Hacker News new | past | comments | ask | show | jobs | submit | best comments login

3.5%-5% increase in performance at more than double the wattage, for a chip that is not in consumers hands against a chip that basically hasn't changed and was released 14 months ago~

This is not the victory that the title implies.

It's also a _little_ bit funny that the i9 laptop was double the price, given people usually rant loudly about how expensive Apple computers are.


Naomi Wu seems to upset a lot of people. She makes things, and was accused by the publisher of "Make" magazine of being a fake, with some guy doing the actual work. She replied by posting long, detailed videos of her making stuff. An hour of cutting aluminum extrusions with a chop saw and putting together a frame. Soldering PC boards. Eventually, the guy apologized.

One of the useful things she's done is to put up lots of videos of her running around Shenzhen. There aren't enough ground-level videos of the working parts of Chinese cities. There's extensive coverage of Tokyo, by comparison. It's interesting to see the high-density housing blocks and street-level activity. (The "let's increase housing density" crowd from Strong Towns should watch those videos.) People who've met her report that she knows Shenzhen very well, down to the back alley level, where some unmarked door leads to an important factory. She's toured the electronics markets of Huaqiangbei. (I miss the days when Silicon Valley had electronics parts stores.)

She's done some nice technical work. Her main thing is 3D printing, and she came up with the first angled 3D printer that worked reliably. The print head moves in a plane 45 degrees from vertical, and the base surface is a belt, which advances the workpiece one layer at a time. So it can produce objects continuously, or very long objects if you add support rollers. Others had made prototypes of such machines, but the properties of the belt and print head are touchy to make that work right. She got it all working, and it's now a product, with her picture on the box.

At various times she's pushed on GPL compliance, mask quality, and other issues of interest to the tech community.

She wears skimpy outfits sometimes. So what? That's most of Instagram. Unlike most Instagrammers, Wu has something original to say. Sometimes with a biting wit. I gather that it's more biting in Cantonese.


I believe leetcode is a way to skirt around discriminatory hiring practices. It’s not at all representative of most work environments. Some want to pretend they’re cognitive wizards, but many of the algorithms used to solve problems took years to develop. If you haven’t seen a particular problem before or had time to research it, it’s unrealistic to expect a candidate to solve it in twenty minutes in a high pressure situation. This process benefits individuals who have the luxury of time to spend preping. Something minorities, working parents, etc. don’t have.

I’ve been a software engineer and now architect for 15 years. Studying leetcode like problems won’t help me at my current job or a future employer once I get past their interview processes. What leetcode does do is make it difficult for minority candidates, those with external obligations, or those with families to get into firms. For example, I work 50+ hours a week with two kids and a parent with cancer. I work hard at work and have a lot of external obligations. I don’t have time or to study leecode problems.


They’re completely impractical, that jet pack does indeed exist, but there are approximately two people in the world who can safely fly it untethered. Every now and again they’ll pop again with “mountain rescue experiment with jet pack” or “Marines demonstrate boarding with jet pack”, and every time it’s just the creator cosplaying as whatever service he’s trying to sell it to this time.

This is pretty incredible. These aren't just good practices, they're the fairly bleeding edge best practices.

1. No more SMS and TOTP. FIDO2 tokens only.

2. No more unencrypted network traffic - including DNS, which is such a recent development and they're mandating it. Incredible.

3. Context aware authorization. So not just "can this user access this?" but attestation about device state! That's extremely cutting edge - almost no one does that today.

My hope is that this makes things more accessible. We do all of this today at my company, except where we can't - for example, a lot of our vendors don't offer FIDO2 2FA or webauthn, so we're stuck with TOTP.


My FBI file was for hacking into my school district's AS/400 that handled my school's attendance and grading system. Somehow using a public IP address with no access restrictions allowed a clear telnet path in from home. Compounding username and passwords that were all the same for every employee. I didn't change a thing, just LOLed and told someone. Bad mistake. This was the late 90s.

Oh well, 2 week suspension and kicked off the computers for less than a year. A nice conference with FBI, police, my parents, IT and school administration. Fun times.

I learned my lesson to not talk about such things because their egoes were too fragile.

When they decided to give students in their website design class ftp accounts on the district wide web/email server running an ancient version of Debian, they didn't disable the shell, just added a login script to a menu for pine, etc. for people who telnetted in, which I'm sure the sysadmin was proud of. However, a few fast CTRL-C's broke out of his script menu loop and got me a shell, and they didn't shadow protect their password files. Ran it through john the ripper and had half the district's e-mail passwords in a default dictionary file including the root pw in a few minutes. LOLed and never told anyone about that.

Good times, the 90s....


General observation from reading the comments - the folks on HN must not have many friends working in medicine for if they had they'd realize those friends are swamped and burned-out. They'd also know that pretty much the only condition we're treating nowadays is Covid. Surgeries are continuing to be postponed - including surgeries that can lead to worse problems down the road such as removing cancerous tumors.

And it gets worse. My daughter is in pre-med. Apparently people are dropping out like flies and not just because of the course load. They're watching how medical professionals are being treated and saying screw it! This should concern us all because we've had a marked uptick of medical professionals retiring/resigning since the pandemic started and now the pipeline is thinning out.

We're walking headlong into a disaster and nobody seems to care. And that's not even dealing with the problem of Global Climate Change which, guess what? Still hasn't gone away and there doesn't seem to be much interest in caring about that either, not that there ever was.

You can see what our child-bearing aged children think of all this - they're not having kids. I don't think this is a short-term aberration. We're a population literally in decline.


> Never say what you ware doing (it's obvious this commit is updating build scripts)

DEFINITELY say what you are doing. And then say why.

This blog post is a good description of the most prevalent convention in how to write good and useful messages (e.g. this is what the Linux Kernel does and given the history of git there's some flow down): https://cbea.ms/git-commit/

The key thing that means you should start with what is having a short one-line summary of what you're doing so you can look at a simple log and see which commit you're interested in.


One thing everyone is getting hung up on is the fact that Amazon isn't wholesaling the dongle. The contract isn't a wholesale deal, meaning if your widget doesn't sell, it's sitting on your balance sheet, not on Amazon's balance sheet. It would be like if Costco instead of buying 1000 legos, just stocked legos in it's warehouse, then paid Lego company everytime a single unit sold. Then they figured out how to make their own legos through a different supplier, they fixed the original Lego price $5 more expensive then the store brand legos. Now Legos sell for $30 a box and Kirkland Legos sell for $25 a box, same exact product, just a few bucks cheaper. Oh and lego couldn't drop the price from 30 to 20 to compete....

That's what Amazon has done. Price fixing and control of the competitors inventory. Damn bastards.


I think that is the worst reason for them to rewrite titles. If they left the title as-is, then I would be able to see in the search results that it was a spammy site and ignore it. Instead Google is helping to launder their SEO and present it as a more legitimate site. If Google thinks a site is gaming their algorithms they should de-prioritize it, not rewrite it.

So he used code straight off GitHub, didn’t read the license terms, and then has the gall to call it “stealing” when the program does exactly as it says it would.

Either learn to read licenses, or have a list of approved licenses (MIT, GPL, etc.) and only use software thus licensed.

EDIT: What I mean above is the 2% which is specified in the “Licence Agreement” page – the article author is clearly considering this, too, to be “stealing”. Regarding the increase from 2% to 30%, that is way more questionable, and I do not defend it.


> "don't use terms like 'market share' in internal communications"

Sounds like the training was teaching you how to avoid leaving an audit trail rather than how to prevent illegal activity.


Finally! I’m a big fan of Python, but I hope they remove ALL Python from the OS itself. I’ve spent many hours over the years messing with setups to resolve bugs caused by python scripts picking up the Mac OS python install rather than the user-installed version. They really shouldn’t be bundling any Python version with the OS - the user should choose the versions installed. It’s much cleaner that way.

I think 3. is very harmful for actual, real-world use of Free Software. If only specific builds of software that are on a vendor-sanctioned allowlist, governed by the signature of a "trusted" party to grant them entry to said list, can meaningfully access networked services, all those who compile their own artifacts (even from completely identical source code) will be excluded from accessing that remote side/service.

Banks and media corporations are doing it today by requiring a vendor-sanctioned Android build/firmware image, attested and allowlisted by Google's SafetyNet (https://developers.google.com/android/reference/com/google/a...), and it will only get worse from here.

Remote attestation really is killing practical software freedom.


I think the article’s missing an important trick: Brainstorming establishes a shared understanding (depending on the group dynamics, you might call it a fiction) that the group, not any individual, came up with the idea. That sense of ownership is psychologically important for aligning the group during the execution phase: People are usually a lot more motivated to implement a plan that they came up with, and if anyone challenges the idea, much more eager to defend it.

I think this hits at the heart of the issue though - you don't get to, as a public figure, decide whether or not you are "the voice of a movement". In mass media today, influencers and other people of note who don't have advanced degrees should be doing their research - from credible sources - so they're not spouting inaccuracies and falsehoods to their followers.

Joe Rogan doesn't need to do these things if he's just "hanging out with his buddies smoke'n" but he also doesn't have an obligation to have provocateurs and hacks like robert malone or ben shapiro on his show. He does it because he knows his fanbase will listen to it, ingest the information, and then speak it as fact to their friends and family - and THAT is where the danger comes in. Furthermore, he also knows that parts of his fanbase will go wild to see their fringe views espoused by a guest on their favorite podcast, without Joe challenging them to back their claims up with facts. I'm sure he also knows that his listeners skew young and male, and impressionable young men have been radicalized to a dangerous degree on the internet. Having the same views on his podcast as conspiracy theory sites, for example, will undoubtedly make it easier for the bad actors running these sites to radicalize JRE listeners (who will then, of course, become a part of the fanbase that loves when their theories are given time on his show in some perverse feedback loop).

He has also inked a deal with the largest music streaming service in the world for more money than any of us will see in our entire lives - at that point I don't think you can even say he's just "hanging out" any more. It's facetious at best, and wilfully negligent at worst, to assume that no one thinks of him as an authority figure, because even if he's playing the everyman character his guests profess to be authority figures in their fields. If he doesn't seriously challenge their false claims or ask for evidence from credible sources, he's doing his listeners a disservice.


Fun fact: macOS used to encrypt its system applications as a form of copy protection on Intel machines, using encryption keys that were read from the System Management Controller chip on the board.

They don't do that any more on Apple Silicon machines, and the entire OS is free to download from their CDN, completely unencrypted. Still, though, the SMC on M1 machines (which is now part of the M1 chip itself, and completely different from the one on Intel boxes) continues to hold those very same keys, and they're still "secret" and omitted when you enumerate them. macOS no longer even reads them, but you can dump them with the debug tooling I wrote for Asahi Linux a few weeks ago.

    $ python tools/smccli.py
    m1n1 base: 0x100046dc000
    Fetching ADT (0x00070000 bytes)...
    [...]
    [smcep] Starting up
    Have fun!
    >>> smc.smcep.read("OSK0", 16) + smc.smcep.read("OSK1", 16)
    > 20:0x4f534b3000102010 (TYPE=0x10, UNK=0x0, ID=0x2, SIZE=0x10, KEY=0x4f534b30)
    < 20:0x202000
    > 20:0x4f534b3100103010 (TYPE=0x10, UNK=0x0, ID=0x3, SIZE=0x10, KEY=0x4f534b31)
    < 20:0x203000
    b'ourhardworkbythesewordsguardedpleasedontsteal(c)AppleComputerInc'

It's just as easy to argue that leetcode-style interviews are because companies are afraid of being discriminatory in hiring. If you aren't allowed to consider culture fit (because it's discriminatory) or education (because it's discriminatory) or give take home work (because it's discriminatory against people with time constraints) or trust your feelings in a qualitative interview (because they're discriminatory), what can you do? Solving real engineering problems takes too long for an interview, and full-day interviews are also discriminatory against people with time constraints. You can candidates give some automated algorithms problem solving test- that's what you can do.

Nobody cares because we have something better. It’s called paramotoring.

Saying it changed my life wouldn’t be an overstatement. The ability to store it inside my sedan, travel anywhere, take off with my own feet, fly anywhere for around 4 hours, and land basically anywhere… is just magical.


Sometimes company legal teams can be the most accessible way to draw attention to something like this, and I don't mean in a combative way. They're very risk conscious, they see a '10+ years of building a heavy metal community, gone like a puff of smoke' in terms of risks, both of bad publicity but also if you were to somehow litigate because of the damage to your business or project. Often they have an email address that is manned because they have to respond to legal requests of various types.

You can potentially request all your data (and data about the hack) and let them know why, maybe reach out asking how you can get law enforcement involved and who you should contact after you've made a police report. It's not a threat, but it get it on somebodies radar. If you express how devastated you are there is potential for them to help. They also have a lot more latitude than any kind of helpdesk (especially at the scale of Facebook, and the users/customers facebook has).

They're also well connected with-in an organization because they have to sign-off on all kinds of projects and risks.

I think `patio11` has amazing advice is a similar vein[1].

[1]: https://twitter.com/patio11/status/1162561822248992768?lang=... (I think he has a longer version/reference, but I can't find it)


It's exactly what NY asked. He didn't do it as a means to let Spotify drop Joe Rogan, but he did it out of principle. I applaud him for that.

This thread is like "google banned my account" but for real life

No doubt, these censors and would-be censors have the best of intentions. But you've really got your head up your own ass if you convince yourself that you are protecting people by deciding the information that is appropriate for them to be exposed to. I just don't understand the shortsightedness, the naivete, or the willingness to discard the principle of free speech.

What were we expecting from jetpacks though, really? Is it not more fair to suggest that the past was a little bit naïve about what it would take to operate a jetpack? They're still aircraft after all, at the very least you're going to need pilots license.

There's no "bicycle" of jetpacks, you've got three axis of movement and certain death in every direction but up, it's just not a tool that belongs in the every-man's garage.

I think the same can be said for the past's perception of what flying cars would be like. You don't see your average joe flying a helicopter to work, for the very same reasons you'll never see personal flying cars be ubiquitous.


Apologies in advance for getting on my soapbox, but this has been on my mind for a while.

The way in which the media has gotten everyone to say "the unvaccinated" is a 'disease' against basic science (not even getting into the divisive nature of this). I would go as far as saying if you read any paper, study, or other that refers to the "unvaccinated" as a single cohort, you are reading vaccine propaganda, not science, or certainly not good science.

This must stop. Prior infection immunity is basic science that we've known for eons, and ignoring it is so blatantly glaring an omission, it should make the most staunch pro-vaccine person pause and say: "why are they so adamant to vaccinate those with prior infection?". One would expect prior infection to be robust, and multiple studies, including even the CDC's most recent shows it to be easily as good if not better and longer lasting than the vaccine. This should not come as a surprise to anyone.

If you think any of the above is "anti-vax" then I would suggest the media has won and science is dead. I'm not suggesting the vaccine doesn't work. I'm not suggesting it doesn't provide protection against severe disease and death. I'm not suggesting anyone go out and intentionally try to get COVID, but a HUGE # of people have already had it and ignoring them is downright unscientific. If you are a rational person who wants to see good science and are unemotional and detached from outcomes, then you will want to see proper study cohorts, and combining prior infection in with the "unvaccinated" cohort, is just bad science. This bad science fuels the anti-vaxx movement even more, and honestly, it is hard blame them.


Reads like you can just make an oath in front of a notary public (no need to have the supervisors supervise or anything):

https://www.legis.state.pa.us/cfdocs/legis/LI/uconsCheck.cfm...

The hired accountant does get most of the powers:

https://www.legis.state.pa.us/cfdocs/legis/LI/uconsCheck.cfm...

But not the power to set compensation for the township supervisors:

The board of auditors shall determine the compensations for the current year authorized in section 606 for supervisors employed by the township.

https://www.legis.state.pa.us/cfdocs/legis/LI/uconsCheck.cfm...


This doesn't surprise me at all.

If you're reading and you're really determined to overcome corruption, you need to document everything. Getting the other auditor on board would be good too. Make sure you assert that the privilege of holding office is yours, provide the certificate, and show them the laws. If they still deny you the authority and position, then look up a PA law called official oppression. Report this crime to the police. If they decline to cite/arrest, look up the process for filing a private criminal complaint. The DA could still decline to prosecute, but you could appeal that decision to a judge. Good luck (my experience is nobody in the system actually cares and they'll side with the establishment).


I totally get this. Back in the day when I was a kid, we went to the local library and read about the world. When the librarians weren’t serving me by “checking out books” to me, they were busily putting new and improved titles on the books in receiving.

/s

Seriously. Google is starting to feel less like the librarian of the net (we index the world) and more like the Truman show: we craft your reality.


Surveillance-resistant systems are not an answer to authoritarianism.

Private companies do not have freedom of operation in authoritarian regimes.

It's a special sort of odd neoliberal fantasy where capitalists or technologists can route around an authoritarian social movement that seizes the power of the state.

Do you want to know what happens to people who think they can route around an authoritarian regime with clever computer code? There's a relevant XKCD about a $5 wrench [1], except instead of a $5 wrnech it's the entire apparatus of a developed nation-state.

If you really think authoritarianism is coming to your country, stop fucking around with prime numbers and get serious about the work of political persuasion.

[1] https://xkcd.com/538/


Not much of a choice anyway. Choosing to keep an unsupported piece of software in the system is a security liability.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: