HackerTrans
トップ新着トレンドコメント過去質問紹介求人

mormegil

no profile record

コメント

mormegil
·2 か月前·議論
I understand your database of feeds is curated but you might be interested in another database listing feeds: Wikidata. See https://w.wiki/MpjN for a simple example of twenty (random) feeds (obviously, you can add filters for e.g. a country, language, etc.). (There are currently 18598 feeds there in total.)
mormegil
·2 か月前·議論
Yes, see e.g. a quarter-century-old (!!) https://www.joelonsoftware.com/2000/04/06/things-you-should-...
mormegil
·5 か月前·議論
You could even make this an installation-time option. If you want to enable the switch afterwards, you have to do a factory reset. Then, the attackers convincing the victims would get nothing.
mormegil
·6 か月前·議論
LLM-superforecaster parity projected to late 2026 (and LLMs now outperform non-expert public participants) according to https://forecastingresearch.substack.com/p/ai-llm-forecastin...
mormegil
·6 か月前·議論
> I have no idea what JetBrain's financials are like

In 2024, ~725 M$ total revenue, ~119 M$ net profit.
mormegil
·8 か月前·議論
Overview of QC factoring records, applied sleight-of-hand tricks, and their replication using a VIC-20 8-bit home computer from 1981, an abacus, and a dog:

https://eprint.iacr.org/2025/1237.pdf
mormegil
·9 か月前·議論
This. I am reading old vital records in my family genealogy quest, and as those are sometimes really difficult to read, I turned to LLMs, hearing they are great in OCR. It’s been… terrible. The LLM will transcribe the record without problems, the output seems completely correct, a typical text of a vital record. Just… the transcribed text has nothing to do with my specific record. On the other hand, transkribus.eu has been fairly usable for old vital record transcription – even though the transcribed text is far from perfect, many letters and words are recognized incorrectly, it helps me a lot with the more difficult records.
mormegil
·9 か月前·議論
I agree that Locale.ROOT is the canonical choice. But in this case, Locale.US also makes sense: it isn't some abstract "US is some kind of the global default", it is saying "we know are upcasing an English word".
mormegil
·10 か月前·議論
While this is an upper bound for a "board position", it should be noted that it is not an upper bound for a "game state". That includes the (unbounded) whole board position history because of the threefold repetition rule. If you ignore that (and the fifty-move rule which can alternatively be kept using a six-bit counter), you also need the castling state and the en passant state. Plus one bit of the player on move, obviously :-)
mormegil
·10 か月前·議論
I was confused, since DORA is also the EU Digital Operational Resilience Act.
mormegil
·昨年·議論
Here you are: https://shop.squiggle.tools/
mormegil
·4 年前·議論
When this topic came up the last time, I plotted the probability distribution. It was far from 50x, the range was several orders of magnitude, which seems to be the correct behavior. See https://gist.github.com/mormegil-cz/84d0cc34eb5f1234be8966f7...
mormegil
·4 年前·議論
Doesn't X-Plane support similar custom plane designs? (Sure, not as a separate KSP-like game.)
mormegil
·4 年前·議論
Oh, I misunderstood. You enter the mentioned code into an authentication calculator which emits the signature code which is then used. Yeah, that probably fulfills the PSD2 requirements, though I agree it's not exactly good UX and very secure for common users. That (well, and mostly the cost) is the reason everyone goes to mobile authentication apps nowadays.

SMS authentication is... well by one reading of PSD2, it's not acceptable. But in real world, it is basically necessary, and not _that_ insecure (if you ignore SIM swapping attacks etc.). The WYSIWYS aspect comes not from the code but from the message text, which is crucial (and per PSD2, should include at least the amount and... receiver? I forgot). But sure, if people don't read or understand the message, it's not ideal...

While FIDO provides better phishing resistance (than SMS, not necessarily than authentication apps), it doesn't protect against transaction modification (e.g. man in the browser) and for people who care about and understand security, it is strictly worse.
mormegil
·4 年前·議論
I think the FIDO Alliance is already discussing solutions to these use cases. (And also this is a bit circular reasoning, isn’t it? “Why don’t you use the XYZ standard? Because it does not support our use case. So why don’t you cooperate on adding support to the standard? Why? So that you can use the XYZ standard!”) Also, I think there already are extensions supporting some basic forms of this, however, they are not supported very well.

But I’m afraid the basic prerequisite of secure transaction signing (“what you see is what you sign”) cannot be fulfilled on a generic “FIDO2 authenticator” – you need the authenticator to have a display. Sure, Windows Hello / Android FIDO / … might support this, but your common hardware Yubikey cannot.

I don’t know to which authentication method used by which bank in which country you refer in your “58430012” example, but this is definitely nothing which could be used as a method of transaction signatures in banks here, and it does not fulfill the requirements of the PSD2 regulation.
mormegil
·4 年前·議論
#2 and partially #1 are solved by regulation and reputation: banks are highly regulated business, and BankID support requires specific security audit.

Ad #3: FIDO is basically unusable for banking. It's designed for user authentication, not transaction signatures which banks need (and must do because of the PSD2 regulation).
mormegil
·5 年前·議論
> I have tried to help out here by adding business in my area but the process of slow. Not sure who is in charge of approvals.

There are no approvals at all. After you submit your changeset, it's in the primary public database. Some relatively short time after that, the affected tiles are rerendered and the change is visible on the main map layer (Mapnik) on openstreetmap.org. But if you use an application (e.g. OsmAnd) or some third-party map rendering (e.g. by Mapbox), the changes might take quite some time to get there.