HackerLangs
TopNewTrendsCommentsPastAskShowJobs

jasomill

no profile record

comments

jasomill
·há 11 dias·discuss
It's not cheap, but getting it legally is easy, and you don't need a VAR.

Specifically, you can buy a single-seat Microsoft 365 E3 subscription directly from Microsoft for $432/year, which includes a license for a single user to use Windows Enterprise, including LTSC, on up to 5 PCs (along with other stuff, mainly Office).

https://www.microsoft.com/en-us/microsoft-365/enterprise/e3

(click "try for free")
jasomill
·há 2 meses·discuss
Even games with strong anticheat could benefit from sandboxing, as the anticheat mechanisms that need access outside the sandbox represent a much smaller surface area for exploits than the entire game.

In theory, sandboxing mechanisms could even be used to improve anticheat.

What I always sort of assume the endgame could be for highly competitive Windows games is something akin to cartridge or bootable floppy games from the 8-bit era, where games would install into or be supplied as disk images containing locked-down Windows installations that only permit signed (and possibly whitelisted) drivers and whitelisted applications, which would include the game and a small number of other approved applications like Discord, MS Edge and possibly selected third-party browsers, and support software for hardware like GPUs and gaming input devices, which Windows would then boot to run the game, either on bare metal or in an isolated VM.
jasomill
·há 2 meses·discuss
As opposed to streaming video services, which, aside from the content they provide, have been shit from day one.

While the web UIs suck compared to local media players, they work well enough that I can cope.

But most services restrict 4K (and at least historically 1080p) web playback, even on Windows with a GPU that supports top-tier hardware DRM and an HDCP display.

My desktop display is a recent 55" LG OLED smart TV, and the streaming service apps on the TV work fine when my attention is devoted to whatever I'm watching, even if they tend to be slightly shittier than the already mediocre web UIs.

But when task switching or multitasking, my only options are reduced video quality, borrowing or purchasing a physical copy if available, or piracy.

Given how quickly everything shows up on public torrent trackers, I struggle to understand why the 4K limitations remain in place, as it obviously doesn't stop whoever uploads the torrents, and there has to be a vanishingly small number of paying customers who'd prefer to crack DRM locally or record HDMI instead of simply downloading the torrent.

Do streaming services get kickbacks from smart device vendors?
jasomill
·há 2 meses·discuss
Middle-out compression was indeed the first thing that came to mind when reading the headline.

That, and billionare investor Russ Hanneman standing in front of his orange McLaren waiting for his daughter to be released from the grade school he forgot she no longer attended screaming about his willingness to pay for gay sex.
jasomill
·há 2 meses·discuss
A technology company that's profitably doing over $50 billion in sales after more than 100 years with no obvious signs of impending doom sounds like an okay position to me, even if the tables have turned since 1984[1].

[1] https://www.youtube.com/watch?v=VtvjbmoDx-I
jasomill
·há 2 meses·discuss
“Reality has a well-known liberal bias.”

— Stephen Colbert, 2006

https://www.c-span.org/clip/white-house-event/user-clip-step...
jasomill
·há 2 meses·discuss
Who said anything about free?

Advertising isn't the only possible business model.

And profit isn't the only possible motive to provide a service.
jasomill
·há 2 meses·discuss
Not really. For the most part, accessibility APIs provide programmatic interfaces to user interfaces, application APIs provide semantically meaningful interfaces to application functionality.

A closer analogue would be AppleScript, or rather, the underlying Apple Event and Open Scripting Architecture functionality supplied by the OS to support AppleScript, that allowed applications to expose these interfaces along with metadata documenting them, and for external tools to record manually performed tasks across applications as programs expressed in terms of these interfaces to make them easier to use (this last bit, while not strictly required, is convenient, and especially useful for less technical users).

If you're familiar with VBA in Microsoft Office applications, sort of like that, except with support provided by OS APIs that could be used by any application that chose to implement scripting support, official guidance from Apple suggesting that all well-designed applications should be scriptable and recordable, and application design patterns and frameworks designed with scriptability and recordability in mind.

Note that I use the past tense here, despite AppleScript still being available in macOS, because it is not well-supported by modern applications.

https://dl.acm.org/doi/epdf/10.1145/1238844.1238845
jasomill
·há 2 meses·discuss
In other words, AppleScript in the late '90s.
jasomill
·há 2 meses·discuss
Do you want to do something that can't be done through AppleScript, macOS accessibility APIs, and something like Puppeteer to control the browser?

Or something you don't understand how to do manually?

Because I guess I don't understand the attraction of using an LLM for system automation where existing interfaces exist, other than as a form of documentation, or to write code using these interfaces.
jasomill
·há 2 meses·discuss
And easy to identify anonymous cards.

https://www.google.com/search?q=identify+anonymous+visa+mast...
jasomill
·há 2 meses·discuss
The nicest thing about this rush to find and build "agentic" endpoints for controlling everything is that there's no reason these same endpoints can't be consumed by deterministic, non-LLM software as well.

It feels like 1994 called, and it's giving me my AppleScript back.
jasomill
·há 2 meses·discuss
I paid $300 each for my last two SSDs, 4 TB Samsung 990 Pros.

They’re currently selling for $942.72 on Amazon.
jasomill
·há 2 meses·discuss
Density, power efficiency, write endurance, sustained write speeds under continuous load, power-loss protection.
jasomill
·há 2 meses·discuss
From applications that capture the screen or use accessibility APIs, perhaps, but what about, e.g., Windows applications that capture window messages, e.g.,

https://devblogs.microsoft.com/cppblog/spy-internals/

Obviously, if you can inject code into a process that receives sensitive data, you're already running in a context where all security bets are off.

But with processes you yourself create, you probably can, even without elevated privileges, unless the application takes measures to prevent injection (akin to game anticheat mechanisms), so it seems worth pointing out that there are simple mechanisms to subvert such "protected" fields that don't require application-specific reverse engineering.
jasomill
·há 2 meses·discuss
Windows has similar APIs and tools, see, e.g.,

https://accessibilityinsights.io/

https://learn.microsoft.com/en-us/windows/win32/winauto/insp...

https://github.com/FlaUI/FlaUInspect

and for WPF applications specifically,

https://github.com/snoopwpf/snoopwpf
jasomill
·há 2 meses·discuss
I think this is just saying you can’t sign up for a new account after a previously created account gets suspended, not that the act of suspension itself causes you to violate the the terms of service in perpetuity because, pedantically, any suspension that has happened, happened “previously”.
jasomill
·há 2 meses·discuss
I had one project where a desktop application deliberately hid the contents of all grid controls from Windows accessibility APIs, took measures to ensure checkbox and radio button selections made through accessibility APIs did not register, and all functions that allowed data to be exported were protected by CAPTCHAs.

Generative AI wasn't a thing at the time, but I had to resort to a combination of OCR, simulated user input, and print capture to drive the application and export data.

Had the developers been aware of the Windows DRM APIs that block screen capture, or the fact that text is easily recoverable from PostScript files with minimal formatting, I don't know what I would have done.

The irony is that the process this replaced involved giving cheap offshore labor full read-only remote access to all data in the system, which was by any measure a far more serious security risk than otherwise authorized employees using tools running locally with no network access provided by established, trustworthy vendors to automate their work.
jasomill
·há 2 meses·discuss
In what world would a vision agent be the default, when whatever HTTP-based mechanism a site uses to communicate with the server can usually be reverse-engineered and easily emulated with widely available HTTP request libraries, HTML parsers, and JavaScript engines, and at worst you can use something like Puppeteer to navigate and control applications at a significantly higher level than image scraping and simulating user input?

It seems like you'd need a deliberately hostile app before a vision agent would even be considered as an option.
jasomill
·há 2 meses·discuss
Historical auto design and technology is interesting.

Two random tech examples: the first concept car with a back-up camera was the 1956 Buick Centurion; both Chrysler and RCA sold car stereos with record players in the '50s and '60s.