HackerTrans
TopNewTrendsCommentsPastAskShowJobs

antithesis-nl

no profile record

comments

antithesis-nl
·letztes Jahr·discuss
"Dear HN -- I was recently assaulted by flight attendants when I tried to open the plane door at 30000 feet to get the required line of sight for my Starlink connection. I was then called a wannabe Nazi by several passengers and arrested upon arrival, although my political connections of course promptly ensured all charges to be dropped. What happened to individual freedom, and would it have helped if I had taken my gun on the flight?"
antithesis-nl
·letztes Jahr·discuss
[flagged]
antithesis-nl
·letztes Jahr·discuss
[flagged]
antithesis-nl
·letztes Jahr·discuss
[flagged]
antithesis-nl
·letztes Jahr·discuss
Ah, yeah, I already wondered why these guys were suddenly back... The tell-tale sign here is admission scam emails from name-alike-domains for (mostly) Indian and (some) US colleges (with the payload being, mostly, crypto harvesters), but these are pretty noisy due to being pretty similar to earlier attempts...
antithesis-nl
·letztes Jahr·discuss
So, yeah: I installed this, and was impressed, just because it's an .appx package. I mean, how do you even create those?

Other than that: it did not immediately crypto-lock my laptop and/or ramp up my GPU mining Führercoins, so that was good too.

Other than that: I did not really see any metrics worth of attention, so I uninstalled the app again, which seemed to work fine as well.

Thrilling stuff, I know...
antithesis-nl
·letztes Jahr·discuss
> iPad Air is built for Apple Intelligence, the personal intelligence system that delivers helpful and relevant intelligence

OK, so the predominant opinion of HN seems to be that Apple is really good at marketing. So, which target group are they, brilliantly of course, addressing with this repetitive word salad?
antithesis-nl
·letztes Jahr·discuss
Mentoring really only works if the junior person actively seeks out a trusted colleague, ideally in the context of a formal program (with clear guidance on expectations and such).

What you have here, basically, is a customer abusing an API. This is extremely common: mental models of systems differ greatly, and 'getting things to work from my side' will always take precedence over 'making sure I'm not missing an alternate understanding of the bigger picture'.

But one, possibly easy, thing you can do, is make the API more abuse-resistant. Add rate limits on expensive operations that should only be used seldomly (which may be hard in the case of "a SQL object", but still), just deprecate and/or hide such functionality completely, or add convenience functions that automatically do the right thing, and promote those.

If you do decide to reach out, make sure you very clearly describe the issues you've observed in a strictly technical way ('Hi, I noticed you're creating lots of Customer objects, which is really expensive since there are manual checks by various departments involved with that later on') and clearly outline solutions ('What you might want to do instead is only create Branch objects, which are basically what you want anyway and much cheaper and bore performant').

And be mentally prepared for not getting any response, them turning things around and responding that you are the one who's wrong, or even them running to their manager telling them you're impeding their progress by having way-too-hard-to-use systems. And just shrug that off, after briefly considering whether they may have a point, and making things better, for everyone, just in case they do...
antithesis-nl
·letztes Jahr·discuss
> The Trump administration is instead discussing tearing down NOAA

Nah, they're just straight out going to do that.

States are then free to sign up for the SpaceX-in-proud-cooperation-with-Starlink-and-Tesla Extreme Weather Notification Plan, which is only $420M/state/month, and will be available in, well, 2 years or, eh, so. [Announcer's voice speeds up] Not every state may be eligible for participation, see your DOGE representative for full disclaimers and details.
antithesis-nl
·letztes Jahr·discuss
The premise of the article seems a bit flawed: Nigerians are not replicating hyperscalers, but more like building local Hetzners. And that is a fine idea!

A big problem for people doing this, however, is that peering is pretty much nonexistent in Nigeria (and, for that matter, most of Africa). So, traffic from, say, Airtel (where a lot of consumers are) to Globacom (which hosts a lot of major businesses), will not stay on the continent, but go via London or Marseille instead. And, also worth keeping in mind, from Lagos to those destinations, Joburg or Cape Town are actually double the distance, even though they might 'sound' closer.

So, yeah, I wish everyone involved all the best, but it will be an uphill battle. Convenience and latency make 'big tech' pretty hard to avoid, and 'strong crypto' would be my bet over 'local facilities', but, yeah...
antithesis-nl
·letztes Jahr·discuss
[flagged]
antithesis-nl
·letztes Jahr·discuss
That's interesting, because for me, being able to read a language comes first, then being able to understand it being spoken, then speaking it in some (but definitely not all) contexts.

So, you spoke German at some point, but these days, you could not decipher a restaurant menu or ticket-vending machine? Not meant disparagingly, just truly curious...
antithesis-nl
·letztes Jahr·discuss
From personal anecdata, I can assure you it's entirely possible to 'lose' a language ability. Native tongue? Not so sure, but a closely-related one, definitely!

I'm a native Dutch speaker and used to be relatively fluent in German (which is not a given: despite being close neighbors, the languages are very different). Then, I lived in Cape Town for a while, and had to learn some Afrikaans (also closely related to Dutch, but yet widely dissimilar).

This somehow 'erased' my ability to speak German! Only after moving back to Europe and after many years, I was able to do basic stuff like ordering in restaurants in German again.

TL;DR: the human brain is, like, weird, man...
antithesis-nl
·letztes Jahr·discuss
Very cool! Yet:

    I found out that CDs are edible
PSA: CDs are not, in fact, edible, nor are DVDs or Blu-ray media. Sure, if you click through, you'll see that the CD was not actually damaged and that it was only the printed license key that got mauled, but still: CDs are mostly polycarbonates, and not, in any way shape or form, part of a healthy diet, no matter what your local party liaison tells you.
antithesis-nl
·letztes Jahr·discuss
Nice as a thought experiment, but you actually do get this in real life as well, when maintaining a public API with a large user base (where even the details of the internal workings need to be frozen over time.)

Gives you lovely stuff like the Win32 API (introduced in 1993 and still very much a thing!). CreateWindow, CreateWindowEx, CreateWindowExEx (OK, I made that up...), structs with a load-bearing length field, etc. etc. And read some Raymond Chen on the abuse that customers inflict on the more 'private' stuff...
antithesis-nl
·letztes Jahr·discuss
[flagged]
antithesis-nl
·letztes Jahr·discuss
Using the SQLite backup API, which pretty much corresponds to the .backup CLI command. It doesn't block any reads or writes, so the performance impact is minimal, even if you do it directly to slow-ish storage.
antithesis-nl
·letztes Jahr·discuss
A Windows Server VM on a self-hosted Hyper-V box, which has a whole bunch of 8TB NVMe drives; this VM has a 4TB virtual volume on one of those (plus a much smaller OS volume on another).
antithesis-nl
·letztes Jahr·discuss
Yup, they win. My biggest SQLite database is 1.7TB with, as of just now 2314851188 records (all JSON documents with a few keyword indexes via json_extract).

Works like a charm, as in: the web app consuming the API linked to it returns paginated results for any relevant search term within a second or so, for a handful of concurrent users.
antithesis-nl
·letztes Jahr·discuss
Yeah, can confirm, there are a lot of targeted emails going out inviting people to dodgy auth flow endpoints.

Disabling device authentication (which is rarely needed anyway) and forcing Microsoft Authenticator (with the yes-this-is-really-me number entry thing) or something like a Yubikey should make your org like 99% less vulnerable. If you're not on a Microsoft-or-similar platform (good for you!), one word of advice: passkeys.

As for the inevitable "who would fall for this" question: prior to 2017, when Google instituted a strict 2FA policy, even members of their elite security team were successfully phished. After that, not so much: https://krebsonsecurity.com/2018/07/google-security-keys-neu...