I wasn't aware that Jennifer Shahade got the Grandmaster title.
She's got the Woman Grandmaster title. I think she has two norms for the open International Master title.
Readit NewsOatMilkLatte commented on A $10k poker win changed how I think bbc.com/future/article/20... · Posted by u/cjg
I've been using 0.5% for mental math, rounding down from the lower bound from this study in The Lancet:
https://www.thelancet.com/journals/laninf/article/PIIS1473-3...
I would be surprised if, after this current wave of infections, the percentage of people with antibodies in the US is higher than the low single digits.
Herd immunity without a vaccine is a pipe dream. Our best bet is to massively ramp up testing and contact tracing and really start pushing the number of infections down to a point where parts of society can start functioning again.
> Herd immunity without a vaccine is a pipe dream. Our best bet is to massively ramp up testing and contact tracing and really start pushing the number of infections down to a point where parts of society can start functioning again.
The problem is, a vaccine is also a pipe dream. So we're going to have to all get infected over some sort of timeline that doesn't cause societal collapse. Also known as flattening the curve.
Tired: {"alg":"none"}
Wired: {"alg":"nonE"}
The JOSE standards (including JWT) are a gift that keeps on giving to attackers.
I designed an alternative format in 2018 called PASETO, which doesn't contain the JOSE foot-guns. (I'm pushing for an IETF RFC this year.)
EDIT: Also, this affected their Authentication API rather than their JWT library.
If you use their JWT library, well, it certainly allows this kind of horrendous misuse... but it is not, per se, vulnerable.
I'm going to use PASETO for a personal project I'm working on. If the COVID lockdown ever ends and I have time to work on it. Thanks for building it!
OatMilkLatte commented on L.A. Times to Furlough Workers as Ad Revenue ‘Nearly Eliminated’ variety.com/2020/biz/news... · Posted by u/spking
We've already been seeing this to some degree with harder and harder paywalls--which mostly don't work besides lucrative niche and global brands. But I suspect we're increasingly headed towards a case where quality content is only available to those willing and able to pay for it.
Which is how it worked before the internet.
I‘m not sure why this hasn’t been mentioned by anyone: If you’re unhappy with Elm‘s constraints the obvious solution is to switch to PureScript (purescript.org). It’s basically are more powerful Elm like language with a great FFI and absolutely no constraints how to work with JavaScript. There are also a lot of compatibility packages to provide functions and workflows from the Elm ecosystem.
PureScript is wonderful. But it's a very steep learning curve if you don't already know Haskell, and the documentation tends to lag quite a bit behind the language.
How comes, then, that every year there is a flu vaccine ready before the season starts?
(Warning: very layperson understanding below)
There are many variants of the flu. Most of them are well-enough understood to vaccinate against, and most of those have an already-tested-and-approved vaccine. The yearly flu vaccine is a combination of those vaccines for the strains the public health experts think are going to be an issue that season.
Sometimes they get it right. Sometimes they don't, and we have a bad flu season (see also: this year).
The problem is that people didn't choose Actix only for performance. I personally haven't used Actix, but it seems that all other contenders were lacking in some way, not only performance but also feature sets and flexibility and easiness. And thus we are now left with a horde of safe but otherwise lacking libraries instead of what could possibly be the best of breeds.
Well a lot of the reason other rust web frameworks were lacking was that actix-web was so dominant in the space. If the actix-web project is indeed dead, some other projects (such as warp/tower) will get more attention and hopefully become more feature-complete.
OatMilkLatte commented on Retailers Don’t Like Paying the Fees for Apple Card bloomberg.com/news/articl... · Posted by u/hourislate
Maybe smaller places that can't absorb the merchant fees as easily, but big retail places don't usually charge more for using certain credit cards. It'd probably cost them a chunk of business if they did.
Or their merchant account. I think they disallow charging different prices based on the card type - there was a big blowup a few years back because retailers didn't want to pay the higher fees to accept debit cards, but had to because the debit cards had VISA or MasterCard logos and therefore had to be treated the same way as VISA or MasterCard credit cards.
OatMilkLatte commented on Game Boy Advance “Hello World” Using Zig github.com/wendigojaeger/... · Posted by u/WendigoJaeger
Rust is great for when you're writing a serious, security-critical program that can't have any memory-corruption bugs or data races. It makes writing programs a little more challenging, and sometimes you sacrifice a bit of runtime performance compared to C, but it's often worth it.
But Game Boy Advance games don't really fit that description. GBA games don't accept untrusted input, and nothing bad happens if they're "compromised". (Like, when people discovered arbitrary code execution in Super Mario World, no one was worried about the security implications.) So languages like C or Zig that let you cowboy values directly into specific memory locations can be a better choice.
I'm excited about Zig in particular because the mission statement seems to be "C but nicer" -- you get the same basic programming model, but with things like instance methods, generic types, better macros, arbitrary-bit-integer types and a "crash when hitting undefined behavior" compile mode.
On the contrary - when people discovered an ACE bug in Super Mario World, they PogChamp'd.
OatMilkLatte commented on How “randomizers” are breathing new life into old games arstechnica.com/gaming/20... · Posted by u/Tomte
I would imagine most randomizations render the game impossible, since the first dungeon will require a specific item to complete, and any other item won't help you. Are players forced to leverage glitches? Or is there some way to restrict only to "viable" randomizations?
Randomizers have logic that restricts the way the items can be randomized. For example, in the default mode of the Link to the Past randomizer, you need the boots to get the item off the top of the bookshelf in the library, so that item will never be the boots. You need either the lamp or the fire rod to get through certain caves and sections of palaces, so you're guaranteed to be able to find either the fire rod or the lamp prior to having to complete those palaces.
Using glitches can help you "sequence break", to a certain extent - if you use a glitch called "fake flippers", you can reach certain areas of LttP that would normally require the flippers without having them. You'll never be required to do so to beat a seed in default mode, but doing so can save a ton of time if there's a required item blocked by the flippers and the flippers are a pain to get.
The LttP randomizer also includes "glitches required" modes, where varying levels of glitch execution might be required to complete the game, and the logic is relaxed accordingly.