mook (u/mook) - Readit News

mook commented on Show HN: Stop AI scrapers from hammering your self-hosted blog (using porn) github.com/vivienhenz24/f... · Posted by u/misterchocolat

vivzkestrel · 2 days ago

or turn your blog into a frontend/backend combo. keep the frontend as an SPA so that the page has nothing on it. have your backend send data in encrypted format and the AI scrapers would need to do a tonne of work in order to figure out what your data is. If everyone uses a different key and different encryption algorithm suddenly all their server time is busted decrypting stuff

mook · a day ago

That makes the mistake of thinking they'll care. Most likely they'll just keep downloading the encrypted garbage and never notice.

mook commented on 10 Years of Let's Encrypt letsencrypt.org/2025/12/0... · Posted by u/SGran

Analemma_ · 11 days ago

I've seen people complain that Let's Encrypt is so easy that it's enabling the forced phaseout of long-lived certificates and unencrypted HTTP.

I sort of understand this, although it does feel like going "bcrypt is so easy to use it's enabling standards agencies to force me to use something newer than MD5". Like, yeah, once the secure way is sufficiently easy to use, we can then push everyone off the insecure way; that's how it's supposed to work.

mook · 11 days ago

Yeah, I hate how it made housing things locally without a proper domain name very difficult. My router _shouldn't_ have a globally recognized certificate, because it's not on a publicly visible host.

There's certainly advantages to easily available certificates, but that has enabled browsers and others to push too far; to be sure, though, that's not really a fault of Let's Encrypt, just the people who assume it's somehow globally applicable.

mook commented on Icons in Menus Everywhere – Send Help blog.jim-nielsen.com/2025... · Posted by u/ArmageddonIt

marginalia_nu · 12 days ago

It's kind of a shame how we keep trying to make icons look uniform, either in color, or in shape.

Like I open the app drawer on my Android phone and there are like 16 different icons, all different Google apps, all are round and various abstract configurations of the same exact four colors.

Feels like we're falling into the same trap that Gothic handwriting did with the minims. Yeah it looks very pretty but it's almost completely illegible since we've taken away all the things that help set icons apart. https://en.wikipedia.org/wiki/Minim_(palaeography)#/media/Fi...

mook · 12 days ago

Yeah, I learned that using Netscape 6 with a row of blue balls for icons; going from the older Mozilla builds with the Netscape 4-style icons it was a definite downgrade. Pheonix had a row of orange balls; they later switched to IE-style icons with distinct shapes, which was better.

The recent Android releases where everything is a squircle really sucks too.

mook commented on Microsoft Download Center Archive legacyupdate.net/download... · Posted by u/luu

socalgal2 · 12 days ago

This is great! But, it feels like it's only a matter of time before it changes ownership and everything is re-bundled with malware. It sucks that I can't get old downloads but it would be nice if they came from official sources. I don't have a solution. But looking for old drivers etc, mostly leads to bad sources.

mook · 12 days ago

Shouldn't the files be signed by Microsoft, with a timestamp signature? That should (barring somebody locating a relevant private key) still mark them as not having been modified.

Of course, how many people would know to check for the signature (especially in the case the site went malicious and therefore wouldn't tell you to do so) would be a different question…

mook commented on What's Hiding Inside Haribo's Power Bank and Headphones? lumafield.com/first-artic... · Posted by u/rozenmd

dcrazy · 20 days ago

The same Anker that recalled over a million devices across five product lines this June? https://www.usatoday.com/story/money/2025/06/30/anker-power-...

mook · 20 days ago

There's widespread issues with power banks in China, with a new CCC certification required, and recently something about upgraded enforcement because previously certified devices having been found to have issues.

I'd rather go with a brand that does proper costly recalls over one that just lets everybody keep the dangerous products around.

mook commented on Let go of StackOverflow; communities must take ownership ahelwer.ca/post/2025-11-2... · Posted by u/tensegrist

andai · 21 days ago

The other day I saw an answer on StackOverflow which was very detailed, well researched, and grounded in decades of experience.

It was also heavily downvoted, because it did not directly answer the user's question. (The user had already selected a winning answer, so this was in some sense unnecessary.)

It struck me that a single scalar for quality was inappropriate here. It was the best post I'd read in a long time, but by the site's rules indeed "deserved" the downvotes.

I had to wonder if a multidimensional system (tags like "answers question" and "general context" etc.) would work better. You know... the stuff every social media site figured out twenty years ago? ;)

---

Tangential but the more I think about it, the more I think we had the web basically right twenty years ago...

You subscribed to what you wanted to see.. and then sometimes you'd find really cool new things through mentions or the comments section.

I was thinking about signal to noise ratio and taste recently and realized I'd reinvented RSS from first principles...

mook · 21 days ago

I think the only place I'd seen voting that wasn't just up or down was Slashdot, and all that did was let the user adjust weights for the dimensions. I do miss their voting though.

mook commented on Shai-Hulud Returns: Over 300 NPM Packages Infected helixguard.ai/blog/malici... · Posted by u/mrdosija

madeofpalk · a month ago

You don't need post-install scripts for this. Use optionalDependencies instead https://github.com/nrwl/nx/blob/master/packages/nx/package.j...

Each of those deps contains a constraint installing only for the relevant platform.

mook · a month ago

As far as I can understand from the documentation, that doesn't actually specify in that config that one of them is required, does it? That is, if they _all_ fail to install as far as the system is concerned there's nothing wrong? There will be runtime errors of course, but that's sort of disappointing…

mook commented on `satisfies` is my favorite TypeScript keyword (2024) sjer.red/blog/2024-12-21/... · Posted by u/surprisetalk

epolanski · a month ago

> TypeScript is a wonderfully advanced language though it has an unfortunately steep learning curve

An extremely steep one.

The average multi-year TypeScript developer I meet can barely write a basic utility type, let alone has any general (non TypeScript related) notion of cardinality or sub typing. Hell, ask someone to write a signature for array flat, you'd be surprised how many would fail.

Too many really stop at the very basics.

And even though I consider myself okay at TypeScript, the gap with the more skilled of my colleagues is still impressively huge.

I think there's a dual problem, on one side type-level programming isn't taken seriously by the average dev, and is generally not nurtured.

On the other hand, the amount of ideas, theory, and even worse implementation details of the TypeScript compiler are far from negligible.

Oh, and it really doesn't help that TypeScript is insanely verbose, this can easily balloon when your signatures have multiple type dependencies (think composing functions that can have different outputs and different failures).

mook · a month ago

It's also terribly documented. As an example, I don't think `satisfies` is in the docs outside of release notes. There's lots more stuff like that, which makes using it kind of frustrating.

mook commented on GitHub partial outage githubstatus.com/incident... · Posted by u/danfritz

lysace · a month ago

Just your casual $3.8T company.

There were so many severe Github Actions outages (10+ ?) in the past year. Cause: Migration to the disaster zone also known as Azure, I assume. Most of them happened during (morning) CET working hours, as to not inconvenience the americans and/or make headlines.

Money doesn't buy competency. It's a long-term culture thing. You can never let go on maintaining competency in your organization. It rots if you do. I guess Microsoft did let go.

mook · a month ago

I thought GitHub Actions (in particular; not the rest of GitHub) was always Azure, because it was initially a fork of Azure Pipelines?

GitHub as a whole, including the previously non-Azure bits, does seem flakier than a few years ago though, for sure.

mook commented on Please stop asking me to provide feedback #8036 github.com/anthropics/cla... · Posted by u/jmward01

Rygian · a month ago

Common misconception.

The banner is required every time there is processing of personal data where consent of required, whether that processing happened thanks to cookies or thanks to any other technical means (1px gifs, JavaScript fingerprinting, etc)

mook · a month ago

Most websites do not need to process personal data (typically for analytics reasons); it's perfectly fine to run without that and only use personal data for transactional reasons, which AIUI doesn't require that sort of consent.