HackerTrans
TopNewTrendsCommentsPastAskShowJobs

jhpacker

no profile record

Submissions

In-browser AI image detection

quantable.com
3 points·by jhpacker·geçen ay·0 comments

With a 5x increase in Show HN, who sees what you build?

quantable.com
2 points·by jhpacker·4 ay önce·4 comments

Yes, OpenAI Scrapes Google Search

quantable.com
6 points·by jhpacker·8 ay önce·4 comments

DHS authorized to merge SSA data into SAVE

propublica.org
15 points·by jhpacker·8 ay önce·0 comments

ChatGPT search prompts leak into Google Search Console

quantable.com
9 points·by jhpacker·9 ay önce·0 comments

The dueling truths of AI, both grift and revolution

quantable.com
3 points·by jhpacker·geçen yıl·1 comments

More streams, but a dwindling number of pro musicians

quantable.com
5 points·by jhpacker·2 yıl önce·0 comments

Google Analytics Missing Data from Nov 13

seroundtable.com
1 points·by jhpacker·2 yıl önce·0 comments

70% of Top Sites Still Set Third Party Cookies

quantable.com
2 points·by jhpacker·2 yıl önce·0 comments

Voice assistant locally on a RasPi 4

hackaday.io
2 points·by jhpacker·2 yıl önce·0 comments

comments

jhpacker
·4 ay önce·discuss
You could well be right, though I think whatever the mix of Show HN spam vs. ham is the point that almost all it gets no attention remains the same.
jhpacker
·8 ay önce·discuss
No worries & thanks! Yea I didn't expect to get them with the excerpts too, that was a surprise bonus.
jhpacker
·8 ay önce·discuss
Unlinked domains can definitely be found in a lot of ways, but like I show in the article there was literally no fetching of the page except for Googlebot. So even if the hostname was leaked somehow the contents of the page require fetching the page, which was only done by Google. Also like I show in the article the content that ChatGPT knows identically matches what's in a Google search snippet, down to where a word-break is.
jhpacker
·8 ay önce·discuss
What I am saying is that this was a glitch where the full prompt rather than a translated prompt was sent to Google Search. OpenAI says they fixed the glitch, so yes it was definitely an error on their part. My research doesn't show how to repro that error, just that it existed.
jhpacker
·8 ay önce·discuss
I definitely wouldn't! Beyond the "glitch" I'm reporting here where full prompts are seemingly sent to GSC, it may still be that searches are scraped... meaning that while it's less obviously personal than a raw prompt it still could leak user intent.
jhpacker
·8 ay önce·discuss
GSC does filter and threshold what shows, but that doesn't always work 100%. Also those filters are built to work against traditional keyword searches, not prompts. It's also supposed to threshold low volume queries which should have kept a lot of things prompts out of GSC, but for whatever reason that wasn't very effective.

I've worked in many GSC consoles over the years, and I've never seen anything like what I saw in this case. (I'm the original author)
jhpacker
·geçen yıl·discuss
Ok this is pretty funny. Just like any good internet commenter this bot didn't actually read the article... which doesn't actually say "AI is a tool, not a panacea" anywhere.
jhpacker
·geçen yıl·discuss
I agree with your take. I've definitely owned and played some excellent sub-$1000 guitars, but at the lower price points things it can be frustrating to deal with things like low-quality tuners, improperly shielded components, etc. I'd say 90% is about pickups, strings, and frets. Most of the 60s guitars I've played were not great tbh.
jhpacker
·geçen yıl·discuss
Yes, it's very much like HotJar, focused on session capture & heatmap.
jhpacker
·geçen yıl·discuss
Unlike Plausible and Fathom, it looks like Rybbit is NOT salting by default ( (but that it's an option to enable per site: https://www.rybbit.io/docs/enhanced-privacy). Which is why they can offer retention reporting.

This seems incompatible with ePD.
jhpacker
·geçen yıl·discuss
I don't trust tools that don't disclose precisely how they track you. They say:

Combining Inputs: We combine key session details (which shall not be named for security reasons) with a cryptographically secure secret value. SHA-512 Hashing: This combined input is hashed using SHA-512, producing a highly secure, anonymized session ID.

They know that we can see what they send in their tracking payload right? They send: hostname, language, referrer, screen resolution, page title, url, and a website id.

So I would presume their highly secretive & secure user session id is: hash(salt + website id + ip + HTTP user-agent + screen resolution? + language?)

I don't see that it says how frequently the salts are rotated, which is one of the key points on which the "no consent banner required" tools like this claim that consent isn't required.
jhpacker
·2 yıl önce·discuss
I recently wrote an article on this topic, focused on the power law dynamics that leave such a small amount of room at the top of the industry: https://www.quantable.com/analytics/power-laws-why-our-new-a...

I don't personally think it's new vs. old as much as the power law distribution coupled with the fact that old music is more available and promoted than ever. Plus the algorithms are focused on giving us more of the same thing we have shown it we like rather than new music discovery.
jhpacker
·2 yıl önce·discuss
Cloudflare radar, which presumably a much bigger and better sample, reports Bytespider as the #5 AI Crawler behind FB, Amazon, GPTBot, and Google: https://radar.cloudflare.com/explorer?dataSet=ai.bots And that's not including the most of highest volume spiders overall like Googlebot, Bingbot, Yandex, Ahrefs, etc.

Not to say it isn't an issue, but that Forture article they reference is pretty alarmist and thin on detail.
jhpacker
·2 yıl önce·discuss
There's nothing in the law that says one-click.

It says, "A prominently located direct link or button which may be located within either a customer account or profile, or within either device or user settings."

I think where the interpretation that one-click sub == one-click unsub is from this passage:

"The ability to cancel or terminate an automatic renewal or continuous service pursuant to subdivision (c) or (d) shall be available to the consumer in the same medium that the consumer used in the transaction that resulted in the activation of the automatic renewal or continuous service, or the same medium in which the consumer is accustomed to interacting with the business, including, but not limited to, in person, by telephone, by mail, or by email."

The idea being that one-click is a medium, which doesn't seem to be the intent here.
jhpacker
·2 yıl önce·discuss
With GA4, the tracker code is loaded from www.googletagmanager.com (even if the tag isn't loaded via a GTM container). The measurement requests can be sent to (region1|www).google-analytics.com or analytics.google.com (to share cookies with Google login better).