HackerTrans
TopNewTrendsCommentsPastAskShowJobs

cmg

no profile record

comments

cmg
·w zeszłym miesiącu·discuss
The closest stop to me is between a dog park and a school - scanning it would have been an awkward situation, to say the least. And as you said, for rewards that aren't worth it. I got used to having that "Scan" task just sitting at the top of my list, never to be touched. But I noticed earlier this week that it's gone - and scanning stops doesn't give a new scan task.
cmg
·2 miesiące temu·discuss
That’s very possible. I switch between Cursor and VS Code, don’t remember which it was that day.
cmg
·2 miesiące temu·discuss
A few days ago I saw I had an update to the Twig extension. The UI flagged it as having new executable code in the update bundle, so I didn't install the update, disabled the extension as I wasn't working on Drupal views that day, and went about my work. I didn't have time to investigate the new update's contents. When I went back to the extension page, it was taken down: https://open-vsx.org/extension/whatwedo/twig

I'm not saying it was whatwedo.twig, but I'm not saying it wasn't, either.

Edit: If anyone's got a good recommendation for a twig formatter for Cursor / VS Code, please let me know.
cmg
·2 miesiące temu·discuss
This is correct, and interestingly enough in one of the screenshots, the OpenFirmware prompt says "To continue booting the MacOS" too.

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh...
cmg
·2 miesiące temu·discuss
My mind immediately went to chaining this with another recent vulnerability in the Ninja Forms - File Upload plugin [0]

> This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

So, upload and execute a script that loads Copy Fail and even if you're only executing as www-data or another restricted user that "can't" sudo -- suddenly, uid=0!

To repeat the refrain... I'm so tired.

[0] https://www.wordfence.com/blog/2026/04/attackers-actively-ex...
cmg
·4 miesiące temu·discuss
The fact that in the miniplayer you can't display both the album art and the track information at the same time unless the cursor is hovering over the window absolutely boggles my mind. If I'm listening to a station, I want to glance over and see what I'm listening to. And I like the album art showing. This worked until Tahoe.

View menu > Hide Large Artwork will show the track info, but you of course lose the album art.

Of course it's not a major issue, it doesn't make the system unusable, but it was a nice little experience thing.
cmg
·7 miesięcy temu·discuss
From the FAQ:

> You can try to find Wally (Waldo), as in the well-known game Where's Wally. He is partially visible, but if you click on him, he will appear in full and wave at you.
cmg
·3 lata temu·discuss
For me, the "magic word" is my WWDC 2007 bag. Pretty much the only reason I keep it around these days.
cmg
·4 lata temu·discuss
Exactly. Technical measures are important, but if someone wants to play a game or do something that's been banned on Apple's stores and finds a site that claims to have an installer (which is actually malware) with instructions to disable Gatekeeper or SIP or what not, social engineering can work. Their goal is to do the thing they wanted to do, probably not thinking of security in the meanwhile. Popup alerts are going to be interpreted as something to get rid of so they can do the thing.

It's a difficult balance. Power users, engineers, developers - we can (usually) tell when warnings need to be heeded. People who use their devices to achieve a goal without really understanding or caring about what's happening usually won't.
cmg
·4 lata temu·discuss
The 6 minutes makes perfect sense to me - it could be one of those "If I don't reply to this ASAP I will never have time" situations. The notification is right in front of you.

I don't think it's fair to assume any malicious intent here. What would the maintainer gain? People are already extremely aware of the situation. It's not a huge repo, there's no ask for financial donations or anything like that.
cmg
·5 lat temu·discuss
In fact Chrome has a "Force Dark Mode for Web Contents" experiment under chrome://flags that does the "make everything dark" thing.

Here's an example screenshot I took the other day of the HN frontpage. Chrome with FDM on the left, Firefox on the right: https://imgur.com/a/TiNxsR6
cmg
·5 lat temu·discuss
Location: Connecticut

Remote: Yes!

Willing to relocate: No

Technologies: PHP, Ruby on Rails, JavaScript (ES6), Bootstrap, Twilio, Heroku, semantic HTML, CSS/LESS/SASS, SQL (PostgreSQL/MySQL), git

Résumé/CV: https://chrisgaraffa.com/resume

Email: [email protected]

I'm looking for full-time employment or contract opportunities. I've been writing code for over 15 years and have experience as a solo developer and in the non-profit world, as well as a manager of a small team of 5 staff/volunteers, but want to be able to focus on code. While I love Rails and have a long history with PHP, I consider myself to be mostly platform-agnostic as I love to learn: At my last position, I had to pick up Rails + Heroku and had the basics down in just about a week.