Many SSNs have been compromised already. The jig is up. It was never supposed to be an identity system but organisations keep insisting on using it as one. Even if they aren’t literally publicly available and easily obtainable, they should be treated as such.
Unless you’ve been a hermit or homeless for the entirety of your life, just about anyone can get your SSN from Accurint or TLO for a few bucks.
Sure, in theory Accurint and TLO do KYC. In practice you can find tons of people on various crime forums offering those lookups for a few dollars a pop.
I don’t really think chat is a step back (discord may be a step back vs irc or I am just graying). Learning newish tech in chat has always been way more engaging for me than wiki or forum style communication.
IME chat attracts people who devote a lot of energy to the topic, including top contributors and power users. If you have questions about the latest features or obscure use cases there isn’t a better place to go.
Forum and wiki are great formats too, with different strengths. But if you are frustrated because you can’t seem to find help in those formats, head for the chat.
Some communities archive their chat. This seems like a great source of data to bootstrap a wiki or faq.
> forum is awash with questions from beginners like “How do you make for loop in reverse? or “What allocator to use in WASM?” Most get answered within minutes.
You wouldn't get a chat awash with these questions if they could be easily searched for.
1. Not as much because people can actually find the answers to their questions before locking to the chat
2. On top of that you can make info on and solutions to other issues/problems actually available and accessible. Like the one the author describes later in the same text
Instead all this info is locked behind a proprietary chat platform
My favorite Firefox plugin is NoScript. There is often an incredible amount of third-party JavaScript running on commercial web sites. NoScript turns all the JavaScript off by default, and then you can whitelist it temporarily (or permanently, your choice) at the per domain level. (I will never whitelist google tag manager, how is it present on every freaking website?)
So I visit thing-i-want.com and it doesn’t load because NoScript is currently disabling JS for that domain. No problem, I temporarily enable JS for thing-i-want.com
The page refreshes and suddenly NoScript is disabling JS for 10 more domains!
That seems excessive, maybe the page doesn’t need ALL of those scripts to function.
I will enable that cloudfront domain and that one that has “static content” in the name.
Page refreshes.
Okay it mostly works now but also NoScript is showing disabled JavaScript from 5 more domains!
..Anyways
Sometimes sites are running scripts from 15 or more domains and sometimes they are nested 4 domains deep.
It’s absurd and OF COURSE it overwhelms older devices.
If you want to use a modern browser on an older device, use a browser with a script blocking plugin
NoScript as a antipattern, because it disincentivises browsing new websites. As you observed, for every new website you need to reload the page quite a few times to get it functional.
I don’t ever install NoScript on family/friend devices. It just breaks their experience. I have knowledgeable coworkers that won’t use it because it’s not worth the hassle for them.
So I agree it is an anti-pattern for typical use cases.
But if you’re trying to get the most out of old hardware, it will make some websites more usable.
GTM is just another JS CDN, like unpkg and jsDelivr and others I forget. What amuses me is sometimes a site will use all three. Often, none are necessary for the core site to work; having had to help add support for GTM once to a site builder product, I think the target demographic is PMs who want to add random marketing/ad/analytics/audience-segmented scripts to a site.
Very rarely it'll happen that I'll care enough to go through the list of possible domains to temporarily whitelist before finally giving GTM a shot, then immediately remove the whitelist. Usually I don't get that far, especially because if it hasn't worked by then, enabling GTM doesn't tend to work either, it's just a bad site that isn't actually providing what it claimed to provide. NoScript has never disincentivized me from visiting a new site, but it has made me give up on some or look for alternatives. My daily experience is pretty minimally impacted by it. (Still, I don't usually bother installing it on work machines or my travel laptop (which is remoting to my home PC most of the time anyway), and sometimes I'll just load the page up in a chromium tab (incognito or not) rather than play the game of five refreshes from whitelisting JS.)
The performance impact is quite minimal I think, especially if you compare the difference between Firefox with NoScript and Chromium without, the latter is just faster because it's not Firefox. The oldest machines I still use sometimes are from 2009 (with an i7 920, pretty good for the time) which as my old daily-driver I used NoScript, and 2017 (my travel laptop with an i7 7820HQ) where I don't bother. Neither is all that slower for web stuff than my current daily driver with a Ryzen 9 5900X. The web is just slow even with newer hardware. (In contrast to others here though, I immediately notice the difference of better hardware with local applications, especially content authoring ones like gimp or krita.)
Please, the exceedingly wealthy don’t muck out their own barn.
Where I live a piece of equipment like an excavator is a great investment. It’s a tax write off and it frees up time for you to do other more valuable tasks instead of breaking your back with a shovel for far too long.
Many (most) people will take out a loan to purchase a piece of equipment with the expectation that it will “pay for itself” over it’s service life.
There’s plenty of hate for X on HN and abroad. I don’t think the crowd on HN is going to have the same reaction to Wikimedia taking a hardline stance against censorship.
Blocking the world’s foremost encyclopaedia vs blocking an extremely popular gossip app.
Sadly, an Indian competitor would appear, probably by ripping off Wikimedia’s own content.
It appears to me that DMNO gathers then sets your environment variables at run time. It can gather them from a local config or from a multitude of network locations like a git repo or a website or a S3 bucket or run a function to calculate it now.
You could already be doing all that with any scripting language, maybe Ansible and friends, but DMNO is more focused and seems to depend on Vite, so it’s also got a narrower (but huge) audience.
DMNO also includes multiple features that test if any environment variables are being accidentally leaked somehow.
Thats right :) and yes while you could do something similar on your own, you'd end up building a ton of custom tooling that has nothing to do with your actual business.
While DMNO does use vite under the hood, it's not at all tied to your own usage of vite, or even of JS/TS. Our bet on using JS/TS is that it's fairly universal - most projects at least have a web frontend of some kind, so it's likely part of your stack, and most team members can write a little javascript, even if they don't love doing so. The tooling is also quite good in most IDEs without installing plugins, and can even be run in the browser, which opens up some interesting possibilities. For most end-users it should feel like writing some glorified json, but by using typescript, we get nice IDE support, can define inline functions without some DSL, and can build with the full power of a real programming language in cases where it's necessary.
Personally, I don’t care to share the username to any account, password protected or not.
On a related note I think it is terrible security to have display name be the same as user login name.
You trigger an idea of AI evolution in my brain. AI needs power to proliferate. AI that encouraged power consumption and de-emphasised climate issues naturally thrived. Like a successful virus; no thought required. Survival of the fittest.
https://constella.ai/verifying-the-national-public-data-brea...