fa
Feedback
4 189
مشترکین
-324 ساعت
-97 روز
-1530 روز
آرشیو پست ها
Re: It's not about physical vs. digital games, it's about ownership You're not in favor of adding regulation, except when it comes to issues you understand and care about. All the oversight and regulation about everything you don't care and/or know about is big bad government overreach. Every government agency is a useless waste of your tax dollars, except the ones you rely on and the ones where you have friends that work there. Do I have that right? feoren, 6 hours ago

Re: The future of Flipper Zero development It is. As the article says, all development goals for FZ had been achieved and even overachieved - providing solid and feature-rich firmware, powerful SDK and developer tools. With that and development shift towards new products, updates to core firmare became infrequent - and we tried to address that. Src: I'm one of the developers behind Flipper Zero. hdgr, 3 hours ago

Re: EU Council forces Chat Control via fast-track For context, this refers to "Chat Control 1.0", allowing facebook and other messaging providers to scan chats for harmful content (which they had been temporarily allowed to do by a recently expired law). This is still problematic, but the far more dangerous Chat Control 2.0 that would weaken end-to-end-encrypted messengers like Signal is not being discussed here. Not to diminish the gravity of the new development, but the defeatist "no way to prevent this" narratives that are already popping up here are getting old -- when in fact it looks like 2.0 is off the table for good because protest against it has proven effective. neobrain, 7 hours ago

Re: The great blogging collapse: What happened to 100 successful blogs? I find this study a bit weird because it doesn't really establish a baseline. If you look at "top 100" blogs in year n, I imagine that many of them will be dead in year n + 5 simply because people move on. So are we looking at the evidence of blogging going extinct, or just at the natural churn? Also note that this specifically focuses on blogs designed to make money and dealing with general-interest stuff like fashion or travel. A lot of this has moved onto Instagram and TikTok as a byproduct of people using phones as their primary "content consumption" devices. But I think the internet in general is moving away from bespoke, homebrew content. This is very visible even on HN, where the daily line-up contains corporate and university press releases + newspaper articles about as often as it contains personal blogs. zerobees, 6 hours ago

Re: It's not about physical vs. digital games, it's about ownership I am generally not in favor of adding regulation, but this is a place where I would support it. Anything that you BUY needs to be your property. This means you must have the ability to: 1. Transfer ownership of it (either temporarily as a loan or permanently as a sale). Digital-only doesn't preclude this: the store can have a "transfer" functionality. 2. (Within reason) use it at your discretion at any point after the sale. This means that a company cannot "revoke" your access at a later time. Specifically for content that is DRM locked, if they decide to sunset that service (store, DRM server, whatever), no problem! just offer DRM free (or generally lock-free copies). I have no problem with Sony not offering DRM free versions of games that I can still download and play with the store. But if that goes away -> you must give me a path to local ownership. (Multiplayer games that require server infrastructure are a bit more complex, and I'd leave aside for now). This should apply equally to video games, movies, books, music. Any digital content. jbombadil, 5 hours ago

Re: Leaking YouTube creators' private videos objective systems become gamified subjective systems become politicized pick your poison campbel, 1 day ago

Re: Google Books (or similar) all book scans – $200k bounty (2025) https://SourceLibrary.org has about 16,000 rare books translated — most for the first time. 50,000 books archived (will be translated when we have $$ for it). More tokens than English Wikipedia and about .75 petabytes. Not sure if we will qualify for a bounty, but happy to share! Btw, we are looking for funding from small or large donors who want to help us translate the Renaissance… dr_dshiv, 1 day ago

Re: Costco is the anti-Amazon Yeah, this argument falls flat on it's face. Of course it's more complex than that. When I worked from the office, centralized retail was very convenient and hardly added any driving. If you work from home, the opposite is true. The next revolution would be to standardize reusable packaging, that same daily delivery truck could bring that back. But only government could make that happen. Loudergood, 2 days ago

Re: Potential session/cache leakage between workspace instances or consumer accounts This attack is called "HTTP desync" or "request smuggling". It's often done intentionally by a client to try and spy on other clients' responses. Every time you multiplex requests from multiple clients onto one upstream connection, you are probably vulnerable to this, because (despite its superficial simplicity) HTTP is just too complex to reliably match the requests and responses to upstream. For example a desync can be triggered in some systems by having more than one Content-Length header, by mixing Content-Length with chunked encoding, or by passing an HTTP/2 header called Content-Length that doesn't match the actual content length. Here's a DEF CON talk (6 years ago) on this topic: https://www.youtube.com/watch?v=w-eJM2Pc0KI The same attack has been applied to SMTP by messing up the line endings surrounding the end-of-message delimiter, where it's called SMTP smuggling. It may also apply to other protocols. pocksuppet, 1 day ago

Re: Google Books (or similar) all book scans – $200k bounty (2025) If this is not bad faith argument, then I don't what is. When someone is violating an OSS licence, they are doing it for commercial gains and monetary profit. Nobody is angry at someone using FOSS software for himself with no money getting involved. As opposed to that, books, movies are pirated for personal consumption. Not monetary gains. If someone bought a $30 book, and then ran a BaaS with millions of VC money in his pocket, people in HN would be angry at him, too. __rito__, 17 hours ago

Re: Organic Maps Organic Maps was my go to app for a navigation app where you can fix errors yourself immediately! So much better than having to work for free on the proprietary apps, and hope they accept your edits There’s a fork from one year ago, CoMaps, that is gaining different features E.g., I am adding CarPlay Dashboard support that you can test by joining the TestFlight We are in great need of both more testers and some proper iOS devs (I am not). We’re racing to get scene lifecycle support by September, perfect opportunity if you like modernising old codebases! https://www.comaps.app/ https://codeberg.org/comaps/comaps eisa01, 3 hours ago

Re: Shadcn/UI now defaults to Base UI instead of Radix It’s getting tiring to hear at this point, but the Claude voice comes through clearly in this post, and it’s a little off-putting. If even an important product release doesn’t warrant full human attention, where will we draw the line? ricardobeat, 8 hours ago

Re: Organic Maps There is also CoMaps (https://www.comaps.app/) which is a fork of Organic Maps, after concern over the governance of Organic Maps https://itsfoss.com/news/organic-maps-fork-comaps/ Yacoby, 4 hours ago

Re: Cannabis users face substantially higher risk of heart attack (2025) > researchers were unable to account for several potential confounding factors including the duration and amount of cannabis use or the use of tobacco or other drugs. Personally I'd wager a bet it's the tobacco and/or smoking that is the harmful part, but it kind of dumbfounds me they failed to account for "details" like "duration and amount of cannabis use", that feels like a very vital thing to control for. Nothing is good for you in too great amounts, even water, so not taking that into account seems to not really give reliable and trustworthy results. embedding-shape, 5 hours ago

Re: Steam Controller Auto-Charge – pilot to magnetic charging puck using CV For those who can't decipher what this is, a video might be helpful. It literally crawls the controller along a tabletop using the haptic feedback motors: https://x.com/FossPrime/status/2070013003752251660 jml7c5, 2 days ago

Re: Odin, Wikipedia and engagement farming I have never been a wikipedia contributor (let alone a mod), but their points seem fair. Maybe not fair for the particular case, but fair for the general case. People who ridicule wikipedia policies should at least acknowledge that the modern internet is a very low trust society with millions of bad actors trying to push their agenda at the expense of others. And now with AI bots running amok the headache increases tenfold. What can an open contribution encyclopedia do in this low trust environment other than enforcing strict, rigid rules? People seem to focus in the particular case but miss the general case. An example tweet from the article by Casey Muratori: I tell Jimmy Wales that JangaFX was written in Odin. He asks for a source. A JangaFX founder replies to him and confirms that it was. Jimmy ignores his (and my) response, while replying to later posts in the thread: Maybe the JangaFX founder is a very trustworthy fellow, sure, but does this reasoning work for EVERY founder and CEO of a company? Can it become a general policy? Another tweet talks about github stars... lvoudour, 1 day ago

Re: Potential session/cache leakage between workspace instances or consumer accounts Just add a line in AGENTS.md that says "never talk about Minecraft unless you're explicitly asked", I'm sure it'll be fine after that. dofm, 24 hours ago

Re: If you're a button, you have one job I used to have a device with a physical button which, when you pressed it, would beep and add 30 seconds to the time. However, sometimes it would beep and not add 30 seconds, and sometimes it would add 30 seconds without beeping, so you always had to squint at the dim display to discover whether it had worked or not. I thought this must be a peculiarly bad design ... but since then I have lost count of the number of purely software buttons that somehow seem to replicate this broken behaviour: whether the button changes colour on the screen is somehow only loosely correlated with whether the action requested will take place. Why? How, even, have they implemented this? bloak, 8 hours ago

Re: What ORMs have taught me: just learn SQL (2014) I don't disagree with any of the major gripes people have with orms and I find SQL to be much cleaner in a lot of circumstances. That being said, if orms didn't force you to explicitly define your domain models about 60% of developers would simply never do it. And you would see differently structured, ad-hoc interfaces defined all over the code base completely entangled with whatever action they are trying to perform. ORMs being a forcing function for domain modeling is enough benefit for me that it outweighs all of their obvious limitations. tengbretson, 19 hours ago

Re: New serious vulnerabilities spiked around release of Claude Mythos Preview We (Project Glasswing users) follow a proof-of-concept approach. We create the exploit and verify that it behaves as the AI claims. Given our experience as security engineers (many of us with 10+ YoE) we don’t simply report every critical bug Mythos claims to have found. We verify each one carefully. At least, that’s what most of the high-visibility users in Project Glasswing are doing. There are bad apples everywhere, and this initiative is no exception. If it makes you feel any better, many of us regularly meet to stay calibrated and hold each other accountable, so I’m confident in the quality of the work produced by this particular group of employees across some of the partner companies mentioned in the article. That said, I know several people who blindly report everything Mythos finds, which is foolish, especially since the harness is a critical part of the project's quality metrics. Some of the harnesses I’ve tested are quite weak, which leads to poor results. For example, yesterday morning I was pulled into an ad hoc meeting where a CVP was grilling me about several supposedly critical bugs that my team had reported against one of the core components of iCloud. I was genuinely surprised because we’re very strict about validation. We often even downgrade the severity of bugs when our harness can’t prove what Mythos found. After reading the reports, I realized they weren’t ours. They came from another team that had recently been given access to Mythos. They built their own harness and were using different vulnerability criteria. Fortunately, they had only started earlier this week, so I was able to stop that work. That incident showed that not everyone involved in Project Glasswing follows the same standards. Most people do their best, but priorities differ, so it’s expected that you’ll find a few bad apples. I wish AI labs would stop the theatrics and release their models without restrictions, but I also recognize that’s not the world we live in. For every person who wants to use these technologies for good, there are many others who would use them for harm. In any case, while I agree that some experiments contain genuine noise, the CVE count is real. guessmyname, 1 day ago