HackerTrans
TopNewTrendsCommentsPastAskShowJobs

implying

no profile record

Submissions

Secret World of Pro-Russia Hacking Group Exposed in Leak

wsj.com
3 points·by implying·4 yıl önce·0 comments

DuckDuckGo Cites 'Harry Potter Wiki' on Ringworm

duckduckgo.com
2 points·by implying·5 yıl önce·0 comments

comments

implying
·4 yıl önce·discuss
The site isn't really about dogs, it tracks a few dozen different topics that people consider difficult.

It's not so much about any longstanding personal policy, but if your dog of 10+ years had just died recently, and you sat down to watch a movie to relax, you might not want the movie to feature a prominent animal death, for example.
implying
·4 yıl önce·discuss
I use the site mentioned in the article almost every time I want to watch a movie. Its easy to dismiss it in terms of "pampering" or being too soft, but there are people who have lived and seen horrible things and do not want to be reminded of them.

It's also great as a nutrition label for media of sorts; "is this movie appropriate for a small get together?" is a question that's often hard to answer without a service like this.
implying
·4 yıl önce·discuss
https://en.m.wikipedia.org/wiki/No-communication_theorem
implying
·4 yıl önce·discuss
Putting fundamental features of the language behind a price barrier at all will keep students and people who want to experiment with the language out of the ecosystem. This isn't a papercut, it's an intentional omission that has backfired and can only be fixed by tooling. If the only way to access an often necessary feature is proprietary, why not make the whole language proprietary at that point?
implying
·4 yıl önce·discuss
They've fixed the import / modules situation to a point where it's usable and much improved, and generics have been added.

However, the issue this brings up about structs / types not explicitly declaring which interfaces they implement is a real and unaddressed problem, especially in large codebases. The only tool that I'm aware of that finds implementations is GoLand, at steep JetBrains prices.

Figuring out what type an API is asking for should not require reading every line of code in the package, and slows down every developer of large Go projects
implying
·4 yıl önce·discuss
Firefox is not based on the chromium codebase, it is older.
implying
·4 yıl önce·discuss
Isn't it sad that he has to type out his only messages to the world letter by letter, and he spends his time typing out the names of mega-brands?

"...‘(son’s name) moechtest du mit mir disneys die hexe und der zauberer anschauen auf amazon’ – ‘would you like to watch Disney’s witch and wizard with me on amazon’ on day 461"
implying
·4 yıl önce·discuss
I essentially paid my way through college by turning SMB's spreadsheets into CRUD webapps + some tiny reporting. There is a huge, huge market for this if you wanted to trade some of the time you would spend writing code with marketing, cold calls, chasing down clients for invoicing, and other non-tech stuff.
implying
·4 yıl önce·discuss
Perhaps off-topic, but .su is the TLD of the Soviet Union.
implying
·4 yıl önce·discuss
You should expect any software to not have ads.
implying
·4 yıl önce·discuss
As useless and pithy it is to say "just restore from backup", having your livelihood (or a significant time investment) depend on a system far outside of your control, where you have no service guarantees or even a billable relationship, is a fairly shaky ground to stand on. Ultimately if you spend your time producing digital assets, you should have taken action to ensure you had ownership and control over them somewhere.
implying
·4 yıl önce·discuss
I always backup my TOTP secrets to a file on my computer. Android apps like Aegis can automate this, by having an encrypted export to a file anytime you add or change a secret. You can use {Nextcloud, syncthing, etc.} to maintain that export file current with your computer.

If your phone is stolen, you can generate codes manually using a TOTP utility, or by restoring the backup to a new/old phone.
implying
·5 yıl önce·discuss
This reminds me of Huawei camera app detecting pictures of the moon and superimposing a clear stock photo into your picture: https://www.androidauthority.com/huawei-p30-pro-moon-mode-co...
implying
·5 yıl önce·discuss
Digitalocean will automatically lock any account I create, because of an (admitted!) false positive in their fraud software. Literally any IP, any credit card, any email address I use- seconds after taking out a test deposit on the card, the account is locked.

Every time I've messaged support for an account lock, 24 hours later I'm informed it was a false positive and the account is unlocked. Needless to say, this does not inspire confidence that my resources are going to be kept up and running past Kafkaesque fraud monitoring systems
implying
·5 yıl önce·discuss
(2019)
implying
·5 yıl önce·discuss
These types of programs have gone through a few iterations since the secure enclave was released, but they all share a fatal flaw, probably from the SE itself:

You can only store keys that use the NIST P curves, which are not recommended for SSH, or any serious crypto. There are serious supicions that they were tampered with during design by NSA, and are listed in djb's https://safecurves.cr.yp.to/ as unsafe. Using this program would force you to configure your server to accept keys using unsafe curves.
implying
·5 yıl önce·discuss
This is a bizarre analysis. Public legal risk is absolutely the last imaginable threat to us-east-1, short of aliens abducting it. The U.S. security apparatus depends on AWS and would never allow it, Wall Street would never allow it, never mind the fact that Amazon itself would leverage every tool at it's disposal to protect its reputation for reliability. The politicians involved in this scenario might seek to remove Amazon's competitive advantages, or fine them, but the people who understand what AWS even is would never consider a move to shut down a datacenter.

Both the "enemy action" and "operation failure" scenarios are much bigger risks than this article makes out to be. Every non-aligned nation-state offensive cyber team has a knockout of us-east-1 at the top of their desired capabilities. I'm sure efforts range from recruiting Amazon employees to preparing physical sabotage to hoarding 0days in the infrastructure. There's no reason to think one of them wouldnt rock the boat if geopolitics dictated.

Operational failure is probably the most likely. AWS might have a decade of experience building resilience, but some events happen on longer timescales. A bug that silently corrupts data before checksums and duplication and doesn't get noticed until almost every customer is borked, a vendor gives bad ECC ram that fails after 6 months in the field and is already deployed to 10,000 servers, etc. Networking is hard and an extended outage on the order of a week isn't completely impossible. How many customer systems can survive a week of downtime? How many customer businesses can?
implying
·5 yıl önce·discuss
Took a little while to find the magic words in there: https://github.com/wimpysworld/quickemu/blob/af26f41440d63a0...
implying
·5 yıl önce·discuss
Strange how this implies that the end-all-be-all of VPNs is IPsec. I would've loved to hear their opinion on wireguard and this generation of mesh VPNs
implying
·5 yıl önce·discuss
I agree. Isn't a VPN a usecase where you'd like to authenticate yourself as little as possible?

For comparison, mullvad accounts have no separate identification and authentication. Each account is a 16 digit number, and knowledge of that number allows you to administer the entire account. Usernames and passwords don't exist