flotwig | 1 year ago | on: Handling cookies is a minefield
It's funny that you mention NewCookie, there is actually a deprecated Set-Cookie2 header already: https://stackoverflow.com/q/9462180/3474615
flotwig's comments
flotwig | 2 years ago | on: No job? No shame. Younger workers are opening up about unemployment
flotwig | 2 years ago | on: How to colorize Game Boy games
Before reading this, I assumed the method would involve rewriting large parts of the game's graphics code. But it sounds like the author is intercepting draw calls and changing them to use color instead! Looking forward to the rest of this series.
flotwig | 2 years ago | on: Despite just 5.8% sales, over 38% of bug reports come from the Linux community (2021)
I was bracing myself for another "don't support Linux because packaging is a mess" post, but was pleasantly surprised. Only 3 of the Linux reported bugs were Linux-specific - all the others were real cross-platform bugs affecting everyone. Free QA, indeed.
flotwig | 2 years ago | on: Sorry You Missed It – Inside Rockstar North Blog Shut Down
I'm glad someone archived this. I had a feeling this was going to happen when I saw how new the posts were.
flotwig | 2 years ago | on: Some unbreakable encryption keys are accidentally leaking online
flotwig | 2 years ago | on: The curl-wget Venn diagram
Looks like cURL and SQLite have the same woes: https://www.sqlite.org/cves.html
Previously I worked on an open source project that pulled in many third party libraries. Users would run their corpo vulnerability scanners on the project and find dependencies with open CVEs and demand fixes, not understanding that in our usage of the libraries, the vulnerability is not exposed.
I think in 4 years, we had users open roughly 50 issues like this, which corresponded to exactly 0 real world exploitable issues.
A central vuln DB makes sense for sysadmins, but too many make it the end-all-be-all.
flotwig | 2 years ago | on: Hackers can use credit bureaus to dox nearly anyone in America
TransUnion is broken for me, has been for years. I have to reset my password every single time.
flotwig | 2 years ago | on: Show HN: SpacetimeDB – A database that replaces your server
Funny to see another BitCraft here - I own https://BitCraft.io, although it's no longer an active company.
flotwig | 2 years ago | on: Internet Archive responds to recording industry lawsuit targeting obsolete media
If a local university doesn't take them, the IA will - they accept donations of physical materials and will digitize and index them: https://help.archive.org/help/how-do-i-make-a-physical-donat...
flotwig | 2 years ago | on: Wendelstein 7-X: Gigajoule energy turnover generated for eight minutes
Please don't "move fast and break things" with nuclear fusion :-)
flotwig | 2 years ago | on: FedNow Is Live
flotwig | 2 years ago | on: “Typo leak” exposes millions of US military emails to Mali web operator
It sounds like the DOD already does block emails to .ml because of this issue:
> Lt. Cmdr Tim Gorman [...] said that emails sent directly from the .mil domain to Malian addresses “are blocked before they leave the .mil domain and the sender is notified that they must validate the email addresses of the intended recipients”.
I think the issue is people sending emails from personal accounts that the DOD cannot control. The article also mentions travel agents as another source of the email.
flotwig | 3 years ago | on: Wikipedia is not short on cash
I felt the same way, which is why I started a recurring donation to WikiMedia. After about a year, they e-mailed me trying to convince me to write WikiMedia into my will. Check out this transparent attempt at manipulation:
> Many supporters like you who understand the usefulness of planning ahead have chosen to include a gift to Wikipedia in their will. They want to do more to protect free knowledge and are invested in building a legacy with Wikipedia to ensure their values live on for many years to come.
"If you understood the importance of planning ahead, you'd already have WikiMedia in your will, bozo"
flotwig | 3 years ago | on: Extreme explorations of TypeScript's type system
There are probably newer tools for this, but we use `eslint-plugin-expect-type` [0] for this:
https://github.com/cypress-io/cypress/blob/develop/cli/types...
[0]: https://github.com/JoshuaKGoldberg/eslint-plugin-expect-type
flotwig | 3 years ago | on: GitHub user sends notification to 400k users
Approximately 61,761,765 emails sent, if we figure 1 email per comment per member. Nice!
flotwig | 3 years ago | on: Using a catch-all domain is a mistake
> The truth is no one really sells your email – at least no legitimate companies.
`[email protected]` is the only email that I've ever caught being sold via my catch-all email. I get a decent amount of phishing, scams, malware, etc. to that address. But I guess the author is still correct, since Xfinity/Comcast are sometimes less than legitimate.
flotwig | 3 years ago | on: Show HN: A tool to show your Spotify “Now Playing” status on your GitHub profile
Just for fun. It adds a little personality to your profile page, plus it shows up when folks hover over your username across GitHub.
flotwig | 4 years ago | on: Amazon packages pile up after AWS outage spawns delivery havoc
Yeah, I noticed that too, someone's getting scammed.
flotwig | 4 years ago | on: Price increase on .io domains on January 1, 2022 (Renewal: $55.00)
Does ICANN already have rules around what prices registrars can charge for domains? It seems like that's the only solution in the current TLD system - ICANN needs to step in and prevent anti-consumer practices like year-over-year price increases that vastly outstrip inflation.
page 1