> The problem is that there is no real feedback mechanism between a what a congress person votes for and their electibility
You would describe this as being different from competitive?
I doubt any amount of money would matter if we had 1 representative per 30k people as written in the constitution, NY State is about 20 M people so you'd need to bribe ~300 of the ~600 representatives in order to get your way (and also do that for every other state).
yes, is there any evidence purple districts represent their constituents better? whats the different between being primaried in a 90% red district and running against someone of a different party in a swing district?
I've over the years began to interface with a lot of PHP code and there's a lot of really neat configuration stuff you can do. Ex. creating different pools for the incoming requests (so logged out users or slow pages are handled by the same pool). Like it seems to me for all of the rust web servers you have to still do a lot of stuff all on your own through code and it's not like you can create an existing Pool-ing struct.
I don't think it probably helps with a lot of the super easy stuff like creating a pool with a line of configuration - fair!
I (personally) would rather spend the fixed several hours of doing a few things like that manually, vs. pounding my head on the desk for impossible-to-find bugs.
I mean somebody could make a singular rust dependency that re-packages all of the language team's packages.
But what's the threat model here. Does it matter that the Rust STD library doesn't expose say "Regex" functionality forcing you to depend on Regex [1] which is also written by the same people who write the STD library [2]? Like if they wanted to add a back-door in to Regex they could add a backdoor into Vec. Personally I like the idea of having a very small STD library so that it's focused (as well as if they need to do something then it has to be allowed by the language unlike say Go Generics or ELM).
Personally I think there's just some willful blindness going on here. You should never have been blindly trusting a giant binary blob from the std library. Instead you should have been vendoring your dependencies and at that point it doesn't matter if its 100 crates totaling 100k LOC or a singular STD library totaling 100k LOC; its the same amount to review (if not less because the crates can only interact along `pub` boundaries).
[1]: https://docs.rs/regex/latest/regex/
> I mean somebody could make a singular rust dependency that re-packages all of the language team's packages.
That's not the requirement though! Curation isn't about packaging, it's about independent (!) audit/test/integration/validation paths that provide a backstop to the upstream maintainers going bonkers.
> But what's the threat model here.
A repeat of the xz-utils fiasco, more or less precisely. This was a successful supply chain attack that was stopped because the downstream Debian folks noticed some odd performance numbers and started digging.
There's no Debian equivalent in the soup of Cargo dependencies. That mistake has bitten NPM repeatedly already, and the reckoning is coming for Rust too.
Isn't xz-utils exactly why you would want a lot of dependencies over a singular one?
If say Serde gets compromised then only the projects depending on that version of Serde are as opposed to if Serde was part of the std library then every rust program is compromised.
> That mistake has bitten NPM repeatedly already, and the reckoning is coming for Rust too.
Eh, the only things that coming is using software expressly without a warranty (expectantly) will mean that software will cause you problems at an unknown time.
> Wasn't that a suspected state actor? Against that threat model your best course of action is a prayer and some incense.
No? They caught it! But they did so because the software had extensive downstream (!) integration and validation sitting between the users and authors. xz-utils pushed backdoored software, but Fedora and Debian picked it up only in rawhide/testing and found the issue.
> Notably, xz utils didn't use any package manager ala NPM and it relied on package management by hand.
With all respect, this is an awfully obtuse take. The problem isn't the "package manager", it's (and I was explicit about this) it's the lack of curation.
It's true that xz-utils didn't use NPM. The point is that NPM's lack of curation is, from a security standpoint, isomorphic to not having any packaging regime at all, and equally dangerous.
> a Postgres dev running bleeding edge Debian
Exactly. Not sure how you think this makes the point different. Everything in Debian is volunteer, the fact that people do other stuff is a bonus. Point is the debian community is immunized against malicious software because everyone is working on validation downstream of the authors.
No one does that for NPM. There is no Cargo Rawhide or NPM Testing operated by attested organizations where new software gets quarantined and validated. If the malicious authors of your upstream dependencies want you to run backdoored software, then that's what you're going to run.
Who are these "experts" and what did they actually say? I feel like whenever I see these arguments its somebody making a straw man.
Although I mean trivially a non-rebated tax will cause inflation because it increases prices ... and recessions are called by NBER after you leave one so a year is way to little time.
Planes have actually been falling out of the sky. I'm not sure its from Social Security cuts but I mean if your stance is "planes falling out of sky = issue with social security cuts" then uh your evidence is in [1].
He's describing the same administration in two different terms. Mark has no problems lying to people that Biden administration sued Meta (it was Trump's [1]) and individuals like Joe Rogan have no problems not calling him out on it.
Trump was president in 2019, 2020. Covid starts in 2019. It's his administration that the twitter files is talking about when they mention censorship. It's his administration that started the big tech lawsuits.
This seems like a tenuous connection at best. The Biden admin were actually sued for their relationship with social media companies. The suit failed but the conclusion was still that the administration was involved in pushing social media companies to take specific actions. https://www.brennancenter.org/our-work/court-cases/murthy-v-...
> The Biden admin were actually sued for their relationship with social media companies. The suit failed but the conclusion was still that the administration was involved in pushing social media companies to take specific actions. https://www.brennancenter.org/our-work/court-cases/murthy-v-...
That's an misleading description of the "conclusion" (and incorrect if by "involvement" or "pushing" you meant unconstitutional behavior). The conclusion of Murthy v. Missouri is that the plaintiffs lacked standing to seek a preliminary injunction against the federal government's (under the Biden administration) requests/"demands" to social media companies to remove users' speech [1]. Why was there no standing? Because the plaintiffs failed to demonstrate a minimum of evidence that the Biden administration had coerced or threatened social media companies to censor users' speech [1]:
> To establish standing, the plaintiffs must demonstrate a substantial risk that, in the near future, they will suffer an injury that is traceable to a Government defendant and redressable by the injunction they seek. Because no plaintiff has carried that burden, none has standing to seek a preliminary injunction.
Or rather, the plaintiffs did not demonstrate sufficient evidence that, in the period leading up to the original lawsuits, the social media companies' decisions to remove the relevant speech mentioned by the Biden administration had been anything other than the social media companies' voluntary choices.
If you actually read the case the evidence is clear that the government was giving direction to social media sites. Which is what the comment I was replying to was about. Read the dissenting opinion.
I think you're coming at this from the angle of the court is always correct, and not actually examining the case itself.
"actually read the case" includes reading the judgement ("the conclusion"), which overrules your personal judgement (and mine, whatever it might've been).
> Read the dissenting opinion
Dissenting opinions are often irrelevant, equivalent to a loser shouting into the void because they lost. By definition, dissenting opinions are incorrect, because to be correct, they would need to be shared by the majority, in which case they would be in the non-dissenting opinion, if anywhere.
> I think you're coming at this from the angle of the court is always correct
By definition, the court is always "correct" unless contradicted by a constitutionally higher authority. In particular, a court consensus of 9 co-equal judges is more correct than a subset of 1 or 2 of those same judges. And while I'm sure you're a nice, competent person, perhaps even a lawyer, the court is more correct than you here.
I'm not sure why you're absolving yourself of free will. When courts ruled that chattel slavery was legal and just, were they correct? What if a court today ruled that chattel slavery was legal and just. Would the judges who support abolition be "losers shouting into the void"? It seems like your position falls apart pretty quickly to anyone with basic morals.
Courts and judges are not perfect. Are you just clinging to that belief to justify a predetermined opinion?
> What if a court today ruled that chattel slavery was legal and just
What if it ruled the opposite (the status quo), and you used your same argument to say that the courts are wrong and that chattel slavery actually is legal and just?
What makes you, 1 random person out of billions, more correct than the courts, just because you might personally feel chattel slavery is legal and just?
> Courts and judges are not perfect.
If courts and judges are not perfect, then that means that you and your dissenting opinions are even less perfect. Even if we were to accept mob rule, the people don't share your dissenting opinion, so your proposal seems to be that a randomly-small minority of random people unaccountably decide matters of law based on whatever criteria they feel at the time -- a worse option than courts in every way.
None of this should be unexpected. All construction requires permits so you know ahead of time what's being built and almost certainly can just extrapolate out how many new kids will be in the school system based on the current rates.
It's like how a bunch of cities approve new commercial construction but then don't also don't fast-track some residential construction; you're just going to generate traffic because nobody can live close to work.
School financing needs drives a lot of local government decisions. It's an invisible force like gravity. Approving office buildings and retail stores adds tax revenue without adding to school district costs (enrolling students). Approving housing construction means more students to absorb.
The public cannot directly vote to reject the electric company's price increases, or more expensive groceries, or car dealers charging MSRP. Requiring voters to directly approve school taxes or public services is great for cost control. But you get what you pay for with austerity: long waits for service, crowding, short hours, lower quality employees. Voters only approve the school levy when the pain of service cuts exceeds the pain of forking over another $$$/yr in tax. While residents choose politicians, over long periods of time politicians choose what mix of residents can move into the area! Think of downtown areas that are purely zoned for office buildings and parking garages.
Ask your town to implement robhit's municipal bonds. Should be automatic but govt often fails our expectations. Perhaps that is the knowledge lost when term limits kick in.
Also, not like it just keels over and dies, that's just the 80% performance criteria. Most people wouldn't need to replace the batteries at that point.
Aren't comments like "the site is too slow" similar to "the city is too crowded"?
Twitter famously had a "fail whale" but it didn't stop the company from growing. If you have market demand (and I guess advertising) then you can get away with a sub-optimal product for a long time.
> Twitter famously had a "fail whale" but it didn't stop the company from growing. If you have market demand (and I guess advertising) then you can get away with a sub-optimal product for a long time.
Agreed, but there's still an element of survivorship bias there. Plenty of companies failed as they couldn't keep up with their scaling requirements and pushed the "getting away with a sub-optimal product" for too long a time.
Afaik, Byzantine (or reverse) and other private tax collection setups aren't illegal.
reply