Exif is great but here is your obligatory reminder that if you are publishing images you should strip out some of the identifying information that cameras and image editing software likes to embed.
In particular, you probably don’t want the GPS coordinates of your house publicly available on your blog for everyone to see.
Conversely, as a hobbyist photographer, I want to do the exact opposite for most photos I take.
I would like my camera info, especially the body, lens, focal length, and settings in the image. I recently discovered that software like Darktable can even take a gpx file and photo timestamps to add coordinates to photos taken on a camera without a GNSS receiver.
It's so stupid that we have to do geotagging as a post processing step with separate software. That could be built in to the camera with a GNSS receiver or smartphone Bluetooth link with minimal impact on cost or battery life. And yet even today many high end cameras lack such basic functionality. It's like the camera manufacturers aren't even trying anymore.
This why I have my phones track themselves (started with Moostrax on the Blackberry then iOS, Moves on iOS until Facebook killed it, now it's OwnTracks on iOS logging to my server + Arc Timeline + Gyroscope + some others, I think) - even without the "where was this photo taken?" helpfulness (for camera shots + phone shots with stripped location), it's also good for "where was that cafe / coffee shop / craft shop / whatever?" kind of questions (obviously assuming you can remember vaguely what date and time...)
I should get better at taking contemporaneous notes, really, but since that hasn't happened in 30+ years, I doubt it's going to stick now.
Most publication and messaging tools strip exif data, which is incredibly frustrating when friends send you pictures taken together as you no longer have the time stamp, nor GPS coordinate.
My static site generator strips out exif data from images and I would expect all sensible sites would do the same. There is a lot of personal information jammed in there - if you post a picture of your dog making a funny face to social media you don’t want the exact GPS coordinates of your house plastered over the internet.
You have to be selective though, some of the EXIF data specifies things like color spaces and orientation that is used by browsers for displaying the image properly.
For my personal website I have a lot of photography-oriented blog posts [1], but I have special code to strip out GPS info from the location if it's close to my home [2].
EDIT: my vibe-coding slop agent put my home GPS lat long in the example config in the README lol. Please don't rob my house; I'll go run git-filter-repo later.
Yeah, if I take a dense grid of photos near my house, it would reveal a 500 m circle. But in practice I don't take _that_ many photos in the neighborhood. Also, the circle isn't perfectly centered on my home.
These were some of the most influential books of my youth, teaching a generation of young kids quite advanced topics. I still picture cartoon robots putting numbers in boxes whenever I write code involving pointers.
But my favourite[0] was Write Your Own Adventure Programs, which taught data driven programming and text parsing.
I copied the code from the book and then did my own mods. I also ended up rewriting the engine with 6502 assembly macros. That made me realize, and appreciate, high level languages that had first order functions and very different approaches to computing and data structures, in contrast with BASIC arrays, gotos and gosubs. At the same time I was learning to program in Logo, which, without being aware of, introduced me to the world of Lispy languages and what computing really is. That tainted me a bit and left me a bit frustrated when I moved on to C and, much later in the 90s, to C++.
IBM was legendarily over-managed. This is second-hand but a guy I used to work with told a story of when he interned for a summer at IBM in London during the mid-90s doing what would now be called a QA engineering. At that time everyone wore suits to work but the culture was changing so the interns put in a request to be allowed casual Fridays. Bear in mind that they were locked in a back room somewhere without any customer interaction so they didn't think it was a big deal.
Months later, just before the end of the internship, they received a reply. Their manager had forwarded their request up the chain of command and the email had the full quoted history. Their request had been bumped up 4 successive layers in the London office, then across to the US headquarters where it continued its upwards trajectory, finally alighting on the desk of a VP who, after thanking them for bring the issue to his attention, rendered an carefully considered opinion.
The whole process had taken weeks, presumably as each person in the hierarchy debated whether they had the authority to tackle such a weighty issue.
The email had then been inexplicably bounced back DOWN the chain one link at a time, back across the Atlantic Ocean, and through the local office, down to the suit-bound interns, again weeks later, who by this stage only had days left at the internship.
In the late 90s I moved from one country to another. As a part of a job hunt I applied to the local IBM office, because I had some OS/2 mileage. Then promptly got three offers from other places, accepted one and completely forgot about the IBM application.
Not 8 (eight) months later I got a call from their HR saying they'd like to interview me next Thursday. And then they got completely flabergasted when I said I was no longer interested. Don't know what they were smoking, but they were exceptionally full of themselves... while not even offering a good pay.
When I went to a grad jobs fair in 1998 or so IBM were offering at least 25% less than any other company I spoke to, and 40% less than the best paying roles.
The only company they were on par with was Arthur Andersen, who were offering around £15k for trainee accountant roles, but you know how fast those salaries go up once you’re qualified and start to progress.
My dad was am IBM lifer, when they said they could wear suits that weren't black he wore a blue suit and his boss asked him if he rode the bus to work.
This is a very legitimate question: In the US, where is it not?
Public buses aren't safe, clean, or timely. Where I am, it's 2.5 hours rather than a 26 minute commute by car. The only reason you ride one is usually if you are already in the proximity of your destination, especially if that destination is downtown. For all other cases, private or ride-share makes way more sense. We're talking buses here, not shuttles, light rails, monorails, etc.
I worked at IBM Research, totally unlike the rest of IBM in terms of how it was run, and being a non-US person it was quite natural for me to take the bus to work because either that or train is how you get to work. I never met any coworkers on there, although I did get to know the cafeteria staff, cleaners, and so on, who all caught the bus, quite well.
Many in the US also use public transportation when they can but busses are generally thought of as a last resort. Unlike trains, teams, or subways their schedule is at the whim of traffic. So the general thinking is that if you are going to be stuck in traffic anyways you might as well be comfortable in your own car if you can afford one.
I interned at an IBM R&D site in Winchester (UK) for a year in 1988-89 and none of us interns wore suits, or even ties. I don't recall many of the f/t IBMers doing so either. It was pretty informal really.
(Not disputing your story, just providing a different perspective.)
I work with a lot of government departments. The "policy" is not a thing that can enforce itself, and often barely exists at all. Rarely is it actually written down!
Mostly these things boil down to a vetocracy where all managers in some hierarch must say 'yes', otherwise a single 'no' is a final 'no'.
Hence, the trick is not to ask because the more people are involved the higher the chance that one of them will say 'no'.
The manager in that office you worked in most likely made a decision themselves and didn't punt it up the hierarchy, and hence nobody told him 'no'.
The corollary to that is a clever bureaucrat can kill a proposal simply by inviting many decision makers to a meeting.
PS: It's hilarious to see this effect play out as a consultant, because often I deal with different "randomly" selected subsets of the same organisation and the difference in their day-to-day can be stark. It just boils down to which managers take individual responsibility, and which regularly beg for permission to do their job. "No."
> Hence, the trick is not to ask because the more people are involved the higher the chance that one of them will say 'no'.
So in my case at IBM the trick to being able to keep a hand-and-a-half sword in your office is to just have it appear there one day. My boss did a bit of a double-take the first time he saw it but that was the only reaction I got.
They did have a "no firearms in the building" policy but that didn't extend to medieval edged weapons, although there may have been a change made after I left.
Wouldn't you also want to keep a can of spray paint to draw the Elder Sign? You know, in case it was needed in a hurry.
Come to think of it, does an Elder Sign still work if you spray it onto a wall using a template? I think you need to investigate that the next time there's a breach... you've got plenty of interns right?
> The corollary to that is a clever bureaucrat can kill a proposal simply by inviting many decision makers to a meeting.
Not particularly clever. My experience is that low-level team/line managers typically already have the authority to say "no" to their own people; but they don't want to take the blame for saying "no" (they want their team to like them!), so by punting the decision up the chain, they're effectively punting the blame for saying no up the chain (under the expectation that anything so punted will get a "no" response.)
Some this backfires, though: everyone above them says yes, and so they have to be the one to say no. (They may end up lying if asked, vaguely saying "someone important" said no.)
Sometimes this backfires badly: not only does everyone above them say yes, but someone somewhere up the chain loves the idea, and turns it into an "initiative" — i.e. something the line-level manager is now locked into doing.
> Sometimes this backfires badly: not only does everyone above them say yes, but someone somewhere up the chain loves the idea, and turns it into an "initiative" — i.e. something the line-level manager is now locked into doing.
I've seen a variant of this (repeatedly!) where a sales person will suggest the bronze/silver/gold/platinum edition of some product to a manager, the decision goes up the chain (unnecessarily), and then someone near the top says: "Platinum sounds the best!". Nobody dares take responsibility for suggesting "anything less than the best", so it gets locked in.
Meanwhile, the platinum edition exists only to make the silver and gold pricing look reasonable, so now... now... the consultant has to implement a solution based on the
"bells & whistles edition" which takes 10x as long and has a bunch of issues. E.g.: "clustered" versus simply "active-passive" or weird nonstandard high bandwidth ports instead of ordinary Ethernet, etc.
I asked to be excepted from a contract condition giving IBM first pick on any IP I develop in my own time.
Keep in mind, I was working in one of their technical support call centres. I had no access to IBM proprietary information, I had no role in developing it, I was a complete non risk on this front. I had more access to customer systems, no access to RED or BLUE networks, just an IBM lotus notes account I could use to slowly download information from HR.
Everyone I could physically speak to looked at my request and went, hey that's a really reasonable request.
It took 6 weeks for the first no to come back, my direct manager, whose stats I was apparently holding in place, apparently tried to intercede, adding 2 further weeks for a review. The answer was still no. This had apparently gone up through one line of reporting across to the US, branched out into legal and came back down that path. It was crazy.
So I left, so I could work on a small software project with a friend without risking IBM having an interest in it.
Another one. The HR forms were all written in the early 80s and digitised sometime in the 00s. Our team, not being customer facing, was super diverse. I know there was an attempt to try and get the HR forms updated to recognise other gender/pronoun combinations. This took like 12 weeks to be reviewed, and I think the eventual no was based entirely on the fact that no one wanted to try and figure out whose job it was to update the forms. Our team was full of LGBT people, and retention of them appeared to be critical. Hard no.
Also, our sexual harrassment training came on tape (in the year of our lord two thousand and ten) and implied that it was the updated version, previously it might have been vinyl or something.
This sent me down a rabbit hole. In the US, the PIIA effectively is the law - your employer gets to decide whether your side project "relates to their business." In the EU (where I am) it's basically: not on a work laptop, not on work hours? Yours.
A coworker of mine got his first job at IBM after graduating from what was effectively an early version of a tech trade school when tech trade schools were not common.
He showed up to work at an IBM hardware factory in the US and as soon as everyone walked in the door they was called into a meeting that day. IBM announced they were all laid off immediately. IBM having almost no experience with layoffs to that point and still styling itself as a company you go to work at for life seemed to be legitimately unsure what to do.
So they gave everyone minimum 1 years pay, benefits, IBM actually assigned HR people who were VERY involved in trying to place people other places and paid many to relocate them, and what amounted to a 4 year scholarship too if they wanted to use it.
Dude had been there less than an hour and decided to just go back to school for 4 years ...
Aaronson know his stuff but I am not sure he hasn’t considered the fact that, in this current hype cycle, the quantum researchers breathlessly reporting to him on a breakthrough just around the corner are just lying to him and themselves.
I have been hearing about one more technical hurdle to solve before quantum algorithms become feasible since before I graduated. That was in 1996.
This is true, practical quantum computing is always "just a couple of years away".
At the same time, moving to more secure encryption really isn't difficult. How many times have algorithms been deprecated over the past 20 or so years? It's time to do it again.
Let's just make sure that the NSA hasn't worked in any backdoors. At latest since Snowdon, anything they work on is suspect.
There is no clear evidence that the risk of "a practical post quantum computer would arrive in the next 5 years" is greater than "post quantum scheme X is broken" for any scheme X. The only way to go is hybridation and it is quite hard from an engineering point apparently.
If Algo-A and Algo-B both rely on "factoring big numbers is hard!" then once the Quantumpocalypse occurs, breaking Algo-B(Algo-A(plaintext)) is no harder than asking ChatGPT 99.5 to add an extra step in your vibe coded cracking engine's frontend, such that it now does B_breaker < cyphertext | A_breaker >> plaintext.lol or whatever the equivalent is for the fashionable language of the that future day.
He was saying hybrid encryption as in use both a well established classical "factoring big numbers is hard!" algo and also a fancy new post quantum cryptography algo. That way if it turns out the fancy new algo can be broken by non-quantum computers at least you aren't in a worse position than you were in before because you are still protected by the well established classical algo.
You have to break both algorithms. One of them is quantum-safe if it's secure, but it could also be completely insecure like supersingular isogeny was.
And in the process immediately convert huge numbers of devices into ewaste. Then check the excuse calendar again for tomorrow's reason to deprecate yet another batch of "legacy" ciphers from openSSL.
It's not another story, the quality of the reasons for scrapping / upgrading devices is the most important thing here.
If the reasons are "the current devices are insecure or likely to become insecure" that's very different from "the new encryption system is a little bit better so there's not much point in upgrading".
If quantum computing never becomes a practical thing, the current hardware and software will stay secure. If it becomes practical, they won't. Seems simple enough.
It'll be a 90/10 rule: 90% of the upgrades will be straightforward. It's important the 10% that'll be hard early. For many it's probably already too late.
Quantum correction algorithms (that would allow factoring of thousands of digits) begin to work when the gate fidelity and other parameters are above certain threshold.
This is what bugs me about both quantum computers and commercial fusion power. There's so much talk about how it's just inevitable and will happen soonish, but a lot of the evidence suggests, in some cases strongly, that it might not ever be possible.
I find it weird how bleeding edge research, at the very edges of both physics and engineering, is treated as though it's a market development about to drop. Possibly a consequence of pure R&D having all but died? Getting funded requires pretending there's a business plan for what you're working on?
There's no strong evidence of impossibility. For quantum computers to be impossible at scale we need new unknown physics. Fusion requires lots of engineering. And before those engineering efforts would show practical impossibility or impracticality, there can't be strong evidence.
For quantum computers, the situation is quite similar. Michel Dyakonov and several others have laid out the situation well.
At least we don't have anyone claiming that interstellar travel is just 10 years away, yet. Probably because it's more difficult to make an economic case for it. But the issues are quite similar. In principle, in terms of physics, nothing prevents an interstellar journey. In practice, it just isn't going to happen.
The Boy Who Cried Wolf is a story about a boy who have seen a wolf, successfully threatened the wolf away by causing a commotion in a disbelieving village. One day the disbelieving village refused to show up, boy was eaten and thus proven correct.
But as it happens in real life politics too, people who were just proven they were wrong continued to blame the boy.
The story is told from the point of view of a villagers trying to hide their culpability by blaming the victim.
> The Boy Who Cried Wolf is a story about a boy who have seen a wolf, successfully threatened the wolf away by causing a commotion in a disbelieving village
I have been trying for years to get good at 3D modeling with Blender and have also failed. But I didn’t let that stop me using Blender to produce illustrations for my sci-if epic interactive fiction game that ended up being nominated for a minor award for graphics (it didn’t win).
Let me introduce you to the last resort of the struggling artist - extreme stylization. Really good pixel art is a very difficult discipline but terrible pixel art can be just as appealing if you push a style you can call your own.
I haven’t had comments on my blog for over a decade now and I don’t miss them. For every useful and informative comment I got several spammy or rude reply. Anyone who wants to let me know something about my blog can message me on social media.
I’ve seen blogs that do not host comments themselves but instead automatically surface social media (usually mastodon) comments which I think is a useful technique.
I've had comments (open, anonymous, no screening) on my blog since it started in 2004. Back in the day when it was very popular, most of my blog posts were the result of reader tips/advice/heads-up/etc. I have to work MUCH harder now that comments have pretty much dried up.
Yes, unfortunately spam and rude replies come with comments. I also don't have comments on my blog. I instead have one of those email masking services that allows to people to email me (and I have found this effective).
In particular, you probably don’t want the GPS coordinates of your house publicly available on your blog for everyone to see.
reply