I bought an early framework 13. It cost a little more. I’ve since upgraded the main board to get a faster/newer experience. The overall cost has been less than 2 laptops.
Some of this depends if you’re playing the long game
First, being intelligent (as defined in the article) doesn't relate to being happy. There is nothing inherent about being intelligent that means happy.
Second, our society spends a lot of time shaping culture and people to extract value from them. For example, the focus on "more" rather than "enough". We are shaped to always desire more and never be content with what we have. Even intelligent people are shaped by this. Consider the fall in terms of people who have hobbies.
> Second, our society spends a lot of time shaping culture and people to extract value from them.
The usual trope here is that smarter people recognize this and see through the cage, leading to less overall happiness vs. "ignorance is bliss" where you don't recognize you are in a cage at all.
It's just that though, a trope. I'd argue happiness is more determined by emotional intelligence than anything, which an IQ test isn't going to measure.
In the 1920's of the US the idea of making people not content to stimulate buying gained popularity. This is still used today. The culture is directed at making people not satisfied. It's hard to go against the grain of society.
That wasn’t a new idea. It’s not even restricted to humans.
Competing for mates is one of the basic mechanisms in evolution, seen in many animals. Instead of fighting the tribal leader or whomever to display fitness, humans came up with a less violent solution, which manifests itself in the ability to buy things.
Second, our society spends a lot of time shaping culture and people to extract value from them.
More than that, society spends an increasing amount of time and money trying to convince people that they should be mad at each other for arbitrary reasons. I don't think this has much to do with intelligence, though.
See recently: Andrew Cuomo's racist AI-generated mayoral ad & Trump's AI generated truth post where he shits on Americans. It's hard to have a general feeling of happiness when the people with money & power in this world feel the need to go out of their way to spread their disdain for me because of how I look, what I do for a living, or the fact that I wasn't born into wealth.
People are more often trying to avoid being unhappy than trying to be happy. People who prioritize doing things that make them happy are called drug addicts usually.
The upshot is that society also values that we create value. Doing things that others find valuable can foster a sense of meaning and belonging.
What you touched on is desire (see: hedonistic treadmill), and while that can be inflamed by messaging in society, it transcends any given society. If we didn't have desires, we wouldn't suffer for art or create great things. Tautologically, manifesting changes like that necessitate dissatisfaction with status quo.
Intelligence isn't the same thing as happiness, but it could be correlated, because if IQ does measure generalized problem-solving ability, as it seems to, then smart people could apply themselves to the problem of happiness and have more success than average in it. Then the question is "why don't they"? As you indicated, one reason may be that there's not much encouragement to, because as a society we're still in "rat race" mode.
I don't think about this as much for professional or amateur photography.
I think of verifiable images as something for legal purposes. So much is easily made up with AI. Having verifiable real photos (and eventually video) can be a benefit for things like legal proceedings.
> I think of verifiable images as something for legal purposes.
That makes sense to me, but who is this particular $399 camera made for? Can you imagine someone choosing it for a photo they intend to be used in legal proceedings? The specs and appearance do not scream high-quality professional tool to me. The price is lower than a professional would be willing to spend (on something high-quality), higher than someone would drop on a whim.
It looks kinda like a designer's school assignment that they're trying to sell.
The original seeds and farm equipment still exist for the most part. Farmers use GMO patented seeds and no-right-to-repair complex farm equipment "systems" because they're more efficient despite the downsides.
> That died last week, when the U.S. Court of Appeals for the District of Columbia dismissed the suit for lack of jurisdiction.
If the issue is one of jurisdiction, did they file the case in the wrong court?
Following local news, I've seen the case where a case is closed because it was filed in the wrong court. A different court had jurisdiction in the matter. I wonder if that's what happened in this case.
If you read the judgement it basically says that because the FBI eventually returned the money, she no longer has a live interest as an individual.
They also denied that she’s part of some well defined class for a class action.
It’s not like they are saying there’s some other court she can go to.
US courts are generally infamous for denying justice whenever they see fit using technicalities like “standing” and other procedural grounds.
Environmental law violations, illegal surveillance programs, civil asset forfeiture like here, and constitutional violations are quite often practically impossible to get courts to address, especially if parts of the US government are the defendant.
There are different types of jurisdiction. Subject-matter, personal, venue, procedural, etc.
In this case, reading the opinion w/dismissal, there were two factors involved:
1) The court determined her individual claim was moot because the FBI had already discontinued the forfeiture proceedings & returned her seized property, with interest, before the appeal
2) Her class claim was also dismissed because no class had been certified before her individual claim became moot
Jurisdiction is a complicated word. What most people think of as jurisdiction is talking about law enforcement -- "you're out of your jurisdiction" -- to mean they are operating outside their geographical area.
That same term in law suits is called "venue", when you've filed in the wrong county, for instance.
This has nothing to do with Git. A symlink can be packaged up in a tarball and shipped from one system to another. An attacker would need to create a malicious Chart.yaml file and a Chart.lock file pointing to another file. Then ship those to a system where dependencies are then updated.
This doesn't affect things like installing or upgrading a chart. Dependencies aren't updated at that time.
> A symlink can be packaged up in a tarball and shipped from one system to another.
True enough, but if you have a victim unpacking and building untrusted tarballs there's no security boundary being crossed, is there? You don't have to bother with this symlink nonsense, just update the install script to include your payload directly.
Honestly this vulnerability is dumb. I don't see any realistic scenario where it can be exploited by an unprivileged attacker.
When you do a helm pull and download a chart from a repo, I believe it's a tar-ball. So if you have a workflow where you install charts from the filesystem you could be impacted. I've done that in the past.
You're not installing the untrusted tarball; helm is merely supposed to be extracting it, and then rendering the templates contained within.
(Those templates, once rendered, might then refer to pods, etc. that might be put into a k8s cluster (or perhaps we merely render then YAML, and never `apply` it), and in that sense, one might imagine that that is an install, but that's not the security boundary being crossed here; this would presumably result in execution on the host running helm, which would definitely be surprising.)
You're quibbling over the meaning of "install" but apparently conceding the part about untrusted? OK, fair enough. I still argue that any process involving the extraction and (ahem) "rendering of contained templates" from untrusted sources is broken in ways a fix for this particular symlink issue isn't going to address.
Certainly, it would be better to trust the upstream completely, but let's not kid ourselves? See the entire current state of software supply chain in the industry.
But when I visit a website, I don't expect the website to LCE me. Why should turning a YAML adlib into YAML LCE me, regardless of the trust of the upstream. This is not a privilege I'm expecting to give the upstream ever, and this behavior is a clear security bug, to me…
The attacker creates a symlink (e.g., using `ln -s`) to another file. The attacker needs to create the malicious Chart.yaml file and symlink that the Chart.lock file points to.
If being able to create files and symlinks to them is a pre-condition for this, then it's not a serious security bug. If you have that kind of access then there are a million nefarious things you can do.
This is almost becoming a joke at this point, "assuming an attacker has access to the system, they can change things on the system".
Helm is not intended to be able to write files outside of the directory you are rendering the templates to, and the directory that you have downloaded the chart to, so if there is a way to do that, it is a bug in the program and a security bug at that, particularly when the destination is controlled by someone who has written a malicious chart. That it also happens to be able to run arbitrary code makes it worse, but the primary problem is that it can write files outside of the chart directory or the directory you are rendering to at all.
This has nothing to do with whether you are running it in sudo or whatever. (and in fact on MacOs, I don't believe this requires running it with sudo permissions to overwrite ~/.zshrc for example)
I create a malicious chart or compromise one you use (with symlink to an arbitrary file and code).
You download charts either as a tarball from a helm repo or oci registry with helm and helm will create the files and links with your permissions, and send me whatever I wanted to extract from your system.
Yes, you should check things you download from the internet.
But also, that is not how a chart is supposed to work.
It is on the level of "sudo curl URL". It is an obviously stupid thing to do from a security perspective, but projects have suggested doing it to install their software.
If you are new to helm or haven't considered the security around it, it is good to know what to look out for.
Instead of doom scrolling on social media we called a friend.
Instead of binge watching another meh show, we had friends over to play cards or a board game.
Instead of over scheduling kids with constant activities, parents had a regular night out with friends while kids spent quality time at home with the other parent.
The time is there. It was in the past. We just have a finite amount of time and use it differently.
Imagine the time when kids could actually do things on their own and learn resilience, independence, and community alongside their friends. Instead, their parents now need to drive them everywhere alone because communities got rid of school buses, sidewalks, and speed bumps to help make cars go faster. We've done the real-life version of gamers min-maxing the fun out of a game.
You are so right. Just imagine having a physical community that wasn't completely gutted for the sake of transporting cars through non-communal spaces to other non-communal spaces. In America, we can hardly even imagine this, and if you try, you will experience something close to a mob backlash.
All of this assumes people have friends to start with.
This becomes much harder for those without friends which I think is what the article was about. Not disagreeing with you though, untold hours have been wasted on social media.
> Setting aside legitimate (thats a matter of judgement)
By definition, a judge decides what's legitimate.
If DOGE expects their access to be blocked by a court judgement, and bum-rushes agencies to exfiltrate data ahead of the judgement, that's also criminal intent.
I am not sure what you are getting at. "Covert" isn't how I'd describe DOGE's actions. "Brazen" maybe?
People have admitted in news interviews to destroying government data to prevent others from knowing what the government was doing. That’s likely criminal. This is a legitimate reason to get at information before people who might destroy have the opportunity.
What’s happening with judges is very political. We likely won’t know what’s allowed until things have gone through the appeals process. There have been cases of judges admitting they will rule against the current administration no matter the topic or law. This is messy, to say the least.
>People have admitted in news interviews to destroying government data to prevent others from knowing what the government was doing. That’s likely criminal. This is a legitimate reason to get at information before people who might destroy have the opportunity.
Yes, this is precisely the accusation being made against DOGE: they are the government actors criminally trying to to prevent the public from knowing what they're doing.
>There have been cases of judges admitting they will rule against the current administration no matter the topic or law.
No, there haven't, but feel free to provide a source.
In American system, appeal process is a very formal thing - it checks whether all the ts were crossed, whether process was followed. It is not checking the evidence, it is bringing new evidence, nothing like that.
Some of this depends if you’re playing the long game
reply