The calls to the ipinfo.io API are blocked by Firefox Enhanced Tracking Protection. No results for Location or ISP without turning that off.
Readit Newskam commented on Show HN: Traceroute Visualizer kriztalz.sh/traceroute-vi... · Posted by u/PranaFlux
I didn't even really realize it was a SPOF in my deploy chain. I figured at least most of it would be cached locally. Nope, can't deploy.
I don't work on mission-critical software (nor do I have anyone to answer to) so it's not the end of the world, but has me wondering what my alternate deployment routes are. Is there a mirror registry with all the same basic images? (node/alpine)
I suppose the fact that I didn't notice before says wonderful things about its reliability.
> Is there a mirror registry with all the same basic images?
kam commented on OrioleDB Patent: now freely available to the Postgres community supabase.com/blog/orioled... · Posted by u/tosh
Great, thanks for this - we’ll make sure we have something in place
You could put it under a "PostgreSQL OR Apache-2.0 at your option" dual-license, so all contributors give you their code under both licenses, instead of needing to re-license later. The Rust project does this (MIT OR Apache-2.0) to get the patents clause from Apache while retaining compatibility with MIT and GPL.
Car companies do care if their cars are easy to break into and will improve the security of newer models, even if any particular theft is not their fault.
If they don't do that then their reputation will suffer and governments might take notice. So, in practice, big companies do have to care about their users, not individually but in aggregate.
That's a bad analogy. No one is complaining about Google providing Android security updates.
This is like a car manufacturer preventing the installation of all unapproved aftermarket accessories by claiming they're protecting you from a stalker installing a tracker on your car.
kam commented on Emailing a one-time code is worse than passwords blog.danielh.cc/blog/pass... · Posted by u/max__dev
edit: kam corrected me below.
The browser that initiated the request is under the control of BAD in step 3.
kam commented on OSS Rebuild: open-source, rebuilt to last security.googleblog.com/2... · Posted by u/tasn
Author here!
Both nix and guix are exciting projects with a lot of enviable security properties. Many here can attest that using them feels like, and perhaps is, the future. I see OSS Rebuild as serving more immediate needs.
By rebuilding packages from the registries people already use, we can bring some of those security properties to users without them needing to change the way they get their software.
Nixpkgs pulls source code from places like pypi and crates.io, so verifying the integrity of those packages does help the Nix ecosystem along with everyone else.
kam commented on Shipping WebGPU on Windows in Firefox 141 mozillagfx.wordpress.com/... · Posted by u/Bogdanp
- Streaming point cloud data setsnover web browsers (used by many surveying and construction companies, as well as geospatial government agencies).
- Visualize other scan data such as gaussian splat data sets, or triangle meshes from photogrammetry
- Things like google earth, Cesium, or other 3D globe viewers.
It's a pretty big thing in geospatial sciences and industry.
What improvements does WebGPU bring vs WebGL for things like Potree?
kam commented on Show HN: Icepi Zero – The FPGA Raspberry Pi Zero Equivalent github.com/cheyao/icepi-z... · Posted by u/Cyao
If I understood correctly, the ECP5 FPGA can be designed for with open source tooling [0][1], which makes this even more awesome.
OP, if you are planning to commercialize these, try to confirm compatibility, that will definitely make it more attractive!
[0] https://hackernoon.com/getting-started-using-open-source-fpg...
The examples in the repo are using the open-source yosys + nextpnr tooling.
kam commented on I use zip bombs to protect my server idiallo.com/blog/zipbomb-... · Posted by u/foxfired
Isn’t this basically a question about the halting problem? Whatever arbitrary cutoff you chose might not work for all.
No, compression formats are not Turing-complete. You control the code interpreting the compressed stream and allocating the memory, writing the output, etc. based on what it sees there and can simply choose to return an error after writing N bytes.
That's not how I understand it. Do you have a source?
"Starting in September 2026, Android will require all apps to be registered by verified developers in order to be installed on certified Android devices."
https://developer.android.com/developer-verification
> Android Studio is unaffected because deployments performed with adb, which Android Studio uses behind the scenes to push builds to devices, is unaffected.