sylver_dragon

So a couple possibilities come to mind:

1. Someone else has your password. Do you have kids and do they have access to devices which may have your Google account linked? You may want to change your password (use something long, hard to guess and unique).
2. Your local system is compromised in some way. This would be a really odd way for someone to use that access, but it’s always possible. Take a look at the apps and any browser extensions you have installed and make sure there isn’t anything you don’t recognize.
3. There is some sort of Cross Site Scripting (XSS) vulnerability which is being leveraged to subscribe you to stuff. I would expect Google to be better than to have an XSS on YouTube (they bought Mandiant a while ago, FFS). But, big companies doing stupid things is common enough. When you got the pop-up, was it in the YouTube app or a web browser. Did you have other tabs open? Other background processes from sketchy apps?
4. It is Google, them doing shitty things to their product (that’s you) for their customers (the advertisers paying for your eyeballs) is basically their business model. Don’t like it, de-google your life (warning: this is actually really hard).

Well, here’s my TIL:
Fun fact: the earliest known appearance of the F-word in the English language is “Roger F$#%-by-the-Navel” who appears in some court records from 1310-11.

More info.

Ya, I actually run both uBlock Origin and NoScript in my browser on my phone and personal machine (desktop). On my work laptop, those are a no-go. So, I get the full ads experience on my work machine when traveling.

I run Pi-Hole in a docker container on my server. I never saw the point in having a dedicated bit of hardware for it.
That said, I don’t understand how people use the internet without one. The times I have had to travel for work, trying to do anything on the internet reminded me of the bad old days of the '90s with pop-ups and flashing banners enticing me to punch the monkey. It’s just sad to see one of the greatest communications platforms we have ever created reduced to a fire-hose of ads.

Sorry about rolling that grenade under your bunk Mr. Secretary, GenAI told me to do it.

Please don’t save your passwords in a browser. This is one of the first things most InfoStealers go after, and they basically all fail to stop the theft. By all means, use a password manager. Really, they are great and make using unique, complex passwords everywhere much easier. Just, not the failures tied to browsers. KeePassXC is great, if you want to keep everything local. Though, you have to work out your own system for synchronizing between devices. BitWarden is good if you want something “in the cloud”. You no longer have complete control, but you get easy access on all devices.

I hate cloud based services. I don’t want to be reliant on and send my data to someone else’s computer. Give me local control and local data storage or get off my grass!

On creating accounts everywhere, maybe it’s a GenX thing, but I just lie my arse off in all those extra fields. So many websites have my home address as 1600 Pennsylvania Ave NW Washington, DC 20500. I do wonder if it results in much extra junk mail for the processing faculty to deal with.

Who else is going to helpfully delete your entire D drive for you?

While that is possible, I’d seriously doubt it happening. Wagner’s run at Moscow seemed like the best opportunity for that to happen, but it just stalled out. I’m still surprised Prighozin, stopped his push short of Moscow. I was not surprised afterwards when an airplane he was on suffered “technical difficulties”. But, between the failure of Wagner to remove Putin and them now being rolled into the Russian military, I think Putin has done a lot to consolidate his control over the armed forces, exactly to prevent that outcome.

Ya, it could happen, I don’t believe it’s likely.

While I like the sentiment, unless the EU is interested in a WWII style total war and invasion of Russia, Putin is never going to be held to account for the invasion of Ukraine.

The Russian government (Read: Putin and his cronies) are not going to agree to hand Putin over to The Hague. Even if the current war ends on favorable terms for Ukraine, that is never going to look anything like the German or Japanese surrenders. At best, this war ends with Russian military exhaustion and withdrawal. More like the end of Soviet involvement in Afghanistan. There will be no push to Moscow, no mass bombing of Russian factories or cities. Just Russian soldiers packing up and going home, leaving death and devastation behind for the survivors of their invasion to deal with.

Any negotiated peace is going to look pretty similar. It will stop the death sooner at the cost of giving Russia something it’s willing to accept. That’s the way negotiations work. If you want to force the other side to accept your terms, without any compromise, that’s what war is for. Since it seems neither the EU nor the US are willing to engage in a direct confrontation with Russia, then the only choice to end this war early is compromise. And Putin facing accountability is almost certainly not going to be on the table.

Never try to catch a falling knife.

also dealing with a chronically higher baseline level of inflammation

Have you been tested for gluten intolerance and/or Celiac Disease? Chronic inflammation is one of the markers. It’s a very simple blood test, though it seems to be something doctors don’t always bother to check for. Talk to your doctor about the test.

The remote access devices can be a good thing. The issue is one of control. Given the software driven nature and complexity of devices, bugs are inevitable. Having a way for the manufacturer to distribute those updates remotely is a good thing as it lowers costs, and makes it more likely the updates get deployed. That said, the ability to enable and disable that remote access system needs to be in the hands of the customer, not the manufacturer.

As an example, many years ago I worked for a company which manufactured physical access control systems (think those stinking badges and readers at office buildings). And we had two scenarios come up which illustrate the issue quite well. In the first case, the hardware which controlled the individual doors had a bug which caused the doors to fail unlocked. And based on the age of the hardware the only way to update the firmware was to physically go to the device and replace an EEPROM. I spent a very long day wandering a customer’s site climbing a ladder over and over again. This was slow, expensive and just generally not a great experience for anyone involved. In the second case, there were database issues with a customer’s server. At that time, these systems weren’t internet connected so that route for support didn’t exist. However, we shipped each system with a modem and remote access software. So, the customer hooked up the modem, gave us a number to dial in and we fixed the problem fairly quickly. The customer then unplugged the modem and went about breaking the system again.

Having a way for the manufacturer to connect and support the system is important. They just shouldn’t have free run of the system at all times. The customer should also be told about the remote support system before buying the system and be able to turn it off. Sure, it’s possible to have reasonably secure remote logins on the internet (see: SSH or VPN), but it’s far more secure to just not have the service exposed at all. How many routers have been hacked because the manufacturers decided to create and leave in backdoors?

The main thing I have from that time is several large boxes hanging about taking up shelf space and a burning hatred of MMOs. My wife and I got into WoW during late Vanilla. We stood in line at midnight to get the collector’s edition box for WotLK and later again for Cataclysm (we weren’t that far gone when The Burning Crusade released). Shortly after Cataclysm released, there was the Midsummer Fire Festival and as we were playing through it, we hit that wall where any more quests became locked behind “Do these daily quests 10,000 times to progress” and the whole suspension of disbelief just came crashing down. I had already hated daily quests and the grindy elements of the game, but at that moment I just said, “fuck this” and walked away from the game.

I do look back fondly on some of the good times we had in the game. Certainly in Vanilla there was some amazing writing and world crafting. We met some good people and had a lot of fun over the years and I don’t regret the time or money spent. However, one thing it taught me is just how pointless MMOs are. They are specifically designed to be endless treadmills. And this can be OK, so long as the treadmill itself is well designed and fun. But, so many of the elements exist just to eat time. Instead of being fun, they suck the fun out of the game and turn it into a job.

We even tried a few other MMOs after that point (e.g. Star Wars) just because we wanted something to fill that niche in our gaming time. But invariably, there would be the grind mechanics which ruined the game for us. Or worse yet, pay to win mechanics where the game would literally dangle offers of “pay $X to shortcut this pointless grind” (ESO pops to mind for this). If the game is offering me ways to pay money to not play the game, then I’ll take the easier route and not play the game at all, thank you very much.

So ya, WoW taught me to hate MMOs and grinding in games. And that’s good, I guess.

So, if the higher level universe works by magic, then the theory is fine.

Sure, I’m making assumptions that any universe simulating our own would have finite energy and resources. Also that they would make a simulation that is at least close to their own (making theirs close to ours). Those seem like reasonable assumptions to make, otherwise we might as well just say that our universe is a pocket dimension made by magic and the whole thing becomes absurd pretty quick.

It would be interesting to see someone with the background to understand the arguments involved in the paper give it a good review.

That said, I’ve never brought the simulation hypothesis on the simple grounds of compute resources. Part of the argument tends to be the idea of an infinite recursion of simulations, making the possible number of simulations infinite. This has one minor issue, where are all those simulations running? If the top level (call it U0 for Universe 0) is running a simulation (U1) and that simulation decides to run its own simulation (U2), where is U2 running? While the naive answer is U1, this cannot actually be true. U1 doesn’t actually exist, everything it it doing is actually being run up in U0. Therefore, for U1 to think it’s running U2, U0 needs to simulate U2 and pipe the results into U1. And this logic continues for every sub-simulation run. They must all be simulated by U0. And while U0 may have vast resources dedicated to their simulation, they do not have infinite resources and would have to limit the number of sub-simulation which could be run.

Well,

If the goal is stability, I would have likely started with an immutable OS. This creates certain assurances for the base OS to be in a known good state.
With that base, I’d tend towards:
Flatpak > Container > AppImage

My reasoning for this being:

1. Installing software should not effect the base OS (nor can it with an immutable OS). Changes to the base OS and system libraries are a major source of instability and dependency hell. So, everything should be self contained.
2. Installing one software package should not effect another software package. This is basically pushing software towards being immutable as well. The install of Software Package 1, should have no way to bork Software Package 2. Hence the need for isolating those packages as flatpaks, AppImages or containers.
3. Software should be updated (even on Linux, install your fucking updates). This is why I have Flatpak at the top of the list, it has a built in mechanism for updating. Container images can be made to update reasonably automatically, but have risks. By using something like docker-compose and having services tied to the “:latest” tag, images would auto-update. However, its possible to have stacks where a breaking change is made in one service before another service is able to deal with it. So, I tend to tag things to specific versions and update those manually. Finally, while I really like AppImages, updating them is 100% manual.

This leaves the question of apt packages or doing installs via make. And the answer is: don’t do that. If there is not a flatpak, appimage, or pre-made container, make your own container. Docker files are really simple. Sure, they can get super complex and do some amazing stuff. You don’t need that for a single software package. Make simple, reasonable choices and keep all the craziness of that software package walled off from everything else.