Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

TrueNAS on a Raspberry Pi 5: A Hacky but Educational Journey

2025-08-28

The author attempts to run TrueNAS, a network storage system typically used on more powerful hardware, on a Raspberry Pi 5. Due to the Raspberry Pi's lack of official UEFI support, a community project, rpi5-uefi, is used. While successfully installing TrueNAS, limitations in UEFI mode—including missing fan, GPIO, and built-in Ethernet support, plus restrictions on multiple PCIe devices—prevent some hardware from being recognized. The author concludes that while a challenging learning experience, higher-end Arm hardware is still recommended for high-performance needs.

Read more
(www.jeffgeerling.com)
Hardware

How Likely Is a Bitcoin Address Typo to Cause a Problem?

2025-08-29

Concerns exist about accidentally sending Bitcoin to the wrong address due to typos. This article uses checksum probabilities, the vast size of the address space, and edit distance calculations to demonstrate the extremely low likelihood of this happening. Even considering addresses that are a small edit distance apart, the probability of a typo leading to a collision with another valid address in the enormous address space is negligible. Therefore, address typos are not a major risk in using Bitcoin.

Read more
(www.johndcook.com)
Tech

LLMs: The End of OCR as We Know It?

2025-08-28
LLMs: The End of OCR as We Know It?

From the 1870s Optophone, a reading machine for the blind, to today's OCR, document processing has come a long way. Yet, challenges remain due to the complexities of human writing habits. Traditional OCR struggles with non-standardized documents and handwritten annotations. However, the advent of multimodal LLMs like Gemini-Flash-2.0 is changing the game. Leveraging the Transformer architecture's global context understanding and vast internet training data, LLMs can comprehend complex document structures and even extract information from images with minimal text, like technical drawings. While LLMs are more expensive and have limited context windows, their advantages in document processing are significant, promising a solution to document processing challenges within the next few years. The focus will shift towards automating the flow from document to system of record, with AI agents already proving helpful.

Read more
(cloudsquid.substack.com)
AI Document Processing

DSLRoot: A Ghostly Residential Proxy Network with Roots in Russia?

2025-08-26

A Reddit post exposed DSLRoot, a residential proxy network paying US users $250/month to host their equipment. Its history traces back to Russia and Eastern Europe, with its operators shrouded in mystery but linked to a BlackHatWorld user, USProxyKing, involved in malware distribution and robocalling services. DSLRoot claims transparency but its operations raise cybersecurity and privacy concerns, especially given the involvement of a US Air National Guard member with top-secret clearance. The network's size has shrunk recently, likely due to increased competition.

Read more
(krebsonsecurity.com)
Tech

Google's Device-Bound Session Credentials: The End of Session Hijacking?

2025-08-28

Session hijacking has long been a major threat to online security. Traditional cookie-based session management is vulnerable, leaving systems open to attack. To combat this, Google has introduced Device-Bound Session Credentials (DBSC), leveraging public-key cryptography. DBSC generates a key pair for each session, securely stored on the device (e.g., using TPM on Windows). This renders session identifiers useless on other devices, effectively preventing hijacking. Currently in beta for Google Workspace Chrome users (Windows), widespread adoption by other browser vendors could finally make session hijacking a relic of the past.

Read more
(www.feistyduck.com)
Tech session hijacking public-key cryptography

Real-time 3D Human Motion Detection and Visualization using WiFi CSI

2025-08-26
Real-time 3D Human Motion Detection and Visualization using WiFi CSI

WiFi-3D-Fusion is an open-source project that leverages Channel State Information (CSI) from local Wi-Fi to perform real-time human motion detection and 3D visualization. Supporting both ESP32-CSI and Nexmon data acquisition, it employs advanced CNNs for person detection and tracking, including multi-person identification and re-identification. A continuous learning pipeline allows the model to automatically improve during operation. Visualization is offered through both a web interface and a terminal-based pipeline. Optional integrations with Person-in-WiFi-3D, NeRF², and 3D Wi-Fi Scanner are also provided.

Read more
(github.com)
Development WiFi sensing human motion detection

Hacker News Emoji Mystery: Length 36?

2025-08-29

A post on Hacker News sparked a discussion about the display of emojis. The author noticed that Hacker News seems to handle emojis in titles differently, replacing them with spaces or converting them into character encodings to fit the 80-column display limit. Tests revealed that a single emoji could have a length of 36, contrasting with its expected length. The post explores Hacker News's emoji handling mechanism and the variations in emoji display across different browsers and devices.

Read more
(zaerl.com)
Misc

A Convex Polyhedron That Defies Intuition: No Rupert's Property

2025-08-29
A Convex Polyhedron That Defies Intuition: No Rupert's Property

For a long time, it was believed that any convex polyhedron could have a hole cut through it large enough to pass an identical copy through. This is known as 'Rupert's property'. This week, Steininger and Yurkevich proved this wrong! They found a convex polyhedron with 90 vertices, 240 edges, and 152 faces that lacks this property. Their proof involved a computer search of 18 million possible holes, combined with rigorous mathematical arguments. They dubbed this counter-example a 'noperthedron'. This discovery challenges long-held assumptions in geometry.

Read more
(johncarlosbaez.wordpress.com)
Misc polyhedron

Jane Street Summer Internship Projects: Faster JSQL, Improved Torch Bindings, and Cross-Process Memory Management

2025-08-29
Jane Street Summer Internship Projects: Faster JSQL, Improved Torch Bindings, and Cross-Process Memory Management

Jane Street highlights three standout projects from this year's summer internship program: Leo Gagnon's JSQL evaluator, achieving hundreds of times speedup through indexing; Aryan Khatri's improved OCaml Torch bindings, leveraging OxCaml for safe and efficient GPU memory management; and Anthony Li's cross-process memory management library, eliminating serialization overhead with reference counting. These projects not only boost internal tools' efficiency but also contribute valuable code to the open-source community.

Read more
(blog.janestreet.com)
Development

Facebook Secretly Uploads User Photos to the Cloud?

2025-08-29
Facebook Secretly Uploads User Photos to the Cloud?

Meta, Facebook's parent company, is testing a new feature that secretly uploads users' phone photos and videos to the cloud without explicit consent, using them to generate AI-powered suggestions like collages, monthly recaps, and themed albums. While Meta claims the feature is opt-in and prompts users, some report never seeing the prompt and finding the feature enabled by default. This raises serious privacy concerns as Meta accesses users' private, unshared photos and videos. The test is currently limited to the US and Canada, excluding Illinois and Texas due to privacy laws.

Read more
(www.zdnet.com)
Tech Facebook Privacy

Unexpected CPU Performance Boost from Data Structure Optimization

2025-08-26

A program processing a large dataset encountered memory and CPU performance bottlenecks. Initially using a single array to store data resulted in up to 1GB of memory consumption. By employing data-oriented programming, splitting the data into multiple arrays saved approximately 200MB of memory. Further optimization involved replacing a string array with byte array indices for field names, further reducing memory usage. Surprisingly, this change also significantly decreased CPU usage. The reason lies in the garbage collection mechanism: processing a string array requires the GC to traverse all string objects, while processing a byte array doesn't, thus drastically reducing GC overhead.

Read more
(ayende.com)
Development data structure optimization

Anthropic to Train AI Models on User Data, Opt-Out Required

2025-08-29
Anthropic to Train AI Models on User Data, Opt-Out Required

Anthropic will begin training its AI models, including Claude, on user chat transcripts and coding sessions unless users opt out by September 28th. This affects all consumer tiers, extending data retention to five years. A prominent 'Accept' button in the update notification risks users agreeing without fully understanding the implications. While Anthropic claims data protection measures, users who inadvertently accept can change their preference in settings, though previously used data remains inaccessible.

Read more
(www.theverge.com)
AI user agreement

Async: AI-Powered Collaborative Coding Workflow

2025-08-27
Async: AI-Powered Collaborative Coding Workflow

Async is an open-source developer tool that combines AI coding, task management, and code review into one streamlined workflow. Integrating Claude Code, Linear, and GitHub PRs, it automatically researches coding tasks, executes code changes in the cloud, and breaks work into reviewable subtasks, handling the entire workflow from GitHub issue to merged PR. Async excels with mature codebases, enforcing upfront planning, eliminating context switching, simplifying task tracking, and providing built-in code review. Built with FastAPI, Claude Code, and Google Cloud Platform, it supports desktop and mobile.

Read more
(github.com)
Development

The Simplest Thing That Could Possibly Work: A Software Design Philosophy

2025-08-30

This article champions the principle of 'doing the simplest thing that could possibly work' in software design. Instead of striving for an idealized, over-engineered system, the author advocates for a deep understanding of the current system and choosing the simplest solution. This approach, while seemingly underwhelming, yields surprisingly effective results, exemplified by the designs of Unix and Rails. While challenges like system inflexibility and defining 'simplicity' exist, the author argues that focusing on current needs and iterative improvement is superior to over-engineering for distant future requirements. Ultimately, a simple, stable system often surpasses an over-engineered, hard-to-maintain one.

Read more
(www.seangoedecke.com)
Development simplicity

Nostalgic Retro: Blue Beings in a 1960s Recording Studio

2025-08-26
Nostalgic Retro: Blue Beings in a 1960s Recording Studio

A faded photograph captures a 1960s recording studio scene featuring two blue characters in the control room, bathed in the warm glow of vacuum tubes and a large mixing console. The larger figure, wearing slightly askew headphones, peacefully observes a musician through soundproof glass. The smaller character, perched on a stool and sporting tiny round glasses, meticulously adjusts a knob on a reel-to-reel tape machine. The aged photo's grainy texture, soft focus, and desaturated warm tones evoke a strong sense of nostalgia, transporting viewers back to a musically vibrant era.

Read more
(deepmind.google)
Design recording studio 1960s

Critical: Three Unpatched Security Vulnerabilities Found in libxslt

2025-08-29

libxslt, a sibling project of libxml2, currently lacks an active maintainer and has three unpatched security vulnerabilities. Two have been publicly disclosed (CVE-2025-7424 and CVE-2025-7425), involving type confusion and a heap-based buffer overflow. Patches have been proposed by engineers from Apple and Google on the GNOME GitLab, but remain unapplied due to the lack of a maintainer. This highlights the importance of open-source maintenance and poses a security risk to applications relying on libxslt.

Read more
(vuxml.freebsd.org)
Development

Apple Removes Torrent Client iTorrent from AltStore in EU, Demonstrating App Store Control

2025-08-28
Apple Removes Torrent Client iTorrent from AltStore in EU, Demonstrating App Store Control

Apple has removed the iPhone torrent client, iTorrent, from the AltStore PAL alternative iOS app store in the EU. This action highlights Apple's continued ability to control apps outside its official App Store. Developer Daniil Vinogradov states Apple revoked his distribution rights across all alternative iOS stores, not just AltStore PAL. While Apple bans torrent apps from its own store, the EU's Digital Markets Act allows for third-party app stores. iTorrent's addition to AltStore last July raises the question of why Apple acted now.

Read more
(www.theverge.com)
Tech

Gmail Accused of Partisan Spam Filtering: GOP Claims Bias

2025-08-30
Gmail Accused of Partisan Spam Filtering: GOP Claims Bias

FTC Chairman Andrew Ferguson accused Google of using partisan spam filters in Gmail, allegedly sending Republican fundraising emails to spam while delivering Democratic emails to inboxes. Ferguson's letter to Alphabet CEO Sundar Pichai alleges potential FTC Act violations. Google denies the accusations, stating its spam filters are based on objective user signals and apply equally to all senders, regardless of political affiliation. This reignites long-standing Republican complaints previously dismissed by a federal judge and the Federal Election Commission.

Read more
(arstechnica.com)
Tech

WhatsApp Patches Zero-Click Vulnerability Exploited in Sophisticated Spyware Campaign

2025-08-30
WhatsApp Patches Zero-Click Vulnerability Exploited in Sophisticated Spyware Campaign

WhatsApp has patched a critical security vulnerability (CVE-2025-55177) in its iOS and Mac apps that was exploited in a sophisticated spyware campaign targeting nearly 200 users. The vulnerability, used in conjunction with another flaw fixed by Apple (CVE-2025-43300), allowed attackers to steal data via a zero-click exploit, requiring no user interaction. Amnesty International's Security Lab confirmed the attack, which lasted over 90 days. While Meta hasn't identified the attacker, this isn't the first time WhatsApp has faced government-backed spyware attacks, having previously sued and won damages against NSO Group for its Pegasus spyware.

Read more
(techcrunch.com)
Tech Zero-Click Exploit

The Curious Case of 'Special Register Groups'

2025-08-27
The Curious Case of 'Special Register Groups'

A seemingly innocuous definition of a CPU – 'containing main storage, arithmetic unit, and special register groups' – has persisted for half a century. This originates from the 1959 Honeywell 800 mainframe, which allowed multiple programs to share a processor, each with its own set of 32 registers. Despite the Honeywell 800's obsolescence, 'special register groups' stubbornly survived in countless glossaries, even appearing in the Washington Post and the National Fire Code. This demonstrates how definitions in authoritative glossaries endure for decades, even when obsolete terms refuse to die.

Read more
(www.righto.com)
Tech CPU definition

The Tech Industry's Inclusion Illusion: A Schizoaffective Programmer's Story

2025-08-28
The Tech Industry's Inclusion Illusion: A Schizoaffective Programmer's Story

A programmer with schizoaffective disorder recounts their experience of being systematically excluded from over 20 tech companies over the past few years, each time after disclosing their mental health condition. This powerful essay details the systemic discrimination faced in healthcare, the workplace, and personal relationships, exposing the gap between tech companies' performative diversity initiatives and the reality of supporting employees with severe mental illnesses. The author calls for genuine inclusion across healthcare, professional environments, communities, and personal relationships, moving beyond superficial awareness.

Read more
(kennethreitz.org)
Tech workplace discrimination

Cascata delle Marmore: Rome's Ancient Engineering Marvel, World's Tallest Man-Made Waterfall

2025-08-27
Cascata delle Marmore: Rome's Ancient Engineering Marvel, World's Tallest Man-Made Waterfall

The Cascata delle Marmore in Umbria, Italy, is a stunning man-made waterfall, created by the Romans in 271 BC. Standing at 165 meters (541 feet), it's the tallest man-made waterfall globally. Initially built to drain wetlands and potentially combat malaria, it's now a major tourist attraction. Centuries of modifications have shaped its current breathtaking appearance, even inspiring Lord Byron's poetry. Today, its waters power a hydroelectric plant, with viewing times carefully scheduled to balance tourism and energy production.

Read more
(en.wikipedia.org)
Misc waterfall man-made

You No Longer Need JavaScript: Unleashing the Power of Modern CSS

2025-08-29

This article champions the capabilities of modern CSS, arguing that many websites don't require bloated JavaScript frameworks. The author delves into new CSS features like nesting, relative colors, and responsive viewport units (lvh, svh, dvh), showcasing how to build animations, theming, and input validation with CSS alone. Clean code examples illustrate these techniques. The article also proposes improvements to CSS, such as reusable blocks and nth-child variables, highlighting CSS's performance and accessibility advantages. The author promotes a leaner, more efficient web development philosophy and expresses a passion for CSS as an art form.

Read more
(lyra.horse)
Development

Code Time Machine: Automatic Change Detection & One-Click Rollback

2025-08-28

This tool automatically monitors your entire project for file changes without any setup. Create instant snapshots of your project before risky changes with one click. A built-in diff viewer clearly shows changes between snapshots, tracking additions, modifications, and deletions. Instantly restore your project to any previous snapshot – a true code time machine for fearless experimentation. It seamlessly integrates with Claude Desktop via MCP protocol, automatically creating checkpoints upon task completion, and provides full project backups for peace of mind.

Read more
(claude-checkpoints.com)
Development code version control project backup diff viewer

Real-time AI Rendering of an ASCII Game: Challenges and Breakthroughs

2025-08-28
Real-time AI Rendering of an ASCII Game: Challenges and Breakthroughs

The author renders a prehistoric dinosaur game, "Thunder Lizard," in real-time using AI, transforming its ASCII graphics into high-definition visuals. This presented significant challenges: completing AI image generation, transmission, and display within 30 milliseconds. Leveraging fal.ai's low-latency inference capabilities and WebSocket connections, the author achieved 10 FPS rendering, albeit with noticeable latency. Model selection involved experimenting with ControlNet and image-to-image models, ultimately settling on a fast model and training custom LoRA weights to improve image quality. While the results aren't perfect, the experiment demonstrates the feasibility of real-time AI game rendering, opening exciting possibilities for future game development.

Read more
(blog.jeffschomay.com)
Game image generation models

Rust-based aarch64 JIT Emulator: A 'Hello, World!' Story

2025-08-30

The author built an aarch64 instruction set architecture emulator using Rust and Cranelift's JIT compiler. The article details the journey from virtual machine instructions to native code execution, covering instruction decoding, JIT translation, memory management, and device emulation. A PL011 UART simulation was implemented, and gdbstub enables debugging. The emulator currently runs simple bare-metal programs, with future goals including Linux boot support. Further development will focus on exception handling, timer support, MMU implementation, and an interrupt controller.

Read more
(pitsidianak.is)
Development

Shocking! Most Open Source Projects Are Maintained by a Single Person

2025-08-28
Shocking! Most Open Source Projects Are Maintained by a Single Person

A recent article reveals a shocking truth about the open-source world: over 7 million open-source projects are maintained by just one person! This includes many popular NPM packages with over a million downloads. The author argues that focusing on the maintainer's nationality is pointless; the real issue is that these developers severely lack resources and support, posing a potential supply chain risk. Instead of demonizing individual developers, we should focus on how to better support them.

Read more
(opensourcesecurity.io)
Development single maintainer

Writing Mathematical Papers: Avoiding Common Pitfalls in Definitions and Expressions

2025-08-30

This guide offers practical advice on writing clear and concise mathematical papers, focusing on common errors in definitions and expressions. It emphasizes avoiding extra commas in definitions, preventing double-duty definitions where notation is introduced and used simultaneously, and treating expressions as units to avoid ambiguity. The guide provides numerous examples and alternative phrasing to enhance readability and precision.

Read more
(dwest.web.illinois.edu)
Development academic writing mathematical writing
1 2 10 11 12 14 16 17 18 562 563