Readit Newslarkinrichards commented on YouTube seems to be down youtube.com/... · Posted by u/alexpadula
Love it when the ads load but the video you wanted to watch won't load.
How do you define "minor accident" -- perhaps it was a "minor" accident because no one was injured and no other party was involved?
Last time I bought a car, I found the one I wanted with the note that it had been in a minor accident. I paid for the carfax, and learned that it had some damage and repairs, and had somehow traveled across the country in the process. Limited details, except, the accident had occurred in Florida. $10 later I had the police report. It was a 4wd car and suffered 2 broken axles & broken drive train. not minor in any way.
Article says state says it was clean and never salvage title, just privately considered one by Tesla
Article says "photos of the damage made it look more than minor"
Sounds like buyer was scammed.
> The term "salvage" was a complete shock, but a deeper dive into the CARFAX vehicle history report, which he didn't pull until after the sale, uncovered a "minor accident."
> Photos of the damage made it look more than minor, and a Tesla technician told him the repair work as shoddy.
larkinrichards commented on Why today's humanoids won't learn dexterity rodneybrooks.com/why-toda... · Posted by u/chmaynard
For some nuts and bolts, I myself struggle with it, almost to the point of giving up.
But what the article misses: We can just rearrange our environment to make it easy to interact with by robots. There might be only standardized nuts and bolts, with IDs imprinted so the robots know exactly how to apply them. Dishes might come in certified robot-known dimensions, or with invisible marks on where to best grip them. Matchsticks might be replaced by standardized gas lighters. Maybe robot companies will even sell those themselves.
The article doesn't miss it -- this is exactly the point. We can and will rearrange our environment to support robots, but that means they will never learn dexterity.
offline now. It's a reasonable to expect that this information should not be available in real time to protect parking officers. It's already published daily, as mentioned in other comments.
You'll probably find a high correlation with the street cleaning dataset (if there is one). Nearly all of the tickets at the top of the leaderboard are street sweeping violations.
I wonder if street cleaning is net profitable for the city once you factor in tickets. That would make cutting the cleaning frequency [1] a doubly bad idea.
[1] https://sfstandard.com/2025/02/18/san-francisco-city-hall-st...
there is -- https://data.sfgov.org/City-Infrastructure/Map-of-Street-Swe...
"undergoing maintenance" but spot check of data looks correct to me.
Street cleaning tickets are given efficiently and enforcement is conducted to minimize the time that people can't park. 2-4 parking officers drive in front of the street cleaning vehicles and ticket everyone parked. if you're watching at the time you'll see almost every car on the street pull out in front of the officers, circle the block and park right back in the same -- but now clean -- spot. those that don't get tickets.
larkinrichards commented on 1 bug, $50k in bounties, a Zendesk backdoor gist.github.com/hackermon... · Posted by u/mmsc
Exploit chain--
1. zendesk allows you to add users to a support issue and view the complete issue history by sending a response email to a guessable support email from a person associated with an issue and cc'ing the person to add.
2. Zen desk depends on a spam check for inbound email validity. This check does not appear to catch instances where sender email is spoofed. Zendesk claims this is bdue to DKIM/SPF/DMARC config but I have trouble imagining that 50% of Fortune 500 would get this wrong. There are many automated checks available.
3) Apple issues an Apple ID account to anyone who can receive a verification email Sent to the mailing address (support@company.com)
4) Slack allows you to sign in to a workspace using any Apple ID associated with the workspace domain (e.g. support@company.com)
This researcher reported #2 to hackerone and was declined. Researcher later discovered full exploit with 3 and 4. Did not update hackerone, contacted affected companies directly.
it would have been prudent to update hackerone on the additional finding, but it feels like an easy oversight for a 15 year old after getting rejected on the first round.
Zendesk should take the higher ground and recognize the mistake and correct it. Not get all "ethical mumbo jumbo."
larkinrichards commented on Starship Flight 5 license issued by FAA drs.faa.gov/browse/excelE... · Posted by u/LorenDB
Based on the Oct 12 change log, "changed flight 4 to "starship super heavy" -- this reads that they can perform multiple flights with the same mission profile. So they can do a few quick test catches and avoid relicensing?