The attacks occurred on an old version of the long-retired application Ricochet that lacked new features The Tor Project has released since to mitigate against the kind of 'timing' analysis described in the articles.

100 milliards dépensés dans l'IA au lieu d'autres secteurs comme l'éducation.

Comment cette technologie va-t-elle être rentable avec la consommation en ressource nécéssaire?

In addition to the content of web pages, it's important to record how this digitized content is constructed and served. The HTTP Archive provides this record. It is a permanent repository of web performance information such as size of pages, failed requests, and technologies utilized. This performance information allows us to see trends in how the Web is built and provides a common data set from which to conduct web performance research.

Matt Brichler on the 99% of people lie:

"People have a terrible habit of assuming “everyone” does something, when that’s simply not the case."

Everyone thinks that their perception of the world is correct. It’s only when you begin to realise that the way you look at things is nothing more than your perspective that it becomes infinitely more valuable.

The best thinkers can see things from other angles and come to open conclusions with the confidence to both defend their position and be open to new ideas.

ICMP packets with "LOVE" in ASCII.
TCP packets with different window sizes.

This strange traffic mimics legitimate data streams, and while it's not known if it's malicious, its true purpose remains a mystery.

• Generative AI has polluted the data
• Information that used to be free became expensive

If someone is collecting all the text from your books, articles, Web site, or public posts, it's very likely because they are creating a plagiarism machine that will claim your words as its own.

quick recap

• arc boosts can contain arbitrary javascript
• arc boosts are stored in firestore
• the arc browser gets which boosts to use via the creatorID field
• we can arbitrarily chage the creatorID field to any user id

thus, if we were to find a way to easily get someone elses user id, we would have a full attack chain

when someone referrs you to arc, or you referr someone to arc, you automatically get their user id in the user_referrals table, which means you could just ask someone for their arc invite code and they'd likely give it

[about the tech stack with k8s] the payoff feels abstract and are hard to quantify.

It's the same for OSS dependencies.

what if platforms like AWS or GitHub started splitting the check? By adding a line-item to the invoices of their customers to support Open Source finding.

For example, 3% ?

OSS projects have no governance and most of them are not ready to receive money though. How to distribute this tax too?

Another model is to pay depending of how many developer there are in the company.

The second step after recognizing the OSS funding issue is having a baseline funding amount.

Des toilettes sèches pour consommer moins d'eau et revaloriser l'urine riche en azote (illustration).

Brands go to Sans Serif fonts and uniform logos.

Reasons?

• "modern utility": Cleaner and more legible, they are better suited to a variety of media and work particularly well online. The purity of these fonts allows the brands to be an empty vessel, ready to accommodate rapidly shifting trends.
• simplification: to being a trusted, dependable part of people’s everyday lives.
• Brands are also defined by their products now: they become words and does not need a big logo.
• readability: even if it is becoming less of an issue

Shoot for simplicity and legibility, but keep your distinguishing features. Don’t throw away what the brand has been working on for decades.

La Commission pourra faire appel de cette décision.

About the explosion of pagers in Lebanon.

On Tuesday things changed. Whoever got admitted at the hospital with a specific kind of injury will end up in some list. Social networks will be traced and new targets will be identified.

The lessons that software developers can learn: Supply chain attacks in the real world happen every day!

I want to insist because it seems that it's not clear for everyone yet. There is no other way to mitigate software supply chain attacks for an ecosystem / programming language than to build an extensive standard library.

If Rust want to be seriously considered to build the foundations of computing, the number one and only priority of the Rust foundation should be to work on building an "extended standard library", let's call it stdx

LinkedIn content is now used to train AI.

There’s some good news for users in the EU, the UK, Iceland, Norway, Liechtenstein (both of them!) and Switzerland as their data isn’t being used to train LinkedIn's AI at all and won't for the foreseeable future.

Une critique de la vidéo de McFly et Carlito avec Jean-Marc Jancovici. Certains sujets pertinent ont été abordé.

En revanche, les inégalités sociales face à l'écologie ont été absent de la discussion, de même que la gestion des transports (en réduisant le débat à la voiture) et des autres considérations que le carbone.

si ces actions individuelles ne sont accompagnées d’aucun changement politique, ces petits gestes resteront vains.

avoir recours au covoiturage est une bonne pratique pour réduire nos émissions liées au transport, mais cela n’enlève rien au fait que de nombreux territoires français sont dépendants de la voiture, elle-même dépendante de l’essence ou du diesel.

La sensibilisation aux plus grand nombre est cependant primordiale !

Mediapart, Le Canard Enchaîné, La Lettre, Glitz Paris, Miss Tweed, L'Informé, Puck (US).

À voir comment cette loi sera appliquée; et comment les entreprises montrerons la rémunération.