Thanks for posting your console logs. The game renders in an iframe - it's that second cloudfront request that's failing. Those ERR_BLOCKED_BY_CLIENT errors make me think an AdBlocker or similar is preventing it from loading?
Please elaborate. MySQL/MaraiaDB can be pretty relaxed when it comes to SQL standards (which you can disable/tweak), but I've yet to have data loss or data corruption. And speaking from experience - the system would be at it's knees and MySQL would happily do it's best to answer queries.
I'm not saying Postgres isn't stable (haven't really used it) - I'm just rather suspicious of the comments here. I find it hard to believe that it's as broken as people here claim when big businesses are using it [1].
Same here. I've been a MySQL DBA for over 10 years and I've never had data loss or corruption even with power supplies dying and servers shutting down completely.
I've also used PG in quite a few projects and I can't say I find it better or faster at least for my usage. If anything it's more difficult to manage, there are way less decent tools to monitor, profiling is a PIA and those backslash commands just drive me nuts. I hate stuff like "\dt".
How do people fall for phishing scams or running malware from an email attachment? The answer to that question is the same to yours. I think it's a combination of lack of public education about scams and the belief that the email or phone call is legit.
And I think it's really interesting. A lot of people talk about "infected" PDFs - I've personally never seen that but what I usually see are:
invoice.pdf.exe
invoice.pdf.js
Most sane email providers should scrub that attachment (or bounce it) - however email providers such as AOL don't. Thanks AOL.
I run my own email service and I get emails like these all the time [1]. And if you are someone who takes the tollway daily it could be a scary email that you open right away.
I do want to mention Amazon's practices. So it appears their system glitches and spews out this email to random people [2]. This email is plain text and, at least the last time I logged into my account, has no indication that they want this information (it does say that "functionality is limited" but those instructions that say to login to the site and submit your information are incorrect which immediately makes me think it's a scam - it even has typos that you would find on a scam email!). It's even been reported that customer service says that it is a scam. However, it is real and an easy template to scam people out of their identity. For less than the cost of a cup of coffee at starbucks you can get an 800 number from a VOIP provider with faxing ability. I've contacted Amazon about it....and they just sent me the same email back. Thanks Amazon.
(You don't know how tempted I am to write a cron job that faxes a copy of my drivers license to them every hour)
> Once the relatives get wind of this, there is a simple solution. Get a new phone number for the person in question. And even more critical don't cancel the old one.
Or an even better idea - transfer the number to a reputable VOIP provider and setup the number so that it rejects calls from all numbers except for the ones you specify. Your loved ones can still call but any other scammer would get a busy signal or whatever you specify as the destination. You could even direct unknown calls to you (you can setup a time condition) - and that would give you the ability to add that number to the whitelist if it was a legit caller.
Added benefit - the service will be vastly cheaper.
> If the old number has been cancelled, the scammers know you're on to them.
I can guarantee you that they don't care if you are "on to them". They just stop calling because no one is picking up the line.
> I can guarantee you that they don't care if you are "on to them". They just stop calling because no one is picking up the line.
I think that depends on how big a fish you are to them, or at least your relative size in their food chain. If you have someone worth a few hundred to you every month, you'll probably put in some extra work if you can't get that money for a month or two to try to recover that source.
There's the opportunity cost to the attacker as well.
Sure, they could walk around your barriers and scam your relative... or they could shrug it off, carry on with their list, and scam another five or ten people in the same time frame.
No offense but I didn't mention a specific VOIP provider on purpose.
However, callcentric already has it built and much easier to understand than twilio. I'm not saying that service is bad - but the average person doesn't know what API, cloud, or SIP means (or care). Callcentric makes it pretty obvious what their service is and provides and how to use it.
Funny. I've handled a lot of dialer traffic for customers, as an intermediary (a billion calls every day or two).
"Legal" robo dialer is fairly easy to block. We blocked it on our systems using the same ideas as in the link. Look for repeated calls, low call duration, etc. However, this did not impact our calling stats at all.
That's right, even filtering out all the "known" dialer, we still had tons of shitty dialer traffic coming. The scammier the dialer, the more inclined they are to just make up a new caller ID for each call. Then there's no real pattern and it's easy to slip through. This is illegal and the FCC can fine $10K a day or something. But they don't.
That's the REAL problem. There's never any follow up. Sure, end-users complain now and then. What does that do? It makes one telco pass up a request "please review or block this number". That's it. It is utterly ineffective.
If the FCC was actually serious, they'd start enforcing rules and hold companies accountable. If I, as a VoIP provider, am liable for my customers to a certain extent, then I'm gonna be a bit more selective. I'll make sure my $29 customers aren't faking caller ID or sending lots of calls. On the wholesale side, I will make sure my contracts contain harsh penalties and keep customers liable. It'll take a few months for stuff to trickle down and be enforceable, but eventually the FCC can simply start handing out fines and this whole game will be over.
There's nothing really stopping this from happening other than the FCC not wanting to do it. Sometimes people say "oh well the problem is someone in Elbonia can sign up for $15 and get going" - yeah well eventually their calls hit the US network, and US law applies. If the provider is letting the Elbonians do their scam, the provider is liable. End of story. Suddenly, providers will require a deposit and scammers will piss off.
It doesn't even have to be a large fine. Just making the cost of making up a new identity be non-trivial (a few hundred dollars is probably enough) will put a pin in it.
One is welcome to ship an Asterisk implementation of it any time one feels like doing so. One has not shipped an Asterisk implementation. One may underestimate to which degree ideas, revolutionary or otherwise, are improved by actually shipping concrete instantiations of them which actually work.
Incidentally: NoMoRobo gains some utility specifically because Twilio exists. A trivial example: phone numbers have a history to them. Most customers of Twilio want to buy phone numbers with a relatively clean history, i.e., ones that were not widely distributed prior to their life with that customer, to avoid misdirected calls or e.g. reputational issues. NoMoRobo wants precisely the opposite -- they literally ask Twilio to provision them with phone numbers which are otherwise unsaleable to customers, for example because those numbers are actively getting spammed to death. (Twilio has an entire team of people whose job is telephone number quality. Things you wouldn't have guessed existed in the world, right?)
This works great for NoMoRobo's use case, because a phone number getting spammed to death is perfect for them -- it lets them cheaply capture a lot of phone numbers which one has a high confidence are spam rather than ham.
Fun/rude anecdote: We (a VoIP provider) once got a number that was getting 250K calls every week. Not because telemarketers were calling it, but because that ID was being usd to make a lot of outbound calls. So people would call back, upset, trying to figure stuff out. We dumped the number (no sense paying for all that traffic), but not before shunting it into a conference call (and playing a message telling them so).
It was rather interesting to see how people reacted together. One person would call in, angry, another person would call in, soon there'd be 4 people all yelling at each other "Well you called me!" "No I didn't!" "Now listen here, I think maybe the wires are crossed" and on and on. Sometimes they'd gang up together and try to sort problems out, but often it'd just degenerate into name calling.
Anyways, it's sad that NoMoRobo exists. The FCC could trivially put an end to scam calls, robo-dialing, etc., with a couple days of drafting a new regulation, and then a few months to implement it. Source: I've handled billions of calls, much of which were dialer traffic. I've worked on both sides (trying to block traffic, trying to get upstreams to take traffic).
> I don't think his idea is revolutionary - one could setup Asterisk to do what he did.
Twilio is stupid simple to prototype and get up and running with, at which point you could transition to your own SIP provider with a cluster of Asterisk servers when you're at scale.
I'm surprised to see this on HN. This should be called "Illegally download any song".
I think the project is extremely cool and you have props from me - but I hate it when people try to skate the simple fact that stuff like this is illegal. ROMs and emulators have shown up on imgur many times as "free" - like as if the publishers have released the rights to the game(s).
I don't know what country you live in - but in the US it's pretty clear on the court's stance on scraping [1]. I'm not saying I agree with it - but that is the legal precedent.
> Although these are early scraping decisions, and the theories of liability are not uniform, it is difficult to ignore a pattern emerging that the courts are prepared to protect proprietary content on commercial sites from uses which are undesirable to the owners of such sites.
Straight from the youtube TOS [2]:
> Content is provided to you AS IS. You may access Content for your information and personal use solely as intended through the provided functionality of the Service and as permitted under these Terms of Service. You shall not download any Content unless you see a “download” or similar link displayed by YouTube on the Service for that Content. You shall not copy, reproduce, distribute, transmit, broadcast, display, sell, license, or otherwise exploit any Content for any other purposes without the prior written consent of YouTube or the respective licensors of the Content. YouTube and its licensors reserve all rights not expressly granted in and to the Service and the Content.
It's apparent the RIAA that is also against it [3]. If you ask the RIAA - they will most likely say you did not purchase a legal copy of it - so therefore you shouldn't own a digital copy of it. Thus making it piracy.
It appears my original stance got lost - I'm not saying I agree with it - but these are the cold hard facts.
> I think the burden of proof falls under the one saying youtube-dl is illegal, doesn't?
I kind of figured it would be obvious BUT....
> Two days after YouTube-MP3.org, a site that takes music videos and converts their songs into MP3 files, was blocked from accessing YouTube, the RIAA has asked CNET to remove software from Download.com that performs a similar function. CNET, which is owned by CBS, is the publisher of this news site. [1]
Here is information on youtube-mp3.org [2].
Please do see my other post [3].
I want to make it very clear - I do NOT agree with the rulings and RIAA bullying. If you want to be upset at someone - call your representatives and ask them to start passing laws that are in favor of scraping.
As an aside note - to expand on my original post. Emulators are not illegal by definition (unless they circumvent/bypass encryption - but that's a whole other ball of wax), downloading a free or open source community made ROM for the emulator is not illegal. It is, however, illegal to download a ROM for a copyrighted game. Now, Nintendo isn't going to come after you for playing an old NES game in the privacy of your home - it's still illegal but they aren't going to expend the legal resources and the amount of bad PR to make an example out of you. They may and probably will come after you if you sell or distribute said ROMS.
That's not how it works. What your opinion is or even your lawyer's opinion is just an opinion. Ultimately someone can bring a case in a court and it's decided then. You can advance your legal theory as to why it is allowed, and it may be a sufficient defense, or it may not. There is no a priori certainty in these things... the closest you might get is precedent.
The jocular saying is that, in England, "everything which is not forbidden is allowed", while, in Germany, the opposite applies, so "everything which is not allowed is forbidden". This may be extended to France — "everything is allowed even if it is forbidden" — and Russia where "everything is forbidden, even that which is expressly allowed". While in North Korea it is said that "everything that is not forbidden is compulsory"
I mean, not according to the law... my understanding is that in most jurisdictions ignorant != impervious. Perhaps burden of proof for a discussion is on the claimant, but it might behoove a user to check their local laws
When you play in the browser, you are playing on youtube. when you download, you can play wherever you want. This is similar to saying I'll go record a movie from a cinema hall and watch it later at home since I paid for it.
No it's just a simple, direct assessment of a situation. There is no technical difference between "streaming" or "downloading" the bytes. In each case, the exact same thing happens, the numbers are copied to the local machine. The distinctions are a legal fiction that doesn't actually have a reflection in the real reality, and as most imposed fictions end up, there is very little respect for the idea on the ground.
True, but at the end of streaming, the provider/browser clears the cache. The legality of it is debatable, but downloading copyright material is certainly not legal.
If someone visits me at home and uses my coffee-maker the action is same as taking it to his home and using, but only one of them is acceptable.
I did not say breaking in. That would be equivalent to hacking. If i'm home and I let my friend use my coffee-maker, that is analogous to youtube giving you a license to watch a video.
I apologize for the confusion. I read your original comment to be a comparison between letting someone use your coffee maker (lending) and someone stealing your coffee maker which I believe is how you intended it. My comment was intentionally obtuse and was intended to highlight problems with your metaphor. I do not believe that letting a friend use my coffee maker is analogous to youtube granting me a license to watch a video. For instance, I have no desire to recoup my electricity costs by displaying advertising to my friend while she is making her coffee.
I don't think this is the same thing at all. If someone slides an envelope under my door that says "Please do not open" am I obliged to leave it sealed? What if I open it anyway and the contents advise me to destroy the message, am I obliged to do this?
What if you go to a friend's house (youtube) and see a letter that says do not read. But you whip out your camera phone, take a picture, come home and read?
The discussion is not about what is possible or should be done, it is about what is legal/moral.
When you watch a video on Youtube, you are essentially given a license to watch that content on their site. They show some ads and make some money. When you download, you are violating that license.
Depends on the jurisdiction. Some make a explicit difference, e.g. German law speaks of (rough translation of the critical bits by myself) "temporary reproductions that are [...] integral and necessary part of a technical way of a) transmitting through a network [...]" which in practice means that streaming is ok in cases where explicit saving is not. For private use, downloading from not clearly non-legal streaming sources is fine though (again, in Germany)
I believe streaming vs downloading has slight implication differences. E.g if they choose to shut it off you can't stream anymore. Or force ads or view counts. Yet in downloaded form you are bypassing those things that have value
One problem is that you're not only time shifting but space shifting to digital media as well. And the laws as written are very specific as to what is permitted.
Example: In the US, the AHRA that makes personal space shifting digital audio legal (relevant to the submission) is fairly limited in the media that can be used for copying. Though I agree that they're being used for basically the same thing, computer hard drives aren't covered.
A relevant quote from Wikipedia [1] that sums up why I think this act falls short of its purpose: "In each case, the principal distinction between what is and is not covered by the AHRA is determined by whether or not the device is marketed or designed (or in the case of media, commonly used by consumers) to make audio recordings, not the device's capabilities."
Time shifting means copying for the purpose of listening to the recording at a better time, whereas space shifting is relevant here because the intended purpose is to allow the audio to be played in a different environment (i.e. not the YouTube player or app).
The more important thing is that space shifting to different media (digital, personal computer hard drive in this case) is legally treated differently. Though, to be honest, I'm not convinced that any personal recording protections would or should apply to the YouTube situation. It's just one way that the two differ.
I really don't know why you are being downvoted - but this is pretty spot on. I know one of the science subreddits started to add flair for people who proved they had X degree or background. Which I think it great - you know you are talking to a biochemist working with real science and not just some guy who spent 5 minutes on the wikipedia page.
I know a lot of people want to be anonymous on the internet - and that's fine but it's depressing to see someone pretend to be an authority figure on a subject just to find out the person is a high school student (trolling or not). And it's usually pretty easy to spot.
If this [1] person was actually experienced they would know that the menu setups change depending on how you answered the question when Visual Studio first runs (at least it used to) - and menus/buttons may be missing/moved depending on that answer (I've seen this first hand and it's quite annoying trying to explain to click on something that doesn't exist). But instead he degrades the person asking for help.
> How often have I wished I could at least see the age of someone when reading through comments.
I don't know if age is as useful as something like list of projects, publications, or contributions. Something to denote saying "yes - this guy has been down the path I have and released it's a dead end" rather than just spewing what he learned in class or some random article on the internet.
Someone laughed at me on reddit when I told them you didn't need a lot of money to make a good game (as you can outsource if you need to - trust me there is someone in India who is willing to create that sprite sheet for less than $20 versus your artist friend would charge $200+). They claimed you needed like $X million. An obvious counter-example would be Terraria - I know not everyone likes it but I think it's a pretty successful and well put together game. It was made by 2 guys sitting in a home office somewhere. I asked him how many games he worked on - I believe he responded with, if I remember correctly, 3.
That doesn't stop people from trying. I'm sure some manager in some company is angry at his IT staff because he is trying to load 10GB of statistics into Excel and his staff is telling him that he shouldn't do that.
I recall a story about an infected version of qemu (might have happened to other software) for Windows. Basically they hacked the site, replaced the binaries with infected ones AND updated the hashes.
I also recall one or two stories where the binaries were infected but the hashes not updated - this was obviously caught pretty quickly and fixed.
However, I remember a time when Firefox served downloads directly from their mirrors. This case could be good for comparing hashes - but now it looks like they use Amazon's cloudfront.
But yes - for the average guy generating a hash for your releases (where your release and hash comes from the same server) doesn't provide any real benefit.
Good catch on the myip vs ip syntax error. It worked because of the myip global. The later change isn't required because the constructor calls the update. I may go ahead and adopt your update suggestion to make it clearer what is actually going on. Thanks!
Everything you ever wanted to know about Exchange [1] (but were afraid to ask). I personally use SOGo [2] as a Exchange ActiveSync provider but I know OpenChange is a project to implement the entire Exchange stack. So I would not consider it proprietary.
