HackerLangs
TopNewTrendsCommentsPastAskShowJobs

fencepost

no profile record

comments

fencepost
·23 hari yang lalu·discuss
I'm not digging into the report, but as a general problem particularly in some niche fields I worry about the "Melancholy Elephants" problem as written about by Spider Robinson back in the 80s. He was talking more about copyright, but I could easily see the same thing happening elsewhere.
fencepost
·2 bulan yang lalu·discuss
I assume that this is basically just not worth pursuing for small-scale orders (e.g. $15ish for Ciglue), but for larger ones what are the reasonable approaches for scenarios that don't involve stolen card fraud?

Notably disputing a credit card charge is completely independent of whether someone owes the debt, the credit card is simply a convenient way for that payment to be handled. What's the point where other collection methods make sense? As an example, if you're consulting for someone and they pay you $x,xxx via card then charge it back, at least in most of the US I believe it's legal for you to do your own collection efforts and contact them repeatedly (this changes if you sell the debt and it's a third party attempting collections).
fencepost
·3 bulan yang lalu·discuss
Can someone who's looked at the security of these systems give a bit more context on that?

The thing that's always concerned me with them is questions of "what level of access is required to the system(s) actually hosting my calendar data?" and "if this vendor is compromised, what level of access might an attacker in control of the vendor systems have?" Obviously this will vary by what kind of access controls backends have (e.g. M365, Google Workspace, assorted CRM systems, smaller cloud providers, self-hosted providers, etc.).

Edit: basically, with a lot of these systems, what's expected to be the authoritative data provider/storage?
fencepost
·3 bulan yang lalu·discuss
These days Google fails at even the much simpler "Don't be fscking creepy."

That plus aggressive avoidance of anything resembling customer service and what sounds like an internal environment that may be moving towards cage matches makes it worth avoiding for anything important.
fencepost
·3 bulan yang lalu·discuss
Doesn't China have that whole "social capital" thing where defaulting on debts and other bad behavior can have real long-term consequences? Or does that not apply if you're defaulting on debts to non-Chinese?
fencepost
·5 bulan yang lalu·discuss
Google made it very clear years ago that they shouldn't be trusted with anything irreplaceable/that would cause major problems if you lost access.

Once it became clear that they'd shifted from "crappy customer service" to (IMNSHO) "we fetishize the complete absence of customer service" it became dangerous to depend on them. Really, what's the worst that could happen? Maybe someone spams emojis in live chat on a game livestream at the request of the streamer on a personal account, it gets banned for abuse, Google recognizes that it's linked to other services and locks down everything? But that's so unrealistic I'm sure it could never happen.

It's not like they also have the ability to identify links between multiple accounts accessed by the same person and have automated processes that might stomp the associated accounts as well. Why, that would probably require something like allowing poorly-understood automated agents to take actions on their own!
fencepost
·5 bulan yang lalu·discuss
Sounds like when I was asked to give minimum hardware requirements for something doing backend processing (receive text submitted as print jobs, massage, send to printers).

The requirements as they went out were much higher than they needed to be, because I decided telling them that we weren't stressing anything on the obsolete NT desktop repurposed as the test system might not please everyone.
fencepost
·5 bulan yang lalu·discuss
Worth noting that http.dog includes 218 This is Fine, which is an Apache-specific response code.

It does not, however, use a cartoon dog in a room on fire.
fencepost
·5 bulan yang lalu·discuss
Huh, my initial expectation was wrong! I figured (even until close to the end of the article) that the problem was a dramatic increase in the amount of wi-fi or other 2.4GHz traffic in the area leading to interference, some of which was blocked by rain thus allowing more stable local connections.
fencepost
·5 bulan yang lalu·discuss
I have three different generations of email addresses associated with United Airlines that all receive spam. Never any disclosed breaches AFAIK, but clearly email addresses got out at several points. At some point I stopped bothering to check.

As for Soundcloud, the password I had saved for it and a tiny bit of profile information tells me a lot - a manually created password saved into a password manager, probably in 2010 or 2011 and unused after grabbing a single track.

Addresses for services I actually care about also get what's basically peppering, and have all had updates much more recently than the days of Blackberry devices.
fencepost
·5 bulan yang lalu·discuss
So I guess I should watch out for scams being sent to "soundcloud@" on a personal domain. Oh no, how will I distinguish them from my legitimate banking email???
fencepost
·5 bulan yang lalu·discuss
I think the Go stores mostly bit the dust after that reveal, but they were also mostly small convenience store operations. I actually saw one at the airport recently, that's a situation where I can see it making sense as an option.

The Fresh stores are basically a conventional grocery store, with electronic tags for every item and quirky pricing. They also have "smart carts" with built in weight sensing and multiple cameras so you can basically put open bags in, say "ready to go" then shop by scanning a UPC before placing each item in the cart. Unscanned item? Error. Weight mismatch? Probably an error but I've never tried. The carts are running what looks like a Linux-based UI with some stuff in docker, I grabbed a picture of a shutdown screen on one not too long ago.
fencepost
·5 bulan yang lalu·discuss
The Fresh store near me that I stop in at seems to double as a warehouse for some of those delivery orders, so I wouldn't be surprised if some of them just stop having customer access and shift to entirely staffed pick-and-pack for delivery.
fencepost
·5 bulan yang lalu·discuss
The Fresh stores are kind of a weird shopping experience with a mix of normal, overpriced and bizarrely cheap at different times.

I've gotten into the habit of stopping in to wander the aisles and check prices because of it (e.g. I stocked up on a bunch of canned soup when most (but not all) Progresso soups were $0.44 a month or two back, and I picked up some microwavable rice+quinoa pouches for my wife at $0.35 each a couple weeks ago, but the inconsistency and overall not great prices mean it can't be my go-to grocery destination.

I'm sure the one by me will be closing since there's a significantly larger Whole Foods just a few miles away.
fencepost
·6 bulan yang lalu·discuss
I'm just wondering if they'll end up revising the blurb about her on their website to include the words "craven pandering."
fencepost
·6 bulan yang lalu·discuss
There's certainly no reason for Canada to consider significant EV imports from the US - I wouldn't be surprised if Tesla was tainted based on Musk's association with Trump and there aren't really other major US EV producers. For international manufacturers it probably makes more sense to have direct trade agreements with Canada vs possible significant tariffs in response to whatever Cheetolini decides to do on any given day.
fencepost
·6 bulan yang lalu·discuss
Not really, once you have any materials issues with the vertical portion ironed out you just need a fine but rigid shaft within the body of the 'key' to bring it all the way out to where you have plenty of space to work. You'd need to have the shaft in a tight channel, but that's purely mechanical and should work just fine over even several inches.
fencepost
·6 bulan yang lalu·discuss
I feel like developing something that could actually pick locks including detecting binding pins, etc. is in the category of "not actually that hard if you devote the resources to it."

On the mechanical side there would certainly be some challenges (having to work within a key that's all the deepest cuts, using something that could push up to "shallowest cut" level without deforming, general structural strength problems) but once you had a viable insertable key portion built you might be able to read a lock based just on the amount of spring resistance at each pin. You could also provide tension while probing for pins under tension. If covert agencies don't already have pretty portable devices like that it's because they don't care enough to create them not because of some true technical problem with doing so.
fencepost
·6 bulan yang lalu·discuss
I'm a bit surprised to not see mention in comments of "social vs sociable." There's often something nice about being around people that you're interacting with only minimally (sociable) vs being around people you're talking with (social). The shutdown in 2020 did away with a lot of options for"sociable."
fencepost
·6 bulan yang lalu·discuss
If this is something you want to do you might consider a bike. A 6 mile round trip on for for coffee seems a bit much, but 3 miles each way on a bike shouldn't be bad unless you're in a city (in which case there should be things closer). You could also do this same thing with a thermos of coffee/tea and a local park.