with-health-conditions-at-risk-from-covid-19-if-forced-back-to-work
-
-
docs.gitlab.com docs.gitlab.com
-
Not merge the values of the keys.
This is one of the biggest limatations of
<<: *anchor
: it overwrites values of keys. It's too heavy-handed and therefore of limited use. You can only use it if you don't mind keys getting overwritten (such as if you are going to overwrite the keys below the<<:
.). -
GitLab will perform a reverse deep merge based on the keys
-
It’s an alternative to using YAML anchors and is a little more flexible and readable
-
-
en.wikipedia.org en.wikipedia.org
-
Because the conditional connectives thus complicate the formal reasoning about programs, they are better avoided.
-
-
kellysutton.com kellysutton.com
-
there’s 3 steps to building software: Make it work Make it right Make it fast
-
“Make it right” means that the code is maintainable and easy to change. Humans can read it, not just computers. New engineers can easily add functionality to the code. When there’s a defect, it is easy to isolate and correct.
-
-
unhosted.org unhosted.org
-
-
docs.gitlab.com docs.gitlab.com
-
In the examples below, we are using Docker images tags to specify a specific version, such as docker:19.03.8. If tags like docker:stable are used, you have no control over what version is going to be used and this can lead to unpredictable behavior, especially when new versions are released.
-
-
www.digital-democracy.org www.digital-democracy.org
-
www.darpa.mil www.darpa.mil
-
Moreover, common search practices miss information in the deep web—the parts of the web not indexed by standard commercial search engines
-
-
www.themarginalian.org www.themarginalian.org
-
To understand and be understood, those are among life’s greatest gifts, and every interaction is an opportunity to exchange them.
-
-
intercom.help intercom.help
-
Sometimes plugins can conflict with a theme or with each other. Disable all your plugins and see if the problem persists. If everything is working once the plugins were disabled it means there's a conflict with a plugin or maybe even a set of plugins. Enable the plugins one by one to identify the one that is creating the conflict.
-
-
www.hostgator.com www.hostgator.com
-
Right click on the /wp-content/plugins folder and rename it plugins.old. This will deactivate all of the plugins. In most cases, this will also lock the WordPress admin area as well. You will still be able to perform these steps from within the File Manager.Reactivate the plugins folder by following the above instructions and renaming the folder plugins. This will allow you to reactivate each plugin individually to isolate the offending plugin and resolve the 500 Internal Server Error. This should also allow access to the WordPress Dashboard again. From the WordPress Dashboard: Reactivate each plugin (one at a time) and refresh the website to see if the issue has been resolved.
-
-
-
“Extraordinary Commonplaces,” Robert Darnton
-
-
wordpress.org wordpress.org
-
Now personal data exports include users session information and users location data from the community events widget. Plus, a table of contents!See progress as you process export and erasure requests through the privacy tools.
-
-
medium.com medium.com
-
Given the massive amount of stars it had acquired on Github and the fairly quick and easy setup, it seemed very promising. When it comes down to its isomorphic functionality, it’s hard to match. But when it we started using the static export features, we were dropped on our faces with a very ungraceful transition from isomorphic to static that came with a cold side of faulty hot-reloading, strange routing strategies and highly bloated bundles:
-
-
www.analyticsmania.com www.analyticsmania.com
-
To be fully compliant with GDPR, you would also need to enable Show Reject All Button setting.
-
-
www.theguardian.com www.theguardian.com
-
Savage, M. (2020, May 10). A return to work is on the cards. What are the fears and legal pitfalls? The Guardian | The Observer. https://www.theguardian.com/world/2020/may/09/coronavirus-return-to-work-employment-law-logistical-nightmare
-
-
www.cdc.gov www.cdc.gov
-
Ghinai, I., Woods, S., Ritger, K. A., McPherson, T. D., Black, S. R., Sparrow, L., Fricchione, M. J., Kerins, J. L., Pacilli, M., Ruestow, P. S., Arwady, M. A., Beavers, S. F., Payne, D. C., Kirking, H. L., & Layden, J. E. (2020). Community Transmission of SARS-CoV-2 at Two Family Gatherings—Chicago, Illinois, February–March 2020. MMWR. Morbidity and Mortality Weekly Report, 69(15), 446–450. https://doi.org/10.15585/mmwr.mm6915e1
-
-
www.thelancet.com www.thelancet.com
-
Ghinai, I., McPherson, T. D., Hunter, J. C., Kirking, H. L., Christiansen, D., Joshi, K., Rubin, R., Morales-Estrada, S., Black, S. R., Pacilli, M., Fricchione, M. J., Chugh, R. K., Walblay, K. A., Ahmed, N. S., Stoecker, W. C., Hasan, N. F., Burdsall, D. P., Reese, H. E., Wallace, M., … Uyeki, T. M. (2020). First known person-to-person transmission of severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2) in the USA. The Lancet, 395(10230), 1137–1144. https://doi.org/10.1016/S0140-6736(20)30607-3
-
-
agilevelocity.com agilevelocity.com
-
managing yourself and others.
Authors promote two ideologies.
- Managing Self: The Five Eds (well, first Three) from Agile Leadership by B. Joiner
- Managing Others: at its base is Dave Pink's Drive model: Autonomy, Mastery and Purpose. Authors then go to explain some ways of achieving each of previous.
-
-
ico.org.uk ico.org.ukHome1
-
www.health.govt.nz www.health.govt.nz
-
PDF - Ministry of Health, New Zealand - Approach for testing
-
-
support.gitlab.com support.gitlab.com
-
Requested Dormant Username Enter the username you would like to request, without the preceding URL (e.g., "User" instead of "gitlab.com/User")
Problem Type: Dormant Username Requests
-
-
about.gitlab.com about.gitlab.com
-
The GitLab.com support team does offer support for: Account specific issues (unable to log in, GDPR, etc.) Broken features/states for specific users or repositories Issues with GitLab.com availability
-
Technical and general support for those using our free options is “Community First”. Like many other free SaaS products, users are first directed to find support in community sources such as the following:
-
Out of Scope The following details what is outside of the scope of support for self-managed instances with a license.
-
-
-
For general questions, use cases, or anything else that does not fit into one of the above cases, please post in the GitLab Forum or on a third-party help site.
-
If you're in a paid tier on GitLab.com or GitLab Self-managed, you're entitled to Support. Please open a support ticket after reviewing our Statement of Support
-
If you're a free user on GitLab.com and are having one of the following specific issues please file a support ticket after reviewing the Free Plan Users Section in our Statement of Support
-
-
about.gitlab.com about.gitlab.com
-
Account Support If you haven't received your confirmation email, you can request to resend your confirmation instructions via our confirmation page.
This Account Support section only includes one possible problem related to account support
If you haven't received your confirmation email, you can request to resend your confirmation instructions via our confirmation page.
What about if you have any other issue with your account? How would you get support then? This would be a good opportunity/place to describe what to do in that case.
Presumably the answer is to submit support requests at <del>https://gitlab.com/gitlab-com/support-forum</del> (to be shut down) or in the community forums.
-
-
gitlab.com gitlab.com
-
We're closing the Support Forum issue tracker in favor of the Community Forum and support channels. We recognize that the Support Forum issue tracker has not received much attention in the last few months, and want to redirect our community members to locations that are regularly monitored by GitLab staff. As a result, this issue will be moved to the GitLab product issue tracker and triaged there.
-
-
gitlab.com gitlab.com
-
What I think we're lacking is proper tooling, or at least the knowledge of it. I don't know what most people use to write Git commits, but concepts like interactive staging, rebasing, squashing, and fixup commits are very daunting with Git on the CLI, unless you know really well what you're doing. We should do a better job at learning people how to use tools like Git Tower (to give just one example) to rewrite Git history, and to produce nice Git commits.
-
These two are in my opinion the most problematic — the basically go against each other. Typically, I try to work in increments over a feature and commit when I reach whatever techinical milestone I want to "checkpoint" at. It can also be out of the need to expose some idea or architecture and push it.
-
If we can encourage people to create clean commits as they go, the example as you showed above should be far less common, because cleaning up such history as an after-math is most of the time almost impossible.
-
I think this goes against the Keep It Simple mentality and the Low Level Of Shame that we should have when we contribute.
Tags
- commits: when/how often to commit
- barrier to entry
- iterative process
- do it right/well the first time because it may be too hard to clean up/fix later if you don't
- contributing: low barrier to entry
- good commits
- using the right tool for the job
- easy to use
- low level of shame
- keep things simple
- git: rewriting history
- friendly and approachable learning resources
- balance
- commits
- need better tools/tooling
- git rebase
Annotators
URL
-
-
www.civicuk.com www.civicuk.com
-
With a recognisable, ever present icon, user's can easily manage their consent at any time.
-
-
eugdprcompliant.com eugdprcompliant.com
-
Many also question how the average user with little knowledge of the GDPR will react to being asked so many questions regarding consent. Will they be confused? Probably at first. It will be up to each business to create a consent form that is easy to understand, while being at the same time comprehensive and informative
-
-
www.merriam-webster.com www.merriam-webster.com
-
to remove the force or effectiveness of
-
-
dash.harvard.edu dash.harvard.edu
-
Larremore, Daniel B., Kate M. Bubar, and Yonatan H. Grad. Implications of test characteristics and population seroprevalence on ‘immune passport’ strategies (May 2020).https://dash.harvard.edu/handle/1/42664007
-
-
onlinelibrary.wiley.com onlinelibrary.wiley.com
-
Zahnd, W. E. (2020). The COVID‐19 Pandemic Illuminates Persistent and Emerging Disparities among Rural Black Populations. The Journal of Rural Health, jrh.12460. https://doi.org/10.1111/jrh.12460
Tags
- USA
- social determinants of health
- access to care
- internet
- racial disparity
- inadequately prepared
- COVID-19
- health equity
- testing
- death rate
- is:article
- hospital
- telehealth
- healthcare
- demographics
- rural health
- infection rate
- screening
- lang:en
- black people
- inequality
- outbreak
- African American
Annotators
URL
-
-
stackoverflow.com stackoverflow.com
-
If you update your pages and push to github, people revisiting the pages who have already got cached copies will not get the new pages without actually cleaning their browser cache. How can a script running in a page determine that it is stale and force an update?
-
-
stackoverflow.com stackoverflow.com
-
for me it was because the browser use cached data(old styles) so i opend other brwser
-
-
www.chromestatus.com www.chromestatus.com
-
AppCache was standardized in the Offline Web applications section of the HTML specification. The standard is formally referred to as application caches. New Web applications should be built around Service Workers. Existing applications that use AppCache should migrate to Service Workers. AppCache access was removed from insecure origins in M70. This intent addresses AppCache usage in secure origins.
First and foremost, AppCache is a deprecated standard with serious architectural concerns. Second, Chrome's AppCache implementation is a security and stability liability. AppCache is documented as deprecated and under removal in MDN and in the WHATWG standard, and marked as obsolete in W3C’s HTML 5.1. It is incompatible with CORS, making it unfriendly for usage with CDNs. Overall, AppCache was changed in over 400 Chromium CLs in 2018-2019. It has imposed a tax on all of Chrome’s significant architectural efforts: Mojofication, Onion Souping, and the Network Service. The security benefits of the removal are covered under Security Risks.
-
-
www.w3.org www.w3.org
-
The "'strict-dynamic'" source expression aims to make Content Security Policy simpler to deploy for existing applications who have a high degree of confidence in the scripts they load directly, but low confidence in their ability to provide a reasonable list of resources to load up front.
-
-
developers.google.com developers.google.com
-
Although it can minimize the overhead of third-party tags, it also makes it trivial for anyone with credentials to add costly tags.
-
A "tag" is a snippet of code that allows digital marketing teams to collect data, set cookies or integrate third-party content like social media widgets into a site.
This is a bad re-purposing of the word "tag", which already has specific meanings in computing.
Why do we need a new word for this? Why not just call it a "script" or "code snippet"?
-
-
spreadprivacy.com spreadprivacy.com
-
Eric Schmidt, former Google CEO and Chairman, famously said “Google’s policy on a lot of these things is to get right up to the creepy line, but not cross it.” But for most people, that line was crossed by Google, Facebook, and others long ago.
-
-
weather.com weather.com
-
These options have almost deceptively similar wordings, with only subtle difference that is too hard to spot at a glance (takes detailed comparison, which is fatiguing for a user):
- can use your browser’s information for providing advertising services for this website and for their own purposes.
- cannot use your browser’s information for purposes other than providing advertising services for this website.
If you rewrite them to use consistent, easy-to-compare wording, then you can see the difference a little easier:
- can use your browser’s information for providing advertising services for this website and for their own purposes.
- can use your browser’s information for providing advertising services for this website <del>and for their own purposes</del>.
Standard Advertising Settings
This means our ad partners can use your browser’s information for providing advertising services for this website and for their own purposes.
Do Not Share My Information other than for ads on this website
This means that our ad partners cannot use your browser’s information for purposes other than providing advertising services for this website.
-
-
www.iubenda.com www.iubenda.com
-
This depends on the legal jurisdiction applicable to your site.
-
-
www.iubenda.com www.iubenda.com
-
Consent means offering individuals real choice and control. Genuine consent should put individuals in charge, build trust and engagement, and enhance your reputation.
-
-
notes.andymatuschak.org notes.andymatuschak.org
-
Instead of having a task like “write an outline of the first chapter,” you have a task like “find notes which seem relevant.” Each step feels doable. This is an executable strategy (see Executable strategy).
Whereas Dr. Sönke Ahrens in How to Make Smart Notes seemed to be saying that the writing of a permanent note (~evergreen note) is a unit of knowledge work with predictable effort & time investment (as well as searching for relevant notes), Andy emphasizes only the note searching activity in this context.
-
-
en.wikipedia.org en.wikipedia.org
-
However, since problems are only addressed when they arise, maintenance is reactive rather than proactive. Small problems left unaddressed can balloon into major failures due to focus on cost.
-
-
bostonreview.net bostonreview.net
-
An aside: witness the superiority of digital annotation (@Hypothes_is style) to Twitter threads.
-
-
martinfowler.com martinfowler.com
-
What a lot of people don't realize is that a source control system is a communication tool. It allows Scarlett to see what other people on the team are doing. With frequent integrations, not just is she alerted right away when there are conflicts, she's also more aware of what everyone is up to, and how the codebase is evolving. We're less like individuals hacking away independently and more like a team working together.
Source code management as a communication tool.
-
-
www.fastcompany.com www.fastcompany.com
-
Google encouraging site admins to put reCaptcha all over their sites, and then sharing the resulting risk scores with those admins is great for security, Perona thinks, because he says it “gives site owners more control and visibility over what’s going on” with potential scammer and bot attacks, and the system will give admins more accurate scores than if reCaptcha is only using data from a single webpage to analyze user behavior. But there’s the trade-off. “It makes sense and makes it more user-friendly, but it also gives Google more data,”
-
For instance, Google’s reCaptcha cookie follows the same logic of the Facebook “like” button when it’s embedded in other websites—it gives that site some social media functionality, but it also lets Facebook know that you’re there.
-
-
www.simplechurchathome.com www.simplechurchathome.com
-
examples, listing both the conventional systems and their counterpart systems: Conventional schooling Home schooling Encyclopedia Britannica Wikipedia Microsoft Office Open Office Taxicabs Uber Hotel chains Airbnb Big-box stores Ebay National currency Cryptocurrency
-
-
www.iubenda.com www.iubenda.com
-
Explicit Form (where the purpose of the sign-up mechanism is unequivocal). So for example, in a scenario where your site has a pop-up window that invites users to sign up to your newsletter using a clear phrase such as: “Subscribe to our newsletter for access to discount vouchers and product updates!“, the affirmative action that the user performs by typing in their email address would be considered valid consent.
Answers the question I had above: https://hyp.is/tpgdQo_4EeqPcm-PI0G2jA/www.iubenda.com/en/help/5640-email-newsletter-compliance-guide
-
-
-
they sought to eliminate data controllers and processors acting without appropriate permission, leaving citizens with no control as their personal data was transferred to third parties and beyond
-
-
gdpr-info.eu gdpr-info.eu
-
the compelling legitimate interests pursued
Tags
Annotators
URL
-
-
en.wikipedia.org en.wikipedia.org
-
While there are no legal precedents to spell out specifically what the actual terms mean, it can be interpreted from the testimony of people like Professor Mark Lemley from Stanford University, in front of the United States Senate Committee on the Judiciary that the individual terms are defined as follows
-
-
kantarainitiative.org kantarainitiative.org
-
“Until CR 1.0 there was no effective privacy standard or requirement for recording consent in a common format and providing people with a receipt they can reuse for data rights. Individuals could not track their consents or monitor how their information was processed or know who to hold accountable in the event of a breach of their privacy,” said Colin Wallis, executive director, Kantara Initiative. “CR 1.0 changes the game. A consent receipt promises to put the power back into the hands of the individual and, together with its supporting API — the consent receipt generator — is an innovative mechanism for businesses to comply with upcoming GDPR requirements. For the first time individuals and organizations will be able to maintain and manage permissions for personal data.”
-
Its purpose is to decrease the reliance on privacy policies and enhance the ability for people to share and control personal information.
-
-
-
make it as easy to withdraw consent as to give it. The latter gets particularly interesting when considering that in some contexts, consent may be obtained “through only one mouse-click, swipe or keystroke” and therefore “data subjects must, in practice, be able to withdraw that consent equally as easily” per the WP29.
It seems, then, that one should be careful to not make it too easy to opt in to something unless you are prepared to accept the liability for making it just as easy to opt out (which may be technically challenging).
-
it is a question of balance — if one mouse-click was all it took to consent, is it appropriate to require a phone call during business hours to withdraw that consent? Probably not.
-
-
wayks.com wayks.com
-
You have the right to withdraw from this contract within 14 days without giving any reason.
-