but completely backwards in thinking that an undocumented bluetooth backdoor is worse than the worst vulnerability found since the invention of the internet
Right HeartBleed was way worse than this, not on the same level. I wasn’t claiming the opposite.
I was responding to the comment that appeared to suggest they were on the same level.
No way they’re on the same level. Heartbleed allowed for remote memory reads. This requires you to have access to change the firmware and just gives you some more APIs to control the WiFi system and possibly bypass firmware verification.
It all depends on how it’s represented on disk though and how the query is executed. Sqlite only supports numbers and strings, and if you keep using a VARCHAR, a read of those rows are going to have materialize a string into memory inside the sqlite library. DuckDB has more types, but if you’re using varchars everywhere, something has to read that string into memory unless you can push down logic into a query that doesn’t actually have to read the actual value, such as one that can use indices.
The best way is to change the representation on disk, such as converting low-cardinality columns like the station into a numeric id. A standard int being four bytes is a lot more efficient than an n-byte string + a header and it can be compared by value.
This is where file formats, like Parquet, shine. They’re oriented more towards parsing by systems. JSON is geared towards human parsing.
In this context, SKU refers to a variant of this product. That is the correct acronym as I understand
I use Jellyfin for music mostly and it struggles with metadata. For example, if a song has two artists on it and I edit to correct it, it won’t update correctly and I’ll edit up with the artist “Artist A; Artist B”.
Have you tried a packet capture with Wireshark or tcpdump to see what it’s doing? It might give better clues than a general error message.
I’m working on adding ActivityPub to my Hugo blog right now. I support RSS, but I figured AP support means that you can get it into your Mastodon feed or even Lemmy feed making it easy to follow. Additionally, commenting (assuming it doesn’t get taken over by spammers.)
Which stops malicious usage, but doesn’t stop cases where web pages over use pushState as users move around instead of replaceState. I’ve seen maps that would add to the history every time a user moves around the map.
Flash isn’t dead yet.
I just had to use it to connect to an ancient Siemens building automation system. Luckily we’re replacing it this year.
I’m on Wayland and KDE/Plasma. It worked on GNOME, but sadly not on Plasma.
How many users are using browsers that are old enough they don’t even support JS? It’s one thing to disable it for security/privacy (which the OP was talking about), because those users are probably more tech savy.
Do these old browsers not support DuckDuckGo?
One place it would be useful is if you are worried about somebody breaking into your home and stealing your computer. Don’t store the key on the home computer, instead store it on a cloud server. The home computer connects to the cloud server, authenticates itself with some secret, then if the cloud server authorizes, it can return the decryption key.
Then if your computer gets stolen or seized, it’ll connect via a different IP and the cloud server can deny access or even wipe the encryption key.
this doesn’t protect against all risks, but it has its uses.
Example: https://www.ogselfhosting.com/index.php/2023/12/25/tang-clevis-for-a-luks-encrypted-debian-server
Unfortunately, unscrupulous companies can build shadow profiles that bypass cookie and storage based isolation techniques like this.
Your browser gives off a lot of information. See here for some of the information they can use: https://amiunique.org
You’re best off blocking things with uBlock Origin vs something that just isolates.
No, the cable isn’t going to implement the protocol. You need endpoints that are able to talk that protocol. That might be done with a firmware update or require new hardware.
I just saw this one mention endurain, a fitness tracker. I’ve been looking for something to self host data about my health, fitness, etc. Has anyone tried this or anything else in the self-hosted or open source fitness space?
I think I ignored a lot of signs and indications under the feeling that well “I’m promo tracked to the next level and I worked hard so I’ll ignore it.” My partner told me to talk to somebody, friends said I worked hard. But then slowly my motivation to work at my job decreased. I delivered less, I made up excuses, I stop caring about projects when I used to really care. Which was a huge difference because I used to be a top tier developer every year.
But the big part was my personal life. After work I was tired and not motivated, even though I would barely do any work. loosing interest in hobbies was a big indication. Going to the gym, but not really pushing myself, etc. I think there’s some parallels with depression, but I never felt like I had that because I kept getting out of bed doing things.
I had a friend deacribe their experience and I just started thinking yeah I feel the same way. I finally had a health issue/mental breakdown that caused me to go to the doctor and pursue FMLA leave which is giving me partial pay to just focus on myself, focus on friends, and talk to a therapist. I don’t know what I’ll do when it ends. Probably won’t go back to the company.
Weirdly, a lot of my friends in the big tech industry have hit a breaking point and are leaving or on leaves.
I’m recovering from burnout after working at a big tech company for 10 years. I think this article tries to focus on how just giving people the right work will prevent burnout, but I think the causes are very complex and vary for different people. But it’s important to catch it before it’s bad. For me, I had difficult to please managers, or projects that went nowhere, or passion projects that were not invested in, or lack of strong non-work relationships, or even just looking at the company I worked at slowly lose all culture and turn into something that started to abuse customers and focus on profits.
The spec mandating its as a single string isn’t that crazy. It’s good to have a consistent response format so a basic deserializer can deserialize any error response object and get something out.
If you have different providers. One that returns error: { code: string } and another does something else, you end up with the same problem this post talks about-- Inconsistency.
As far as I can tell, the spec doesn’t limit you to just the one field and you can add other optional fields to the top level to the response that the caller can optionally decide to handle. But if you know there’s going to be a field called error that is a string. You always get at least something out of that to present.
This shocked me when I went from my Galaxy Watch 3 to a Galaxy Watch 6. I used to only have to put a PIN when I wanted to pay, but now it’s anything on the watch?
Because of that, I also disabled the payment app.