Rose

I’m already alone, and I’m just fine this way, thank you.

Fortunately I don’t live in Douchebaglandia.

“Showing up on time” is the lowest possible bar, isn’t it?

Recently I found an old school yearbook. My entry was written by someone who barely knew me. Said something about me showing up on time all the time. Now, I was like “holy shit that’s cringe, I don’t want that on my tombstone”.

The bespoke software that runs most of the business world is actually way simpler than a lot of people think.

If you’re a university student and some company hires you on the first year to work on a business analysis system to be used by a major regional retailer, you might be thinking you must be some kind of a wunderkid, but it also just might be because this system really isn’t that complicated, and you had no idea about the average salaries on this field, so they hired you on the cheap.

My immediate thought was that there’s some inconsistency with various types of metadata. For example most software will pull the date from the Exif DateTimeOriginal field. But there’s also XMP tags that have the same purpose. Or similar purpose. These standards have plenty of date fields for various uses, and while they serve a noble purpose, the software just craps all over them. (Don’t ask which software. All of them.)

My guess is that at some point of time, one of those tags got updated, but not the other tags of similar purpose. So the program you’re using could be pulling the date from one field, and when you update it, you’re actually changing some other field.

Of course all of this is wild because usually no one needs to touch the datestamp anyway (unless you, like, have to correct daylight saving time or clock drift or something). Software changing this to a batch import time? That’s weird and silly.

Native here. I think this is pretty accurate. Politeness is usually tied to other phrasings or modes of speaking, and as an ESL speaker I just think “please” is just a word that gets sprinkled in. In everyday conversations like buying something, it’s kinda more polite to get the thing over with as fast as possible. If you just want a coffee, you don’t need more than “hey” and “thanks” to be nice, right?

That said, it’s definitely not impossible to be explicitly polite: “Ole hyvä”/“Olkaa hyvä” (“[You] (2p. sg./pl.) be kind”) is basically “please” as in “could you do…” or “here you go, have this” or “go ahead and do that” depending on context. “Ole kiltti” (“[You] (2p.sg.) be nice”) is “please” as in “would you be especially kind to do…” But as you can see, these are basically direct orders, it’s “be kind”, not “please be kind”.

Content advisory: boneheaded discussion of suicidal ideation by an armchair psychologist

About a decade ago I was friends with a fellow weird unemployed video game nerd lady who liked books and stuff. Had lots in common. Had fun talking over Xbox games and stuff. Was pretty patient with my depressed stuff. Usually.

But I noticed she was pretty often in open conflict with other people. I’m thinking the reason she didn’t get mad at me because I was following her “rules”. I guess we just agreed to disagree sometimes. Later, I realised I was just doing what I usually did in most social situations, walking on eggshells to not annoy people.

I couldn’t keep up with her even if I had bothered to. She went through like 3 email addresses and 3 blogs and 3 gamertags due to getting hacked and due to the drama. Don’t know, don’t care. Not nominal people numbers.

Dumb story, wasn’t it?

Yeah, when you’re a technology enthusiast, it’s easy to forget that your average user doesn’t have a home server - perhaps they just have a NAS or two.

(Kidding aside, I wish more people had NAS boxes. It’s pretty disheartening to help someone find old media and they show a giant box of USB sticks and hard drives. In a good day. I do have a USB floppy drive and a DVD drive just in case.)

Over the last few years I’ve been drawing stuff on Clip Studio Paint. Wonderful app, very powerful, the asset marketplace rules.

But it has a bunch of really weird jank too. It’s as if it has all of the power in the world but you need to spend extra time digging through the app to do stuff.

Krita, which I finally tried a few months back, feels really excellent. Stuff is configurable as hell. All of the stuff is easy to discover. I’m working much faster.

Now, Krita doesn’t have all of CSP’s niceties, and I guess I have to see how to wishlist them.

Similarly CSP’s 3D mockup tools are great, but nowhere as smooth and powerful to use as Blender’s. Which is weird because CSP isn’t a modeling program - you’d think they’d stick to what they actually do and at least polish the camera/pose controls and such. No dice. I wish I could just stick CSP assets in Blender, but they use a proprietary model format.

Joplin does have an automatic backup plugin. Which I recommend enabling for obvious reasons.

Also, moving to different versions is kinda tricky sometimes. No matter the software, when moving from very old version to a new one, I always keep the old one around until I’m certain the stuff was moved over cleanly.

But yeah, having the notes in a database is definitely not as robust as the plain text storage. Wish Joplin would just let you say “I have a git repository”.

One of the most frustrating programs for me is digiKam. On paper, it’s the perfect DAM/photo manager. But it’s kinda slow for day-to-day use. The user interface is janky in a lot of ways. It doesn’t see constant refinement either. It doesn’t even speak to me as a metadata nerd because I don’t want to turn my metadata into a janky mess. Yeah, you have a powerful metadata editor. It’s like a welding torch without any eye protection.

I’m using ACDSee on Windows, because it’s operating on pretty much the same principle (image file metadata is canonical, app database is just for indexing), but it’s faster and smoother to use. Not perfect, it has its mild limitations (like why the hell doesn’t it support OpenStreetMap - Google Maps kinda sucks for nature trails, you’d think photographers would have pointed this out), but it’s just so much more efficient. If digiKam ever gets a huge UI overhaul, switching over will probably be fairly easy though.

Also about a decade ago, I would have said that as far as novel writing software/large structured document word processors go, nothing beats Scrivener. Scrivener is still probably the best software in its niche, but it looks like a bunch of open source word processors in this niche have come a long way. Currently looking at novelWriter, which seems really rad.

Let me be perfectly honest: If you like AntennaPod, just stick with it, OK? You’ll save a lot of frustrations and headaches.

I used to use AntennaPod and listened to lots of podcasts.

Then one podcast host mentioned some other app, I tried it, and liked its Web interface, even when it didn’t have all of the AntennaPod features. I think it didn’t have “stop playing a podcast at the end of the episode, even if it’s queued”. (I like to queue stuff and listen to them at no particular order. I’m a whimsical girl like that.) Then I think this app got discontinued/went pay only, I can’t remember.

Went with Google Podcasts. It was a pretty limited and janky experience (also no ability to stop at the end of the queued episode), but it did its job and I hoped it’d get better over years. It didn’t. It got discontinued. Google sometimes can’t do a good thing.

I manually migrated my subscriptions to some other app. (As one last hurrah Google then implemented OPML takeout.) Wasn’t happy with this app. Couldn’t help but notice my podcast listening habits were drying up due to all these minor snags. ADHD thing I’m sure.

Then I remembered AntennaPod and how perfect it was and how happy I was using it. I wanted to export OPML from this other app. It had OPML import but no export of any kind. Shit.

So I imported my subs manually again. And screw me if I ever have to do that again. But I’m happy again and that’s what matters. I don’t think I’ll need to migrate again, I’m glad AntennaPod has nice backup features. (Which I already used to move the app from my tablet to my phone.)

Yeah, I agree with that, seems to me the most recent plot twists in The Story of America certainly makes people to feel Free… after they are no longer in America. I’m not American, I feel pretty Free, and I do hope Americans one day feel Free again.

[Continued from the other reply]

So I take it you agree blockchain solution is not trustworthy in itself, then?

Data internal to the blockchain is 100% trustworthy, otherwise new blocks could not be verified.

Verifiability is not the same thing as trustworthiness. I believe I already said that.

External data added to a blockchain is transparent and traceable, but requires additional verification to be considered trustworthy. Fraud is identified by these additional non blockchain processes.

Which is a long way of saying organisational solutions are needed for organisational problems like trustworthiness.

By the way, again somewhat unsurprisingly, nothing stops centralised system from being verifiable and immutable. There’s one massive example of this: Git.

Git is decentralized. Everyone has a copy.

But not every Git repository that is cloned elsewhere is meant to stay identical. If anything, it’s more of a federated system than a decentralised monolithic system, with each of the clones just doing their own thing.

Git repositories can work independently and local branches can do local things. Nothing in it forces everything to be committed to a “single ledger”. Nothing about Git works on technically enforced “consensus”. It just gives users the ability to make sure that if they choose a common branch, then they have the ability to build on that.

If you enforce signing of git commits and only accept data in commits that follow strict rules linked to signers public keys, and create a mechanism to eliminate forks, then you have a blockchain.

But nobody implements it that way. Especially the part about eliminating forks. The ability to create forks and branches in Git repositories is considered a feature.

In blockchains, they’re considered undesirable, yet they happen anyway, because of bugs and users and developer meddling.

Again, you really shouldn’t be going “well, this solution based on decades old technology kinda looks like blockchain if you squint a little bit.”

Follow this thinking to its logical conclusion for an industry wide database/computer where actors can join at will, and you will end up designing a blockchain.

Or you don’t! Based on the above, if someone manages to build a system like that without blockchain, I’m sure you’ll be there saying either “well they should have built a blockchain” or “it kinda vaguely looks like blockchain to me”.

I’m trimming this a little bit so that I don’t have to repeat myself that much.

But it doesn’t solve these problems. It’s one thing to say that maybe blockchain can give you tools to facilitate intraorganisational problem-solving. It’s entirely another to say that it solves the problem. That’s salesman talk, not system designer talk.

Now it’s the English language you are picking a fight with?

No, I’ve just watched marketing making unfounded promises long enough. Unfortunately, not a new problem in the software sector.

Like I said, blockchain proponents have way too many hand-waving hype salesmen and not enough people who think of the problems comprehensively.

I will happily state that Excel solves my accounting problems.

Good for you. A lot of businesses use Excel as a tool that is part of the business process. Maybe I’m using it wrong, I just get an empty worksheet when I start it up. It doesn’t actually solve my problems unless I actually interact with it.

Zero Knowledge isn’t a “blockchain” solution, it’s just a cryptographical solution.

It is blockchain compatible.

Also compatible with everything else. So as we’ve seen in this discussion, it’s not inherently a blockchain advantage and blockchain doesn’t help or hinder this any way.

the solutions they’re talking about are cryptography fundamentals that predate blockchain stuff by decades

But it took decades for someone to realize that these technologies could be covid combined.

You’re reciting that like some kind of religious history, St. Satoshi’s Idea That Changed The World As We Knew It.

While in the actual reality, invention of blockchain was little more than an interesting chapter in the big history book of cryptography.

Neural networks were first proposed in 1944

And were use in decades. Much like individual cryptographic concepts. This is all evolutionary leaps, not revolutions.

And, of course, it’s functionally equivalent to the company staff sanity checking things

Not at all. The proof is entirely separate from the underlying data.

But company employees sanity checking the business data is also separate from the underlying data. They can hire independent auditors if something really fishy is going on. What are you getting at?

Just because you have a trusted adjudicator doesn’t mean deliberate fraud doesn’t happen.

It’s game theory. The only thing an auditor really sells is their reputation.

And as we’ve seen from history, reputation doesn’t matter when there’s enough money on the line. As we have seen from cryptocurrencies, people are perfectly willing to sacrifice their integrity and abscond with ridiculous amounts of money.

Incidentally, same goes with the technical solutions. Need I remind you what happened with The DAO and Ethereum in 2016? Someone messed with the blockchain, so the blockchain developers messed people back?

If you don’t set up any authentication for particular items, then how do you control access?

Pre defined rules set by smart contracts.

But smart contracts are just software (running on mining nodes) operating on data (in the blockchain). How do you control the access to the data?

And can’t this be implemented more efficiently on centralised services anyway?

Isn’t setting up access control by definition dependant on some kind of authentication?

No. You don’t necessarily need to know anything about whoever is interacting with your blockchain.

So why set up access control then? If you don’t care about who is interacting with the system, why have access control? If you actually do care who has access to the information after all, how do you do that without authenticating?

And in what sense is this different from traditional publishing systems? If the information is available publicly, then it doesn’t matter to the publisher who is accessing it?

If the users aren’t identified, how is this different from the information being available publicly?

Because the information is limited to a subset of users, who’s identity is not needed.

But how do you limit the information to a subset of users without authentication? If their identities are not verified, how do you know how to limit that information to that set of users?

How do you create an “user group” without specifying who the users in the group are?

More importantly, how is this enabled by blockchain specifically?

Via private keys and hashed data.

…If the users in fact do have keys, then that’s just access control and user identities, isn’t it? You can’t issue people keys without knowing who they are, right? Otherwise it’s no different from information being available in public, because then the keys can only guard the integrity. You’ve invented TLS from ground up. (Blockchain proponents reinventing old cryptography concepts and calling it a blockchain revolution really isn’t surprising.)

Nothing stops people from using private keys and hashed data on non-blockchain systems. That’s just bog standard identity management. So this isn’t a specific blockchain solution, which was what I was asking about.

public blockchains obviously have no access control whatsoever, the entire ledger is public, duh.

Smart contracts control access on a case by case basis. Only the hash of the data is registered on the blockchain.

Smart contracts are just software that have distributed execution on the mining nodes. They don’t inherently implement access control any better than software that is run on the servers elsewhere.

Can you give me concrete examples of this kind of system in use?

Commitment scheme

Oh wow, a cryptographic concept from 1988.

Anyway, that’s not what I asked for. I asked for concrete examples of a system in use. Is this actually in use anywhere in a blockchain system? How does it work in practice? I’m genuinely curious.

This can be done much more efficiently by just mirroring the data directly.

That’s exactly what each full node does.

Yes, exactly! Except less efficient, like I said.

The node also checks that the current state is coherent which is a stronger requirement than a database mirror.

Dunno, modern distributed database folks spend quite a lot of time thinking about ensuring consistency and working on efficiency. So do people who build centralised databases, but hey.

So if you regret signing a contract in this fancy supply chain blockchain, you can just choose a new fork to support, one without this contract?

No. Consensus mechanisms usually make this prohibitively expensive to do, even in the short term.

I’m don’t follow, sorry. Are the hard forks not a big problem and you can easily choose which fork to support, or is doing so in fact prohibitively expensive to do?

Because as far as I can remember from cryptocurrency scene the former was certainly true, people were more than willing to settle on opposing camps over ideology. Would be a shame if that happened on a super serious business-application blockchain over some departmental or organisational kerfuffle.

Because that policy has to be enforced in an immutable, attributable way by a group of actors that don’t trust each other.

You know what, we’re going in circles. I try to get to the bottom of why something blockchain related can’t be done with traditional systems, you respond with another buzzword that’s still nothing that can’t be done in traditional systems, and the cycle continues. It’s mildly frustrating.

I guess the only way to do this is to wait until this is actually implemented somewhere and then compare how these supposed advantages actually pan out in practice. I expect costly mistakes in that field, but at least they’ll be costly mistakes other companies can learn from and avoid.

Surprise, if you are actually designing a massive system, this kind of design requirements come naturally.

You are so close. The natural design limit of this massive database/computational system with common standards where no single actor has control, is a blockchain.

Oh, you’re so close. People have been building these kind of systems successfully for decades. Now blockchain proponents are showing up and saying “hey, we have a new solution”, and it turns out it’s just the old solution again.

Your problem is that you think you have something new here. It’s not. Blockchain is just a slow distributed database. It’s one solution for a specific niche use case most systems designers don’t run into, and if they do, they have other solutions that almost certainly work better depending on what they want to accomplish.

There’s nothing “natural” about ending up with a blockchain. All you can argue is that it’s natural to end up using cryptographic tools. Because they’re tried and true solutions with decades of work based on them, just like all other business system blocks used in traditional systems. They’re not manifestations of divine ideals whose time has finally come, or somesuch.

[Hit comment size limit, continued in another reply]

What you’re talking about is using technical solutions to mitigate problems in the organisational level.

No. Blockchain is for solving intraorganisational problems. I.e. How can the invoices of your suppliers be made available.

But it doesn’t solve these problems. It’s one thing to say that maybe blockchain can give you tools to facilitate intraorganisational problem-solving. It’s entirely another to say that it solves the problem. That’s salesman talk, not system designer talk.

There’s little you can do on technical level to 100% ensure that invoice information is correct and matches what is actually happening in the real world.

This is known as the Oracle problem.

Yup. One of the problems blockchain doesn’t solve. Can’t fix organisational problems without organisational effort.

a series of interoperable systems, which is how things generally work.

But they don’t work, because one cannot confirm who entered or manipulated the data, or whether the data has been altered in a malicious manner.

Make logging changes a design requirement, then. Nothing stops people from documenting the changesets. Cryptographically hashed and signed, if you’re feeling paranoid.

what do you do in cases where the supply chain is deliberately opaque?

This is where Zero Knowledge is used. A trusted third party © certifies some data as correct

Zero Knowledge isn’t a “blockchain” solution, it’s just a cryptographical solution.

(I keep mentioning this because we’ve seen plenty of this in blockchain hype. Blockchain proponents keep raving about how blockchain fixes everything, while forgetting that the solutions they’re talking about are cryptography fundamentals that predate blockchain stuff by decades, and can be actually used much more efficiently in non-blockchain solutions.)

And, of course, it’s functionally equivalent to the company staff sanity checking things, which - let’s face it - they have to do anyway. It’s no improvement over non-zero-knowledge solution.

Never mind that this doesn’t address the opaqueness of the supply chain at all. Just because you have a trusted adjudicator doesn’t mean deliberate fraud doesn’t happen. I’d argue relying too much on technical system do the adjudication can actually sometimes be worse - “the computer says everything is good” is a great way to increase complacency about the procedure.

Any other ideas?

But nothing stops them from accessing (and copying) the information while they have legitimate access to it!

True with or without blockchain.

Precisely. So blockchain offers no advantage either way there. Glad we agree there.

it can be done without a blockchain.

Blockchain controls access without needing to set up authentication for all users.

Now that’s genuinely fascinating - exactly how does that work?

If you don’t set up any authentication for particular items, then how do you control access? Isn’t setting up access control by definition dependant on some kind of authentication? If the users aren’t identified, how is this different from the information being available publicly?

More importantly, how is this enabled by blockchain specifically? My own knowledge is mostly from public blockchains, and those obviously have no access control whatsoever, the entire ledger is public, duh.

Can you give me concrete examples of this kind of system in use?

And what do you propose happens when the blockchain just straight up isn’t accessible anymore for one reason or other?

If availability is important then you run your own node. You also choose a flavor of blockchain that has very little downtime.

This can be done much more efficiently by just mirroring the data directly. If availability is important, your average content delivery network just obliterates the throughput of all blockchain solutions in comparison. Just have the data mirrored on geographically nearest datacenter! Or the server in your closet, if you want!

Again, hard forks in cryptocurrency world would suggest blockchain isn’t a magical solution to this problem either.

Hard forks are not a big problem. You just choose a fork to support.

So if you regret signing a contract in this fancy supply chain blockchain, you can just choose a new fork to support, one without this contract?

This is why you have to actually think about what happens when actual users are using the system, sometimes with malicious intent. If the designers are immediately saying “it’s not a big problem” to some issue that has already caused big problems elsewhere, you just can’t ignore that. That warrants scrutiny. That’s salesman talk, not designer talk.

For practical purposes it doesn’t matter one bit if you’re tracking an invoice by an invoice number or by some cryptographic hash identifier.

From an internal organisational perspective, yes.

But the invoice number from company A will not match the invoice number from company B. Nor can it be seen by company A that company C provided parts to company B

From a multi organisational perspective exposing a globally unique hash tree is much more controlled and useful.

Umm, how is this different from enacting a policy that states that invoice numbers have to be globally unique and have to follow a certain format?

Surprise, if you are actually designing a massive system, this kind of design requirements come naturally. You just identified the problem - companies A, B, and C don’t have common standard for invoice numbers. Solution: Make sure they all do that in the next iteration of the system. And you can even make that a cryptographic hash if you fancy!

Fraud happens outside of the technical domain. That was my point.

Agreed. Blockchain immutability documents fraud, but it doesn’t mitigate it.

So I take it you agree blockchain solution is not trustworthy in itself, then?

If fraud happens, then you need actual organisational level investigation anyway. If your system has the verifiability functionality, then you certainly can document fraud.

Speaking of which:

Centralised systems can imperceptibly alter their databases and calculation algorithms. Blockchain systems cannot.

Blockchain systems are mathematically verifiable. As a platform they are entirely trustworthy.

Verifiability (as part of trustlessness systems) isn’t the same thing as trustworthiness in the organisational domain. We already went through this.

Also, mathematical verifiability isn’t the same as organisational verifiability. No amount of hashing will say the contracts you’re operating on are valid at the organisational level. So you need the organisational policy to determine whether the information is trustworthy anyway.

You said that blockchain documents fraud but doesn’t mitigate it. This is correct. Blockchain system would leave a record of a mistaken or malicious entry. But it’s still going to be there at the end of the day when the problem will be sorted out at the organisational level.

By the way, again somewhat unsurprisingly, nothing stops centralised system from being verifiable and immutable. There’s one massive example of this: Git.

It coincidentally uses the same cryptographic building blocks as blockchain systems: hashes and Merkle trees. Changes are verifiable through hashes, changesets are immutable through Merkle trees. But instead of trying to build automated consensus mechanisms or access controls, ultimately, Git solves trustworthiness problem entirely differently than blockchain systems: users have to implement access control, users have to verify incoming information. All trustworthiness questions are answered at the organisational level where it belongs. Also, Git works both as a centralised system and as an interoperable system, because, again, workflows are settled at organisational level where they belong.

The value people put on that trustworthiness is an entirely different subject.

What a massive hand-wave. “Oh, this system is theoretically safe. Unless people want to actually use it. Then it kinda depends.” Or: “Oh, the actual usage of the system is out of the scope of the design.”

Blockchain advocates put way too much emphasis on the theoretical viability. People who build actual systems that actual fallible end users use tend to put more emphasis on all of the factors that go into designing the system. You have to consider the ways people can break the system. You have to address organisational problems. You can’t handwave it away as being out of the scope.

But as the cryptocurrency market has shown, blockchain by itself cannot prevent fraud.

It eliminates accounting fraud. It has never claimed to eliminate all fraud.

It doesn’t eliminate accounting fraud - as we just discussed, it only makes the fraud evident. Or as you said, “blockchain immutability documents fraud”. In other words, you can see if someone tried to mess with things, but it’s still up to the organisation to actually do something about it.

So blockchain so far isn’t a solution for this problem, then?

It’s an excellent solution for audits.

That’s what I’ve been trying to tell you when I said technical solutions can mitigate problems, not solve them. If the system has verifiability built in, then that’s a technical solution that helps audits. And you don’t need blockchain for that.

These reptile themed flags are cute!

Should make one that has a tortoise. 🐢 With the text along the lines of “Sorry I’m so slow. I didn’t even get to visit the United States yet. What the hell is happening over there? Should I turn around? Probably…”

First of all, it’s only horizontal tango on very special occasions. Mamba, salsa, go-go, even jitterbug. But tango is special.

Secondly, music during sex is overrated I don’t get why some people do it but whatever you do you I guess

Probably not, because Steam games need Steam, and Steam needs all of the usual operating system guff.

That said in early PC era it was not unheard of that games could have boot sector on the floppy and they basically just bypassed operating system entirely. Because aside of file access MS-DOS didn’t really have much in the way of “operating system services” in modern sense. Especially toward the end of DOS era games came with a bunch of “extensions” (particularly 32 bit memory managers).

I sometimes still think about StarCraft: Ghost.

Pfft, I’m sometimes hoping they’ll eventually make the WarCraft point-and-click adventure game.

I didn’t know that this is the perfect way to enjoy memes. Posted to Twitter, screenshotted, discussed further in Tumblr, printed out, faxed, scanned, and then posted to Lemmy.