HackerTrans
TopNewTrendsCommentsPastAskShowJobs

rainforest

no profile record

comments

rainforest
·2 mesi fa·discuss
Note that the smart feed "feature" is Taboola-provided adware[0] so it's par for the course. It's beyond comprehension Lenovo would trash the brand by shipping it on flagships.

[0] https://www.reddit.com/r/motorola/comments/1s61usi/edge_60_p...
rainforest
·7 mesi fa·discuss
I'm quite surprised to see the need to debug a live server here. I'm of the belief that the need to repro a problem locally and using a debugger lead to better understanding. SSHing into boxen feels like a cowboy behaviour on a modern stack - it shouldn't be necessary with competent observability and unit tests.
rainforest
·12 mesi fa·discuss
Does it worry you at all that meat is ultimately made of whatever food the animal eats and processed into a litany of chemicals?

I feel the UPF "debate" is just an appeal to nature, and calorie/nutrient density should be what we fixate on.
rainforest
·12 mesi fa·discuss
I had similar with my energy provider in the UK (Octopus). For one reason or another a regular payment bounced which automatically puts you on a "call daily until the debt is repaid" list.

These calls come in on an unrecognised number, from staff who say "I don't know" when you ask them to prove they are from Octopus, and generate no call notes so you can't find out why they rang if you use the main customer service number.

To top it off they ask you to key in your card info on the phone after asking for your personal information.

I complained and they offered to fob me off with £30 credit instead of talking to their CISO, but they did at least say they can add phone passwords to individual accounts.
rainforest
·anno scorso·discuss
I think Cloudflare WAF is a good product compared to other WAFs - by definition a WAF is intended to layer on validation that properly built applications should be doing, so it's sort of expected that it would reject valid potentially harmful content.

I think you can fairly criticise WAF products and the people who advocate for them (and created the need for them) but I don't think the CF team responsible can really be singled out.
rainforest
·anno scorso·discuss
Thanks, for the benefit of others the risk is that the devtools port has no Auth so is vulnerable to XSS.

I would surmise that this will stop being a problem if you switch to using a unix socket for the CDP.
rainforest
·anno scorso·discuss
Could you go into a bit more detail about this? Why is exposing devtools to the agent a problem? What's the attack vector? That the agent might do something malicious to exfil saved passwords?
rainforest
·anno scorso·discuss
For a while the /join page was blocked by cloudflare WAF yesterday - I wonder if this is why.
rainforest
·2 anni fa·discuss
The NHS does this calculus routinely using Quality Adjusted Life Years. Treatments that get more are favoured which is also how NICE decides what drugs the NHS should offer. There's obviously some utilitarianism in the decision to use QALYs but to some (including me) it seems a reasonable proxy metric to maximise.

Ultimately a sacrifice must be chosen, but I am not sure a discussion about how that should be made is necessarily fit for HN (though I'd be interested in how you'd resolve your proposed scenario).
rainforest
·2 anni fa·discuss
I would offer a counterpoint: most software in existence was written by not-software-professionals in Excel (most likely poorly).

Within reason I think there is a rational basis for not having to involve software engineers for every project - especially if the SMEs with understanding of their requirements are the ones building it.

This will probably fall over in the same space as Excel spreadsheets do though, when the domain complexity outgrows it, way before anyone is able to recognise that.
rainforest
·2 anni fa·discuss
Yes, if the key isn't in the TPM then it can't be sniffed. Secure boot would need to be enabled to protect against the threat model bitlocker is only good for here. Alternatively using a PIN would mean the key is only exposed once the PIN is typed (still vulnerable to a hardware attack, but requires physical modification).
rainforest
·3 anni fa·discuss
A cow is in a sense a factory producing various proteins, fats, and carbs from grass. Does putting it into something "natural" reset it? I would imagine that red meat isn't a UPF by definition as it's only been through one process, but would argue that the inconsistency with fake meat clearly feeling processed is definitely interesting. Also interesting is perhaps that red meat is presumably not UPF but is carcinogenic.
rainforest
·3 anni fa·discuss
IIRC some of the Snowden leaks alleged that (at least at the time) domestic traffic couldn't be surveilled (but this was solved by mutual assistance across the Atlantic - the British would spy on US citizens and vice versa[1]).

VPNs seem useful to guarantee that your traffic is designated as foreign, so this might be a net gain for the intelligence services rather than a loss - the mandatory collection of ICRs only relates to IP addresses and time of access.

[1]:https://www.standard.co.uk/news/uk/edward-snowden-leaks-uk-o...