tiagod (u/tiagod) - Readit News

tiagod commented on Malicious versions of Nx and some supporting plugins were published github.com/nrwl/nx/securi... · Posted by u/longcat

inbx0 · 20 hours ago

Periodic reminder to disable npm install scripts.

    npm config set ignore-scripts true [--global]

It's easy to do both at project level and globally, and these days there are quite few legit packages that don't work without them. For those that don't, you can create a separate installation script to your project that cds into that folder and runs their install-script.

I know this isn't a silver bullet solution to supply chain attakcs, but, so far it has been effective against many attacks through npm.

https://docs.npmjs.com/cli/v8/commands/npm-config

tiagod · 20 hours ago

Or use pnpm. The latest versions have all dependency lifecycle scripts ignored by default. You must whitelist each package.

tiagod commented on A German ISP changed their DNS to block my website lina.sh/blog/telefonica-s... · Posted by u/shaunpud

ballenf · 4 days ago

When domains are seized, does the new "owner" pay the registration renewals? If so, what's to stop someone from doing this:

- create a vanity TLD with high renewal fees

- register a bunch of sites that are mirrors of already seized domains

- mention them in enough places they get noticed

- ???

- profit

tiagod · 4 days ago

These domains aren't being seized, they are being blocked. In this case, as per TFA, they're just overriding the domain nameserver at the ISP default DNS server.

Even if they were actually seized, do you think if the police seize a rental car they'll be paying the rental fee until they give it back?

tiagod commented on Why is D3 so Verbose? theheasman.com/short_stor... · Posted by u/TheHeasman

trjordan · 7 days ago

Man, my first startup in 2010 used protovis, the charting library Mike Bostock built before deciding d3 was the better approach. It was rough to have an 8 month old startup with a core piece of tech that suddenly stopped improving.

My main takeaway from so much of this is that "just a chart" is one of the biggest sources of hidden complexity in displaying useful information to people. It's right up there with "a simple web form" and "a web page with some simple interactivity."

Everybody has a wildly different idea of what good looks like. Defaults will never be right. Personal and global taste changes annually. We clown react (rightly) for constantly reinventing the same 4 wheels, but customers gleefully use new stuff all the time.

It's kind of amazing that d3 has been so durable in the frontend world. It really is a wrapper over a pretty solid approach. And yeah, that approach is complex, but that's the reality of visualization. It's hard to imagine another one that's that good.

tiagod · 6 days ago

I've worked a lot with dataviz over the years, and after fighting so many libraries, I've finally stabilised at plain d3. Even in React projects, I'll just use the d3 primitives and build SVG from that (ignoring all the d3 DOM stuff)

All other libraries will just have a pile of abstractions that will leak everywhere as soon as you deviate from the happy path.

If you just want a bunch of auxillary charts and don't need a ton of control, just use something like ECharts. When you want real creative control over your visualisations, don't bother with anything high level.

tiagod commented on AnduinOS anduinos.com/... · Posted by u/TheFreim

newfocogi · 9 days ago

I made it half way down the page before I realized this wasn’t “ArduinOS”.

I can’t be the only one.

tiagod · 8 days ago

I was confused for a lot longer than I am willing to admit.

tiagod commented on Perplexity Makes Longshot $34.5B Offer for Chrome wsj.com/tech/perplexity-m... · Posted by u/eduction

riku_iki · 16 days ago

Why would they pay so much money for Chrome? They could just fork chromium for free? 34B is just for web address?

tiagod · 16 days ago

A lot of people think The Internet == Chrome == Google

tiagod commented on Ultrathin business card runs a fluid simulation github.com/Nicholas-L-Joh... · Posted by u/wompapumpum

donohoe · 20 days ago

If they used a sans-serif font then they would have nailed it

tiagod · 20 days ago

I sort of like it. Looks like a Neon Genesis Evangelion episode card

tiagod commented on Encryption made for police and military radios may be easily cracked wired.com/story/encryptio... · Posted by u/mikece

tonetegeatinst · 21 days ago

I believe TETRA was already vulnerable to being broken based of some research that a group did into the protocol. They showed a proof video but didn't release any technical info or poc due to security fear.

tiagod · 20 days ago

TFA literally starts by saying that.

tiagod commented on The 1090 Megahertz Riddle: A Guide to Decoding Mode S and ADS-B Signals books.open.tudelft.nl/hom... · Posted by u/toomuchtodo

tiagod · 22 days ago

Section 1.2 reads:

>The concept of PSR is fairly simple. It is a rotating radio transponder with an omnidirectional antenna.

Shouldn't it be a directional antenna?

tiagod commented on Cloudflare vs. Perplexity haebom.dev/archive?post=q... · Posted by u/haebom

timpera · 22 days ago

I don't know why, but this article reads like it's written by ChatGPT (not saying it is!).

Anyway, I find this debate fascinating. On one hand, Perplexity's behavior is sketchy. On the other hand, it really feels like Cloudflare wants to be a middleman to the web and collect a 30% fee, which seems like a bad idea.

tiagod · 22 days ago

It definitely looks like someone gave an LLM the Cloudflare article and asked it to put it in other words.

On the other hand, it has mistakes I wouldn't expect from AI, like writing "Here's how Cloudflare bypasses Perplexity's crawling", which is the wrong way around.

tiagod commented on Wikipedia ordered by Portuguese courts to censor articles and provide user data en.wikipedia.org/wiki/Wik... · Posted by u/tiagod

dredmorbius · 22 days ago

You can also email mods directly at hn@ycombinator.com, though response times had been lagging (hopefully faster now that @tomhow is a public team member).

tiagod · 22 days ago

That's what I did :) I got a quick response and fix.