Hacker News: Scion9066

New comment by Scion9066 in "Illinois introduces OS-level age verification law"

Scion9066 — Fri, 13 Mar 2026 02:20:40 +0000

I just provided a more direct link but yeah it is just proposed at this point. The age assurance part appears to be substantially similar (very similar verbiage) to the bills that have already passed in California and Colorado though so I guess we'll see it again in a few weeks or months at this point.

New comment by Scion9066 in "Illinois introduces OS-level age verification law"

Scion9066 — Thu, 12 Mar 2026 21:53:13 +0000

From the General Assembly's website: https://www.ilga.gov/Legislation/BillStatus?DocNum=3977&GAID...

New comment by Scion9066 in "Show HN: Server-rendered multiplayer games with Lua (no client code)"

Scion9066 — Mon, 05 Jan 2026 03:49:06 +0000

There's already models specifically for things like identifying players in Counter-Strike 2, including which team they're on.

Someone has even rigged up a system like that to a TENS system to stimulate the nerves in their arm and hand to move the mouse in the correct direction and fire when the crosshair is over the enemy.

We are definitely already there.

New comment by Scion9066 in "CachyOS: Fast and Customizable Linux Distribution"

Scion9066 — Sun, 30 Nov 2025 12:07:58 +0000

There are some things regular distros can't/shouldn't do, like including codecs still under patents, matching proprietary Nvidia drivers with the correct kernel version, proprietary firmware for game controller adapters, the launching of Steam Big Picture mode as the default UI, etc.

New comment by Scion9066 in "FFmpeg to Google: Fund us or stop sending bugs"

Scion9066 — Wed, 12 Nov 2025 19:20:26 +0000

I believe it's: sanm LucasArts SANM/SMUSH video

New comment by Scion9066 in "FFmpeg to Google: Fund us or stop sending bugs"

Scion9066 — Wed, 12 Nov 2025 02:39:03 +0000

Popped in that context means hacked. Like in the same usage of pop in "popping a shell".

I do not think he meant it as any kind of physical/death threat.

New comment by Scion9066 in "Passkeys: They're not perfect but they're getting better"

Scion9066 — Wed, 29 Oct 2025 12:28:22 +0000

The domain that the verifier (the site trying to authenticate you) is at is part of the cryptographic process. If the domain doesn't match (ie you're at a phishing site) then the results of the cryptography won't be valid for the actual correct site, only the phishing site (which gets the phishing site nothing it can use).

New comment by Scion9066 in "[dead]"

Scion9066 — Tue, 23 Sep 2025 14:33:43 +0000

It's been supported by qBittorrent since 4.4.0 released in January 2022 when built with libtorrent 2.0. The official docker images still use libtorrent 1.2 though as that is the default.

Probably not a dealbreaker for most but it might be hindering Bittorrent v2 adoption.

New comment by Scion9066 in "[dead]"

Scion9066 — Tue, 23 Sep 2025 12:46:14 +0000

qBittorrent put out version 5.1.2 over 2 months ago:

  > Wed Jul 02nd 2025 - qBittorrent v5.1.2 release
  > [...]
  > qBittorrent v5.1.2 was released.
  > SECURITY: It contains security fixes for the WebAPI, Rss and Search modules.

New comment by Scion9066 in "[dead]"

Scion9066 — Tue, 23 Sep 2025 11:50:04 +0000

Lack of a tagged stable/release version with libtorrent 2.0 for one.

New comment by Scion9066 in "Our Response to Mississippi's Age Assurance Law"

Scion9066 — Sat, 23 Aug 2025 23:26:52 +0000

ID.me is actually a private company.

The US government does have login.gov though.

New comment by Scion9066 in "Bazzite would shut down if Fedora goes ahead with removing 32-bit"

Scion9066 — Sun, 29 Jun 2025 14:02:29 +0000

For Windows apps there's: https://en.wikipedia.org/wiki/WoW64

New comment by Scion9066 in "Kill your Feeds – Stop letting algorithms dictate what you think"

Scion9066 — Sat, 08 Mar 2025 21:53:33 +0000

Bluesky feeds are still server-side (due to needing to process all of the available posts to generate the feed) but at least you can choose which ones to use and people can make their own, which is an improvement over a single app-provided algorithmic feed.

New comment by Scion9066 in "The OBS Project is threatening Fedora Linux with legal action"

Scion9066 — Fri, 14 Feb 2025 00:53:48 +0000

The distro package in question here is a Fedora-specific Flatpak, not the Fedora-specific RPM distro package version. From my understanding, it is missing things like patented codecs which then causes bug reports to be filed with upstream, OBS, instead of the ones responsible for the package, Fedora.

Fedora has its own Flatpak repo as the default instead of Flathub (which has the official OBS package from the upstream developers).

New comment by Scion9066 in "President signs order refusing to enforce TikTok ban for 75 days"

Scion9066 — Tue, 21 Jan 2025 03:14:06 +0000

That's if he had gone with the delay mechanism built into the law if there was a plan to sell it in the works. This is just ignoring the law.

New comment by Scion9066 in "Why does storing 2FA codes in your password manager make sense?"

Scion9066 — Wed, 01 Jan 2025 18:03:30 +0000

Google Authenticator does support exporting and syncing now:

https://security.googleblog.com/2023/04/google-authenticator...

New comment by Scion9066 in "Why does storing 2FA codes in your password manager make sense?"

Scion9066 — Wed, 01 Jan 2025 18:01:02 +0000

I think their point was that it's less phishable from the perspective of needing the attacker to try logging into the site with it in realtime instead of being able to just store the password for some later time. The needed concurrency makes it more difficult (if only slightly).

I'm curious though why you don't think TOTP or similar are good against credential stuffing though, would you be able to expand upon that?

New comment by Scion9066 in "Apple Photos phones home on iOS 18 and macOS 15"

Scion9066 — Sun, 29 Dec 2024 22:29:27 +0000

From my understanding, it didn't scan all of the files on the device, just the files that were getting uploaded to Apple's iCloud. It was set up to scan the photos on the device because the files were encrypted before they were sent to the cloud and Apple couldn't access the contents but still wanted to try to make sure that their cloud wasn't storing anything that matched various hashes for bad content.

If you never uploaded those files to the cloud, the scanning wouldn't catch any files that are only local.

New comment by Scion9066 in "Apple Photos phones home on iOS 18 and macOS 15"

Scion9066 — Sun, 29 Dec 2024 22:24:14 +0000

A law by the government requiring proactive scanning of photos would in fact make the whole situation worse in the US because there would need to be a warrant if the government is requiring the scan. As long as it's voluntary by the company and not coerced by the government, they can proactively scan.

New comment by Scion9066 in "A Tour of WebAuthn"

Scion9066 — Thu, 26 Dec 2024 21:15:21 +0000

A passkey is a synced, discoverable WebAuthn credential. While many implementations protect the private keys with additional security measures like secure enclaves or TPMs, it's not required. If you want to use an implementation that doesn't use those types of lock-ins, even when they're there to protect your credentials, you can. Multiple software-only implementations exist.