HackerTrans
TopNewTrendsCommentsPastAskShowJobs

kaimalcolm

no profile record

Submissions

CDNs don't work -Vercel CEO

twitter.com
3 points·by kaimalcolm·2년 전·1 comments

Managing Latency Is Like Workplace Risk Mitigation

kaimalcolm.com
4 points·by kaimalcolm·2년 전·0 comments

Some cloud-agnostic thoughts

kaimalcolm.com
2 points·by kaimalcolm·2년 전·0 comments

[untitled]

2 points·by kaimalcolm·3년 전·0 comments

TikTok appears to have been breached

twitter.com
2 points·by kaimalcolm·4년 전·1 comments

comments

kaimalcolm
·2년 전·discuss
Though the re-construction of the pattern is effectively impossible, I think you raise a good point regarding the use of NFC. The article mentioning a cloud database was a red flag for me as it introduces another attack vector. Sure, it's not as simple as replacing the tag as you can with RFID, but we know the counterfeiters will go to impressive lengths to replicate the real deal. If verification can be all-local that's ideal, imo. The issue there, though, is that you then need to trust either the scanned or scanning device with a private key. A private key that, if obtained, could be used to create infinite counterfeits. Either way, I think this glue-based method is a great solution, even if it does rely on a cloud service which is dependent on the company that maintains it.
kaimalcolm
·4년 전·discuss
Has this not been the case for a while? I think I've been getting /maps for at least the past year.
kaimalcolm
·4년 전·discuss
Then if that’s the case, the author should have been paid a full payout, not a “thanks for making us fix this” payment.
kaimalcolm
·4년 전·discuss
Appalling handling on Google’s end here. The duplicate issue part I can understand, but why should it take two reports of a critical vulnerability to take action? Surely when the first one comes through it’s something you jump on, fix and push out ASAP, not give delay to the point where a second user can come along, find the bug, and report it.

The refactor that’s mentioned towards the end of the article is great, but would you not just get a fix out there as soon as possible, then work on a good fix after that? For a company that claims to lead the way in bug bounty programs this is a pretty disappointing story.
kaimalcolm
·4년 전·discuss
My question then is, would/will the same fact-checking apply to a different government that Musk does support? He’s been pushing for this equal fact checking and equal platform for both parties, but as far as I can tell we’re not seeing these banners anywhere on politics Twitter besides official government accounts.
kaimalcolm
·4년 전·discuss
Unconfirmed at this point - more info: https://twitter.com/troyhunt/status/1566565409939427328?s=21...
kaimalcolm
·4년 전·discuss
To say the author "intentionally created" an environment where cheating is commonplace I think may be a little unfair to them. Whether they run a given course online or in person is almost certainly well above their pay grade. While the situation was far from ideal and I believe he may have been too lenient in some situations (the plagiarism on the academic integrity assignment for one), at the end of the day he made the best of a very bad situation. No doubt, in-person exams as you described are the most cheat-proof way, but in a scenario where the author has no say in this, it's not a terrible outcome. Look at the semester following the one with widespread cheating - he made significant changes based on the past issues and in the process managed to eliminate a lot of the issues.