daraosn's comments

This is great. I already understood most of BTC and ETH protocols, but learned some new bits, thanks for sharing!

That's what Tezos is doing, using OCaml for their smart contracts.

Brendan Eich, the inventor of Javascript and co-founder of Mozilla, launched this recently: https://www.basicattentiontoken.org/index.html

It's a token for advertisement that rewards the user, to be used at Brave browser: https://brave.com https://github.com/brave

First, it's not what I want, it's what I perceive – only my opinion.

Why a blockchain for social network? To really control my data and my online persona. It doesn't have to be a public blockchain, can be private and shared to my friends, if I wanted to.

I agree with you, that in poor countries the infrastructure is not prepared yet, but the world wasn't prepared also when the Internet was on dippers, this is just the beginning, I believe.

Yes, cryptocurrencies and tokens have a lot of speculation from a dollar price perspective, and there are still non-believers and manipulators, but the blockchain and smart contracts technology is brilliant and the idea is already on people's mind, and it will only become stronger, despite of the price.

Social Network: For years I've seen people complaining about Facebook, others building alternatives. If there is one way that Facebook could be defeated and decentralized is by using a P2P blockchain social network. Take for example Steem, not perfect but proof of concept works.

Advertisement: another example is BAT (by the JS inventor), funded in 30 seconds, it could be a real threat to Google. Just pair it with Mist browser and ENS, and you can see the potential.

...

I think it's no longer about Bitcoin, it's about a profound decentralization of the Internet. Some call it the Web 3.0.

My advise: don't focus so much on how to build it, focus on how to grow it... REALLY!

I've done so many complex projects that at the end I couldn't sell, that's frustrating... please hear me: figure out first how to sell it (or at least get good traffic to a crappy wordpress site), then build a very crappy version and then improve it over time.

I read recently this, and I think is gold: https://www.blackhatworld.com/seo/making-money-online-it-all...

If you are starting I think it really doesn't matter, I like Ruby and did for a long time, but if you like the Python company and you say is bigger and you have friends there, then you should probably go for that offer. Plus Python is a nice language to learn too.

This is very important: Money should not be your priority at this stage, go for the company where you think you can learn the most, later you can find a better job or even consult, as you'll gain a lot of experience.

Good luck!

It will take time... Computers, Internet and new techs in general aren't mainstream in their beginings. Do you expect it to be perfect from its inception? Even planes crashed on their first flights, and look at us now, flying everywhere.

Disagree, even Hacker News has some attempts to have a better design while keeping the HTML site look.

True, but it's also:

- How much would it cost to repair the trust of the users if the breach occurs. PR, marketing, organizational costs

Do you think a big company would pay $5k for a PR campaign to fix a mess due to a breach of private data? Not remotely.

Why would you calculate hourly rate? I'd rather try to calculate the economic impact that this could have for the company, especially marketing costs to repair bad PR if something like private messages, pictures, info, etc. get breached. Do you think Facebook would spend $5,000 for that? Hell no, marketing budgets are in the magnitude of millions of dollars... I'm in no way supporting to exploit these vulnerabilities, and kudos to the OP (and many others) for finding these bugs and reporting to their companies instead of exploiting. I just think that big tech companies should pay bigger bounties.

I posted below (and got hardly and irrationally downvoted) that $5,000 is a joke. And your comment and others don't change my mind. A CSRF vulnerability, looking forward to reading a post on a SQL Injection next time.. I worked doing bots on my school days when I was a kid, and I saw the gray/black market can be unfortunately extremely profitable. $5,000 is nothing, we're not talking about a little startup here, it's Facebook, and they do have resources. Have you ever seen nasty content on Facebook on your wall, been spammed or even hacked? It's because of these kind of vulnerabilities get breached. Of course they can happen, but $5,000 is nothing considering the economic impact that can have if someone exploits it badly. A PR campaign to fix a mess wouldn't cost a few thousands, rather a few millions. Again: kudos to the OP for posting this and doing things the right way (reporting to facebook), but again, sadly good developers are getting underpriced...

PS: and by the way, I'm in no way circle jerking, this is not reddit, I'm here for a serious discussion on the topic.

Don't understand the downvoting here.. Very irrational or emotional motivated. I'll explain why is a joke: $5,000 is nothing considering what could cost to Facebook if someone in a black market finds this, plus a CSRF vulnerability is from a Security 101 lecture nowadays. They do have the resources and should put more money to audit their production code and pay bigger bounties for someone who's not part of their company and finds a bug like this. Again, down voting non-sense.. this is not reddit guys, this is Hacker News.

I think $5,000 is a joke, this is a serious vulnerability... Despite this, congratulations for finding it and reporting directly to them, the right way. If it's possible to know, how many hours did you spend researching this?

This is amazing, thanks for sharing! Haven't really programmed much in 3D so this is a great resource to understand the concept behind a render engine.

Ok, any guesses on so how would this affect their open source projects? i.e. OpenCV's license is 3-clause BSD, and of course as Intel started the project is a copyright holder, so things as usual?

That's a interesting idea, to make encryption dynamic using something like the 2FA described here.

Is there a service that wraps/proxies a port with a different or custom protocol? (kind of like SSL for HTTP)

Idea: instead of ssh'ing a server, you would run your custom command which communicates to port XXXX, communicate with a custom protocol and then if validation succeeds, would proxy to SSH (or any other internal port/protocol).

Why? Because as others suggested you could scan all ports very quickly to break this, but if you scan a port and just receive garbage or something only you can understand when opening it, then you could hide it from the outside..

(Just curious)

Thanks! You can check our ESP8266 Arduino libraries: https://github.com/undercontrol-io/sdk-esp8266-arduino

We also have some tutorials at our homepage.

We are not implementing the algorithm in the hardware, it's on our servers, hardware is lightweight logic-wise, we use it for sensing or actuating, but the brain is in-house, therefore no risks with IPs.