Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Using eSIMs on Devices with Only Physical SIM Slots: A 9eSIM Review

2025-01-20
Using eSIMs on Devices with Only Physical SIM Slots: A 9eSIM Review

This blog post details using a 9eSIM SIM card to enable eSIM functionality on devices that only accept physical SIM cards, tested on Android and Linux. The author purchased a 9eSIM bundle including the SIM, smartcard reader, and adapter. Initial setup proved slightly tricky, requiring the SIM card to be used within its original packaging for proper reader connection. Adding, switching, and deleting eSIM profiles was straightforward using an Android app or the Linux command-line tool lpac (and its GUI, EasyLPAC). Tests were conducted with free test eSIM profiles and a paid LycaMobile eSIM, successfully achieving eSIM connectivity on a Debian Linux laptop.

Read more
(neilzone.co.uk)
Hardware physical SIM

OAuth 2.0: Unlocking the World's Most Popular Authorization Framework

2025-01-28
OAuth 2.0: Unlocking the World's Most Popular Authorization Framework

This article provides a clear explanation of the OAuth 2.0 protocol. Using the example of building a code deployment platform, the author illustrates how OAuth 2.0 solves the security issues of sharing user credentials, comparing the advantages and disadvantages of using plain user credentials and Personal Access Tokens (PATs). The article details the three core roles in OAuth 2.0 (Resource Server, Resource Owner, and Authorization Server), and various authorization flows (Authorization Code, Implicit, Client Credentials, Resource Owner Credentials, and Device Code flows), analyzing the security and applicability of each. Key concepts such as access tokens, refresh tokens, scopes, and PKCE are also explored.

Read more
(www.romaglushko.com)
Development Authorization Framework

42: A Powerful Spacecraft Attitude Control System Simulator

2025-01-06
42: A Powerful Spacecraft Attitude Control System Simulator

42 is a comprehensive general-purpose simulation of spacecraft attitude and orbit dynamics, primarily used to support the design and validation of attitude control systems throughout their lifecycle, from concept studies to integration and test. It accurately models multi-body spacecraft attitude dynamics (rigid and/or flexible bodies), and both two-body and three-body orbital flight regimes, simulating environments from low Earth orbit to throughout the solar system. 42 simulates multiple spacecraft concurrently, facilitating studies of rendezvous, proximity operations, and precision formation flying. It also features spacecraft attitude visualization.

Read more
(github.com)
Development spacecraft attitude control simulation

DeepSeek-R1: A Reasoning Model Trained with Reinforcement Learning, No Supervised Fine-tuning Needed

2025-01-20
DeepSeek-R1: A Reasoning Model Trained with Reinforcement Learning, No Supervised Fine-tuning Needed

The DeepSeek team open-sourced its first-generation reasoning models, DeepSeek-R1, and a suite of distilled models. DeepSeek-R1-Zero, trained via large-scale reinforcement learning (RL) without supervised fine-tuning (SFT), demonstrates remarkable reasoning capabilities, though it has some flaws. DeepSeek-R1 addresses these issues by incorporating cold-start data before RL, achieving performance comparable to OpenAI-o1. Six distilled models based on Llama and Qwen are also open-sourced, with DeepSeek-R1-Distill-Qwen-32B outperforming OpenAI-o1-mini on various benchmarks. The project supports commercial use and provides an online chat website and an OpenAI-compatible API.

Read more
(github.com)
AI reasoning

Tattoos and Cancer Risk: A Twin Study Reveals Increased Hazard

2025-03-04
Tattoos and Cancer Risk: A Twin Study Reveals Increased Hazard

A study using the Danish Twin Tattoo Cohort reveals a heightened risk of lymphoma and skin cancer among tattooed individuals compared to their non-tattooed counterparts. Employing both twin cohort and case-cotwin study designs, the research indicates a stronger association with larger tattoos. The researchers hypothesize that ink deposits may interact with surrounding tissue, triggering an immune response and increased cell proliferation, thus raising cancer risk. However, limitations include a lack of sun exposure data and detailed tattoo type classification. Further research is urged to clarify the etiological pathway of tattoo ink-induced carcinogenesis and inform public health policy.

Read more
(bmcpublichealth.biomedcentral.com)
Tech tattoos cancer risk twin study

Chinese Hospitals Lead in Retraction Rates: A Shocking Look at Academic Fraud

2025-02-20
Chinese Hospitals Lead in Retraction Rates: A Shocking Look at Academic Fraud

A global analysis of institutional retraction rates reveals alarmingly high numbers for certain Chinese hospitals, some exceeding the global average by more than 50 times. This surge is largely attributed to young physicians purchasing fabricated papers to meet job promotion requirements. While the Chinese government has implemented measures to combat academic misconduct, the high retraction rates highlight weaknesses in research integrity and the negative consequences of overemphasizing publication numbers. The study underscores vast disparities in research integrity across countries and institutions, and the potential of data analytics in identifying and addressing academic fraud.

Read more
(www.nature.com)
Tech academic fraud retraction rates

Autumn Billing: Evolving from Publishable Keys to Encrypted Server Actions

2025-05-15
Autumn Billing: Evolving from Publishable Keys to Encrypted Server Actions

A company building a billing system explored various approaches to simplify development, ultimately tackling the challenge of secure frontend payment operations. They initially tried Publishable Keys but encountered limitations in security and functionality. Next, they adopted Next.js Server Actions, but this exposed customer IDs, creating a security vulnerability. Finally, they secured the system by encrypting customer IDs within Server Actions, but this approach depends on Server Actions and lacks framework agnosticism. Future plans involve a more general, framework-agnostic solution that simplifies backend setup.

Read more
(useautumn.com)
Development payment systems

Russian Threat Actors Exploit Microsoft Device Code Authentication in Widespread Attacks

2025-02-15
Russian Threat Actors Exploit Microsoft Device Code Authentication in Widespread Attacks

Volexity has uncovered multiple Russian threat actors employing sophisticated social engineering and spear-phishing campaigns to compromise Microsoft 365 accounts via Device Code Authentication phishing. These attacks exploit the less-familiar Device Code Authentication workflow, making them difficult for users to recognize as phishing attempts. The campaigns, often politically themed (e.g., focusing on the US administration), impersonate individuals from organizations like the US Department of State and the Ukrainian Ministry of Defence, luring victims into fake Microsoft Teams meetings or application access. Volexity is tracking three threat actors, one potentially linked to CozyLarch (overlapping with DarkHalo, APT29). The effectiveness of this attack stems from exploiting users' unfamiliarity with device code authentication, bypassing traditional security measures. Volexity recommends organizations block device code authentication via conditional access policies and enhance user security awareness training.

Read more
(www.volexity.com)
Tech russian hackers microsoft 365

Txeo: A Modern C++ Wrapper for TensorFlow Achieving Near-Native Performance

2025-02-21
Txeo: A Modern C++ Wrapper for TensorFlow Achieving Near-Native Performance

Txeo is a lightweight and intuitive C++ wrapper for TensorFlow designed to simplify TensorFlow C++ development while maintaining high performance and flexibility. Built entirely with Modern C++, Txeo enables developers to use TensorFlow with the ease of a high-level API, eliminating the complexity of its low-level C++ interface. Benchmarks show negligible performance overhead compared to native TensorFlow, ranging from 0.65% to 1.21%. Currently supports Linux, with Windows and macOS support planned.

Read more
(github.com)
Development

Building a Mechanical Star Tracker for the ISS

2025-01-18
Building a Mechanical Star Tracker for the ISS

Engineer Ted Kinsman was tasked by NASA astronaut Don Pettit to design and build a mechanical star tracker for capturing high-quality astrophotography images from the International Space Station (ISS). Due to the lengthy testing period for electronic devices, the tracker was entirely mechanical, cleverly utilizing a clock drive from an industrial oven. Gear ratios were adjusted to match the ISS's orbital speed. The device successfully reached the ISS in 2024 and has captured stunning images of the cosmos.

Read more
(petapixel.com)
Tech space

System Informer: Your System Resource Monitoring and Debugging Swiss Army Knife

2025-01-23

System Informer is a free, powerful, multi-purpose tool that helps you monitor system resources, debug software, and detect malware. It provides graphs and statistics for quickly identifying resource-hogging processes, searches for file handles and DLLs, displays detailed system activity overviews, and shows real-time disk and network usage. Furthermore, it allows you to create, edit, and control services, monitors GPU usage, provides detailed stack traces, and offers light and dark theme support. A must-have for system administrators and developers.

Read more
(systeminformer.com)
Development system monitoring software debugging malware detection

Emacs 30.1: Native Compilation, Android Support, and More

2025-02-24
Emacs 30.1: Native Compilation, Android Support, and More

Emacs 30.1 is here, packed with new features and improvements. Native compilation is now enabled by default, resulting in a significant performance boost. Full support for Android has arrived, along with numerous touchscreen enhancements. Other highlights include a built-in JSON parser, improved minibuffer completion, enhanced Org mode URI protocol integration, and countless quality-of-life improvements. This release marks a major leap forward for Emacs.

Read more
(www.masteringemacs.org)
Development Native Compilation

Responsive Hexagon Grids with Pure CSS: A Float-Based Approach

2025-03-20
Responsive Hexagon Grids with Pure CSS: A Float-Based Approach

This article demonstrates creating fully responsive hexagon grids without media queries, JavaScript, or excessive hacks. By cleverly using `clip-path`, `float`, and `shape-outside`, along with CSS variables for size and spacing, a flexible layout is achieved. The technique is extended to create grids of rhombuses, octagons, and more. CSS Grid is employed for centering and overflow control, resulting in a responsive, adaptive grid system with customizable shapes.

Read more
(css-tricks.com)
Design Responsive Design Shape Grids

Hiding Secrets in Emojis: Exploiting Unicode Variation Selectors

2025-02-12
Hiding Secrets in Emojis: Exploiting Unicode Variation Selectors

A Hacker News comment sparked a discussion about hiding information using Unicode variation selectors. This article demonstrates that arbitrary data can be encoded into a single emoji by converting data into a sequence of Unicode variation selectors, remaining invisible after rendering. This method can bypass human content filters or be used for text watermarking, enabling covert information transmission and tracking. While this technique has potential for abuse, it also highlights the complexity and potential security challenges of Unicode.

Read more
(paulbutler.org)
Tech Data Hiding Information Security

Society for Technical Communication (STC) Files for Chapter 7 Bankruptcy

2025-01-29
Society for Technical Communication (STC) Files for Chapter 7 Bankruptcy

The Society for Technical Communication (STC), a long-standing organization, has announced its closure due to insurmountable financial liabilities and declining membership. Despite years of cost-cutting measures and revenue generation attempts, the organization's debt and operational expenses exceeded its income. STC will cease all operations, including membership renewals, educational programs, certification courses, and all chapter and SIG activities. A bankruptcy trustee will manage the closure process and communicate with creditors.

Read more
(www.stc.org)
Misc Technical Communication Organization Closure

The Tyranny of the Ever-Present Smartphone: Reclaiming Our Autonomy

2025-02-26
The Tyranny of the Ever-Present Smartphone: Reclaiming Our Autonomy

The author recounts a visit to a friend's apartment building in Washington, D.C., where every aspect, from entry to elevators to apartment access, required a smartphone app. This experience highlights the pervasive nature of digital technology in modern life, creating inconveniences (for the author, an Orthodox Jew observing Shabbat) and raising concerns about digital addiction and its negative impact on mental and physical well-being. The author argues that over-reliance on smartphones blurs the lines between work and leisure and calls for a movement to provide analogue alternatives – physical membership cards, app-free services, etc. – to reclaim autonomy and resist technological dependence.

Read more
(www.thepublicdiscourse.com)
Misc digital addiction

Gleam 1.9.0 Released: Improved Debugging, Dependency Management, and Performance

2025-03-09
Gleam 1.9.0 Released: Improved Debugging, Dependency Management, and Performance

Gleam, a type-safe and scalable language, has released version 1.9.0 with significant improvements. Key updates include a new `echo` keyword for enhanced debugging, support for Git repository dependencies, performance boosts for bit arrays and list pattern matching in JavaScript, and expanded language server capabilities such as go-to type definition and JSON encoder code generation. Additional improvements include enhanced HexDocs search integration, custom CA certificate support, and streamlined pipeline syntax conversion. This release is a testament to the vibrant Gleam community and its many contributors.

Read more
(gleam.run)
Development

NASA Tech to Boost Car Fuel Efficiency

2025-02-18
NASA Tech to Boost Car Fuel Efficiency

Did you know that three-quarters of the energy in gasoline is wasted as heat? Researchers at JPL are collaborating with automakers to harness NASA's space technology—thermoelectric generators—to convert waste heat from cars into electricity. This technology, used for decades in space exploration, is now being adapted to improve fuel efficiency and reduce carbon emissions. While automotive applications face thermal cycling challenges, JPL aims for a 10% improvement in gas mileage. Future applications could extend to other industries with waste heat.

Read more
(climate.nasa.gov)
Tech thermoelectric generator NASA technology

Conquering Doomscrolling: A Digital Detox Experiment

2025-01-22

The author details their struggle with endless scrolling and their experiment to break free. They deleted numerous apps, installed restrictive ones, and faced unexpected challenges like some apps malfunctioning after removing the browser and Google apps. Ultimately, by deleting entertainment apps, limiting browser access, employing a minimalist launcher, and other strategies, they successfully reduced distractions, improved focus, and gained more time for reading. While procrastination remains, their devices no longer lure them into the rabbit hole, resulting in a calmer and more mindful experience.

Read more
(allthatjazz.me)
Misc digital detox

Blazing Fast Concurrent Hash Map for Go: cmapv2

2025-06-17
Blazing Fast Concurrent Hash Map for Go: cmapv2

This article introduces cmapv2, a high-performance concurrent hash map library for Go. Leveraging the MurmurHash algorithm, it offers both regular and sharded map types for various concurrency needs. Example code demonstrates initialization, insertion, retrieval, and deletion of key-value pairs. The article also details performance testing using `go test` and `pprof` for CPU and memory profiling.

Read more
(github.com)
Development Concurrent HashMap

Ken Thompson's Sneaky C Compiler Backdoor: A Reflection on Trust

2025-02-16

In his paper "Reflections on Trusting Trust," Ken Thompson, co-creator of UNIX, recounts a chilling tale of a self-replicating backdoor he inserted into the C compiler. This backdoor would automatically inject itself into the login program during compilation, granting him unauthorized access. The insidious part? Even removing the backdoor from the source code wouldn't stop the compiler from re-inserting it during compilation. This story serves as a stark reminder of the limitations of trusting software and the inherent difficulty in ensuring complete security, even with source code review.

Read more
(aeb.win.tue.nl)
Development C compiler backdoor

Stop Using Fake Bold and Italics on Social Media!

2025-03-08
Stop Using Fake Bold and Italics on Social Media!

This post details a test showing the inconsistent behavior of screen readers when encountering fake bold and italic text created using Unicode characters. Some screen readers ignore the formatting entirely, while others announce each character individually, leading to a poor user experience for visually impaired individuals. The author stresses the importance of using standard markup like HTML for text styling to ensure accessibility and avoid confusion for screen reader users.

Read more
(adrianroselli.com)
Development screen readers

The Programmer's Pastoral Dream: Escaping Code, Embracing the Soil?

2025-03-24

Many programmers dream of putting down their keyboards and taking up manual labor, such as carpentry or farming. This article explores the reasons behind this phenomenon, suggesting it stems from burnout in modern software work practices and a re-examination of the "self-made man" ideal in American culture. The author, drawing on personal experience, analyzes the complexities of this longing, acknowledging both the romantic idealization of rural life and its harsh realities. Ultimately, the author argues that finding meaning in work lies not solely in economic output but also in community building and a spirit of service.

Read more
(tjmorley.com)
Development programmers rural life

The Definitive Guide to Jens Quistgaard's Dansk Peppermills

2025-01-21

This website is a comprehensive guide to the collection of peppermills designed by Jens Quistgaard for Dansk Designs. Each mill is meticulously documented, detailing its unique shape, model number, grinder type, and production history. The site unravels the stories behind these iconic designs, revealing the evolution of their forms and manufacturing processes. From the earliest all-metal grinders to later plastic variations, this resource is a must-have for collectors and design enthusiasts alike.

Read more
(www.quistgaardpepper.com)
Design Danish Design Mid-Century Modern

Intensional Programming in Joy: Introspection with a Single Operator

2025-02-12

This article explores intensional programming in Joy, a stack-based functional programming language. Joy itself is extensional, lacking the ability to 'dissect' code blocks. The author proposes two intensional operators: 'map' and 'quota', proving their mutual expressibility. While behaviorally equivalent, intensional programs can distinguish a single operator from a subprogram with multiple commands. This opens avenues for exploring weaker notions of equivalence in intensional languages and demonstrates a robust approach to introducing intensionality in minimalist languages like Joy.

Read more
(pithlessly.github.io)
Development Joy language intensional programming

Reverse Engineering a Cheap Indoor Camera: Exploiting Tapo's Security Flaws

2025-09-16

The author bought a cheap Tapo indoor camera to monitor their dog, but this led to an unexpected journey of reverse engineering. To bypass the cumbersome setup process and forced subscription of the Tapo app, the author decompiled the APK, performed a man-in-the-middle (MITM) attack, and wrote cryptographic scripts. This revealed a critical vulnerability: a default password "TPL075526460603". A bash script was created for cloudless onboarding. The process uncovered security flaws in Tapo's firmware, such as inconsistent use of SHA-256 and MD5 encryption and a haphazard password synchronization mechanism. The author successfully configured the camera, only to discover their dog mostly slept.

Read more
(kennedn.com)
Tech

VitoDeploy: Streamlining PHP Deployment

2025-04-02
VitoDeploy: Streamlining PHP Deployment

VitoDeploy, a self-hosted web application, simplifies server management and production deployment for PHP applications, especially those built with Laravel. Developers praise its ease of use, performance, and versatility, with many highlighting its open-source nature. The application now supports SQLite, and a 1.x branch is available for beta testing.

Read more
(vitodeploy.com)
Development Deployment Tool

Itch.io's Payment Processing Predicament: Is Building Your Own System the Answer?

2025-08-16

Itch.io faced backlash after payment processors forced them to remove adult content. Many suggested Itch.io create its own payment system or use one that handles adult material. A seasoned SRE with a background in finance and tech debunks these easy solutions. The article details the immense challenges of building a payment processor: bank sponsorship, licensing, KYC/KYCC compliance, and substantial security and compliance costs. Even finding an adult-content-friendly processor (like CCBill) comes with exorbitant fees and risks. The core issue, however, is that any part of the payment chain can be influenced by political pressure or moral censorship. Switching processors won't solve Itch.io's fundamental problem. The author ultimately pleads for understanding of Itch.io's position and a search for systemic solutions, rather than simple blame or boycotts.

Read more
(voidfox.com)
Tech adult content

Hacking a Toniebox: Privacy Concerns and Community Solutions

2025-07-21

This post details the author's experience reverse-engineering a Toniebox, a children's toy that uses NFC tags to play audio. While fun for kids, the toy relies on cloud services and collects significant user data. The author extracts an SD card to back up audio files and highlights community tools like teddyBench for metadata and audio file processing. The article discusses privacy concerns and community-driven modifications, including custom firmware, man-in-the-middle attacks, and hardware modifications to enhance functionality or protect privacy. The author concludes with mixed feelings, appreciating the toy's appeal while acknowledging its privacy risks.

Read more
(www.schafe-sind-bessere-rasenmaeher.de)
Misc children's toy

Meelo: A Self-Hosted Music Server for Collectors

2025-01-28
Meelo: A Self-Hosted Music Server for Collectors

Meelo is a self-hosted personal music server and web app, similar to Plex or Jellyfin, but with a focus on flexibility and browsing experience. Designed for music collectors, it identifies B-sides, rare tracks, automatically detects duets and features, supports various formats and metadata parsing, and fetches information from MusicBrainz and more. Meelo supports music videos, differentiating them from interviews or behind-the-scenes content. It's available now via Docker images.

Read more
(github.com)
Development music server music collection
1 2 589 590 591 592 593 594 596