I think part of what makes CORS hard to remember is the amount of conditional branches it contains, which partially stems from being modeled to have backward compatibility with HTML forms (which defines how CORS behaves for "simple requests).
Remove this legacy trap and there are far fewer cases to remember.
Of course, that can't be undone now but I think the original-ish sin was when forms suddenly could perform _both_ cross origin requests _and_ get the ambient authority treatment (i.e. send the user cookies with the request though to be fair, basic auth + forms also enabled similar attacks even before cookies were introduced in the mid 90's).
Depreciating doesn't just mean it could depreciate in value relative to the performance of newer GPUs, but also that its lifespan is limited by reliability issues and failures.
Earlier this month I switched from Claude Code to Codex and wanted to try Gemini CLI as well.
It felt far behind both CC and Codex but I wanted to give it another chance with the new Antigravity CLI.
What can I say, it did surprise me and not in a good way in but two short sessions that included just two prompts (trying to reverse engineer some earbuds OTA firmware) using Gemini Flash 3.5, I managed to finish my weekly quota. I'm currently on the Google AI Pro subscription. Couldn't even figure out my tokens usage or if my plan is even counted toward usage inside Antigravity CLI.
Given how the cache eviction policy is mismatched with the 5h usage window, it might make sense to just stop at say 97% of the session max usage and keep running a script every 4 min and 50 sec that consumes a minimal number of tokens whose entire purpose is to keep the cache.
reply
Neither RAG nor loading the docs into the context window would produce any effective results. Not even including the grammar files and just few examples in the training set would help. To get any usable results you still need many many usage examples.
If you want to section hike it, its entire North American part is covered by the Eastern Continental Trail (ECT), which some people (very few, as in a tiny fraction of all A.T. thruhikers) thruhike it in a single calendar year.
Tens of thousands of users? Globally you mean? I doubt it's the user base size in Gaza but if that is actually what you meant, where did you pull that estimate from?
Other than the cold start problem which isn't discussed (what's the userbase size in Gaza?), the main argument for Bitchat (or any other off-grid network such as Meshtastic, Briar, etc.) in Gaza when mainstream E2E encrypted messaging apps already exist and are widely used, is to not be dependent on Israel for cell service.
While I do really like the idea of off-grid networks in general but for this use case, is it really that hard for a state actor to jam Bluetooth (or all ~2.4GHz communication) on a large scale?
Got here after finding myself stuck in that exact loop (which initially I assumed was a phishing attempt from a webview ad link I thought I accidentally clicked).
Looks like some users who have never used or heard of Yubikey report being locked out and stuck in the same loop.
Of course, that can't be undone now but I think the original-ish sin was when forms suddenly could perform _both_ cross origin requests _and_ get the ambient authority treatment (i.e. send the user cookies with the request though to be fair, basic auth + forms also enabled similar attacks even before cookies were introduced in the mid 90's).