https://cuelang.org/. I deal with a lot of k8s at work, and I’ve grown to hate YAML for complex configuration. The extra guardrails that Cue provides are hugely helpful for large projects.

If it’s a publicly-accessible repo, then immediately revoke the key and leave it. Force-pushing isn’t good enough because the old commit will still be tracked by Git until the garbage collector kicks in, and you don’t have control over the GC on GitHub (not sure about other providers).

If it’s an internal repo that’s only accessible by employees, then you probably should still revoke it, but you’ve got more leeway. Usually I’d create a ticket to revoke it when there’s time, unless this is particularly sensitive.

It depends on the role. My first job was doing manual QE on Windows, and knowing Linux wasn’t much help at the time, but it did help me transition to a coding role in the same company a year later. I’m now doing platform engineering at a major tech company, but that has a high barrier to entry, which I suspect is the case for most roles that are Linux-focused. If you’re trying to get your foot in the door, I think you should look at job profiles for low barrier to entry roles (e.g. tech support) and try to work your way up.

Probably because the individual engineers working on Takeout care about doing a good job, even though the higher-ups would prefer something half-assed. I work for a major tech company and I’ve been in that same situation before, e.g. when I was working on GDPR compliance. I read the GDPR and tried hard to comply with the spirit of the law, but it was abundantly clear everyone above me hadn’t read it and only cared about doing the bare minimum.

There’s no financial incentive for them to make is easy to leave Google. Takeout only exists to comply with regulations (e.g. digital markets act), and as usual, they’re doing the bare minimum to not get sued.

I’m not worried about CCTV footage in the US, at least as far as government surveillance is concerned. The main reason is the difficulty in wiretapping, compared to the payoff. For the government to get access to CCTV cameras owned by private citizens, they’d have to backdoor every single manufacturer, then figure out how to stream footage without being detected. This is definitely possible, but it’s considerably more difficult than wiretapping phone conversations. I’m sure the NSA/CIA/etc has done this before on a targeted basis, but doing it in general is very risky and a ton of work(if they want to keep it a secret), and what do they get in return? The NSA has a lot of resources, but it’s still limited.

Wait till she learns about zombie children

That’s not what I’m saying at all. I’m saying the rich and powerful have a vested interest in not taking risks that jeopardize their power and wealth, because they have more to lose.

The reason these models are being heavily censored is because big companies are hyper-sensitive to the reputational harm that comes from uncensored (or less-censored) models. This isn’t unique to AI; this same dynamic has played out countless times before. One example is content moderation on social media sites: big players like Facebook tend to be more heavy-handed about moderating than small players like Lemmy. The fact small players don’t need to worry so much about reputational harm is a significant competitive advantage, since it means they have more freedom to take risks, so this situation is probably temporary.

Unfortunately, retrofitting CSP on an existing site can be nightmare, especially if you have external dependencies. At my job, we spent months trying to enable CSP on one our oldest sites, but ultimately gave up because one of our dependencies won’t work unless we added “unsafe-inline” everywhere, which kinda defeats the whole point of CSP.