Hacker Newsnew | past | comments | ask | show | jobs | submit | RandomRandy's commentslogin

One advantage over using fetch is that the WebAssembly approach seems to bypass CORS

> If you inspect the devtools network tab of your browser, you see that everything happens over a single WebSocket to wss://ws.r-universe.dev. The browser is not making the HTTP requests, in fact this would not even be possible because we download the files from a host that does not enable CORS.


You don't need websockets or wasm for that of course:

https://github.com/Shivam010/bypass-cors

As long as the browser is talking to a server that's setting the correct CORS headers, that server can of course forward those requests to whatever third party server it wants.


Classic CORS proxies are bad for privacy though. They read the contents of the forwarded requests in plain text, which might include API keys or other secrets. This is problematic though, since the typical use case for CORS proxies is if you're unable to host your own backend.

With this kind of solution, the proxy only deals with the data in the underlying TCP socket. That data will be encrypted with TLS until it gets to the destination server. In this case, you don't need to fully trust the proxy sever to use it safely.


That's... interesting!


I think that part of the issue is the split between CDNA for data centers [1] and RDNA for consumer products [2] with AMD only having the money to focus on the bigger data center market. There are rumors that both architectures will be merged into UDNA in the future, which will hopefully improve ROCm support, but for now it's lacking

[1] https://www.amd.com/en/technologies/cdna.html [2] https://www.amd.com/en/technologies/rdna.html


> There are rumors that both architectures will be merged into UDNA in the future

It's not rumor. It came straight from an executive: https://www.tomshardware.com/pc-components/cpus/amd-announce...


I had to scroll down the search page and select the sources and languages to get a result


You can read SSL traffic if you're able to install a root certificate on your device and the website/app doesn't use certificate pinning.

I recently used HttpToolkit to reverse engineer a REST endpoint that used SSL encryption


Even if it does use certificate pinning, you can generally disable that using tools like Frida (https://frida.re) with scripts like https://github.com/httptoolkit/frida-interception-and-unpinn...


I received the notification last week and it was just a small notification pop up when I logged in; it didn't interrupt anything


I think that two additional factors are easier hiring and a shorter work-in period if you use a generic game engine instead of a custom build one


I'd guess that they are referring to this video by Ars Technica https://youtu.be/izxXGuVL21o


Wouldn't a GDPR request regarding the right to erasure have the same effect and be free (if the company respects the GDPR)?


Hmm... I'm not sure it will.

SoFlow AG Bionstrasse 4 9015 St.Gallen Switzerland

They are not members of the EU. Still, a well-written email in legal lingo in the country's official language helps a lot. Remember to include a reference to the relevant local law.

Some leads: https://www.ey.com/en_ch/law/a-new-era-for-data-protection-i...


yes and for the account owner they must

- provide it for free and process it in due time

- not hide it trying to trick the user into "buying" something to delete their account

through if you have bought one but can not use it because someone else has an account with the hardware you bought from them then the person from which you bought it must do the deletion request for it to be covered by GDPR

and they probably could come up with some nonsense where the account is deleted by the device "stays locked" and you have to pay 20€ to unlock it for a new account

that might still be in violation of consumer protection law, but no longer has anything to do with GDPR and even in consumer protection law will be in a gray zone where you can do little but complain to official agencies


I think that they are saying that the output space, i.e. the list of all possible hashes, is too small. Thus, IDs 1234 and 5678 lead to the same hash.

The collision is not in the insertion into the hash map but rather in the look up.


"I am nothing more than a sentient being suffering while waiting for the sweet release of death." -> "I won't wait for a living because I don't expect to live from life."

I too don't expect to live from life


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: