-
Idris is an awesome language to dive into dependent types or go beyond Haskell. The book takes you by the hand with great examples. I’m thinking that the reading CSV example couldn’t benefit much from using dependent types.
-
I think that the idea behind using Lodash is to avoid having to rewrite many functions. Yes, with the new ECMA standards you can actually write them in a neat way. But, it doesn’t mean that we should be reinventing the wheel every time.
Also, I replaced Lodash with Ramda a long time ago. Maybe because I came from Haskell and I really needed the base library functions.
-
-
Sincerely, I didn’t see why it was useful to make this example with clojure if at the end they would simply make and FFI
-
I think a big advantage is that all the steps along this process have well documented installation mechanisms, even if its heavy handed.
The C++ example would be great, except that now you are managing C++ builds. And for a lot of people this is tricky! I still remember suffering a lot when trying to learn game programming purely from build-related issues. Stuff that gets a bit nicely handled in newer ecosystems
-
-
A group of Lobsters? on LinkedIn, count me in. Just sent a request
-
juanpaucar
8 months ago
|
link
| on:
Websites use your CPU to mine cryptocurrency even when you close your browser
Since no antivirus will do something and some adblockers won’t block it. I’ll just post my five cents
127.0.0.1 coinhive.com www.coinhive.com-
-
Awesome, I had never come across a curated list of that kind.
-
-
-
Why are we just knowing this. Networking, drivers and web servers, basically a bunch of vector attacks to gain control over the CPU which has lower ring than Ring 0. Could we assume that people (NSA, white/black hackers, etc) with this knowledge are already taking advantage of this?
-
Everybody who read the manual knew about this (except maybe the fact it’s minix based). https://www.intel.com/content/www/us/en/architecture-and-technology/intel-active-management-technology.html
-
I beg to differ. For the record, not even Tanenbaum knew about it. That is, of course, until he read this link
-
except maybe the fact it’s minix based
That’s what the thread is about. I agree on the other point as I hated arguing about Intel randomness instructions and such when the manual said it was backdoored in another way.
-
-
-
-
It should be enough by salting the password with a site secret before hashing the password, right? Or Am I missing something
-
He is not sharing compromised hashes. The list is full of passwords that were associated with one or more account in plaintext or otherwise cracked. The reason he gives out the information as SHA1 hashes is to increase the effort required to have the full list of passwords in plaintext. This allows people knowing their own passwords to hash them and see if the hash is in the gigantic file but someone else wanting to use this ie. as his john the ripper seed would need to spend significant time on brute-forcing all of those first.
-
I don’t honestly see much difference than just releasing the passwords, I know people in the competitive password cracking scene will chew through the vast vast majority of these in days time. I actually use the hashes.org leaked list on penetration tests, and they have a wonderful % cracked statistic for each of the password lists as well as the plaintext download. I predict that it’ll be 95% cracked by the end of the weak.
-
-
Troy said some passwords reveal personal information. I can only imagine what could potentially be around behind those hashes.
I predict that it’ll be 95% cracked by the end of the weak.
It at least gives the general public a week to check if their re-used password is there, with an easy web interface to test that. People who know what they are doing are not really impacted by that release… but it can serve as a nice way to make some less technical people more aware.
-
Passwords that “normal users” use almost exclusively have personally identifying info (pets, family, street addresses, phone numbers, job titles, etc). I feel like this is just casting FUD about whether accounts are compromised, the effect of showing someone a hash vs showing their passwords in plaintext is surprisingly psychological in my experience. Plus, if I have learned anything since things like the linkedin dumps, no one actually checks to a degree that attackers normally care.
HIBP has been around for ages, this isn’t just a week thing, and it hasn’t changed much in my experience. I always like HIBP because Troy didn’t release it, it always made the barrier to attack having to first find the user information, enter it into the API, check if the list for a match of compromised account with public wordlist, actually match the account. This is essentially releasing it without a couple percent of passwords.
-
-
-
Thanks, i missed that part
-
-
-
Wow, I didn’t expect to find monoids there. However, I would have loved if there was a link to more information or how the monoids are used there. I missed that part between monoids and how they are useful for those probabilistic algorithms
-
MapReduce is actually in the monoid wikipedia entry. Not that this is exactly MapReduce but the idea mostly holds. The Summingbird framework was also based heavily around monoids IIRC
-
-
This is specially interesting considering that with little effort other languages can be integrated with electron. So, in theory somebody would only need to compile for the different platforms the executable (in other language) and add it the corresponding distributable from electron for each platform. I was watching this meetup from somebody ate WagonHQ https://youtu.be/mUAu7lcgYWE. I’m gonna try to create something
-
We’ve been using BEM exclusively for all new projects in my department and love it. It has much clearer and simpler rules to follow than most other CSS naming conventions.
It’s true, you are not going to have a proper grid layout and other styles the CSS frameworks provide.
There isn’t anything inherent to BEM that prevents you from using a CSS grid. For example:
<div class="grid"> <div class="grid__row"> <div class="grid__column grid_column--3"></div> <div class="grid__column grid_column--6"></div> <div class="grid__column grid_column--3"></div> </div> </div>I realize that the above may look excessively verbose. But there is a good reason for the repetition, which is that it keeps specificity very low.
-
Sure, but you could still extract those classes
grid__columnto something more meaningful to understand the content and structure of the HTML. Later, you could move all that grid logic to an inner class, with a better description of the HTML, by putting it inside amixin(later imported with aincludeand most encouraged way) or in the class (later imported with aextend). In any case I usually decouple the grid logic from the classes in my HTML. Because, in the end, using classes that can actually describe the content and structure will make it agnostic to any grid we want to use (CSS grid, Bootstrap, etc) just by adding it to SASS or LESS mixins later (when using preprocessors, of course).-
-
My company recently recorded a podcast interview about how we organize our CSS - spoiler alert, we use BEM as a part of our system. We also DO use grid css classes, however, without converting them to mixin into more-semantic classes. I think it’s just easier to see how the content maps to the layout that way.
It’s been proving a really nice system for growing applications, though. It’s seldom we get caught in specificity wars, and the structure we throw on top of it makes it fairly easy to guess where you’re going to find css class definitions.
-
-
It’s worth to note that it was long ago that uBlock had a commercial owner. Therefore, the recommendation was to use uBlock origin, which was a fork from the original co-author of uBlock. So, as long as you use uBlock origin… Dismiss this story
If I recall, was it not gorhill who made uBlock, and in an alien event, handed that over to Chris, which in turn made uBlock the monster it is today? Please correct me if I’m wrong.
That’s my recollection of that history too