Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Malicious NPM Packages Targeting Cursor.com Deployed by Snyk Researcher

2025-01-14
Malicious NPM Packages Targeting Cursor.com Deployed by Snyk Researcher

A Snyk security researcher deployed several malicious NPM packages targeting Cursor.com, a popular AI coding company. These packages, named things like "cursor-retreival" and "cursor-always-local", collect system data and send it to an attacker-controlled server upon installation. The attack leverages dependency confusion, aiming to trick Cursor employees into installing these public packages. While the OpenSSF package analysis scanner flagged and reported these malicious packages, NPM hasn't yet marked them as such. This highlights limitations in software supply chain security tools and emphasizes the importance of careful NPM package installation.

Read more
(sourcecodered.com)
Tech software supply chain security

Solved: The Sum-Free Sets Conjecture

2025-05-25
Solved: The Sum-Free Sets Conjecture

A seemingly simple mathematical problem—the sum-free sets conjecture—has baffled mathematicians for decades. The conjecture explores whether, within any set of integers, there exists a large subset where the sum of any two numbers in the subset is not also in the subset. In 1965, the renowned mathematician Paul Erdős posed the question, providing a lower bound. Despite many attempts to improve upon it, progress remained stagnant until February of this year, when Oxford graduate student Benjamin Bedert finally solved the problem, demonstrating that any set of integers contains a large sum-free subset, significantly larger than previously estimated. Bedert's proof cleverly combines techniques from diverse mathematical fields, offering new approaches to similar problems. This achievement is hailed as a major breakthrough in mathematics.

Read more
(www.quantamagazine.org)
Misc sum-free sets

Massive Supply Chain Attack Compromises Hundreds of E-commerce Stores

2025-05-11
Massive Supply Chain Attack Compromises Hundreds of E-commerce Stores

Hundreds of e-commerce stores, including a $40 billion multinational, are running backdoored versions of popular software. Security firm Sansec discovered that attackers have been actively exploiting these backdoors since at least April 20th. Affected packages are from vendors including Tigren, Magesolution (MGS), Meetanshi, and Weltpixel, released between 2019 and 2022. Attackers compromised vendor servers to inject backdoors, gaining access to all customer stores and their visitors. The backdoor disguises itself as a license check, located in License.php or LicenseApi.php. E-commerce stores using software from these vendors are urged to check their security immediately.

Read more
(sansec.io)
Tech e-commerce security backdoor vulnerability

Weave is Hiring a Founding Product Engineer!

2025-03-26
Weave is Hiring a Founding Product Engineer!

Weave, a rapidly growing and profitable startup, seeks an exceptional founding product engineer. Reporting directly to the CTO and CEO, you'll build core products for millions of engineers. We value your grit, pragmatism, empathy, and communication skills. While familiarity with our tech stack (React, TypeScript, Go, Python) is a plus, we prioritize your problem-solving skills and passion for improving engineering productivity.

Read more
(www.ycombinator.com)
Development

ISEVIC: Breathing New Life into Your C64

2025-07-07
ISEVIC: Breathing New Life into Your C64

ISEVIC is an FPGA core that lets your vintage Commodore 64 output digital video via HDMI! It works by reading the bus signals on the cartridge port and translating them into a displayable image. It supports multiple FPGA platforms, including the Tang Nano 20K. The project includes Gerber files and bitstreams for a C64 cartridge slot carrier board, with automatic PAL/NTSC detection. While most cartridges work, some (like the EasyFlash 3) may have compatibility issues. Experimental SID emulation for sound is also included. Ready to relive the classics?

Read more
(github.com)
Hardware

UK Unveils Ambitious AI Blueprint to Become Global Leader

2025-01-13
UK Unveils Ambitious AI Blueprint to Become Global Leader

The UK Prime Minister recently announced a sweeping AI plan aiming to establish the nation as a global leader in artificial intelligence. Key initiatives include creating dedicated AI Growth Zones to expedite infrastructure development, building a new supercomputer, and boosting AI adoption across public and private sectors. This strategy projects a potential 1.5% annual productivity increase, creation of tens of thousands of jobs, and significant improvements in public services. With over £14 billion in private investment committed, the plan demonstrates a substantial government commitment to AI.

Read more
(www.gov.uk)
Tech government policy economic growth

The Surprising Geography of Vacation Homes in the US

2025-07-27
The Surprising Geography of Vacation Homes in the US

An analysis of US Census data reveals fascinating patterns in the distribution of vacation homes across the country. Florida leads with over 800,000, followed by California and New York. However, as a percentage of total housing, New England states like Maine, Vermont, and New Hampshire boast the highest proportions, exceeding 15%. Vacation homes cluster heavily along coasts, near the Great Lakes, in New England, and parts of the West. Location correlates strongly with geographical amenities like beaches, lakes, mountains (and ski resorts), golf courses, and theme parks. Surprisingly, major cities have a disproportionately low percentage of vacation homes. The study also notes that vacation home growth lags behind overall economic growth, likely due to low construction productivity and restrictive zoning regulations.

Read more
(www.construction-physics.com)
Misc vacation homes geographic distribution economic trends

arXivLabs: Experimental Projects with Community Collaborators

2025-09-10
arXivLabs: Experimental Projects with Community Collaborators

arXivLabs is a framework enabling collaborators to develop and share new arXiv features directly on the website. Individuals and organizations involved uphold arXiv's values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only partners with those who share them. Have an idea for a valuable project for the arXiv community? Learn more about arXivLabs.

Read more
(arxiv.org)
Development

Ethersync: Multiplayer Text Editing, Locally

2025-08-02
Ethersync: Multiplayer Text Editing, Locally

Ethersync enables real-time collaborative editing of local text files without a server, offering encrypted peer-to-peer connections. It supports Linux, macOS, Android, and WSL, with plugins for Neovim and VS Code. Share files via simple command-line commands, allowing multiple users to edit simultaneously, see each other's cursors, and selections. Think of it as multiplayer mode for your text editor! The project is actively developed and welcomes contributions and bug reports.

Read more
(github.com)
Development

1.5 Years of AI-Assisted Programming: Reflections and Lessons Learned

2025-08-07
1.5 Years of AI-Assisted Programming: Reflections and Lessons Learned

This post shares the author's 1.5-year experience using AI for programming. AI excels at repetitive coding tasks, refactoring, and simple projects, but struggles with complex problems and new development, often introducing errors and inefficient abstractions. CLI interfaces prove more effective than IDEs due to increased developer control. AI aids in design and writing, but 'vibe coding' (relying solely on AI-generated code) is discouraged, leading to significant technical debt and security vulnerabilities. The author concludes that the primary beneficiaries of AI aren't developers, but managers and clients, facilitating improved communication and collaboration. The future of AI in programming is bright, but companies shouldn't use it as an excuse for layoffs.

Read more
(priver.dev)
Development

Microsoft Outlook Restored After Widespread Outage

2025-07-13
Microsoft Outlook Restored After Widespread Outage

Following widespread issues accessing email accounts late Wednesday and into Thursday, Microsoft announced that affected Outlook systems are back online. The outage peaked just before noon ET Thursday, with over 2,700 users globally reporting problems such as inbox loading and sign-in failures to Downdetector. Microsoft initially encountered problems with its fix, leading to delays. By late afternoon, reports had significantly dropped, and Microsoft confirmed a configuration change resolved the impact for all users. The cause of the hours-long outage remains undisclosed.

Read more
(apnews.com)
Tech

Trump Tariffs: The Impact on Tesla – Debunking the Myths

2025-03-06
Trump Tariffs: The Impact on Tesla – Debunking the Myths

Despite the rosy outlook painted by some Tesla fans, the reality is that President Trump's tariffs on Mexico and Canada will negatively impact Tesla. Data reveals that Tesla sources over 20% of its parts from Mexico, with additional components coming from Canada. This means the recently delayed (again, for another month) tariffs will inevitably increase Tesla's production costs, affecting vehicle prices and profitability. Tesla's stock reaction to the tariff delay further underscores this impact. Elon Musk's close relationship with Trump, and his seeming inaction against the tariffs, adds a layer of complexity. The long-term effects may extend beyond mere cost increases, potentially damaging US business relationships with Canada and Mexico.

Read more
(electrek.co)
Tech Trade War

250 Years of Ice Cream Trucks: From Gang Wars to Electric Dreams

2025-09-02
250 Years of Ice Cream Trucks: From Gang Wars to Electric Dreams

This article chronicles the 250-year history of ice cream trucks in the UK, from humble beginnings to the eco-friendly electric vehicles of today. It explores the industry's ups and downs, including sanitation issues, gang wars, and the industry's efforts to adapt. Ultimately, the article highlights the unique charm and cultural significance of ice cream trucks and their transformation in modern society.

Read more
(longreads.com)
Misc ice cream trucks UK culture

Escaping the microSD Card Hell: Rock 5 ITX+ and EDK2-RK3588 UEFI Firmware

2025-09-01
Escaping the microSD Card Hell: Rock 5 ITX+ and EDK2-RK3588 UEFI Firmware

Tired of constantly removing the side panel of his Rock 5 ITX+ to swap OSes via microSD, the author explored using EDK2-RK3588 UEFI firmware. This allowed booting and installing generic ARM Linux images from USB. The journey involved overcoming the quirks of the Rock 5 ITX+, like its inability to boot from microSD. Successful installations of Fedora Rawhide and Ubuntu 25.10 were achieved, though minor issues like sound remained. While an SD card extender offers a simpler solution, this article delves into the potential of EDK2-RK3588, paving the way for greater RK3588 platform versatility.

Read more
(interfacinglinux.com)
Hardware

Qualcomm Open-Sources EUD: In-Circuit Debugging Over USB

2025-07-01
Qualcomm Open-Sources EUD: In-Circuit Debugging Over USB

Qualcomm quietly released the source code for its Embedded USB Debug (EUD) interface, enabling developers to perform SWD debugging directly over USB without external JTAG tools. EUD, integrated into nearly every Qualcomm SoC since ~2018, provides debugging access to CPUs and Hexagon co-processors. While the initial open-source code had some compilation issues, the community quickly addressed them. Currently supporting chips like Snapdragon 845, 855, and 865, it simplifies debugging U-Boot and the secure world, but kernel debugging support is limited, and SMP support is incomplete.

Read more
(www.linaro.org)
Development

Building a Retro 3D Website Effect with Shaders: Dithering, Quantization, and Pixelation

2025-02-03
Building a Retro 3D Website Effect with Shaders: Dithering, Quantization, and Pixelation

The author spent months building their personal website, incorporating 3D work to showcase shader and WebGL skills. The article delves into the crucial role of post-processing in enhancing 3D scene visuals, focusing on creating retro effects. It covers various dithering techniques (white noise, ordered, and blue noise), explaining their implementation using shaders. Color quantization techniques are also detailed, allowing for custom palettes. The article culminates in a stunning retro 3D website effect combining pixelation and CRT monitor emulation.

Read more
(blog.maximeheckel.com)
Development Shaders Post-processing

arXivLabs: Community Collaboration on arXiv Features

2025-05-28
arXivLabs: Community Collaboration on arXiv Features

arXivLabs is a platform enabling developers and researchers to build and share new arXiv features directly on the arXiv website. Participants, individuals and organizations alike, embrace arXiv's values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only partners with those who share them. Got an idea to enhance the arXiv community? Explore arXivLabs!

Read more
(arxiv.org)
Development

Enhanced MySQL 8.0: Open-Source Project Delivers Significant Performance Boost

2025-06-01
Enhanced MySQL 8.0: Open-Source Project Delivers Significant Performance Boost

An open-source project has comprehensively optimized MySQL 8.0, addressing join performance degradation since version 8.0.28, bulk insert performance issues, and other bottlenecks. Optimizations span InnoDB storage engine scalability, redo logs, hash join cost model, memory usage, and high availability. Testing shows the optimized version is particularly effective on high-performance hardware, delivering more stable and efficient service, especially for high-concurrency scenarios in internet companies. The project also provides ongoing version maintenance and easy-to-use binary downloads.

Read more
(github.com)
Development

Unexpected Inconsistency in C# Records: A `with` Operator Gotcha

2025-07-22
Unexpected Inconsistency in C# Records: A `with` Operator Gotcha

The author discovered an unexpected inconsistency when using C# records. When updating records containing derived data with the `with` operator, the derived data isn't recalculated, leading to inconsistencies. This stems from the `with` operator not calling the constructor but instead using a copy constructor to create a copy and then modify properties. Several solutions are proposed, including avoiding `with` on complex records, writing a Roslyn analyzer to detect the issue, using `Lazy` for deferred property computation, and requesting a language change. This post highlights a potential pitfall in C# records, cautioning developers about using the `with` operator, especially with derived data.

Read more
(codeblog.jonskeet.uk)
Development Records with operator

AI Code: From Vibrators to Pacemakers – How Far Can Our Trust in Code Go?

2025-07-10

The author uses the code of a vibrator and a pacemaker as examples to discuss the issue of code security and trust in the age of AI. The simple vibrator program and the complex pacemaker program are surprisingly similar in structure, but the latter concerns life safety and requires strict review and certification. The author questions whether, even if AI can write better code than humans in the future, we can fully trust AI-generated code, especially for programs related to life safety, such as a car's braking system. The author argues that radical transparency, including open code, specifications, and processes, is key to building trust, but the correctness of the code alone is not enough; comprehensive system understanding and security measures are also needed.

Read more
(punkx.org)
Tech code trust medical devices

Reverse-Engineered: High-Res Raspberry Pi Internal Scans Released

2025-08-26

Following Jonathan Clark's and TubeTime's reverse engineering efforts on the Raspberry Pi Zero 2 W and Compute Module 5 respectively, and their subsequent release of schematics and processes, the author discovered they possessed high-resolution Lumafield scans of most modern Raspberry Pi models (excluding the larger keyboard form factor Pis). These scans, offering detailed internal views, are now publicly available for community exploration and analysis.

Read more
(www.jeffgeerling.com)
Hardware 3D Scans

46-Year-Old Programmer Chooses Medical Aid in Dying After Years-Long Battle with Heart Disease

2025-06-11

Chris, a 46-year-old programmer, recounts his arduous journey battling severe heart disease, culminating in his decision to pursue medical aid in dying. His story details multiple heart attacks, emergency room visits, ICD implantations, ablations, and the agonizing experience of repeated shocks. Despite numerous treatments, his condition worsened, leading him to choose Oregon's Death with Dignity Act for a peaceful end. This deeply personal account chronicles his struggle and the difficult decision he made, prompting reflection on healthcare challenges and the dignity of life's end.

Read more
(blog.the-brannons.com)
Misc Medical Aid in Dying End-of-Life Care

Android System Font Iterator Bug Hunt: A Tale of Hidden Symbols

2025-06-02

This blog post recounts a surprisingly lengthy bug fix. Android defines different API levels, with some symbols only available from a specific version. Firefox for Android (Fenix) uses `ASystemFontIterator_open`, available only from API 29. For backward compatibility, Fenix uses `__ANDROID_UNAVAILABLE_SYMBOLS_ARE_WEAK__` and `__builtin_available` for compile-time and runtime checks. However, Firefox's build system defaults to hidden visibility (`-fvisibility=hidden`), causing the weak symbol `ASystemFontIterator_open` to become undefined in the shared library, leading to crashes. The fix was a simple change to temporarily alter the default visibility when including Android system headers.

Read more
(serge-sans-paille.github.io)
Development Bug Fix

China's Great Firewall Mysteriously Blocks Port 443 for an Hour

2025-08-21
China's Great Firewall Mysteriously Blocks Port 443 for an Hour

On August 20th, China's Great Firewall experienced a mysterious outage, blocking access to most foreign websites for about an hour. The outage affected TCP port 443, the standard port for HTTPS traffic, disrupting services reliant on it, including some Apple and Tesla services. The cause remains unclear, possibly a new device being tested, misconfiguration, or human error. This isn't the first Great Firewall glitch, highlighting flaws in China's internet censorship.

Read more
(www.theregister.com)
Tech Network Outage

Wisconsin's County Road Letter Mystery

2025-08-09
Wisconsin's County Road Letter Mystery

Have you noticed the alphabet soup of letters marking Wisconsin's scenic county roads? BB, CV, N, SS – why letters instead of numbers? Over a century ago, Wisconsin innovatively used letters to distinguish county roads from state highways, streamlining maintenance and preventing duplication of efforts. This system, initiated in 1917, has evolved, now using double and multiple letter combinations as the single letters ran out. The Wisconsin County Highway Association, founded in 1911, is proud of this historical system and their continuing leadership in road innovation.

Read more
(www.wpr.org)
Misc road numbering

Anthropic's Constitutional Classifiers: A New Defense Against AI Jailbreaks

2025-02-03
Anthropic's Constitutional Classifiers: A New Defense Against AI Jailbreaks

Anthropic's Safeguards Research Team unveils Constitutional Classifiers, a novel defense against AI jailbreaks. This system, trained on synthetic data, effectively filters harmful outputs while minimizing false positives. A prototype withstood thousands of hours of human red teaming, significantly reducing jailbreak success rates, though initially suffering from high refusal rates and computational overhead. An updated version maintains robustness with only a minor increase in refusal rate and moderate compute cost. A temporary live demo invites security experts to test its resilience, paving the way for safer deployment of increasingly powerful AI models.

Read more
(www.anthropic.com)
AI jailbreak defense constitutional classifiers

Simplifying Apple Watch/iOS App Communication with Racket Macros

2025-02-17

Developing an Apple Watch app involves handling communication with its iOS counterpart. The author uses Racket macros to define a Domain Specific Language (DSL) that auto-generates Swift code to handle the complexities of the WatchConnectivity framework, including message encoding, decoding, and message handler implementation. This avoids a lot of boilerplate code, improving maintainability and reliability. By defining message types and handlers, the DSL automatically generates Swift enums, structs, functions for sending messages, and a message handling protocol, greatly simplifying the development process.

Read more
(defn.io)
Development Macro Programming

The Placebo Effect: Stronger Than You Think

2025-03-23
The Placebo Effect: Stronger Than You Think

The 18th-century London street sale of Perkins Tractors (metal rods for pain relief) showcased the early form of the placebo effect. Today, placebos come in various forms, from oral pills to injections, and their effectiveness varies depending on the form. Studies show that intra-articular placebo injections are more effective at pain relief than topical placebos, which are in turn more effective than oral placebos. Surprisingly, the difference in effectiveness between intra-articular and oral placebos sometimes exceeds the difference between active pain relief drugs and oral placebos. Furthermore, doctor demeanor and patient age also impact placebo effectiveness. The significantly increased placebo effectiveness in the US in recent years has led to some drugs failing approval due to reduced relative efficacy, a phenomenon worthy of further investigation.

Read more
(www.samstack.io)
Tech placebo effect

Resurrecting a Vintage TV with a Raspberry Pi: A 50th Birthday Gift

2025-09-19
Resurrecting a Vintage TV with a Raspberry Pi: A 50th Birthday Gift

In 2017, the author built a unique 50th birthday gift for his father: a vintage TV modified to play shows from the 70s and 80s. He cleverly integrated a Raspberry Pi with an RF modulator to solve video output and channel switching. Software-based channels controlled by a rotary switch were implemented. A power supply solution with voltage regulators was also integrated inside the TV. While the software code is less than perfect, the final result is an 8-hour continuous video playback (including commercials) with keyframe timestamp saving for resuming playback. This creative project showcases the author's technical skills and love for his father.

Read more
(blog.davidv.dev)
Hardware Vintage TV Hardware Hack

2Solitude: Redefining Adventure Travel

2024-12-23
2Solitude: Redefining Adventure Travel

2Solitude specializes in retrofitting US-registered Antonov AN-2 experimental exhibition airplanes into ultimate airshow campers. These planes are fun to fly and guaranteed conversation starters among aviation enthusiasts. Whether it's a front-row seat at Oshkosh, bonefishing in the Exumas, or paddleboarding in an Alaskan lake, 2Solitude provides unparalleled access. This aircraft is registered as Experimental exhibition and is not eligible for any commercial work. It's designed for owner enjoyment and display only. 2Solitude offers a platform for creating your own unique adventures, empowering the bold to explore and share their experiences.

Read more
(www.2solitude.com)
Misc adventure travel aircraft modification aviation
1 2 269 270 271 273 275 276 277 596 597