• 0 Posts
  • 17 Comments
Joined 8 months ago
cake
Cake day: March 12th, 2024

help-circle
  • but I don’t think I’ve ever gotten a job from LinkedIn, now that I think about it.

    Yeah that was it for me. I got loads of messages from recruiters but they were really low effort communication. I even put in things like “INCLUDE THE WORD GLENDA IF YOU READ MY PROFILE” near the top of my profile/experience section. Out of the hundreds of messages, I’d say fewer than 10 actually wrote “GLENDA”!

    The conversations I did end up having were shitty anyway. Essentially I think the world got software fever over the past few years and it’s only just recently cooling down. People going into recruiting without any people skills, let alone industry knowledge. Companies desperate to hire people for no reason, including people who just did that “Quit your job and start coding!” nonsense.


  • Sadly that’s true for all social media.

    Some are worse than others. Every now and then I log on to Instagram because I can sometimes see fun dirtbike clips. I can comment on YouTube videos of conference talks.

    I know people go to supposedly “adventurous” places on motorbikes just for clout, and I know that people at conferences often do talks that could just as easily be recorded themselves at home or even just as a text article. But at least I know, deep down, they want to share stuff with people who have a shared passion.

    The stuff that gets shared around via LinkedIn feels so, so hollow in comparison. Not a lot, if anything, beneath the surface.




  • Yeah there’s something that feels so wrong about the site. One of my (fake) favourites by @SecureOwl@infosec.exchange when LinkedIn was down a couple weeks ago:

    LinkedIn was down. A lot of people were panicking.

    But rather than panic, I saw an #opportunity. Using all of my strength I ran to the nearest LinkedIn datacenter. I was able to gain access because I made a #personal #connection with the security guard. I actually invested in their ceramics business while I was talking to them.

    Once I’d gained access to the servers I was able to deploy a fix I’d written using ChatGPT #AI #genAI.

    I fixed LinkedIn, and walked out of the datacenter where everyone was applauding.

    I say this not to brag or show off, but to share a story of how you have to show #leadership in the moment, and step up when you can. The CEO of LinkedIn called me that night to thank me. #influencer #hustle #horseownership

    Apart from the absurd types of text being shared around there, most features of LinkedIn seemed redundant to me:

    • list of “connections”: contacts app (portable data format, too)
    • job applications: many other job sites, or direct on company website
    • messaging: email
    • finding who works/worked where: I don’t care




  • The issue here isn’t so much Google. Just people being stupid and not taking the time to learn how to secure something

    I’d argue there’s poor design that could be patched here. From an article detailing the vulnerability (https://mrbruh.com/chattr/):

    My hunch was that in the rush to push their new shiny product, someone would take a shortcut and forget to implement proper security rules.

    The hunch was right, and it was worse than I could’ve ever guessed.

    then later:

    if you use Firebase’s registration feature to create a new user (you cannot register on their site), you get full privileges (read/write) to the Firebase DB.

    That it’s somehow faster or easier to (mis)configure a system such that you have full read/write is poor design. Secure by default, principles of least privilege; stuff that you want the implementers of the system to stick to so that when you’re a user (restaurants), you don’t need to think about this sort of thing.

    Of course the restaurants are also at fault for putting people’s personal info into yet another charlatan AI SaaS.



  • Over the past approx. 100 days, dw_innovation@mastodon.social has made 2 or 3 public replies. The idea of using any of these social networks over RSS/Atom feeds and plain old websites is that they’re social, not a place you upload text.

    As a freedom loving hippie, I’d rather see broadcasters posting to the fediverse instead of whatever awful mish mash of Instagram, Facebook, Twitter et al. it is right now! That would be fantastic!

    But as a technical purist, the way DW is using their account right now, they’re arguably no worse off getting links/content from their RSS feeds available to the fediverse somehow (e.g. RSS Parrot). Sometimes I feel like we’ve had walled gardens for so long that we’ve forgotten about interoperability. Lots of platform thinking! Broadcasters don’t need to be on the fediverse, just a way that their stuff can be shared to the fediverse.

    I’m excited to see things changing that makes thinking like this even possible!






  • Right now I follow a few Mastodon users via an RSS-to-Email service, but the problem with that is that you can’t follow private accounts/see followers-only toots. It would be great to have a full email bridge.

    Ah yes know exactly what you mean. I follow Mastodon, PieFed, Lemmy stuff via RSS too.

    I have a little program which follows/unfollows:

    apfollow kevincox@lemmy.ml
    apfollow -u kevincox@lemmy.ml
    

    Then things get delivered to my inbox. That’s been working ok. I’m adding a “Following” section to the docs soon.

    But I think the main idea is getting Activity into a RFC5322 message in a filesystem. The system doesn’t really care how that file is written. It could be from an ActivityPub server sending stuff to you. But it could also be from reading a RSS feed and fetching the items. My first stab at this was actually a couple of scripts which dumped my Mastodon timeline and some Lemmy stuff to message files.

    So if my ActivityPub-email bridge was running you wouldn’t also be able to access a Mastodon UI and for example browse other posts.

    What I do now is clunky. First, I’ve written a couple of very basic frontends using both the Lemmmy & Mastodon API. These expose the unique ID of each post, which I copy/paste around…

    (like commenting on a random post I was linked to).

    I run this command:

    apubget -m https://lemmy.ml/comment/9266238 > comment.eml
    

    Then open the file in a mail client, and reply to it. Like I said: pretty clunky! :D

    One thing I’ve thought about is hijacking the header’s Subject field to hint to apas that we’re replying to something. Modifying Subject is exposed in more mail clients than being able to modify arbitrary fields in the header (ideally we set In-Reply-To). For example for this message I’m writing now:

    To: kevincox@lemmy.ml
    Subject: https://lemmy.ml/comment/9266238
    
    Ah yes know exactly what you mean bla bla bla...
    

    Taking it further, frontends could render mailto: links. Here’s one to reply to your message: mailto:kevincox@lemmy.ml?cc=fediverse@lemmy.world&subject=https%3A%2F%2Flemmy.ml%2Fcomment%2F9266238

    Using Subject as both the name or inReplyTo properties of an Activity depending on its value feels unclear.

    Reading RFC 6068, it’s theoretically possible that we could inject a In-Reply-To in a mailto URL. It’s up to the mail application to interpret it. mailto:kevincox@lemmy.ml?cc=fediverse@lemmy.world&in-reply-to=%3Chttps%3A%2F%2Flemmy.ml%2Fcomment%2F9266238%3E This encodes the message:

    To: kevincox@lemmy.ml
    CC: fediverse@lemmy.world
    In-Reply-To: <https://lemmy.ml/comment/9266238>
    
    bla bla bla
    

    Just tested and found that MailMate actually handles this. Still feels unclear… I dunno. What do you think?


  • Lemmy’s maintainers seem overworked. As is the case with so much of software dev, (open source or otherwise!) non-programmers are unaware of or underestimate maintenance burden. From the outside, it looks like it’s just about “adding a feature”. But in reality, it’s less about “adding” and more about “growing”. Feature requests generally need to be evaluated with this in mind; whether future development is sustainable with some new feature(s).

    I see opportunities here for some software dealing with either ActivityPub directly or with Lemmy’s HTTP API.

    Anyone used lemmy-modder? Thoughts?