HackerTrans
TopNewTrendsCommentsPastAskShowJobs

jsiepkes

6,547 karmajoined 10 years ago

comments

jsiepkes
·2 days ago·discuss
I think you are reading way too much in those things. I made the JEP 533 joke in this thread, and I am definitely not implying progress is slow, nor am I frustrated.

I think it's a good thing the developers take their time to flesh out new features. Once it goes in, it stays like that forever. Besides, since 27 isn't an LTS release it doesn't really matter if it goes out of preview. Looking at mailingslists, etc. I can see plenty of progress being made.
jsiepkes
·2 days ago·discuss
Dear diary, the year is 2094, 10 years since society collapsed. The neighbors went scavenging for food and I haven't seen them in 4 days. I fear the worst. Meanwhile, JEP 533 – Structured Concurrency still hasn't been declared stable, and it has entered its five-hundredth preview release in OpenJDK 136.
jsiepkes
·4 days ago·discuss
If this is a local privilege escalation to root, why can't I find anything on https://www.openbsd.org/security.html ?
jsiepkes
·6 days ago·discuss
> A rooted phone can have a modified runtime/kernel that can inject code into whatever processes it sees fit, including Google Pay. Which can expose information being sent to and read from the TEE by the app.

You seem to have now realized (?) you can't modify or see data in the trusted execution environment from the host OS (rooted or not). Meaning the point you made earlier: "means the EMV token store on your Android phone must be in an isolated uncompromised location (usually the TEE)." is not affected by your phone being rooted.

So you have shifted your argument from "the store is unsafe" (false) to "the data in transit to the app might be observable". PCI-DSS doesn't require you to have something like Google Play Integrity API for that.

> The legislation still applies to the bank behind Google Pay.

You started out with that the Google Play integrity API was a hard requirement to comply with legislation (false). Sure, banks are still responsible for fraud under that legislation. But that is a very broad statement which doesn't require Google Play integrity API. GrapheneOS proved you can do attestation in an open way. Google just chose to do it in a way which ties you to Google and further locks down the Android ecosystem.
jsiepkes
·6 days ago·discuss
> You also have the EUs Payment Services Directive (so a law) which require strong customer authentication, rooted devices can also fail up here.

Plain wrong. PSD3 does not apply to "digital wallets" [1] ("This Directive also does *not* cover, in its scope, the provision of technical services including processing or the operation of digital wallets.").

> If your phone is rooted or has an unlocked bootloader then it's possible that trusted store is no longer secure or can be snooped on by a third party.

That's also wrong. Even with a rooted phone you can't mess or snoop on data in the trusted execution environment. The isolation is enforced in hardware.

> If a device fails compliance (a rooted phone certainly does), as far as banks are concerned it's not safe.

If this were about security, then why allow phones which have known security vulnerabilities (and no longer receive updates) to pass the Google Play Integrity API tests?

> But people just find it easier to say "Google is Evil".

Apparently you also find it easy to forgo about the history of Android. Like how Google introduced the Google Play API about a decade ago and did a "Embrace, extend, extinguish" thing. You also conveniently stay silent on things like the fact that Google now only releases the Android sources only twice a year.

[1] https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex:52...
jsiepkes
·6 days ago·discuss
Ok, that's some good news. Still leaves the attestation API though. Which makes using a non-Google sanctioned device a non-viable option. Also don't forget that the source code for Android is now, since 2026, only released twice a year (i.e. every 6 months).

So overall it's quite clear which direction Google is moving in. They are clamping down on the ecosystem.
jsiepkes
·6 days ago·discuss
> But you can still install whatever you want over ADB...

...if you wait 24 hours.

And also thanks to the new Google Play attestation API a lot of apps won't even work on alternative Android OS'es. But that's all needed in the name of security. Never mind if your Samsung Galaxy phone is EOL and hasn't been receiving updates for 4 years anymore. It still works with the attestation API. But the fully updated GrapheneOS phone is a real security hazard apparently, so it won't work with it.

So no, you can't just run everything you want via side-loading. It's pretty obvious Google is making a power play to curb down on everything that isn't going via Google Play.
jsiepkes
·8 days ago·discuss
If you think this port is related to tour point; The source code for Command and Conquer generals (and other C&C games) was released a while back. This port uses that source code. So this port is not based on reverse engineering. The port even states someone else (manually) already did the hard work of porting it to macOS and Linux (so not an LLM):

> Built on EA's GPL v3 source release via fbraz3/GeneralsX (which did the heavy lifting of the macOS/Linux port — this fork adds the iOS/iPadOS port and a set of engine fixes
jsiepkes
·16 days ago·discuss
At this point, for Europe, it might not be such a bad idea to make a deal with China and give them full access to ASML again. And maybe, just maybe, review Intel's access to ASML?
jsiepkes
·17 days ago·discuss
UPDATE 25-06-2026: The Kia app started working again on GrapheneOS.
jsiepkes
·17 days ago·discuss
> Some drugs are available online / locally through compounding pharmacies as transdermal creams that you apply to the inner surface of the cat's ear.

> Can confirm, transdermal maropitant (cerenia) worked very well for my cat who was dealing with both CKD and IBD in her later years (she passed away in December).

Thank you both for the tip! I'm going to look in to that.

Sorry to hear your cat passed away :(

> Luckily my cat was totally non-aggressive, so when it came time to take pills she would try to evade, but never attack, but she was pretty good at undulating her tongue to try to swat pills out.

Exact same thing here. The cat is totally relaxed, no biting, clawing, etc. Only tries to "go in reverse". Which doesn't help him, since I'm sitting behind him. But he has gotten good at trying to swat pills out of his mouth with his tongue. But with a piller, it is do-able.
jsiepkes
·18 days ago·discuss
Its not always that easy. For example cerenia tastes very bitter for a cat. My cat will start drooling almost uncontrollably if he tastes it. He has a kidney condition and needs it for the rest of his life. I've tried crushing it, but he will then just ignore the food because of the bitter taste of the pill. Putting it in something like easy-pill will work a couple of times. Until he realizes the disgusting taste he is going to experience when eating the easy-pill. At that point you can't trick him anymore with an easy-pill.

So the only way I can give it to him (without drama) is by putting it deep into his mouth so he never tastes it and immediately swallows it.
jsiepkes
·20 days ago·discuss
Proton, the Steam machine, the Steam deck, etc. were probably never about making money. It's Valve's "Plan B".

They started with Proton after Microsoft suddenly made a move with the Windows store and also started bolting down Windows a bit. As with most things Microsoft that initiative quietly died over time. But at that time Valve probably couldn't afford to take any chances. It probably also made them realize they had build a castle on someone elses land.

If you are making money in the amounts Valve is, then even the simplest risk analyses is going to show that "Microsoft rug pulling you" is one of your few existential threats. Even though the probability is low or medium-ish at best, the impact is massive. Even anti-trust isn't going to save you. By the time Microsoft gets convicted, you are already dead. Just look at Netscape.
jsiepkes
·25 days ago·discuss
If this is a deal breaker, then you want to avoid KIA. The KIA connect app also doesn't work on GrapheneOS due to the use of NSHC DxShield [1].

[1] https://en.nshc.net/
jsiepkes
·last month·discuss
Isn't that even worse? They even knew they couldn't protect their high value asset? As the article states, this center has been around for a long time and seen plenty of wars. But this time was different.
jsiepkes
·2 months ago·discuss
> Trump fits this moment well. He is a salesman at core, and Larry Ellison is too.

Larry just fired 30% of his people at Oracle because, apparently, he is in an immediate need for cash. Because Oracle's early AI bets aren't paying off.
jsiepkes
·2 months ago·discuss
As far as I know the more expensive UPS models are all still "online" (ie. double conversion) UPS'es.

These are also the only variants which will protect you against things like a phase ending up on neutral in a 3 phase power system. I've seen this happen twice. Fried a lot of equipment.
jsiepkes
·2 months ago·discuss
It would be way more complex for AWS to look at data in VM's then for cloudflare to look at unencrypted HTTP traffic. Heck they probably already do for various monitoring.
jsiepkes
·2 months ago·discuss
> Yes. Hence the stories of people (Brezhnev?) being astonished and baffled at simply walking into an American supermarket.

Way later even; It was Yeltsin who wandered (it was unplanned) into a grocery store in Texas [1].

[1] https://www.cato.org/blog/happy-yeltsin-supermarket-day-0
jsiepkes
·2 months ago·discuss
None of your opinion on Java changes the fact that Microsoft used it's monopoly to execute an embrace, extend, extinguish strategy on Java. It is well documented since they lost an anti-trust court case on it [1].

[1] https://en.wikipedia.org/wiki/United_States_v._Microsoft_Cor....