It’s also pretty ridiculous how poorly it actually works. Recently I wanted to cash out some crypto, and the platform I was using was telling about their “peer-to-peer (P2P) rules to comply with anti-money laundering (AML) and Travel Rule standards”.

I could only transfer funds to the exchange if I verified I own the account on another platform.

So all you have to do to verify it, is make a screenshot of having an account on a different (non-KYC) platform. When you verified you also own that other random wallet, everything is fine…

Soo, sending crypto “peer-to-peer” directly to the exchange is a big problem - but if you add an extra wallet in between as an extra hop, that you’ve verified to own but is off-platform - it doesn’t matter anymore how that crypto got there

I guess it’s cool - you can port some stuff from Postgres like pgVector and make Mysql a vector database.

On the other hand, I’m also think ‘why?’. At some point just use Postgres instead of overcomplicating Mysql with extensions

Yea, well that was my first though, but then I though - why would chrome even allow any website to just arbitrary check which extensions you have installed.

So I checked the scripts and at this line the script is showing

async function fetchExtensionInfo(extensionId) {
  return new Promise((resolve) => {
    const url = `https://chromewebstore.google.com/detail/$%7BextensionId%7D`;

So I thought maybe they were calling the chromewebstore foreach plugin, and if you have an extension already installed, you get a different response than when you don’t - or something.

But I suppose I’m wrong and for some reason a site can just ask the browser internally which plugins are installed

Uhm, doesn’t really sound like this could be true. Maybe I’m missing something?

You’d see 2953 get requests in your network tab, right?

And the article says:

LinkedIn silently probes for 2,953 Chrome extensions on every page load.

Surely it would be drastically noticeable if for every page load they do 3k get requests to the chrome store

I don’t think this has been mentioned, but it kind of depends on where your multiple laptops / desktops are. Is this always on your own home network? Because in that case you don’t even need a remote service like Github

If so, you can create a network drive on any of the devices - mount the network device on your other devices, and then create a local git repo there. Just remember that using an external git service is also a backup. So if you do everything locally, make sure to have your own backups in place

A much, much worse but also possible solution is to just put your projects into onedrive/dropbox/gdrive and sync it everywhere. It works for syncing, since you’re saying that’s the main objective - but you lose out on version control

However, what is stopping a malicious actor from bypassing the API gateway and communicating directly to the micro services ? Do we solve this problem using a firewall, so only trusted traffic reaches the micro services ?

Kind of - sort of

With this kind of setup, usually you’d put all your micro services inside a VPC. The micro services wouldn’t even be directly accessible from the internet. So it wouldn’t really be a “firewall” - but a nat gateway.

Though conceptually a little bit the same. The API gateway is kind of acting as a firewall

It’s ChatGPT that’s commenting this, isn’t it?

To be fair, it’s not that crazy - your agents are generating a lot of data that Azure DevOps is storing. And they’re doing a bunch of other things like release management and showing test results over time, etc etc

I’m using Azure DevOps practically free - (unless I build way too much and run out of free credits for the month)

But since so many things in Azure DevOps are already free… If you’re going to start substituting the paid features like extra build agents with your own “free self hosted agents” then where are they getting any money from?

Probably not “coolest” as in ‘best code ever’ or most complex code ever - but that got most coverage. So I think it’s pretty cool

https://www.youtube.com/watch?v=ifJnWVSoyAY

Yes, but it includes your chat and voice chat history in the CoD, League, Dota and Counter Strike lobbies… 😉

It depends on the registrar. By the rules of icann:

At least annually, a registrar must present to the registrant the current Whois information, and remind the registrant that provision of false Whois information can be grounds for cancellation of their domain name registration. Registrants must review their Whois data, and make any corrections.

So if the FBI concludes that the provided WHOIS data is false, they could potentially still use that as reason to seize the domains

Pretty cool. I tried to google it, and I couldn’t actually find the source for it. Just a bunch of articles about it and a reddit thread.

I’m curious what it’s written in

If it’s “open source hardware” wouldn’t it be pretty easy to put it different screens?

Like it also only had a 2 GB SD card… I’d guess most people would upgrade that

Microsoft WannaCry

Are there existing tools you love (or hate) that do something similar?

This sounds similar to “Static code analysis” tools. Especially now that these code analysis tools are getting AI integrations.

For example we use coderabbit.ai. That does a code review on PRs in github, and reviews these sort of things. Especially the simpler things that you’ve mentioned like poor naming conventions, violations of language-specific best practices, and readability issues. I’m not sure if it will automatically come up with “large refactoring opportunities” by default - but maybe you can custom-prompt configure it to try, I guess

(Comment) Why have a separate webpage if such of helper can be built into IDE/editor?

Coderabbit also has IDE extensions: https://www.coderabbit.ai/ide - I think the separate webpage exists for org level configurations and overviews. These “best practices” are probably defined on a team level to ensure everyone uses the same code-style and things like that

I’m not sure if “just a website to copypaste code and get reviews” is really a good idea. Maybe for juniors that want to review one class or method or something. But usually code is spread across multiple files, and structural refactor opportunities are on a larger scale then just a couple files

On September 19, Ruby Central, a nonprofit organization that manages RubyGems.org, a platform for sharing Ruby code and libraries, asserted control over several GitHub repositories for Ruby Gems as well as other critical Ruby open source projects that the rest of the Ruby development community relies on.

Uhm, so how does this happen? If some people create Ruby Gems and host them under their own github account, how would Ruby Central suddenly assert control over them?

I’ve seem so many ads for Brave Browser… If it’s supposed to be private and anonymous and a free browser - where are they getting all this money for all those ads?

Just spreading the word from: https://programming.dev/post/37913329/19530188

Assuming you need to keep your account for work, here are the direct links:

1. Go to this page and turn it off: https://www.linkedin.com/mypreferences/d/settings/data-for-ai-improvement
2. Submit this form: https://www.linkedin.com/help/linkedin/ask/TS-DPRO

In addition:

• check this page for other privacy settings: https://www.linkedin.com/mypreferences/d/categories/privacy
• Delete unnecessary personal information:
  • Profile image > Manage > Posts and Activity
  • Profile image > View Profile > remove anything you don’t need to include
  • Go to this page and delete old resumes: https://www.linkedin.com/jobs/application-settings/

Reality Check #1 19/20

This thing messed me up:

They both looked like they could be AI - but to me it looks like that one has an AI artifact

You really have time to consider all those aspects of every individual torrent?

If the disks are getting full, just buy another 30 TB disk and add it to the server…