Readit News logoReadit News
didntcheck commented on SmartTube Compromised   aftvnews.com/smarttubes-o... · Posted by u/akersten
spaqin · 24 days ago
That's extremely subjective, but I'd rather save that $14 a month towards retirement. And if YouTube was only available with ads... well, that's no videos for me, maybe for the better, I would waste less time.
didntcheck · 23 days ago
Sure, and you're free to

1. Save $14 for retirement and not watch Youtube

2. Save $14 for retirement and watch Youtube with ads

3. Pay $14 a month for Youtube without ads

The only option that's not fair is expecting private companies and creators to give you entertainment and its delivery with nothing in return

didntcheck commented on GitLab discovers widespread NPM supply chain attack   about.gitlab.com/blog/git... · Posted by u/OuterVale
wonderfuly · a month ago
I'm a victim of this.

In addition to concerns about npm, I'm now hesitant to use the GitHub CLI, which stores a highly privileged OAuth token in plain text in the HOME directory. After the attacker accesses it, they can do almost anything on behalf of me, for example, they turned many of my private repos to public.

didntcheck · a month ago
That's true, but the same may already be true of your browser's cookie file. I believe Chrome on MacOS and Windows (unsure about Linux) now does use OS features to prevent it being read from other executables, but Firefox doesn't (yet)

But protecting specific directories is just whack-a-mole. The real fix is to properly sandbox code - an access whitelist rather than endlessly updating a patchy blacklist

didntcheck commented on Rating 26 years of Java changes   neilmadden.blog/2025/09/1... · Posted by u/PaulHoule
skeletal88 · 2 months ago
Then you need to deploy it on multiple nodes and neex to make sure it only runs once for each run of the cron, etc.
didntcheck · 2 months ago
I believe Quartz is the go-to solution for this. It's not part of Spring but it offers a similar annotation-driven interface, but with distributed locking via a database
didntcheck commented on Redis is fast – I'll cache in Postgres   dizzy.zone/2025/09/24/Red... · Posted by u/redbell
motorest · 3 months ago
> But using it as a cache is a bit concerning in terms of reliability, in my opinion.

This was the very first time I heard anyone even suggest that storing data in Postgres was a concern in terms of reliability, and I doubt you are the only person in the whole world who has access to critical insight onto the matter.

Is it possible that your prior beliefs are unsound and unsubstantiated?

> I have witnessed many incidents when DB was considerably degrading.

This vague anecdote is meaningless. Do you actually have any concrete scenario in mind? Because anyone can make any system "considerably degrading", even Redis, if they make enough mistakes.

didntcheck · 3 months ago
> This was the very first time I heard anyone even suggest that storing data in Postgres was a concern in terms of reliability

You seem to be reading "reliability" as "durability", when I believe the parent post meant "availability" in this context

> Do you actually have any concrete scenario in mind? Because anyone can make any system "considerably degrading", even Redis

And even Postgres. It can also happen due to seemingly random events like unusual load or network issues. What do you find outlandish about the scenario of a database server being unavailable/degraded and the cache service not being?

didntcheck commented on LaLiga's Anti-Piracy Crackdown Triggers Widespread Internet Disruptions in Spain   reclaimthenet.org/laligas... · Posted by u/akyuu
cprecioso · 3 months ago
The ISPs are compelled by judicial order to take down whatever LaLiga tells them to, and LaLiga is telling them to block the entire IP range. They can’t not do it.
didntcheck · 3 months ago
Presumably there's no legal reason why the ISPs couldn't write to all their customers giving "notice of upcoming partial internet service outage, due to the actions of La Liga". It would be factually true

Of course, LL could still give them hell in court even on false grounds (and maybe even win anyway, given the case detailed in the root comment). And in any case there's simply no commercial reason why they would stick their neck out in the first place

didntcheck commented on 14 Killed in anti-government protests in Nepal   tribuneindia.com/news/wor... · Posted by u/whatsupdog
estebarb · 4 months ago
I'm afraid that website was hacked. It only redirects me to fraudulent raffles and casino stuff such as https://cdn.aucey.com/sweeps-survey/1034/es.html
didntcheck · 4 months ago
Same experience here. Their ads repeatedly hijack the tab

Try this instead https://archive.is/zv17z . Not perfect, but the text can still be read behind the popover

didntcheck commented on Hyatt Hotels are using algorithmic Rest “smoking detectors”   twitter.com/_ZachGriff/st... · Posted by u/RebeccaTheDev
lxgr · 5 months ago
Their "NoiseAware" main product line also sounds incredibly dystopian. Apparently, that's a "privacy-safe" microphone listening in rental properties, to "detect crowds gathering"...!?

This type of creepy stuff, together with Airbnb's horrible business practices (last time they wanted access to my checking account transaction history via Plaid!) and enabling scammy hosts, is why I'm back to just staying at regular hotels.

Sad to see some of them are now start adopting the same type of customer-hostile technology as well.

didntcheck · 5 months ago
I suppose in theory you could have a device which doesn't have the storage or bandwidth to record/transmit full audio, but does some heuristics on the device and then transmits a small payload of flags. But in any case I wouldn't want to stay anywhere with an unaccountable black box ready to unfalsifiably charge me

The other commenter is absolutely right that partyers in AirBnBs cause nuisances for local residents, but the owners will have to find another way to sort that out or close up shop

didntcheck commented on Most RESTful APIs aren't really RESTful   florian-kraemer.net//soft... · Posted by u/BerislavLopac
recursivedoubts · 6 months ago
Yes. You used it to enter this comment.

I am using it to enter this reply.

The magical client that can make use of an auto-discoverable API is called a "web browser", which you are using right this moment, as we speak.

didntcheck · 6 months ago
The web browser is just following direct commands. The auto discovery and logic is implemented by my human brain
didntcheck commented on Breaking WebAuthn, FIDO2, and Forging Passkeys   nullpt.rs/forging-passkey... · Posted by u/vmfunc
rlpb · 6 months ago
I'm not sure what this "breaks". Unless a site requires attestation and validates that attestation, a bad software FIDO2 implementation will leave users vulnerable should they choose to use one.

Didn't we already know this?

didntcheck · 6 months ago
If anything I'm worried that corporate security people will hear of "attacks" like this and blindly add "must use attestation with passkeys" to their checklists, and desktop computing will end up in the same state as mobile, where you have to have an unmodified OS install from one of a handful of authorized fiefdoms to log into your bank. It's a long way off, due to the amount of old laptops with no TPM about, but a plausible future

Edit: I may be misunderstanding the scope of attestation in a FIDO/Webauthn context. Is it a legitimate concern that it would lock out other OSes, or would you simply need a hardware key (or perhaps a TPM), but could run what you want above it?

didntcheck commented on Occurences of swearing in the Linux kernel source code over time   vidarholen.net/contents/w... · Posted by u/microsoftedging
gspencley · 6 months ago
I don't personally care about language choices in code, but I'll play devil's advocate and speculate as to why a business might be concerned.

1. Reputational harm in the event that code needs to be shared. Say, the code gets read in court, or an outside consultant is brought in who is given access to the code. The company likely wants to maintain the same standard of professionalism that they expect when their employees write or utter spoken language in the workplace for the same reasons.

2. Similar to #1 but nuanced enough to deserve its own mention: code is a business asset. It can be sold or licensed out. The company may fear that language that it deems unprofessional could depreciate the value of that code in the context of selling or licensing it to 3rd parties.

Personally I think that the fuss over "bad words" is deeply irrational to a religious degree. The idea that arbitrary sequences of phones or characters will cause anyone within ear or eye-shot to become offended is rather absurd. But you can't choose what planet you do business on and, on Earth, there are a lot of silly people.

didntcheck · 6 months ago
> the same standard of professionalism that they expect when their employees write or utter spoken language in the workplace for the same reasons.

Depends a lot on the culture. In the countries I've worked in, anyone trying to forbid profanity in the workplace would be laughed out of the room. The laughter would likely turn to anger if it turned out to be Americans trying to impose puritanism on another country's project

d

u/didntcheck

KarmaCake day1688May 31, 2023View Original