litchralee

joined 3 years ago
[–] litchralee@sh.itjust.works 0 points 3 hours ago

TUI users have much less tolerance for "lag"

In a lot of ways, I think software that harkens back to an older era understood the assignment exceptional well: when you're working on a glass TTY attached to a 9600 baud modem via a microwave network to the university computer in the next state over, the latency from the connection itself was pretty bad. So to then have inefficient software that "lags" would be intolerable.

Fast forward to the present day, with broadband and 1 ms latency, it's less of a concern, sure. But good software remains good software, even if the environment has improved. And for some, my work often travels with me aboard the train, where the congested 4G backhaul really makes me appreciate the miserly bandwidth of vim and SSH.

I also find myself reconfiguring systems that only have no editor installed except VI (and sed, lol) due to disk constraints. So while the command set is grossly reduced from vim, they have similar commands and workflows that I can maintain proficiency even in these sparse environments.

"Lowest common denominator" software definitely has its use-cases.

[–] litchralee@sh.itjust.works 6 points 13 hours ago

Without knowing which medication, there can only be speculation as to why it requires a specific quantity of water. And even then, the best source of authority would be to ask the doctor for the reason.

[–] litchralee@sh.itjust.works 7 points 5 days ago* (last edited 5 days ago)

Is that something you're looking for? As a practical matter, the effort to maintain multiple release branches and backports -- compared to the norm of just maintaining a single main branch -- is an outsized effort, available to only well-funded FOSS projects, usually by having an industry sponsor that makes it a priority.

I posit that the grand majority of selfhosted FOSS software, by project count, do not have back ported branches. And so production environments will want to set up an offline validation setup to evaluate update, prior to making the switch. Not convenient, sure, but not exactly insurmountable either.

At some point, some amount of responsibility for use of FOSS software must fall upon the users, or else the project is less about creating value by building up the commons for software, and more on the exploitation/abuse of the volunteers.

[–] litchralee@sh.itjust.works 10 points 5 days ago (2 children)

Downside: breaking changes are fairly common AFAIK.

By my extremely cursory reading, this stopped being a problem after the v2.0.0 release, when they adopted semantic versioning. According, breaking changes would only occur when the major version number is rolled. And version v3.0.0 was just released 5 days ago, whereas v2.0.0 was released in October 2025.

It may be down to taste, but I view 9 months as being acceptable, given the breadth of features offered and the folks willing to put effort into the project.

[–] litchralee@sh.itjust.works 7 points 5 days ago* (last edited 5 days ago)

There are indeed places where large amounts of human activity takes place underground, often being metro systems and their associated retail spaces; Tokyo Station in Japan comes to mind as having an underground mall attached to it.

But the same caveats for underground construction of transportation systems also apply to all other underground structures that humans would like to build. Consider the differences between ground conditions in: the San Francisco Bay Area, Denver, and New York City.

The Bay Area is the outlet for major rivers in northern California, bounded by mountain ranges on virtually all sides. The surface is either a thin covering of soil atop this mountain rock, or is a layer of looser soil or mud, made from the sediments carried in by those rivers. This makes for fantastic agricultural conditions but presents a real risk of liquifaction when there's an earthquake. While an underground structure wouldn't fall over -- because it's within the ground -- it could certainly lose its supports unless it has piles all the way down to the rock. And that's only buildable on the narrow shoreline region where there's sufficient depth before hitting the rock layer.

With Denver, it's basically all rock, so to build within the rock would require blasting it away and building within the hole, or to build normally then bury the structure in fill, so that it's below grade.

With NYC, it's a different story because the ground conditions make it fairly easy to dig tunnels and drive piles, and the bedrock layer beneath Manhattan is strong enough to support the weight of supertall-class skyscrapers. On this point, the New York Fed's Gold Vault is in the basement in Manhattan, precisely because the volume of gold inside would be a serious strain on any foundation and the geology beneath.

All that said, the surface conditions in some extreme climates may warrant building underground, or avoiding the underground outright. Burying a dwelling in New Mexico would make a lot of sense, due to the hot and dry Southwestern climate. But in Alaska, an underground dwelling would cause melting of the permafrost layer below, resulting in a similar situation to liquefaction. I suppose this can be mitigated, but it would be a monumental effort, akin to Camp Century in Greenland. That project was abandoned due to changing ice geology.

[–] litchralee@sh.itjust.works 3 points 5 days ago* (last edited 5 days ago)

I generally shy away from downvoting even things I dislike. I don't want to fall into an echo chamber where all I see are only the things I agree with.

This is not how Lemmy works. If you don't ever up or down vote anything, and if you have your client hide the up/down votes on all comments and posts, you will still see the same content as someone who prodigiously votes. Votes here are, in the truest possible way, optional.

But for people who do utilize up/down votes, they are a signal. Sometimes they're a weak signal, sometimes a bad signal, and yet other times might be a strong signal from the community. How to evaluate the signal is a matter of continued debate.

Now, as an aside, a major difference in the Fediverse compared to commercial social media networks is that the block functionality here is used for more than just dodging abusers. Precisely because there is no algorithm, blocks and mutes are how users curate what they don't want to see. This alone does not create a so-called online echo chamber, the same way that most people don't want to see a steaming pile of poo on their morning walk. People reasonably deserve to have a pleasant experience online. And depending on their life circumstances, this might be a lot better than their IRL situation.

[–] litchralee@sh.itjust.works 2 points 6 days ago

You can, of course, engineer reliable things from unreliable components.

I think the only way this statement can hold true in all circumstances is if we select an arbitrary boundary for what constitutes "reliable". And that's no small matter, because the threshold of reliability in a consumer IoT device would be inappropriate in a commercial or automotive setting, would be deeply wrong for industrial personnel safety, would be manifestly unlawful for a military or aerospace application, and potentially fatal for medical use.

Engineering is all about balancing a set of objectives, be it cost, time to market, efficiency, size, weight, or competitive advantage, and more. Doubling up as a way to improve reliability necessarily implicates size, complexity, and efficiency, but that's tolerable for large data centers where the customer counts servers by the number of floors, not the number of Rack Units (RU). But no one would accept installing two pacemakers because one of them might fail early; that's an intolerable solution to the product's base objective.

As it happens, most USA jurisdictions only require a single brake on a bicycle, and it doesn't even have to be on the more-effective front wheel. But the idea in law is to enforce the absolute minimum of requirements: having no brakes at all is where the line has been drawn, for a mode of transport that rarely gets above 50 kph (~30 MPH). But even then, all commercial bicycles for sale must have two brakes, so the law implicitly allows for some lost redundancy, because even one brake should be enough.

Could a bicycle brake be developed such that it is inherently always able to stop? Likely yes. Would it appreciably improve macro safety objectives such as by reducing collisions with stationary objects? No, not really.

And that's the rub: just because engineers can double up things to get more redundancy, is this any better than the alternative? If an LLM is used as a search engine, is that appreciably better than using "grep", a battle tested, secure, locally-ran application with a lineage harkening back to the 70s?

The drawback with inherent unreliability is that it can only be statistically reduced, but never eliminated. NASA understands this risk better than most, because cost pressures mean they can't be using military-grade hardware for everything. Perhaps then, it can be better said that engineers also have to balance risk in their decisions, and as it stands right now, the risk/uncertainty for LLM output is unquantifiable by any existing approach.

Academics have long been researching ways to make LLMs "safe", so that their outputs are constrainted in concrete ways. But I believe they've long concluded that the current approach of generative transformers simply cannot have safety "bolted on" after the fact. New constructions for machine learning will have to be invented with safety from day zero. The academics continue to work on that, while the commercial AI vendors are barreling ahead with LLMs, in spite of their risks and in the pursuit of a return.

I've not seen anything that would suggest the academics are wrong, nor that industry has managed to produce large safety or reliability improvements, so at this point, I only see a plateau and dead end for the industry. Maybe if the industry would put more into R&D and theoretical work, this would be a lot more graceful as they run up against the buffer stops.

[–] litchralee@sh.itjust.works 6 points 6 days ago* (last edited 6 days ago) (1 children)

If a Nintendo Wii counts as retro, there's at least one person hosting a website using one: https://infosec.exchange/@alexhaydock/114377262481451962

But that was (incredibly!) able to run a prebuilt version of NetBSD, which had drivers for the official Wii USB LAN adapter. If instead there's a piece of hardware that can boot an OS but doesn't have a network interface device, then SLIP could be useful. Here's a vape hosting a website: https://bogdanthegeek.github.io/blog/projects/vapeserver/

And if still, said retro device has no concept of IP or networking, can it at least speak serial over a 300 baud modem?

[–] litchralee@sh.itjust.works 2 points 1 week ago* (last edited 1 week ago) (1 children)

Then there is the modern usage of the terms which seem to vary based on who invokes the[m]

I think the thing to keep in mind is: 1) words evolve over time, and 2) the people using those words might be abbreviating what they actually mean, because they don't know that there's another related concept that is named similarly. The best example of the first is how "truck" in the 1910s meant what we now call a "hand truck", and "car" from that era meant traincar. Whereas in the 2020s, "truck" and "car" both refer to automobiles, and we had to create the backronyns of "hand truck" and "rail car" to avoid confusion.

I don't think your theoretical understanding of Marxism is wrong -- though I've not read enough to confirm -- but I would hazard against using other people's wrong definitions and usage guide your own understanding. If you understand the ideology, then it's a matter of rendering it using the right words; that is, it becomes a communications problem.

For example, Republican politicians will use the term socialism to mean communism and vice versa

I would especially not suggest relying on right-wingers to properly use -- let alone understand -- left-wing ideology, since their objective is to denigrate leftists through FUD and infantile repetition. Basically, the maxim of "if enough people are 'talking' about something, it must be controversial" or "I'm just asking questions bro", neither of which are anywhere approaching a good-faith discussion on the merits.

Some politicians like Mamdani or Bernie will describe socialism to mean a more humane type of capitalism that has other priorities other than pure profit seeking

How the two use the word "socialism" is almost always understood as a shorthand for what Europeans would call "social democracy". So it's definitely on the list of valid implementations of socialism, but is specifically about reforming an openly capitalist system into something more egalitarian. That said, "social democracy" still leaves out a lot of details which need clarification: do Mamdani or Bernie support (re)building the social safety net? Does the state need to also own railroads the same way that they own highways? For the former, there's the standalone word "welfare state", but I'm not aware of a compound phrase that means "social democratic welfare state", if that even describes Bernie or Mamdani at all. I'd certainly love a word that means "social democratic welfare railway state" but nothing has caught on.

I think that should underscore my point: even after resolving exactly which word they might be abbreviating, there aren't enough short words to succinctly describe any particular ideology. Rather, the words are useful to get a rough idea of a person's views, but ultimately, every one and every candidate is going to have a slightly different take on certain questions.

Some people use communism to describe an authoritarian system that has no regard for human agency

I personally refer to this definition as "Stalinist communism", because it does accurately describe how the USSR was operating under Stalin. Essentially, it wrapped a cult-of-personality in the trappings of communist thought, though people like Trotsky pointed out how communism could be done much differently. Obviously, history is quite clear that the Stalinist approach was not adopted as-is by any other country, nor retained in the USSR after Stalin's death. Indeed, I've never come across anyone who genuinely refers to themselves as a Stalinist or who seriously proposes to the adoption of Stalin-style, top-down authoritarian communism. Maybe some right-wing Russians do, but idk. My point is that, like the Republican examples above, Stalin and authoritarian communism is usually only brought up as a "thought terminating answer" rather than to seriously debate the merits of communism, either theoretically or practically.

multiple people will have multiple definitions that most often don't align with how Marxists describe communism and socialism

Yes, because they're usually talking past each other about different things. Being able to detect which definition someone means to use, that's a skill that you can develop for yourself, to have a clearer picture than they do.

I'm primarily writing this comment because I abhor the idea that an idea -- it could be anything, from rocket science to theorrtical mathematics -- is perceived as being an arena where everyone is just making up stuff, and if that should lead to people becoming turned off the idea of studying it for themselves, that's a net-negative. No doubt, some countries, politicians, and agencies want to denigrate or prop up their own definitions, but that just makes it easier to identify fake socialists and "communists in name only".

The merits and failures of socialism and communism deserve to be comprehensively hashed out in the public mind, and it only serves the status quo that this not happen. And the longer the conversation is delayed, the more that the indisputable ails of the status quo will take more victims.

[–] litchralee@sh.itjust.works 26 points 1 week ago (2 children)

There is definitely a difference, and they are not interchangeable. I'll let other people chime in with a rigorous definition for communism, but at a minimum, it must have abolished the state and social classes entirely. So one could say that communism is at the very end of the road, and the various flavors of socialism are the routes to get there.

Various flavors of socialism? Yes, I've written an earlier comment about that, and another one here. In brief, there are many ways to move beyond capitalism.

[–] litchralee@sh.itjust.works 4 points 1 week ago (2 children)

but electricity will always run the path of least resistance, which will invariably be the metal gazebo if they're close enough.

Not according to the USA National Weather Service:

The presence of metal makes absolutely no difference on where lightning strikes. Natural objects that are tall and isolated, but are made of little to no metal, like trees and mountains get struck by lightning many times a year.

[–] litchralee@sh.itjust.works 9 points 1 week ago* (last edited 1 week ago) (1 children)

Despite the USA being somewhat of a political pariah at the moment, it has long been the case that American universities are desirable from an educational perspective and for "clout". Not to say that TU Delft or anywhere else doesn't have name recognition, but being a fully English instruction on a continent with few neighbors, it is a very "exotic" destination to go study at.

With Hollywood and media hyping up the American collegiate experience (eg red Solo cups, fraternity/sorority life, binge drinking, road tripping for spring break, etc), even some non-research public college systems like the California State University (CSU) system will receive international students, while the research-focused University of California (UC) systems remains in the top tier of public American universities, making it extra exclusive, akin to the East Coast's Ivy League schools.

From the university's perspective, they have a commodity they can market to an international audience, so why not charge more? As for why these colleges are behaving like capitalists -- especially the public universities -- it is because of chronic state underfunding: the USA federal government does not pitch in very much to the universities, except as research grants. And when push comes to shove, state legislators will cut university funding, meaning more has to be paid for by students. Some states even slash school funding and then try to replace it with state lottery proceeds, which means schools are only well-funded when there's a gambling epidemic...

Now in your case, it should be noted that the University of Southern California (USC) is a private university, that regularly jostles with UCLA (a UC campus) for the highest ranking as a college in southern California. Accordingly, they are priced similarly for international students but not for domestic students: the UC system first-and-foremost must serve its constituent citizens, so to keep tuition low for in-state students, they will raise the price of out-of-state or international students. USC and other private colleges would follow suit, because free extra money.

We haven't privatized the public universities in the USA, but they're almost operating as though they already have been, charging as much as the market can bear.

 

The convention in the USA for old urban centers and new suburban sprawl is to construct a street or road with a crown that drains rainwater to gutters along both sides of the road, then have storm drains to convey the water from the gutter to some nearby creek or tributary. But why?

Wouldn't it be easier to construct the road in a roughly canal shape, so that rainwater drains towards a single V-shaped gutter at the road's center? This would cut the number of storm drains by roughly half, prevent leaves from falling directly into a drain and clogging it, make it possible to clear a drain by driving a streetsweeper over it, and also prevent a clog from flooding adjacent properties, since the road itself can temporarily impound more water until municipal authorities can clear the blockage (whereas side gutters would invariably flood the sidewalk and carry sharp debris that would damage tires entering a driveway).

Furthermore, a center drain can be built once and then retained as-is each time a suburban arterial needs expanding -- "just one more lane, bro" -- whereas side gutters are regularly demolished and rebuilt to accommodate additional lanes. By routing water away from the edges of the road, sidewalks avoid freeze/thaw cycles, and the road surfacing can be continuous from the curb: no more bike lanes in the gutter. As a convenient benefit, the "drop" off at a curb-cut from a driveway to street level would cease to exist.

And where required to improve water quality due to runoff pollution, a center drain can be excavated and rebuilt as a linear stormwater retention pond, where moderate stormwater can filter into the local soil slowly, with a predefined overflow level that will drain to the existing stormdrain pipes. This is already done for both surface parking lots as well as Interstate highways, so it's not an unproven design.

Narrow alleyways in older cities do use a central drain, so I can't see why the idea stops making sense for larger streets and roads. The only drawbacks I can envision are aesthetic -- a neighbor's excessive lawn irrigation would draw a wet line across half the street -- and that the center channel would also carry leaves and wayward soccer balls into the middle.

But even still, that doesn't seem worse than the status quo: gutters attract all sorts of detritus, but it's usually hidden beneath the wheels of parked cars until something punctures a tire. And at least in water-starved California, irrigation runoff deserves to be noticed and called out so that it gets fixed. There may even be some small road safety benefit from having a V-shape channel in the center, since it would unmistakably divide opposite sides of the street.

For larger arterial roads that have trees in the center, this seems like free irrigation and water pollution control. It even works when the center traffic lanes are converted for running a tram or light rail train.

What am I missing here?

 

cross-posted from: https://sh.itjust.works/post/61250326

A crafted MeshCore node name could compromise any Home Assistant instance running meshcore-card as soon as someone viewed a dashboard with that card.

The same XSS (cross-site scripting) pattern appears to be present in MeshCore-Home-Assistant-Panel-v2 and its HACS variant

To be abundantly clear, and the post goes into detail why, this is not a bug in MeshCore but rather in how web dashboards are not properly sanitizing untrusted input. In this case, the untrusted input is via a field that any malicious MeshCore node could send.

Well worth a read and a follow on their Mastodon.

 

A crafted MeshCore node name could compromise any Home Assistant instance running meshcore-card as soon as someone viewed a dashboard with that card.

The same XSS (cross-site scripting) pattern appears to be present in MeshCore-Home-Assistant-Panel-v2 and its HACS variant

To be abundantly clear, and the post goes into detail why, this is not a bug in MeshCore but rather in how web dashboards are not properly sanitizing untrusted input. In this case, the untrusted input is via a field that any malicious MeshCore node could send.

Well worth a read and a follow on their Mastodon.

 

A reasonable overview of the MeshCore architecture and tunable parameters.

Probably the only part I don't agree with is the idea that the companion/repeater dichotomy is an inherent part of the MeshCore architecture. I don't believe it is, although it's certainly part of the practical implementation. That is to say, if someone wants to use MeshCore purely as a private point-to-point link, then they can jettison the motions of companions and repeaters entirely. As a person to person mesh network, though, companions and repeaters are essential. The distinction I'm trying to draw is that MeshCore can be a lot more than text messages sent amongst friends.

While reading, the explainer for the three-tier t delay seemed especially analogous to me to how circuit breakers are arranged: a nearby power strip might have a fast-tripping 15 amp thermomagnetic breaker, the upstream main panel might be using a 20 amp curve B (moderate trip rate) thermomagneric breaker, and the utility might be using a magnetic 400 amp breaker. By their nature, thermomagneric breakers will handle localized faults that are 3-5x the rating, while the utility's magnetic breaker will trip precisely at 400.1 amps, to protect line-side equipment. Whereas if the utility breaker tripped first, it would unnecessarily black out a whole neighborhood.

Also observe that MeshCore's "flood-then-direct" behavior is identical to that of Ethernet (ie unknown unicast, then unicast), except that Ethernet frames do not get appended with the network path as they progress, which is akin to the postal service where letters arrive at their destination but with no indication of the routing. Accordingly, the MeshCore sender necessarily reserves space to store the mesh route, choosing a tradeoff between node-count (up to 64) or granularity (up to 3 bytes per repeater). This seems complex, but just like with the tax code, complexity is necessary to handle every reasonable scenario.

I will also reiterate the ongoing bug in MeshCore's encryption, which is the use of AES-ECB in the year 2026. Although it's AES-256, ECB has been a known encryption vulnerability for decades and should not have been used in the MeshCore spec. Meshtastic appears to have avoided this particular foible.

Note: the author's blog mentions in the About page that some AI is used to assist in his writing.

 

Background: I spent 40 minutes typing up a reply to a different post, but decided that it ran on for too long. I'll include it at the bottom, but I'm curious to know how much cash is still used in this country.

Certainly, a like-for-like Giro (Europe) system doesn't exist in the USA, with ACH, checks, and Zelle almost filling the void -- albeit incompletely -- which I suspect is responsible for the remaining cash utilization. But is that right? Is cash only used for when there isn't another option? Or is it a matter of consumer preference?

I can understand tipping in cash, or paying for a Craigslist purchase in cash. But maybe I'm missing another dimension? Do some folks pay rent in cash? Or taxes? I'm genuinely curious, but please make sure not to dox your finances in the comments.


My original comment

It's annoying when they get suspicious of a 25k USD withdrawal for instance (even if you managed to prove the purpose of such a withdrawal, it remains at the banks discretion whether they'll approve the transaction).

Let's break this down into multiple points:

  1. Suspiciousness of a 25k USD cash withdrawal
  2. Suspiciousness of a $25k USD electronic or check withdrawal
  3. Necessity to "prove the purpose" of any withdrawal
  4. Bank discretion and considerations regarding withdrawals
  5. Necessity of approval by the bank

I don't believe any of these five points are actually issues. As background, cash withdrawals within the USA are still very commonplace, as the country is fairly rather cash-centric when it comes to businesses, due in part to the lack of a system like Giro (Europe) that has both low, fixed transfer costs and can be sent or received by third-parties. The Federal Reserve's ACH system requires established relationships between accounts, whereas Giro does not. Debit card systems aren't a replacement for Giro either. Zelle (USA) is closer, but still isn't quite as full-fledged. Hence, businesses often deal in cash, pay employees in cash, and consumers pay other individuals in cash (eg buying an automobile).

To that end, for point 1, $25k as a cash withdrawal is not a daily occurrence but it does happen. I can't really think of ever paying for a private party used car by check, and such a cash-heavy transaction is often performed at the buyer's bank, so the seller is assured that the cash is good. In this setting, requesting to withdraw $25k cash is ordinary and mundane, if done very rarely. I doubt even prolific car buyers have this problem, but would be open to hearing evidence otherwise.

For point 2, electronic and check withdrawals have even less suspicion than cash, because they always leave traceable evidence. Money laundering concerns are reduced because the entire money trail can be reestablished later, whereas as cash can easily disappear or be "forgotten". To that end, the suspicion isn't about the cash amount but the source and destination. Even a $1 million check is not suspicious, if it's coming from a law firm's client account to a client's personal bank account. That is, again, a thing that happens fairly regularly. More down to earth, people can and do pay housing deposits by check, and property taxes are often drawn electronically. When one or both accounts to a transaction is prominent and established, there is a low probability of money laundering.

Point 3 is often though to be an issue, due to confusion about regulations for bank clerks on when to file a Suspicious Activity Report (SAR). Bank tellers are required to follow Federal Reserve regulations that aim to prevent abuse of the American financial system for money laundering. An SAR must be filled in whenever the teller: a) thinks money may be laundered, or b) the transaction is above the bank's or regulation's fixed amounts. The latter is often pegged at $10k, so this is where people think that it's disallowed to withdraw over $10k. This is not correct.

An SAR is something the teller fills in, and to do that, they might ask the customer some questions about the transaction. For the grand majority of people, the purpose is quite simple: cash purchase of a car, housing down payment, loan for a friend. Would the teller know if the customer is lying? Nope, not at all. But the SAR forms part of a trail of records, so that money laundering investigators can trace funds in the future. But note that the clerk can fill in an SAR for any type of transaction, including checks, and don't strictly need the customer's truthful answers (or any answers) anyway. An obligation to fill in an SAR does not prevent the transaction from going through. It's a speed bump, not a stop sign.

As for the actual stop signs, that's what point 4 covers. A bank obviously cannot allow a withdrawal if it would exceed the customer's balance, or if they don't physically have enough cash, or if the withdrawal is not authorized (ie not named on the account, or PIN not known), full stop. But other situations may arise where the withdrawal must be delayed, either for the bank's own convenience or because the account agreement specifically requires certain holdings times.

I quickly perused a random account agreement for Wells Fargo and the Available of Funds section describes that new accounts (less than 30 days old) will have elongated hold times for withdrawal against newly-deposited funds. This is applied in a first-in-first-out fashion, so only fully-draining the account would incur the longer hold time. In other cases, the bank may take more time but is required to inform you of that, and provide a definite date for when the withdrawal will clear. This verbiage does not distinguish cash vs non-cash, so they're within their rights to delay a check, as long as they obey their own agreement. If this is not tolerable, find a different bank.

Finally, this also gives us some insight into the default behavior for banks subject to Federal Reserve regulations, which is point 5. A bank may not deny a withdrawal of unencumbered, unheld funds (cash or otherwise), except when the bank has actual knowledge that the withdrawal definitely is for laundering. It is, after all, not their money: it belongs to the customer and they are just the regulated custodian of it. A bank can certainly advise a customer not to fall for a pig-butcherint scam, but they cannot block the customer from obtaining their own money back out. They can, as described earlier, apply a temporary, finite-time hold on the funds, but that's it.

To my knowledge, there is no Fed-regulated, FDIC/NCUA bank or credit union that requires pre-authorized approval to access a customer's own funds. I am open to hearing evidence to the contrary, but I don't believe such a thing exists. How would they even stay in business? To be clear from point 4, a bank can certainly ask for a few day's notice to prepare $50k in new $2 bills. But that's easy enough: just call the bank and verbally request the withdrawal, then collect it in-person days later.

Who is disadvantaged by this? Mostly money launderers and con artists trying to abscond with their scam proceeds. But I'd be remiss if I didn't also mention rich people that prefer to suddenly go on vacation and pay for everything in cash. But the system is designed to be no obstruction to those that plan ahead, or are dealing in such small amounts that it's not a big issue. Normal everyday people all share the costs of money laundering, so it's not fair to disadvantage them just so rich people and scammers aren't inconvenienced by their inability to plan ahead. They don't even have to plan ahead: just keep a few racks in the safe.

It is to me, frankly, a non-issue to withdraw money for me or anyone in the working or middle class, because the very issue of being "flagged by US banks" just rarely even a speed bump. And the rich folks have private banks that will gladly give them inordinate amounts of cash to spend.

What exactly is the problem here, specifically?

 

What can be done

The most glaring problem with MeshCore is that the maintainers do not openly communicate vulnerabilities. Users are left without knowledge of any problems, unable to judge whether to trust MeshCore with their private communication.

 

Here is the thing about open source, Andy: it isn't yours to fence. You don't get to ride a community's goodwill into a USPTO filing and a paywall. You don't get to turn "we built this together" into "I own this, pay me." That isn't a pivot. That's a rug pull dressed up as a business model.

And here is the thing about the "license check" you shipped: it is a 32-bit djb2 hash of the device's Android ID, XORed with the four ASCII bytes MCPP, hex-encoded. That's it. Thirty-two bits. Less entropy than a decent ZIP password. A first-year CS student could break it. You used Claude to generate the code. We used Claude to read the code. It took 19 minutes. The receipts are one click away.

 

CLAUDE CODE JUST RICKROLLED ME. I'm working on a project where part of it will involve videos, and in building out the project it created a dummy page, with made up content (relevant to me!) with two video links pretending to be something else and BOTH WERE RICKROLLs.

Note: I'm using a broad definition of "programmer" to include HTML generation, and a broad definition of "humor" that includes Rickrolling. Together, I think this is appropriate for c/programmerhumor. Mods, please remove if not correct.

 

When I moved into my home many years ago, there was this lock-box mounted to the water main on the side of the house. I figured it was one of those used by real-estate agents to store the house key for viewings, but months passed and it still remained there. No one from my buyer's agent's office had a clue what this was, and the seller of the house had already moved out-of-state.

Recently, I had some plumbing work done, and that also included replacing the main water valve for the house, allowing this lock box to come free from the plumbing. Now inspecting it up close, and looking up the model online, I realized that it has an alphabet wheel and uses a three-letter combination.

As it happens, Thanksgiving weekend was upon me, and since I was bored, I figured I'd try all the possible combinations. Just 17,576 possible combinations, how bad could it be?

The most immediate problem was that due to being out in the elements, the dial did not turn easily. It would move, but was rather rough. And since the knob is only ~1 cm diameter, this is an incredibly un-ergonomic endeavor. I had to stop after the first 100 tries, due to the finger exhaustion.

Knowing this would be untenable for the long-run, I decided to build my way out of this problem. Since a combo lock involves making rotations that almost go all the way around, I drew inspiration from rotary telephone dials, where one's finger starts with the intended number and then swivels the dial around.

But whereas a rotary telephone dial only needs 10 positions, I needed to fit 26 positions, one for each letter. I decided on each hole being 17 mm to comfortably fit any of my fingers, but that also dictated the overall diameter of the wheel. But that's good, since a larger diameter wheel means more leverage to overcome the rough lock movement. It also happens to be that this wheel has a diameter of 180 mm, which is just enough to fit in the 200 mm bed of my 3d printer.

Using FreeCAD, I designed this wheel so that it fits around the splines of the lockbox dial, which held remarkably well. I had thought I would need Blu Tack or something to keep it together.

CAD design for lockbox dial wheel

Using this wheel, I'm able to "dial" combinations much quicker using one hand, while holding the lockbox with my other hand to press the lever down to test the combination. This should be good.

(note: some parts of this story were altered to not give away identifying details)

 

(fairly recent NewPipe user; ver 0.27.6)

Is there a way to hide particular live streams from showing up on the "What's New" tab? I found the option in Settings->Content->Fetch Channel Tabs which will prevent all live streams from showing in the tab. But I'm looking for an option to selective hide only certain live streams from the tab.

Some of my YouTube channels have 24/7 live streams (eg Arising Empire), which will always show at the top of the page. But I don't want to hide all live streams from all channels, since I do want to see if new live streams appear, usually ones that aren't 24/7.

Ideally, there'd be an option to long-press on a live stream in the tab, one which says "Hide From Feed", which would then prevent that particular stream ID from appearing in the feed for subsequent fetches.

From an implementation perspective, I imagine there would be some UI complexity in how to un-hide a stream, and to list out all hidden streams. If this isn't possible yet, I can try to draft a feature proposal later.

 

I'm trying to remind myself of a sort-of back-to-back chaise longue or sofa, probably from a scene on American TV or film -- possibly of the mid-century or modern style -- where I think two characters are having an informal business meeting. But the chaise longue itself is a single piece of furniture with two sides, such that each characters can stretch their legs while still being able to face each other for the meeting, with a short wall separating them.

That is to say, they are laying anti-parallel along the chaise longue, if that makes any sense. The picture here is the closest thing I could find on Google Images.

So my questions are: 1) what might this piece of furniture be called? A sofa, chaise longue, settee, something else? And 2) does anyone know of comparable pieces of furniture from TV or film? Additional photos might help me narrow my search, as I'm somewhat interested in trying to buy such a thing. Thanks!

EDIT 1: it looks like "tete a tete chair" is the best keyword so far for this piece of furniture

EDIT 2: the term "conversation chair" also yields a number of results, including a particular Second Empire style known as the "indiscreet", having room for three people!

view more: next ›