“Clang will now more aggressively use undefined behavior on pointer addition overflow for optimization purposes.” https://github.com/llvm/llvm-project/commit/c2979c58d49b
A whole lot of non-exploitable bugs may become exploitable pretty soon.
=> More informations about this toot | View the thread
Which is not to say Signal couldn’t do a better job of protecting location/IP data even against sophisticated attackers (network-level or full-on evil-Signal). It’s just harder. But they could and should do it anyway. In addition to patching the more-obvious leak here.
(I can’t be sure what steps they are or are not taking already, though; they don’t seem to document this.)
=> More informations about this toot | View the thread
https://gist.github.com/hackermondev/45a3cdfa52246f1d1201c1e8cdef6117
Cool attack. Signal must fix this. “Signal has never attempted to fully replicate the set of network-layer anonymity features [of a VPN]” is BS.
Like, what does that even mean? Signal is not P2P. All traffic goes through servers, so of course they should provide anonymity.
Are they saying “the NSA could probably correlate traffic data, thus we can’t claim to provide anonymity”? If so, talk about making the perfect the enemy of the good.
@signalapp
=> More informations about this toot | View the thread
So Namecheap's website claims to offer .substack domain names. But I can't find .substack on any list of gTLDs and it doesn't seem to resolve. And if such a gTLD existed, why would it be open for public registration? Odd.
=> More informations about this toot | View the thread
TL;DR: If you take out a bank loan for $110k, and then take out additional loans from the same bank for another $109k…
And then the bank fails and loses track of what you owe them…
And when you’re asked, you say “I borrowed $110k”, conveniently not mentioning the other loans…
Did you violate a law that prohibits making “any false statement”?
=> More informations about this toot | View the thread
Some fantasy settings have a system where someone is required to tell the truth, but ‘truth’ is construed very literally. They are free to blatantly deceive people as long as their exact words are true.
I always think, ‘The law is kind of like this - it also has truth-telling rules - but law doesn’t brook any such silliness. False vs. misleading makes no difference.’
Which is usually true. But not always, as shown by an entertaining Supreme Court argument this week:
https://www.scotusblog.com/2025/01/supreme-court-considers-chicago-aldermans-false-statement-charges/
=> More informations about this toot | View the thread
This is similar to the theory that Gen Z is less tech savvy than millennials because they grew up with better computers. Computers that were easier to use and more reliable – and thus didn’t force their users to learn tech skills in order to get them to work. Also more locked-down, but that’s not even the main issue.
I don’t know whether this theory is actually supported by evidence, though.
You can also draw connections to earlier generations and their cars…
=> More informations about this toot | View the thread
I wonder if federated networks tend to be more decentralized in practice than fully P2P ones.
After all, if the protocol is fully decentralized but everyone runs the same software made by a centralized team, then in practice the network is under central control.
Federated networks require server admins with technical expertise, time, and their users’ trust. A waste of labor, when P2P networks don’t? But expertise/time/trust is exactly what you need to make a fork successful, if necessary.
=> More informations about this toot | View the thread
So Mark Zuckerberg justified the Meta changes as being about free speech. I hate the way they were done, but I could /sort of/ get behind the changes, except the fact-checking part.
But then...
"The company also removed the transgender and nonbinary ‘themes’ on its Messenger chat app"
More speech?
"That same day at Meta’s offices in Silicon Valley, Texas and New York, facilities managers were instructed to remove tampons from men’s bathrooms"
Tampons are speech??
https://www.nytimes.com/2025/01/10/technology/meta-mark-zuckerberg-trump.html
=> More informations about this toot | View the thread
In computing, both approaches have their failure modes. On one side, you get the proverbial 14 competing standards (e.g. messaging protocols, build systems, Linux distros). On the other, you get 1 common standard with 0 users (XHTML 2.0, IPv6).
https://hachyderm.io/@shafik/113791208466753263
=> More informations about this toot | View the thread
Wow, ChatGPT o1 gets indignant when told it’s wrong.
I was curious if it could solve the puzzle from this video: https://youtu.be/eS6hFs2PWPc
But no.
https://chatgpt.com/share/677c9953-75e8-8010-b56f-35f1a787acb6
=> View attached media | View attached media
=> More informations about this toot | View the thread
Are there any good iOS maps apps that use MapKit or the Google Maps SDK, but provide more power-user features?
One thing I’m looking for is less forgetfulness.
If I search for location A, then search for nearby location B, in normal maps apps that makes A disappear from the map. But I often want to see both A and B visualized together.
TBH I don’t know if that qualifies as a power-user feature. To me it seems more like a “why the hell isn’t this the default” feature.
=> More informations about this toot | View the thread
Airport billboard. Because if there’s one thing we associate AI with, it’s always giving right answers. 💀
=> More informations about this toot | View the thread
Have a holly jolly Christmas,
And in case you didn’t hear,
Oh, by golly, get a hearing aid already
This year!
=> More informations about this toot | View the thread
JetBlue has a Live Activity now. Pretty spiffy.
=> View attached media | View attached media | View attached media
=> More informations about this toot | View the thread
Today I learned that LLVM has support for generating C code from a dialect of MLIR. Kind of like the C backend removed from LLVM over a decade ago… but for MLIR instead of LLVM IR.
https://mlir.llvm.org/docs/Dialects/EmitC/
Added in 2021.
But is it possible to convert from LLVM IR to this dialect of MLIR? I need to investigate.
=> More informations about this toot | View the thread
Sure enough, if the ForEach input hasn't changed at all, then the closure won't be re-run.
I actually missed that. To that extent, SwiftUI can skip part of the body.
But in my testing, if the input changes at all, then the closure will be re-run for all elements (even ones that didn't change). In your example that would produce 10000 lightweight view structs (which is still expensive). But the subview bodies aren't necessarily rerendered.
https://mastodon.social/@nicklockwood/113584167897098693
=> More informations about this toot | View the thread
My mistake - indeed ObservableObject is part of Combine, it's only ObservedObject that's part of SwiftUI.
However, this is still two ways to use Combine to observe a class with multiple properties. Either way you need @Published on the properties. But you can then either
(a) use @ObservableObject to get notified when any property on the object will change, then re-read all the properties in a callback; or
(b) subscribe directly to the property Publishers.
https://mastodon.social/@nicklockwood/113584010733609754
=> More informations about this toot | View the thread
(At least, this is true as far as I can tell, without seeing the source code.)
=> More informations about this toot | View the thread
Also. I thought the whole point of SwiftUI's function-builder language magic was that it could partially re-evaluate view bodies.
So if you have a view with several controls depending on different inputs, and only one input changes, it would only re-evaluate the parts that depend on that input.
Or if you have a ForEach, it would only re-evaluate the iterations that changed.
But no. Any view will be evaluated entirely or not at all. Subview bodies can then be skipped if they compare equal.
=> More informations about this toot | View the thread
=> This profile with reblog | Go to comex@mas.to account This content has been proxied by September (ba2dc).Proxy Information
text/gemini