HackerTrans
TopNewTrendsCommentsPastAskShowJobs

contentboot

no profile record

Submissions

Twitter bots and an $11K cryptocurrency scam

ciaran.dev
5 points·by contentboot·há 4 anos·1 comments

[untitled]

1 points·by contentboot·há 4 anos·0 comments

[untitled]

1 points·by contentboot·há 4 anos·0 comments

comments

contentboot
·há 4 anos·discuss
>What is the equivalent of the Java 𝚜𝚢𝚗𝚌𝚑𝚛𝚘𝚗𝚒𝚣𝚎𝚍 keyword?

The closest equivalent would be using a lock, semaphore or barrier object with a context manager .i.e. the with keyword.

Making the locking and unlocking of data automatically managed for you.

I generally try to stick to a deque in Python if I am doing anything concurrent.
contentboot
·há 4 anos·discuss
A second button on your website beside the "RSS" button that says "RSS but with fancy features." when you click on it, it is the same content on your blog but via a substack newsletter.

I believe that has all the features you listed as wants.

I am kind of half joking but people do have very specific ways they want to consume content even if it is the same content.
contentboot
·há 4 anos·discuss
How hard it is to come up with good ideas is greatly underestimated.

Here is a paper on A/B testing that the Bing search team conducted under Microsoft.

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3171224

Hidden in there in a distribution graph is that 2% of the ideas that were A/B tested resulted in 74.8% of the improvements.

Now you can ask yourself what are they considering improvements which is a valid answer but that really struck me.

Section 4.3 Figure 3a.
contentboot
·há 4 anos·discuss
I read the article and I have read a lot of comments here.

I couldn't find a single reference to where the data set came from that trained the model they are using to do facial recognition.

Someone did theorize that it could be taken from a hypothetical law firm website but IIRC a single photo of someone is not good enough to reliably train a model that is not overfit.
contentboot
·há 4 anos·discuss
This is great, thank you for posting it.
contentboot
·há 4 anos·discuss
Why is it always telegram involved with these scams?

Why do they bother with the javascript obfuscation when it can be easily seen what they are doing in the network tab?
contentboot
·há 4 anos·discuss
This seems like the most traditional and respectful of REST way to go.

You could try a HATEOAS approach if you want to get a bit more fancy.

https://restfulapi.net/hateoas/

If you are following REST strictly there should be only objects, actions and verbs.
contentboot
·há 4 anos·discuss
cough https://news.ycombinator.com/item?id=32487190
contentboot
·há 4 anos·discuss
>Seems like in order to practise their art, they need a reliable but remedial job to pay the bills. Unfortunately, the nature of that kind of work is energy depleting zapping any creative juices needed for the concentration and initiative to produce content.

I'd highly recommend quitting your job. 10/10 experience.

Just make sure to check your funds war chest before hand.
contentboot
·há 4 anos·discuss
>I thought all those examples were awesome.

They are great examples. Great examples of what not to do.

The only use case I can think of is meta programming which most people don't need.
contentboot
·há 4 anos·discuss
>The security benefit to consumers of blocking user scripts is probably a net positive for the average internet user.

Strong disagree. Extensions and User scripts are an unmapped wild west.

Providing a registry type system to securely vend packages/scripts is a very hard security problem.

https://www.bleepingcomputer.com/news/security/mozilla-block...

https://iamakulov.com/notes/npm-malicious-packages/
contentboot
·há 4 anos·discuss
>Their attack uses binary search to recover the private RSA key after 1023 client logins

I know this is from the initial paper but it is great to see practical examples of algorithms taught in college/uni.

I always had trouble understanding why we are learning such hard topics to find the number 5 in a sorted list of 10 numbers.

To keep things on topic.

>The patches that MEGA developed to mitigate the original key recovery attack are effective against our improved attack as well, so updated clients are not vulnerable to the techniques presented in this work. However, our optimized cryptanalysis underscores the ongoing risk to unpatched clients

Great to hear that their patches fix the root of the problem but this paper has now significantly reduced the complexity of carrying out the attack.
contentboot
·há 4 anos·discuss