Not to mention if you made one app in college and then didn't keep up with the SDK updates, Google perma-closes the entire Play account such that the only way to publish a new app is by creating a brand new gmail account
Forcing people to keep up with SDK updates is a bad thing in itself. Let people target the earliest possible feature set and make the app run on as many phones as possible rather than showing scary messages to people due to targeting an older API.
I think the problem is that older SDK versions allowed you to do things like scan local WiFi names to get location data, without requiring the location permission.
So bad actors would just target lower SDK versions and ignore the privacy improvements
The newer Android version could simply give empty data (for example, location is 0,0 latitude longitude, there are no visible WiFi networks), when the permission is missing and an app on the old SDK version requests it.
Of course, they don't like this because then apps can't easily refuse to work if not allowed to spy.
Phone companies are required to make sure 911 works on their phones. Random people on the internet aren't required to make sure 911 works on random apps, even if they look like phones.
Yeah I assume that these foreign casinos have pretty weak regulations. In Australia, poker machines are all required to have real-time monitoring software installed and that software can be provided by any vendor, but must be audited by regulators and have remote access allowed.
> Cloudflare will serve them globally, for free, cached at the edge, to anyone who asks. They are not a file storage system. They were not designed to be a file storage system. Nobody at the IETF was thinking about them being used as a file storage system when they wrote RFC 1035. And yet here we are.
Yeah these types of hacker stories kind of bug me. They are sort of in the same vein as "you can eat for free by going to McDonald's and eating a pint of ketchup without ordering anything" or "How I drank and showered for a year using public water fountains" . Or put another way "just because you can doesn't mean you should". Trustless societies kind of suck and forcing society to lower trust by abusing trust kind of makes things incrementally suckier ("trust" here being "it's on the honor system to not abuse DNS to serve static content").
Look, if this was a project on using DNS to replace Dropbox or something, I'd agree with you.
But the demo version of Doom just isn't that large; Cloudflare will host much larger files than that for free via Cloudflare Pages/Workers. This project is clearly meant as a fun proof of concept, not some novel way to host 3 MB for free.
I’ve heard rumors that DNS records are also sometimes used in some steganography-type communications. Great way of passing small messages in a ubiquitous and innocuous system, unlikely to be blocked or raise eyebrows by accessing.
gemini -> gemini://gemi.dev, it has geminipedia, a web to gemini converter reading sites over gemini at great speeds.
irc -> servers from https://bitlbee.org will allow upon connecting to a registered IRC account to several protocols in the server. For instance, XMPP users will appear as IRC users and groupchat can be created as IRC channels. Ditto with Mastodon, Discord...
mail/usenet -> well, except for big attachments and news binaries (free NNTP servers will just serve text) once you used something like mbsync/msmtp to store your IMAP mail locally and send email ondemand (and ditto with Usenet with slrnpull doing the same exact same task for pushing your writtings and pulling down new articles) everything would just work slower, but usable enough as it can be just batch-uploaded/downloaded overnight.
Iodine it's really great for open but paid wifi services behind portals, such as some hotels, airports...
It won't give you broadband speeds but you can at least chat with people, read some blogs or news at https://lite.cnn.com or https://text.npr.org or get some classic from Gutenberg. That's better than nothing.
I've never had great luck getting iodine running anywhere. The one and only success I've had was on an aircraft where, after numerous attempts at different things, the best I could do is connect to an SMTP server and send an email manually.
If you consider information theory, when something has states, you can store data in any system that has multiple states, which means you can store data in any system.
The placement of coffee cups on a table can be used to encode data.
At that point, only your audience needs to know that data is there.
Airplanes and many other captive portals will allow DNS traffic, but restrict everything else. Such things can be used to get free internet in such environments. It is indeed an abuse of protocol, and future protocols are going to make life difficult for everyone to prevent such abuse.
Regulatory compliance. If you want to sell your product to the UK, for example, you have to (see: UK Cyber Essentials). The more you try to expand your market, the more regulations you will run into that are solved with spyware and locked down computers.
Go's net/http Client is built for functionality and complete support of the protocol, including even such corner cases as support for trailer headers: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/... Which for a lot of people reading this message is probably the first time they've heard of this.
It is not built for convenience. It has no methods for simply posting JSON, or marshaling a JSON response from a body automatically, no "fluent" interface, no automatic method for dealing with querystring parameters in a URL, no direct integration with any particular authentication/authorization scheme (other than Basic Authentication, which is part of the protocol). It only accepts streams for request bodys and only yields streams for response bodies, and while this is absolutely correct for a low-level library and any "request" library that mandates strings with no ability to stream in either direction is objectively wrong, it is a rather nice feature to have available when you know the request or response is going to be small. And so on and so on.
There's a lot of libraries you can grab that will fix this, if you care, everything from clones of the request library, to libraries designed explicitly to handle scraping cases, and so on. And that is in some sense also exactly why the net/http client is designed the way it is. It's designed to be in the standard library, where it can be indefinitely supported because it just reflects the protocol as directly as possible, and whatever whims of fate or fashion roll through the developer community as to the best way to make web requests may be now or in the future, those things can build on the solid foundation of net/http's Request and Response values.
Python is in fact a pretty good demonstration of the risks of trying to go too "high level" in such a client in the standard library.
Thr comment I replied to was talking about sending a http requests. Go’s server side net/http is excellent, the client side is clunky verbose and suffers from many of the problems that Python’s urllib does.
I don't understand why new houses don't just have one high quality AC/DC converter so you can just use LED lighting without every bulb needing its own AC/DC converter. I imagine the light bulb cartel wouldn't really like that.
With modern technologies, that's power over ethernet or USB-C. Other comments in this thread point out that the telephone service also routinely used 48V for the ring signal.
However, higher DC voltage is riskier, and it's not at all standard for electrical and building code reasons. In particular, breaking DC circuits is more difficult because there's no zero-crossing point to naturally extinguish an arc, and 170V (US/120VAC) or 340V (Europe/240VAC) is enough to start a substantial arc under the right circumstances.
Unfortunately for your lighting, it's also both simple and efficient to stack enough LEDs together such that their forward voltage drop is approximately the rectified peak (i.e. targeting that 170/340V peak). That means that the bulb needs only one serial string of LEDs without parallel balancing, making the rest of the circuitry (including voltage regulation, which would still be necessary in DC world) simpler.
Every decent LED would then need … a switching power supply. LEDs are current-driven devices, and you get the best efficiency if you use an actual current-controlled supply. And those ICs are very, very cheap now.
The part that would genuinely be cheaper is avoiding problematic flicker. It takes a reasonably high quality LED driver to avoid 120Hz flicker, but a DC-supplied driver could be simpler and cheaper.
> I don't understand why new houses don't just have one high quality AC/DC converter so you can just use LED lighting without every bulb needing its own AC/DC converter.
IEEE 802.3bt can deliver up to 71W at the destination: just pull Cat 5/6 everywhere.
In the commercial/industrial space this may be worth it: how long do these bulbs last? how much (per hour (equivalent)) do you pay your facilities folks? how much time does it take for employees or tenants to report an outage and for your folks to get a ladder (or scissor lift) to change the bulb?
What voltage do you use? Most DC stuff wants low voltage (5-48V), but appliances need higher voltage like AC-level to get enough power over existing wiring. The result is DC-DC converters every place that have transformers now.
The gain from DC-DC converters is small and DC devices are small part of usage compared appliances. There is no way will pay back costs of replacing all the appliances.
LED light bulbs exist exclusively for compatibility with Edison sockets. Every LED fixture I have seen had a single transformer for the entire fixture; and that transformer was reasonably separate from the LEDs themselves.
That's traded off against the increase efficiency of LED lighting, at least compared to incandescent lighting. An LED "equivalent replacement" for a typical incandescent globe is down around 1/10th of the power. A 7Watt LED bulb is typically marketed as "60W equivalent". If that configured as a bunch of LEDs in series (or series/parallel) that need 12VDC, it's right about the same current draw as the 120V 60W incandescent equivalent. (Or perhaps double the current for those of us who get 220VAC out of our walls.)
(Am I just showing my age here? How many of you have ever bought incandescent globes for house lighting? I vaguely recall it may be illegal to sell them here in .au these days. I really like quartz halogen globes, and use them in 4 or 5 desk lamps I have, but these days I need to get globes for em out of China instead of being able to pick them up from the supermarket like I could 10 or 20 years ago.)
It wouldn't work. leds need low voltages, meaning massive wires. you can run the voltage change on ac or dc. Ac just needs a few capacters to smooth the wave out.
> Japan spends ~$5,790 and has the highest life expectancy in the OECD
Is Japan's life expectancy because of its healthcare or culture? I'm pretty sure Americans would not live to the same age as Japanese even with Japanese healthcare because of our low nutrition high sugar diets...
Life expectancy is not a useful health care system comparison because the primary factors that cause divergences between developed countries aren't based in the health system --- they're things like traffic accidents, homicides, drug overdoses, and suicide. Yes, CVD will appear in that list of factors, but it's noisy; despite having structurally the same health care system, states in New England will have Scandinavian CVD outcomes while southern states (some of whom actually do a better job than New England at making care available) have developing-nation CVD outcomes.
What if you throw a transformation step into the mix? i.e. "Take this python library and rewrite it in Rust". Now 0% of the code is directly copied since python and Rust share almost no similarities in syntax.
Ok, but what if in the future I could guarantee that my generative model was not trained on the work I want to replicate. Like say X library is the only library in town for some task, but it has a restrictive license. Can I use a model that was guaranteed not trained on X to generate a new library Z that competes with X with a more permissive license? What if someone looks and finds a lot of similarities?
I think there could be a market for "permissive/open models" in the future where a company specifically makes LLM models that are trained on a large corpus of public domain or permissively licensed text/code only and you can prove it by downloading the corpus yourself and reproducing the exact same model if desired. Proving that all MIT licensed code is non-infringing is probably impossible though at that point copyright law is meaningless because everyone would be in violation if you dig deep enough.
reply