HackerTrans
TopNewTrendsCommentsPastAskShowJobs

paranoidrobot

no profile record

comments

paranoidrobot
·16 gün önce·discuss
As much as the collective dumping on LastPass for yet another breach, and how they're totally irresponsible for handing customer data to some third party is amusing.

I think if people took a moment to actually look at what happened, they might realise that the story everyone has in their heads is quite different from reality.

Klue is one of those CRM services that so many sales teams are using. Yes, you have to hand them customer records (email of the customer contacts, finance teams, etc). That show Klue delivers it's "market intelligence" thing about that customer.

If you go to your sales teams and see what random stuff they have hooked up to your systems, I bet you will find similar things.

Whether or not this is a good idea (I firmly dislike it), this is how sales teams work these days. If you try to take it away you will be fighting the entire sales organisation.

I am more surprised that these breaches don't happen more often.

It doesn't impact LastPass's actual password databases.

(No affiliation with any of the entities involved in this)
paranoidrobot
·29 gün önce·discuss
I would counter this by saying we might all be better off if consumer protection laws were stronger and actively enforced against this.

I don't really have a problem with offering discounts to members of X program, or if insurance is pre-selected.

But the advertised price should be inclusive of everything (taxes, fees, charges, etc) and the price available to the general product before membership-exclusive pricing.

So if you advertise a product for $100 then any normal person can pay $100 and get it for that.

Want to sell it from cheaper to members of your reward program? Go ahead. But it can't be the most prominent price advertised for it.

You want to sell insurance pre-selected? No problem but again the default advertised price needs to include it. Even if they can opt out for a cheaper price.

There are sure to be edge cases. But the point being is that the price you advertise most prominently needs to be the all-inclusive price any member of the public can get without having to fight to select the correct option.

We don't accept misleading and deceptive practices in other areas, why do we let airlines, hotels and hire car places do it?
paranoidrobot
·2 ay önce·discuss
> It’s not like we have a term like “individual contributor” or anything in the industry.

Perhaps I'm missing something here.

To me "individual contributor" means anyone who is NOT: A (technical) "Lead", "Chief", "Architect", or (possibly) "Staff" anything, and has no management or team-leader responsibilities.
paranoidrobot
·3 ay önce·discuss
I'm in Australia but similar sounding system is in operation at our two major supermarkets.

I scanned a drink, heard the beep, put it in the bag. I scanned a loaf of bread, heard a beep, put it in the bag.

Now, instead of the typical "Unexpected item in the bagging area" it now shows the overhead replay and locks the system out until an employee comes over to review.

Combined with their exit gates that don't open if they think you've not paid for something, and cameras that track you through the store it's feeling very unfriendly.
paranoidrobot
·3 ay önce·discuss
I don't read HTML all the time, and I don't expect it to be easy to read when outside of a browser.

Markdown though, that's my slightly fancy readme. It has just enough structure that I can easily read and understand it on the command line.

I can easily grep it without need for an advanced parsing engine.

If you need something with font and style weight then go for HTML.

But if I see README.html with a project, it's going to put me off wanting to contribute. I do not want to learn that project's style guide for how to add some new parameters to a table or remember that they want to specify italics in one of a dozen different ways.
paranoidrobot
·3 ay önce·discuss
> I believe a VPN should stay hidden if it works, no need to have it visible.

Which is fine if you only have one VPN client or one VPN network and you don't need to turn it on/off or change it regularly.

My current day job has one VPN client but five different networks.

At a previous job I had two different clients I would need to switch on and off.

It is very on-brand with Apple though that there is one right way to do things, and everyone else either needs to change the way they do things or go elsewhere.
paranoidrobot
·4 ay önce·discuss
> It is a shame articles like this imply that all men act this way

It's not implying that at all.
paranoidrobot
·4 ay önce·discuss
The article mentions, briefly, the case of the Austrian who was recently convicted of manslaughter for abandoning his girlfriend on the side of a mountain.

The story is apparently much much worse than it sounds from the brief coverage.

Rebecca Watson did a video on it recently: https://youtu.be/zf6rUxqrDes

There were, apparently, many many signs that things were not going well: beginning the hike too late in the day; passing a sign that said "do not continue if you have not reached this point by X time", despite reaching it hours later; Waving off a rescue helicopter; putting his phone in DND mode.

A former girlfriend testified that he has done basically the same thing to her years earlier, on the same mountain.
paranoidrobot
·4 ay önce·discuss
Add-ons (now apps) can't be done without HAOS. It's one of those non-obvious things.

There's other things I forget which are also more difficult/annoying to manage on the container version.

I have a rather large docker compose stack so my first experiments with HA were as running it there.

That lasted maybe a week before I went and ran it as a VM instead.
paranoidrobot
·4 ay önce·discuss
I haven't done it either. But it should just be a case of passing the device to the container. You might need to disable the host from using it and pass admin rights to the container too.

But it was also quite easy to pass a USB device to the HAOS VM in Proxmox.
paranoidrobot
·4 ay önce·discuss
I wouldn't put running a weather station in the same class of disk activity as running Home Assistant. It is writing a fairly large amount of logs, plus statistics for every attribute/sensor for every device. The more devices you have, the more you will be writing.

There are regularly threads from people with "I restarted HA and now I get this weird boot error message", and it's because their SD card died.

You do you, but it's common enough of a problem that I think it's worth calling out as a "Don't do this".
paranoidrobot
·4 ay önce·discuss
I'm using OPNSense for the router, on their dedicated hardware - DEC750 iirc.

The switches are mostly Mikrotik, with some Unifi switches.

The wifi APs are all Unifi - they are all PoE and wired into the same network, no mesh. Even between buildings I ran fibre.

For the switching and routing, were I to do it again now I might go all Unifi. They recently implemented some much needed updates to make doing things like firewall rules and routing based on device much easier. I have a complicated set of rules in OPNsense to route IOT VLAN traffic out via a VPN connection, which require static IP assignments via DHCP, but under the new Unifi network I could do it with a few clicks and being able to use device attributes rather than a static IP.

I am also using an SLZB-MR1 for a ZigBee controller and Matter over Thread border router. I've got a bunch of IKEA and Mercator ZigBee light bulbs/fixtures that act as ZigBee routers. It's a strong enough mesh I rarely have issues with the ~180 devices on the net.
paranoidrobot
·4 ay önce·discuss
While you can run HA as a container. I think it's a mistake - Its more complicated and has reduced features.

I would instead recommend people use HAOS instead - either running on dedicated hardware OR as a VM. Just dont run it from an SD card if you go down the Raspberry Pi/SBC route - it will kill the card from IO cycles.

I have an IOT VLAN on my network that all the IOT bits sit in, including WIFI devices. What internet access it gets (if any) depends on the device profile.

I tried splitting things up into multiple VLANs but a whole lot of things assume just a flat network, so things stop working if you get too fancy.
paranoidrobot
·5 ay önce·discuss
A few years ago I was checking out of a reasonably up-scale hotel in Barcelona early in the morning.

They punch numbers into one of those wireless hand terminals. I tap my card, enter the pin and then before I can react to what the screen is now saying they've punched the 'Accept Conversion' button and submit it. By the time I realise what has happened, it's too late and has started printing the reciept.

I insisted they reverse it and redo the transaction without that - the staff didn't understand and didn't care they'd cost me another 10-15%. It really adds up for a week long stay.
paranoidrobot
·5 ay önce·discuss
Instagram did a similar thing for me back in 2016-ish.

A family member had been sharing some photos they were taking, but only on Instagram.

So I signed up an account, verified via email and phone number. I wasn't initially able to find the family member's account. A week later after I got the spelling of their username right, Instagram popped up "Your account has been suspended". They then sent me an email saying I needed to take a photo of myself holding government ID, and a piece of paper with a hand-written code they supplied, plus a close-up photo of said government ID. No way was I supplying all that just to be able to browse some photos.
paranoidrobot
·6 ay önce·discuss
A selection of times it's been previously posted:

(2018, 222 comments) https://news.ycombinator.com/item?id=17135841

(2022, 166 comments) https://news.ycombinator.com/item?id=30595026

(2024, 139 comments) https://news.ycombinator.com/item?id=39136472 - by the same submitter as this post.
paranoidrobot
·6 ay önce·discuss
My desk has 2x 27" and 1x 43" Dell monitors. Unfortunately the new work MacBook only supports two external displays so one of those 27 sits idle.

What used to be nice is now a case of constantly shuffling windows, not made easy by MacOSs janky window handling.

I've been looking for a second 43" to replace the 27"s but the high price and sub-par quality of the 43 is making me wait.

I am also finding it difficult to find monitor arms that will carry such large and heavy screens. The 43 is already at the limit of the one reasonably priced arm I found and a definite struggle to mount.
paranoidrobot
·6 ay önce·discuss
good news: that seat design is available and some airlines use it.
paranoidrobot
·6 ay önce·discuss
I've run into this a bunch too.

Just this week I wanted Claude Code to plan changes in a sub directory of a very large repo. I told it to ignore outside directories and focus on this dir.

It then asked for permission to run tree on the parent dir. Me: No. Ignore the parent dir. Just use this dir.

So it then launches parallel discovery tasks which need individual permission approval to run - not too unusual, as I am approving each I notice it sneak in grep and ls for the parent dir amongst others. I keep denying it with "No" and it gets more creative with what tool/pathing it's trying to read from the parent dir.

I end up having to cancel the plan task and try again with even more firm instructions about not trying to read from the parent. That mostly worked the subsequent plan it only tried the once.
paranoidrobot
·6 ay önce·discuss
If we define face scanning as specifically doing facial-recognition over multiple cameras, stores and/or time, then it's quite clear and simple.

A store could easily have security cameras operating without issue. They don't need to do any more smarts on it.

It's where you draw the line on smarts that's the thing.

- Person-shaped-object crossed from public-area to private area (eg through a staff-only door) without a corresponding door swipe event.

- Person-shaped-object appears to take an object off a shelf and put it in their bag/pocket.

- Specifically tracking a person over multiple cameras in one visit as they navigate the store, without associating with an identity

- Using facial recognition to recognise the same person over multiple visits/stores, and being able to track their activity over all of those visits.

There could be arguments for some of these being permitted without it being a total invasion of privacy.