Hacker News: tomudding

New comment by tomudding in "[dead]"

tomudding — Fri, 05 Dec 2025 09:18:46 +0000

which is at least detected by https://downdetectorsdowndetectorsdowndetectorsdowndetector....

New comment by tomudding in "Boeing 787s must be reset every 51 days or 'misleading data' is shown (2020)"

tomudding — Thu, 24 Oct 2024 20:27:35 +0000

(2020)

New comment by tomudding in "A Vulnerability in Implementations of SHA-3, Shake, EdDSA"

tomudding — Tue, 07 Mar 2023 08:34:07 +0000

Yes, fixed in all (at the time) supported versions in October last year [0].

[0]: https://github.com/php/php-src/commit/248f647

New comment by tomudding in "Wikipedia’s Redesign Is Barely Noticeable. That’s the Point."

tomudding — Thu, 19 Jan 2023 17:17:53 +0000

I have been using the Timeless skin [0] for quite some time now and the main reason I switched was that the content would be a bit more condensed towards the middle of the page. This helps a lot on larger monitors and I can see why this new theme also does something similar. However, the large amount of whitespace on the sides is just wasted and in combination with the fact that more interaction is required to do basic things (like changing the language of a page) is something that makes this new theme not "barely noticeable".

[0]: https://en.wikipedia.org/w/index.php?title=Main_Page&useskin...

New comment by tomudding in "Tencent WeChat is now a GitHub secret scanning partner"

tomudding — Tue, 20 Dec 2022 12:01:23 +0000

There is a list of partners [0], I thought I had seen regexes at some point but I can no longer find them.

[0]: https://docs.github.com/en/enterprise-cloud@latest/code-secu...

New comment by tomudding in "Greg Bear has died"

tomudding — Sun, 20 Nov 2022 12:37:16 +0000

He leaves behind a great legacy. I can highly recommend Blood Music, Eon, or Forge of God if you have never read one of his books. However, my personal favourite was actually the (Halo) Forerunner Saga series.

New comment by tomudding in "EasyList is in trouble and so are many ad blockers"

tomudding — Wed, 19 Oct 2022 19:33:29 +0000

Cloudflare caches robots.txt by default when proxied (the only .txt-file that they automatically cache), for all other content the following from their ToS probably applies:

> Use of the Services for serving video or a disproportionate percentage of pictures, audio files, or other non-HTML content is prohibited, unless purchased separately as part of a Paid Service or expressly allowed under our Supplemental Terms for a specific Service.

We will never know the reasoning of the support agent who replied to the EasyList maintainers, but I can imagine that it is indeed disproportionate for EasyList.

I really hope that Cloudflare actually sees that they are making a wrong decision here and actually help the EasyList maintainers.

New comment by tomudding in "EasyList is in trouble and so are many ad blockers"

tomudding — Wed, 19 Oct 2022 19:28:36 +0000

GitHub has a soft limit of like 100 GB/month on transfers for Pages. According to the Adguard blog post traffic was already several TBs a day before the issue arose.

New comment by tomudding in "OBS – Open Broadcaster Software"

tomudding — Wed, 22 Jun 2022 05:31:08 +0000

> but want to make sure we do it right.

Make sure you do it differently than how Muse Group did it with Audacity (specifically the announcement and explanation of why and what parts) [0]. Which I'd argue is not particularly difficult to do.

[0]: https://arstechnica.com/gadgets/2021/07/no-open-source-audac...

New comment by tomudding in "Mozilla and the EFF publish letter about the danger of Article 45.2"

tomudding — Fri, 04 Mar 2022 11:28:10 +0000

Previous discussion here:

https://news.ycombinator.com/item?id=30499150

New comment by tomudding in "Ask HN: Is Gmail spam out of control for everyone else too?"

tomudding — Sat, 12 Feb 2022 20:42:32 +0000

It has been an issue since September/October last year, but occasionally it seems to get worse (and then suddenly no spam mails).

New comment by tomudding in "LAN-port-scan forbidder, browser addon to protect private network"

tomudding — Sat, 15 Jan 2022 17:56:17 +0000

Scanning the LAN through your browser is nothing new. JS-Recon from AnD Labs [0] is a tool from 2010 that could do it. I have seen eBay [1], Facebook [2], and Halifax [3] do it too, albeit for other reasons than scanning for outdated devices (fraud/loss prevention). LexisNexis' ThreatMetrix [4] is commonly used to do this.

Please note that this is a copy of a comment I made 2 years ago and I have not tested the links to see if they are still correct.

[0]: https://web.archive.org/web/20101128053633/http://www.andlab...

[1]: https://forum.ultravnc.net/viewtopic.php?f=7&t=33509

[2]: https://www.reddit.com/r/AskNetsec/comments/4j0nas/why_is_fa...

[3]: https://www.theregister.com/2018/08/07/halifax_bank_ports_sc...

[4]: https://risk.lexisnexis.com/products/threatmetrix

New comment by tomudding in "Firefox – Fix parsing of content-length http3 header"

tomudding — Thu, 13 Jan 2022 15:34:08 +0000

> Can anyone tell me which other "large" projects have this capability?

I'd say that all popular apps (Android/iOS) have such functionality. Most will probably use it for A/B testing, but technically you could change anything you'd like with it.

Apart from the companies creating their own implementations [0], popular services I have seen include Optimizely [1] and Firebase Remote Config [2].

[0]: https://engineering.fb.com/2014/01/09/android/airlock-facebo...

[1]: https://www.optimizely.com/products/intelligence/full-stack-...

[2]: https://firebase.google.com/docs/remote-config/

New comment by tomudding in "Ask HN: Firefox connection problems after enabling DoH?"

tomudding — Thu, 13 Jan 2022 09:12:38 +0000

> Or you simply didn't know that Firefox made it the default a while ago.

Oh, interesting! I did not know it is a default now. I can imagine why they would enable it by default, but when Cloudflare (which I assume is the default DoH provider) has a problem at some point everyone is doomed.

Really wish they also could make it so the data collection part is opt-in instead of opt-out (which at this point in time appears to be the actual cause of this problem).

New comment by tomudding in "Ask HN: Firefox connection problems after enabling DoH?"

tomudding — Thu, 13 Jan 2022 08:43:49 +0000

Disabling DoH and properly closing Firefox most certainly works (for me). However, if you had enabled DoH then you probably do not want to turn it off, in which case disabling HTTP/3 as mentioned is the only proper solution.

New comment by tomudding in "An iframe from googlesyndication.com tries to access the camera and microphone"

tomudding — Sun, 19 Dec 2021 16:53:07 +0000

I think this can also be a good thing, as long as you also use software which makes sure you have a distinct 'unique' fingerprint for each session.

Not that I am a huge fan of Brave, but I think they have implemented something like this for certain (or all) APIs. You will still have a unique fingerprint, but it should not match to any previous fingerprints you had in the past.

Edit: see https://brave.com/privacy-updates/3-fingerprint-randomizatio...

New comment by tomudding in "An iframe from googlesyndication.com tries to access the camera and microphone"

tomudding — Sun, 19 Dec 2021 16:11:12 +0000

I think this sounds more like some sort of fingerprinting attempt. It good to see that random access to these kind of resources fails due to new(er) browser controls. However, this does not mean that the fingerprinting actually failed.

There is probably some way to determine if the request was denied automatically by the browser or manually by the user (e.g., time to get "response"), which is definitely something which can be used for fingerprinting.

Which reminds me of fingerprinting by tiny differences in the audio API provided by browsers [0]. Super interesting, but also a bit depressing. Also works for things like canvases and WebGL.

EFF allows you to check how fingerprintable your browser is [1]. Do note that the results may not be very accurate.

[0]: https://fingerprintjs.com/blog/audio-fingerprinting/

[1]: https://coveryourtracks.eff.org

New comment by tomudding in "CCPA Scam – Human subject research study conducted by Princeton University"

tomudding — Sat, 18 Dec 2021 15:09:21 +0000

While I personally believe the questions stated were perfectly reasonable (and could have been genuine questions from someone), I can understand that people feel (legally) pressured to provide answers to the questions. Which puts this study in a grey area.

With regard to GDPR, the "respond within x" is simply not applicable. The one month period is strictly for any requests concerning Article 15 through 22 and none of the questions are talking about any of that.

Now, if one of the questions was something along the lines of "do you process any information related to me?" then it would potentially fall under Article 15.1 and would require a timely response. IANAL, however, I think in such cases you could simply point to a privacy policy, which you are already required to have.

New comment by tomudding in "Hetzner now provides IPv6 only dedicated servers"

tomudding — Tue, 07 Dec 2021 15:27:51 +0000

They increased the prices recently, without any VAT a new instance of the CX11 is now €3.49 p/month.

I do hope they will start providing cloud instances without IPv4 soon too (they say they are working on it).

New comment by tomudding in "Google Outage in Europe"

tomudding — Fri, 12 Nov 2021 10:48:22 +0000

Probably related to the Google Cloud "service disruption" that started earlier this morning: https://status.cloud.google.com/incidents/1xkAB1KmLrh5g3v9ZE...

It was very frustrating to see DNS working perfectly fine (since DNS is always the problem) and the connections just timing out.