A little bit off topic: but I couldn't even start to read the article because "I reached my article limit" out of I site I never visited before... What are they using to determine how many articles I've read?

Opening in a private window solved the issue, however I'm pretty sure I don't regularly read anything on this site (maybe never was an overstatement?).

Seems totally possible that the limit is 0...

Yes, the thought crossed my mind too... But then I tried a private window and it opened, so maybe the other suggestion that the cookies are very long lived is right.

I clean my cookies after every session online and had the same problem, so maybe the limit really is 0 but the dev never actually considered people using private windows? Like you could bypass NYT paywalled by disabling Java Script?

Nowadays platforms seem to track IP addresses and other signals to grant limits. Using a VPN works.

Exact same experience here.

Shared public IP?

Maybe their cookies are very long-term and you visited this site 6 months ago?

In the ~30 years I've used computers, they've become ~1,000,000 times faster. My daily experience with computers doesn't show it. There's someone out there who took the time to measure UI latency and has shown that, no only isn't it faster, it's actually slowed down. And yet, our hardware is 1,000,000 times faster...

Edit: this is the latency project I was thinking about https://danluu.com/input-lag/

What beautiful table in how it is seems sorted both by time and latency with the exception of some systems that are ahead of their time in slowness.

If you put a bit of load on the modern hardware things get dramatically worse. As if there is some excuse for it.

I had this thought long ago that the picture on the monitor could be stitched together from many different sources. You would have a box some place on the screen with an application or widget rendered in it by physically isolated hardware. An input area needs a font and a color scheme. The text should still be send to the central processor and/or to the active process but it can be send to the display stitcher simultaneously.

You could even type a text and have it encrypted without the rest of the computer learning what the words say.

I look at and click around KolibriOS one time, everything is so responsive it made me slightly angry.

The abstract of OPs link mentions "Processing-Using-DRAM (PUD)" as exactly that, using off the shelf components. I do wonder how they achieve that, I guess fiddling with the controller in ways that are not standard but get the job (processing data in memory) done.

Edit: Oh and cpldcpu linked the ComputeDRAM paper that explains how to do it with off the shelf parts.

The lack of standards falls on the acting part. I ran a quick search and found that SWGDE best practices guides and documents do consider the case for the presence of malware on the digital evidence sources on many different scenarios [1]. Having an "expert" who is unaware of these guides is another story.

[1] https://www.swgde.org/?swp_form%5Bform_id%5D=1&swps=malware

Do you have anything specific you're pointing to in those search results? Reading the excerpts, all but two are talking about malware on the analysis machine.

2012-09-13 SWGDE Model SOP for Computer Forensics V3-0 merely says to detect "Detect malware programs or artifacts".

2020-09-17 SWGDE Best Practices for Mobile Device Forensic Analysis_v1.0 seemed the most in depth, and it merely states:

> 9.4. Malware Detection Malicious software may exist on a mobile device which can be designed to obtain user credentials and information, promote advertisements and phishing links, remote access, collect ransom, and solicit unwanted network traffic. Forensic tools are not always equipped with antivirus and anti-malware to automatically detect malicious applets on a device. If the tools do have such capability, they do not typically run against an extraction without examiner interaction. If the examiner’s tools do not have antivirus/anti-malware capability, the examiner may need to manually detect malware through the use of common anti-virus software applications as well as signature, specification and behavioral-based analysis.

No, I just went to search if the topic is mentioned in guidelines (which it is, multiple times). I'd then expect a (good) expert to pick on those breadcrumbs and search on how to do that (if they don't have the skills already). If I were working on a computer, I'd try to find IOCs that point to an infection (or lack of evidence for it).

If there's a memory dump to work on, a more in-depth analysis can be done with Volatility on running processes, but it usually falls back on the expert having good skills on that kind of search (malfind tends to drop a lot of false positives).

But at least the guides gave a baseline/starting point that seems to be better than what was described. It's very difficult to prove a negative, so I'd also be careful with the wording, eg: "evidence of a malware infection was not found with these methods" instead of "there's no malware here".

What I quoted perfectly describes what they did. Ran one off the shelf antivirus scan and then considered the concern addressed.

It's obviously impossible to disprove a system had malware on it, but that fact itself should be part of any expert testimony. Especially testimony for the defense in a criminal trial.

Finding evidence of a sophisticated attack is quite difficult. Most "IOCs" are not actually very effective in such a case.

That's interesting. A project at work is affected by Windows slow open() calls (wrt to Linux/Mac) but we haven't found a strong solution rather than "avoid open() as much as you can".

It's likely Windows Defender, which blocks on read I/O to scan files. Verify by adding a folder to its exclusion list, though this isn't helpful if it's a desktop app. The difference is most noticeable when you're reading many small files.

As of now 9%. I thought hitting the HN front page could have a much larger impact on this, but it seems that's about it this time.

It isn't a great sign when a tool as ubiquitous for computer vision isn't getting to its relatively meager $500K goal.

I've chipped in - not for the future V5 - but to recognize that OpenCV is a tool that I've been using for years for various small personal projects.

When I moved some projects from OpenCV 3 to 4 I got a nice speed up pretty much everywhere, some things no speed up at all and some others pretty big. I can't really remember the numbers, but at the moment it was a global 10 to 20% perf improvement just on updating a library.

Might want to check that. Also 4.something got SIFT as part of OpenCV (instead of living in the contrib module) because the patent expired and you can now use it for free.

As for blowing up with NN packages and such... I don't really use those parts, but if the NN module had easier support to run networks trained on popular frameworks I might've used it. Disclaimer: it's been quite a while since I last tried to use those parts, so maybe now the latest version has fantastic support and I'm talking nonsense.

Thanks. I had a close look at v4, but didn't see a reason to update. Some functions got a bit faster on some architectures, some a bit slower, as usual.

Indeed, it's their trademark style. It has also worked great for them.

I ran a few tests in Windows Terminal. The bomb emoji got width 2, while the motorboat got width 1 and correct aspect ratio, though I didn't quite get to see it properly until I zoomed in like 5x. The family was rendered all as one emoji, cells wide, but left 4 blank cells before it.

So it was a bit better than the authors tests, but there's still room for improvement.

Is that Windows Terminal, or have they renamed it yet again?

Yeah, just Windows Terminal: https://github.com/microsoft/terminal/

I thought I might have missed a rename. Microsoft tends to rename things at random times.