This isn't the first of these takes regarding Israel by that poster, where they present themselves as 'not supportive of Israel, just presenting a balanced perspective' (while wildly distorting reality).
Since tptacek likes to present themselves as an authority on this kind of stuff, and does indeed have a reputation here, I feel it's important to point out that this isn't the first time they've carried water for Israel like this.
Examples: Calling Israel's exploding pagers war crime "surgical" [0] - which it absolutely was not, or, saying that Hamas should've taken the ceasefire deal they were offered [1] (rightly called out in the replies).
It's absurd to try and claim that Israel is 'no better or worse' than other nations in the 'spying on journalists phones' department. Especially when you look at why.
This is one of the many pitfalls of sharing a collective identity, whether in politics, technology, or even outright jingoist nationalism. You see it on HN all the time; people respond to the tone of a piece rather than what the actual contents are. It's pretty obvious when someone posts a message imbued with that insecurity; it's always about "the other side" and trying to create relative morality. Hasbara, in the Hebrew vernacular. Or "mansplaining" if you're a jaded progressive.
American surveillance is a pretty good example. "Lawful" intercept, geofence tracking, dragnet collection, commercial de-anonymization, America leads the way in a deeply unethical field. Yet, criticize Palantir et. al and people will find ways to argue it's necessary. Usually they create a boogeyman; "we're the good guys because we fight human traffickers and thieves" type of stuff. You don't have to look very closely at the marketing materials for these companies, they're very clear about using it on the "bad guys" to assuage the average insecurity. It's like the dog-and-pony we always see when iOS vs Android security is brought up; "it's not about my phone, it's the relative security of theirs!" When in reality, neither company is ethical or sells a secure product. They're excuses not to think, instead of logical arguments against the claim.
This isn't even a politics issue, either. These comments are a mirror reflection of one's character and their internal (often irrational) justification for an illogical stance. Often these comments aren't even rooted in a form of rhetoric, they just want to deflect the blow a little bit to cover their own ass emotionally. In the tech industry, I've noticed this happen a lot when people are embarrassed by their own work being discovered "in the wild" by peers.
There is a reason I won't name them --- the ones I know about, a fraction of the total market --- it's not interesting, and I'm not going to get into it.
I'm interested, and I'm sure I'm not alone. This isn't easily researched information, and it would be nice to have a list of organisations to put on my boycott list. These companies should be named and shamed. They have no positive influence on the world. If they disclosed instead of exploited the vulnerabilities they have knowledge of, they would improve the security of most of the world's population. Instead, they profit from the insecurity of the population. This is criminal behaviour and should be treated as such.
You'd boycott these companies, that you don't know who they are? It's not much of a boycott to stop doing business with companies you already aren't doing business with.
How do I know if I'm doing business with them if I don't know what services they offer. Years ago I ended up providing services to a company that was involved in morally questionable activities. When I discovered the extent of those activities I stopped providing services. That company was the GEO group.
See, once again, that's interesting. Especially how you can be so sure of that.
I hate to tell you, but companies like the ones you allude to are incredibly interesting. They're also probably very immoral, and should be known by people who have an interest in infosec.
The companies that sell this kind of product aren’t doing it as a side hustle. It’s not like “oh, well yea, Atlassian mostly sell Jira but also they have a team farming viable iPhone data extraction vulns.”
If you were working with one of these companies, you’d know it because it’s their primary/only product/focus.
Which is still interesting. I'm not sure why people won't name these companies. tptacek says it's not interesting, but that's pretty obviously not true. Why won't people name these companies? If they're so insulated from normal commerce, and so specialised that they only provide these services, it shouldn't really matter if anyone knew who they were. They're companies. Unless they're obviously engaged in actually illegal activities (which they may well be, but it's currently not possible for me to determine that) they shouldn't be taboo to discuss. I find it weird that people want to claim "oh yeah, they definitely exist, trust me bro, they're all really secretive, but also totally legit" but they won't mention any names.
I can only assume that there are actually some industry or professional repercussions for disclosing any specifics, because otherwise the only other logical explanation for such tight lipped discussion is that people are somewhat afraid to talk about these companies.
Also, Google, Apple, Microsoft, Meta probably have some of the most respected vulnerability research labs in the world. They, despite their many and varied other flaws, tend not to weaponise and profit from said research. I mean, they might, but they also do a pretty good job of actively and responsibly publishing this research.
I used to always remove affiliate codes from links, but after hearing about just how much revenue creators make from Amazon affiliate, I started clicking them if it’s a creator that I support (especially smaller creators).
With Amazon, apparently the creator gets a percentage commission on your entire cart. Without the affiliate link, the price to me is exactly the same - Amazon just keeps the money. I assume AmazonSmile was basically using the charity you selected as the “affiliate”, but they shut that program down.
So yeah, it hurts my individual privacy stance, but it’s a drop in the bucket compared to all the data Amazon has about me already. Commission affiliate links at least redirect some of the revenue to the creator themselves.
Wow, thanks for this tip! I've been dealing with suspend issues with an X570 Aorus Master as well.
Running `echo GPP0 >> /proc/acpi/wakeup` into a systemd unit at boot solved the issue for me... except the first sleep after a boot would always wake back up immediately.
I applied your udev rule and that issue seems to be resolved as well!
I just did `ExecStart` with `multi-user.target`. That implies the unit is `simple`, so it very well could be sequencing incorrectly at boot and failing. That's a good point; I'll have to keep that in mind!
Apologies for the confusion, I don't mean it was failing to run.
If you don't add "RemainAfterExit", the service will run at every boot, because after a reboot it is considered "inactive. This will execute your shell code, which effectively toggles wakeup.
"RemainAfterExit" is meant for unit files that change the state of your system. After running once, the service will be considered "active", until you manually deactivate it, which will execute whatever you might have set in "ExecStop".
"Type=Oneshot" is necessary for "RemainAfterExit".
In this case I still would prefer doing it via udev though. I've made it my rule of thumb to evade shell scripting wherever feasible, because it usually ends up being more brittle, and more prone to footgunning :)
I've often heard people say that "true" perfect pitch can only be accomplished with synesthesia, but I have no idea if it's true. Back when I played clarinet, I had decent relative pitch and I could ballpark a B-flat tuning note if I thought hard enough. That was enough to work my way to an absolute pitch, but it took a while.
I always imagined the mental pathway for people with perfect pitch as being completely different from mine, but I could see it being a spectrum as well.
While I didn’t switch majors, I had a similar experience with my intro EE class. My theory was that it was intentionally a weeder class to push students towards the other engineering concentrations.
Intro EE is kinda brutal in that there’s a lot of theory to cover, and you need to build the intuition on how it applies to real world circuit design on the fly.
I had a bit of an epiphany when I was in a set theory/number theory class and some classmates were breezing through proofs that I struggled with. I was having to do algebraic manipulations in a way that was novel to me, but was intuitive to math nerds. I felt like that guy who didn’t “get” the intuition in an intro programming or circuits class.
But yeah, students often get some context for math or programming in high school, but rarely for circuit design. E&M in physics at best. EE programs have solved this by weeding out anyone who can’t bash their way through the foundational theory… which isn’t great.
If you’re still interested, I would recommend the Student Manual to the Art of Electronics. It’s a very practical, lab-based book that throws out a lot of the math in favor of rules of thumb and gaining intuition for circuit design.
The thing I hated most about EE 101 though was that the diagrams predated the discovery of the electron so all the arrows point the wrong way. AND NOBODY BOTHERED TO FIX IT. It felt like taking a racketball class with my foot stuck in a bucket.
That’s kinda the whole point, isn’t it? I’m just a layman, but my understanding is that the incompatibilities of GR and QM point to a need for a proper theory of gravity. Looking at the dark matter problem from a purely GR-perspective will miss that context.
> This unique configuration offers the opportunity to combine two major lensing cosmological probes: time-delay cosmography and dual source-plane lensing since J1721+8842 features multiple lensed sources forming two distinct Einstein radii of different sizes, one of which being a variable quasar. We expect tight constraints on the Hubble constant and the equation of state of dark energy by combining these two probes on the same system. The z2=1.885 deflector, a quiescent galaxy, is also the highest-redshift strong galaxy-scale lens with a spectroscopic redshift measurement.
Not an expert, just trying to add some more context.
With time-delay cosmography[1] one exploits that unless the source is perfectly in the center of the line of sight, then the photons that make up one lensed copy have traveled a different distance from the source than photons that make up a different lensed copy. This effect can be used to measure absolute distance and give an accurate measure of the Hubble constant.
With dual source-plane lensing[2] one exploits that if two different sources lensed by the same lens, one can take the ratio of the measurements between the two sources and get results that are significantly less affected by the lens itself and is completely independent of the Hubble constant.
Carousel looks neat! I haven’t played around with Lua or LÖVE much, but this reminds me of Processing, except with more of a focus on creating useful mini-apps instead of visual art. It also reminds me SmileBASIC for the Nintendo 3DS.
What would distributing this for iOS look like? I guess it would be publishable on the App Store, since there are apps like Pythonista out there?
Gotcha, thanks! I'm not in the Apple Developer Program, but I'm tempted to do it just to be able to experiment with sideloading all sorts of LÖVE programs.
Looks like a project to open up Spotify’s discontinued Car Thing to homebrew apps.
If the devs are reading this: the GitHub README and homepage both don’t have a description of what the project is. I had to click around for a while until I found the about page.
This is like the 20th Cool Thing that I’ve seen posted on HN that could be explained by a photo and yet the creators seemingly didn’t even think to take one (despite building out a whole website and everything). How does this keep happening?
I also just posted a few images - the GUI has changed so much over the last couple months that any photo I would've taken would be outdated as of now. There's a lot of content on the subreddit though!
I was thinking the same thing! I was looking all through the repo and site to see if they had any pictures of the apps running, or a setup using the device. To me, this is the easiest way to sell your project and show how cool it is!
Even knowing what it is, and having a Car Thing somewhere in a box in a closet, I still don't have any idea what this DeskThing thing is.
Some Chromium shell with yet-another-appstore that can somehow show (or maybe control) Spotify, Discord and weather, with Trello and Audible planned is my best guess. I guess, a couple screenshots or photos would've done wonders in this regard.
Either way, I fail to understand why I might prefer a separate low-power device to do something with the apps I can already see and control from desktop. But I'm glad someone found a use case for their Car Thing.
TBF... this has just been a personal passion project for me. I'm new to the OS scene and just did this for fun - not expecting people to actually use or be interested in it as much as they are.
I'm just a guy who hasn't even graduated college yet ¯\_(ツ)_/¯
I'm not sure how someone manages to make an entire project like this and provide absolutely zero pictures of it. Almost impressive how someone can just completely forget the most important thing to get people to understand what your project actually does.
I have a CarThing and managed to get this working on it after several attempts and it is actually pretty good. If they revamp the website and README it really has the potential to take off.
