HackerTrans
TopNewTrendsCommentsPastAskShowJobs

skibz

2,318 karmajoined 12 yıl önce

Submissions

Ryanair passenger partially sucked out of window on flight from Greece

reuters.com
2 points·by skibz·15 saat önce·1 comments

Unturned's Source Code Released

blog.smartlydressedgames.com
2 points·by skibz·dün·0 comments

I Built My Son an Over-Engineered Robot [video]

youtube.com
2 points·by skibz·3 gün önce·0 comments

panSpeedCalc

phfx.com
2 points·by skibz·3 gün önce·0 comments

Quake Turns 30: John Romero Plays [video]

youtube.com
2 points·by skibz·9 gün önce·0 comments

The Stonehenge Experiment: 60 people move a 3.5-Tonne standing stone [video]

youtube.com
3 points·by skibz·13 gün önce·1 comments

I'm building a Space Cadet Pinball Machine! [video]

youtube.com
97 points·by skibz·15 gün önce·21 comments

Gunship: Origins Devlog #1 – Flying the Latest Build [video]

youtube.com
3 points·by skibz·16 gün önce·0 comments

Steam Machine: Official Overview and Quick Start Guide [video]

youtube.com
4 points·by skibz·16 gün önce·0 comments

DisplayMate

displaymate.com
122 points·by skibz·19 gün önce·39 comments

Openfoot Manager

openfootmanager.com
3 points·by skibz·23 gün önce·0 comments

What if everything was antimatter except Earth? [video]

youtube.com
1 points·by skibz·24 gün önce·0 comments

What happens if you click the first link on every Wikipedia article? [video]

youtube.com
4 points·by skibz·26 gün önce·0 comments

Upscaling Space Quest 3 [video]

youtube.com
4 points·by skibz·28 gün önce·0 comments

Building a Gifford-McMahon Cryocooler with 3D-Printed Parts [video]

youtube.com
2 points·by skibz·geçen ay·0 comments

Nuclear Space Power and Propulsion [video]

youtube.com
2 points·by skibz·geçen ay·0 comments

Analogue 3D Has a New Competitor (Modretro M64 Review) [video]

youtube.com
2 points·by skibz·geçen ay·0 comments

What if you dropped a bowling ball in the Mariana Trench? [video]

youtube.com
2 points·by skibz·2 ay önce·0 comments

LightScribe

en.wikipedia.org
1 points·by skibz·2 ay önce·0 comments

Usagi – Simple 2D Game Engine for Rapid Prototyping

github.com
4 points·by skibz·2 ay önce·0 comments

comments

skibz
·3 gün önce·discuss
Nice shot!
skibz
·30 gün önce·discuss
I came here to recommend the same thing. The entire War Stories series was magnificent.
skibz
·geçen ay·discuss
Its documentation mentions a garbage collector.

https://docs.perryts.com/language/supported-features.html#ga...
skibz
·4 ay önce·discuss
I miss the days when most people had a vanilla looking computer. You wouldn't have felt out of place at the LAN party lugging in your dad's old Packard Bell tower that you used for your gaming rig.

We still appreciated visually stunning PCs. Not just for the works of art that they were, but also for the DIY skill and ethic you were actually required to demonstrate to build and mod them.

Nowadays, it's all just "RGB by default". By my angry old man standards, it looks gauche. Then again, I suppose it's the new vanilla?
skibz
·4 ay önce·discuss
How much time elapsed between each aircraft being hit?
skibz
·5 ay önce·discuss
It's disappointing to see. It doesn't take much work to configure a MQTT server to require client certificates for all connections. It does require an extra step in provisioning to give each device a client certificate. But for a commercial product, it's inexcusably negligent.

Then there's hardening your peripheral and central device/app against the kinds of spoofing attacks that are described in this blog post.

If your peripheral and central device can securely [0] store key material, then (in addition to the standard security features that come with the Bluetooth protocol) one may implement mutual authentication between the central and peripheral devices and, optionally, encryption of the data that is transmitted across that connection.

Then, as long as your peripheral and central devices are programmed to only ever respond when presented with signatures that can be verified by a trusted public key, the spoofing and probing demonstrated here simply won't work (unless somebody reverse engineers the app running on the central device to change its behaviour after the signature verification has been performed).

To protect against that, you'd have to introduce server-mediated authorisation. On Android, that would require things like the Play Integrity API and app signatures. Then, if the server verifies that the instance of the app running on the central device is unmodified, it can issue a token that the central device can send to the peripheral for verification in addition to the signatures from the previous step.

Alternatively, you could also have the server generate the actual command frames that the central device sends to the peripheral. The server would provide the raw command frame and the command frame signed with its own key, which can be verified by the peripheral.

I guess I got a bit carried away here. Certainly, not every peripheral needs that level of security. But, into which category this device falls, I'm not sure. On the one hand, it's not a security device, like an electronic door lock. And on the other hand, it's a very personal peripheral with some unusual capabilities like the electrical muscle stimulation gizmo and the room occupancy sensor.

[0]: Like with the Android KeyStore and whichever HSMs are used in microcontrollers, so that keys can't be extracted by just dumping strings from a binary.
skibz
·5 ay önce·discuss
A lot of BLE peripherals are very easy to probe. And there are libraries available for most popular languages that allow you to connect to a peripheral and poke at any exposed internals with little effort.

As for the reverse engineering, the author claims that all it took was dumping the strings from the Dart binary to see what was being sent to the bluetooth device. It's plausible, and I would give them the benefit of the doubt here.
skibz
·5 ay önce·discuss
We have no names, man. No names. We are nameless.
skibz
·5 ay önce·discuss
Stupid question: do carriers have the ability to run AT commands and get their output?
skibz
·6 ay önce·discuss
I'm pretty sure it was a sarcastic comment.

On a recent MBP, it's indistinguishable from a vanilla radio button.
skibz
·7 ay önce·discuss
Controllers provide analogue controls (eg. thumbsticks and triggers) that most keyboards don't have.

If, as you suggest, the control schemes of video games are becoming less complex (Forward, down, forward, high punch) then surely the result would be more games that are playable with only a keyboard, not fewer?
skibz
·8 ay önce·discuss
NOLF is actually source-available [0][1][2], and it has been since not that long after its original release.

There's also a community-driven project [3] keeping it playable on modern hardware - however, it hasn't seen any activity in several years.

If you haven't played or heard of NOLF before, I highly encourage checking it out. It's a fantastic title, even after all these years.

0: https://web.archive.org/web/20020217233624/http://pc.ign.com...

1: https://web.archive.org/web/20010720053220/http://noonelives...

2: https://github.com/osgcc/no-one-lives-forever

3: https://github.com/haekb/nolf1-modernizer
skibz
·10 ay önce·discuss
The OP delivered a drive-by contribution and proceeded to condescend one of the maintainers. They posted the interaction to HN (for the second time) out of spite for the maintainer, labelling it an instance of gatekeeping.

Having a polite and diplomatic conversation about a non-trivial contribution idea is a common prerequisite for it to be accepted into a project, like Hapi.js.

It's no surprise that project maintainers don't wish to work with recalcitrant individuals, regardless of the merit of their contributions.
skibz
·11 ay önce·discuss
Is anybody familiar with the differences between the new Bitnami Secure Images compared to images from, say, Chainguard?