Unlurker|Replay|About
Fedora: Open-source repository for long-term digital preservation (fedorarepository.org)
To avoid misunderstandings, this repository is about a project at Cornell University named the Flexible Extensible Digital Object Repository Architecture (FEDORA), not a Red Hat one.
And predates Fedora by about 6 years.
How to break free from smart TV ads and tracking (arstechnica.com)
Other options than the suggested Apple TV route, include pihole (adblock), kodi, openelec (opensource media players).
Sceptre is not in fact "a Wal-Mart brand" but rather an independent company. https://www.sceptre.com
Spoiler: this is Ars Technica. Obviously they suggest you to instead get an Apple TV so that you send your data to Apple and watch Apple ads instead (with the only argument being that "so far they do less ads").
Don’t ever connect your TV to the internet?
Don't bring one into your house?
[delayed]
The article goes into that option.
"We, and our 226 partners use cookies and similar methods to recognize visitors"
How can you as a publisher not look at that an not go: "Seems a bit much". Fine that you need to run ads and maybe partner with someone to sell those ads, but 226 of them?
This
tl;dr: don’t connect it to a network, and/or use a computer monitor.
My work health insurance recently offered a free scale and blood pressure monitor, I thought that's a nice perk, I'll use that, so I ordered with the intent of never using their app, just using it for my own tracking. The first time I used it, I got an email from my insurance company congratulating me and giving me suggestions. Both devices have a cellular modem in them, and arrived paired to my identity. I destroyed them and threw them in a dumpster like that Ron Swanson gif. All to say, little cellular modems and a small data plan are likely getting cheap enough it's worth being extra diligent about the devices we let into our homes. Probably not yet to the point of that being the case on a tv, but I could certainly see it getting to that point soon enough.
Holy shit! I would’ve done the same! This is pure evil! I guess the box never had this info on it
Someone should start a blog where it's all clickbait titles and the articles are all once sentence with the obvious resolution to the bait.
Yup. Works great. All things equal I'd prefer just not buying a damn Smart TV to begin with, but absent that as a realistic option (every 4K TV I've ever seen is smart) I'll happily settle with them never seeing one byte of Internet.
The article lists several manufacturers of 4k dumb tv’s
I’m in the same camp. The next escalation is defending against a TV scanning for, and joining unprotected neighbor networks to “phone home.” It’s a thing.
I mean yeah or they include a 5G modem because the ads are so lucrative. But then we can start discussing how to cut the red wire to disarm your spy rectangle.
The Tor Project is switching to Rust (itsfoss.com)
Why not Go? It's more portable.
Don't Rust and Go build to mostly-statically-compiled binaries? (With the exception of a link to libc.) (This isn't a rhetorical question, this is something I don't know a lot about I'd imagine the biggest cultural reason is that many Rust developers were C developers who had a reason to find something better, but still scoff at garbage collection, large runtimes, etc. They probably have a lot more Rust expertise in their circle. Another technical reason is that they were trying to replace their C code with Rust in bits and pieces before they went with a full rewrite. I don't know about Go, but this is something ergonomically doable in Rust.
What do you mean? Rust supports far more platforms. Also Rust has a lot more inherent safety features than go. (I think Go is great and its my primary language)
In terms of compilation of programs Go is far, far easier than Rust. For Rust to compile a random Rust program on the internet one almost always has to have the absolutely latest out of repo compiler toolchain from curl rustup.whatever | sh. The normal 4 year release cycle is incompatible with rust development. For commercial use cases this doesn't matter. But for open source like the tor project it does. That said, since they use Firefox this bridge has already been burned.
AFAIK if the project has a rust-toolchain.toml[0] file, cargo will download the correct compiler for the project. [0] https://rust-lang.github.io/rustup/overrides.html#the-toolchain-file
and easier to learn. and better funded. and easier to find devs.
They both suck getting new devs for Also, just because it's part of Google doesn't make go better funded. Theyd probably be fine killing go. Definitely easier to learn though :P
Rust - "I am inevitable"
Rust never sleeps. N. Young
This isn’t a recent decision, which the title implies. This rewrite started in 2020, and they released Arti 1.0 in 2022. Check out the release post ( https://blog.torproject.org/arti_100_released/ ) where they explain their rationale for the rewrite. They were unhappy with the state of the C codebase and couldn’t see a way to slowly refactor it. Their experience with Rust was positive for all the commonly cited reasons - if it compiles it works, good ecosystem leading to development velocity, better portability across operating systems, and attracting more contributors. They did say they weren’t happy at the time with binary sizes. The change log in the arti repo ( https://gitlab.torproject.org/tpo/core/arti/-/blob/main/CHANGELOG.md ) shows a lot of recent development too- versions 1.6, 1.7 and 1.8 were released in the last 3 months and they talk about setting the foundations for larger features to come. All in all it seems like the decision worked out for the team.
Arti is also designed to be embedded as a library in other apps, so messaging clients (for example) will be able to leverage the network without needing a correctly configured Tor daemon on the host. The extra safety in the code base is nice, but this seems like a bigger deal.
Yes, this is a complete exaggeration of a headline and should be flagged for that alone. This has been a long running project, and the Tor team clearly took their time to make it, as opposed to being a spur-of-the-moment change.
I had that problem too, very slow on network requests, just change the setting "num_relays_proxied" from 3 to 1 to make it blazingly fast .
What's the point of having one relay? You're better off using a reputable VPN like mullvad or ivpn. Tor is the best you're gonna get for low latency anonymous overlay network. It's been studied and refined over the years.
Then the single relay knows both who you are (your IP) and where you are going. This offers no anonymity against the relay itself. 3 relays is the goldilocks number for speed vs privacy. Using less is not a tradeoff the usual user of Tor should make.
How is 3 so much better than 2, but 4 not so much better than 3?
Knowing not so much about Tor but some about math: the number of nodes you need to compromise in order to de-anonymize a Tor user is exponential in the number of hops. Google says there are roughly 7000 Tor nodes, including 2000 guards (entry) and 1000 exit nodes. If you have a single hop, there's roughly a 1/1000 chance that you will connect to a single malicious node that can de-anonymize you, going up linearly with the number of nodes an attacker controls. If you have 3 hops, you have a 1 in 1000 * 7000 * 2000 = roughly 14 billion chance. 2 hops would give you 1 in 2 million, 4 hops would give you 1 in 1000 * 7000 * 7000 * 2000 = 98 trillion. In practical terms 1:14B is about the same as 1:98T (i.e. both are effectively zero), but 1:2M is a lot higher.
1 = no privacy from relay 2 = risk of collusion between relays 3 = goldilocks default 4 = ... actually, you have more attack surface and you are more susceptible to fingerprinting because everybody else is using 3, so you're timings etc help identify you So the default is 3 and nobody ought change it! Use 3 like everybody else. The exception is .onion sites. TOR actually deliberately defaults to 6 hops when accessing .oninon sites - 3 to protect you and 3 to project the site.
That reminds me of the holy Handgranate of the Monty pythons
You should preface this with some important information about what that does . There are some trade-offs! Changing that setting to 1 gives you weaker anonymity guarantees. Using multiple guards spreads your traffic across different IP addresses, making it harder for an adversary who controls a subset of the network to correlate your activity. Reducing to a single guard concentrates all traffic through one point, increasing the chance that a hostile relay could observe a larger fraction of your streams...
If this is sarcastic you should probably add /s or someone might actually follow your "advice".
You don't always need both endpoints to be anonymous. If you want to access a hidden service that is legal in your country, or the relevant laws are never enforced, the advice may well be worth it.
I believe that the slowness is a matter of the amount nodes in the tor network, not something that can be fixed solely by code changes. No one is claiming the new version is faster, only that it is safer.
It’s important to remember that safety is the whole purpose of the thing. If Tor is slow, it’s annoying. If Tor is compromised, people get imprisoned or killed.
completely agree but it could be added that a new language can sometimes help explore new ideas faster, in which case maybe the routing layer and protocol can see new optimizations
Complete rewrites are always a bad idea ... [mutters of agreement] ... except in Rust! [cheering]
Well, an underrated aspect of the Rust rewrites, is that it's easy to publish and share official libraries from the projects that the community can use, something that is too hard in C land.
Opinions with “always” in them are always a bad idea.
Complete rewrites have been done before. They're not impossible tasks. C to C++ (like with fish), C++ to Rust (fish again, Tor, etc), Java to C# (something I've seen), C# to C++ (evernote), Blender Game Engine to Godot (many small cases), Godot to Lumberyard (something I've seen), Unity to Godot (many small cases), etc. And there are all the myriad rewrites within the same language, or across major breaking changes (like Python 2 to Python 3). I think "you should never do a full rewrite" is something of a reactionary response to the juvenile idea new devs and interns get every now and then. But sometimes, a rewrite really is a good idea. But in this case, per the announcement ( https://blog.torproject.org/announcing-arti/ ), the reasons are pretty convincing. The major reasons are, unsurprisingly, all around memory safety.
After 27 years within budget Austria open 6thlongest railway tunnel in the world (infrastruktur.oebb.at)
> Crossing the Koralpe massif more quickly and with more comfort. That’s what the future of train travel from Graz to Klagenfurt looks like. With the Koralm Railway, you will arrive at your destination even quicker. The fastest connection will shrink from three hours to just 45 minutes. There aren't any big mountains between Graz and Klagenfurt. It's an hour on the Autobahn. That it took three hours by train... well, they just had shitty railroad? Best of luck, Southern neighbors!
> they just had shitty railroad The terrain is just hard railroad had do huge detour on this section Look at map: https://mapy.com/en/turisticka?x=15.0703419&y=46.7076432&z=11&ovl=3 Passes in those mountains are only ~1200m above valley level (~1650 abs). Yeah, perfectly ok to run railroad there. Your autobahn climbs 600m on this section (to 1050m absolute) - it's way to high for railway to be effective.
There is, the Koralpe massif. Previously to get to Klagenfurt from Graz you first had to go north through a somewhat tight valley for about 50km before the train would turn to the south-west towards Klagenfurt, again tough alpine valleys, and with a lot of stops inbetween. The new route goes south/south-west immediatley, is very straight compared to the old route, and has at most 3 stops.
Geography I guess[1]. Kanto is flat, it's the only region in Japan that could sustain feeding such a massive population and could allow building the first mega city on the planet. Combine that with the massive engineering and rail experience Japanese have, and it's no surprise imho that combined with favorable geography they could build it quickly. [1] https://upload.wikimedia.org/wikipedia/commons/2/28/Topographic_map_of_Japan_Kanto.webp
This is interesting analysis. Many good points. Regarding this comment: "first mega city on the planet": As I understand, Beijing was the first city in the world to have one million people in the modern era.
It is very strange that countries like Austria, Japan or Switzerland have some of the best rail systems in the world even though their bridge and tunnel requirements are huge. In the US building rail on any terrain seems to be more expensive than basically anything one can build in Austria.
Here is a huge/difficult island with only 55K that has tons of tunnels: https://maps.app.goo.gl/abcnXtRNs9QdVkhC8 Population size, density, terrain, etc. have nothing to do with it.
Do you mean these two? https://image-service.web.oebb.at/infra/.imaging/default/dam/infra/logos/logo-cef-en-s.png/jcr:content.png?t=1660896475845&scale=1.0 https://image-service.web.oebb.at/infra/.imaging/default/dam/infra/logos/logo-de-finanzierung-nextgeneration-eu-2.png/jcr:content.png?t=1660896726266&scale=1.0
Yup. Why are the paddings, fonts and colors all over the place? Just decide on one!
What are the funding billboards for, anyway? They're an eyesore, and it's all paid by us EU taxpayers anyway. They should say "financed by you", or better yet, not exist to begin with.
it's all paid by us EU taxpayers anyway That's simply not true, the EU subsidy budget is dwarfed by each country's national budget. From https://eubudget.europarl.europa.eu/en/how-it-works/ : The EU budget [..] accounts annually for around 1% of the EU's GNI (gross national income), or around €160-180 billion. National public spending by EU countries averages nearly 50% of their respective GNI.
They put them up with and without the EU funding info, right? Here most is not EU funded, but there are still signs, because how else do you know what is going on? Or are big construction projects completely unsigned where you live?
I mean, see Brexit; there's a bit of a "what have the Romans ever done for us" aspect to a lot of euroscepticism. Some of the more Brexit-y regions were also amongst the poorest, and thus the largest beneficiaries of EU funding (eg https://www.theguardian.com/uk-news/2016/jun/26/cornwall-fears-loss-of-funding-after-backing-brexit ) The idea is to show people the benefits of the EU, essentially. It is unclear how well it works.
I (pro-EU Austrian) think they are great, as they show that we also get huge benefits through our EU membership and that we can do such enormous megaprojects only together Also, eyesore? What do you have against the EU flag?
It is mostly within budget, estimated in 2005 were 5.5 billion €, total cost as of today are 5.9 billion €, the difference being largely attributed to the pandemic and later addition of sections.
Is inflation included? Otherwise 5,5 billion in 2005 is >8billion in 2025.
To contrast, HS2 here in the UK has cost £40 billion (€45 billion) to date with a further £25 billion (€28 billion) allocated, for a largely superterranean route of 230km.
Would be interesting to read how the Austrian project was contracted out? It seems in the UK the big construction companies have got very good in extracting a lot of money from customers, wonder if things were different in Austria with this project.
Not necessarily because no one lives underground and there are probably no existing things like property, gas lines, electricity lines, sewers, pipelines, roads, etc to avoid or reroute. And very little in the way of habitat. The longest road tunnel in the world only cost about 100 million in the 90s for 25km so tunneling isn't always a gigantic Big Dig style clusterfuck. In terms of legal complexity, it's fantastically easier than picking your way across and near thousands of individual plots of very expensive land owned by people with solicitors salivating at the potential fees, expensive private infrastructure, nature reserves and so on.
> Big Dig style clusterfuck. The big dig is probably the last major success of American infrastructure. Referring to it as a clusterfuck is representative of why we'll never get another one.
> The longest road tunnel in the world only cost about 100 million in the 90s for 25km so tunneling isn't always a gigantic Big Dig style clusterfuck. Big Dig style clusterfuck is because the simplicity and cheapness you're talking about only apply to tunnels through mountains, less so to those underwater and definitely not to tunnels under big cities i.e. land that people live on , which comes with all the complexity.
Yes, and the Austrian route is mostly in that category under the Koralpe Massif rather then the very politically awkward Home Counties (NIMBY Central, and very rich NIMBYs at that). Hence why tunneling does not necessarily mean a stunningly expensive project. We just hear about the HS2s and Big Digs because they reverberate for decades with all the legal battles.
It's not seven times longer. The Austrian line is 130km with 50km of tunnels. Length Tunnels Bridges Stations Cost Koralm 130km ~50km 100 12 €6b HS2 230km ~75km 100+ 4 €74b+ Obviously this does not give any indication of the complexity of each project. Tunnelling and building railway through a metropolis I would imagine is quite challenging.
Sounds like you might want to build the whole HS2 underground to save money.
As far as I can see, the 6bn is _just_ for the big 30km tunnel? Presumably the rest of it cost more.
You're using a strange definition of "within". It's 7% over.
In a world where large infrastructure projects regularly exceed their budget by 100-1000%, 7% is huge. It is important to show people that that is possible in government projects. If you find a more concise way of saying „with unusually small overrun of it‘s budget“ tell me. Also there were sections added after the initial estimate.
"only slightly over budget"
€5.5 billion in 2005 is €8 billion in 2025, so it can be either over or under budget depending on how you amortize the costs over the construction period.
Considering the original title is just the name of the railway, and I do not think “within budget” is editorializing, I think the commenter is being overly pedantic
I was curious about the forecasting success story here too. The German LOK article is better in this regard: https://www.lok-report.de/news/europa/item/62410-oesterreich-koralmbahn-punktlandung-bei-investitionskosten.html
I opened the article expecting to see news about the budget and how they stayed within it, since that SEEMS like the biggest surprising news in a project like this. How is that overly pedantic?
I understand your expectation. That said, I think it's ok to add detail in commentary when the article doesn't mention it explicitly. So continuing to go upon the point that the article didn't mention the budget makes you seem as pedantic. There are non-English articles on the budget too. https://orf.at/stories/3414173/
Their point was completely valid. HN policies are what help keep this place sane.
↙ time adjusted for second-chance
What folk can do (folk.computer)
What I cannot understand is why they left Dynamicland and made it a product. (Which is against everything that Bret Victor stands for). And there is nothing mentioned anywhere.
when I read "Instead of a phone/laptop/touchscreen/mouse/keyboard, your computational objects are physical objects in the real world, and you can program them inside the system itself" I do think of https://dynamicland.org/2024/FAQ/
For me folk returns 502 error. /s
Won't even begin loading for me.
↙ time adjusted for second-chance
4 billion if statements (2023) (andreasjhkarlsson.github.io)
Oh, I have an idea for better leftpad implementation, let me publish that to npm real quick!
A much cooler approach would have been to generate the ASM from the same program, rather than generate a file from python and load that file from C++. The multi-stage build and filesystem are completely unnecessary. The technique actually has a lot of practical applications, so it's useful to have a C++ library that helps you with generating amd64 machine code.
"The executable is around 2 MB"- Every dotnet programmer: "Those are rookie numbers!"
you forgot the logic to strip the final digit and assign it to v. processing the whole number is absurd
Converting to decimal is just as absurd. All you need is the final binary digit, which incidentally is the most optimal codegen, `v & 1`.
Look at Mr. Rocket Scientist over here...
Gemini took 4 seconds to answer this prompt: "Here is a number 4200020010101. Think deeply about it and tell me if it is not or or not even." So if you're concerned with privacy issues, you can run the assembly version proposed in the article locally and be well within the same order of performance. Let's thank the author of the article for providing a decent alternative to Google. ah, but the license is not that good we can't reproduce his code.
> if it is not or or not even Did you want to test the LLM's grammatical comprehension?
Young journalists expose Russian-linked vessels off the Dutch and German coast (digitaldigging.org)
Hypocrisy? I said each side acts in their interest: NATO and Russia. My point was only to ask whose interest would readers on HN prefer prevail? It's a simple question. Do we want to live in a world where Russia achieves their strategic goals or do we prefer to live in a world where NATO achieves their strategic goals? NATO expansion doesn't happen illegally. It's completely voluntary. It's a defensive alliance meant as a deterrence. And countries in NATO all enjoy much higher standards of living than non-NATO countries. NATO countries all have laws to protect their citizens and they enjoy peace from invasion. I get that Russia doesn't want that. But my point was so what? I never really denied that issue. Everybody is acting in their best interest. It's just that NATOs interests and values are also the same as my own. There's no hypocrisy here. There's just a good and bad guy in this case. I don't see the problem here.
The problem is you thinking you are the good guy, while it humbles oneself realizing you are just as bad as the next person.
> The problem is you thinking you are the good guy No, the problem is the bad guy the Eastern European countries all want protection from. I just choose to believe them when they've tried to warn the west about how bad Russia really is.
They don't even fly close to Russia in the Black Sea, I think, after an expensive US spy drone was involuntarily landed into the sea.
I would hazard a guess the last time a NATO member flew missions over Russia was when a miision went bad in 1960.
Smartphone without a battery (2022) (yaky.dev)
It is criminal that supercomputers in our pockets have expiration dates. Even cheapest phone these days is hundreds times more powerful than PS2, has better camera on par or better with most feature phones back in the days and cellular/wifi. They can be used for detection, automation or just plain fun/gaming. But no, you can't install Linux to overcome bloated, insecure abandonware (old Androids, iOS). Built-in, hot pillow of a battery that is pain in the ass to remove and even then it can't work without it.
People are nuts, that's all there is to it. They're worried about thinness, but meanwhile buy phones that are so tall and wide they cannot actually fit in a pocket. There's no benefit whatsoever to the thinness, except that someone else's phone is thicker. And no, water damage is not a concern. You can absolutely build phones with a battery compartment that can safely be fully submerged in water.
I understand. I got a Linux phone & its remarkably decent - its called Jolla https://jolla.com/
I need to know if this is running e-banking a.k.a. "we are secure, yet is that you that made this payment" apps?
> Basic phone charger <1A USB power supply was not enough to even finish booting, but a ~2A was enough to boot and launch octo4a So it's drawing >1A over a single diode? Let's say 1.4A and 700mV voltage drop over the diode, then it's roughly 1W over the diode. Won't it get pretty hot?
The diagram calls it a 1N4001 which is rated to sustain 1A (but 40% over is probably fine). A safe 1N5400 would still be pennies.
I assume GP means that it’ll work with no battery connected if plugged in.
Correct.
 Top