Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Typo-Squatting Attack Steals GitHub Credentials via ghrc.io

2025-08-25

A simple typo, 'ghrc.io' instead of 'ghcr.io', has led to a malicious attack stealing GitHub credentials. The attacker uses 'ghrc.io' to mimic GitHub's container registry, ghcr.io. While seemingly a default Nginx installation, 'ghrc.io' responds to OCI API requests (/v2/) with a 401 Unauthorized error and a www-authenticate header, directing clients to send credentials to https://ghrc.io/token. This cleverly mimics legitimate container registries. Logging into 'ghrc.io' results in credential theft. Attackers could use these credentials to push malicious images or directly access GitHub accounts. Check if you've logged into 'ghrc.io' and change your passwords and PATs immediately.

Read more
(bmitch.net)
Tech typo squatting

Improved Meetings, Lost Job: A Tale of Office Politics

2025-02-17
Improved Meetings, Lost Job: A Tale of Office Politics

Palmer, an IT engineer, couldn't stand his team's inefficient weekly meetings. He bravely suggested improvements: shortening the meeting to 30 minutes, limiting speaking time to two minutes, and adding one-on-one meetings. While his suggestions were well-received by the team and improved the meetings, he was subsequently rated 'Needs Improvement' in his annual review and accused of lacking teamwork. Palmer leveraged his skills to secure three job offers, and the team he left was reorganized a year later due to poor performance. This story highlights the complexities of office politics, where even doing the right thing can have unforeseen consequences.

Read more
(www.theregister.com)
Misc office politics meeting efficiency

The Snapchat Streak and the Half-Life of Status Games

2025-03-25
The Snapchat Streak and the Half-Life of Status Games

This article explores how Snapchat's streak feature briefly became a potent social capital game and its eventual decline. The author analyzes the fragility of 'proof of work' mechanisms in social networks and how major platforms extend their lifecycles by adding new content formats. Weaknesses of tech giants like Apple and Google in building social features are discussed, along with examples of companies leveraging social dynamics for business growth. Finally, the author concludes that for true happiness, one shouldn't tie it to others' scoreboards.

Read more
(www.eugenewei.com)
Tech social capital

Wayland's Resurrection: A Three-Year Retrospective

2025-02-13

Three years ago, a critical post about Wayland sparked heated discussion. Now, the author revisits the past and finds that Wayland has made remarkable progress. Many of the pain points, such as explicit sync and rendering thread stalls, have been effectively addressed. Improvements in Mesa, protocol enhancements, and active community participation have driven Wayland's development. While some challenges remain, such as embedding foreign surfaces and multi-window management, the future of Wayland looks bright.

Read more
(dudemanguy.github.io)
Development Graphics

CES 2025 TVs: More AI Gimmicks Than Real Improvements

2025-01-10
CES 2025 TVs: More AI Gimmicks Than Real Improvements

At CES 2025, TV manufacturers showcased AI-powered smart TVs, but Ars Technica's author expresses disappointment. Many touted AI features, such as LG's AI remote lacking a direct input switching button and Samsung's AI food recognition, prioritize corporate interests over user needs. Google TV's Gemini-enhanced Assistant also raises questions about practicality and potential subscription fees. The author argues that the industry's focus on software and data collection overshadows hardware improvements and user experience, forcing consumers to pay for largely useless features. Ultimately, many consumers simply desire TVs with superior picture and sound quality, a goal increasingly difficult to achieve without navigating through excessive gimmicks.

Read more
(arstechnica.com)
Tech Smart TVs

A Year of Daily Coding: Lessons Learned

2025-03-12
A Year of Daily Coding: Lessons Learned

This post recounts a year-long commitment to daily coding and publishing to Github, resulting in approximately 100,000 lines of code. The author details the challenges and triumphs, highlighting key takeaways: software development is hard but perseverance pays off; iteration is crucial; confidence builds over time; rest is essential; asking for help is a valuable skill; challenging yourself leads to growth; and failure is part of the process. Looking ahead, the author plans to continue the daily practice, improve their project Vewrite, and explore new ideas.

Read more
(www.ramijames.com)
Development consistent learning

Arcan 0.7 Released: The All-Tomato Desktop Update Arrives

2024-12-26
Arcan 0.7 Released: The All-Tomato Desktop Update Arrives

Arcan 0.7 marks the end of the second phase of the 'anarchy on the desktop' project and the beginning of the final phase. This release focuses on bug fixes and improvements to Lash#Cat9 and Xarcan. Lash#Cat9, a Lua-based command-line environment, adds features such as a Debug Adapter Protocol implementation and an interactive spreadsheet. Xarcan allows for custom window managers, utilizing Arcan as a display driver and enabling interoperability with X servers. Arcan 0.7 aims to improve performance and security, with future versions planned to feature more flexible remote programming and simpler device connection.

Read more
(arcan-fe.com)
Development

Alibaba Chairman Warns of AI Data Center Bubble

2025-03-25
Alibaba Chairman Warns of AI Data Center Bubble

Alibaba Group Holding Ltd. Chairman Joe Tsai warned of a potential bubble in data center construction, arguing that the current pace of buildout may outstrip demand for AI services. Major tech firms and investment funds are aggressively building server farms globally, often without securing clear customers. Tsai expressed concern about projects raising funds without firm uptake agreements. While Alibaba itself plans to invest over $52 billion in AI over the next three years, Tsai highlighted the massive spending by US tech giants (Microsoft, Amazon, Google, Meta) on AI infrastructure, suggesting it might exceed current and projected demand. He pointed to the low-cost, open-source AI model from DeepSeek as an example of the current lack of widespread practical AI applications. Alibaba's response involves leveraging the success of its Qwen-based AI platform and an internal 'reboot' focusing on talent acquisition.

Read more
(finance.yahoo.com)
Tech bubble risk

Newton's Principia: 337 Years of Ordered Universe

2025-07-06
Newton's Principia: 337 Years of Ordered Universe

In 1687, Isaac Newton published his groundbreaking *Principia Mathematica*, explaining the universe's workings, from falling apples to planetary orbits, providing a comprehensible model of the cosmos. Its publication was thanks to Edmund Halley's funding, preventing a significant setback for science. Newton's theories are still widely used today, from bridge building to space launches, ensuring our stable lives and preventing the kettle from floating into space.

Read more
(multiverseemployeehandbook.com)
Tech Newton

Unlocking New Colors: Laser Stimulation of Cone Cells

2025-07-21
Unlocking New Colors: Laser Stimulation of Cone Cells

A study used laser pulses to selectively stimulate cone cells in the retina, claiming to allow people to see unprecedented colors. While the study lacks detailed subject reports, an optical illusion animation seems to produce a similar effect. The animation saturates red cones with a red circle, highlighting green cone activity and producing an intense blue-green. However, due to overlapping cone spectra and screen display limitations, whether this approach reveals colors beyond the normal human color gamut remains questionable.

Read more
(dynomight.net)
Tech optical illusion cone cells

Running a Neural Network on a Calculator: A 56-Hour Train Journey

2025-01-04
Running a Neural Network on a Calculator: A 56-Hour Train Journey

A computer science PhD challenged himself to port a convolutional neural network (CNN) to a TI-84 Plus CE graphing calculator during a 56-hour train ride. Overcoming significant hardware limitations, including scarce memory and the lack of native floating-point operations, he successfully trained and ran the network to identify handwritten digits. While slow, the accomplishment demonstrates the feasibility of running AI on severely resource-constrained devices, showcasing ingenious memory management and algorithmic optimizations.

Read more
(z80.me)
Hardware neural network

Microsoft's Xbox ROG Ally: Entering the Portable Gaming Fray

2025-08-22
Microsoft's Xbox ROG Ally: Entering the Portable Gaming Fray

Microsoft's Xbox ROG Ally handheld console, developed in partnership with Asus, is making waves at Gamescom. Targeted at hardcore gamers, the Ally boasts familiar Xbox controls and aims to expand the Xbox ecosystem, encouraging existing Xbox and PC owners to play more, thus increasing engagement and spending. With the Switch 2's strong launch and the existing Steam Deck competition, Microsoft is vying for a piece of the portable gaming market and boosting Game Pass subscriptions. Sony, meanwhile, remains on the sidelines, offering only the streaming-focused PlayStation Portal. The Ally's release date is October 16th, but pricing remains undisclosed.

Read more
(sg.finance.yahoo.com)
Game Handheld Console

Surface-Stable Fractal Dithering on a Playdate: A Tale of Optimization

2025-02-22

This post details the author's attempt to implement surface-stable fractal dithering on the Playdate handheld, a device with a 1-bit monochrome screen. The process proved challenging due to the limited hardware capabilities. The author meticulously documents the journey, including implementing perspective-correct texture mapping, displaying brightness on a 1-bit screen, and optimizing the fractal dithering algorithm itself. Through numerous optimizations, including algorithmic simplification and switching from a half-space rasterizer to a scanline rasterizer, the author achieves a frame rate of 20-22 FPS, but acknowledges further improvements are possible.

Read more
(aras-p.info)
Game Rasterization

A Transputer Emulator in JavaScript: A 90s OS Reborn in Your Browser

2025-04-04
A Transputer Emulator in JavaScript: A 90s OS Reborn in Your Browser

A developer has ported their C-based Transputer emulator to JavaScript. Surprisingly fast, this emulator comes pre-loaded with a full-blown operating system from Spring 1996, including a C compiler, assembler, 3D modeler, and ray tracer. Users can experience this retro OS directly in their browser, running commands and even attempting to self-compile the C compiler! This showcases the advancements in JavaScript JIT compilation and the developer's passion for retro technology.

Read more
(nanochess.org)
Development Retro OS

Apple Patches Zero-Day Vulnerability Used in Sophisticated Attacks

2025-02-10
Apple Patches Zero-Day Vulnerability Used in Sophisticated Attacks

Apple has released emergency security updates to address a zero-day vulnerability (CVE-2025-24200) exploited in targeted, sophisticated attacks. The vulnerability could bypass USB Restricted Mode on locked devices, potentially allowing data extraction. This mode was designed to prevent forensic software from accessing data on locked iOS devices. Apple urges users to update immediately to mitigate potential ongoing attacks. This incident highlights the importance of regular software updates and mobile device security.

Read more
(www.bleepingcomputer.com)
Tech Apple security update zero-day vulnerability iOS security

Kagi Family Plan: A Safer Search Experience for Kids

2025-03-31
Kagi Family Plan: A Safer Search Experience for Kids

Kagi's new Family Plan prioritizes a safe and private search experience for families. It features a kid-friendly interface, parental controls (including whitelisting and blacklisting websites), and AI-powered quick answers with safety warnings and content filtering. Kagi also uses fun avatars, like a poop emoji, to teach kids about online identity and privacy. The plan's unique approach emphasizes child online safety and promotes responsible tech use through engaging, lighthearted methods.

Read more
(help.kagi.com)
Tech family search engine

Git Shallow Clones: Performance Pitfalls and the Depth 2 Optimization

2025-02-12
Git Shallow Clones: Performance Pitfalls and the Depth 2 Optimization

Git shallow clones (`--depth 1`) can significantly impact performance on the first push. This is because shallow clones artificially mark some commits as root commits, preventing the server from using optimizations and requiring the transmission of the entire commit snapshot. Using `--depth 2` deep clones, however, preserves a complete commit history, allowing the server to utilize optimizations even on the first push, reducing data transfer and significantly improving push speed. Subsequent pushes are unaffected.

Read more
(stackoverflow.com)
Development shallow clone

Obscura: A Next-Gen VPN Using 2-Party Relays and QUIC

2025-02-11
Obscura: A Next-Gen VPN Using 2-Party Relays and QUIC

Existing consumer VPNs suffer from significant trust and privacy issues, as VPN providers act as a man-in-the-middle, seeing both user personal info and browsing history. Obscura VPN solves this by using a 2-party relay architecture and a QUIC-based VPN protocol. The 2-party relay separates "who you are" from "what you do," ensuring that even if one relay is compromised, not all user information is leaked. QUIC disguises VPN traffic as HTTP/3 traffic, bypassing network filters and avoiding the performance degradation of TCP over TCP. Obscura partners with Mullvad as its exit node and open-sources its app's entire source code, aiming for an open and private internet.

Read more
(obscura.net)
Tech

The Open Source Maintainer's Dilemma: How to Actually Help

2025-03-10

A developer on Hacker News highlights the challenges faced by open-source maintainers. Large organizations rely on these projects for cost savings but rarely contribute back, leaving maintainers overwhelmed. The core issue is poor communication: maintainers lack clear contribution guidelines, leaving contributors unsure how to help effectively. The author suggests maintainers clearly state their needs—whether they accept PRs, how to submit bug reports, and if they accept monetary support—to improve efficiency and collaboration.

Read more
(matduggan.com)
Development maintenance

Looking Backward: A Utopian Novel Reflecting American Social Contradictions

2024-12-21
Looking Backward: A Utopian Novel Reflecting American Social Contradictions

Edward Bellamy's 1888 bestseller, *Looking Backward, 2000-1887*, depicted a utopian America in the year 2000, free from poverty and social unrest. The protagonist time-travels to experience this society where the state controls resources and equality reigns. However, the novel is not merely idealistic; it reflects the stark inequalities, worker exploitation, and political corruption of late 19th-century America. Bellamy offered a solution to these problems, albeit one that appears naive and utopian today. Despite its dated aspects, the novel's exploration of social conflict and the pursuit of justice remains relevant.

Read more
(www.laphamsquarterly.org)
Misc Utopia Social Inequality American History

Nostalgic Internet: We Never Lost the Toxicity, We Just Forgot It

2025-01-12
Nostalgic Internet: We Never Lost the Toxicity, We Just Forgot It

A wave of nostalgia has recently swept the internet, with many yearning for a friendlier, simpler online world of 20 years ago. However, this article argues that this nostalgia overlooks the inherent toxicity and problems that existed even then. It explores the evolution of the internet, how platforms became dominated by large corporations, and the proliferation of hate speech and data extraction. Some view the internet as a failed utopia, while others remain hopeful, advocating for solutions such as reclaiming digital sovereignty and supporting self-organized projects to rebuild a kinder, fairer online space.

Read more
(english.elpais.com)
Tech internet nostalgia online culture tech commentary

Hit Reinforcement Learning Textbook: Mathematical Foundations and Accompanying Videos

2025-03-10
Hit Reinforcement Learning Textbook: Mathematical Foundations and Accompanying Videos

A reinforcement learning textbook that has received 5,000+ stars, providing a mathematical yet accessible introduction to fundamental concepts, problems, and classic algorithms. The book includes numerous examples and is accompanied by Chinese and English lecture videos (available on Bilibili and YouTube). Developed over years of teaching experience, it's suitable for undergraduates, graduates, researchers, and practitioners.

Read more
(github.com)
Development

bcvi: Edit Remote Files Locally via SSH Backchannel

2025-03-06

bcvi is a command-line tool that uses SSH to create a 'back-channel' from a server to your workstation, allowing you to edit files on a remote server locally without X forwarding. User Sally can edit files on a server using her local gvim editor via bcvi, enjoying all the advantages of a local editor, such as custom key mappings, plugins, and faster responsiveness. bcvi also supports file transfer and desktop notifications after remote command execution. Installing bcvi requires installing client and server sides on both the server and workstation, and configuring SSH port forwarding and shell aliases.

Read more
(sshmenu.sourceforge.net)
Development remote editing

NVIDIA to Build Massive AI Supercomputer Manufacturing in the US

2025-04-14
NVIDIA to Build Massive AI Supercomputer Manufacturing in the US

NVIDIA is partnering with TSMC, Foxconn, Wistron, Amkor, and SPIL to build over a million square feet of manufacturing space in Arizona and Texas for its Blackwell AI chips and supercomputers. Over the next four years, they plan to produce up to half a trillion dollars worth of AI infrastructure in the US, creating hundreds of thousands of jobs and boosting economic security. This initiative marks a significant step in establishing a robust US AI infrastructure, strengthening supply chain resilience, and meeting the soaring demand for AI computing power.

Read more
(blogs.nvidia.com)
Tech AI supercomputers US manufacturing

China's Meng Xiang: Drilling 11km into the Earth's Crust

2025-04-14

China's new deep-sea drilling vessel, the Meng Xiang ('Dream'), a colossal 42,600-ton vessel, aims to drill 11 kilometers beneath the ocean floor—deeper than ever before attempted. Equipped with a revolutionary hydraulic lifting mast and multiple drilling modes, it can adapt to various geological conditions. The primary goal is to penetrate the Mohorovičić discontinuity (Moho), unlocking secrets about Earth's internal composition and potentially discovering valuable resources. This represents a significant leap in China's deep-sea exploration capabilities and its strategic ambitions.

Read more
(farmingdale-observer.com)
Tech Deep-sea drilling Technological advancement Ocean resources

Nexus Mods Founder Steps Down After 24 Years

2025-06-17
Nexus Mods Founder Steps Down After 24 Years

After nearly 24 years of running Nexus Mods, the founder is stepping back from day-to-day management. Started in 2001 in a bedroom with a 56k modem, the site grew from a simple platform for modders to share their work into a massive community. The immense pressure, however, took a toll on the founder's health. He's found a suitable successor team, ensuring the site's community-first and mod-author-focused values remain intact. While stepping down, the founder will still be involved in community matters and assist the new team in guiding Nexus Mods into the future.

Read more
(www.nexusmods.com)
Game

New Bill Aims to Tackle IoT Device Security Risks

2025-03-17
New Bill Aims to Tackle IoT Device Security Risks

Consumer Reports, Secure Resilient Future Foundation, and others have drafted the "Connected Consumer Products End of Life Disclosure Act." This bill mandates manufacturers and ISPs to clearly disclose the support lifecycle of connected devices, including software and security update durations. The initiative addresses the growing security risk posed by outdated IoT devices, often exploited by malicious actors after support ends. A survey reveals 72% of US smart device owners support mandatory disclosure of device support lifecycles.

Read more
(advocacy.consumerreports.org)
Tech

Online Nostalgia Trip: A Retro Gaming Paradise

2025-01-20

Relive your childhood gaming memories with this website! It boasts a massive collection of online DOS games, Atari 2600 titles, and other classic retro games. A powerful search function and multiple sorting options (by developer, publisher, genre, etc.) make finding your favorites a breeze. Whether you're craving a game of Oregon Trail or another timeless classic, this site is your portal to instant retro gaming fun.

Read more
(playclassic.games)
Game retro games DOS games online gaming

Mastercard's Five-Year-Old DNS Error

2025-01-22

A security researcher, Philippe Caturegli, uncovered a nearly five-year-old error in Mastercard's domain name server settings. This misconfiguration could have allowed anyone to intercept or divert internet traffic for the company by registering an unused domain name. Caturegli spent $300 to register the domain 'akam.ne' to prevent its exploitation by cybercriminals. Mastercard acknowledged the mistake but claimed no real security risk existed. The incident highlights the potential for significant vulnerabilities in even large organizations' DNS configurations.

Read more
(krebsonsecurity.com)
Tech DNS error Mastercard
1 2 498 499 500 502 504 505 506 596 597