From 4e36cdae06cfb17b49e81f2004465cbaa53b3293 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Tue, 14 Jan 2025 19:28:40 +0000 Subject: [PATCH] Updating News... --- docs/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ .../current/2025/01/14.md | 147 +++++++++ records/2025-01-14/2025-01-14.ar.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.bn.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.cs.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.da.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.de.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.el.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.en.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.es.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.fi.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.fr.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.he.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.hi.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.hu.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.id.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.it.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.ja.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.ko.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.nb.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.nl.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.pl.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.pt.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.ro.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.ru.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.sk.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.sv.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.ta.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.th.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.tr.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.vi.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.zh-Hans.json | 288 ++++++++++++++++++ records/2025-01-14/2025-01-14.zh-Hant.json | 288 ++++++++++++++++++ static/rss/newsletter/ar.xml | 212 +++++++++---- static/rss/newsletter/bn.xml | 212 +++++++++---- static/rss/newsletter/cs.xml | 212 +++++++++---- static/rss/newsletter/da.xml | 212 +++++++++---- static/rss/newsletter/de.xml | 212 +++++++++---- static/rss/newsletter/el.xml | 212 +++++++++---- static/rss/newsletter/en.xml | 212 +++++++++---- static/rss/newsletter/es.xml | 212 +++++++++---- static/rss/newsletter/fi.xml | 212 +++++++++---- static/rss/newsletter/fr.xml | 212 +++++++++---- static/rss/newsletter/he.xml | 212 +++++++++---- static/rss/newsletter/hi.xml | 212 +++++++++---- static/rss/newsletter/hu.xml | 212 +++++++++---- static/rss/newsletter/id.xml | 212 +++++++++---- static/rss/newsletter/it.xml | 212 +++++++++---- static/rss/newsletter/ja.xml | 212 +++++++++---- static/rss/newsletter/ko.xml | 212 +++++++++---- static/rss/newsletter/nb.xml | 212 +++++++++---- static/rss/newsletter/nl.xml | 212 +++++++++---- static/rss/newsletter/pl.xml | 212 +++++++++---- static/rss/newsletter/pt.xml | 212 +++++++++---- static/rss/newsletter/ro.xml | 212 +++++++++---- static/rss/newsletter/ru.xml | 212 +++++++++---- static/rss/newsletter/sk.xml | 212 +++++++++---- static/rss/newsletter/sv.xml | 212 +++++++++---- static/rss/newsletter/ta.xml | 212 +++++++++---- static/rss/newsletter/th.xml | 212 +++++++++---- static/rss/newsletter/tr.xml | 212 +++++++++---- static/rss/newsletter/vi.xml | 212 +++++++++---- static/rss/newsletter/zh-Hans.xml | 212 +++++++++---- static/rss/newsletter/zh-Hant.xml | 212 +++++++++---- static/rss/story/ar.xml | 249 +++++++++++---- static/rss/story/bn.xml | 254 +++++++++++---- static/rss/story/cs.xml | 255 ++++++++++++---- static/rss/story/da.xml | 253 +++++++++++---- static/rss/story/de.xml | 261 ++++++++++++---- static/rss/story/el.xml | 263 ++++++++++++---- static/rss/story/en.xml | 247 +++++++++++---- static/rss/story/es.xml | 259 ++++++++++++---- static/rss/story/fi.xml | 258 ++++++++++++---- static/rss/story/fr.xml | 261 ++++++++++++---- static/rss/story/he.xml | 247 +++++++++++---- static/rss/story/hi.xml | 256 ++++++++++++---- static/rss/story/hu.xml | 260 ++++++++++++---- static/rss/story/id.xml | 258 ++++++++++++---- static/rss/story/it.xml | 260 ++++++++++++---- static/rss/story/ja.xml | 257 ++++++++++++---- static/rss/story/ko.xml | 248 +++++++++++---- static/rss/story/nb.xml | 256 ++++++++++++---- static/rss/story/nl.xml | 253 +++++++++++---- static/rss/story/pl.xml | 258 ++++++++++++---- static/rss/story/pt.xml | 259 ++++++++++++---- static/rss/story/ro.xml | 260 ++++++++++++---- static/rss/story/ru.xml | 257 ++++++++++++---- static/rss/story/sk.xml | 257 ++++++++++++---- static/rss/story/sv.xml | 251 +++++++++++---- static/rss/story/ta.xml | 263 ++++++++++++---- static/rss/story/th.xml | 251 +++++++++++---- static/rss/story/tr.xml | 262 ++++++++++++---- static/rss/story/vi.xml | 261 ++++++++++++---- static/rss/story/zh-Hans.xml | 235 ++++++++++---- static/rss/story/zh-Hant.xml | 241 +++++++++++---- 124 files changed, 24250 insertions(+), 3717 deletions(-) create mode 100644 docs/2025/01/14.md create mode 100644 i18n/ar/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/bn/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/cs/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/da/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/de/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/el/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/es/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/fi/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/fr/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/he/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/hi/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/hu/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/id/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/it/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/ja/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/ko/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/nb/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/nl/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/pl/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/pt/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/ro/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/ru/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/sk/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/sv/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/ta/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/th/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/tr/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/vi/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/zh-Hans/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 i18n/zh-Hant/docusaurus-plugin-content-docs/current/2025/01/14.md create mode 100644 records/2025-01-14/2025-01-14.ar.json create mode 100644 records/2025-01-14/2025-01-14.bn.json create mode 100644 records/2025-01-14/2025-01-14.cs.json create mode 100644 records/2025-01-14/2025-01-14.da.json create mode 100644 records/2025-01-14/2025-01-14.de.json create mode 100644 records/2025-01-14/2025-01-14.el.json create mode 100644 records/2025-01-14/2025-01-14.en.json create mode 100644 records/2025-01-14/2025-01-14.es.json create mode 100644 records/2025-01-14/2025-01-14.fi.json create mode 100644 records/2025-01-14/2025-01-14.fr.json create mode 100644 records/2025-01-14/2025-01-14.he.json create mode 100644 records/2025-01-14/2025-01-14.hi.json create mode 100644 records/2025-01-14/2025-01-14.hu.json create mode 100644 records/2025-01-14/2025-01-14.id.json create mode 100644 records/2025-01-14/2025-01-14.it.json create mode 100644 records/2025-01-14/2025-01-14.ja.json create mode 100644 records/2025-01-14/2025-01-14.ko.json create mode 100644 records/2025-01-14/2025-01-14.nb.json create mode 100644 records/2025-01-14/2025-01-14.nl.json create mode 100644 records/2025-01-14/2025-01-14.pl.json create mode 100644 records/2025-01-14/2025-01-14.pt.json create mode 100644 records/2025-01-14/2025-01-14.ro.json create mode 100644 records/2025-01-14/2025-01-14.ru.json create mode 100644 records/2025-01-14/2025-01-14.sk.json create mode 100644 records/2025-01-14/2025-01-14.sv.json create mode 100644 records/2025-01-14/2025-01-14.ta.json create mode 100644 records/2025-01-14/2025-01-14.th.json create mode 100644 records/2025-01-14/2025-01-14.tr.json create mode 100644 records/2025-01-14/2025-01-14.vi.json create mode 100644 records/2025-01-14/2025-01-14.zh-Hans.json create mode 100644 records/2025-01-14/2025-01-14.zh-Hant.json diff --git a/docs/2025/01/14.md b/docs/2025/01/14.md new file mode 100644 index 000000000..eb4ccfa66 --- /dev/null +++ b/docs/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [Snyk security researcher deploys malicious NPM packages targeting cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- A Snyk security researcher released malicious NPM packages targeting Cursor.com, an AI coding company, to collect system data and send it to an attacker-controlled service. +- The packages, identified as "cursor-retrieval," "cursor-always-local," and "cursor-shadow-workspace," were flagged by the OpenSSF package analysis scanner, resulting in advisories MAL-2025-27, MAL-2025-28, and MAL-2025-29. +- This incident highlights the importance of scrutinizing NPM packages before installation to avoid potential security threats. + +### [Reactions](https://news.ycombinator.com/item?id=42690473) + +- A Snyk security researcher released malicious NPM (Node Package Manager) packages aimed at cursor.com, highlighting dependency confusion vulnerabilities. - The incident has sparked a debate on the ethics of security research, particularly regarding the public exposure of environment variables. - Cursor.com clarified they did not authorize the action, and Snyk has since apologized, underscoring the challenges in balancing offensive security research with ethical standards. + +## [I Switched to Firefox and Never Looked Back](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox is praised for its superior tab management, built-in Pocket feature for saving links, and a privacy-focused email relay, making it a strong alternative to Chrome. - Additional features like a user-friendly screenshot tool, a ChatGPT button, Picture-in-Picture, customizable search options, and smooth scrolling enhance the browsing experience. - Although Firefox lacks Chrome's web app feature, its thoughtful design and reduced resource demands make it a preferred choice for some users. + +### [Reactions](https://news.ycombinator.com/item?id=42696081) + +- Firefox users face challenges from platforms like YouTube, which may intentionally degrade the experience for non-Google browsers or users employing adblockers. - This trend raises concerns about user autonomy, as it penalizes those opting for an ad-free and surveillance-free web experience. - Firefox offers unique features, such as container tabs, which enhance privacy and usability, making it a favored choice for users seeking independence from major corporate-controlled browsers. + +## [Sonos CEO steps down after app update debacle](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reactions](https://news.ycombinator.com/item?id=42687932) + +- The Sonos CEO has resigned following a controversial app update that required users to replace costly sound systems, causing customer dissatisfaction. - The update introduced a cloud-based system, moving away from the reliable Universal Plug and Play (UPnP), which led to connectivity issues and increased complexity. - This situation underscores the conflict between business strategies and maintaining customer trust, as the CEO transitions to an advisory role with a severance package. + +## [In the belly of the MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reactions](https://news.ycombinator.com/item?id=42696691) + +- The essay examines how YouTube's algorithm influences content creation, using MrBeast as a case study, highlighting a shift towards engagement-driven rather than meaningful content. - It discusses the broader implications for media literacy and the cultural impact of platforms like YouTube and TikTok, suggesting a trend towards superficial and reactionary content. - Various perspectives are considered on the role of algorithms in shaping content and the influence of popular creators on cultural norms. + +## [GitHub Git Operations Are Down](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub faced a Git operations outage on January 13, 2025, due to a configuration change affecting the internal load balancer, lasting from 23:35 to 00:24 UTC. - The issue was resolved by reverting the configuration change, and GitHub is working on improving monitoring and deployment processes to prevent similar incidents. - The outage also affected GitHub's Actions and Pages services, highlighting the interconnected nature of their platform services. + +### [Reactions](https://news.ycombinator.com/item?id=42691184) + +- GitHub faced a major outage impacting git operations, leading to confusion among developers who initially suspected issues with their SSH keys or local configurations. - The incident underscored the challenges of relying on centralized services, prompting discussions on the advantages of self-hosting and decentralized systems. - Although the issue was resolved, it highlighted concerns about GitHub's reliability and the risks of depending on third-party platforms for essential tasks. + +## [ZFS 2.3 released with ZFS raidz expansion](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 has been released, introducing significant features such as RAIDZ Expansion, Fast Deduplication, Direct Input/Output, JSON output, and support for long file names. - The release includes essential bug fixes and performance enhancements, compatible with Linux kernels 4.18 - 6.12 and FreeBSD versions 13.3, 14.0 - 14.2. - The update is a collaborative effort from 134 contributors, with comprehensive documentation and a change log available for review. + +### [Reactions](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 has been released, introducing features like RAIDZ expansion, fast deduplication, direct IO, JSON output, and support for long file names. - RAIDZ expansion is particularly notable as it allows users to add new devices to an existing RAIDZ pool without downtime, enhancing storage capacity. - The release is considered a significant advancement for ZFS users, drawing comparisons with other filesystems like Btrfs and Windows Storage Spaces, despite some limitations like the inability to shrink pools. + +## [Webtop – Alpine,Ubuntu,Fedora,and Arch containers containing full desktop envs](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop provides containers based on Alpine, Ubuntu, Fedora, and Arch with full desktop environments accessible through web browsers, supporting both x86-64 and arm64 architectures. +- Users can select from various desktop environments such as XFCE, KDE, MATE, i3, Openbox, and IceWM by using specific image tags, and access the Webtop via designated URLs. +- Security features include Docker's seccomp option and authentication setup, with customization options available through environment variables, and support for GPU acceleration with open-source drivers. + +### [Reactions](https://news.ycombinator.com/item?id=42690983) + +- Webtop provides containers with full desktop environments for Alpine, Ubuntu, Fedora, and Arch, suitable for quick setups behind a VPN. +- Users commend Webtop for its speed and ease of use, particularly when used with the Gluetun container for secure connections, but caution against exposing containers to the internet without security measures due to lack of default authentication. +- The project is valued for being open-source and flexible, with users sharing configurations, and alternatives like Kasm and Selkies are noted for similar purposes. + +## [1 in 5 online job postings are either fake or never filled, study finds](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- A recent study indicates that 20% of online job postings are either fake or remain unfilled, adding to job seekers' frustration. - This "ghost job" trend might be a tactic for companies to project an image of growth. - Job platforms such as Greenhouse and LinkedIn have introduced job verification services to assist users in identifying genuine job opportunities. + +### [Reactions](https://news.ycombinator.com/item?id=42697783) + +- A study reveals that 20% of online job postings are either fake or remain unfilled, often due to companies needing to comply with US immigration policies. - Companies may also leave job postings up to find ideal candidates, change requirements, or have pre-selected internal candidates. - The job market is difficult for applicants, who frequently encounter ghosting and automated rejections, prompting calls for regulatory intervention. + +## [Making an intersection unsafe for pedestrians to save seconds for drivers](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reactions](https://news.ycombinator.com/item?id=42698557) + +- The debate centers around whether intersections should prioritize pedestrian safety or driver efficiency, with some favoring light-controlled intersections and pedestrian scrambles over 4-way stops. +- Opinions vary on traffic laws and infrastructure design, with discussions on the safety of jaywalking and the risks associated with right turns on red. +- Some advocate for alternative solutions like roundabouts or adopting Dutch traffic engineering standards to enhance both safety and efficiency. + +## [PostgreSQL is the Database Management System of the Year 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL has been awarded DBMS of the Year 2024 by DB-Engines, achieving this recognition for the fifth time, surpassing 423 other database management systems. +- PostgreSQL, with a history spanning nearly 35 years, continues to innovate, as seen in the recent enhancements of PostgreSQL 17, released in September 2024. +- Snowflake and Microsoft secured second and third places, respectively, with Snowflake noted for its cloud-based data warehousing and multi-cloud support, while Microsoft offers robust managed relational databases through Azure SQL Database and SQL Server. + +### [Reactions](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL has been awarded Database Management System of the Year 2024 by db-engines.com, highlighting its growing popularity and recognition in the industry. +- Users are considering switching from Microsoft SQL Server to PostgreSQL due to high licensing costs and resource limitations, despite potential migration challenges. +- PostgreSQL is favored for its robust features and cost-effectiveness, making it a preferred choice for future projects, although some users explore alternatives like Babelfish to reduce costs. + +## [Google’s OAuth login doesn’t protect against purchasing a failed startup domain](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reactions](https://news.ycombinator.com/item?id=42699099) + +- The discussion highlights a vulnerability in Google’s OAuth login system when a failed startup's domain is acquired by a new owner, potentially allowing unauthorized access to services. +- This issue arises because Google may not distinguish between the original and new domain owners, affecting any system that uses domain-based authentication. +- A proposed solution is to use unique identifiers that remain constant over time, though the implementation of this solution varies among identity providers. + +## [Using coding skills to make passive income](https://www.coryzue.com/writing/solopreneur/) + +- The author transitioned from a CTO role to a solopreneur, successfully earning more through a portfolio of software products. +- Key strategies include focusing on deep work, starting with small projects, iterating quickly, and dedicating time to marketing efforts. +- The journey emphasizes resilience due to uncertainties, but highlights the unmatched autonomy and freedom of this career path, encouraging those with coding skills to consider it for passive income. + +### [Reactions](https://news.ycombinator.com/item?id=42696822) + +- A user described generating passive income through SEO spam websites using expiring domain names, earning approximately $30k annually, despite ethical concerns and Google's eventual crackdown. +- The post sparked a debate on passive income, with some users arguing it's more akin to running a business than truly passive earnings. +- Participants shared experiences and challenges in side projects, highlighting the importance of time, resilience, and strategic planning. + +## [Spain proposes 100% tax on homes bought by non-EU residents](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Spain is considering a 100% tax on real estate purchases by non-EU residents, aiming to address the housing crisis and curb speculative buying. +- Prime Minister Pedro Sánchez's proposal includes expanding social housing and regulating tourist rentals to tackle the disparity between housing prices and incomes. +- The proposal's future as law is uncertain, with some analysts viewing it as a deterrent to foreign investors rather than a guaranteed legislative change. + +### [Reactions](https://news.ycombinator.com/item?id=42690781) + +- Spain is considering a 100% tax on homes purchased by non-EU residents to tackle housing affordability problems. - Critics suggest that foreign buyers are not the primary cause of high housing prices, citing slow bureaucracy and zoning laws as more significant factors. - The proposal has ignited a debate on the role of foreign ownership in housing markets and its effectiveness in resolving affordability issues. + +## [Apple will soon receive 'made in America' chips from TSMC's Arizona fab](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple is testing processors from TSMC's Arizona facility, with plans for mass production by the first quarter, potentially becoming TSMC's first U.S. customer for locally manufactured chips. - This initiative aims to bolster U.S. silicon independence, reducing dependency on Taiwan, which is vulnerable to geopolitical and natural risks. - TSMC's Arizona fab is set to produce advanced 3nm and 2nm chips, with ongoing efforts to enhance local recruitment and partnerships with U.S. universities, although packaging will initially occur in Taiwan until the Peoria facility is operational. + +### [Reactions](https://news.ycombinator.com/item?id=42699977) + +- Apple will receive chips from TSMC's Arizona plant, but they need to be sent back to Taiwan for packaging due to insufficient U.S. facilities. - Over 50% of the workforce at the Arizona plant is from Taiwan, indicating a gap in the U.S. STEM (Science, Technology, Engineering, and Mathematics) field. - The CHIPS Act initiative, aimed at enhancing U.S. semiconductor manufacturing, faces challenges as the "Made in America" label is questioned due to the packaging process occurring in Taiwan, with plans for U.S. packaging capabilities by 2027. + +## [43K fewer drivers on Manhattan roads after congestion pricing turned on](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- After congestion pricing was implemented, there was a 7.5% reduction in drivers entering Manhattan below 60th Street, equating to 43,000 fewer drivers each weekday. +- The reduction in traffic has improved traffic flow and increased bus speeds, with some express buses experiencing higher ridership. +- The Metropolitan Transportation Authority (MTA) uses the toll revenue, estimated at $500 million annually, for transit improvements, despite some political opposition. + +### [Reactions](https://news.ycombinator.com/item?id=42692730) + +- The implementation of congestion pricing in Manhattan has resulted in 43,000 fewer drivers, leading to increased bus speeds and potentially better emergency response times. +- The policy is designed to reduce traffic congestion and improve air quality, though it has sparked debate over its impact on lower-income individuals. +- Proponents argue that the benefits include more efficient public transit and cleaner air, while discussions continue on balancing these advantages with the needs of drivers. + + + + + + diff --git a/i18n/ar/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/ar/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..5010935d5 --- /dev/null +++ b/i18n/ar/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [باحث أمني في Snyk ينشر حزم NPM خبيثة تستهدف cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- أصدر باحث أمني من شركة Snyk حزم NPM خبيثة تستهدف موقع Cursor.com، وهي شركة متخصصة في البرمجة بالذكاء الاصطناعي، لجمع بيانات النظام وإرسالها إلى خدمة يتحكم فيها المهاجم. +- تم تحديد الحزم المسماة "cursor-retrieval"، "cursor-always-local"، و"cursor-shadow-workspace" بواسطة ماسح تحليل الحزم OpenSSF، مما أدى إلى إصدار التحذيرات MAL-2025-27، MAL-2025-28، وMAL-2025-29. +- تسلط هذه الحادثة الضوء على أهمية فحص حزم NPM قبل التثبيت لتجنب التهديدات الأمنية المحتملة. + +### [ردود الفعل](https://news.ycombinator.com/item?id=42690473) + +- أصدر باحث أمني من Snyk حزم NPM (مدير حزم Node) خبيثة تستهدف cursor.com، مما يبرز ثغرات الارتباك في الاعتماديات. - أثار الحادث نقاشًا حول أخلاقيات البحث الأمني، خاصة فيما يتعلق بالكشف العلني عن متغيرات البيئة. - أوضحت cursor.com أنها لم تأذن بهذا الإجراء، واعتذرت Snyk منذ ذلك الحين، مما يبرز التحديات في موازنة البحث الأمني الهجومي مع المعايير الأخلاقية. + +## [لقد انتقلت إلى فايرفوكس ولم أنظر إلى الوراء أبدًا](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- يُشاد بمتصفح فايرفوكس لإدارته الفائقة للتبويبات وميزة Pocket المدمجة لحفظ الروابط وميزة البريد الإلكتروني التي تركز على الخصوصية، مما يجعله بديلاً قوياً لمتصفح كروم. - ميزات إضافية مثل أداة لقطة الشاشة سهلة الاستخدام، زر ChatGPT، وضع الصورة داخل الصورة، خيارات البحث القابلة للتخصيص، والتمرير السلس تعزز تجربة التصفح. - على الرغم من أن فايرفوكس يفتقر إلى ميزة تطبيقات الويب الخاصة بكروم، إلا أن تصميمه المدروس ومتطلباته المنخفضة للموارد تجعله الخيار المفضل لبعض المستخدمين. + +### [ردود الفعل](https://news.ycombinator.com/item?id=42696081) + +- يواجه مستخدمو فايرفوكس تحديات من منصات مثل يوتيوب، التي قد تقوم عمدًا بتقليل جودة التجربة لمتصفحات غير تابعة لجوجل أو للمستخدمين الذين يستخدمون أدوات حجب الإعلانات. - يثير هذا الاتجاه مخاوف بشأن استقلالية المستخدم، حيث يعاقب أولئك الذين يختارون تجربة ويب خالية من الإعلانات والمراقبة. - يقدم فايرفوكس ميزات فريدة، مثل علامات التبويب الحاوية، التي تعزز الخصوصية وسهولة الاستخدام، مما يجعله خيارًا مفضلًا للمستخدمين الذين يسعون للاستقلال عن المتصفحات التي تسيطر عليها الشركات الكبرى. + +## [الرئيس التنفيذي لشركة سونوس يتنحى بعد فضيحة تحديث التطبيق](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [ردود الفعل](https://news.ycombinator.com/item?id=42687932) + +- استقال الرئيس التنفيذي لشركة سونوس بعد تحديث تطبيق مثير للجدل أجبر المستخدمين على استبدال أنظمة الصوت المكلفة، مما تسبب في استياء العملاء. - قدم التحديث نظامًا قائمًا على السحابة، مبتعدًا عن نظام التوصيل والتشغيل العالمي الموثوق (UPnP)، مما أدى إلى مشاكل في الاتصال وزيادة التعقيد. - يبرز هذا الوضع الصراع بين استراتيجيات الأعمال والحفاظ على ثقة العملاء، حيث ينتقل الرئيس التنفيذي إلى دور استشاري مع حزمة تعويضات. + +## [في بطن مستر بيست](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [ردود الفعل](https://news.ycombinator.com/item?id=42696691) + +- تتناول المقالة كيفية تأثير خوارزمية يوتيوب على إنشاء المحتوى، باستخدام MrBeast كدراسة حالة، مسلطة الضوء على التحول نحو المحتوى الذي يحركه التفاعل بدلاً من المحتوى ذو المعنى. - تناقش الآثار الأوسع على محو الأمية الإعلامية والتأثير الثقافي للمنصات مثل يوتيوب وتيك توك، مشيرة إلى اتجاه نحو المحتوى السطحي والتفاعلي. - يتم النظر في وجهات نظر مختلفة حول دور الخوارزميات في تشكيل المحتوى وتأثير المبدعين المشهورين على المعايير الثقافية. + +## [عمليات Git على GitHub متوقفة](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- واجهت GitHub انقطاعًا في عمليات Git في 13 يناير 2025 بسبب تغيير في التكوين أثر على موازن التحميل الداخلي، واستمر من الساعة 23:35 حتى 00:24 بالتوقيت العالمي. - تم حل المشكلة عن طريق التراجع عن تغيير التكوين، وتعمل GitHub على تحسين عمليات المراقبة والنشر لمنع حوادث مماثلة. - أثر الانقطاع أيضًا على خدمات Actions وPages في GitHub، مما يبرز الطبيعة المترابطة لخدمات منصتهم. + +### [ردود الفعل](https://news.ycombinator.com/item?id=42691184) + +- واجه GitHub انقطاعًا كبيرًا أثر على عمليات git، مما أدى إلى ارتباك بين المطورين الذين اشتبهوا في البداية بوجود مشكلات في مفاتيح SSH الخاصة بهم أو تكويناتهم المحلية. - سلط الحادث الضوء على التحديات المرتبطة بالاعتماد على الخدمات المركزية، مما أثار مناقشات حول مزايا الاستضافة الذاتية والأنظمة اللامركزية. - وعلى الرغم من حل المشكلة، إلا أنها أبرزت المخاوف بشأن موثوقية GitHub والمخاطر المرتبطة بالاعتماد على منصات الطرف الثالث للمهام الأساسية. + +## [تم إصدار ZFS 2.3 مع توسيع ZFS raidz](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- تم إصدار OpenZFS 2.3.0، حيث تم تقديم ميزات هامة مثل توسيع RAIDZ، وإزالة التكرار السريع، والإدخال/الإخراج المباشر، وإخراج JSON، ودعم الأسماء الطويلة للملفات. - يتضمن الإصدار إصلاحات أساسية للأخطاء وتحسينات في الأداء، وهو متوافق مع نوى لينكس من 4.18 إلى 6.12 وإصدارات FreeBSD من 13.3 إلى 14.0 - 14.2. - التحديث هو جهد تعاوني من 134 مساهمًا، مع توفر وثائق شاملة وسجل تغييرات للمراجعة. + +### [ردود الفعل](https://news.ycombinator.com/item?id=42694596) + +- تم إصدار ZFS 2.3، حيث تم تقديم ميزات مثل توسيع RAIDZ، وإلغاء التكرار السريع، وIO المباشر، وإخراج JSON، ودعم الأسماء الطويلة للملفات. - يُعتبر توسيع RAIDZ ملحوظًا بشكل خاص لأنه يسمح للمستخدمين بإضافة أجهزة جديدة إلى مجموعة RAIDZ موجودة دون توقف، مما يعزز سعة التخزين. - يُعتبر الإصدار تقدمًا كبيرًا لمستخدمي ZFS، حيث يتم مقارنته بأنظمة ملفات أخرى مثل Btrfs وWindows Storage Spaces، على الرغم من بعض القيود مثل عدم القدرة على تقليص المجموعات. + +## [ويب توب - حاويات ألباين، أوبونتو، فيدورا، وآرتش تحتوي على بيئات سطح مكتب كاملة](https://docs.linuxserver.io/images/docker-webtop/) + +- يوفر Linuxserver/webtop حاويات تعتمد على أنظمة Alpine وUbuntu وFedora وArch مع بيئات سطح مكتب كاملة يمكن الوصول إليها عبر متصفحات الويب، وتدعم كل من معماريات x86-64 وarm64. +- يمكن للمستخدمين اختيار بيئات سطح المكتب المختلفة مثل XFCE وKDE وMATE وi3 وOpenbox وIceWM باستخدام علامات الصور المحددة، والوصول إلى Webtop عبر عناوين URL المخصصة. +- تشمل ميزات الأمان خيار seccomp في Docker وإعداد المصادقة، مع توفر خيارات التخصيص من خلال متغيرات البيئة، ودعم تسريع GPU باستخدام برامج تشغيل مفتوحة المصدر. + +### [ردود الفعل](https://news.ycombinator.com/item?id=42690983) + +- يوفر Webtop حاويات ببيئات سطح مكتب كاملة لأنظمة Alpine وUbuntu وFedora وArch، وهي مناسبة لإعدادات سريعة خلف VPN. +- يشيد المستخدمون بـ Webtop لسرعته وسهولة استخدامه، خاصة عند استخدامه مع حاوية Gluetun للاتصالات الآمنة، لكنهم يحذرون من تعريض الحاويات للإنترنت دون اتخاذ تدابير أمنية بسبب عدم وجود مصادقة افتراضية. +- يُقدَّر المشروع لكونه مفتوح المصدر ومرنًا، حيث يشارك المستخدمون التكوينات، وتُلاحظ بدائل مثل Kasm وSelkies لأغراض مشابهة. + +## [وجدت دراسة أن 1 من كل 5 إعلانات وظائف عبر الإنترنت إما مزيفة أو لم يتم شغلها أبدًا](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- تشير دراسة حديثة إلى أن 20% من إعلانات الوظائف عبر الإنترنت إما زائفة أو تبقى شاغرة، مما يزيد من إحباط الباحثين عن عمل. - قد تكون هذه الظاهرة المعروفة بـ"الوظائف الشبحية" تكتيكًا تستخدمه الشركات لإظهار صورة عن النمو. - وقد قدمت منصات التوظيف مثل Greenhouse وLinkedIn خدمات تحقق من الوظائف لمساعدة المستخدمين في التعرف على فرص العمل الحقيقية. + +### [ردود الفعل](https://news.ycombinator.com/item?id=42697783) + +- تكشف دراسة أن 20% من إعلانات الوظائف عبر الإنترنت إما زائفة أو تبقى شاغرة، غالبًا بسبب حاجة الشركات للامتثال لسياسات الهجرة الأمريكية. - قد تترك الشركات أيضًا إعلانات الوظائف مفتوحة للعثور على المرشحين المثاليين، أو لتغيير المتطلبات، أو لوجود مرشحين داخليين تم اختيارهم مسبقًا. - سوق العمل صعب بالنسبة للمتقدمين، الذين يواجهون بشكل متكرر التجاهل والرفض الآلي، مما يدفع إلى الدعوة لتدخل تنظيمي. + +## [جعل التقاطع غير آمن للمشاة لتوفير ثوانٍ للسائقين](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [ردود الفعل](https://news.ycombinator.com/item?id=42698557) + +- يدور النقاش حول ما إذا كان يجب على التقاطعات أن تعطي الأولوية لسلامة المشاة أو كفاءة السائقين، حيث يفضل البعض التقاطعات التي يتم التحكم فيها بالإشارات الضوئية وعبور المشاة على التوقفات الرباعية. +- تختلف الآراء حول قوانين المرور وتصميم البنية التحتية، مع مناقشات حول سلامة عبور المشاة في غير الأماكن المخصصة والمخاطر المرتبطة بالانعطاف إلى اليمين عند الإشارة الحمراء. +- يدعو البعض إلى حلول بديلة مثل الدوارات أو تبني معايير الهندسة المرورية الهولندية لتعزيز كل من السلامة والكفاءة. + +## [PostgreSQL هو نظام إدارة قواعد البيانات لعام 2024](https://db-engines.com/en/blog_post/109) + +- تم منح PostgreSQL جائزة نظام إدارة قواعد البيانات لعام 2024 من قبل DB-Engines، محققًا هذا الاعتراف للمرة الخامسة، متفوقًا على 423 نظامًا آخر لإدارة قواعد البيانات. +- يواصل PostgreSQL الابتكار بعد تاريخ يمتد لأكثر من 35 عامًا، كما يتضح من التحسينات الأخيرة في PostgreSQL 17، الذي تم إصداره في سبتمبر 2024. +- احتلت Snowflake وMicrosoft المركزين الثاني والثالث على التوالي، حيث تميزت Snowflake بتخزين البيانات السحابي ودعم السحابة المتعددة، بينما تقدم Microsoft قواعد بيانات علائقية مُدارة قوية من خلال Azure SQL Database وSQL Server. + +### [ردود الفعل](https://news.ycombinator.com/item?id=42696080) + +- تم منح PostgreSQL جائزة نظام إدارة قواعد البيانات لعام 2024 من قبل db-engines.com، مما يبرز شعبيته المتزايدة والاعتراف به في الصناعة. +- يفكر المستخدمون في الانتقال من Microsoft SQL Server إلى PostgreSQL بسبب التكاليف العالية للتراخيص والقيود على الموارد، على الرغم من التحديات المحتملة في عملية الانتقال. +- يُفضل PostgreSQL لميزاته القوية وفعاليته من حيث التكلفة، مما يجعله خيارًا مفضلاً للمشاريع المستقبلية، على الرغم من أن بعض المستخدمين يستكشفون بدائل مثل Babelfish لتقليل التكاليف. + +## [تسجيل الدخول باستخدام OAuth من جوجل لا يحمي من شراء نطاق شركة ناشئة فاشلة](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [ردود الفعل](https://news.ycombinator.com/item?id=42699099) + +- تسلط المناقشة الضوء على ثغرة في نظام تسجيل الدخول OAuth الخاص بجوجل عندما يتم الاستحواذ على نطاق شركة ناشئة فاشلة من قبل مالك جديد، مما قد يسمح بالوصول غير المصرح به إلى الخدمات. +- تنشأ هذه المشكلة لأن جوجل قد لا تميز بين المالكين الأصليين والجدد للنطاق، مما يؤثر على أي نظام يستخدم المصادقة المستندة إلى النطاق. +- الحل المقترح هو استخدام معرفات فريدة تظل ثابتة مع مرور الوقت، على الرغم من أن تنفيذ هذا الحل يختلف بين مزودي الهوية. + +## [استخدام مهارات البرمجة لتحقيق دخل سلبي](https://www.coryzue.com/writing/solopreneur/) + +- انتقل المؤلف من دور مدير التكنولوجيا التنفيذي إلى العمل كريادي منفرد، ونجح في كسب المزيد من خلال مجموعة من المنتجات البرمجية. +- تشمل الاستراتيجيات الرئيسية التركيز على العمل العميق، والبدء بمشاريع صغيرة، والتكرار بسرعة، وتخصيص الوقت للجهود التسويقية. +- تؤكد الرحلة على المرونة بسبب عدم اليقين، لكنها تسلط الضوء على الاستقلالية والحرية التي لا مثيل لها في هذا المسار الوظيفي، مما يشجع أولئك الذين يمتلكون مهارات البرمجة على التفكير فيه كمصدر دخل سلبي. + +### [ردود الفعل](https://news.ycombinator.com/item?id=42696822) + +- وصف مستخدم كيفية توليد دخل سلبي من خلال مواقع الويب التي تستخدم البريد العشوائي لتحسين محركات البحث باستخدام أسماء النطاقات المنتهية، حيث يكسب حوالي 30 ألف دولار سنويًا، على الرغم من المخاوف الأخلاقية وحملة جوجل النهائية ضد هذه الممارسات. +- أثار المنشور نقاشًا حول الدخل السلبي، حيث جادل بعض المستخدمين بأنه يشبه إدارة الأعمال أكثر من كونه أرباحًا سلبية حقيقية. +- شارك المشاركون تجاربهم وتحدياتهم في المشاريع الجانبية، مسلطين الضوء على أهمية الوقت والمرونة والتخطيط الاستراتيجي. + +## [إسبانيا تقترح ضريبة بنسبة 100% على المنازل التي يشتريها المقيمون من خارج الاتحاد الأوروبي](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- تدرس إسبانيا فرض ضريبة بنسبة 100% على شراء العقارات من قبل المقيمين من خارج الاتحاد الأوروبي، بهدف معالجة أزمة الإسكان والحد من الشراء المضاربي. +- تشمل اقتراحات رئيس الوزراء بيدرو سانشيز توسيع الإسكان الاجتماعي وتنظيم الإيجارات السياحية لمعالجة التفاوت بين أسعار المساكن والدخول. +- مستقبل الاقتراح كقانون غير مؤكد، حيث يرى بعض المحللين أنه يشكل رادعًا للمستثمرين الأجانب بدلاً من أن يكون تغييرًا تشريعيًا مضمونًا. + +### [ردود الفعل](https://news.ycombinator.com/item?id=42690781) + +- تدرس إسبانيا فرض ضريبة بنسبة 100% على المنازل التي يشتريها المقيمون من خارج الاتحاد الأوروبي لمعالجة مشاكل القدرة على تحمل تكاليف السكن. - يشير النقاد إلى أن المشترين الأجانب ليسوا السبب الرئيسي لارتفاع أسعار المساكن، مشيرين إلى البيروقراطية البطيئة وقوانين تقسيم المناطق كعوامل أكثر أهمية. - أثار الاقتراح نقاشًا حول دور الملكية الأجنبية في أسواق الإسكان وفعاليته في حل قضايا القدرة على تحمل التكاليف. + +## [ستتلقى شركة آبل قريبًا رقائق 'صُنعت في أمريكا' من مصنع TSMC في أريزونا](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- تختبر شركة آبل معالجات من منشأة TSMC في أريزونا، مع خطط للإنتاج الضخم بحلول الربع الأول، مما قد يجعلها أول عميل لـ TSMC في الولايات المتحدة للرقائق المصنعة محليًا. - تهدف هذه المبادرة إلى تعزيز استقلالية السيليكون في الولايات المتحدة، وتقليل الاعتماد على تايوان، التي تعتبر عرضة للمخاطر الجيوسياسية والطبيعية. - من المقرر أن تنتج منشأة TSMC في أريزونا رقائق متقدمة بحجم 3 نانومتر و2 نانومتر، مع جهود مستمرة لتعزيز التوظيف المحلي والشراكات مع الجامعات الأمريكية، على الرغم من أن التغليف سيتم في البداية في تايوان حتى تصبح منشأة بيوريا جاهزة للعمل. + +### [ردود الفعل](https://news.ycombinator.com/item?id=42699977) + +- ستتلقى شركة آبل رقائق من مصنع TSMC في أريزونا، ولكن يجب إرسالها مرة أخرى إلى تايوان للتغليف بسبب نقص المرافق في الولايات المتحدة. - أكثر من 50% من القوى العاملة في مصنع أريزونا هم من تايوان، مما يشير إلى وجود فجوة في مجال العلوم والتكنولوجيا والهندسة والرياضيات (STEM) في الولايات المتحدة. - تواجه مبادرة قانون الرقائق، التي تهدف إلى تعزيز تصنيع أشباه الموصلات في الولايات المتحدة، تحديات حيث يتم التشكيك في علامة "صنع في أمريكا" بسبب عملية التغليف التي تحدث في تايوان، مع خطط لتوفير قدرات تغليف في الولايات المتحدة بحلول عام 2027. + +## [43 ألف سائق أقل على طرق مانهاتن بعد تفعيل تسعير الازدحام](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- بعد تنفيذ تسعير الازدحام، كان هناك انخفاض بنسبة 7.5% في عدد السائقين الذين يدخلون مانهاتن أسفل الشارع الستين، مما يعادل 43,000 سائق أقل كل يوم من أيام الأسبوع. +- أدى تقليل حركة المرور إلى تحسين تدفق الحركة وزيادة سرعات الحافلات، حيث شهدت بعض الحافلات السريعة زيادة في عدد الركاب. +- تستخدم هيئة النقل الحضرية (MTA) إيرادات الرسوم، التي تُقدر بحوالي 500 مليون دولار سنويًا، لتحسينات النقل، على الرغم من بعض المعارضة السياسية. + +### [ردود الفعل](https://news.ycombinator.com/item?id=42692730) + +- أدى تنفيذ تسعير الازدحام في مانهاتن إلى تقليل عدد السائقين بمقدار 43,000، مما أدى إلى زيادة سرعات الحافلات وربما تحسين أوقات استجابة الطوارئ. +- تم تصميم السياسة لتقليل الازدحام المروري وتحسين جودة الهواء، على الرغم من أنها أثارت جدلاً حول تأثيرها على الأفراد ذوي الدخل المنخفض. +- يجادل المؤيدون بأن الفوائد تشمل وسائل نقل عام أكثر كفاءة وهواء أنظف، بينما تستمر المناقشات حول موازنة هذه المزايا مع احتياجات السائقين. + + + + + + diff --git a/i18n/bn/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/bn/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..880323d54 --- /dev/null +++ b/i18n/bn/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [স্নাইক নিরাপত্তা গবেষক ক্ষতিকারক এনপিএম প্যাকেজ স্থাপন করেছেন যা কার্সর.কমকে লক্ষ্য করে।](https://sourcecodered.com/snyk-malicious-npm-package/) + +- একজন Snyk নিরাপত্তা গবেষক Cursor.com, একটি এআই কোডিং কোম্পানিকে লক্ষ্য করে ক্ষতিকারক NPM প্যাকেজ প্রকাশ করেছেন, যা সিস্টেম ডেটা সংগ্রহ করে এবং তা আক্রমণকারী নিয়ন্ত্রিত সার্ভিসে পাঠায়। +- প্যাকেজগুলি, যা "cursor-retrieval," "cursor-always-local," এবং "cursor-shadow-workspace" নামে চিহ্নিত হয়েছে, OpenSSF প্যাকেজ বিশ্লেষণ স্ক্যানার দ্বারা চিহ্নিত হয়েছিল, যার ফলে MAL-2025-27, MAL-2025-28, এবং MAL-2025-29 পরামর্শগুলি জারি করা হয়। +- এই ঘটনা ইনস্টলেশনের আগে NPM প্যাকেজগুলি পরীক্ষা করার গুরুত্বকে তুলে ধরে যাতে সম্ভাব্য নিরাপত্তা হুমকি এড়ানো যায়। + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42690473) + +- একজন Snyk নিরাপত্তা গবেষক cursor.com লক্ষ্য করে ক্ষতিকারক NPM (Node Package Manager) প্যাকেজ প্রকাশ করেছেন, যা নির্ভরতা বিভ্রান্তি দুর্বলতাগুলি তুলে ধরেছে। - এই ঘটনা নিরাপত্তা গবেষণার নীতিশাস্ত্র নিয়ে বিতর্ক উস্কে দিয়েছে, বিশেষ করে পরিবেশ ভেরিয়েবলগুলির প্রকাশ্য উন্মোচন সম্পর্কে। - Cursor.com স্পষ্ট করেছে যে তারা এই কাজের অনুমোদন দেয়নি, এবং Snyk পরে ক্ষমা চেয়েছে, আক্রমণাত্মক নিরাপত্তা গবেষণা এবং নৈতিক মানগুলির মধ্যে ভারসাম্য বজায় রাখার চ্যালেঞ্জগুলি তুলে ধরেছে। + +## [আমি ফায়ারফক্সে স্যুইচ করেছি এবং আর কখনও পিছনে ফিরে তাকাইনি](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- ফায়ারফক্স তার উন্নত ট্যাব ব্যবস্থাপনা, লিঙ্ক সংরক্ষণের জন্য বিল্ট-ইন পকেট ফিচার এবং গোপনীয়তা-কেন্দ্রিক ইমেল রিলে জন্য প্রশংসিত হয়, যা এটিকে ক্রোমের একটি শক্তিশালী বিকল্প করে তোলে। - ব্যবহারকারী-বান্ধব স্ক্রিনশট টুল, একটি ChatGPT বোতাম, পিকচার-ইন-পিকচার, কাস্টমাইজযোগ্য অনুসন্ধান বিকল্প এবং মসৃণ স্ক্রলিং এর মতো অতিরিক্ত বৈশিষ্ট্যগুলি ব্রাউজিং অভিজ্ঞতাকে উন্নত করে। - যদিও ফায়ারফক্সের ক্রোমের ওয়েব অ্যাপ ফিচার নেই, এর চিন্তাশীল নকশা এবং কম সম্পদ চাহিদা এটিকে কিছু ব্যবহারকারীর জন্য পছন্দের পছন্দ করে তোলে। + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42696081) + +- ফায়ারফক্স ব্যবহারকারীরা ইউটিউবের মতো প্ল্যাটফর্ম থেকে চ্যালেঞ্জের সম্মুখীন হন, যা ইচ্ছাকৃতভাবে গুগল-বহির্ভূত ব্রাউজার বা বিজ্ঞাপন ব্লকার ব্যবহারকারীদের জন্য অভিজ্ঞতা খারাপ করতে পারে। - এই প্রবণতা ব্যবহারকারীর স্বায়ত্তশাসন সম্পর্কে উদ্বেগ উত্থাপন করে, কারণ এটি বিজ্ঞাপন-মুক্ত এবং নজরদারি-মুক্ত ওয়েব অভিজ্ঞতা বেছে নেওয়া ব্যক্তিদের শাস্তি দেয়। - ফায়ারফক্স অনন্য বৈশিষ্ট্যগুলি অফার করে, যেমন কন্টেইনার ট্যাব, যা গোপনীয়তা এবং ব্যবহারযোগ্যতা বাড়ায়, এটিকে প্রধান কর্পোরেট-নিয়ন্ত্রিত ব্রাউজার থেকে স্বাধীনতা খুঁজছেন ব্যবহারকারীদের জন্য একটি পছন্দের বিকল্প করে তোলে। + +## [অ্যাপ আপডেট বিপর্যয়ের পর সোনোস সিইও পদত্যাগ করেছেন](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42687932) + +- সোনোসের সিইও একটি বিতর্কিত অ্যাপ আপডেটের পর পদত্যাগ করেছেন যা ব্যবহারকারীদের ব্যয়বহুল সাউন্ড সিস্টেম প্রতিস্থাপন করতে বাধ্য করেছিল, যার ফলে গ্রাহকদের অসন্তোষ সৃষ্টি হয়েছিল। - আপডেটটি একটি ক্লাউড-ভিত্তিক সিস্টেম প্রবর্তন করেছিল, যা নির্ভরযোগ্য ইউনিভার্সাল প্লাগ অ্যান্ড প্লে (UPnP) থেকে দূরে সরে গিয়েছিল, যা সংযোগ সমস্যার সৃষ্টি করেছিল এবং জটিলতা বৃদ্ধি করেছিল। - এই পরিস্থিতি ব্যবসায়িক কৌশল এবং গ্রাহক আস্থা বজায় রাখার মধ্যে দ্বন্দ্বকে তুলে ধরে, কারণ সিইও একটি পরামর্শমূলক ভূমিকায় একটি সেভারেন্স প্যাকেজ সহ স্থানান্তরিত হচ্ছেন। + +## [মিস্টার বিস্টের পেটের মধ্যে](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42696691) + +- প্রবন্ধটি ইউটিউবের অ্যালগরিদম কীভাবে কন্টেন্ট তৈরি প্রভাবিত করে তা পরীক্ষা করে, মিস্টারবিস্টকে একটি কেস স্টাডি হিসেবে ব্যবহার করে, যা অর্থবহ কন্টেন্টের পরিবর্তে সম্পৃক্ততা-চালিত কন্টেন্টের দিকে একটি পরিবর্তনকে তুলে ধরে। - এটি মিডিয়া সাক্ষরতার জন্য বিস্তৃত প্রভাব এবং ইউটিউব ও টিকটকের মতো প্ল্যাটফর্মগুলির সাংস্কৃতিক প্রভাব নিয়ে আলোচনা করে, যা পৃষ্ঠতল এবং প্রতিক্রিয়াশীল কন্টেন্টের দিকে একটি প্রবণতা নির্দেশ করে। - অ্যালগরিদমগুলি কীভাবে কন্টেন্ট গঠন করে এবং জনপ্রিয় নির্মাতারা সাংস্কৃতিক নিয়মগুলিতে কীভাবে প্রভাব ফেলে সে সম্পর্কে বিভিন্ন দৃষ্টিভঙ্গি বিবেচনা করা হয়। + +## [গিটহাব গিট অপারেশনগুলি ডাউন রয়েছে](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- গিটহাব ১৩ জানুয়ারি, ২০২৫ তারিখে একটি গিট অপারেশন আউটেজের সম্মুখীন হয়েছিল, যা অভ্যন্তরীণ লোড ব্যালান্সারে প্রভাবিত একটি কনফিগারেশন পরিবর্তনের কারণে হয়েছিল এবং এটি ২৩:৩৫ থেকে ০০:২৪ ইউটিসি পর্যন্ত স্থায়ী হয়েছিল। - সমস্যাটি কনফিগারেশন পরিবর্তন ফিরিয়ে নিয়ে সমাধান করা হয়েছিল এবং গিটহাব মনিটরিং এবং ডিপ্লয়মেন্ট প্রক্রিয়াগুলি উন্নত করার জন্য কাজ করছে যাতে অনুরূপ ঘটনা প্রতিরোধ করা যায়। - আউটেজটি গিটহাবের অ্যাকশনস এবং পেজেস পরিষেবাগুলিকেও প্রভাবিত করেছিল, যা তাদের প্ল্যাটফর্ম পরিষেবাগুলির আন্তঃসংযুক্ত প্রকৃতিকে তুলে ধরে। + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42691184) + +- গিটহাব একটি বড় আউটেজের সম্মুখীন হয়েছিল যা গিট অপারেশনগুলিকে প্রভাবিত করেছিল, যার ফলে ডেভেলপারদের মধ্যে বিভ্রান্তি সৃষ্টি হয়েছিল যারা প্রাথমিকভাবে তাদের SSH কী বা স্থানীয় কনফিগারেশনের সমস্যাগুলি সন্দেহ করেছিল। - এই ঘটনা কেন্দ্রীভূত পরিষেবাগুলির উপর নির্ভর করার চ্যালেঞ্জগুলিকে তুলে ধরেছিল, যা স্ব-হোস্টিং এবং বিকেন্দ্রীভূত সিস্টেমের সুবিধাগুলি নিয়ে আলোচনার সূত্রপাত করেছিল। - যদিও সমস্যাটি সমাধান করা হয়েছিল, এটি গিটহাবের নির্ভরযোগ্যতা সম্পর্কে উদ্বেগ এবং প্রয়োজনীয় কাজগুলির জন্য তৃতীয় পক্ষের প্ল্যাটফর্মগুলির উপর নির্ভর করার ঝুঁকিগুলিকে হাইলাইট করেছিল। + +## [ZFS 2.3 মুক্তি পেয়েছে ZFS raidz সম্প্রসারণ সহ](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 প্রকাশিত হয়েছে, যা RAIDZ Expansion, Fast Deduplication, Direct Input/Output, JSON আউটপুট এবং দীর্ঘ ফাইল নামের জন্য সমর্থন সহ উল্লেখযোগ্য বৈশিষ্ট্যগুলি প্রবর্তন করেছে। - এই প্রকাশনায় প্রয়োজনীয় বাগ ফিক্স এবং কর্মক্ষমতা উন্নয়ন অন্তর্ভুক্ত রয়েছে, যা লিনাক্স কার্নেল 4.18 - 6.12 এবং ফ্রিBSD সংস্করণ 13.3, 14.0 - 14.2 এর সাথে সামঞ্জস্যপূর্ণ। - এই আপডেটটি 134 জন অবদানকারীর একটি যৌথ প্রচেষ্টা, যার জন্য বিস্তৃত ডকুমেন্টেশন এবং একটি পরিবর্তন লগ পর্যালোচনার জন্য উপলব্ধ। + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 প্রকাশিত হয়েছে, যা RAIDZ সম্প্রসারণ, দ্রুত ডিডুপ্লিকেশন, সরাসরি IO, JSON আউটপুট এবং দীর্ঘ ফাইল নামের জন্য সমর্থন সহ বৈশিষ্ট্যগুলি প্রবর্তন করেছে। - RAIDZ সম্প্রসারণ বিশেষভাবে উল্লেখযোগ্য কারণ এটি ব্যবহারকারীদের বিদ্যমান RAIDZ পুলে নতুন ডিভাইস যোগ করার অনুমতি দেয় কোনো ডাউনটাইম ছাড়াই, যা স্টোরেজ ক্ষমতা বাড়ায়। - এই প্রকাশনাটি ZFS ব্যবহারকারীদের জন্য একটি উল্লেখযোগ্য অগ্রগতি হিসাবে বিবেচিত হয়, যা Btrfs এবং Windows Storage Spaces এর মতো অন্যান্য ফাইল সিস্টেমের সাথে তুলনা করে, যদিও পুল সংকুচিত করতে অক্ষমতার মতো কিছু সীমাবদ্ধতা রয়েছে। + +## [ওয়েবটপ – আলপাইন, উবুন্টু, ফেডোরা, এবং আর্চ কন্টেইনারগুলি সম্পূর্ণ ডেস্কটপ পরিবেশ সহ অন্তর্ভুক্ত করে](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop সম্পূর্ণ ডেস্কটপ পরিবেশ সহ কন্টেইনার প্রদান করে যা Alpine, Ubuntu, Fedora, এবং Arch এর উপর ভিত্তি করে তৈরি এবং ওয়েব ব্রাউজারের মাধ্যমে অ্যাক্সেসযোগ্য, যা x86-64 এবং arm64 আর্কিটেকচার উভয়কেই সমর্থন করে। +- ব্যবহারকারীরা নির্দিষ্ট ইমেজ ট্যাগ ব্যবহার করে XFCE, KDE, MATE, i3, Openbox, এবং IceWM এর মতো বিভিন্ন ডেস্কটপ পরিবেশ থেকে নির্বাচন করতে পারেন এবং নির্দিষ্ট URL এর মাধ্যমে ওয়েবটপে প্রবেশ করতে পারেন। +- নিরাপত্তা বৈশিষ্ট্যগুলির মধ্যে রয়েছে Docker-এর seccomp অপশন এবং প্রমাণীকরণ সেটআপ, পরিবেশ ভেরিয়েবলের মাধ্যমে কাস্টমাইজেশন বিকল্পগুলি উপলব্ধ, এবং ওপেন-সোর্স ড্রাইভার সহ GPU ত্বরণ সমর্থন। + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42690983) + +- ওয়েবটপ অ্যালপাইন, উবুন্টু, ফেডোরা এবং আর্চের জন্য সম্পূর্ণ ডেস্কটপ পরিবেশ সহ কন্টেইনার সরবরাহ করে, যা ভিপিএন-এর পিছনে দ্রুত সেটআপের জন্য উপযুক্ত। +- ব্যবহারকারীরা ওয়েবটপের গতি এবং ব্যবহার সহজতার জন্য প্রশংসা করেন, বিশেষ করে যখন এটি গ্লুটুন কন্টেইনারের সাথে নিরাপদ সংযোগের জন্য ব্যবহার করা হয়, তবে ডিফল্ট প্রমাণীকরণের অভাবে নিরাপত্তা ব্যবস্থা ছাড়া কন্টেইনারগুলোকে ইন্টারনেটে উন্মুক্ত করার বিরুদ্ধে সতর্ক করেন। +- প্রকল্পটি ওপেন-সোর্স এবং নমনীয় হওয়ার জন্য মূল্যবান, যেখানে ব্যবহারকারীরা কনফিগারেশন শেয়ার করে, এবং কাসম এবং সেলকিসের মতো বিকল্পগুলি একই উদ্দেশ্যে উল্লেখযোগ্য। + +## [অনুসন্ধানে দেখা গেছে, প্রতি ৫টি অনলাইন চাকরির বিজ্ঞাপনের মধ্যে ১টি হয় ভুয়া অথবা কখনো পূরণ হয় না।](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- একটি সাম্প্রতিক গবেষণায় দেখা গেছে যে অনলাইন চাকরির বিজ্ঞাপনগুলির ২০% হয় মিথ্যা বা পূরণ হয় না, যা চাকরি প্রার্থীদের হতাশা বাড়ায়। - এই "ভূত চাকরি" প্রবণতা হতে পারে কোম্পানিগুলির জন্য একটি কৌশল তাদের বৃদ্ধির চিত্র প্রদর্শনের জন্য। - গ্রিনহাউস এবং লিঙ্কডইন-এর মতো চাকরি প্ল্যাটফর্মগুলি ব্যবহারকারীদের প্রকৃত চাকরির সুযোগ সনাক্ত করতে সহায়তা করার জন্য চাকরি যাচাইকরণ পরিষেবা চালু করেছে। + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42697783) + +- একটি গবেষণায় প্রকাশ করা হয়েছে যে অনলাইন চাকরির বিজ্ঞাপনগুলির ২০% হয় ভুয়া বা পূরণ হয় না, প্রায়শই মার্কিন অভিবাসন নীতির সাথে সামঞ্জস্য রাখতে কোম্পানিগুলির প্রয়োজনের কারণে। - কোম্পানিগুলি আদর্শ প্রার্থীদের খুঁজে পেতে, প্রয়োজনীয়তা পরিবর্তন করতে, বা পূর্বনির্ধারিত অভ্যন্তরীণ প্রার্থীদের থাকতে চাকরির বিজ্ঞাপনগুলি রেখে দিতে পারে। - চাকরির বাজার আবেদনকারীদের জন্য কঠিন, যারা প্রায়শই ঘোস্টিং এবং স্বয়ংক্রিয় প্রত্যাখ্যানের সম্মুখীন হয়, যা নিয়ন্ত্রক হস্তক্ষেপের আহ্বান জানায়। + +## [চালকদের সেকেন্ড বাঁচানোর জন্য পথচারীদের জন্য একটি সংযোগস্থলকে অনিরাপদ করা](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42698557) + +- আলোচনাটি কেন্দ্রীভূত হয়েছে যে, চৌরাস্তা গুলোতে পথচারীর নিরাপত্তা অগ্রাধিকার পাবে নাকি চালকের কার্যকারিতা, যেখানে কিছু লোক লাইট-নিয়ন্ত্রিত চৌরাস্তা এবং পথচারী স্ক্র্যাম্বলকে ৪-ওয়ে স্টপের চেয়ে বেশি পছন্দ করে। +- ট্রাফিক আইন এবং অবকাঠামো নকশা নিয়ে মতামত ভিন্ন হয়, যেখানে জেব্রা ক্রসিংয়ের নিরাপত্তা এবং লাল বাতিতে ডান দিকে মোড় নেওয়ার সাথে সম্পর্কিত ঝুঁকি নিয়ে আলোচনা হয়। +- কিছু লোক বিকল্প সমাধানের পক্ষে যেমন গোলচত্বর বা ডাচ ট্রাফিক প্রকৌশল মানদণ্ড গ্রহণের পক্ষে যুক্তি দেন যাতে উভয় নিরাপত্তা এবং দক্ষতা বৃদ্ধি পায়। + +## [PostgreSQL হল ২০২৪ সালের ডেটাবেস ম্যানেজমেন্ট সিস্টেম অফ দ্য ইয়ার](https://db-engines.com/en/blog_post/109) + +- PostgreSQL DB-Engines দ্বারা ২০২৪ সালের DBMS অফ দ্য ইয়ার পুরস্কার পেয়েছে, যা ৪২৩টি অন্যান্য ডাটাবেস ম্যানেজমেন্ট সিস্টেমকে অতিক্রম করে পঞ্চমবারের মতো এই স্বীকৃতি অর্জন করেছে। +- প্রায় ৩৫ বছরের ইতিহাস নিয়ে PostgreSQL এখনও উদ্ভাবন করে চলেছে, যা সেপ্টেম্বর ২০২৪-এ প্রকাশিত PostgreSQL 17-এর সাম্প্রতিক উন্নতিগুলিতে দেখা যায়। +- স্নোফ্লেক এবং মাইক্রোসফট যথাক্রমে দ্বিতীয় এবং তৃতীয় স্থান অর্জন করেছে, যেখানে স্নোফ্লেক তার ক্লাউড-ভিত্তিক ডেটা ওয়্যারহাউজিং এবং মাল্টি-ক্লাউড সমর্থনের জন্য উল্লেখযোগ্য, অন্যদিকে মাইক্রোসফ্ট অ্যাজুর এসকিউএল ডেটাবেস এবং এসকিউএল সার্ভারের মাধ্যমে শক্তিশালী পরিচালিত রিলেশনাল ডেটাবেস সরবরাহ করে। + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL ২০২৪ সালের ডেটাবেস ম্যানেজমেন্ট সিস্টেম অফ দ্য ইয়ার পুরস্কার পেয়েছে db-engines.com থেকে, যা এর ক্রমবর্ধমান জনপ্রিয়তা এবং শিল্পে স্বীকৃতি প্রদর্শন করে। +- ব্যবহারকারীরা উচ্চ লাইসেন্সিং খরচ এবং সম্পদের সীমাবদ্ধতার কারণে মাইক্রোসফট SQL সার্ভার থেকে PostgreSQL-এ পরিবর্তন করার কথা বিবেচনা করছেন, যদিও সম্ভাব্য মাইগ্রেশন চ্যালেঞ্জ রয়েছে। +- PostgreSQL তার শক্তিশালী বৈশিষ্ট্য এবং খরচ-সাশ্রয়ী হওয়ার জন্য পছন্দ করা হয়, যা এটিকে ভবিষ্যতের প্রকল্পগুলির জন্য একটি পছন্দের বিকল্প করে তোলে, যদিও কিছু ব্যবহারকারী খরচ কমানোর জন্য Babelfish এর মতো বিকল্পগুলি অন্বেষণ করেন। + +## [গুগলের OAuth লগইন একটি ব্যর্থ স্টার্টআপ ডোমেইন কেনার বিরুদ্ধে সুরক্ষা প্রদান করে না](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42699099) + +- আলোচনাটি গুগলের OAuth লগইন সিস্টেমের একটি দুর্বলতাকে তুলে ধরে যখন একটি ব্যর্থ স্টার্টআপের ডোমেইন নতুন মালিক দ্বারা অধিগ্রহণ করা হয়, যা সম্ভাব্যভাবে অননুমোদিত সেবাগুলিতে প্রবেশের অনুমতি দিতে পারে। +- এই সমস্যা দেখা দেয় কারণ গুগল হয়তো মূল এবং নতুন ডোমেইন মালিকদের মধ্যে পার্থক্য করতে পারে না, যা ডোমেইন-ভিত্তিক প্রমাণীকরণ ব্যবহার করে এমন যে কোনো সিস্টেমকে প্রভাবিত করতে পারে। +- একটি প্রস্তাবিত সমাধান হল এমন অনন্য শনাক্তকারী ব্যবহার করা যা সময়ের সাথে সাথে অপরিবর্তিত থাকে, যদিও এই সমাধানের বাস্তবায়ন পরিচয় প্রদানকারীদের মধ্যে ভিন্ন হয়। + +## [কোডিং দক্ষতা ব্যবহার করে প্যাসিভ আয় করা](https://www.coryzue.com/writing/solopreneur/) + +- লেখক একজন সিটিও ভূমিকা থেকে একক উদ্যোক্তা হিসেবে রূপান্তরিত হয়েছেন, সফটওয়্যার পণ্যের একটি পোর্টফোলিওর মাধ্যমে সফলভাবে আরও বেশি উপার্জন করছেন। +- মূল কৌশলগুলির মধ্যে রয়েছে গভীর কাজের উপর মনোযোগ দেওয়া, ছোট প্রকল্প দিয়ে শুরু করা, দ্রুত পুনরাবৃত্তি করা এবং বিপণন প্রচেষ্টার জন্য সময় উৎসর্গ করা। +- যাত্রাটি অনিশ্চয়তার কারণে স্থিতিস্থাপকতার উপর জোর দেয়, তবে এই ক্যারিয়ার পথের অতুলনীয় স্বায়ত্তশাসন এবং স্বাধীনতাকে তুলে ধরে, কোডিং দক্ষতা সম্পন্ন ব্যক্তিদের এটি প্যাসিভ আয়ের জন্য বিবেচনা করার জন্য উৎসাহিত করে। + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42696822) + +- একজন ব্যবহারকারী বর্ণনা করেছেন যে কীভাবে তারা SEO স্প্যাম ওয়েবসাইটের মাধ্যমে প্যাসিভ আয় তৈরি করেছেন, যা মেয়াদোত্তীর্ণ ডোমেইন নাম ব্যবহার করে বার্ষিক প্রায় $30k উপার্জন করে, যদিও নৈতিক উদ্বেগ এবং গুগলের শেষ পর্যন্ত দমন করার পরেও। +- পোস্টটি প্যাসিভ আয়ের উপর একটি বিতর্ক উস্কে দিয়েছে, যেখানে কিছু ব্যবহারকারী যুক্তি দিয়েছেন যে এটি প্রকৃতপক্ষে প্যাসিভ আয়ের চেয়ে ব্যবসা পরিচালনার সাথে বেশি সাদৃশ্যপূর্ণ। +- অংশগ্রহণকারীরা পার্শ্ব প্রকল্পগুলিতে অভিজ্ঞতা এবং চ্যালেঞ্জগুলি শেয়ার করেছেন, সময়, স্থিতিশীলতা এবং কৌশলগত পরিকল্পনার গুরুত্বকে তুলে ধরে। + +## [স্পেন অ-ইউরোপীয় ইউনিয়নের বাসিন্দাদের দ্বারা কেনা বাড়ির উপর ১০০% কর প্রস্তাব করেছে](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- স্পেন অ-ইউরোপীয় ইউনিয়নের বাসিন্দাদের দ্বারা রিয়েল এস্টেট ক্রয়ের উপর ১০০% কর আরোপের কথা বিবেচনা করছে, যা আবাসন সংকট মোকাবেলা এবং জল্পনামূলক ক্রয় নিয়ন্ত্রণের লক্ষ্যে। +- প্রধানমন্ত্রী পেদ্রো সানচেজের প্রস্তাবের মধ্যে রয়েছে সামাজিক আবাসন সম্প্রসারণ এবং পর্যটক ভাড়াগুলি নিয়ন্ত্রণ করা, যা আবাসন মূল্য এবং আয়ের মধ্যে বৈষম্য মোকাবেলা করতে সহায়ক হবে। +- প্রস্তাবটির আইন হিসেবে ভবিষ্যৎ অনিশ্চিত, কিছু বিশ্লেষক এটিকে বিদেশি বিনিয়োগকারীদের জন্য একটি প্রতিবন্ধকতা হিসেবে দেখছেন, নিশ্চিত আইনগত পরিবর্তন হিসেবে নয়। + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42690781) + +- স্পেন অ-ইউরোপীয় ইউনিয়নের বাসিন্দাদের দ্বারা কেনা বাড়ির উপর ১০০% কর আরোপের কথা বিবেচনা করছে যাতে আবাসন সাশ্রয়ীতা সমস্যার সমাধান করা যায়। - সমালোচকরা বলছেন যে বিদেশী ক্রেতারা উচ্চ আবাসন মূল্যের প্রধান কারণ নয়, বরং ধীর প্রশাসনিক প্রক্রিয়া এবং জোনিং আইনকে আরও গুরুত্বপূর্ণ কারণ হিসেবে উল্লেখ করেছেন। - এই প্রস্তাবটি আবাসন বাজারে বিদেশী মালিকানার ভূমিকা এবং সাশ্রয়ীতা সমস্যার সমাধানে এর কার্যকারিতা নিয়ে বিতর্কের সূচনা করেছে। + +## [অ্যাপল শীঘ্রই TSMC-এর অ্যারিজোনা ফ্যাব থেকে 'মেড ইন আমেরিকা' চিপস পাবে](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- অ্যাপল টিএসএমসি'র অ্যারিজোনা কারখানার প্রসেসর পরীক্ষা করছে, প্রথম ত্রৈমাসিকের মধ্যে ব্যাপক উৎপাদনের পরিকল্পনা নিয়ে, যা স্থানীয়ভাবে উত্পাদিত চিপের জন্য টিএসএমসি'র প্রথম মার্কিন গ্রাহক হতে পারে। - এই উদ্যোগটি মার্কিন সিলিকন স্বাধীনতা বাড়ানোর লক্ষ্যে, তাইওয়ানের উপর নির্ভরতা কমানোর জন্য, যা ভূ-রাজনৈতিক এবং প্রাকৃতিক ঝুঁকির প্রতি সংবেদনশীল। - টিএসএমসি'র অ্যারিজোনা ফ্যাব উন্নত ৩এনএম এবং ২এনএম চিপ উৎপাদন করবে, স্থানীয় নিয়োগ এবং মার্কিন বিশ্ববিদ্যালয়গুলির সাথে অংশীদারিত্ব বাড়ানোর প্রচেষ্টা চলমান রয়েছে, যদিও প্যাকেজিং প্রাথমিকভাবে তাইওয়ানে ঘটবে যতক্ষণ না পিওরিয়া কারখানাটি কার্যকর হয়। + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42699977) + +- অ্যাপল টিএসএমসি'র অ্যারিজোনা প্ল্যান্ট থেকে চিপ পাবে, কিন্তু সেগুলো প্যাকেজিংয়ের জন্য তাইওয়ানে ফেরত পাঠাতে হবে কারণ যুক্তরাষ্ট্রে পর্যাপ্ত সুবিধা নেই। - অ্যারিজোনা প্ল্যান্টের কর্মশক্তির ৫০% এরও বেশি তাইওয়ান থেকে এসেছে, যা যুক্তরাষ্ট্রের এসটিইএম (বিজ্ঞান, প্রযুক্তি, প্রকৌশল, এবং গণিত) ক্ষেত্রে একটি ফাঁক নির্দেশ করে। - চিপস অ্যাক্ট উদ্যোগ, যা যুক্তরাষ্ট্রের সেমিকন্ডাক্টর উৎপাদন বাড়ানোর লক্ষ্যে কাজ করছে, চ্যালেঞ্জের সম্মুখীন হচ্ছে কারণ "মেড ইন আমেরিকা" লেবেলটি প্রশ্নবিদ্ধ হচ্ছে প্যাকেজিং প্রক্রিয়া তাইওয়ানে হওয়ার কারণে, যদিও ২০২৭ সালের মধ্যে যুক্তরাষ্ট্রে প্যাকেজিং সক্ষমতা তৈরির পরিকল্পনা রয়েছে। + +## [কনজেশন প্রাইসিং চালু হওয়ার পর ম্যানহাটনের রাস্তায় ৪৩ হাজার কম গাড়িচালক](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- যখন যানজট মূল্য নির্ধারণ কার্যকর করা হয়েছিল, তখন ৬০তম স্ট্রিটের নিচে ম্যানহাটনে প্রবেশকারী চালকদের সংখ্যা ৭.৫% হ্রাস পেয়েছিল, যা প্রতিদিনের সপ্তাহের দিনে ৪৩,০০০ কম চালকের সমান। +- যানজট কমে যাওয়ায় ট্রাফিক প্রবাহ উন্নত হয়েছে এবং বাসের গতি বেড়েছে, কিছু এক্সপ্রেস বাসে যাত্রী সংখ্যা বৃদ্ধি পেয়েছে। +- মেট্রোপলিটন ট্রান্সপোর্টেশন অথরিটি (এমটিএ) কিছু রাজনৈতিক বিরোধিতা সত্ত্বেও ট্রানজিট উন্নতির জন্য টোল রাজস্ব, যা বার্ষিক প্রায় ৫০০ মিলিয়ন ডলার অনুমান করা হয়, ব্যবহার করে। + +### [প্রতিক্রিয়া](https://news.ycombinator.com/item?id=42692730) + +- ম্যানহাটনে যানজট মূল্যায়নের বাস্তবায়নের ফলে ৪৩,০০০ কম চালক হয়েছে, যা বাসের গতি বৃদ্ধি এবং সম্ভাব্যভাবে জরুরি সেবার প্রতিক্রিয়া সময় উন্নত করেছে। +- নীতিটি যানজট কমানো এবং বায়ুর গুণমান উন্নত করার জন্য তৈরি করা হয়েছে, যদিও এটি নিম্ন আয়ের ব্যক্তিদের উপর এর প্রভাব নিয়ে বিতর্ক সৃষ্টি করেছে। +- সমর্থকরা যুক্তি দেন যে এর সুবিধাগুলির মধ্যে রয়েছে আরও দক্ষ গণপরিবহন এবং পরিষ্কার বাতাস, যখন এই সুবিধাগুলির সাথে চালকদের প্রয়োজনের ভারসাম্য বজায় রাখার বিষয়ে আলোচনা অব্যাহত রয়েছে। + + + + + + diff --git a/i18n/cs/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/cs/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..b30b50b93 --- /dev/null +++ b/i18n/cs/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [„Výzkumník bezpečnosti Snyk nasazuje škodlivé balíčky NPM zaměřené na cursor.com“](https://sourcecodered.com/snyk-malicious-npm-package/) + +- „Bezpečnostní výzkumník ze společnosti Snyk zveřejnil škodlivé balíčky NPM zaměřené na Cursor.com, společnost zabývající se AI kódováním, s cílem shromažďovat systémová data a odesílat je na službu ovládanou útočníkem.“ +- „Balíčky, identifikované jako „cursor-retrieval“, „cursor-always-local“ a „cursor-shadow-workspace“, byly označeny skenerem analýzy balíčků OpenSSF, což vedlo k vydání upozornění MAL-2025-27, MAL-2025-28 a MAL-2025-29.“ +- „Tento incident zdůrazňuje důležitost pečlivého prověřování NPM balíčků před jejich instalací, aby se předešlo možným bezpečnostním hrozbám.“ + +### [Reakce](https://news.ycombinator.com/item?id=42690473) + +- „Bezpečnostní výzkumník společnosti Snyk zveřejnil škodlivé balíčky NPM (Node Package Manager) zaměřené na cursor.com, čímž poukázal na zranitelnosti způsobené záměnou závislostí. - Incident vyvolal debatu o etice bezpečnostního výzkumu, zejména pokud jde o veřejné odhalení proměnných prostředí. - Cursor.com objasnil, že tuto akci neautorizovali, a Snyk se od té doby omluvil, což zdůrazňuje výzvy při vyvažování ofenzivního bezpečnostního výzkumu s etickými standardy.“ + +## [„Přešel jsem na Firefox a nikdy se neohlédl zpět“](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- „Firefox je chválen za svou vynikající správu karet, vestavěnou funkci Pocket pro ukládání odkazů a e-mailový relé zaměřený na ochranu soukromí, což z něj činí silnou alternativu k Chromu. - Další funkce jako uživatelsky přívětivý nástroj pro snímky obrazovky, tlačítko ChatGPT, režim obraz v obraze, přizpůsobitelné možnosti vyhledávání a plynulé rolování zlepšují zážitek z prohlížení. - Ačkoli Firefox postrádá funkci webových aplikací Chromu, jeho promyšlený design a nižší nároky na zdroje z něj činí preferovanou volbu pro některé uživatele.“ + +### [Reakce](https://news.ycombinator.com/item?id=42696081) + +- „Uživatelé Firefoxu čelí výzvám ze strany platforem jako YouTube, které mohou záměrně zhoršovat zážitek pro prohlížeče mimo Google nebo pro uživatele používající blokátory reklam. Tento trend vyvolává obavy ohledně autonomie uživatelů, protože penalizuje ty, kteří se rozhodnou pro webový zážitek bez reklam a sledování. Firefox nabízí jedinečné funkce, jako jsou kontejnerové karty, které zvyšují soukromí a použitelnost, což z něj činí oblíbenou volbu pro uživatele hledající nezávislost na prohlížečích ovládaných velkými korporacemi.“ + +## [„Generální ředitel společnosti Sonos odstupuje po fiasku s aktualizací aplikace“](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reakce](https://news.ycombinator.com/item?id=42687932) + +- „Generální ředitel společnosti Sonos rezignoval po kontroverzní aktualizaci aplikace, která vyžadovala, aby uživatelé nahradili drahé zvukové systémy, což způsobilo nespokojenost zákazníků. - Aktualizace zavedla systém založený na cloudu, čímž se odklonila od spolehlivého Universal Plug and Play (UPnP), což vedlo k problémům s konektivitou a zvýšené složitosti. - Tato situace zdůrazňuje konflikt mezi obchodními strategiemi a udržováním důvěry zákazníků, zatímco generální ředitel přechází do poradní role s odstupným balíčkem.“ + +## [„V břiše MrBeasta“](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reakce](https://news.ycombinator.com/item?id=42696691) + +- „Esej zkoumá, jak algoritmus YouTube ovlivňuje tvorbu obsahu, přičemž jako případovou studii používá MrBeasta, a zdůrazňuje posun směrem k obsahu řízenému zapojením spíše než k smysluplnému obsahu. Diskutuje o širších důsledcích pro mediální gramotnost a kulturní dopad platforem jako YouTube a TikTok, naznačujíc trend směrem k povrchnímu a reakčnímu obsahu. Zvažují se různé perspektivy na roli algoritmů při formování obsahu a vliv populárních tvůrců na kulturní normy.“ + +## [„Operace Git na GitHubu jsou mimo provoz“](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- „GitHub čelil výpadku operací Git dne 13. ledna 2025 kvůli změně konfigurace ovlivňující interní vyrovnávač zatížení, který trval od 23:35 do 00:24 UTC. - Problém byl vyřešen vrácením změny konfigurace a GitHub pracuje na zlepšení monitorovacích a nasazovacích procesů, aby se předešlo podobným incidentům. - Výpadek také ovlivnil služby GitHub Actions a Pages, což zdůrazňuje propojenou povahu jejich platformových služeb.“ + +### [Reakce](https://news.ycombinator.com/item?id=42691184) + +- „GitHub čelil významnému výpadku, který ovlivnil git operace, což vedlo ke zmatku mezi vývojáři, kteří zpočátku podezřívali problémy se svými SSH klíči nebo místními konfiguracemi. - Incident zdůraznil výzvy spojené se spoléháním na centralizované služby, což vyvolalo diskuse o výhodách samostatného hostování a decentralizovaných systémů. - Ačkoli byl problém vyřešen, poukázal na obavy ohledně spolehlivosti GitHubu a rizik spojených se závislostí na platformách třetích stran pro klíčové úkoly.“ + +## [„ZFS 2.3 vydán s rozšířením ZFS raidz“](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- „OpenZFS 2.3.0 byl vydán a přináší významné funkce jako rozšíření RAIDZ, rychlou deduplikaci, přímý vstup/výstup, výstup ve formátu JSON a podporu pro dlouhé názvy souborů. - Vydání zahrnuje důležité opravy chyb a vylepšení výkonu, kompatibilní s jádry Linuxu 4.18 - 6.12 a verzemi FreeBSD 13.3, 14.0 - 14.2. - Aktualizace je výsledkem spolupráce 134 přispěvatelů, s dostupnou komplexní dokumentací a seznamem změn k nahlédnutí.“ + +### [Reakce](https://news.ycombinator.com/item?id=42694596) + +- „ZFS 2.3 byl vydán a přináší funkce jako rozšíření RAIDZ, rychlou deduplikaci, přímý vstup/výstup, výstup ve formátu JSON a podporu pro dlouhé názvy souborů. - Rozšíření RAIDZ je obzvláště pozoruhodné, protože umožňuje uživatelům přidávat nové zařízení do stávajícího RAIDZ poolu bez výpadku, čímž zvyšuje kapacitu úložiště. - Toto vydání je považováno za významný pokrok pro uživatele ZFS, přičemž se srovnává s jinými souborovými systémy jako Btrfs a Windows Storage Spaces, i přes některá omezení, jako je neschopnost zmenšit pooly.“ + +## [„Webtop – kontejnery Alpine, Ubuntu, Fedora a Arch obsahující plná desktopová prostředí“](https://docs.linuxserver.io/images/docker-webtop/) + +- „Linuxserver/webtop poskytuje kontejnery založené na Alpine, Ubuntu, Fedora a Arch s plnými desktopovými prostředími přístupnými přes webové prohlížeče, podporujícími jak architektury x86-64, tak arm64.“ +- „Uživatelé si mohou vybrat z různých desktopových prostředí, jako jsou XFCE, KDE, MATE, i3, Openbox a IceWM, pomocí specifických značek obrázků a přistupovat k Webtopu prostřednictvím určených URL.“ +- „Bezpečnostní funkce zahrnují možnost seccomp v Dockeru a nastavení autentizace, s možnostmi přizpůsobení prostřednictvím proměnných prostředí, a podporu pro akceleraci GPU s open-source ovladači.“ + +### [Reakce](https://news.ycombinator.com/item?id=42690983) + +- „Webtop poskytuje kontejnery s plnými desktopovými prostředími pro Alpine, Ubuntu, Fedora a Arch, vhodné pro rychlé nastavení za VPN.“ +- „Uživatelé chválí Webtop za jeho rychlost a snadnost použití, zejména při použití s kontejnerem Gluetun pro zabezpečené připojení, ale varují před vystavením kontejnerů internetu bez bezpečnostních opatření kvůli absenci výchozí autentizace.“ +- „Projekt je ceněn za to, že je open-source a flexibilní, přičemž uživatelé sdílejí konfigurace, a alternativy jako Kasm a Selkies jsou zmíněny pro podobné účely.“ + +## [„1 z 5 online pracovních nabídek je buď falešná, nebo nikdy není obsazena, zjistila studie.“](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- „Nedávná studie naznačuje, že 20 % online pracovních nabídek je buď falešných, nebo zůstává neobsazených, což přispívá k frustraci uchazečů o zaměstnání. - Tento trend „duchovních pracovních míst“ může být taktikou firem, jak projektovat obraz růstu. - Pracovní platformy jako Greenhouse a LinkedIn zavedly služby ověřování pracovních nabídek, aby uživatelům pomohly identifikovat skutečné pracovní příležitosti.“ + +### [Reakce](https://news.ycombinator.com/item?id=42697783) + +- „Studie odhaluje, že 20 % online pracovních nabídek je buď falešných, nebo zůstává neobsazených, často kvůli potřebě firem dodržovat imigrační politiky USA. - Firmy mohou také ponechat pracovní nabídky aktivní, aby našly ideální kandidáty, změnily požadavky nebo měly předem vybrané interní kandidáty. - Trh práce je pro uchazeče obtížný, často se setkávají s ignorováním a automatickým odmítáním, což vyvolává výzvy k regulačnímu zásahu.“ + +## [„Učinit křižovatku nebezpečnou pro chodce, aby se ušetřily sekundy pro řidiče“](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reakce](https://news.ycombinator.com/item?id=42698557) + +- „Debata se soustředí na to, zda by křižovatky měly upřednostňovat bezpečnost chodců nebo efektivitu řidičů, přičemž někteří upřednostňují světelně řízené křižovatky a přechody pro chodce před čtyřcestnými zastávkami.“ +- „Názory na dopravní předpisy a návrh infrastruktury se různí, přičemž se diskutuje o bezpečnosti přecházení mimo přechod a rizicích spojených s odbočováním vpravo na červenou.“ +- „Někteří prosazují alternativní řešení, jako jsou kruhové objezdy nebo přijetí nizozemských standardů dopravního inženýrství, aby se zvýšila bezpečnost i efektivita.“ + +## [„PostgreSQL je systém pro správu databází roku 2024“](https://db-engines.com/en/blog_post/109) + +- „PostgreSQL byl oceněn jako DBMS roku 2024 podle DB-Engines, čímž získal toto uznání popáté a překonal 423 dalších systémů pro správu databází.“ +- „PostgreSQL, s historií sahající téměř 35 let zpět, nadále inovuje, jak je vidět na nedávných vylepšeních PostgreSQL 17, vydaných v září 2024.“ +- „Snowflake a Microsoft si zajistily druhé a třetí místo, přičemž Snowflake je známý pro své cloudové datové sklady a podporu více cloudů, zatímco Microsoft nabízí robustní spravované relační databáze prostřednictvím Azure SQL Database a SQL Server.“ + +### [Reakce](https://news.ycombinator.com/item?id=42696080) + +- „PostgreSQL byl oceněn jako Systém pro správu databází roku 2024 podle db-engines.com, což zdůrazňuje jeho rostoucí popularitu a uznání v oboru.“ +- „Uživatelé zvažují přechod z Microsoft SQL Server na PostgreSQL kvůli vysokým licenčním nákladům a omezením zdrojů, i přes možné výzvy spojené s migrací.“ +- „PostgreSQL je oblíbený pro své robustní funkce a nákladovou efektivitu, což z něj činí preferovanou volbu pro budoucí projekty, ačkoli někteří uživatelé zkoumají alternativy jako Babelfish ke snížení nákladů.“ + +## [„Google OAuth přihlášení nechrání proti nákupu domény zkrachovalého startupu“](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reakce](https://news.ycombinator.com/item?id=42699099) + +- „Diskuse poukazuje na zranitelnost v systému přihlašování Google OAuth, když je doména neúspěšného startupu získána novým vlastníkem, což může potenciálně umožnit neoprávněný přístup ke službám.“ +- „Tento problém vzniká, protože Google nemusí rozlišovat mezi původními a novými vlastníky domény, což ovlivňuje jakýkoli systém, který používá autentizaci založenou na doméně.“ +- „Navrhovaným řešením je použití jedinečných identifikátorů, které zůstávají konstantní v průběhu času, ačkoli implementace tohoto řešení se liší mezi poskytovateli identity.“ + +## [„Použití programovacích dovedností k vytváření pasivního příjmu“](https://www.coryzue.com/writing/solopreneur/) + +- „Autor přešel z role CTO na solopodnikatele a úspěšně vydělává více prostřednictvím portfolia softwarových produktů.“ +- „Klíčové strategie zahrnují zaměření na hlubokou práci, začínání s malými projekty, rychlé iterace a věnování času marketingovým aktivitám.“ +- „Cesta zdůrazňuje odolnost kvůli nejistotám, ale vyzdvihuje jedinečnou autonomii a svobodu této kariérní cesty, čímž povzbuzuje ty, kteří mají dovednosti v programování, aby ji zvážili jako zdroj pasivního příjmu.“ + +### [Reakce](https://news.ycombinator.com/item?id=42696822) + +- „Uživatel popsal generování pasivního příjmu prostřednictvím SEO spamových webů s využitím expirovaných doménových jmen, přičemž vydělával přibližně 30 tisíc dolarů ročně, navzdory etickým obavám a následnému zásahu ze strany Googlu.“ +- „Příspěvek vyvolal debatu o pasivním příjmu, přičemž někteří uživatelé tvrdili, že je to spíše podobné provozování podnikání než skutečně pasivní výdělky.“ +- „Účastníci sdíleli zkušenosti a výzvy v rámci vedlejších projektů, zdůrazňujíc důležitost času, odolnosti a strategického plánování.“ + +## [„Španělsko navrhuje 100% daň na domy koupené rezidenty mimo EU“](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- „Španělsko zvažuje zavedení 100% daně na nákupy nemovitostí osobami, které nejsou rezidenty EU, s cílem řešit krizi bydlení a omezit spekulativní nákupy.“ +- „Návrh premiéra Pedra Sáncheze zahrnuje rozšíření sociálního bydlení a regulaci turistických pronájmů, aby se řešila nerovnováha mezi cenami bydlení a příjmy.“ +- „Budoucnost návrhu jako zákona je nejistá, přičemž někteří analytici jej vnímají spíše jako odstrašující prostředek pro zahraniční investory než jako zaručenou legislativní změnu.“ + +### [Reakce](https://news.ycombinator.com/item?id=42690781) + +- „Španělsko zvažuje 100% daň na domy zakoupené rezidenty mimo EU, aby řešilo problémy s dostupností bydlení. - Kritici naznačují, že zahraniční kupci nejsou hlavní příčinou vysokých cen bydlení, přičemž jako významnější faktory uvádějí pomalou byrokracii a územní zákony. - Návrh vyvolal debatu o roli zahraničního vlastnictví na trzích s bydlením a jeho účinnosti při řešení problémů s dostupností.“ + +## [„Apple brzy obdrží čipy 'vyrobené v Americe' z továrny TSMC v Arizoně“](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- „Apple testuje procesory z arizonského závodu TSMC s plány na hromadnou výrobu v prvním čtvrtletí, což by mohlo z TSMC udělat prvního amerického zákazníka pro lokálně vyráběné čipy. - Tato iniciativa má za cíl posílit americkou nezávislost na křemíku a snížit závislost na Tchaj-wanu, který je zranitelný vůči geopolitickým a přírodním rizikům. - Arizonská továrna TSMC má vyrábět pokročilé 3nm a 2nm čipy, s probíhajícími snahami o posílení místního náboru a partnerství s americkými univerzitami, ačkoli balení bude zpočátku probíhat na Tchaj-wanu, dokud nebude provozuschopné zařízení v Peorii.“ + +### [Reakce](https://news.ycombinator.com/item?id=42699977) + +- „Apple obdrží čipy z arizonské továrny TSMC, ale ty musí být odeslány zpět na Tchaj-wan k balení kvůli nedostatečným zařízením v USA. - Více než 50 % pracovní síly v arizonské továrně pochází z Tchaj-wanu, což naznačuje mezeru v oblasti STEM (věda, technologie, inženýrství a matematika) v USA. - Iniciativa CHIPS Act, zaměřená na posílení americké výroby polovodičů, čelí výzvám, protože označení „Vyrobeno v Americe“ je zpochybňováno kvůli procesu balení probíhajícímu na Tchaj-wanu, s plány na americké balicí kapacity do roku 2027.“ + +## [„O 43 tisíc řidičů méně na silnicích Manhattanu poté, co bylo zavedeno zpoplatnění dopravy.“](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- „Po zavedení poplatků za vjezd do centra došlo k 7,5% snížení počtu řidičů vjíždějících do Manhattanu pod 60. ulicí, což odpovídá 43 000 méně řidičům každý všední den.“ +- „Snížení provozu zlepšilo plynulost dopravy a zvýšilo rychlost autobusů, přičemž některé expresní autobusy zaznamenaly vyšší počet cestujících.“ +- „Metropolitní dopravní úřad (MTA) využívá příjmy z mýtného, které se odhadují na 500 milionů dolarů ročně, na zlepšení dopravy, a to i přes určitou politickou opozici.“ + +### [Reakce](https://news.ycombinator.com/item?id=42692730) + +- „Zavedení poplatků za vjezd do přeplněných oblastí na Manhattanu vedlo k poklesu počtu řidičů o 43 000, což přispělo ke zvýšení rychlosti autobusů a potenciálně lepším časům reakce záchranných složek.“ +- „Politika je navržena tak, aby snížila dopravní zácpy a zlepšila kvalitu ovzduší, i když vyvolala debatu o jejím dopadu na osoby s nižšími příjmy.“ +- „Zastánci tvrdí, že přínosy zahrnují efektivnější veřejnou dopravu a čistší ovzduší, zatímco diskuse pokračují o vyvážení těchto výhod s potřebami řidičů.“ + + + + + + diff --git a/i18n/da/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/da/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..4456e91d4 --- /dev/null +++ b/i18n/da/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [En Snyk-sikkerhedsforsker implementerer ondsindede NPM-pakker rettet mod cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- En Snyk-sikkerhedsforsker frigav ondsindede NPM-pakker rettet mod Cursor.com, et AI-kodningsfirma, for at indsamle systemdata og sende dem til en angriberkontrolleret tjeneste. +- Pakkerne, identificeret som "cursor-retrieval," "cursor-always-local," og "cursor-shadow-workspace," blev markeret af OpenSSF-pakkeanalysescanneren, hvilket resulterede i rådgivninger MAL-2025-27, MAL-2025-28 og MAL-2025-29. +- Denne hændelse understreger vigtigheden af at undersøge NPM-pakker grundigt inden installation for at undgå potentielle sikkerhedstrusler. + +### [Reaktioner](https://news.ycombinator.com/item?id=42690473) + +- En Snyk-sikkerhedsforsker frigav ondsindede NPM (Node Package Manager) pakker rettet mod cursor.com, hvilket fremhævede sårbarheder ved afhængighedsforvirring. - Hændelsen har udløst en debat om etikken i sikkerhedsforskning, især med hensyn til offentlig eksponering af miljøvariabler. - Cursor.com præciserede, at de ikke havde godkendt handlingen, og Snyk har siden undskyldt, hvilket understreger udfordringerne ved at balancere offensiv sikkerhedsforskning med etiske standarder. + +## [Jeg skiftede til Firefox og har aldrig set mig tilbage](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox bliver rost for sin overlegne fanebladshåndtering, indbyggede Pocket-funktion til at gemme links og en privatlivsfokuseret e-mail-relæ, hvilket gør det til et stærkt alternativ til Chrome. - Yderligere funktioner som et brugervenligt skærmbilledeværktøj, en ChatGPT-knap, Billede-i-billede, tilpasselige søgemuligheder og jævn rullefunktion forbedrer browseroplevelsen. - Selvom Firefox mangler Chromes webapp-funktion, gør dets gennemtænkte design og reducerede ressourcekrav det til et foretrukket valg for nogle brugere. + +### [Reaktioner](https://news.ycombinator.com/item?id=42696081) + +- Firefox-brugere står over for udfordringer fra platforme som YouTube, der muligvis bevidst forringer oplevelsen for ikke-Google browsere eller brugere, der anvender annonceblokkere. - Denne tendens vækker bekymring om brugerautonomi, da det straffer dem, der vælger en annoncefri og overvågningsfri weboplevelse. - Firefox tilbyder unikke funktioner, såsom containerfaner, der forbedrer privatliv og brugervenlighed, hvilket gør det til et foretrukket valg for brugere, der søger uafhængighed fra store virksomhedskontrollerede browsere. + +## [Sonos' administrerende direktør træder tilbage efter app-opdateringsfiasko](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reaktioner](https://news.ycombinator.com/item?id=42687932) + +- Sonos' administrerende direktør har trukket sig efter en kontroversiel app-opdatering, der krævede, at brugerne skulle udskifte dyre lydsystemer, hvilket forårsagede utilfredshed blandt kunderne. - Opdateringen introducerede et cloud-baseret system, der bevægede sig væk fra det pålidelige Universal Plug and Play (UPnP), hvilket førte til forbindelsesproblemer og øget kompleksitet. - Denne situation understreger konflikten mellem forretningsstrategier og opretholdelse af kundetillid, da direktøren overgår til en rådgivende rolle med en fratrædelsespakke. + +## [I maven på MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reaktioner](https://news.ycombinator.com/item?id=42696691) + +- Essayet undersøger, hvordan YouTubes algoritme påvirker indholdsskabelse ved at bruge MrBeast som et casestudie, og fremhæver en skift mod engagement-drevet snarere end meningsfuldt indhold. - Det diskuterer de bredere implikationer for mediekompetence og den kulturelle indflydelse af platforme som YouTube og TikTok, og antyder en tendens mod overfladisk og reaktionært indhold. - Forskellige perspektiver overvejes om algoritmers rolle i at forme indhold og indflydelsen af populære skabere på kulturelle normer. + +## [GitHub Git-operationer er nede](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub oplevede et nedbrud i Git-operationer den 13. januar 2025 på grund af en konfigurationsændring, der påvirkede den interne load balancer, og varede fra 23:35 til 00:24 UTC. - Problemet blev løst ved at tilbageføre konfigurationsændringen, og GitHub arbejder på at forbedre overvågnings- og implementeringsprocesser for at forhindre lignende hændelser. - Nedbruddet påvirkede også GitHubs Actions og Pages-tjenester, hvilket fremhæver den indbyrdes forbundne natur af deres platformtjenester. + +### [Reaktioner](https://news.ycombinator.com/item?id=42691184) + +- GitHub oplevede et større nedbrud, der påvirkede git-operationer, hvilket førte til forvirring blandt udviklere, der først mistænkte problemer med deres SSH-nøgler eller lokale konfigurationer. - Hændelsen understregede udfordringerne ved at stole på centraliserede tjenester og fremkaldte diskussioner om fordelene ved selv-hosting og decentrale systemer. - Selvom problemet blev løst, fremhævede det bekymringer om GitHubs pålidelighed og risikoen ved at være afhængig af tredjepartsplatforme til essentielle opgaver. + +## [ZFS 2.3 udgivet med ZFS raidz-udvidelse](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 er blevet udgivet og introducerer betydelige funktioner som RAIDZ-udvidelse, hurtig deduplikering, direkte input/output, JSON-output og understøttelse af lange filnavne. - Udgivelsen inkluderer væsentlige fejlrettelser og ydeevneforbedringer, kompatibel med Linux-kerner 4.18 - 6.12 og FreeBSD-versioner 13.3, 14.0 - 14.2. - Opdateringen er et samarbejde fra 134 bidragydere, med omfattende dokumentation og en ændringslog tilgængelig for gennemgang. + +### [Reaktioner](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 er blevet udgivet og introducerer funktioner som RAIDZ-udvidelse, hurtig deduplikering, direkte IO, JSON-output og understøttelse af lange filnavne. - RAIDZ-udvidelse er særligt bemærkelsesværdig, da det giver brugerne mulighed for at tilføje nye enheder til en eksisterende RAIDZ-pool uden nedetid, hvilket øger lagerkapaciteten. - Udgivelsen betragtes som et betydeligt fremskridt for ZFS-brugere og sammenlignes med andre filsystemer som Btrfs og Windows Storage Spaces, på trods af nogle begrænsninger som manglende evne til at reducere poolstørrelser. + +## [Webtop – Alpine, Ubuntu, Fedora og Arch containere, der indeholder fulde desktop-miljøer](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop tilbyder containere baseret på Alpine, Ubuntu, Fedora og Arch med fulde skrivebordsmiljøer, der er tilgængelige gennem webbrowsere, og som understøtter både x86-64 og arm64 arkitekturer. +- Brugere kan vælge mellem forskellige skrivebordsmiljøer som XFCE, KDE, MATE, i3, Openbox og IceWM ved at bruge specifikke billedtags og få adgang til Webtop via angivne URL'er. +- Security-funktioner inkluderer Dockers seccomp-option og autentificeringsopsætning, med tilpasningsmuligheder tilgængelige gennem miljøvariabler, samt support til GPU-acceleration med open-source drivere. + +### [Reaktioner](https://news.ycombinator.com/item?id=42690983) + +- Webtop tilbyder containere med fulde desktop-miljøer til Alpine, Ubuntu, Fedora og Arch, velegnet til hurtige opsætninger bag en VPN. +- Brugere roser Webtop for dets hastighed og brugervenlighed, især når det bruges med Gluetun-containeren for sikre forbindelser, men advarer mod at eksponere containere for internettet uden sikkerhedsforanstaltninger på grund af manglende standardgodkendelse. +- Projektet værdsættes for at være open-source og fleksibelt, hvor brugere deler konfigurationer, og alternativer som Kasm og Selkies bemærkes for lignende formål. + +## [1 ud af 5 online jobopslag er enten falske eller aldrig besat, viser undersøgelse](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- En nylig undersøgelse viser, at 20% af online jobopslag enten er falske eller forbliver ubesatte, hvilket øger jobsøgendes frustration. - Denne "spøgelsesjob"-tendens kan være en taktik for virksomheder til at projicere et billede af vækst. - Jobplatforme som Greenhouse og LinkedIn har introduceret jobverifikationstjenester for at hjælpe brugere med at identificere ægte jobmuligheder. + +### [Reaktioner](https://news.ycombinator.com/item?id=42697783) + +- En undersøgelse afslører, at 20% af online jobopslag enten er falske eller forbliver ubesatte, ofte fordi virksomheder skal overholde amerikanske immigrationspolitikker. - Virksomheder kan også lade jobopslag stå for at finde ideelle kandidater, ændre krav eller have forudvalgte interne kandidater. - Arbejdsmarkedet er vanskeligt for ansøgere, der ofte oplever ghosting og automatiske afslag, hvilket har ført til opfordringer til regulerende indgreb. + +## [At gøre et vejkryds usikkert for fodgængere for at spare sekunder for bilister](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reaktioner](https://news.ycombinator.com/item?id=42698557) + +- Debatten drejer sig om, hvorvidt kryds skal prioritere fodgængersikkerhed eller førereffektivitet, hvor nogle foretrækker lysregulerede kryds og fodgængerfelter frem for 4-vejs stop. +- Der er delte meninger om færdselslove og infrastrukturdesign, med diskussioner om sikkerheden ved at krydse vejen uden for fodgængerfeltet og de risici, der er forbundet med højresving for rødt lys. +- Der er nogle, der går ind for alternative løsninger som rundkørsler eller vedtagelse af hollandske trafikingeniørstandarder for at forbedre både sikkerhed og effektivitet. + +## [PostgreSQL er Årets Databasestyringssystem 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL er blevet tildelt prisen som Årets DBMS 2024 af DB-Engines, og opnår denne anerkendelse for femte gang, idet det overgår 423 andre databasehåndteringssystemer. +- PostgreSQL, med en historie der strækker sig over næsten 35 år, fortsætter med at innovere, som det ses i de seneste forbedringer af PostgreSQL 17, der blev udgivet i september 2024. +- Snowflake og Microsoft sikrede sig henholdsvis anden- og tredjepladsen, hvor Snowflake blev bemærket for sin cloud-baserede datawarehousing og multi-cloud support, mens Microsoft tilbyder robuste administrerede relationelle databaser gennem Azure SQL Database og SQL Server. + +### [Reaktioner](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL er blevet tildelt prisen som Årets Database Management System 2024 af db-engines.com, hvilket fremhæver dets voksende popularitet og anerkendelse i branchen. +- Brugere overvejer at skifte fra Microsoft SQL Server til PostgreSQL på grund af høje licensomkostninger og ressourcebegrænsninger, på trods af potentielle migrationsudfordringer. +- PostgreSQL foretrækkes for sine robuste funktioner og omkostningseffektivitet, hvilket gør det til et foretrukket valg for fremtidige projekter, selvom nogle brugere udforsker alternativer som Babelfish for at reducere omkostningerne. + +## [Googles OAuth-login beskytter ikke mod køb af et mislykket startup-domæne](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reaktioner](https://news.ycombinator.com/item?id=42699099) + +- Diskussionen fremhæver en sårbarhed i Googles OAuth-login-system, når et mislykket startups domæne erhverves af en ny ejer, hvilket potentielt tillader uautoriseret adgang til tjenester. +- Dette problem opstår, fordi Google muligvis ikke skelner mellem de oprindelige og nye domæneejer, hvilket påvirker ethvert system, der bruger domænebaseret autentifikation. +- En foreslået løsning er at bruge unikke identifikatorer, der forbliver konstante over tid, selvom implementeringen af denne løsning varierer blandt identitetsudbydere. + +## [Brug af kodningsfærdigheder til at skabe passiv indkomst](https://www.coryzue.com/writing/solopreneur/) + +- Forfatteren gik fra en CTO-rolle til at blive soloprenør og tjente med succes mere gennem en portefølje af softwareprodukter. +- Vigtige strategier inkluderer at fokusere på dybt arbejde, starte med små projekter, iterere hurtigt og dedikere tid til markedsføringsindsatser. +- Rejsen understreger modstandskraft på grund af usikkerheder, men fremhæver den uovertrufne autonomi og frihed ved denne karrierevej, hvilket opmuntrer dem med kodningsfærdigheder til at overveje det som en kilde til passiv indkomst. + +### [Reaktioner](https://news.ycombinator.com/item?id=42696822) + +- En bruger beskrev, hvordan de genererede passiv indkomst gennem SEO-spamwebsteder ved at bruge udløbende domænenavne, og tjente cirka $30.000 årligt, på trods af etiske bekymringer og Googles eventuelle nedslag. +- Opslaget udløste en debat om passiv indkomst, hvor nogle brugere argumenterede for, at det minder mere om at drive en virksomhed end om virkelig passive indtægter. +- Deltagerne delte erfaringer og udfordringer i sideprojekter og fremhævede vigtigheden af tid, modstandsdygtighed og strategisk planlægning. + +## [Spanien foreslår 100% skat på boliger købt af ikke-EU-borgere](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Spanien overvejer en 100% skat på ejendomskøb foretaget af ikke-EU-borgere med det formål at tackle boligkrisen og begrænse spekulative køb. +- Premierminister Pedro Sánchez' forslag omfatter udvidelse af sociale boliger og regulering af turistudlejninger for at tackle forskellen mellem boligpriser og indkomster. +- Forslagets fremtid som lov er usikker, da nogle analytikere ser det som en afskrækkelse for udenlandske investorer snarere end en garanteret lovgivningsændring. + +### [Reaktioner](https://news.ycombinator.com/item?id=42690781) + +- Spanien overvejer en 100% skat på boliger købt af ikke-EU-borgere for at tackle problemer med boligoverkommelighed. - Kritikere foreslår, at udenlandske købere ikke er den primære årsag til de høje boligpriser og peger på langsom bureaukrati og planlovgivning som mere betydelige faktorer. - Forslaget har antændt en debat om udenlandsk ejerskabs rolle på boligmarkederne og dets effektivitet i at løse overkommelighedsproblemer. + +## [Apple vil snart modtage 'fremstillet i Amerika' chips fra TSMC's fabrik i Arizona](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple tester processorer fra TSMC's facilitet i Arizona med planer om masseproduktion i første kvartal, hvilket potentielt gør dem til TSMC's første amerikanske kunde for lokalt fremstillede chips. - Dette initiativ har til formål at styrke USA's uafhængighed inden for silicium og reducere afhængigheden af Taiwan, som er sårbar over for geopolitiske og naturlige risici. - TSMC's fabrik i Arizona skal producere avancerede 3nm og 2nm chips, med igangværende bestræbelser på at forbedre lokal rekruttering og partnerskaber med amerikanske universiteter, selvom pakning i første omgang vil finde sted i Taiwan, indtil anlægget i Peoria er operationelt. + +### [Reaktioner](https://news.ycombinator.com/item?id=42699977) + +- Apple vil modtage chips fra TSMC's fabrik i Arizona, men de skal sendes tilbage til Taiwan for pakning på grund af utilstrækkelige faciliteter i USA. - Over 50% af arbejdsstyrken på fabrikken i Arizona er fra Taiwan, hvilket indikerer en mangel i det amerikanske STEM (Science, Technology, Engineering, and Mathematics) felt. - CHIPS Act-initiativet, der sigter mod at styrke amerikansk halvlederproduktion, står over for udfordringer, da "Made in America"-mærket bliver sat spørgsmålstegn ved på grund af pakningsprocessen, der foregår i Taiwan, med planer om amerikanske pakningsmuligheder inden 2027. + +## [43.000 færre bilister på Manhattans veje efter indførelsen af trængselsafgifter](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Efter indførelsen af trængselsafgifter var der en reduktion på 7,5 % i antallet af bilister, der kørte ind i Manhattan under 60th Street, hvilket svarer til 43.000 færre bilister hver hverdag. +- Reduktionen i trafikken har forbedret trafikflowet og øget bussernes hastigheder, hvor nogle ekspresbusser oplever højere passagertal. +- Metropolitan Transportation Authority (MTA) bruger indtægterne fra vejafgifter, anslået til 500 millioner dollars årligt, til forbedringer af offentlig transport, på trods af en vis politisk modstand. + +### [Reaktioner](https://news.ycombinator.com/item?id=42692730) + +- Implementeringen af trængselsafgifter i Manhattan har resulteret i 43.000 færre bilister, hvilket har ført til øgede busfart og potentielt bedre responstider for nødtjenester. +- Politikken er designet til at reducere trafikbelastning og forbedre luftkvaliteten, selvom den har udløst debat om dens indvirkning på personer med lavere indkomst. +- Fortalere hævder, at fordelene inkluderer mere effektiv offentlig transport og renere luft, mens diskussionerne fortsætter om at balancere disse fordele med bilisternes behov. + + + + + + diff --git a/i18n/de/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/de/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..e7fbc34d7 --- /dev/null +++ b/i18n/de/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [„Snyk-Sicherheitsforscher setzt bösartige NPM-Pakete ein, die auf cursor.com abzielen.“](https://sourcecodered.com/snyk-malicious-npm-package/) + +- „Ein Snyk-Sicherheitsforscher veröffentlichte bösartige NPM-Pakete, die auf Cursor.com, ein KI-Coding-Unternehmen, abzielen, um Systemdaten zu sammeln und an einen von Angreifern kontrollierten Dienst zu senden.“ +- „Die Pakete, die als „cursor-retrieval“, „cursor-always-local“ und „cursor-shadow-workspace“ identifiziert wurden, wurden vom OpenSSF-Paketanalysescanner markiert, was zu den Warnungen MAL-2025-27, MAL-2025-28 und MAL-2025-29 führte.“ +- „Dieser Vorfall unterstreicht die Bedeutung der Überprüfung von NPM-Paketen vor der Installation, um potenzielle Sicherheitsbedrohungen zu vermeiden.“ + +### [Reaktionen](https://news.ycombinator.com/item?id=42690473) + +- „Ein Snyk-Sicherheitsforscher hat bösartige NPM (Node Package Manager)-Pakete veröffentlicht, die auf cursor.com abzielen und Schwachstellen in der Abhängigkeitsverwirrung aufzeigen. - Der Vorfall hat eine Debatte über die Ethik der Sicherheitsforschung ausgelöst, insbesondere in Bezug auf die öffentliche Offenlegung von Umgebungsvariablen. - Cursor.com stellte klar, dass sie die Aktion nicht autorisiert haben, und Snyk hat sich inzwischen entschuldigt, was die Herausforderungen bei der Balance zwischen offensiver Sicherheitsforschung und ethischen Standards unterstreicht.“ + +## [„Ich bin zu Firefox gewechselt und habe nie zurückgeblickt.“](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- „Firefox wird für seine überlegene Tab-Verwaltung, die integrierte Pocket-Funktion zum Speichern von Links und ein datenschutzorientiertes E-Mail-Relay gelobt, was es zu einer starken Alternative zu Chrome macht. - Zusätzliche Funktionen wie ein benutzerfreundliches Screenshot-Tool, ein ChatGPT-Button, Bild-in-Bild, anpassbare Suchoptionen und sanftes Scrollen verbessern das Surferlebnis. - Obwohl Firefox die Web-App-Funktion von Chrome fehlt, machen sein durchdachtes Design und der reduzierte Ressourcenbedarf es für einige Benutzer zur bevorzugten Wahl.“ + +### [Reaktionen](https://news.ycombinator.com/item?id=42696081) + +- „Firefox-Nutzer stehen vor Herausforderungen durch Plattformen wie YouTube, die möglicherweise absichtlich das Erlebnis für Nicht-Google-Browser oder Nutzer, die Werbeblocker verwenden, verschlechtern. - Dieser Trend wirft Bedenken hinsichtlich der Nutzerautonomie auf, da er diejenigen bestraft, die sich für ein werbefreies und überwachungsfreies Web-Erlebnis entscheiden. - Firefox bietet einzigartige Funktionen wie Container-Tabs, die die Privatsphäre und Benutzerfreundlichkeit verbessern und es zu einer bevorzugten Wahl für Nutzer machen, die Unabhängigkeit von großen, konzernkontrollierten Browsern suchen.“ + +## [„Sonos-CEO tritt nach Debakel mit App-Update zurück“](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reaktionen](https://news.ycombinator.com/item?id=42687932) + +- „Der CEO von Sonos ist nach einem umstrittenen App-Update zurückgetreten, das die Nutzer dazu zwang, teure Soundsysteme zu ersetzen, was zu Unzufriedenheit bei den Kunden führte. - Das Update führte ein cloudbasiertes System ein und entfernte sich vom zuverlässigen Universal Plug and Play (UPnP), was zu Konnektivitätsproblemen und erhöhter Komplexität führte. - Diese Situation unterstreicht den Konflikt zwischen Geschäftsstrategien und der Aufrechterhaltung des Kundenvertrauens, während der CEO in eine beratende Rolle mit einem Abfindungspaket wechselt.“ + +## [„Im Bauch des MrBeast“](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reaktionen](https://news.ycombinator.com/item?id=42696691) + +- „Der Aufsatz untersucht, wie der YouTube-Algorithmus die Inhaltserstellung beeinflusst, wobei MrBeast als Fallstudie dient und eine Verschiebung hin zu engagementgetriebenen statt sinnvollen Inhalten hervorgehoben wird. - Es werden die breiteren Auswirkungen auf Medienkompetenz und den kulturellen Einfluss von Plattformen wie YouTube und TikTok diskutiert, wobei ein Trend zu oberflächlichen und reaktionären Inhalten vorgeschlagen wird. - Verschiedene Perspektiven werden in Betracht gezogen, um die Rolle von Algorithmen bei der Gestaltung von Inhalten und den Einfluss populärer Ersteller auf kulturelle Normen zu beleuchten.“ + +## [„GitHub-Git-Operationen sind ausgefallen“](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- „GitHub erlebte am 13. Januar 2025 einen Ausfall der Git-Operationen aufgrund einer Konfigurationsänderung, die den internen Load Balancer betraf und von 23:35 bis 00:24 UTC andauerte. - Das Problem wurde durch Rückgängigmachen der Konfigurationsänderung behoben, und GitHub arbeitet daran, die Überwachungs- und Bereitstellungsprozesse zu verbessern, um ähnliche Vorfälle zu verhindern. - Der Ausfall betraf auch die Dienste GitHub Actions und Pages, was die miteinander verbundene Natur ihrer Plattformdienste verdeutlicht.“ + +### [Reaktionen](https://news.ycombinator.com/item?id=42691184) + +- „GitHub erlebte einen größeren Ausfall, der git-Operationen beeinträchtigte und zu Verwirrung unter Entwicklern führte, die zunächst Probleme mit ihren SSH-Schlüsseln oder lokalen Konfigurationen vermuteten. - Der Vorfall unterstrich die Herausforderungen, die mit der Abhängigkeit von zentralisierten Diensten einhergehen, und führte zu Diskussionen über die Vorteile von Selbsthosting und dezentralen Systemen. - Obwohl das Problem behoben wurde, machte es Bedenken hinsichtlich der Zuverlässigkeit von GitHub und der Risiken deutlich, die mit der Abhängigkeit von Drittanbieterplattformen für wesentliche Aufgaben verbunden sind.“ + +## [„ZFS 2.3 veröffentlicht mit ZFS raidz-Erweiterung“](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- „OpenZFS 2.3.0 wurde veröffentlicht und führt bedeutende Funktionen wie RAIDZ-Erweiterung, schnelle Deduplizierung, direkte Ein-/Ausgabe, JSON-Ausgabe und Unterstützung für lange Dateinamen ein. - Die Veröffentlichung umfasst wesentliche Fehlerbehebungen und Leistungsverbesserungen, die mit Linux-Kernen 4.18 - 6.12 und FreeBSD-Versionen 13.3, 14.0 - 14.2 kompatibel sind. - Das Update ist eine gemeinsame Anstrengung von 134 Mitwirkenden, mit umfassender Dokumentation und einem Änderungsprotokoll zur Überprüfung.“ + +### [Reaktionen](https://news.ycombinator.com/item?id=42694596) + +- „ZFS 2.3 wurde veröffentlicht und führt Funktionen wie RAIDZ-Erweiterung, schnelle Deduplizierung, Direct IO, JSON-Ausgabe und Unterstützung für lange Dateinamen ein. - Die RAIDZ-Erweiterung ist besonders bemerkenswert, da sie es Benutzern ermöglicht, neue Geräte zu einem bestehenden RAIDZ-Pool ohne Ausfallzeiten hinzuzufügen, wodurch die Speicherkapazität erhöht wird. - Die Veröffentlichung wird als bedeutender Fortschritt für ZFS-Benutzer angesehen und zieht Vergleiche mit anderen Dateisystemen wie Btrfs und Windows Storage Spaces, trotz einiger Einschränkungen wie der Unfähigkeit, Pools zu verkleinern.“ + +## [„Webtop – Alpine-, Ubuntu-, Fedora- und Arch-Container mit vollständigen Desktop-Umgebungen“](https://docs.linuxserver.io/images/docker-webtop/) + +- „Linuxserver/webtop bietet Container basierend auf Alpine, Ubuntu, Fedora und Arch mit vollständigen Desktop-Umgebungen, die über Webbrowser zugänglich sind und sowohl die x86-64- als auch die arm64-Architekturen unterstützen.“ +- „Benutzer können aus verschiedenen Desktop-Umgebungen wie XFCE, KDE, MATE, i3, Openbox und IceWM auswählen, indem sie spezifische Image-Tags verwenden und über festgelegte URLs auf den Webtop zugreifen.“ +- „Sicherheitsfunktionen umfassen die seccomp-Option von Docker und die Einrichtung der Authentifizierung, mit Anpassungsoptionen über Umgebungsvariablen und Unterstützung für GPU-Beschleunigung mit Open-Source-Treibern.“ + +### [Reaktionen](https://news.ycombinator.com/item?id=42690983) + +- „Webtop bietet Container mit vollständigen Desktop-Umgebungen für Alpine, Ubuntu, Fedora und Arch, die sich für schnelle Setups hinter einem VPN eignen.“ +- „Benutzer loben Webtop für seine Geschwindigkeit und Benutzerfreundlichkeit, insbesondere in Verbindung mit dem Gluetun-Container für sichere Verbindungen, warnen jedoch davor, Container ohne Sicherheitsmaßnahmen dem Internet auszusetzen, da es an standardmäßiger Authentifizierung fehlt.“ +- „Das Projekt wird für seine Open-Source-Natur und Flexibilität geschätzt, wobei Benutzer Konfigurationen teilen, und Alternativen wie Kasm und Selkies werden für ähnliche Zwecke erwähnt.“ + +## [„1 von 5 Online-Stellenanzeigen ist entweder gefälscht oder wird nie besetzt, wie eine Studie herausfand.“](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- „Eine aktuelle Studie zeigt, dass 20 % der Online-Stellenanzeigen entweder gefälscht sind oder unbesetzt bleiben, was die Frustration der Arbeitssuchenden erhöht. - Dieser Trend der „Geisterjobs“ könnte eine Taktik von Unternehmen sein, um ein Wachstumsbild zu projizieren. - Jobplattformen wie Greenhouse und LinkedIn haben Jobverifizierungsdienste eingeführt, um Nutzern bei der Identifizierung echter Jobmöglichkeiten zu helfen.“ + +### [Reaktionen](https://news.ycombinator.com/item?id=42697783) + +- „Eine Studie zeigt, dass 20 % der Online-Stellenanzeigen entweder gefälscht sind oder unbesetzt bleiben, oft weil Unternehmen den US-Einwanderungsrichtlinien entsprechen müssen. - Unternehmen lassen Stellenanzeigen möglicherweise auch online, um ideale Kandidaten zu finden, Anforderungen zu ändern oder bereits intern ausgewählte Kandidaten zu haben. - Der Arbeitsmarkt ist für Bewerber schwierig, die häufig auf Ghosting und automatisierte Ablehnungen stoßen, was zu Forderungen nach regulatorischen Eingriffen führt.“ + +## [„Eine Kreuzung unsicher für Fußgänger machen, um Fahrern Sekunden zu sparen“](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reaktionen](https://news.ycombinator.com/item?id=42698557) + +- „Die Debatte dreht sich darum, ob Kreuzungen die Sicherheit von Fußgängern oder die Effizienz der Fahrer priorisieren sollten, wobei einige lichtgesteuerte Kreuzungen und Fußgängerüberwege gegenüber 4-Wege-Stoppkreuzungen bevorzugen.“ +- „Die Meinungen über Verkehrsregeln und Infrastrukturdesign gehen auseinander, wobei Diskussionen über die Sicherheit des unerlaubten Überquerens der Straße und die Risiken im Zusammenhang mit Rechtsabbiegen bei Rot geführt werden.“ +- „Einige befürworten alternative Lösungen wie Kreisverkehre oder die Übernahme niederländischer Verkehrstechnikstandards, um sowohl die Sicherheit als auch die Effizienz zu verbessern.“ + +## [„PostgreSQL ist das Datenbankverwaltungssystem des Jahres 2024“](https://db-engines.com/en/blog_post/109) + +- „PostgreSQL wurde von DB-Engines zum DBMS des Jahres 2024 gekürt und hat diese Auszeichnung zum fünften Mal erhalten, wobei es 423 andere Datenbankmanagementsysteme übertroffen hat.“ +- „PostgreSQL, mit einer Geschichte von fast 35 Jahren, setzt seine Innovationen fort, wie in den jüngsten Verbesserungen von PostgreSQL 17 zu sehen ist, das im September 2024 veröffentlicht wurde.“ +- „Snowflake und Microsoft sicherten sich den zweiten bzw. dritten Platz, wobei Snowflake für seine cloudbasierte Datenlagerung und Multi-Cloud-Unterstützung bekannt ist, während Microsoft über Azure SQL Database und SQL Server robuste verwaltete relationale Datenbanken anbietet.“ + +### [Reaktionen](https://news.ycombinator.com/item?id=42696080) + +- „PostgreSQL wurde von db-engines.com als Datenbankverwaltungssystem des Jahres 2024 ausgezeichnet, was seine wachsende Beliebtheit und Anerkennung in der Branche unterstreicht.“ +- „Benutzer ziehen in Betracht, von Microsoft SQL Server zu PostgreSQL zu wechseln, aufgrund hoher Lizenzkosten und Ressourcenbeschränkungen, trotz potenzieller Migrationsherausforderungen.“ +- „PostgreSQL wird aufgrund seiner robusten Funktionen und Kosteneffizienz bevorzugt, was es zu einer bevorzugten Wahl für zukünftige Projekte macht, obwohl einige Benutzer Alternativen wie Babelfish erkunden, um Kosten zu senken.“ + +## [„Googles OAuth-Login schützt nicht vor dem Kauf einer gescheiterten Startup-Domain“](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reaktionen](https://news.ycombinator.com/item?id=42699099) + +- „Die Diskussion hebt eine Schwachstelle im OAuth-Anmeldesystem von Google hervor, wenn die Domain eines gescheiterten Startups von einem neuen Eigentümer übernommen wird, was möglicherweise unbefugten Zugriff auf Dienste ermöglicht.“ +- „Dieses Problem tritt auf, weil Google möglicherweise nicht zwischen den ursprünglichen und den neuen Domaininhabern unterscheidet, was sich auf jedes System auswirken kann, das eine domänenbasierte Authentifizierung verwendet.“ +- „Ein vorgeschlagener Lösungsansatz besteht darin, eindeutige Kennungen zu verwenden, die im Laufe der Zeit konstant bleiben, obwohl die Umsetzung dieser Lösung bei verschiedenen Identitätsanbietern variiert.“ + +## [„Mit Programmierkenntnissen passives Einkommen erzielen“](https://www.coryzue.com/writing/solopreneur/) + +- „Der Autor wechselte von einer CTO-Rolle zu einem Solopreneur und verdiente erfolgreich mehr durch ein Portfolio von Softwareprodukten.“ +- „Zu den wichtigsten Strategien gehören der Fokus auf tiefgehende Arbeit, der Beginn mit kleinen Projekten, schnelles Iterieren und die Widmung von Zeit für Marketingbemühungen.“ +- „Die Reise betont die Widerstandsfähigkeit angesichts von Unsicherheiten, hebt jedoch die unvergleichliche Autonomie und Freiheit dieses Karrierewegs hervor und ermutigt diejenigen mit Programmierkenntnissen, ihn für passives Einkommen in Betracht zu ziehen.“ + +### [Reaktionen](https://news.ycombinator.com/item?id=42696822) + +- „Ein Nutzer beschrieb, wie er passives Einkommen durch SEO-Spam-Websites mit ablaufenden Domainnamen generierte und dabei trotz ethischer Bedenken und Googles letztendlichem Durchgreifen etwa 30.000 US-Dollar jährlich verdiente.“ +- „Der Beitrag löste eine Debatte über passives Einkommen aus, wobei einige Nutzer argumentierten, dass es eher dem Betreiben eines Unternehmens ähnelt als wirklich passiven Einnahmen.“ +- „Teilnehmer teilten Erfahrungen und Herausforderungen in Nebenprojekten und hoben die Bedeutung von Zeit, Widerstandsfähigkeit und strategischer Planung hervor.“ + +## [„Spanien schlägt 100% Steuer auf von Nicht-EU-Bürgern gekaufte Immobilien vor“](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- „Spanien erwägt eine 100%ige Steuer auf Immobilienkäufe durch Nicht-EU-Bürger, um die Wohnungsnot zu bekämpfen und spekulative Käufe einzudämmen.“ +- „Der Vorschlag von Premierminister Pedro Sánchez umfasst die Ausweitung des sozialen Wohnungsbaus und die Regulierung von Touristenvermietungen, um das Ungleichgewicht zwischen Wohnungspreisen und Einkommen anzugehen.“ +- „Die Zukunft des Vorschlags als Gesetz ist ungewiss, da einige Analysten ihn eher als Abschreckung für ausländische Investoren denn als garantierte gesetzliche Änderung betrachten.“ + +### [Reaktionen](https://news.ycombinator.com/item?id=42690781) + +- „Spanien erwägt eine 100%ige Steuer auf von Nicht-EU-Bürgern gekaufte Immobilien, um Probleme mit der Erschwinglichkeit von Wohnraum anzugehen. - Kritiker argumentieren, dass ausländische Käufer nicht die Hauptursache für hohe Immobilienpreise sind und verweisen auf langsame Bürokratie und Zonengesetze als bedeutendere Faktoren. - Der Vorschlag hat eine Debatte über die Rolle des ausländischen Eigentums auf den Wohnungsmärkten und seine Wirksamkeit bei der Lösung von Erschwinglichkeitsproblemen ausgelöst.“ + +## [„Apple wird bald 'Made in America'-Chips aus der TSMC-Fabrik in Arizona erhalten.“](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- „Apple testet Prozessoren aus TSMCs Anlage in Arizona und plant die Massenproduktion bis zum ersten Quartal, was TSMC möglicherweise zum ersten US-Kunden für lokal hergestellte Chips machen könnte. - Diese Initiative zielt darauf ab, die Unabhängigkeit der USA im Bereich Silizium zu stärken und die Abhängigkeit von Taiwan zu verringern, das anfällig für geopolitische und natürliche Risiken ist. - TSMCs Fabrik in Arizona soll fortschrittliche 3nm- und 2nm-Chips produzieren, mit laufenden Bemühungen zur Verbesserung der lokalen Rekrutierung und Partnerschaften mit US-Universitäten, obwohl die Verpackung zunächst in Taiwan erfolgen wird, bis die Anlage in Peoria betriebsbereit ist.“ + +### [Reaktionen](https://news.ycombinator.com/item?id=42699977) + +- „Apple wird Chips aus TSMCs Werk in Arizona erhalten, aber sie müssen zum Verpacken nach Taiwan zurückgeschickt werden, da es in den USA an ausreichenden Einrichtungen mangelt. - Über 50 % der Belegschaft im Werk in Arizona stammt aus Taiwan, was auf eine Lücke im US-amerikanischen MINT-Bereich (Mathematik, Informatik, Naturwissenschaften und Technik) hinweist. - Die CHIPS-Act-Initiative, die darauf abzielt, die US-Halbleiterproduktion zu stärken, steht vor Herausforderungen, da das Label „Made in America“ aufgrund des Verpackungsprozesses in Taiwan in Frage gestellt wird, mit Plänen für US-Verpackungskapazitäten bis 2027.“ + +## [„43.000 weniger Fahrer auf den Straßen Manhattans, nachdem die Staugebühr aktiviert wurde“](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- „Nach der Einführung der Staugebühr gab es einen Rückgang von 7,5 % bei den Fahrern, die unterhalb der 60. Straße nach Manhattan einfahren, was 43.000 weniger Fahrer an jedem Wochentag entspricht.“ +- „Die Verringerung des Verkehrs hat den Verkehrsfluss verbessert und die Busgeschwindigkeiten erhöht, wobei einige Expressbusse eine höhere Fahrgastzahl verzeichnen.“ +- „Die Metropolitan Transportation Authority (MTA) verwendet die Mauterlöse, die auf jährlich 500 Millionen Dollar geschätzt werden, für Verbesserungen im öffentlichen Nahverkehr, trotz einiger politischer Opposition.“ + +### [Reaktionen](https://news.ycombinator.com/item?id=42692730) + +- „Die Einführung der Staugebühren in Manhattan hat zu 43.000 weniger Fahrern geführt, was zu höheren Busgeschwindigkeiten und möglicherweise besseren Reaktionszeiten für Notfälle führt.“ +- „Die Richtlinie ist darauf ausgelegt, Verkehrsstaus zu reduzieren und die Luftqualität zu verbessern, obwohl sie eine Debatte über ihre Auswirkungen auf einkommensschwächere Personen ausgelöst hat.“ +- „Befürworter argumentieren, dass die Vorteile effizientere öffentliche Verkehrsmittel und sauberere Luft umfassen, während die Diskussionen darüber fortgesetzt werden, wie diese Vorteile mit den Bedürfnissen der Autofahrer in Einklang gebracht werden können.“ + + + + + + diff --git a/i18n/el/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/el/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..dc5a47daa --- /dev/null +++ b/i18n/el/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [Ερευνητής ασφαλείας της Snyk αναπτύσσει κακόβουλα πακέτα NPM που στοχεύουν το cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- Ένας ερευνητής ασφαλείας της Snyk κυκλοφόρησε κακόβουλα πακέτα NPM που στοχεύουν την Cursor.com, μια εταιρεία κωδικοποίησης AI, για να συλλέξει δεδομένα συστήματος και να τα στείλει σε μια υπηρεσία που ελέγχεται από επιτιθέμενο. +- Τα πακέτα, που αναγνωρίστηκαν ως "cursor-retrieval," "cursor-always-local," και "cursor-shadow-workspace," επισημάνθηκαν από τον σαρωτή ανάλυσης πακέτων OpenSSF, με αποτέλεσμα τις συμβουλές MAL-2025-27, MAL-2025-28, και MAL-2025-29. +- Αυτό το περιστατικό υπογραμμίζει τη σημασία της προσεκτικής εξέτασης των πακέτων NPM πριν από την εγκατάσταση για την αποφυγή πιθανών απειλών ασφαλείας. + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42690473) + +- Ένας ερευνητής ασφαλείας της Snyk κυκλοφόρησε κακόβουλα πακέτα NPM (Node Package Manager) που στοχεύουν το cursor.com, επισημαίνοντας ευπάθειες σύγχυσης εξαρτήσεων. - Το περιστατικό έχει προκαλέσει συζήτηση σχετικά με την ηθική της έρευνας ασφαλείας, ιδιαίτερα όσον αφορά τη δημόσια έκθεση μεταβλητών περιβάλλοντος. - Το Cursor.com διευκρίνισε ότι δεν εξουσιοδότησε την ενέργεια, και η Snyk έχει έκτοτε ζητήσει συγγνώμη, υπογραμμίζοντας τις προκλήσεις στην εξισορρόπηση της επιθετικής έρευνας ασφαλείας με τα ηθικά πρότυπα. + +## [Άλλαξα σε Firefox και δεν κοίταξα ποτέ πίσω](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Ο Firefox επαινείται για την ανώτερη διαχείριση καρτελών, τη λειτουργία Pocket για αποθήκευση συνδέσμων και την εστιασμένη στην ιδιωτικότητα υπηρεσία αναμετάδοσης email, καθιστώντας τον μια ισχυρή εναλλακτική λύση στο Chrome. - Πρόσθετα χαρακτηριστικά όπως το φιλικό προς τον χρήστη εργαλείο λήψης στιγμιότυπων, το κουμπί ChatGPT, η λειτουργία Picture-in-Picture, οι προσαρμόσιμες επιλογές αναζήτησης και η ομαλή κύλιση βελτιώνουν την εμπειρία περιήγησης. - Αν και ο Firefox στερείται της δυνατότητας web app του Chrome, ο προσεκτικός σχεδιασμός του και οι μειωμένες απαιτήσεις πόρων τον καθιστούν προτιμώμενη επιλογή για ορισμένους χρήστες. + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42696081) + +- Οι χρήστες του Firefox αντιμετωπίζουν προκλήσεις από πλατφόρμες όπως το YouTube, οι οποίες μπορεί να υποβαθμίζουν σκόπιμα την εμπειρία για μη-Google περιηγητές ή χρήστες που χρησιμοποιούν adblockers. - Αυτή η τάση εγείρει ανησυχίες σχετικά με την αυτονομία των χρηστών, καθώς τιμωρεί εκείνους που επιλέγουν μια εμπειρία διαδικτύου χωρίς διαφημίσεις και παρακολούθηση. - Ο Firefox προσφέρει μοναδικά χαρακτηριστικά, όπως οι καρτέλες κοντέινερ, που ενισχύουν την ιδιωτικότητα και τη χρηστικότητα, καθιστώντας τον μια προτιμώμενη επιλογή για χρήστες που αναζητούν ανεξαρτησία από περιηγητές που ελέγχονται από μεγάλες εταιρείες. + +## [Ο Διευθύνων Σύμβουλος της Sonos παραιτείται μετά από το φιάσκο της ενημέρωσης της εφαρμογής](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42687932) + +- Ο διευθύνων σύμβουλος της Sonos παραιτήθηκε μετά από μια αμφιλεγόμενη ενημέρωση εφαρμογής που απαιτούσε από τους χρήστες να αντικαταστήσουν ακριβά ηχοσυστήματα, προκαλώντας δυσαρέσκεια στους πελάτες. - Η ενημέρωση εισήγαγε ένα σύστημα βασισμένο στο cloud, απομακρυνόμενο από το αξιόπιστο Universal Plug and Play (UPnP), το οποίο οδήγησε σε προβλήματα συνδεσιμότητας και αυξημένη πολυπλοκότητα. - Αυτή η κατάσταση υπογραμμίζει τη σύγκρουση μεταξύ επιχειρηματικών στρατηγικών και διατήρησης της εμπιστοσύνης των πελατών, καθώς ο διευθύνων σύμβουλος μεταβαίνει σε συμβουλευτικό ρόλο με ένα πακέτο αποζημίωσης. + +## [Στην κοιλιά του MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42696691) + +- Το δοκίμιο εξετάζει πώς ο αλγόριθμος του YouTube επηρεάζει τη δημιουργία περιεχομένου, χρησιμοποιώντας τον MrBeast ως μελέτη περίπτωσης, υπογραμμίζοντας μια μετατόπιση προς το περιεχόμενο που βασίζεται στην αλληλεπίδραση παρά στο ουσιαστικό περιεχόμενο. - Συζητά τις ευρύτερες επιπτώσεις για την παιδεία στα μέσα και τον πολιτιστικό αντίκτυπο πλατφορμών όπως το YouTube και το TikTok, προτείνοντας μια τάση προς επιφανειακό και αντιδραστικό περιεχόμενο. - Εξετάζονται διάφορες προοπτικές για τον ρόλο των αλγορίθμων στη διαμόρφωση περιεχομένου και την επιρροή των δημοφιλών δημιουργών στους πολιτιστικούς κανόνες. + +## [Οι λειτουργίες Git στο GitHub είναι εκτός λειτουργίας](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- Η GitHub αντιμετώπισε διακοπή λειτουργίας των Git operations στις 13 Ιανουαρίου 2025, λόγω αλλαγής διαμόρφωσης που επηρέασε τον εσωτερικό εξισορροπιστή φορτίου, διαρκώντας από τις 23:35 έως τις 00:24 UTC. - Το πρόβλημα επιλύθηκε με την επαναφορά της αλλαγής διαμόρφωσης, και η GitHub εργάζεται για τη βελτίωση των διαδικασιών παρακολούθησης και ανάπτυξης για την αποτροπή παρόμοιων περιστατικών. - Η διακοπή επηρέασε επίσης τις υπηρεσίες Actions και Pages της GitHub, υπογραμμίζοντας τη διασυνδεδεμένη φύση των υπηρεσιών της πλατφόρμας τους. + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42691184) + +- Το GitHub αντιμετώπισε μια σημαντική διακοπή που επηρέασε τις λειτουργίες git, προκαλώντας σύγχυση μεταξύ των προγραμματιστών που αρχικά υποψιάστηκαν προβλήματα με τα SSH κλειδιά τους ή τις τοπικές ρυθμίσεις τους. - Το περιστατικό υπογράμμισε τις προκλήσεις της εξάρτησης από κεντρικές υπηρεσίες, προκαλώντας συζητήσεις για τα πλεονεκτήματα της αυτο-φιλοξενίας και των αποκεντρωμένων συστημάτων. - Αν και το πρόβλημα επιλύθηκε, ανέδειξε ανησυχίες σχετικά με την αξιοπιστία του GitHub και τους κινδύνους της εξάρτησης από πλατφόρμες τρίτων για βασικές εργασίες. + +## [Κυκλοφόρησε το ZFS 2.3 με επέκταση ZFS raidz](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- Η έκδοση OpenZFS 2.3.0 έχει κυκλοφορήσει, εισάγοντας σημαντικά χαρακτηριστικά όπως την επέκταση RAIDZ, την ταχεία αποαναπαραγωγή, την άμεση είσοδο/έξοδο, την έξοδο JSON και την υποστήριξη για μακρά ονόματα αρχείων. - Η έκδοση περιλαμβάνει βασικές διορθώσεις σφαλμάτων και βελτιώσεις απόδοσης, συμβατή με πυρήνες Linux 4.18 - 6.12 και εκδόσεις FreeBSD 13.3, 14.0 - 14.2. - Η ενημέρωση είναι αποτέλεσμα συνεργασίας 134 συνεισφερόντων, με πλήρη τεκμηρίωση και αρχείο αλλαγών διαθέσιμα για ανασκόπηση. + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42694596) + +- Η έκδοση ZFS 2.3 έχει κυκλοφορήσει, εισάγοντας χαρακτηριστικά όπως η επέκταση RAIDZ, η γρήγορη αποαναπαραγωγή, το άμεσο IO, η έξοδος JSON και η υποστήριξη για μακριά ονόματα αρχείων. - Η επέκταση RAIDZ είναι ιδιαίτερα αξιοσημείωτη καθώς επιτρέπει στους χρήστες να προσθέτουν νέες συσκευές σε μια υπάρχουσα δεξαμενή RAIDZ χωρίς διακοπή λειτουργίας, ενισχύοντας τη χωρητικότητα αποθήκευσης. - Η κυκλοφορία θεωρείται σημαντική πρόοδος για τους χρήστες του ZFS, συγκρινόμενη με άλλα συστήματα αρχείων όπως το Btrfs και το Windows Storage Spaces, παρά κάποιους περιορισμούς όπως η αδυναμία συρρίκνωσης δεξαμενών. + +## [Webtop – Κοντέινερ Alpine, Ubuntu, Fedora και Arch που περιέχουν πλήρη περιβάλλοντα επιφάνειας εργασίας](https://docs.linuxserver.io/images/docker-webtop/) + +- Το Linuxserver/webtop παρέχει κοντέινερ βασισμένα σε Alpine, Ubuntu, Fedora και Arch με πλήρη περιβάλλοντα επιφάνειας εργασίας προσβάσιμα μέσω προγραμμάτων περιήγησης ιστού, υποστηρίζοντας τόσο τις αρχιτεκτονικές x86-64 όσο και arm64. +- Οι χρήστες μπορούν να επιλέξουν από διάφορα περιβάλλοντα επιφάνειας εργασίας όπως τα XFCE, KDE, MATE, i3, Openbox και IceWM χρησιμοποιώντας συγκεκριμένες ετικέτες εικόνας, και να έχουν πρόσβαση στο Webtop μέσω καθορισμένων URLs. +- Τα χαρακτηριστικά ασφαλείας περιλαμβάνουν την επιλογή seccomp του Docker και τη ρύθμιση αυθεντικοποίησης, με διαθέσιμες επιλογές προσαρμογής μέσω μεταβλητών περιβάλλοντος, καθώς και υποστήριξη για επιτάχυνση GPU με ανοιχτού κώδικα οδηγούς. + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42690983) + +- Το Webtop παρέχει κοντέινερ με πλήρη περιβάλλοντα επιφάνειας εργασίας για Alpine, Ubuntu, Fedora και Arch, κατάλληλα για γρήγορες ρυθμίσεις πίσω από ένα VPN. +- Οι χρήστες επαινούν το Webtop για την ταχύτητα και την ευκολία χρήσης του, ιδιαίτερα όταν χρησιμοποιείται με το κοντέινερ Gluetun για ασφαλείς συνδέσεις, αλλά προειδοποιούν κατά της έκθεσης των κοντέινερ στο διαδίκτυο χωρίς μέτρα ασφαλείας λόγω έλλειψης προεπιλεγμένης αυθεντικοποίησης. +- Το έργο εκτιμάται για το ότι είναι ανοιχτού κώδικα και ευέλικτο, με τους χρήστες να μοιράζονται διαμορφώσεις, ενώ εναλλακτικές όπως το Kasm και το Selkies σημειώνονται για παρόμοιους σκοπούς. + +## [1 στις 5 διαδικτυακές αγγελίες εργασίας είναι είτε ψεύτικες είτε δεν καλύπτονται ποτέ, σύμφωνα με μελέτη.](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- Μια πρόσφατη μελέτη δείχνει ότι το 20% των διαδικτυακών αγγελιών εργασίας είναι είτε ψεύτικες είτε παραμένουν κενές, προσθέτοντας στην απογοήτευση των αναζητούντων εργασία. - Αυτή η τάση των "φανταστικών θέσεων εργασίας" μπορεί να είναι μια τακτική για τις εταιρείες να προβάλλουν μια εικόνα ανάπτυξης. - Πλατφόρμες εργασίας όπως το Greenhouse και το LinkedIn έχουν εισαγάγει υπηρεσίες επαλήθευσης θέσεων εργασίας για να βοηθήσουν τους χρήστες να εντοπίζουν αυθεντικές ευκαιρίες εργασίας. + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42697783) + +- Μια μελέτη αποκαλύπτει ότι το 20% των διαδικτυακών αγγελιών εργασίας είναι είτε ψεύτικες είτε παραμένουν κενές, συχνά λόγω της ανάγκης των εταιρειών να συμμορφωθούν με τις πολιτικές μετανάστευσης των ΗΠΑ. - Οι εταιρείες μπορεί επίσης να αφήνουν τις αγγελίες εργασίας ανοιχτές για να βρουν ιδανικούς υποψηφίους, να αλλάξουν απαιτήσεις ή να έχουν προεπιλεγμένους εσωτερικούς υποψηφίους. - Η αγορά εργασίας είναι δύσκολη για τους αιτούντες, οι οποίοι συχνά αντιμετωπίζουν την αδιαφορία και τις αυτοματοποιημένες απορρίψεις, προκαλώντας εκκλήσεις για ρυθμιστική παρέμβαση. + +## [Κάνοντας μια διασταύρωση επικίνδυνη για τους πεζούς για να εξοικονομηθούν δευτερόλεπτα για τους οδηγούς](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42698557) + +- Η συζήτηση επικεντρώνεται στο αν οι διασταυρώσεις πρέπει να δίνουν προτεραιότητα στην ασφάλεια των πεζών ή στην αποδοτικότητα των οδηγών, με κάποιους να προτιμούν τις διασταυρώσεις με φανάρια και τις διαβάσεις πεζών έναντι των διασταυρώσεων με στάση σε όλες τις κατευθύνσεις. +- Οι απόψεις ποικίλλουν σχετικά με τους νόμους κυκλοφορίας και τον σχεδιασμό υποδομών, με συζητήσεις για την ασφάλεια της παράνομης διάβασης πεζών και τους κινδύνους που συνδέονται με τις δεξιές στροφές με κόκκινο. +- Μερικοί υποστηρίζουν εναλλακτικές λύσεις όπως οι κυκλικοί κόμβοι ή η υιοθέτηση των ολλανδικών προτύπων μηχανικής κυκλοφορίας για την ενίσχυση τόσο της ασφάλειας όσο και της αποδοτικότητας. + +## [Το PostgreSQL είναι το Σύστημα Διαχείρισης Βάσεων Δεδομένων της Χρονιάς 2024](https://db-engines.com/en/blog_post/109) + +- Η PostgreSQL έχει βραβευτεί ως το DBMS της Χρονιάς 2024 από την DB-Engines, επιτυγχάνοντας αυτή την αναγνώριση για πέμπτη φορά, ξεπερνώντας 423 άλλα συστήματα διαχείρισης βάσεων δεδομένων. +- Το PostgreSQL, με ιστορία που εκτείνεται σχεδόν 35 χρόνια, συνεχίζει να καινοτομεί, όπως φαίνεται στις πρόσφατες βελτιώσεις του PostgreSQL 17, που κυκλοφόρησε τον Σεπτέμβριο του 2024. +- Η Snowflake και η Microsoft κατέλαβαν τη δεύτερη και τρίτη θέση, αντίστοιχα, με τη Snowflake να σημειώνεται για την αποθήκευση δεδομένων στο cloud και την υποστήριξη πολλαπλών cloud, ενώ η Microsoft προσφέρει ισχυρές διαχειριζόμενες σχεσιακές βάσεις δεδομένων μέσω του Azure SQL Database και του SQL Server. + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42696080) + +- Η PostgreSQL έχει βραβευτεί ως το Σύστημα Διαχείρισης Βάσεων Δεδομένων της Χρονιάς 2024 από το db-engines.com, υπογραμμίζοντας την αυξανόμενη δημοτικότητά της και την αναγνώρισή της στη βιομηχανία. +- Οι χρήστες σκέφτονται να μεταβούν από το Microsoft SQL Server στο PostgreSQL λόγω των υψηλών κόστους αδειοδότησης και των περιορισμών πόρων, παρά τις πιθανές προκλήσεις της μετανάστευσης. +- Το PostgreSQL προτιμάται για τα ισχυρά χαρακτηριστικά του και την οικονομική του αποδοτικότητα, καθιστώντας το μια προτιμώμενη επιλογή για μελλοντικά έργα, αν και ορισμένοι χρήστες εξερευνούν εναλλακτικές λύσεις όπως το Babelfish για να μειώσουν το κόστος. + +## [Η σύνδεση μέσω OAuth της Google δεν προστατεύει από την αγορά ενός domain αποτυχημένης startup.](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42699099) + +- Η συζήτηση αναδεικνύει μια ευπάθεια στο σύστημα σύνδεσης OAuth της Google όταν το domain μιας αποτυχημένης startup αποκτάται από νέο ιδιοκτήτη, επιτρέποντας ενδεχομένως μη εξουσιοδοτημένη πρόσβαση σε υπηρεσίες. +- Αυτό το ζήτημα προκύπτει επειδή η Google μπορεί να μην διακρίνει μεταξύ των αρχικών και των νέων ιδιοκτητών του τομέα, επηρεάζοντας οποιοδήποτε σύστημα που χρησιμοποιεί αυθεντικοποίηση βάσει τομέα. +- Μια προτεινόμενη λύση είναι η χρήση μοναδικών αναγνωριστικών που παραμένουν σταθερά με την πάροδο του χρόνου, αν και η εφαρμογή αυτής της λύσης διαφέρει μεταξύ των παρόχων ταυτότητας. + +## [Χρησιμοποιώντας δεξιότητες προγραμματισμού για να δημιουργήσετε παθητικό εισόδημα](https://www.coryzue.com/writing/solopreneur/) + +- Ο συγγραφέας μεταπήδησε από τη θέση του CTO σε έναν ρόλο solopreneur, κερδίζοντας επιτυχώς περισσότερα μέσω ενός χαρτοφυλακίου λογισμικών προϊόντων. +- Οι βασικές στρατηγικές περιλαμβάνουν την εστίαση σε βαθιά εργασία, την έναρξη με μικρά έργα, την ταχεία επανάληψη και την αφιέρωση χρόνου στις προσπάθειες μάρκετινγκ. +- Το ταξίδι δίνει έμφαση στην ανθεκτικότητα λόγω των αβεβαιοτήτων, αλλά υπογραμμίζει την απαράμιλλη αυτονομία και ελευθερία αυτής της επαγγελματικής πορείας, ενθαρρύνοντας όσους έχουν δεξιότητες προγραμματισμού να τη σκεφτούν για παθητικό εισόδημα. + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42696822) + +- Ένας χρήστης περιέγραψε τη δημιουργία παθητικού εισοδήματος μέσω ιστοσελίδων SEO spam χρησιμοποιώντας ληγμένα ονόματα τομέων, κερδίζοντας περίπου $30k ετησίως, παρά τις ηθικές ανησυχίες και την τελική καταστολή από την Google. +- Η ανάρτηση προκάλεσε μια συζήτηση σχετικά με το παθητικό εισόδημα, με ορισμένους χρήστες να υποστηρίζουν ότι μοιάζει περισσότερο με τη λειτουργία μιας επιχείρησης παρά με πραγματικά παθητικά κέρδη. +- Οι συμμετέχοντες μοιράστηκαν εμπειρίες και προκλήσεις σε παράπλευρα έργα, υπογραμμίζοντας τη σημασία του χρόνου, της ανθεκτικότητας και του στρατηγικού σχεδιασμού. + +## [Η Ισπανία προτείνει φόρο 100% στα σπίτια που αγοράζονται από κατοίκους εκτός ΕΕ](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Η Ισπανία εξετάζει την επιβολή φόρου 100% στις αγορές ακινήτων από κατοίκους εκτός ΕΕ, με στόχο την αντιμετώπιση της στεγαστικής κρίσης και τον περιορισμό των κερδοσκοπικών αγορών. +- Η πρόταση του Πρωθυπουργού Πέδρο Σάντσεθ περιλαμβάνει την επέκταση της κοινωνικής στέγασης και τη ρύθμιση των τουριστικών ενοικιάσεων για την αντιμετώπιση της ανισότητας μεταξύ των τιμών των κατοικιών και των εισοδημάτων. +- Το μέλλον της πρότασης ως νόμος είναι αβέβαιο, με ορισμένους αναλυτές να τη θεωρούν ως αποτρεπτικό παράγοντα για ξένους επενδυτές παρά ως εγγυημένη νομοθετική αλλαγή. + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42690781) + +- Η Ισπανία εξετάζει την επιβολή φόρου 100% στα σπίτια που αγοράζονται από κατοίκους εκτός ΕΕ για να αντιμετωπίσει τα προβλήματα προσιτότητας στέγασης. - Οι επικριτές υποστηρίζουν ότι οι ξένοι αγοραστές δεν είναι η κύρια αιτία των υψηλών τιμών κατοικιών, αναφέροντας τη βραδεία γραφειοκρατία και τους νόμους ζωνοποίησης ως πιο σημαντικούς παράγοντες. - Η πρόταση έχει προκαλέσει συζήτηση σχετικά με το ρόλο της ξένης ιδιοκτησίας στις αγορές κατοικίας και την αποτελεσματικότητά της στην επίλυση ζητημάτων προσιτότητας. + +## [Η Apple σύντομα θα παραλάβει τσιπ 'κατασκευασμένα στην Αμερική' από το εργοστάσιο της TSMC στην Αριζόνα.](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Η Apple δοκιμάζει επεξεργαστές από την εγκατάσταση της TSMC στην Αριζόνα, με σχέδια για μαζική παραγωγή μέχρι το πρώτο τρίμηνο, ενδεχομένως να γίνει ο πρώτος πελάτης της TSMC στις Η.Π.Α. για τοπικά κατασκευασμένα τσιπ. - Αυτή η πρωτοβουλία στοχεύει στην ενίσχυση της ανεξαρτησίας των Η.Π.Α. στον τομέα του πυριτίου, μειώνοντας την εξάρτηση από την Ταϊβάν, η οποία είναι ευάλωτη σε γεωπολιτικούς και φυσικούς κινδύνους. - Το εργοστάσιο της TSMC στην Αριζόνα πρόκειται να παράγει προηγμένα τσιπ 3nm και 2nm, με συνεχιζόμενες προσπάθειες για ενίσχυση της τοπικής πρόσληψης και συνεργασίες με πανεπιστήμια των Η.Π.Α., αν και η συσκευασία θα πραγματοποιείται αρχικά στην Ταϊβάν μέχρι να λειτουργήσει η εγκατάσταση στην Peoria. + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42699977) + +- Η Apple θα παραλάβει τσιπ από το εργοστάσιο της TSMC στην Αριζόνα, αλλά πρέπει να σταλούν πίσω στην Ταϊβάν για συσκευασία λόγω ανεπαρκών εγκαταστάσεων στις Η.Π.Α. - Πάνω από το 50% του εργατικού δυναμικού στο εργοστάσιο της Αριζόνα προέρχεται από την Ταϊβάν, υποδεικνύοντας ένα κενό στον τομέα STEM (Επιστήμη, Τεχνολογία, Μηχανική και Μαθηματικά) στις Η.Π.Α. - Η πρωτοβουλία του νόμου CHIPS, που στοχεύει στην ενίσχυση της κατασκευής ημιαγωγών στις Η.Π.Α., αντιμετωπίζει προκλήσεις καθώς η ετικέτα "Κατασκευασμένο στην Αμερική" αμφισβητείται λόγω της διαδικασίας συσκευασίας που πραγματοποιείται στην Ταϊβάν, με σχέδια για δυνατότητες συσκευασίας στις Η.Π.Α. μέχρι το 2027. + +## [43.000 λιγότεροι οδηγοί στους δρόμους του Μανχάταν μετά την ενεργοποίηση της χρέωσης συμφόρησης](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Μετά την εφαρμογή της τιμολόγησης συμφόρησης, υπήρξε μείωση κατά 7,5% των οδηγών που εισέρχονται στο Μανχάταν κάτω από την 60η Οδό, που ισοδυναμεί με 43.000 λιγότερους οδηγούς κάθε καθημερινή. +- Η μείωση της κυκλοφορίας έχει βελτιώσει τη ροή της κυκλοφορίας και αυξήσει τις ταχύτητες των λεωφορείων, με ορισμένα λεωφορεία express να παρουσιάζουν αυξημένη επιβατική κίνηση. +- Η Μητροπολιτική Αρχή Μεταφορών (MTA) χρησιμοποιεί τα έσοδα από τα διόδια, που εκτιμώνται σε 500 εκατομμύρια δολάρια ετησίως, για βελτιώσεις στις μεταφορές, παρά την πολιτική αντίθεση. + +### [Αντιδράσεις](https://news.ycombinator.com/item?id=42692730) + +- Η εφαρμογή της τιμολόγησης συμφόρησης στο Μανχάταν έχει οδηγήσει σε 43.000 λιγότερους οδηγούς, με αποτέλεσμα την αύξηση των ταχυτήτων των λεωφορείων και πιθανώς καλύτερους χρόνους απόκρισης έκτακτης ανάγκης. +- Η πολιτική έχει σχεδιαστεί για να μειώσει τη συμφόρηση της κυκλοφορίας και να βελτιώσει την ποιότητα του αέρα, αν και έχει προκαλέσει συζήτηση σχετικά με την επίδρασή της στα άτομα με χαμηλότερο εισόδημα. +- Οι υποστηρικτές υποστηρίζουν ότι τα οφέλη περιλαμβάνουν πιο αποδοτικές δημόσιες συγκοινωνίες και καθαρότερο αέρα, ενώ οι συζητήσεις συνεχίζονται για την εξισορρόπηση αυτών των πλεονεκτημάτων με τις ανάγκες των οδηγών. + + + + + + diff --git a/i18n/es/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/es/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..16aed0525 --- /dev/null +++ b/i18n/es/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [Snyk investigador de seguridad despliega paquetes NPM maliciosos dirigidos a cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- Un investigador de seguridad de Snyk lanzó paquetes NPM maliciosos dirigidos a Cursor.com, una empresa de codificación de IA, para recopilar datos del sistema y enviarlos a un servicio controlado por un atacante. +- Los paquetes, identificados como "cursor-retrieval", "cursor-always-local" y "cursor-shadow-workspace", fueron señalados por el escáner de análisis de paquetes de OpenSSF, lo que resultó en las advertencias MAL-2025-27, MAL-2025-28 y MAL-2025-29. +- Este incidente resalta la importancia de examinar los paquetes de NPM antes de la instalación para evitar posibles amenazas de seguridad. + +### [Reacciones](https://news.ycombinator.com/item?id=42690473) + +- Un investigador de seguridad de Snyk lanzó paquetes maliciosos de NPM (Node Package Manager) dirigidos a cursor.com, destacando vulnerabilidades de confusión de dependencias. - El incidente ha generado un debate sobre la ética de la investigación en seguridad, especialmente en lo que respecta a la exposición pública de variables de entorno. - Cursor.com aclaró que no autorizaron la acción, y Snyk se ha disculpado desde entonces, subrayando los desafíos de equilibrar la investigación de seguridad ofensiva con los estándares éticos. + +## [He cambiado a Firefox y nunca miré atrás](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox es elogiado por su superior gestión de pestañas, la función integrada de Pocket para guardar enlaces y un servicio de retransmisión de correo electrónico enfocado en la privacidad, lo que lo convierte en una fuerte alternativa a Chrome. - Características adicionales como una herramienta de captura de pantalla fácil de usar, un botón de ChatGPT, Picture-in-Picture, opciones de búsqueda personalizables y un desplazamiento suave mejoran la experiencia de navegación. - Aunque Firefox carece de la función de aplicaciones web de Chrome, su diseño cuidadoso y la reducción en el consumo de recursos lo hacen una opción preferida para algunos usuarios. + +### [Reacciones](https://news.ycombinator.com/item?id=42696081) + +- Los usuarios de Firefox enfrentan desafíos de plataformas como YouTube, que pueden degradar intencionalmente la experiencia para navegadores no pertenecientes a Google o usuarios que emplean bloqueadores de anuncios. - Esta tendencia genera preocupaciones sobre la autonomía del usuario, ya que penaliza a aquellos que optan por una experiencia web sin anuncios y sin vigilancia. - Firefox ofrece características únicas, como las pestañas de contenedores, que mejoran la privacidad y la usabilidad, convirtiéndolo en una opción preferida para los usuarios que buscan independencia de los navegadores controlados por grandes corporaciones. + +## [El CEO de Sonos renuncia tras el fiasco de la actualización de la aplicación](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reacciones](https://news.ycombinator.com/item?id=42687932) + +- El CEO de Sonos ha renunciado tras una controvertida actualización de la aplicación que requería que los usuarios reemplazaran costosos sistemas de sonido, lo que causó insatisfacción entre los clientes. - La actualización introdujo un sistema basado en la nube, alejándose del confiable Universal Plug and Play (UPnP), lo que provocó problemas de conectividad y mayor complejidad. - Esta situación subraya el conflicto entre las estrategias empresariales y el mantenimiento de la confianza del cliente, mientras el CEO pasa a un rol asesor con un paquete de indemnización. + +## [En el vientre del MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reacciones](https://news.ycombinator.com/item?id=42696691) + +- La redacción examina cómo el algoritmo de YouTube influye en la creación de contenido, utilizando a MrBeast como estudio de caso, destacando un cambio hacia contenido impulsado por el compromiso en lugar de contenido significativo. - Discute las implicaciones más amplias para la alfabetización mediática y el impacto cultural de plataformas como YouTube y TikTok, sugiriendo una tendencia hacia contenido superficial y reaccionario. - Se consideran diversas perspectivas sobre el papel de los algoritmos en la conformación del contenido y la influencia de los creadores populares en las normas culturales. + +## [Las operaciones de Git en GitHub están caídas](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub enfrentó una interrupción de operaciones de Git el 13 de enero de 2025, debido a un cambio de configuración que afectó al equilibrador de carga interno, que duró desde las 23:35 hasta las 00:24 UTC. - El problema se resolvió revirtiendo el cambio de configuración, y GitHub está trabajando en mejorar los procesos de monitoreo y despliegue para prevenir incidentes similares. - La interrupción también afectó a los servicios de Actions y Pages de GitHub, destacando la naturaleza interconectada de sus servicios de plataforma. + +### [Reacciones](https://news.ycombinator.com/item?id=42691184) + +- GitHub enfrentó una importante interrupción que afectó las operaciones de git, lo que llevó a la confusión entre los desarrolladores que inicialmente sospecharon problemas con sus claves SSH o configuraciones locales. - El incidente subrayó los desafíos de depender de servicios centralizados, lo que provocó discusiones sobre las ventajas de la auto-hospedaje y los sistemas descentralizados. - Aunque el problema se resolvió, destacó preocupaciones sobre la fiabilidad de GitHub y los riesgos de depender de plataformas de terceros para tareas esenciales. + +## [ZFS 2.3 lanzado con expansión ZFS raidz](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 ha sido lanzado, introduciendo características significativas como la expansión RAIDZ, deduplicación rápida, entrada/salida directa, salida JSON y soporte para nombres de archivos largos. - La versión incluye correcciones de errores esenciales y mejoras de rendimiento, compatible con los núcleos de Linux 4.18 - 6.12 y las versiones de FreeBSD 13.3, 14.0 - 14.2. - La actualización es un esfuerzo colaborativo de 134 contribuyentes, con documentación completa y un registro de cambios disponible para revisión. + +### [Reacciones](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 ha sido lanzado, introduciendo características como la expansión de RAIDZ, deduplicación rápida, IO directo, salida JSON y soporte para nombres de archivos largos. - La expansión de RAIDZ es particularmente notable ya que permite a los usuarios agregar nuevos dispositivos a un pool RAIDZ existente sin tiempo de inactividad, mejorando la capacidad de almacenamiento. - El lanzamiento se considera un avance significativo para los usuarios de ZFS, estableciendo comparaciones con otros sistemas de archivos como Btrfs y Windows Storage Spaces, a pesar de algunas limitaciones como la imposibilidad de reducir el tamaño de los pools. + +## [Webtop: contenedores de Alpine, Ubuntu, Fedora y Arch que contienen entornos de escritorio completos](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop proporciona contenedores basados en Alpine, Ubuntu, Fedora y Arch con entornos de escritorio completos accesibles a través de navegadores web, compatibles con arquitecturas x86-64 y arm64. +- Los usuarios pueden seleccionar entre varios entornos de escritorio como XFCE, KDE, MATE, i3, Openbox e IceWM utilizando etiquetas de imagen específicas, y acceder al Webtop a través de URL designadas. +- Las características de seguridad incluyen la opción seccomp de Docker y la configuración de autenticación, con opciones de personalización disponibles a través de variables de entorno, y soporte para aceleración de GPU con controladores de código abierto. + +### [Reacciones](https://news.ycombinator.com/item?id=42690983) + +- Webtop proporciona contenedores con entornos de escritorio completos para Alpine, Ubuntu, Fedora y Arch, adecuados para configuraciones rápidas detrás de una VPN. +- Los usuarios elogian a Webtop por su velocidad y facilidad de uso, especialmente cuando se utiliza con el contenedor Gluetun para conexiones seguras, pero advierten contra la exposición de contenedores a internet sin medidas de seguridad debido a la falta de autenticación predeterminada. +- El proyecto es valorado por ser de código abierto y flexible, con usuarios compartiendo configuraciones, y se destacan alternativas como Kasm y Selkies para propósitos similares. + +## [1 de cada 5 ofertas de trabajo en línea son falsas o nunca se cubren, según un estudio.](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- Un estudio reciente indica que el 20% de las ofertas de trabajo en línea son falsas o permanecen sin cubrir, lo que aumenta la frustración de los buscadores de empleo. - Esta tendencia de "trabajos fantasma" podría ser una táctica de las empresas para proyectar una imagen de crecimiento. - Plataformas de empleo como Greenhouse y LinkedIn han introducido servicios de verificación de empleos para ayudar a los usuarios a identificar oportunidades laborales genuinas. + +### [Reacciones](https://news.ycombinator.com/item?id=42697783) + +- Un estudio revela que el 20% de las ofertas de trabajo en línea son falsas o permanecen sin cubrir, a menudo debido a que las empresas necesitan cumplir con las políticas de inmigración de EE. UU. - Las empresas también pueden dejar las ofertas de trabajo publicadas para encontrar candidatos ideales, cambiar los requisitos o tener candidatos internos preseleccionados. - El mercado laboral es difícil para los solicitantes, que frecuentemente enfrentan el fenómeno del ghosting y rechazos automatizados, lo que provoca llamados a una intervención regulatoria. + +## [Hacer una intersección insegura para los peatones para ahorrar segundos a los conductores](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reacciones](https://news.ycombinator.com/item?id=42698557) + +- La discusión se centra en si las intersecciones deben priorizar la seguridad de los peatones o la eficiencia de los conductores, con algunos que prefieren intersecciones controladas por semáforos y cruces peatonales sobre paradas de 4 vías. +- Las opiniones varían sobre las leyes de tráfico y el diseño de infraestructuras, con debates sobre la seguridad de cruzar la calle fuera de los pasos peatonales y los riesgos asociados con girar a la derecha en rojo. +- Algunos abogan por soluciones alternativas como las rotondas o la adopción de estándares de ingeniería de tráfico holandeses para mejorar tanto la seguridad como la eficiencia. + +## [PostgreSQL es el Sistema de Gestión de Bases de Datos del Año 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL ha sido galardonado como el DBMS del Año 2024 por DB-Engines, logrando este reconocimiento por quinta vez, superando a otros 423 sistemas de gestión de bases de datos. +- PostgreSQL, con una historia que abarca casi 35 años, sigue innovando, como se puede ver en las recientes mejoras de PostgreSQL 17, lanzado en septiembre de 2024. +- Snowflake y Microsoft aseguraron el segundo y tercer lugar, respectivamente, con Snowflake destacado por su almacenamiento de datos en la nube y soporte multi-nube, mientras que Microsoft ofrece bases de datos relacionales administradas robustas a través de Azure SQL Database y SQL Server. + +### [Reacciones](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL ha sido galardonado como el Sistema de Gestión de Bases de Datos del Año 2024 por db-engines.com, destacando su creciente popularidad y reconocimiento en la industria. +- Los usuarios están considerando cambiar de Microsoft SQL Server a PostgreSQL debido a los altos costos de licencias y las limitaciones de recursos, a pesar de los posibles desafíos de migración. +- PostgreSQL es preferido por sus características robustas y rentabilidad, lo que lo convierte en una opción preferida para futuros proyectos, aunque algunos usuarios exploran alternativas como Babelfish para reducir costos. + +## [El inicio de sesión de OAuth de Google no protege contra la compra de un dominio de startup fallida](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reacciones](https://news.ycombinator.com/item?id=42699099) + +- La discusión resalta una vulnerabilidad en el sistema de inicio de sesión OAuth de Google cuando el dominio de una startup fallida es adquirido por un nuevo propietario, lo que podría permitir el acceso no autorizado a servicios. +- Este problema surge porque Google puede no distinguir entre los propietarios originales y nuevos del dominio, lo que afecta a cualquier sistema que utilice autenticación basada en dominios. +- Una solución propuesta es utilizar identificadores únicos que permanezcan constantes a lo largo del tiempo, aunque la implementación de esta solución varía entre los proveedores de identidad. + +## [Usar habilidades de codificación para generar ingresos pasivos](https://www.coryzue.com/writing/solopreneur/) + +- El autor pasó de un rol de CTO a un solopreneur, ganando exitosamente más a través de una cartera de productos de software. +- Las estrategias clave incluyen centrarse en el trabajo profundo, comenzar con proyectos pequeños, iterar rápidamente y dedicar tiempo a los esfuerzos de marketing. +- La travesía enfatiza la resiliencia debido a las incertidumbres, pero destaca la autonomía y libertad incomparables de este camino profesional, animando a aquellos con habilidades de codificación a considerarlo para obtener ingresos pasivos. + +### [Reacciones](https://news.ycombinator.com/item?id=42696822) + +- Un usuario describió cómo generar ingresos pasivos a través de sitios web de spam de SEO utilizando nombres de dominio que están por expirar, ganando aproximadamente $30,000 anualmente, a pesar de las preocupaciones éticas y la eventual represión de Google. +- La publicación provocó un debate sobre los ingresos pasivos, con algunos usuarios argumentando que se asemeja más a dirigir un negocio que a ganancias verdaderamente pasivas. +- Los participantes compartieron experiencias y desafíos en proyectos paralelos, destacando la importancia del tiempo, la resiliencia y la planificación estratégica. + +## [España propone un impuesto del 100% sobre las viviendas compradas por residentes no pertenecientes a la UE](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- España está considerando un impuesto del 100% sobre las compras de bienes raíces por parte de residentes no pertenecientes a la UE, con el objetivo de abordar la crisis de vivienda y frenar la compra especulativa. +- La propuesta del Primer Ministro Pedro Sánchez incluye la expansión de la vivienda social y la regulación de los alquileres turísticos para abordar la disparidad entre los precios de la vivienda y los ingresos. +- La futura aprobación de la propuesta como ley es incierta, ya que algunos analistas la ven más como un elemento disuasorio para los inversores extranjeros que como un cambio legislativo garantizado. + +### [Reacciones](https://news.ycombinator.com/item?id=42690781) + +- España está considerando un impuesto del 100% sobre las viviendas compradas por residentes no pertenecientes a la UE para abordar los problemas de asequibilidad de la vivienda. - Los críticos sugieren que los compradores extranjeros no son la causa principal de los altos precios de la vivienda, citando la burocracia lenta y las leyes de zonificación como factores más significativos. - La propuesta ha encendido un debate sobre el papel de la propiedad extranjera en los mercados de vivienda y su efectividad para resolver los problemas de asequibilidad. + +## [Apple pronto recibirá chips 'hechos en América' de la fábrica de TSMC en Arizona](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple está probando procesadores de la planta de TSMC en Arizona, con planes para la producción en masa para el primer trimestre, lo que podría convertirla en el primer cliente estadounidense de TSMC para chips fabricados localmente. - Esta iniciativa tiene como objetivo fortalecer la independencia de silicio de EE. UU., reduciendo la dependencia de Taiwán, que es vulnerable a riesgos geopolíticos y naturales. - La fábrica de TSMC en Arizona está preparada para producir chips avanzados de 3nm y 2nm, con esfuerzos continuos para mejorar el reclutamiento local y las asociaciones con universidades estadounidenses, aunque el empaquetado se realizará inicialmente en Taiwán hasta que la instalación de Peoria esté operativa. + +### [Reacciones](https://news.ycombinator.com/item?id=42699977) + +- Apple recibirá chips de la planta de TSMC en Arizona, pero deben ser enviados de regreso a Taiwán para su empaquetado debido a la insuficiencia de instalaciones en EE. UU. - Más del 50% de la fuerza laboral en la planta de Arizona proviene de Taiwán, lo que indica una brecha en el campo STEM (Ciencia, Tecnología, Ingeniería y Matemáticas) de EE. UU. - La iniciativa de la Ley CHIPS, destinada a mejorar la fabricación de semiconductores en EE. UU., enfrenta desafíos ya que se cuestiona la etiqueta "Hecho en América" debido al proceso de empaquetado que ocurre en Taiwán, con planes para capacidades de empaquetado en EE. UU. para 2027. + +## [43,000 conductores menos en las carreteras de Manhattan después de que se activó el cobro por congestión](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Después de que se implementó el peaje por congestión, hubo una reducción del 7.5% en los conductores que ingresaban a Manhattan por debajo de la Calle 60, lo que equivale a 43,000 conductores menos cada día de la semana. +- La reducción del tráfico ha mejorado el flujo vehicular y aumentado la velocidad de los autobuses, con algunos autobuses exprés experimentando un mayor número de pasajeros. +- La Autoridad Metropolitana de Transporte (MTA) utiliza los ingresos por peajes, estimados en 500 millones de dólares anuales, para mejoras en el transporte, a pesar de cierta oposición política. + +### [Reacciones](https://news.ycombinator.com/item?id=42692730) + +- La implementación de la tarificación por congestión en Manhattan ha resultado en 43,000 conductores menos, lo que ha llevado a un aumento en la velocidad de los autobuses y potencialmente mejores tiempos de respuesta de emergencia. +- La política está diseñada para reducir la congestión del tráfico y mejorar la calidad del aire, aunque ha generado debate sobre su impacto en las personas de bajos ingresos. +- Los defensores argumentan que los beneficios incluyen un transporte público más eficiente y un aire más limpio, mientras continúan las discusiones sobre cómo equilibrar estas ventajas con las necesidades de los conductores. + + + + + + diff --git a/i18n/fi/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/fi/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..8ad10ddf2 --- /dev/null +++ b/i18n/fi/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [Snyk-tietoturvatutkija ottaa käyttöön haitallisia NPM-paketteja, jotka kohdistuvat cursor.com-sivustoon.](https://sourcecodered.com/snyk-malicious-npm-package/) + +- Eräs Snykin tietoturvatutkija julkaisi haitallisia NPM-paketteja, jotka kohdistuivat Cursor.comiin, tekoälykoodausyritykseen, kerätäkseen järjestelmätietoja ja lähettääkseen ne hyökkääjän hallitsemaan palveluun. +- Pakettien nimet ovat "cursor-retrieval", "cursor-always-local" ja "cursor-shadow-workspace", ja ne merkittiin OpenSSF-pakettianalyysiskannerin toimesta, mikä johti neuvonantoihin MAL-2025-27, MAL-2025-28 ja MAL-2025-29. +- Tämä tapaus korostaa NPM-pakettien tarkastelun tärkeyttä ennen asennusta mahdollisten tietoturvauhkien välttämiseksi. + +### [Reaktiot](https://news.ycombinator.com/item?id=42690473) + +- Eräs Snykin tietoturvatutkija julkaisi haitallisia NPM (Node Package Manager) -paketteja, jotka kohdistuivat cursor.comiin, tuoden esiin riippuvuuksien sekaantumiseen liittyviä haavoittuvuuksia. - Tapaus on herättänyt keskustelua tietoturvatutkimuksen etiikasta, erityisesti ympäristömuuttujien julkiseen paljastamiseen liittyen. - Cursor.com selvensi, etteivät he olleet valtuuttaneet toimintaa, ja Snyk on sittemmin pyytänyt anteeksi, korostaen hyökkäävän tietoturvatutkimuksen ja eettisten standardien tasapainottamisen haasteita. + +## [Vaihdoinkin Firefoxiin enkä ole katsonut taaksepäin](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefoxia kehutaan sen erinomaisesta välilehtien hallinnasta, sisäänrakennetusta Pocket-ominaisuudesta linkkien tallentamiseen ja yksityisyyteen keskittyvästä sähköpostin välityspalvelusta, mikä tekee siitä vahvan vaihtoehdon Chromelle. - Lisäominaisuudet, kuten käyttäjäystävällinen kuvakaappaustyökalu, ChatGPT-painike, Picture-in-Picture, muokattavat hakuvaihtoehdot ja sujuva vieritys parantavat selauskokemusta. - Vaikka Firefoxilta puuttuu Chromen verkkosovellusominaisuus, sen harkittu suunnittelu ja vähäisempi resurssien kulutus tekevät siitä joidenkin käyttäjien suosikin. + +### [Reaktiot](https://news.ycombinator.com/item?id=42696081) + +- Firefox-käyttäjät kohtaavat haasteita alustoilta, kuten YouTube, jotka saattavat tahallisesti heikentää kokemusta ei-Google-selaimille tai käyttäjille, jotka käyttävät mainostenesto-ohjelmia. - Tämä suuntaus herättää huolta käyttäjien autonomiasta, sillä se rankaisee niitä, jotka valitsevat mainosvapaan ja valvonnasta vapaan verkkokokemuksen. - Firefox tarjoaa ainutlaatuisia ominaisuuksia, kuten konttivälilehtiä, jotka parantavat yksityisyyttä ja käytettävyyttä, tehden siitä suositun valinnan käyttäjille, jotka etsivät riippumattomuutta suurten yritysten hallitsemista selaimista. + +## [Sonosin toimitusjohtaja eroaa sovelluspäivityksen epäonnistumisen jälkeen](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reaktiot](https://news.ycombinator.com/item?id=42687932) + +- Sonosin toimitusjohtaja on eronnut kiistanalaisen sovelluspäivityksen jälkeen, joka vaati käyttäjiä korvaamaan kalliit äänijärjestelmät, aiheuttaen asiakastyytymättömyyttä. - Päivitys toi mukanaan pilvipohjaisen järjestelmän, joka siirtyi pois luotettavasta Universal Plug and Play (UPnP) -järjestelmästä, mikä johti yhteysongelmiin ja lisäsi monimutkaisuutta. - Tämä tilanne korostaa liiketoimintastrategioiden ja asiakassuhteiden ylläpitämisen välistä ristiriitaa, kun toimitusjohtaja siirtyy neuvonantajan rooliin erorahapaketin kanssa. + +## [MrBeastin vatsassa](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reaktiot](https://news.ycombinator.com/item?id=42696691) + +- Essee tutkii, kuinka YouTuben algoritmi vaikuttaa sisällön luomiseen, käyttäen MrBeastia tapaustutkimuksena, ja korostaa siirtymää kohti sitoutumislähtöistä pikemminkin kuin merkityksellistä sisältöä. - Se käsittelee laajempia vaikutuksia medialukutaitoon ja kulttuurista vaikutusta alustoilla kuten YouTube ja TikTok, ehdottaen suuntausta pinnalliseen ja reaktiiviseen sisältöön. - Eri näkökulmia tarkastellaan algoritmien roolista sisällön muokkaamisessa ja suosittujen tekijöiden vaikutuksesta kulttuurisiin normeihin. + +## [Gitin GitHub-operaatiot ovat alhaalla](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub kohtasi Git-toimintojen katkoksen 13. tammikuuta 2025, johtuen kokoonpanomuutoksesta, joka vaikutti sisäiseen kuormantasaajaan, kestäen 23:35:stä 00:24:ään UTC-aikaa. - Ongelma ratkaistiin palauttamalla kokoonpanomuutos, ja GitHub työskentelee parantaakseen valvonta- ja käyttöönottoprosesseja estääkseen vastaavat tapaukset. - Katkos vaikutti myös GitHubin Actions- ja Pages-palveluihin, korostaen niiden alustapalveluiden keskinäistä yhteyttä. + +### [Reaktiot](https://news.ycombinator.com/item?id=42691184) + +- GitHub kohtasi merkittävän katkoksen, joka vaikutti git-toimintoihin ja aiheutti hämmennystä kehittäjien keskuudessa, jotka aluksi epäilivät ongelmia SSH-avaimissaan tai paikallisissa kokoonpanoissaan. - Tapaus korosti keskitettyihin palveluihin luottamisen haasteita ja herätti keskusteluja itseisännöinnin ja hajautettujen järjestelmien eduista. - Vaikka ongelma ratkaistiin, se toi esiin huolenaiheita GitHubin luotettavuudesta ja kolmannen osapuolen alustojen varaan rakentamisen riskeistä olennaisissa tehtävissä. + +## [ZFS 2.3 julkaistu ZFS raidz -laajennuksella](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 on julkaistu, ja se tuo mukanaan merkittäviä ominaisuuksia, kuten RAIDZ-laajennuksen, nopean deduplikoinnin, suoran syötteen/ulostulon, JSON-ulostulon ja tuen pitkille tiedostonimille. - Julkaisu sisältää olennaisia virheenkorjauksia ja suorituskyvyn parannuksia, ja se on yhteensopiva Linux-ytimien 4.18 - 6.12 ja FreeBSD-versioiden 13.3, 14.0 - 14.2 kanssa. - Päivitys on 134 avustajan yhteistyön tulos, ja siitä on saatavilla kattava dokumentaatio ja muutosloki tarkasteltavaksi. + +### [Reaktiot](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 on julkaistu, ja se tuo mukanaan ominaisuuksia kuten RAIDZ-laajennus, nopea deduplikointi, suora IO, JSON-tuloste ja tuki pitkille tiedostonimille. - RAIDZ-laajennus on erityisen merkittävä, sillä se mahdollistaa käyttäjille uusien laitteiden lisäämisen olemassa olevaan RAIDZ-pooliin ilman käyttökatkoa, mikä parantaa tallennuskapasiteettia. - Julkaisua pidetään merkittävänä edistysaskeleena ZFS-käyttäjille, ja sitä verrataan muihin tiedostojärjestelmiin kuten Btrfs ja Windows Storage Spaces, vaikka sillä on joitakin rajoituksia, kuten kyvyttömyys pienentää pooleja. + +## [Webtop – Alpine-, Ubuntu-, Fedora- ja Arch-kontit, jotka sisältävät täydet työpöytäympäristöt](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop tarjoaa kontteja, jotka perustuvat Alpineen, Ubuntuun, Fedoraan ja Archiin, ja joissa on täydet työpöytäympäristöt, jotka ovat käytettävissä verkkoselaimien kautta, tukien sekä x86-64 että arm64-arkkitehtuureja. +- Kayttäjät voivat valita erilaisista työpöytäympäristöistä, kuten XFCE, KDE, MATE, i3, Openbox ja IceWM, käyttämällä tiettyjä kuvamerkintöjä ja käyttää Webtopia määrättyjen URL-osoitteiden kautta. +- Turvaominaisuuksiin kuuluvat Dockerin seccomp-vaihtoehto ja todennuksen asennus, mukautusmahdollisuudet ympäristömuuttujien kautta sekä tuki GPU-kiihdytykselle avoimen lähdekoodin ajureilla. + +### [Reaktiot](https://news.ycombinator.com/item?id=42690983) + +- Webtop tarjoaa kontteja, joissa on täydet työpöytäympäristöt Alpine-, Ubuntu-, Fedora- ja Arch-järjestelmille, sopien nopeisiin asennuksiin VPN:n taakse. +- Webtopin käyttäjät kehuvat sen nopeutta ja helppokäyttöisyyttä, erityisesti kun sitä käytetään Gluetun-kontin kanssa turvallisten yhteyksien luomiseksi, mutta varoittavat konttien altistamisesta internetille ilman turvatoimia oletusautentikoinnin puutteen vuoksi. +- Projektia arvostetaan sen avoimen lähdekoodin ja joustavuuden vuoksi, ja käyttäjät jakavat kokoonpanoja. Vaihtoehdot kuten Kasm ja Selkies mainitaan samanlaisiin tarkoituksiin. + +## [1 viidestä verkossa julkaistusta työpaikkailmoituksesta on joko väärennös tai niitä ei koskaan täytetä, tutkimus paljastaa](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- Äskettäinen tutkimus osoittaa, että 20 % verkossa olevista työpaikkailmoituksista on joko väärennettyjä tai jää täyttämättä, mikä lisää työnhakijoiden turhautumista. - Tämä "haamutyöpaikkojen" trendi saattaa olla yritysten keino luoda kuvaa kasvusta. - Työpaikka-alustat, kuten Greenhouse ja LinkedIn, ovat ottaneet käyttöön työpaikkojen varmennuspalveluita auttaakseen käyttäjiä tunnistamaan aidot työmahdollisuudet. + +### [Reaktiot](https://news.ycombinator.com/item?id=42697783) + +- Eräs tutkimus paljastaa, että 20 % verkossa olevista työpaikkailmoituksista on joko väärennettyjä tai jää täyttämättä, usein siksi, että yritysten on noudatettava Yhdysvaltojen maahanmuuttopolitiikkaa. - Yritykset voivat myös pitää työpaikkailmoituksia esillä löytääkseen ihanteellisia ehdokkaita, muuttaakseen vaatimuksia tai koska heillä on jo valmiiksi valittuja sisäisiä ehdokkaita. - Työmarkkinat ovat hakijoille vaikeat, ja he kohtaavat usein "ghostingia" ja automatisoituja hylkäyksiä, mikä on johtanut vaatimuksiin sääntelytoimista. + +## [Tehdä risteyksestä turvaton jalankulkijoille säästääkseen sekunteja autoilijoille](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reaktiot](https://news.ycombinator.com/item?id=42698557) + +- Keskustelu keskittyy siihen, tulisiko risteyksissä asettaa etusijalle jalankulkijoiden turvallisuus vai autoilijoiden tehokkuus, ja jotkut suosivat liikennevalo-ohjattuja risteyksiä ja jalankulkijoiden ylityksiä neljän suunnan pysähdysten sijaan. +- Mielipiteet vaihtelevat liikennelakien ja infrastruktuurin suunnittelun suhteen, ja keskusteluja käydään muun muassa kadunylityksen turvallisuudesta ja oikealle kääntymisen riskeistä punaisissa valoissa. +- Jotkut kannattavat vaihtoehtoisia ratkaisuja, kuten liikenneympyröitä tai hollantilaisten liikennesuunnittelustandardien omaksumista, parantaakseen sekä turvallisuutta että tehokkuutta. + +## [PostgreSQL on vuoden 2024 tietokannan hallintajärjestelmä.](https://db-engines.com/en/blog_post/109) + +- PostgreSQL on saanut DB-Enginesin myöntämän Vuoden DBMS 2024 -palkinnon, saavuttaen tämän tunnustuksen viidennen kerran, ohittaen 423 muuta tietokannan hallintajärjestelmää. +- PostgreSQL, jolla on lähes 35 vuoden historia, jatkaa innovointia, kuten nähdään syyskuussa 2024 julkaistun PostgreSQL 17:n viimeaikaisissa parannuksissa. +- Snowflake ja Microsoft saavuttivat toisen ja kolmannen sijan, Snowflaken erottuessa pilvipohjaisesta tietovarastoinnistaan ja monipilvitukensa ansiosta, kun taas Microsoft tarjoaa vankkoja hallittuja relaatiotietokantoja Azure SQL Database- ja SQL Server -palveluiden kautta. + +### [Reaktiot](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL on saanut vuoden 2024 tietokannan hallintajärjestelmän palkinnon db-engines.com-sivustolta, mikä korostaa sen kasvavaa suosiota ja tunnustusta alalla. +- Käyttäjät harkitsevat siirtymistä Microsoft SQL Serveristä PostgreSQL:ään korkeiden lisensointikustannusten ja resurssirajoitusten vuoksi, huolimatta mahdollisista siirtymähaasteista. +- PostgreSQL on suosittu sen vankkojen ominaisuuksien ja kustannustehokkuuden vuoksi, mikä tekee siitä suositun valinnan tuleviin projekteihin, vaikka jotkut käyttäjät tutkivat vaihtoehtoja, kuten Babelfish, kustannusten vähentämiseksi. + +## [Googlen OAuth-kirjautuminen ei suojaa epäonnistuneen startup-yrityksen verkkotunnuksen ostamiselta](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reaktiot](https://news.ycombinator.com/item?id=42699099) + +- Keskustelu tuo esiin haavoittuvuuden Googlen OAuth-kirjautumisjärjestelmässä, kun epäonnistuneen startup-yrityksen verkkotunnus hankitaan uuden omistajan toimesta, mikä voi mahdollisesti sallia luvattoman pääsyn palveluihin. +- Tämä ongelma syntyy, koska Google ei välttämättä erota alkuperäisiä ja uusia verkkotunnuksen omistajia toisistaan, mikä vaikuttaa kaikkiin järjestelmiin, jotka käyttävät verkkotunnuspohjaista todennusta. +- Yksi ehdotettu ratkaisu on käyttää yksilöllisiä tunnisteita, jotka pysyvät muuttumattomina ajan myötä, vaikka tämän ratkaisun toteutus vaihtelee eri identiteetin tarjoajien kesken. + +## [Koodausosaamisen hyödyntäminen passiivisen tulon hankkimiseen](https://www.coryzue.com/writing/solopreneur/) + +- Kirjoittaja siirtyi teknologiajohtajan roolista yksinyrittäjäksi ja ansaitsi menestyksekkäästi enemmän ohjelmistotuotteiden portfoliollaan. +- Keskeisiin strategioihin kuuluu keskittyminen syvälliseen työskentelyyn, aloittaminen pienistä projekteista, nopea iterointi ja ajan omistaminen markkinointiponnisteluille. +- Matka korostaa epävarmuuksien vuoksi resilienssiä, mutta tuo esiin tämän urapolun vertaansa vailla olevan autonomian ja vapauden, kannustaen koodaustaitoisia harkitsemaan sitä passiivisen tulon lähteenä. + +### [Reaktiot](https://news.ycombinator.com/item?id=42696822) + +- Eräs käyttäjä kuvaili passiivisen tulon hankkimista SEO-spam-sivustojen kautta käyttämällä vanhentuvia verkkotunnuksia, ansaiten noin 30 000 dollaria vuodessa, huolimatta eettisistä huolenaiheista ja Googlen lopulta tapahtuvasta tiukennuksesta. +- Julkaisu herätti keskustelua passiivisista tuloista, ja jotkut käyttäjät väittivät, että se muistuttaa enemmän yrityksen pyörittämistä kuin todellisia passiivisia ansioita. +- Osallistujat jakoivat kokemuksia ja haasteita sivuprojekteissa, korostaen ajan, sitkeyden ja strategisen suunnittelun merkitystä. + +## [Espanja ehdottaa 100 % veroa EU:n ulkopuolisten asukkien ostamille asunnoille](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Espanja harkitsee 100 % veroa kiinteistöhankinnoille, jotka tehdään EU:n ulkopuolisilta asukkailta, pyrkien ratkaisemaan asuntokriisiä ja hillitsemään spekulatiivista ostamista. +- Pääministeri Pedro Sánchezin ehdotus sisältää sosiaalisen asuntotuotannon laajentamisen ja turistivuokrausten sääntelyn, jotta voitaisiin puuttua asuntohintojen ja tulojen väliseen epätasapainoon. +- Ehdotuksen tulevaisuus lakina on epävarma, ja jotkut analyytikot pitävät sitä pikemminkin ulkomaisten sijoittajien pelotteena kuin taattuna lainsäädännöllisenä muutoksena. + +### [Reaktiot](https://news.ycombinator.com/item?id=42690781) + +- Espanja harkitsee 100 % veroa EU:n ulkopuolisten asukkaiden ostamille asunnoille ratkaistakseen asuntojen kohtuuhintaisuuteen liittyviä ongelmia. - Kriitikot väittävät, että ulkomaiset ostajat eivät ole asuntojen korkeiden hintojen ensisijainen syy, vaan hitaat byrokratiaprosessit ja kaavoituslait ovat merkittävämpiä tekijöitä. - Ehdotus on herättänyt keskustelua ulkomaisen omistuksen roolista asuntomarkkinoilla ja sen tehokkuudesta kohtuuhintaisuuskysymysten ratkaisemisessa. + +## [Apple saa pian 'made in America' -sirut TSMC:n Arizonan tehtaasta](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple testaa TSMC:n Arizonan laitoksen prosessoreita, suunnitellen massatuotantoa ensimmäiselle vuosineljännekselle, ja saattaa näin tulla TSMC:n ensimmäiseksi Yhdysvaltain asiakkaaksi paikallisesti valmistetuille siruille. - Tämä aloite pyrkii vahvistamaan Yhdysvaltojen piiriomavaraisuutta, vähentäen riippuvuutta Taiwanista, joka on altis geopoliittisille ja luonnonriskeille. - TSMC:n Arizonan tehdas aikoo tuottaa edistyneitä 3nm ja 2nm siruja, ja pyrkii parantamaan paikallista rekrytointia sekä yhteistyötä Yhdysvaltain yliopistojen kanssa, vaikka pakkaaminen tapahtuukin aluksi Taiwanissa, kunnes Peorian laitos on toiminnassa. + +### [Reaktiot](https://news.ycombinator.com/item?id=42699977) + +- Apple saa siruja TSMC:n Arizonan tehtaalta, mutta ne on lähetettävä takaisin Taiwaniin pakkausta varten Yhdysvaltojen riittämättömien tilojen vuoksi. - Yli 50 % Arizonan tehtaan työvoimasta on Taiwanista, mikä osoittaa puutteen Yhdysvaltojen STEM (tiede, teknologia, insinööritiede ja matematiikka) alalla. - CHIPS Act -aloite, jonka tavoitteena on parantaa Yhdysvaltojen puolijohdevalmistusta, kohtaa haasteita, kun "Made in America" -merkintää kyseenalaistetaan pakkausprosessin tapahtuessa Taiwanissa, ja suunnitelmissa on Yhdysvaltojen pakkauskapasiteetin kehittäminen vuoteen 2027 mennessä. + +## [43 000 kuljettajaa vähemmän Manhattanin teillä ruuhkamaksujen käyttöönoton jälkeen](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Ruuhkamaksujen käyttöönoton jälkeen Manhattanille 60. kadun alapuolelle ajavien kuljettajien määrä väheni 7,5 %, mikä tarkoittaa 43 000 vähemmän kuljettajaa joka arkipäivä. +- Liikenteen väheneminen on parantanut liikenteen sujuvuutta ja lisännyt bussien nopeuksia, ja joillakin pikabusseilla on ollut enemmän matkustajia. +- Metropolitan Transportation Authority (MTA) käyttää tietullituloja, joiden arvioidaan olevan 500 miljoonaa dollaria vuosittain, liikenteen parannuksiin, huolimatta joistakin poliittisista vastustuksista. + +### [Reaktiot](https://news.ycombinator.com/item?id=42692730) + +- Ruuhkamaksujen käyttöönotto Manhattanilla on johtanut 43 000 kuljettajan vähenemiseen, mikä on lisännyt bussien nopeuksia ja mahdollisesti parantanut hätätilanteisiin vastaamisaikoja. +- Politiikan tarkoituksena on vähentää liikenneruuhkia ja parantaa ilmanlaatua, vaikka se onkin herättänyt keskustelua sen vaikutuksista pienituloisiin henkilöihin. +- Kannattajat väittävät, että hyödyt sisältävät tehokkaamman joukkoliikenteen ja puhtaamman ilman, kun taas keskustelut jatkuvat näiden etujen tasapainottamisesta autoilijoiden tarpeiden kanssa. + + + + + + diff --git a/i18n/fr/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/fr/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..d0d2e5aaf --- /dev/null +++ b/i18n/fr/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [Un chercheur en sécurité de Snyk déploie des paquets NPM malveillants ciblant cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- Un chercheur en sécurité de Snyk a publié des paquets NPM malveillants ciblant Cursor.com, une entreprise de codage IA, pour collecter des données système et les envoyer à un service contrôlé par un attaquant. +- Les paquets, identifiés comme "cursor-retrieval", "cursor-always-local" et "cursor-shadow-workspace", ont été signalés par le scanner d'analyse de paquets OpenSSF, entraînant les avis MAL-2025-27, MAL-2025-28 et MAL-2025-29. +- Cet incident souligne l'importance de scruter les paquets NPM avant l'installation pour éviter les menaces potentielles à la sécurité. + +### [Réactions](https://news.ycombinator.com/item?id=42690473) + +- Un chercheur en sécurité de Snyk a publié des paquets NPM (Node Package Manager) malveillants ciblant cursor.com, mettant en évidence des vulnérabilités de confusion de dépendance. - L'incident a déclenché un débat sur l'éthique de la recherche en sécurité, notamment en ce qui concerne l'exposition publique des variables d'environnement. - Cursor.com a précisé qu'ils n'avaient pas autorisé cette action, et Snyk s'est depuis excusé, soulignant les défis de l'équilibre entre la recherche en sécurité offensive et les normes éthiques. + +## [Je suis passé à Firefox et je n'ai jamais regretté.](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox est salué pour sa gestion supérieure des onglets, sa fonctionnalité Pocket intégrée pour enregistrer des liens, et son relais de messagerie axé sur la confidentialité, en faisant une alternative solide à Chrome. - Des fonctionnalités supplémentaires comme un outil de capture d'écran convivial, un bouton ChatGPT, le mode Picture-in-Picture, des options de recherche personnalisables, et un défilement fluide améliorent l'expérience de navigation. - Bien que Firefox manque de la fonctionnalité d'application web de Chrome, sa conception réfléchie et ses exigences réduites en ressources en font un choix préféré pour certains utilisateurs. + +### [Réactions](https://news.ycombinator.com/item?id=42696081) + +- Les utilisateurs de Firefox sont confrontés à des défis de la part de plateformes comme YouTube, qui peuvent intentionnellement dégrader l'expérience pour les navigateurs non-Google ou les utilisateurs employant des bloqueurs de publicités. - Cette tendance soulève des préoccupations concernant l'autonomie des utilisateurs, car elle pénalise ceux qui optent pour une expérience web sans publicité et sans surveillance. - Firefox offre des fonctionnalités uniques, telles que les onglets conteneurs, qui améliorent la confidentialité et l'utilisabilité, en faisant un choix privilégié pour les utilisateurs cherchant à s'affranchir des navigateurs contrôlés par de grandes entreprises. + +## [Le PDG de Sonos démissionne après le fiasco de la mise à jour de l'application](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Réactions](https://news.ycombinator.com/item?id=42687932) + +- Le PDG de Sonos a démissionné suite à une mise à jour controversée de l'application qui obligeait les utilisateurs à remplacer des systèmes audio coûteux, provoquant l'insatisfaction des clients. - La mise à jour a introduit un système basé sur le cloud, s'éloignant du fiable Universal Plug and Play (UPnP), ce qui a entraîné des problèmes de connectivité et une complexité accrue. - Cette situation souligne le conflit entre les stratégies commerciales et le maintien de la confiance des clients, alors que le PDG passe à un rôle de conseiller avec un package de départ. + +## [Dans le ventre de MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Réactions](https://news.ycombinator.com/item?id=42696691) + +- L'essai examine comment l'algorithme de YouTube influence la création de contenu, en utilisant MrBeast comme étude de cas, soulignant un passage vers un contenu axé sur l'engagement plutôt que sur le sens. - Il discute des implications plus larges pour la littératie médiatique et l'impact culturel des plateformes comme YouTube et TikTok, suggérant une tendance vers un contenu superficiel et réactionnaire. - Diverses perspectives sont considérées sur le rôle des algorithmes dans la formation du contenu et l'influence des créateurs populaires sur les normes culturelles. + +## [Les opérations Git sur GitHub sont en panne](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub a connu une panne des opérations Git le 13 janvier 2025, en raison d'un changement de configuration affectant l'équilibreur de charge interne, qui a duré de 23h35 à 00h24 UTC. - Le problème a été résolu en annulant le changement de configuration, et GitHub travaille à améliorer les processus de surveillance et de déploiement pour éviter des incidents similaires. - La panne a également affecté les services Actions et Pages de GitHub, soulignant la nature interconnectée de leurs services de plateforme. + +### [Réactions](https://news.ycombinator.com/item?id=42691184) + +- GitHub a connu une panne majeure affectant les opérations git, ce qui a conduit à la confusion parmi les développeurs qui ont d'abord suspecté des problèmes avec leurs clés SSH ou leurs configurations locales. - L'incident a souligné les défis liés à la dépendance aux services centralisés, suscitant des discussions sur les avantages de l'auto-hébergement et des systèmes décentralisés. - Bien que le problème ait été résolu, il a mis en lumière des préoccupations concernant la fiabilité de GitHub et les risques de dépendre de plateformes tierces pour des tâches essentielles. + +## [ZFS 2.3 publié avec l'expansion ZFS raidz](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 a été publié, introduisant des fonctionnalités significatives telles que l'expansion RAIDZ, la déduplication rapide, l'entrée/sortie directe, la sortie JSON et la prise en charge des noms de fichiers longs. - La version inclut des corrections de bugs essentielles et des améliorations de performance, compatible avec les noyaux Linux 4.18 - 6.12 et les versions FreeBSD 13.3, 14.0 - 14.2. - La mise à jour est le fruit d'un effort collaboratif de 134 contributeurs, avec une documentation complète et un journal des modifications disponibles pour consultation. + +### [Réactions](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 a été publié, introduisant des fonctionnalités telles que l'expansion RAIDZ, la déduplication rapide, l'IO direct, la sortie JSON et la prise en charge des noms de fichiers longs. - L'expansion RAIDZ est particulièrement remarquable car elle permet aux utilisateurs d'ajouter de nouveaux dispositifs à un pool RAIDZ existant sans temps d'arrêt, augmentant ainsi la capacité de stockage. - La version est considérée comme une avancée significative pour les utilisateurs de ZFS, établissant des comparaisons avec d'autres systèmes de fichiers comme Btrfs et Windows Storage Spaces, malgré certaines limitations comme l'incapacité de réduire les pools. + +## [Webtop – Conteneurs Alpine, Ubuntu, Fedora et Arch contenant des environnements de bureau complets](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop propose des conteneurs basés sur Alpine, Ubuntu, Fedora et Arch avec des environnements de bureau complets accessibles via des navigateurs web, prenant en charge les architectures x86-64 et arm64. +- Les utilisateurs peuvent choisir parmi divers environnements de bureau tels que XFCE, KDE, MATE, i3, Openbox et IceWM en utilisant des balises d'image spécifiques, et accéder au Webtop via des URL désignées. +- Les fonctionnalités de sécurité incluent l'option seccomp de Docker et la configuration d'authentification, avec des options de personnalisation disponibles via des variables d'environnement, ainsi que la prise en charge de l'accélération GPU avec des pilotes open-source. + +### [Réactions](https://news.ycombinator.com/item?id=42690983) + +- Webtop fournit des conteneurs avec des environnements de bureau complets pour Alpine, Ubuntu, Fedora et Arch, adaptés pour des configurations rapides derrière un VPN. +- Les utilisateurs louent Webtop pour sa rapidité et sa facilité d'utilisation, en particulier lorsqu'il est utilisé avec le conteneur Gluetun pour des connexions sécurisées, mais mettent en garde contre l'exposition des conteneurs à Internet sans mesures de sécurité en raison de l'absence d'authentification par défaut. +- Le projet est apprécié pour être open-source et flexible, avec des utilisateurs partageant des configurations, et des alternatives comme Kasm et Selkies sont notées pour des objectifs similaires. + +## [1 offre d'emploi en ligne sur 5 est soit fausse, soit jamais pourvue, selon une étude](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- Une étude récente indique que 20 % des offres d'emploi en ligne sont soit fausses, soit restent non pourvues, ce qui ajoute à la frustration des chercheurs d'emploi. - Cette tendance des "emplois fantômes" pourrait être une tactique pour les entreprises de projeter une image de croissance. - Des plateformes d'emploi telles que Greenhouse et LinkedIn ont introduit des services de vérification des offres d'emploi pour aider les utilisateurs à identifier les opportunités d'emploi authentiques. + +### [Réactions](https://news.ycombinator.com/item?id=42697783) + +- Une étude révèle que 20 % des offres d'emploi en ligne sont soit fausses, soit restent non pourvues, souvent parce que les entreprises doivent se conformer aux politiques d'immigration des États-Unis. - Les entreprises peuvent également laisser des offres d'emploi en ligne pour trouver des candidats idéaux, modifier les exigences ou avoir des candidats internes pré-sélectionnés. - Le marché du travail est difficile pour les candidats, qui rencontrent fréquemment des disparitions et des rejets automatisés, ce qui incite à demander une intervention réglementaire. + +## [Rendre une intersection dangereuse pour les piétons afin de gagner quelques secondes pour les conducteurs](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Réactions](https://news.ycombinator.com/item?id=42698557) + +- Le débat porte sur la question de savoir si les intersections doivent privilégier la sécurité des piétons ou l'efficacité des conducteurs, certains préférant les intersections contrôlées par des feux et les carrefours piétons aux arrêts à 4 voies. +- Les opinions divergent sur les lois de la circulation et la conception des infrastructures, avec des discussions sur la sécurité du passage piéton en dehors des clous et les risques associés aux virages à droite au feu rouge. +- Certains préconisent des solutions alternatives comme les ronds-points ou l'adoption des normes d'ingénierie de la circulation néerlandaises pour améliorer à la fois la sécurité et l'efficacité. + +## [PostgreSQL est le système de gestion de base de données de l'année 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL a été désigné SGBD de l'année 2024 par DB-Engines, obtenant cette reconnaissance pour la cinquième fois, surpassant 423 autres systèmes de gestion de bases de données. +- PostgreSQL, avec une histoire s'étendant sur près de 35 ans, continue d'innover, comme en témoignent les récentes améliorations de PostgreSQL 17, sorti en septembre 2024. +- Snowflake et Microsoft ont respectivement obtenu les deuxième et troisième places, Snowflake étant reconnu pour son entrepôt de données basé sur le cloud et son support multi-cloud, tandis que Microsoft propose des bases de données relationnelles gérées robustes via Azure SQL Database et SQL Server. + +### [Réactions](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL a été désigné Système de Gestion de Base de Données de l'année 2024 par db-engines.com, soulignant sa popularité croissante et sa reconnaissance dans l'industrie. +- Les utilisateurs envisagent de passer de Microsoft SQL Server à PostgreSQL en raison des coûts de licence élevés et des limitations de ressources, malgré les défis potentiels de migration. +- PostgreSQL est prisé pour ses fonctionnalités robustes et son rapport coût-efficacité, ce qui en fait un choix privilégié pour les projets futurs, bien que certains utilisateurs explorent des alternatives comme Babelfish pour réduire les coûts. + +## [Le système de connexion OAuth de Google ne protège pas contre l'achat d'un domaine d'une startup échouée.](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Réactions](https://news.ycombinator.com/item?id=42699099) + +- Le débat met en lumière une vulnérabilité dans le système de connexion OAuth de Google lorsqu'un domaine d'une startup échouée est acquis par un nouveau propriétaire, ce qui pourrait potentiellement permettre un accès non autorisé aux services. +- Ce problème survient parce que Google peut ne pas faire la distinction entre les propriétaires de domaine d'origine et les nouveaux, ce qui affecte tout système utilisant l'authentification basée sur le domaine. +- Une solution proposée consiste à utiliser des identifiants uniques qui restent constants dans le temps, bien que la mise en œuvre de cette solution varie selon les fournisseurs d'identité. + +## [Utiliser des compétences en codage pour générer des revenus passifs](https://www.coryzue.com/writing/solopreneur/) + +- L'auteur est passé d'un rôle de CTO à celui de solopreneur, réussissant à gagner plus grâce à un portefeuille de produits logiciels. +- Les stratégies clés incluent la concentration sur un travail en profondeur, le démarrage avec de petits projets, l'itération rapide et la dédication de temps aux efforts de marketing. +- Le voyage met l'accent sur la résilience face aux incertitudes, mais souligne l'autonomie et la liberté inégalées de cette voie professionnelle, encourageant ceux qui possèdent des compétences en codage à la considérer pour un revenu passif. + +### [Réactions](https://news.ycombinator.com/item?id=42696822) + +- Un utilisateur a décrit la génération de revenus passifs grâce à des sites web de spam SEO utilisant des noms de domaine expirants, gagnant environ 30 000 $ par an, malgré des préoccupations éthiques et la répression éventuelle de Google. +- Le message a suscité un débat sur le revenu passif, certains utilisateurs soutenant qu'il s'apparente davantage à la gestion d'une entreprise qu'à des gains véritablement passifs. +- Les participants ont partagé des expériences et des défis dans des projets parallèles, soulignant l'importance du temps, de la résilience et de la planification stratégique. + +## [Espagne propose une taxe de 100 % sur les maisons achetées par des résidents non-UE](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Espagne envisage une taxe de 100 % sur les achats immobiliers par des résidents non-UE, visant à résoudre la crise du logement et à freiner les achats spéculatifs. +- Le projet du Premier ministre Pedro Sánchez comprend l'expansion du logement social et la régulation des locations touristiques pour s'attaquer à la disparité entre les prix du logement et les revenus. +- Le futur de la proposition en tant que loi est incertain, certains analystes la considérant comme un frein pour les investisseurs étrangers plutôt qu'un changement législatif garanti. + +### [Réactions](https://news.ycombinator.com/item?id=42690781) + +- Espagne envisage une taxe de 100 % sur les maisons achetées par des résidents non-UE pour résoudre les problèmes d'accessibilité au logement. - Les critiques suggèrent que les acheteurs étrangers ne sont pas la principale cause des prix élevés de l'immobilier, citant la lenteur de la bureaucratie et les lois de zonage comme des facteurs plus significatifs. - La proposition a déclenché un débat sur le rôle de la propriété étrangère dans les marchés immobiliers et son efficacité à résoudre les problèmes d'accessibilité. + +## [Apple recevra bientôt des puces 'fabriquées en Amérique' de l'usine de TSMC en Arizona](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple teste des processeurs provenant de l'usine de TSMC en Arizona, avec des plans pour une production de masse d'ici le premier trimestre, devenant potentiellement le premier client américain de TSMC pour des puces fabriquées localement. - Cette initiative vise à renforcer l'indépendance en silicium des États-Unis, réduisant la dépendance vis-à-vis de Taïwan, qui est vulnérable aux risques géopolitiques et naturels. - L'usine de TSMC en Arizona est prête à produire des puces avancées de 3 nm et 2 nm, avec des efforts continus pour améliorer le recrutement local et les partenariats avec les universités américaines, bien que l'emballage se fasse initialement à Taïwan jusqu'à ce que l'installation de Peoria soit opérationnelle. + +### [Réactions](https://news.ycombinator.com/item?id=42699977) + +- Apple recevra des puces de l'usine de TSMC en Arizona, mais elles doivent être renvoyées à Taïwan pour l'emballage en raison de l'insuffisance des installations aux États-Unis. - Plus de 50 % de la main-d'œuvre de l'usine de l'Arizona provient de Taïwan, ce qui indique un écart dans le domaine STEM (Science, Technologie, Ingénierie et Mathématiques) aux États-Unis. - L'initiative du CHIPS Act, visant à améliorer la fabrication de semi-conducteurs aux États-Unis, fait face à des défis alors que le label "Made in America" est remis en question en raison du processus d'emballage se déroulant à Taïwan, avec des plans pour des capacités d'emballage aux États-Unis d'ici 2027. + +## [43 000 conducteurs de moins sur les routes de Manhattan après l'activation du péage de congestion](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Après la mise en œuvre de la tarification de congestion, il y a eu une réduction de 7,5 % du nombre de conducteurs entrant à Manhattan au-dessous de la 60e rue, ce qui équivaut à 43 000 conducteurs de moins chaque jour de semaine. +- La réduction du trafic a amélioré la fluidité de la circulation et augmenté la vitesse des bus, certains bus express connaissant une augmentation du nombre de passagers. +- Le Metropolitan Transportation Authority (MTA) utilise les recettes des péages, estimées à 500 millions de dollars par an, pour des améliorations du transport en commun, malgré une certaine opposition politique. + +### [Réactions](https://news.ycombinator.com/item?id=42692730) + +- La mise en œuvre de la tarification de la congestion à Manhattan a entraîné 43 000 conducteurs de moins, ce qui a conduit à une augmentation de la vitesse des bus et potentiellement à de meilleurs temps de réponse des services d'urgence. +- Cette politique est conçue pour réduire la congestion du trafic et améliorer la qualité de l'air, bien qu'elle ait suscité un débat sur son impact sur les personnes à faible revenu. +- Les partisans soutiennent que les avantages incluent un transport en commun plus efficace et un air plus pur, tandis que les discussions se poursuivent sur l'équilibre entre ces avantages et les besoins des conducteurs. + + + + + + diff --git a/i18n/he/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/he/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..4bc00586c --- /dev/null +++ b/i18n/he/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [חוקר אבטחה של Snyk מפרסם חבילות NPM זדוניות המכוונות ל-cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- חוקר אבטחה של Snyk שחרר חבילות NPM זדוניות המכוונות ל-Cursor.com, חברת קידוד מבוססת בינה מלאכותית, כדי לאסוף נתוני מערכת ולשלוח אותם לשירות בשליטת תוקף. +- החבילות, שזוהו כ-"cursor-retrieval", "cursor-always-local", ו-"cursor-shadow-workspace", סומנו על ידי סורק ניתוח החבילות של OpenSSF, מה שהוביל להמלצות MAL-2025-27, MAL-2025-28, ו-MAL-2025-29. +- תקלה זו מדגישה את החשיבות של בדיקת חבילות NPM לפני ההתקנה כדי להימנע מאיומי אבטחה פוטנציאליים. + +### [תגובות](https://news.ycombinator.com/item?id=42690473) + +- חוקר אבטחה של Snyk שחרר חבילות NPM (מנהל חבילות Node) זדוניות המכוונות ל-cursor.com, והדגיש פגיעויות של בלבול תלות. - האירוע עורר דיון על האתיקה של מחקר אבטחה, במיוחד בנוגע לחשיפה ציבורית של משתני סביבה. - cursor.com הבהירו שהם לא אישרו את הפעולה, ו-Snyk התנצל מאז, מה שמדגיש את האתגרים באיזון בין מחקר אבטחה התקפי לסטנדרטים אתיים. + +## [עברתי לפיירפוקס ולעולם לא הבטתי לאחור](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- פיירפוקס זוכה לשבחים על ניהול הלשוניות המעולה שלו, תכונת Pocket המובנית לשמירת קישורים, ושירות דואר אלקטרוני ממוקד פרטיות, מה שהופך אותו לחלופה חזקה לכרום. - תכונות נוספות כמו כלי צילום מסך ידידותי למשתמש, כפתור ChatGPT, תמונה בתוך תמונה, אפשרויות חיפוש מותאמות אישית וגלילה חלקה משפרות את חוויית הגלישה. - למרות שפיירפוקס חסר את תכונת האפליקציות האינטרנטיות של כרום, העיצוב המחושב שלו והדרישות המופחתות למשאבים הופכים אותו לבחירה מועדפת עבור חלק מהמשתמשים. + +### [תגובות](https://news.ycombinator.com/item?id=42696081) + +- משתמשי פיירפוקס מתמודדים עם אתגרים מפלטפורמות כמו יוטיוב, שעשויות להרע בכוונה את החוויה עבור דפדפנים שאינם של גוגל או משתמשים המשתמשים בחוסמי פרסומות. מגמה זו מעוררת דאגות לגבי האוטונומיה של המשתמש, שכן היא מענישה את אלו הבוחרים בחוויית אינטרנט ללא פרסומות וללא מעקב. פיירפוקס מציעה תכונות ייחודיות, כמו כרטיסיות מכולה, המשפרות את הפרטיות והשימושיות, מה שהופך אותה לבחירה מועדפת עבור משתמשים המחפשים עצמאות מדפדפנים הנשלטים על ידי תאגידים גדולים. + +## [מנכ"ל סונוס מתפטר לאחר תקרית עדכון האפליקציה](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [תגובות](https://news.ycombinator.com/item?id=42687932) + +- המנכ"ל של סונוס התפטר בעקבות עדכון אפליקציה שנוי במחלוקת שדרש מהמשתמשים להחליף מערכות קול יקרות, מה שגרם לאי שביעות רצון בקרב הלקוחות. - העדכון הציג מערכת מבוססת ענן, שהתרחקה מהמערכת האמינה Universal Plug and Play (UPnP), מה שהוביל לבעיות קישוריות והגברת המורכבות. - מצב זה מדגיש את הקונפליקט בין אסטרטגיות עסקיות לבין שמירה על אמון הלקוחות, כאשר המנכ"ל עובר לתפקיד ייעוץ עם חבילת פיצויים. + +## [בבטנו של מרביסט](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [תגובות](https://news.ycombinator.com/item?id=42696691) + +- המאמר בוחן כיצד האלגוריתם של יוטיוב משפיע על יצירת תוכן, תוך שימוש במר ביסט כמקרה בוחן, ומדגיש מעבר לתוכן מונע מעורבות במקום תוכן משמעותי. - הוא דן בהשלכות הרחבות יותר על אוריינות מדיה וההשפעה התרבותית של פלטפורמות כמו יוטיוב וטיקטוק, ומציע מגמה לעבר תוכן שטחי ותגובתי. - נבחנות פרספקטיבות שונות על תפקידם של אלגוריתמים בעיצוב תוכן ועל השפעתם של יוצרים פופולריים על נורמות תרבותיות. + +## [פעולות Git ב-GitHub מושבתות](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub חוותה הפסקת פעילות של פעולות Git ב-13 בינואר 2025, עקב שינוי תצורה שהשפיע על מאזן העומסים הפנימי, שנמשך מ-23:35 עד 00:24 לפי זמן UTC. - הבעיה נפתרה על ידי החזרת שינוי התצורה, ו-GitHub עובדת על שיפור תהליכי הניטור והפריסה כדי למנוע תקריות דומות. - ההפסקה השפיעה גם על שירותי Actions ו-Pages של GitHub, מה שמדגיש את האופי המקושר של שירותי הפלטפורמה שלהם. + +### [תגובות](https://news.ycombinator.com/item?id=42691184) + +- GitHub חוותה תקלה משמעותית שהשפיעה על פעולות git, מה שגרם לבלבול בקרב מפתחים שחשדו בתחילה בבעיות עם מפתחות ה-SSH שלהם או בהגדרות המקומיות. - האירוע הדגיש את האתגרים שבסמיכה על שירותים מרכזיים, והוביל לדיונים על היתרונות של אירוח עצמי ומערכות מבוזרות. - למרות שהבעיה נפתרה, היא הדגישה חששות לגבי האמינות של GitHub והסיכונים שבסמיכה על פלטפורמות צד שלישי למשימות חיוניות. + +## [זמן שחרור ZFS 2.3 עם הרחבת ZFS raidz](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 שוחרר, ומציג תכונות משמעותיות כמו הרחבת RAIDZ, דה-דופליקציה מהירה, קלט/פלט ישיר, פלט JSON ותמיכה בשמות קבצים ארוכים. - השחרור כולל תיקוני באגים חיוניים ושיפורי ביצועים, תואם לליבות לינוקס 4.18 - 6.12 וגרסאות FreeBSD 13.3, 14.0 - 14.2. - העדכון הוא מאמץ שיתופי של 134 תורמים, עם תיעוד מקיף ורשימת שינויים זמינים לעיון. + +### [תגובות](https://news.ycombinator.com/item?id=42694596) + +- זי.אף.אס 2.3 שוחרר, ומציג תכונות כמו הרחבת RAIDZ, דה-דופליקציה מהירה, קלט/פלט ישיר, פלט JSON ותמיכה בשמות קבצים ארוכים. - הרחבת RAIDZ היא במיוחד בולטת מכיוון שהיא מאפשרת למשתמשים להוסיף התקנים חדשים לבריכת RAIDZ קיימת ללא זמן השבתה, מה שמגביר את קיבולת האחסון. - השחרור נחשב להתקדמות משמעותית עבור משתמשי זי.אף.אס, ומושווה למערכות קבצים אחרות כמו Btrfs ו-Windows Storage Spaces, למרות מגבלות מסוימות כמו חוסר היכולת להקטין בריכות. + +## [Webtop – מכולות של Alpine, Ubuntu, Fedora ו-Arch המכילות סביבות שולחן עבודה מלאות](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop מספק מכולות המבוססות על Alpine, Ubuntu, Fedora ו-Arch עם סביבות שולחן עבודה מלאות הנגישות דרך דפדפני אינטרנט, ותומכות בארכיטקטורות x86-64 ו-arm64. +- משתמשים יכולים לבחור מתוך סביבות שולחן עבודה שונות כמו XFCE, KDE, MATE, i3, Openbox, ו-IceWM על ידי שימוש בתגי תמונה ספציפיים, ולגשת ל-Webtop דרך כתובות URL ייעודיות. +- מאפייני האבטחה כוללים את אפשרות ה-seccomp של Docker והגדרת אימות, עם אפשרויות התאמה אישית זמינות דרך משתני סביבה, ותמיכה בהאצת GPU עם מנהלי התקנים בקוד פתוח. + +### [תגובות](https://news.ycombinator.com/item?id=42690983) + +- Webtop מספקת מכולות עם סביבות שולחן עבודה מלאות עבור Alpine, Ubuntu, Fedora ו-Arch, המתאימות להתקנות מהירות מאחורי VPN. +- משתמשים משבחים את Webtop על מהירותו וקלות השימוש בו, במיוחד כאשר משתמשים בו עם מיכל Gluetun לחיבורים מאובטחים, אך מזהירים מפני חשיפת מיכלים לאינטרנט ללא אמצעי אבטחה בשל היעדר אימות ברירת מחדל. +- הפרויקט מוערך על היותו קוד פתוח וגמיש, כאשר משתמשים משתפים תצורות, ואלטרנטיבות כמו Kasm ו-Selkies נחשבות למטרות דומות. + +## [מחקר מגלה כי 1 מתוך 5 מודעות דרושים באינטרנט הן מזויפות או שלא מתמלאות לעולם](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- מחקר עדכני מצביע על כך ש-20% מהמשרות המפורסמות באינטרנט הן או מזויפות או נשארות לא מאוישות, מה שמוסיף לתסכול של מחפשי העבודה. - מגמת "משרות רפאים" זו עשויה להיות טקטיקה של חברות להציג תדמית של צמיחה. - פלטפורמות עבודה כמו Greenhouse ו-LinkedIn הציגו שירותי אימות משרות כדי לסייע למשתמשים בזיהוי הזדמנויות עבודה אמיתיות. + +### [תגובות](https://news.ycombinator.com/item?id=42697783) + +- מחקר מגלה כי 20% מהמשרות המפורסמות באינטרנט הן מזויפות או נשארות לא מאוישות, לעיתים קרובות בגלל שחברות צריכות לעמוד במדיניות ההגירה של ארה"ב. - חברות עשויות גם להשאיר משרות פנויות כדי למצוא מועמדים אידיאליים, לשנות דרישות, או שיש להן מועמדים פנימיים שנבחרו מראש. - שוק העבודה קשה למועמדים, אשר נתקלים לעיתים קרובות בהיעלמות תקשורת ודחיות אוטומטיות, מה שמעורר קריאות להתערבות רגולטורית. + +## [להפוך צומת ללא בטוחה להולכי רגל כדי לחסוך שניות לנהגים](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [תגובות](https://news.ycombinator.com/item?id=42698557) + +- הדיון מתמקד בשאלה האם צמתים צריכים להעדיף את בטיחות הולכי הרגל או את יעילות הנהגים, כאשר יש המעדיפים צמתים עם רמזורים ומעברי חצייה מרובי כיוונים על פני צמתים עם עצירה בארבעה כיוונים. +- יש דעות שונות לגבי חוקי התנועה ועיצוב התשתיות, עם דיונים על בטיחות חציית כביש שלא במעבר חציה והסיכונים הקשורים לפניות ימינה באור אדום. +- ישנם כאלה שממליצים על פתרונות חלופיים כמו כיכרות או אימוץ תקני הנדסת תנועה הולנדיים כדי לשפר הן את הבטיחות והן את היעילות. + +## [PostgreSQL היא מערכת ניהול מסדי הנתונים של השנה 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL זכתה בתואר מערכת ניהול בסיסי נתונים של השנה 2024 על ידי DB-Engines, וזוהי הפעם החמישית שהיא זוכה בהכרה זו, כשהיא עוקפת 423 מערכות ניהול בסיסי נתונים אחרות. +- PostgreSQL, עם היסטוריה המשתרעת על פני כמעט 35 שנים, ממשיך לחדש, כפי שניתן לראות בשיפורים האחרונים של PostgreSQL 17, ששוחרר בספטמבר 2024. +- סנופלייק ומיקרוסופט תפסו את המקומות השני והשלישי, בהתאמה, כאשר סנופלייק נודעה בזכות מחסני הנתונים מבוססי הענן שלה ותמיכה בריבוי עננים, בעוד שמיקרוסופט מציעה מסדי נתונים יחסיים מנוהלים חזקים דרך Azure SQL Database ו-SQL Server. + +### [תגובות](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL זכתה בתואר מערכת ניהול מסדי הנתונים של השנה 2024 על ידי db-engines.com, מה שמדגיש את הפופולריות וההכרה הגוברת שלה בתעשייה. +- משתמשים שוקלים לעבור מ-Microsoft SQL Server ל-PostgreSQL בשל עלויות רישוי גבוהות ומגבלות משאבים, למרות אתגרי ההגירה הפוטנציאליים. +- PostgreSQL מועדף בשל התכונות החזקות והעלות-תועלת שלו, מה שהופך אותו לבחירה מועדפת לפרויקטים עתידיים, אם כי חלק מהמשתמשים בוחנים חלופות כמו Babelfish כדי להפחית עלויות. + +## [כניסת OAuth של גוגל לא מגנה מפני רכישת דומיין של סטארטאפ שנכשל](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [תגובות](https://news.ycombinator.com/item?id=42699099) + +- הדיון מדגיש פגיעות במערכת ההתחברות של OAuth של גוגל כאשר הדומיין של סטארטאפ שנכשל נרכש על ידי בעלים חדש, מה שעשוי לאפשר גישה לא מורשית לשירותים. +- בעיה זו מתעוררת מכיוון שגוגל עשויה לא להבחין בין הבעלים המקוריים של הדומיין לבין הבעלים החדשים, מה שמשפיע על כל מערכת שמשתמשת באימות מבוסס דומיין. +- פתרון מוצע הוא להשתמש במזהים ייחודיים שנשארים קבועים לאורך זמן, אם כי יישום הפתרון הזה משתנה בין ספקי הזהות. + +## [להשתמש בכישורי תכנות כדי להרוויח הכנסה פסיבית](https://www.coryzue.com/writing/solopreneur/) + +- המחבר עבר מתפקיד של CTO ליזם עצמאי, והצליח להרוויח יותר באמצעות פורטפוליו של מוצרי תוכנה. +- אסטרטגיות מפתח כוללות התמקדות בעבודה מעמיקה, התחלה עם פרויקטים קטנים, חזרה מהירה והקדשת זמן למאמצי שיווק. +- המסע מדגיש חוסן עקב אי ודאויות, אך מדגיש את האוטונומיה והחופש הבלתי משתווים של מסלול קריירה זה, ומעודד את אלו עם כישורי קידוד לשקול אותו כהכנסה פסיבית. + +### [תגובות](https://news.ycombinator.com/item?id=42696822) + +- משתמש תיאר יצירת הכנסה פסיבית באמצעות אתרי ספאם של SEO תוך שימוש בשמות דומיין שפג תוקפם, והרוויח כ-30,000 דולר בשנה, למרות חששות אתיים והמאבק של גוגל בתופעה בסופו של דבר. +- הפוסט עורר דיון על הכנסה פסיבית, כאשר חלק מהמשתמשים טוענים שזה דומה יותר לניהול עסק מאשר לרווחים פסיביים באמת. +- משתתפים שיתפו חוויות ואתגרים בפרויקטים צדדיים, והדגישו את החשיבות של זמן, חוסן ותכנון אסטרטגי. + +## [ספרד מציעה מס של 100% על בתים שנרכשים על ידי תושבים שאינם מהאיחוד האירופי](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- ספרד שוקלת להטיל מס של 100% על רכישות נדל"ן על ידי תושבים שאינם מהאיחוד האירופי, במטרה להתמודד עם משבר הדיור ולרסן רכישות ספקולטיביות. +- ראש הממשלה פדרו סאנצ'ס מציע להרחיב את הדיור הציבורי ולווסת את השכרת הדירות לתיירים כדי להתמודד עם הפער בין מחירי הדיור להכנסות. +- העתיד של ההצעה כחוק אינו ודאי, כאשר חלק מהאנליסטים רואים בה כהרתעה למשקיעים זרים ולא כשינוי חקיקתי מובטח. + +### [תגובות](https://news.ycombinator.com/item?id=42690781) + +- ספרד שוקלת להטיל מס של 100% על בתים שנרכשים על ידי תושבים שאינם מהאיחוד האירופי כדי להתמודד עם בעיות נגישות לדיור. - מבקרים טוענים כי קונים זרים אינם הגורם העיקרי למחירי הדיור הגבוהים, ומציינים את הבירוקרטיה האיטית וחוקי התכנון כגורמים משמעותיים יותר. - ההצעה הציתה דיון על תפקיד הבעלות הזרה בשוקי הדיור ועל יעילותה בפתרון בעיות הנגישות. + +## [בהקדם אפל תקבל שבבים 'תוצרת אמריקה' ממפעל TSMC באריזונה](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple בוחנת מעבדים ממתקן אריזונה של TSMC, עם תוכניות לייצור המוני עד הרבעון הראשון, וייתכן שתהפוך ללקוח האמריקאי הראשון של TSMC לשבבים המיוצרים מקומית. - יוזמה זו נועדה לחזק את העצמאות הסיליקונית של ארה"ב, ולהפחית את התלות בטייוואן, שהיא פגיעה לסיכונים גיאופוליטיים וטבעיים. - המפעל של TSMC באריזונה מתוכנן לייצר שבבים מתקדמים בגודל 3 ננומטר ו-2 ננומטר, עם מאמצים מתמשכים לשיפור הגיוס המקומי ושיתופי פעולה עם אוניברסיטאות בארה"ב, אם כי האריזה תתבצע בתחילה בטייוואן עד שהמתקן בפאוריה יהיה פעיל. + +### [תגובות](https://news.ycombinator.com/item?id=42699977) + +- Apple תקבל שבבים ממפעל TSMC באריזונה, אך יש לשלוח אותם בחזרה לטייוואן לאריזה בשל מחסור במתקנים בארה"ב. - מעל 50% מכוח העבודה במפעל באריזונה מגיע מטייוואן, מה שמצביע על פער בתחום ה-STEM (מדע, טכנולוגיה, הנדסה ומתמטיקה) בארה"ב. - יוזמת חוק השבבים, שמטרתה לשפר את ייצור השבבים בארה"ב, מתמודדת עם אתגרים כאשר תווית "תוצרת אמריקה" מוטלת בספק בשל תהליך האריזה המתרחש בטייוואן, עם תוכניות ליכולות אריזה בארה"ב עד 2027. + +## [43 אלף נהגים פחות בכבישי מנהטן לאחר הפעלת תמחור גודש](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- לאחר יישום תמחור העומס, חלה ירידה של 7.5% במספר הנהגים הנכנסים למנהטן מתחת לרחוב ה-60, מה שמתורגם ל-43,000 נהגים פחות בכל יום חול. +- הירידה בתנועה שיפרה את זרימת התנועה והעלתה את מהירות האוטובוסים, כאשר חלק מהאוטובוסים המהירים חווים עלייה במספר הנוסעים. +- הרשות המטרופולינית לתחבורה (MTA) משתמשת בהכנסות מאגרות, המוערכות בכ-500 מיליון דולר בשנה, לשיפור התחבורה, למרות התנגדות פוליטית מסוימת. + +### [תגובות](https://news.ycombinator.com/item?id=42692730) + +- היישום של תמחור גודש במנהטן הביא ל-43,000 נהגים פחות, מה שהוביל להאצת מהירות האוטובוסים וייתכן שגם לשיפור בזמני התגובה של שירותי החירום. +- המדיניות נועדה להפחית את עומסי התנועה ולשפר את איכות האוויר, אם כי היא עוררה ויכוח על השפעתה על אנשים בעלי הכנסה נמוכה יותר. +- תומכים טוענים כי היתרונות כוללים תחבורה ציבורית יעילה יותר ואוויר נקי יותר, בעוד שהדיונים נמשכים על איזון יתרונות אלו עם צרכי הנהגים. + + + + + + diff --git a/i18n/hi/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/hi/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..159780f0e --- /dev/null +++ b/i18n/hi/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [स्नाइक सुरक्षा शोधकर्ता ने कर्सर.कॉम को लक्षित करते हुए दुर्भावनापूर्ण एनपीएम पैकेज तैनात किए।](https://sourcecodered.com/snyk-malicious-npm-package/) + +- एक Snyk सुरक्षा शोधकर्ता ने Cursor.com, एक AI कोडिंग कंपनी, को लक्षित करते हुए दुर्भावनापूर्ण NPM पैकेज जारी किए, ताकि सिस्टम डेटा एकत्र किया जा सके और इसे हमलावर-नियंत्रित सेवा पर भेजा जा सके। +- पैकेजों को "कर्सर-रिट्रीवल," "कर्सर-ऑलवेज-लोकल," और "कर्सर-शैडो-वर्कस्पेस" के रूप में पहचाना गया, जिन्हें OpenSSF पैकेज विश्लेषण स्कैनर द्वारा चिह्नित किया गया, जिसके परिणामस्वरूप परामर्श MAL-2025-27, MAL-2025-28, और MAL-2025-29 जारी किए गए। +- यह घटना संभावित सुरक्षा खतरों से बचने के लिए स्थापना से पहले NPM पैकेजों की जांच करने के महत्व को उजागर करती है। + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42690473) + +- एक Snyk सुरक्षा शोधकर्ता ने cursor.com को लक्षित करते हुए हानिकारक NPM (नोड पैकेज मैनेजर) पैकेज जारी किए, जो निर्भरता भ्रम कमजोरियों को उजागर करते हैं। - इस घटना ने सुरक्षा अनुसंधान की नैतिकता पर बहस छेड़ दी है, विशेष रूप से पर्यावरण वेरिएबल्स के सार्वजनिक प्रदर्शन के संबंध में। - Cursor.com ने स्पष्ट किया कि उन्होंने इस कार्रवाई को अधिकृत नहीं किया था, और Snyk ने इसके बाद माफी मांगी है, जो आक्रामक सुरक्षा अनुसंधान को नैतिक मानकों के साथ संतुलित करने की चुनौतियों को रेखांकित करता है। + +## [मैंने फ़ायरफ़ॉक्स पर स्विच किया और फिर कभी पीछे मुड़कर नहीं देखा](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- फायरफॉक्स को इसके उत्कृष्ट टैब प्रबंधन, लिंक सहेजने के लिए अंतर्निहित पॉकेट फीचर, और गोपनीयता-केंद्रित ईमेल रिले के लिए सराहा जाता है, जो इसे क्रोम का एक मजबूत विकल्प बनाता है। - उपयोगकर्ता के अनुकूल स्क्रीनशॉट टूल, एक चैटजीपीटी बटन, पिक्चर-इन-पिक्चर, अनुकूलन योग्य खोज विकल्प, और स्मूथ स्क्रॉलिंग जैसी अतिरिक्त विशेषताएं ब्राउज़िंग अनुभव को बेहतर बनाती हैं। - हालांकि फायरफॉक्स में क्रोम की वेब ऐप सुविधा की कमी है, लेकिन इसका विचारशील डिज़ाइन और कम संसाधन मांग इसे कुछ उपयोगकर्ताओं के लिए पसंदीदा विकल्प बनाते हैं। + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42696081) + +- फायरफॉक्स उपयोगकर्ताओं को यूट्यूब जैसे प्लेटफार्मों से चुनौतियों का सामना करना पड़ता है, जो गैर-गूगल ब्राउज़रों या विज्ञापन अवरोधकों का उपयोग करने वाले उपयोगकर्ताओं के लिए जानबूझकर अनुभव को खराब कर सकते हैं। - यह प्रवृत्ति उपयोगकर्ता स्वायत्तता के बारे में चिंताएं बढ़ाती है, क्योंकि यह उन लोगों को दंडित करती है जो विज्ञापन-मुक्त और निगरानी-मुक्त वेब अनुभव का विकल्प चुनते हैं। - फायरफॉक्स अद्वितीय विशेषताएं प्रदान करता है, जैसे कंटेनर टैब्स, जो गोपनीयता और उपयोगिता को बढ़ाते हैं, इसे प्रमुख कॉर्पोरेट-नियंत्रित ब्राउज़रों से स्वतंत्रता चाहने वाले उपयोगकर्ताओं के लिए एक पसंदीदा विकल्प बनाते हैं। + +## [सोनोस के सीईओ ने ऐप अपडेट विवाद के बाद इस्तीफा दिया](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42687932) + +- सोनोस के सीईओ ने इस्तीफा दे दिया है, एक विवादास्पद ऐप अपडेट के बाद जिसने उपयोगकर्ताओं को महंगे साउंड सिस्टम को बदलने के लिए मजबूर किया, जिससे ग्राहक असंतोष उत्पन्न हुआ। - इस अपडेट ने एक क्लाउड-आधारित सिस्टम पेश किया, जो विश्वसनीय यूनिवर्सल प्लग एंड प्ले (UPnP) से हटकर था, जिससे कनेक्टिविटी समस्याएं और जटिलता बढ़ गई। - यह स्थिति व्यापारिक रणनीतियों और ग्राहक विश्वास बनाए रखने के बीच के संघर्ष को उजागर करती है, क्योंकि सीईओ एक सलाहकार भूमिका में एक सेवरेंस पैकेज के साथ स्थानांतरित हो रहे हैं। + +## [MrBeast के पेट में](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42696691) + +- निबंध यह जांचता है कि YouTube का एल्गोरिदम सामग्री निर्माण को कैसे प्रभावित करता है, जिसमें MrBeast को एक केस स्टडी के रूप में उपयोग किया गया है, जो यह दर्शाता है कि सामग्री अब अर्थपूर्ण होने के बजाय सगाई-चालित हो रही है। - यह मीडिया साक्षरता के व्यापक प्रभावों और YouTube और TikTok जैसे प्लेटफार्मों के सांस्कृतिक प्रभाव पर चर्चा करता है, यह सुझाव देते हुए कि सामग्री सतही और प्रतिक्रियात्मक हो रही है। - सामग्री को आकार देने में एल्गोरिदम की भूमिका और सांस्कृतिक मानदंडों पर लोकप्रिय निर्माताओं के प्रभाव पर विभिन्न दृष्टिकोणों पर विचार किया गया है। + +## [GitHub गिट ऑपरेशन्स डाउन हैं](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- 13 जनवरी, 2025 को GitHub को एक Git ऑपरेशन्स आउटेज का सामना करना पड़ा, जो आंतरिक लोड बैलेंसर को प्रभावित करने वाले एक कॉन्फ़िगरेशन परिवर्तन के कारण हुआ, और यह 23:35 से 00:24 UTC तक चला। - इस समस्या को कॉन्फ़िगरेशन परिवर्तन को वापस लेकर हल किया गया, और GitHub समान घटनाओं को रोकने के लिए निगरानी और परिनियोजन प्रक्रियाओं में सुधार करने पर काम कर रहा है। - इस आउटेज ने GitHub के Actions और Pages सेवाओं को भी प्रभावित किया, जो उनके प्लेटफ़ॉर्म सेवाओं की आपस में जुड़ी प्रकृति को उजागर करता है। + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42691184) + +- GitHub को एक बड़ी रुकावट का सामना करना पड़ा, जिसने गिट ऑपरेशन्स को प्रभावित किया, जिससे डेवलपर्स के बीच भ्रम की स्थिति उत्पन्न हो गई, जिन्होंने शुरू में अपने SSH कुंजियों या स्थानीय कॉन्फ़िगरेशन्स में समस्याओं का संदेह किया। - इस घटना ने केंद्रीकृत सेवाओं पर निर्भरता की चुनौतियों को उजागर किया, जिससे स्व-होस्टिंग और विकेंद्रीकृत प्रणालियों के फायदों पर चर्चाएं शुरू हुईं। - हालांकि समस्या का समाधान हो गया, लेकिन इसने GitHub की विश्वसनीयता और आवश्यक कार्यों के लिए तृतीय-पक्ष प्लेटफार्मों पर निर्भरता के जोखिमों के बारे में चिंताओं को उजागर किया। + +## [ZFS 2.3 ज़ेडएफएस रैडज़ विस्तार के साथ जारी किया गया](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 जारी किया गया है, जिसमें RAIDZ विस्तार, फास्ट डेडुप्लिकेशन, डायरेक्ट इनपुट/आउटपुट, JSON आउटपुट और लंबे फाइल नामों के लिए समर्थन जैसी महत्वपूर्ण विशेषताएं शामिल हैं। - इस रिलीज में आवश्यक बग फिक्स और प्रदर्शन सुधार शामिल हैं, जो Linux कर्नल 4.18 - 6.12 और FreeBSD संस्करण 13.3, 14.0 - 14.2 के साथ संगत हैं। - यह अपडेट 134 योगदानकर्ताओं के सहयोगात्मक प्रयास का परिणाम है, जिसमें व्यापक दस्तावेज़ीकरण और एक परिवर्तन लॉग समीक्षा के लिए उपलब्ध है। + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 जारी किया गया है, जिसमें RAIDZ विस्तार, तेज डुप्लीकेशन, डायरेक्ट IO, JSON आउटपुट, और लंबे फाइल नामों के लिए समर्थन जैसी विशेषताएं शामिल हैं। - RAIDZ विस्तार विशेष रूप से उल्लेखनीय है क्योंकि यह उपयोगकर्ताओं को मौजूदा RAIDZ पूल में नए उपकरण जोड़ने की अनुमति देता है बिना डाउनटाइम के, जिससे भंडारण क्षमता बढ़ती है। - यह रिलीज ZFS उपयोगकर्ताओं के लिए एक महत्वपूर्ण प्रगति मानी जाती है, और इसकी तुलना Btrfs और Windows Storage Spaces जैसे अन्य फाइल सिस्टम्स के साथ की जाती है, हालांकि कुछ सीमाओं जैसे पूल को छोटा करने में असमर्थता के बावजूद। + +## [वेबटॉप – अल्पाइन, उबंटू, फेडोरा, और आर्च कंटेनर जिनमें पूर्ण डेस्कटॉप वातावरण शामिल हैं](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop अल्पाइन, उबंटू, फेडोरा, और आर्च पर आधारित कंटेनर प्रदान करता है, जो वेब ब्राउज़रों के माध्यम से पूर्ण डेस्कटॉप वातावरण तक पहुंच प्रदान करते हैं, और यह x86-64 और arm64 आर्किटेक्चर दोनों का समर्थन करता है। +- उपयोगकर्ता विशेष इमेज टैग का उपयोग करके XFCE, KDE, MATE, i3, Openbox, और IceWM जैसे विभिन्न डेस्कटॉप वातावरणों में से चयन कर सकते हैं, और निर्दिष्ट URL के माध्यम से वेबटॉप तक पहुंच सकते हैं। +- सुरक्षा विशेषताओं में Docker का seccomp विकल्प और प्रमाणीकरण सेटअप शामिल हैं, जिसमें पर्यावरण वेरिएबल्स के माध्यम से अनुकूलन विकल्प उपलब्ध हैं, और ओपन-सोर्स ड्राइवर्स के साथ GPU त्वरण के लिए समर्थन शामिल है। + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42690983) + +- वेबटॉप अल्पाइन, उबंटू, फेडोरा, और आर्च के लिए पूर्ण डेस्कटॉप वातावरण के साथ कंटेनर प्रदान करता है, जो वीपीएन के पीछे त्वरित सेटअप के लिए उपयुक्त हैं। +- उपयोगकर्ता वेबटॉप की गति और उपयोग में आसानी के लिए इसकी प्रशंसा करते हैं, विशेष रूप से ग्लूटन कंटेनर के साथ सुरक्षित कनेक्शनों के लिए उपयोग किए जाने पर, लेकिन डिफ़ॉल्ट प्रमाणीकरण की कमी के कारण सुरक्षा उपायों के बिना कंटेनरों को इंटरनेट पर उजागर करने के खिलाफ चेतावनी देते हैं। +- इस परियोजना को ओपन-सोर्स और लचीला होने के लिए महत्व दिया जाता है, जिसमें उपयोगकर्ता कॉन्फ़िगरेशन साझा करते हैं, और कास्म और सेल्की जैसे विकल्प समान उद्देश्यों के लिए उल्लेखनीय हैं। + +## [ऑनलाइन नौकरी पोस्टिंग में से 5 में से 1 या तो नकली होती है या कभी भरी नहीं जाती, अध्ययन में पाया गया।](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- हाल ही में एक अध्ययन से पता चलता है कि ऑनलाइन नौकरी पोस्टिंग में से 20% या तो नकली हैं या खाली रह जाती हैं, जिससे नौकरी खोजने वालों की निराशा बढ़ जाती है। - यह "भूत नौकरी" प्रवृत्ति कंपनियों के लिए विकास की छवि प्रस्तुत करने की एक रणनीति हो सकती है। - ग्रीनहाउस और लिंक्डइन जैसे नौकरी प्लेटफॉर्म ने उपयोगकर्ताओं को वास्तविक नौकरी के अवसरों की पहचान करने में मदद करने के लिए नौकरी सत्यापन सेवाएं शुरू की हैं। + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42697783) + +- एक अध्ययन से पता चलता है कि 20% ऑनलाइन नौकरी पोस्टिंग या तो नकली होती हैं या भरी नहीं जाती हैं, अक्सर कंपनियों को अमेरिकी आव्रजन नीतियों का पालन करने की आवश्यकता के कारण। - कंपनियां आदर्श उम्मीदवारों को खोजने, आवश्यकताओं को बदलने, या पहले से चयनित आंतरिक उम्मीदवारों के लिए नौकरी पोस्टिंग को बनाए रख सकती हैं। - नौकरी बाजार आवेदकों के लिए कठिन है, जो अक्सर घोस्टिंग और स्वचालित अस्वीकृति का सामना करते हैं, जिससे नियामक हस्तक्षेप की मांग होती है। + +## [चालकों के लिए कुछ सेकंड बचाने के लिए पैदल यात्रियों के लिए चौराहे को असुरक्षित बनाना](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42698557) + +- बहस इस बात पर केंद्रित है कि चौराहों को पैदल यात्री सुरक्षा को प्राथमिकता देनी चाहिए या ड्राइवर की दक्षता को, जिसमें कुछ लोग लाइट-नियंत्रित चौराहों और पैदल यात्री स्क्रैम्बल को 4-वे स्टॉप्स पर प्राथमिकता देते हैं। +- ट्रैफिक कानूनों और बुनियादी ढांचे के डिजाइन पर राय भिन्न होती है, जिसमें जेवॉकिंग की सुरक्षा और लाल बत्ती पर दाएं मुड़ने से जुड़े जोखिमों पर चर्चा शामिल है। +- कुछ लोग सुरक्षा और दक्षता दोनों को बढ़ाने के लिए गोल चक्कर या डच यातायात इंजीनियरिंग मानकों को अपनाने जैसे वैकल्पिक समाधानों की वकालत करते हैं। + +## [पोस्टग्रेएसक्यूएल वर्ष 2024 का डेटाबेस प्रबंधन प्रणाली है।](https://db-engines.com/en/blog_post/109) + +- पोस्टग्रेएसक्यूएल को DB-इंजिन्स द्वारा वर्ष 2024 का DBMS ऑफ द ईयर पुरस्कार दिया गया है, यह सम्मान पांचवीं बार प्राप्त करते हुए, 423 अन्य डेटाबेस प्रबंधन प्रणालियों को पीछे छोड़ दिया है। +- पोस्टग्रेएसक्यूएल, जिसकी इतिहास लगभग 35 वर्षों का है, नवाचार करना जारी रखता है, जैसा कि सितंबर 2024 में जारी किए गए पोस्टग्रेएसक्यूएल 17 के हालिया सुधारों में देखा जा सकता है। +- स्नोफ्लेक और माइक्रोसॉफ्ट ने क्रमशः दूसरे और तीसरे स्थान पर कब्जा किया, जिसमें स्नोफ्लेक को इसके क्लाउड-आधारित डेटा वेयरहाउसिंग और मल्टी-क्लाउड समर्थन के लिए जाना जाता है, जबकि माइक्रोसॉफ्ट Azure SQL डेटाबेस और SQL सर्वर के माध्यम से मजबूत प्रबंधित रिलेशनल डेटाबेस प्रदान करता है। + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42696080) + +- पोस्टग्रेएसक्यूएल को db-engines.com द्वारा वर्ष 2024 का डेटाबेस प्रबंधन प्रणाली पुरस्कार दिया गया है, जो उद्योग में इसकी बढ़ती लोकप्रियता और मान्यता को दर्शाता है। +- उपयोगकर्ता माइक्रोसॉफ्ट SQL सर्वर से PostgreSQL में स्विच करने पर विचार कर रहे हैं, उच्च लाइसेंसिंग लागत और संसाधन सीमाओं के कारण, हालांकि संभावित माइग्रेशन चुनौतियाँ हो सकती हैं। +- PostgreSQL अपनी मजबूत विशेषताओं और लागत-प्रभावशीलता के लिए पसंद किया जाता है, जिससे यह भविष्य की परियोजनाओं के लिए एक पसंदीदा विकल्प बन जाता है, हालांकि कुछ उपयोगकर्ता लागत को कम करने के लिए Babelfish जैसे विकल्पों का पता लगाते हैं। + +## [Google का OAuth लॉगिन एक असफल स्टार्टअप डोमेन की खरीद के खिलाफ सुरक्षा नहीं करता है।](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42699099) + +- चर्चा में यह उजागर किया गया है कि जब एक असफल स्टार्टअप के डोमेन को नया मालिक अधिग्रहित करता है, तो गूगल के OAuth लॉगिन सिस्टम में एक कमजोरी होती है, जो संभावित रूप से सेवाओं तक अनधिकृत पहुंच की अनुमति दे सकती है। +- यह समस्या इसलिए उत्पन्न होती है क्योंकि Google मूल और नए डोमेन मालिकों के बीच अंतर नहीं कर सकता है, जिससे किसी भी प्रणाली पर प्रभाव पड़ता है जो डोमेन-आधारित प्रमाणीकरण का उपयोग करती है। +- एक प्रस्तावित समाधान यह है कि अद्वितीय पहचानकर्ताओं का उपयोग किया जाए जो समय के साथ स्थिर रहें, हालांकि इस समाधान का कार्यान्वयन विभिन्न पहचान प्रदाताओं के बीच भिन्न होता है। + +## [कोडिंग कौशल का उपयोग करके निष्क्रिय आय अर्जित करना](https://www.coryzue.com/writing/solopreneur/) + +- लेखक ने एक सीटीओ की भूमिका से एकल उद्यमी के रूप में परिवर्तन किया, और सॉफ्टवेयर उत्पादों के पोर्टफोलियो के माध्यम से अधिक कमाई करने में सफल रहे। +- मुख्य रणनीतियों में गहन कार्य पर ध्यान केंद्रित करना, छोटे प्रोजेक्ट्स से शुरुआत करना, तेजी से पुनरावृत्ति करना, और विपणन प्रयासों के लिए समय समर्पित करना शामिल है। +- यात्रा अनिश्चितताओं के कारण सहनशीलता पर जोर देती है, लेकिन इस करियर पथ की बेजोड़ स्वायत्तता और स्वतंत्रता को उजागर करती है, जिससे कोडिंग कौशल वाले लोगों को इसे निष्क्रिय आय के लिए विचार करने के लिए प्रोत्साहित किया जाता है। + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42696822) + +- एक उपयोगकर्ता ने बताया कि उन्होंने समाप्त हो रहे डोमेन नामों का उपयोग करके एसईओ स्पैम वेबसाइटों के माध्यम से निष्क्रिय आय उत्पन्न की, जिससे वे लगभग $30,000 वार्षिक कमा रहे थे, हालांकि नैतिक चिंताओं और गूगल की अंततः कार्रवाई के बावजूद। +- इस पोस्ट ने निष्क्रिय आय पर बहस छेड़ दी, जिसमें कुछ उपयोगकर्ताओं का तर्क था कि यह वास्तव में निष्क्रिय कमाई की तुलना में एक व्यवसाय चलाने के अधिक समान है। +- प्रतिभागियों ने साइड प्रोजेक्ट्स में अनुभवों और चुनौतियों को साझा किया, जिसमें समय, धैर्य और रणनीतिक योजना की महत्ता को उजागर किया गया। + +## [स्पेन ने गैर-ईयू निवासियों द्वारा खरीदे गए घरों पर 100% कर लगाने का प्रस्ताव दिया है](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- स्पेन गैर-ईयू निवासियों द्वारा रियल एस्टेट खरीद पर 100% कर लगाने पर विचार कर रहा है, जिसका उद्देश्य आवास संकट को संबोधित करना और सट्टा खरीद को रोकना है। +- प्रधानमंत्री पेड्रो सांचेज़ का प्रस्ताव सामाजिक आवास का विस्तार करने और पर्यटक किराए को विनियमित करने को शामिल करता है ताकि आवास की कीमतों और आय के बीच असमानता को दूर किया जा सके। +- प्रस्ताव का भविष्य कानून के रूप में अनिश्चित है, कुछ विश्लेषकों का मानना है कि यह विदेशी निवेशकों के लिए एक निवारक के रूप में कार्य कर सकता है बजाय इसके कि यह एक सुनिश्चित विधायी परिवर्तन हो। + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42690781) + +- स्पेन गैर-ईयू निवासियों द्वारा खरीदे गए घरों पर 100% कर लगाने पर विचार कर रहा है ताकि आवास की वहनीयता की समस्याओं का समाधान किया जा सके। - आलोचकों का सुझाव है कि विदेशी खरीदार उच्च आवास कीमतों का मुख्य कारण नहीं हैं, बल्कि धीमी नौकरशाही और ज़ोनिंग कानून अधिक महत्वपूर्ण कारक हैं। - इस प्रस्ताव ने आवास बाजारों में विदेशी स्वामित्व की भूमिका और वहनीयता मुद्दों को हल करने में इसकी प्रभावशीलता पर बहस छेड़ दी है। + +## [एप्पल को जल्द ही टीएसएमसी के एरिज़ोना फैब से 'मेड इन अमेरिका' चिप्स प्राप्त होंगे](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- एप्पल TSMC की एरिज़ोना सुविधा से प्रोसेसर का परीक्षण कर रहा है, और पहले तिमाही तक बड़े पैमाने पर उत्पादन की योजना बना रहा है, जिससे यह TSMC का पहला अमेरिकी ग्राहक बन सकता है जो स्थानीय रूप से निर्मित चिप्स का उपयोग करेगा। - इस पहल का उद्देश्य अमेरिकी सिलिकॉन स्वतंत्रता को बढ़ावा देना है, जिससे ताइवान पर निर्भरता कम हो सके, जो भू-राजनीतिक और प्राकृतिक जोखिमों के प्रति संवेदनशील है। - TSMC की एरिज़ोना फैब उन्नत 3nm और 2nm चिप्स का उत्पादन करने के लिए तैयार है, स्थानीय भर्ती को बढ़ावा देने और अमेरिकी विश्वविद्यालयों के साथ साझेदारी के प्रयास जारी हैं, हालांकि पैकेजिंग शुरू में ताइवान में होगी जब तक कि पियोरिया सुविधा चालू नहीं हो जाती। + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42699977) + +- एप्पल को TSMC के एरिज़ोना प्लांट से चिप्स मिलेंगे, लेकिन उन्हें पैकेजिंग के लिए ताइवान वापस भेजना होगा क्योंकि अमेरिका में पर्याप्त सुविधाएं नहीं हैं। - एरिज़ोना प्लांट में 50% से अधिक कार्यबल ताइवान से है, जो अमेरिका के STEM (विज्ञान, प्रौद्योगिकी, इंजीनियरिंग, और गणित) क्षेत्र में एक अंतर को दर्शाता है। - CHIPS एक्ट पहल, जिसका उद्देश्य अमेरिका में सेमीकंडक्टर निर्माण को बढ़ावा देना है, चुनौतियों का सामना कर रही है क्योंकि "मेड इन अमेरिका" लेबल पर सवाल उठाए जा रहे हैं, क्योंकि पैकेजिंग प्रक्रिया ताइवान में हो रही है, और 2027 तक अमेरिका में पैकेजिंग क्षमताओं की योजना है। + +## [भीड़भाड़ मूल्य निर्धारण चालू होने के बाद मैनहट्टन की सड़कों पर 43 हजार कम ड्राइवर हैं।](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- भीड़भाड़ मूल्य निर्धारण लागू होने के बाद, 60वीं स्ट्रीट के नीचे मैनहट्टन में प्रवेश करने वाले ड्राइवरों में 7.5% की कमी आई, जो प्रत्येक सप्ताह के दिन 43,000 कम ड्राइवरों के बराबर है। +- यातायात में कमी ने यातायात प्रवाह में सुधार किया है और बसों की गति बढ़ाई है, जिससे कुछ एक्सप्रेस बसों में अधिक यात्री संख्या देखी गई है। +- मेट्रोपॉलिटन ट्रांसपोर्टेशन अथॉरिटी (एमटीए) कुछ राजनीतिक विरोध के बावजूद, ट्रांजिट सुधारों के लिए टोल राजस्व का उपयोग करती है, जिसकी वार्षिक अनुमानित राशि $500 मिलियन है। + +### [प्रतिक्रियाओं](https://news.ycombinator.com/item?id=42692730) + +- मैनहट्टन में भीड़भाड़ मूल्य निर्धारण के कार्यान्वयन के परिणामस्वरूप 43,000 कम ड्राइवर हो गए हैं, जिससे बस की गति में वृद्धि हुई है और संभावित रूप से आपातकालीन प्रतिक्रिया समय में सुधार हुआ है। +- यह नीति यातायात जाम को कम करने और वायु गुणवत्ता में सुधार करने के लिए बनाई गई है, हालांकि इसने निम्न-आय वाले व्यक्तियों पर इसके प्रभाव को लेकर बहस छेड़ दी है। +- समर्थकों का तर्क है कि लाभों में अधिक कुशल सार्वजनिक परिवहन और स्वच्छ हवा शामिल हैं, जबकि इन फायदों को ड्राइवरों की आवश्यकताओं के साथ संतुलित करने पर चर्चाएं जारी हैं। + + + + + + diff --git a/i18n/hu/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/hu/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..0438db372 --- /dev/null +++ b/i18n/hu/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [„A Snyk biztonsági kutató rosszindulatú NPM csomagokat telepít, amelyek a cursor.com-ot célozzák meg.”](https://sourcecodered.com/snyk-malicious-npm-package/) + +- „Egy Snyk biztonsági kutató rosszindulatú NPM csomagokat adott ki, amelyek a Cursor.com nevű AI kódoló céget célozták meg, hogy rendszert adatokat gyűjtsenek és azokat egy támadó által irányított szolgáltatásnak küldjék el.” +- „A csomagokat, amelyeket "cursor-retrieval", "cursor-always-local" és "cursor-shadow-workspace" néven azonosítottak, az OpenSSF csomagelemző szkenner jelölte meg, ami a MAL-2025-27, MAL-2025-28 és MAL-2025-29 figyelmeztetésekhez vezetett.” +- „Ez az eset rávilágít arra, hogy mennyire fontos alaposan megvizsgálni az NPM csomagokat a telepítés előtt, hogy elkerüljük a lehetséges biztonsági fenyegetéseket.” + +### [Reakciók](https://news.ycombinator.com/item?id=42690473) + +- „Egy Snyk biztonsági kutató rosszindulatú NPM (Node Package Manager) csomagokat tett közzé, amelyek a cursor.com-ot célozták meg, kiemelve a függőségi zavarok sebezhetőségeit. - Az eset vitát váltott ki a biztonsági kutatások etikájáról, különösen a környezeti változók nyilvános kitettségével kapcsolatban. - A Cursor.com tisztázta, hogy nem engedélyezték a cselekvést, és a Snyk azóta bocsánatot kért, hangsúlyozva a támadó jellegű biztonsági kutatások és az etikai normák közötti egyensúly kihívásait.” + +## [„Átváltottam a Firefoxra, és soha nem néztem vissza”](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- „A Firefoxot dicsérik a kiváló lapkezeléséért, a beépített Pocket funkcióért, amely lehetővé teszi a linkek mentését, valamint a magánéletre összpontosító e-mail továbbításért, ami erős alternatívává teszi a Chrome-mal szemben. - További funkciók, mint a felhasználóbarát képernyőkép eszköz, a ChatGPT gomb, a kép a képben mód, testreszabható keresési lehetőségek és a sima görgetés javítják a böngészési élményt. - Bár a Firefox nem rendelkezik a Chrome webalkalmazás funkciójával, átgondolt kialakítása és csökkentett erőforrásigénye miatt néhány felhasználó számára előnyben részesített választás.” + +### [Reakciók](https://news.ycombinator.com/item?id=42696081) + +- „A Firefox felhasználói kihívásokkal szembesülnek olyan platformok részéről, mint a YouTube, amely szándékosan ronthatja a nem Google böngészőket használók vagy hirdetésblokkolókat alkalmazók élményét. - Ez a tendencia aggodalmakat vet fel a felhasználói autonómiával kapcsolatban, mivel bünteti azokat, akik hirdetésmentes és megfigyelésmentes webes élményt választanak. - A Firefox egyedi funkciókat kínál, mint például a konténer lapok, amelyek növelik a magánélet védelmét és a használhatóságot, így kedvelt választás azok számára, akik függetlenedni szeretnének a nagyvállalati irányítás alatt álló böngészőktől.” + +## [„A Sonos vezérigazgatója lemond az alkalmazás frissítési fiaskója után”](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reakciók](https://news.ycombinator.com/item?id=42687932) + +- „A Sonos vezérigazgatója lemondott egy ellentmondásos alkalmazásfrissítést követően, amely arra kényszerítette a felhasználókat, hogy cseréljék le drága hangrendszereiket, ami ügyfél-elégedetlenséget okozott. - A frissítés egy felhőalapú rendszert vezetett be, eltávolodva a megbízható Universal Plug and Play (UPnP) rendszertől, ami csatlakozási problémákhoz és megnövekedett bonyolultsághoz vezetett. - Ez a helyzet rávilágít az üzleti stratégiák és az ügyfélbizalom fenntartása közötti konfliktusra, miközben a vezérigazgató tanácsadói szerepbe lép át egy végkielégítési csomaggal.” + +## [„A MrBeast gyomrában”](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reakciók](https://news.ycombinator.com/item?id=42696691) + +- „Az esszé azt vizsgálja, hogyan befolyásolja a YouTube algoritmusa a tartalomkészítést, MrBeast-et használva esettanulmányként, kiemelve az elmozdulást az elköteleződés-vezérelt, nem pedig a tartalmas tartalom felé. - Tárgyalja a médiaértés szélesebb körű következményeit és a YouTube-hoz és TikTok-hoz hasonló platformok kulturális hatását, egy felszínes és reakciós tartalom felé mutató trendet javasolva. - Különböző nézőpontokat vesz figyelembe az algoritmusok szerepéről a tartalom formálásában és a népszerű alkotók kulturális normákra gyakorolt hatásáról.” + +## [„A GitHub Git műveletei nem működnek”](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- „A GitHub 2025. január 13-án Git műveletek kiesésével szembesült egy konfigurációs változtatás miatt, amely az belső terheléselosztót érintette, és 23:35-től 00:24 UTC-ig tartott. - A problémát a konfigurációs változtatás visszavonásával oldották meg, és a GitHub azon dolgozik, hogy javítsa a monitorozási és telepítési folyamatokat, hogy megelőzze a hasonló eseteket. - A kiesés a GitHub Actions és Pages szolgáltatásait is érintette, kiemelve a platformszolgáltatásaik összekapcsolt jellegét.” + +### [Reakciók](https://news.ycombinator.com/item?id=42691184) + +- „A GitHub jelentős leállást tapasztalt, amely a git műveleteket érintette, zavart okozva a fejlesztők körében, akik kezdetben SSH kulcsaik vagy helyi konfigurációik problémáira gyanakodtak. - Az eset rávilágított a központosított szolgáltatásokra való támaszkodás kihívásaira, és ösztönözte a vitákat az önálló hosztolás és a decentralizált rendszerek előnyeiről. - Bár a problémát megoldották, felhívta a figyelmet a GitHub megbízhatóságával kapcsolatos aggodalmakra és az alapvető feladatok harmadik fél platformjaira való támaszkodásának kockázataira.” + +## [„Megjelent a ZFS 2.3 a ZFS raidz bővítéssel”](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- „Megjelent az OpenZFS 2.3.0, amely jelentős új funkciókat vezet be, mint például a RAIDZ bővítés, a gyors deduplikáció, a közvetlen bemenet/kimenet, a JSON kimenet és a hosszú fájlnevek támogatása. - A kiadás alapvető hibajavításokat és teljesítményjavításokat tartalmaz, kompatibilis a 4.18 - 6.12 Linux kernel verziókkal és a FreeBSD 13.3, 14.0 - 14.2 verzióival. - A frissítés 134 közreműködő közös munkájának eredménye, részletes dokumentációval és változásnaplóval, amely elérhető áttekintésre.” + +### [Reakciók](https://news.ycombinator.com/item?id=42694596) + +- „A ZFS 2.3 megjelent, és olyan funkciókat vezet be, mint a RAIDZ bővítés, gyors deduplikáció, közvetlen IO, JSON kimenet és a hosszú fájlnevek támogatása. - A RAIDZ bővítés különösen figyelemre méltó, mivel lehetővé teszi a felhasználók számára, hogy új eszközöket adjanak hozzá egy meglévő RAIDZ poolhoz leállás nélkül, növelve a tárolókapacitást. - A kiadást jelentős előrelépésnek tekintik a ZFS felhasználók számára, összehasonlítva más fájlrendszerekkel, mint például a Btrfs és a Windows Storage Spaces, annak ellenére, hogy vannak korlátai, mint például a poolok zsugorításának képtelensége.” + +## [„Webtop – Alpine, Ubuntu, Fedora és Arch konténerek, amelyek teljes asztali környezeteket tartalmaznak”](https://docs.linuxserver.io/images/docker-webtop/) + +- „A Linuxserver/webtop konténereket biztosít Alpine, Ubuntu, Fedora és Arch alapokon, teljes asztali környezettel, amelyek web böngészőkön keresztül érhetők el, támogatva mind az x86-64, mind az arm64 architektúrákat.” +- „A felhasználók különböző asztali környezetek közül választhatnak, mint például az XFCE, KDE, MATE, i3, Openbox és IceWM, speciális képcímkék használatával, és a Webtopot kijelölt URL-ek segítségével érhetik el.” +- „A biztonsági funkciók közé tartozik a Docker seccomp opciója és a hitelesítési beállítás, testreszabási lehetőségekkel a környezeti változókon keresztül, valamint támogatás a GPU gyorsításhoz nyílt forráskódú illesztőprogramokkal.” + +### [Reakciók](https://news.ycombinator.com/item?id=42690983) + +- „A Webtop konténereket biztosít teljes asztali környezettel Alpine, Ubuntu, Fedora és Arch rendszerekhez, amelyek alkalmasak gyors beállításokra VPN mögött.” +- „A felhasználók dicsérik a Webtop sebességét és könnyű használatát, különösen a Gluetun konténerrel való biztonságos kapcsolatok esetén, de óva intenek a konténerek internetre való kitételétől biztonsági intézkedések nélkül, mivel alapértelmezett hitelesítés hiányzik.” +- „A projektet azért értékelik, mert nyílt forráskódú és rugalmas, a felhasználók megosztják a konfigurációkat, és a Kasm és a Selkies alternatívákat hasonló célokra említik.” + +## [„Egy tanulmány szerint az online álláshirdetések közül 5-ből 1 vagy hamis, vagy soha nem töltik be.”](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- „Egy friss tanulmány szerint az online álláshirdetések 20%-a vagy hamis, vagy betöltetlen marad, ami növeli az álláskeresők frusztrációját. - Ez a „szellemállás” trend talán egy taktika a vállalatok részéről, hogy növekedési képet vetítsenek előre. - Az olyan állásplatformok, mint a Greenhouse és a LinkedIn, álláshirdetés-ellenőrzési szolgáltatásokat vezettek be, hogy segítsenek a felhasználóknak azonosítani a valódi álláslehetőségeket.” + +### [Reakciók](https://news.ycombinator.com/item?id=42697783) + +- „Egy tanulmány kimutatta, hogy az online álláshirdetések 20%-a vagy hamis, vagy betöltetlen marad, gyakran azért, mert a vállalatoknak meg kell felelniük az amerikai bevándorlási politikáknak. - A vállalatok azért is fenntarthatják az álláshirdetéseket, hogy megtalálják az ideális jelölteket, megváltoztassák a követelményeket, vagy mert már előre kiválasztott belső jelöltekkel rendelkeznek. - Az álláspiac nehéz a pályázók számára, akik gyakran találkoznak eltűnéssel és automatizált elutasításokkal, ami szabályozási beavatkozásra való felhívásokat eredményez.” + +## [„Egy kereszteződést veszélyessé tenni a gyalogosok számára, hogy másodperceket spóroljanak az autósoknak”](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reakciók](https://news.ycombinator.com/item?id=42698557) + +- „A vita középpontjában az áll, hogy az útkereszteződéseknek a gyalogosok biztonságát vagy a járművezetők hatékonyságát kellene előtérbe helyezniük, egyesek a lámpával szabályozott kereszteződéseket és a gyalogos átkelőket részesítik előnyben a 4-utas megállókkal szemben.” +- „A vélemények eltérnek a közlekedési törvényekről és az infrastruktúra tervezéséről, különös tekintettel a tilosban átkelés biztonságára és a piros lámpánál történő jobbra kanyarodás kockázataira.” +- „Egyesek alternatív megoldásokat javasolnak, mint például körforgalmak vagy a holland közlekedéstechnikai szabványok átvétele a biztonság és a hatékonyság növelése érdekében.” + +## [„A PostgreSQL a 2024-es év adatbázis-kezelő rendszere”](https://db-engines.com/en/blog_post/109) + +- „A PostgreSQL elnyerte a 2024-es Év DBMS-e díjat a DB-Engines-től, ezzel ötödik alkalommal kapta meg ezt az elismerést, megelőzve 423 másik adatbázis-kezelő rendszert.” +- „A PostgreSQL, amelynek története közel 35 évre nyúlik vissza, továbbra is innovatív, amit a 2024 szeptemberében megjelent PostgreSQL 17 legújabb fejlesztései is bizonyítanak.” +- „A Snowflake és a Microsoft a második és harmadik helyet szerezték meg, a Snowflake a felhőalapú adattárolásáról és a többfelhős támogatásáról ismert, míg a Microsoft az Azure SQL Database és az SQL Server révén erős, kezelt relációs adatbázisokat kínál.” + +### [Reakciók](https://news.ycombinator.com/item?id=42696080) + +- „A PostgreSQL elnyerte a 2024-es Év Adatbázis-kezelő Rendszere díjat a db-engines.com-tól, ami kiemeli növekvő népszerűségét és elismerését az iparágban.” +- „A felhasználók fontolgatják, hogy a magas licencdíjak és az erőforrás-korlátozások miatt áttérnek a Microsoft SQL Serverről a PostgreSQL-re, annak ellenére, hogy a migráció kihívásokkal járhat.” +- „A PostgreSQL-t kedvelik robusztus funkciói és költséghatékonysága miatt, ami miatt előnyben részesítik a jövőbeli projektekhez, bár néhány felhasználó alternatívákat, például a Babelfish-t is felfedezi a költségek csökkentése érdekében.” + +## [„A Google OAuth bejelentkezése nem véd a sikertelen startup domainjének megvásárlása ellen”](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reakciók](https://news.ycombinator.com/item?id=42699099) + +- „A vita rávilágít egy sebezhetőségre a Google OAuth bejelentkezési rendszerében, amikor egy meghiúsult startup domainjét egy új tulajdonos szerzi meg, ami potenciálisan lehetővé teheti a jogosulatlan hozzáférést a szolgáltatásokhoz.” +- „Ez a probléma azért merül fel, mert a Google nem biztos, hogy megkülönbözteti az eredeti és az új domain tulajdonosokat, ami hatással lehet bármely rendszerre, amely domain alapú hitelesítést használ.” +- „Egy javasolt megoldás az, hogy egyedi azonosítókat használjunk, amelyek idővel állandóak maradnak, bár ennek a megoldásnak a megvalósítása az egyes identitásszolgáltatók között eltérő.” + +## [„Kódolási készségek használata passzív jövedelem szerzésére”](https://www.coryzue.com/writing/solopreneur/) + +- „A szerző a CTO szerepkörből solopreneurré vált, és sikeresen többet keresett egy szoftvertermék-portfólió révén.” +- „A kulcsfontosságú stratégiák közé tartozik a mély munkára való összpontosítás, a kis projektekkel való kezdés, a gyors iteráció, valamint az idő szentelése a marketing tevékenységekre.” +- „Az utazás a bizonytalanságok miatt a rugalmasságot hangsúlyozza, de kiemeli ennek a karrierútnak a páratlan autonómiáját és szabadságát, bátorítva azokat, akik kódolási készségekkel rendelkeznek, hogy fontolják meg passzív jövedelemforrásként.” + +### [Reakciók](https://news.ycombinator.com/item?id=42696822) + +- „Egy felhasználó leírta, hogyan generál passzív jövedelmet SEO spam weboldalakon keresztül, amelyek lejáró domain neveket használnak, és évente körülbelül 30 ezer dollárt keres, annak ellenére, hogy etikai aggályok merülnek fel, és a Google végül fellép ellene.” +- „A bejegyzés vitát váltott ki a passzív jövedelemről, mivel néhány felhasználó azt állította, hogy ez inkább hasonlít egy vállalkozás működtetésére, mint valóban passzív keresetre.” +- „A résztvevők megosztották tapasztalataikat és kihívásaikat a mellékprojektekben, kiemelve az idő, a kitartás és a stratégiai tervezés fontosságát.” + +## [„Spanyolország 100%-os adót javasol az EU-n kívüli lakosok által vásárolt ingatlanokra”](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- „Spanyolország fontolóra veszi a 100%-os adó bevezetését az ingatlanvásárlásokra nem EU-s lakosok esetében, azzal a céllal, hogy kezelje a lakhatási válságot és visszaszorítsa a spekulatív vásárlásokat.” +- „Pedro Sánchez miniszterelnök javaslata magában foglalja a szociális lakások bővítését és a turisztikai bérlések szabályozását, hogy kezelje a lakásárak és a jövedelmek közötti különbséget.” +- „A javaslat jövője, mint törvény, bizonytalan, mivel egyes elemzők inkább elrettentésként tekintenek rá a külföldi befektetők számára, semmint garantált jogszabályi változásként.” + +### [Reakciók](https://news.ycombinator.com/item?id=42690781) + +- „Spanyolország fontolóra veszi, hogy 100%-os adót vet ki az EU-n kívüli lakosok által vásárolt ingatlanokra, hogy kezelje a lakhatási megfizethetőségi problémákat. - A kritikusok azt állítják, hogy a külföldi vásárlók nem a magas lakásárak elsődleges okai, inkább a lassú bürokráciát és a területrendezési törvényeket említik jelentősebb tényezőkként. - A javaslat vitát váltott ki a külföldi tulajdon szerepéről a lakáspiacon és annak hatékonyságáról a megfizethetőségi problémák megoldásában.” + +## [„Az Apple hamarosan 'Amerikában készült' chipeket fog kapni a TSMC arizonai gyárából”](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- „Az Apple teszteli a TSMC arizonai létesítményéből származó processzorokat, és tervezi a tömeggyártást az első negyedévre, potenciálisan a TSMC első amerikai ügyfelévé válva a helyben gyártott chipek tekintetében. - Ez az kezdeményezés célja az amerikai szilícium függetlenség erősítése, csökkentve a Tajvantól való függőséget, amely geopolitikai és természeti kockázatoknak van kitéve. - A TSMC arizonai gyára fejlett 3nm és 2nm chipeket fog gyártani, folyamatos erőfeszítésekkel a helyi toborzás és az amerikai egyetemekkel való partnerségek javítására, bár a csomagolás kezdetben Tajvanon fog történni, amíg a Peoria létesítmény működőképessé nem válik.” + +### [Reakciók](https://news.ycombinator.com/item?id=42699977) + +- „Az Apple a TSMC arizonai üzeméből kap chipeket, de azokat vissza kell küldeni Tajvanra csomagolásra az amerikai létesítmények elégtelensége miatt. - Az arizonai üzemben dolgozók több mint 50%-a Tajvanról származik, ami az amerikai STEM (tudomány, technológia, mérnöki tudományok és matematika) terület hiányosságaira utal. - A CHIPS Act kezdeményezés, amely az amerikai félvezetőgyártás fejlesztését célozza, kihívásokkal néz szembe, mivel a "Made in America" címke megkérdőjeleződik a csomagolási folyamat Tajvanon történő lebonyolítása miatt, bár 2027-re tervezik az amerikai csomagolási képességek kiépítését.” + +## [„43 ezerrel kevesebb sofőr van Manhattan útjain, miután bevezették a dugódíjat”](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- „Miután bevezették a dugódíjat, 7,5%-kal csökkent a Manhattanbe a 60. utca alá behajtó autósok száma, ami napi 43 000-rel kevesebb autóst jelentett hétköznaponként.” +- „A forgalom csökkenése javította a közlekedés áramlását és növelte a buszok sebességét, néhány expressz busz esetében pedig megnövekedett az utasforgalom.” +- „A Metropolitan Transportation Authority (MTA) az évi 500 millió dollárra becsült útdíjbevételt közlekedési fejlesztésekre használja fel, annak ellenére, hogy némi politikai ellenállás tapasztalható.” + +### [Reakciók](https://news.ycombinator.com/item?id=42692730) + +- „A dugódíj bevezetése Manhattanben 43 000-rel kevesebb autóst eredményezett, ami a buszok sebességének növekedéséhez és potenciálisan jobb vészhelyzeti reagálási időkhez vezetett.” +- „A politika célja a forgalmi torlódások csökkentése és a levegő minőségének javítása, bár vitát váltott ki az alacsonyabb jövedelmű egyénekre gyakorolt hatásáról.” +- „A támogatók azzal érvelnek, hogy az előnyök közé tartozik a hatékonyabb tömegközlekedés és a tisztább levegő, miközben folytatódnak a viták ezen előnyök és a járművezetők igényeinek egyensúlyba hozásáról.” + + + + + + diff --git a/i18n/id/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/id/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..5d4ac61dc --- /dev/null +++ b/i18n/id/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [Tidak ada teks yang diberikan untuk diterjemahkan.](https://sourcecodered.com/snyk-malicious-npm-package/) + +- Seorang peneliti keamanan dari Snyk merilis paket NPM berbahaya yang menargetkan Cursor.com, sebuah perusahaan pemrograman AI, untuk mengumpulkan data sistem dan mengirimkannya ke layanan yang dikendalikan oleh penyerang. +- Tiga paket, yang diidentifikasi sebagai "cursor-retrieval," "cursor-always-local," dan "cursor-shadow-workspace," ditandai oleh pemindai analisis paket OpenSSF, menghasilkan peringatan MAL-2025-27, MAL-2025-28, dan MAL-2025-29. +- Insiden ini menyoroti pentingnya memeriksa paket NPM sebelum instalasi untuk menghindari potensi ancaman keamanan. + +### [Reaksi](https://news.ycombinator.com/item?id=42690473) + +- A Snyk security researcher merilis paket NPM (Node Package Manager) berbahaya yang ditujukan pada cursor.com, menyoroti kerentanan kebingungan ketergantungan. - Insiden ini telah memicu perdebatan tentang etika penelitian keamanan, terutama mengenai paparan publik variabel lingkungan. - Cursor.com menjelaskan bahwa mereka tidak mengizinkan tindakan tersebut, dan Snyk telah meminta maaf, menekankan tantangan dalam menyeimbangkan penelitian keamanan ofensif dengan standar etika. + +## [Saya Beralih ke Firefox dan Tidak Pernah Menyesal](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox dipuji karena manajemen tab yang superior, fitur Pocket bawaan untuk menyimpan tautan, dan relay email yang berfokus pada privasi, menjadikannya alternatif yang kuat untuk Chrome. - Fitur tambahan seperti alat tangkapan layar yang ramah pengguna, tombol ChatGPT, Picture-in-Picture, opsi pencarian yang dapat disesuaikan, dan pengguliran yang mulus meningkatkan pengalaman menjelajah. - Meskipun Firefox tidak memiliki fitur aplikasi web Chrome, desainnya yang bijaksana dan permintaan sumber daya yang lebih rendah membuatnya menjadi pilihan yang disukai bagi beberapa pengguna. + +### [Reaksi](https://news.ycombinator.com/item?id=42696081) + +- Pengguna Firefox menghadapi tantangan dari platform seperti YouTube, yang mungkin sengaja menurunkan kualitas pengalaman bagi pengguna browser non-Google atau yang menggunakan pemblokir iklan. - Tren ini menimbulkan kekhawatiran tentang otonomi pengguna, karena menghukum mereka yang memilih pengalaman web bebas iklan dan pengawasan. - Firefox menawarkan fitur unik, seperti tab kontainer, yang meningkatkan privasi dan kegunaan, menjadikannya pilihan favorit bagi pengguna yang mencari kebebasan dari browser yang dikendalikan oleh korporasi besar. + +## [CEO Sonos mengundurkan diri setelah kekacauan pembaruan aplikasi](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reaksi](https://news.ycombinator.com/item?id=42687932) + +- Tidak lama setelah pembaruan aplikasi yang kontroversial, CEO Sonos mengundurkan diri. Pembaruan tersebut mengharuskan pengguna mengganti sistem suara yang mahal, menyebabkan ketidakpuasan pelanggan. Pembaruan ini memperkenalkan sistem berbasis cloud, menjauh dari Universal Plug and Play (UPnP) yang andal, yang menyebabkan masalah konektivitas dan meningkatkan kompleksitas. Situasi ini menyoroti konflik antara strategi bisnis dan mempertahankan kepercayaan pelanggan, sementara CEO beralih ke peran penasihat dengan paket pesangon. + +## [Di dalam perut MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reaksi](https://news.ycombinator.com/item?id=42696691) + +- Tulisan ini meneliti bagaimana algoritma YouTube mempengaruhi pembuatan konten, dengan menggunakan MrBeast sebagai studi kasus, menyoroti pergeseran menuju konten yang didorong oleh keterlibatan daripada konten yang bermakna. - Ini membahas implikasi yang lebih luas untuk literasi media dan dampak budaya dari platform seperti YouTube dan TikTok, menunjukkan tren menuju konten yang dangkal dan reaktif. - Berbagai perspektif dipertimbangkan mengenai peran algoritma dalam membentuk konten dan pengaruh pencipta populer terhadap norma budaya. + +## [Operasi Git di GitHub Sedang Mengalami Gangguan](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub mengalami gangguan operasi Git pada 13 Januari 2025, akibat perubahan konfigurasi yang mempengaruhi penyeimbang beban internal, yang berlangsung dari pukul 23:35 hingga 00:24 UTC. - Masalah ini diselesaikan dengan mengembalikan perubahan konfigurasi, dan GitHub sedang berupaya meningkatkan pemantauan dan proses penerapan untuk mencegah insiden serupa. - Gangguan ini juga mempengaruhi layanan Actions dan Pages GitHub, menyoroti sifat saling terhubung dari layanan platform mereka. + +### [Reaksi](https://news.ycombinator.com/item?id=42691184) + +- GitHub mengalami gangguan besar yang mempengaruhi operasi git, menyebabkan kebingungan di kalangan pengembang yang awalnya menduga masalah dengan kunci SSH atau konfigurasi lokal mereka. - Insiden ini menyoroti tantangan mengandalkan layanan terpusat, mendorong diskusi tentang keuntungan dari self-hosting dan sistem terdesentralisasi. - Meskipun masalah tersebut telah diselesaikan, hal ini menyoroti kekhawatiran tentang keandalan GitHub dan risiko bergantung pada platform pihak ketiga untuk tugas-tugas penting. + +## [ZFS 2.3 dirilis dengan ekspansi ZFS raidz](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 telah dirilis, memperkenalkan fitur-fitur signifikan seperti Ekspansi RAIDZ, Deduplication Cepat, Input/Output Langsung, keluaran JSON, dan dukungan untuk nama file panjang. - Rilis ini mencakup perbaikan bug penting dan peningkatan kinerja, kompatibel dengan kernel Linux 4.18 - 6.12 dan versi FreeBSD 13.3, 14.0 - 14.2. - Pembaruan ini merupakan upaya kolaboratif dari 134 kontributor, dengan dokumentasi lengkap dan log perubahan tersedia untuk ditinjau. + +### [Reaksi](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 telah dirilis, memperkenalkan fitur-fitur seperti ekspansi RAIDZ, deduplikasi cepat, IO langsung, output JSON, dan dukungan untuk nama file yang panjang. - Ekspansi RAIDZ sangat menonjol karena memungkinkan pengguna untuk menambahkan perangkat baru ke pool RAIDZ yang sudah ada tanpa waktu henti, meningkatkan kapasitas penyimpanan. - Rilis ini dianggap sebagai kemajuan signifikan bagi pengguna ZFS, menarik perbandingan dengan sistem file lain seperti Btrfs dan Windows Storage Spaces, meskipun ada beberapa keterbatasan seperti ketidakmampuan untuk mengecilkan pool. + +## [Webtop – Kontainer Alpine, Ubuntu, Fedora, dan Arch yang berisi lingkungan desktop lengkap](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop menyediakan kontainer berbasis Alpine, Ubuntu, Fedora, dan Arch dengan lingkungan desktop penuh yang dapat diakses melalui peramban web, mendukung arsitektur x86-64 dan arm64. +- Pengguna dapat memilih dari berbagai lingkungan desktop seperti XFCE, KDE, MATE, i3, Openbox, dan IceWM dengan menggunakan tag gambar tertentu, dan mengakses Webtop melalui URL yang ditentukan. +- Fitur keamanan mencakup opsi seccomp Docker dan pengaturan autentikasi, dengan opsi kustomisasi yang tersedia melalui variabel lingkungan, serta dukungan untuk akselerasi GPU dengan driver sumber terbuka. + +### [Reaksi](https://news.ycombinator.com/item?id=42690983) + +- Webtop menyediakan kontainer dengan lingkungan desktop penuh untuk Alpine, Ubuntu, Fedora, dan Arch, cocok untuk pengaturan cepat di belakang VPN. +- Pengguna memuji Webtop karena kecepatannya dan kemudahan penggunaannya, terutama saat digunakan dengan kontainer Gluetun untuk koneksi yang aman, tetapi memperingatkan agar tidak mengekspos kontainer ke internet tanpa langkah-langkah keamanan karena tidak adanya otentikasi bawaan. +- Teks ini menilai proyek tersebut karena bersifat open-source dan fleksibel, dengan pengguna yang berbagi konfigurasi, dan alternatif seperti Kasm dan Selkies dicatat untuk tujuan serupa. + +## [1 dari 5 lowongan pekerjaan online adalah palsu atau tidak pernah terisi, menurut sebuah studi.](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- Studi terbaru menunjukkan bahwa 20% dari lowongan pekerjaan online adalah palsu atau tetap tidak terisi, menambah frustrasi para pencari kerja. - Tren "pekerjaan hantu" ini mungkin merupakan taktik bagi perusahaan untuk memproyeksikan citra pertumbuhan. - Platform pekerjaan seperti Greenhouse dan LinkedIn telah memperkenalkan layanan verifikasi pekerjaan untuk membantu pengguna mengidentifikasi peluang kerja yang asli. + +### [Reaksi](https://news.ycombinator.com/item?id=42697783) + +- Sebuah studi mengungkapkan bahwa 20% dari lowongan pekerjaan online adalah palsu atau tetap tidak terisi, sering kali karena perusahaan perlu mematuhi kebijakan imigrasi AS. - Perusahaan juga mungkin membiarkan lowongan pekerjaan tetap terbuka untuk menemukan kandidat ideal, mengubah persyaratan, atau memiliki kandidat internal yang sudah dipilih sebelumnya. - Pasar kerja sulit bagi pelamar, yang sering kali menghadapi pengabaian dan penolakan otomatis, mendorong seruan untuk intervensi regulasi. + +## [Membuat persimpangan tidak aman bagi pejalan kaki demi menghemat beberapa detik bagi pengemudi](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reaksi](https://news.ycombinator.com/item?id=42698557) + +- Teks tersebut membahas perdebatan mengenai apakah persimpangan seharusnya memprioritaskan keselamatan pejalan kaki atau efisiensi pengemudi, dengan beberapa pihak lebih menyukai persimpangan yang dikendalikan lampu dan penyeberangan pejalan kaki dibandingkan dengan pemberhentian 4 arah. +- Opini bervariasi mengenai undang-undang lalu lintas dan desain infrastruktur, dengan diskusi tentang keselamatan menyeberang jalan sembarangan dan risiko yang terkait dengan belok kanan saat lampu merah. +- Beberapa orang menganjurkan solusi alternatif seperti bundaran atau mengadopsi standar rekayasa lalu lintas Belanda untuk meningkatkan keselamatan dan efisiensi. + +## [PostgreSQL adalah Sistem Manajemen Basis Data Tahun 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL telah dianugerahi DBMS of the Year 2024 oleh DB-Engines, meraih pengakuan ini untuk kelima kalinya, melampaui 423 sistem manajemen basis data lainnya. +- PostgreSQL, dengan sejarah yang mencakup hampir 35 tahun, terus berinovasi, seperti yang terlihat dalam peningkatan terbaru PostgreSQL 17, yang dirilis pada September 2024. +- Snowflake dan Microsoft masing-masing menempati posisi kedua dan ketiga, dengan Snowflake dikenal karena penyimpanan data berbasis cloud dan dukungan multi-cloud, sementara Microsoft menawarkan basis data relasional terkelola yang kuat melalui Azure SQL Database dan SQL Server. + +### [Reaksi](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL telah dianugerahi Database Management System of the Year 2024 oleh db-engines.com, menyoroti popularitasnya yang semakin meningkat dan pengakuan di industri. +- Pengguna sedang mempertimbangkan untuk beralih dari Microsoft SQL Server ke PostgreSQL karena biaya lisensi yang tinggi dan keterbatasan sumber daya, meskipun ada tantangan migrasi yang potensial. +- PostgreSQL disukai karena fitur-fiturnya yang kuat dan efektivitas biayanya, menjadikannya pilihan yang disukai untuk proyek-proyek mendatang, meskipun beberapa pengguna menjelajahi alternatif seperti Babelfish untuk mengurangi biaya. + +## [Login OAuth Google tidak melindungi terhadap pembelian domain startup yang gagal.](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reaksi](https://news.ycombinator.com/item?id=42699099) + +- Teks tersebut menyoroti kerentanan dalam sistem login OAuth Google ketika domain dari sebuah startup yang gagal diakuisisi oleh pemilik baru, yang berpotensi memungkinkan akses tidak sah ke layanan. +- Masalah ini muncul karena Google mungkin tidak dapat membedakan antara pemilik domain asli dan yang baru, yang mempengaruhi sistem apa pun yang menggunakan autentikasi berbasis domain. +- Solusi yang diusulkan adalah menggunakan pengenal unik yang tetap konstan dari waktu ke waktu, meskipun penerapan solusi ini bervariasi di antara penyedia identitas. + +## [Memanfaatkan keterampilan pemrograman untuk menghasilkan pendapatan pasif](https://www.coryzue.com/writing/solopreneur/) + +- Penulis beralih dari peran CTO menjadi solopreneur, berhasil mendapatkan lebih banyak melalui portofolio produk perangkat lunak. +- Strategi utama meliputi fokus pada pekerjaan mendalam, memulai dengan proyek kecil, iterasi cepat, dan mendedikasikan waktu untuk upaya pemasaran. +- Teks ini menekankan ketahanan menghadapi ketidakpastian, tetapi menyoroti otonomi dan kebebasan yang tak tertandingi dari jalur karier ini, mendorong mereka yang memiliki keterampilan pemrograman untuk mempertimbangkannya sebagai sumber pendapatan pasif. + +### [Reaksi](https://news.ycombinator.com/item?id=42696822) + +- Seorang pengguna menggambarkan cara menghasilkan pendapatan pasif melalui situs web spam SEO dengan menggunakan nama domain yang akan kedaluwarsa, menghasilkan sekitar $30 ribu per tahun, meskipun ada kekhawatiran etis dan tindakan tegas dari Google pada akhirnya. +- Tulisan tersebut memicu perdebatan tentang pendapatan pasif, dengan beberapa pengguna berargumen bahwa itu lebih mirip menjalankan bisnis daripada benar-benar pendapatan pasif. +- Para peserta berbagi pengalaman dan tantangan dalam proyek sampingan, menyoroti pentingnya waktu, ketahanan, dan perencanaan strategis. + +## [Spanyol mengusulkan pajak 100% pada rumah yang dibeli oleh penduduk non-Uni Eropa.](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Spanyol sedang mempertimbangkan pajak 100% pada pembelian real estat oleh penduduk non-Uni Eropa, dengan tujuan untuk mengatasi krisis perumahan dan mengekang pembelian spekulatif. +- Proposal Perdana Menteri Pedro Sánchez mencakup perluasan perumahan sosial dan pengaturan penyewaan wisata untuk mengatasi kesenjangan antara harga rumah dan pendapatan. +- Tidak pasti apakah proposal tersebut akan menjadi undang-undang, dengan beberapa analis melihatnya lebih sebagai penghalang bagi investor asing daripada perubahan legislatif yang dijamin. + +### [Reaksi](https://news.ycombinator.com/item?id=42690781) + +- Spanyol sedang mempertimbangkan pajak 100% pada rumah yang dibeli oleh penduduk non-Uni Eropa untuk mengatasi masalah keterjangkauan perumahan. - Para kritikus menyarankan bahwa pembeli asing bukanlah penyebab utama tingginya harga perumahan, dengan menyebut birokrasi yang lambat dan undang-undang zonasi sebagai faktor yang lebih signifikan. - Usulan ini telah memicu perdebatan tentang peran kepemilikan asing dalam pasar perumahan dan efektivitasnya dalam menyelesaikan masalah keterjangkauan. + +## [Apple akan segera menerima chip 'buatan Amerika' dari pabrik TSMC di Arizona](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple sedang menguji prosesor dari fasilitas TSMC di Arizona, dengan rencana untuk produksi massal pada kuartal pertama, yang berpotensi menjadikan Apple sebagai pelanggan pertama TSMC di AS untuk chip yang diproduksi secara lokal. - Inisiatif ini bertujuan untuk memperkuat kemandirian silikon AS, mengurangi ketergantungan pada Taiwan, yang rentan terhadap risiko geopolitik dan alam. - Pabrik TSMC di Arizona akan memproduksi chip canggih 3nm dan 2nm, dengan upaya berkelanjutan untuk meningkatkan perekrutan lokal dan kemitraan dengan universitas di AS, meskipun pengemasan awalnya akan dilakukan di Taiwan hingga fasilitas di Peoria beroperasi. + +### [Reaksi](https://news.ycombinator.com/item?id=42699977) + +- Apple akan menerima chip dari pabrik TSMC di Arizona, tetapi chip tersebut perlu dikirim kembali ke Taiwan untuk pengemasan karena fasilitas di AS tidak mencukupi. - Lebih dari 50% tenaga kerja di pabrik Arizona berasal dari Taiwan, menunjukkan adanya kesenjangan di bidang STEM (Sains, Teknologi, Teknik, dan Matematika) di AS. - Inisiatif Undang-Undang CHIPS, yang bertujuan untuk meningkatkan manufaktur semikonduktor di AS, menghadapi tantangan karena label "Made in America" dipertanyakan akibat proses pengemasan yang terjadi di Taiwan, dengan rencana untuk kemampuan pengemasan di AS pada tahun 2027. + +## [43 ribu lebih sedikit pengemudi di jalan-jalan Manhattan setelah penetapan harga kemacetan diaktifkan](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Setelah penerapan harga kemacetan, terjadi pengurangan sebesar 7,5% pada pengemudi yang memasuki Manhattan di bawah 60th Street, yang setara dengan 43.000 pengemudi lebih sedikit setiap hari kerja. +- Pengurangan lalu lintas telah memperbaiki aliran lalu lintas dan meningkatkan kecepatan bus, dengan beberapa bus ekspres mengalami peningkatan jumlah penumpang. +- The Metropolitan Transportation Authority (MTA) menggunakan pendapatan tol, yang diperkirakan mencapai $500 juta per tahun, untuk perbaikan transportasi, meskipun ada beberapa oposisi politik. + +### [Reaksi](https://news.ycombinator.com/item?id=42692730) + +- Pelaksanaan penetapan harga kemacetan di Manhattan telah mengakibatkan 43.000 pengemudi lebih sedikit, yang mengarah pada peningkatan kecepatan bus dan kemungkinan waktu respons darurat yang lebih baik. +- Aturan ini dirancang untuk mengurangi kemacetan lalu lintas dan meningkatkan kualitas udara, meskipun telah memicu perdebatan mengenai dampaknya terhadap individu berpenghasilan rendah. +- Para pendukung berpendapat bahwa manfaatnya meliputi transportasi umum yang lebih efisien dan udara yang lebih bersih, sementara diskusi terus berlanjut tentang menyeimbangkan keuntungan ini dengan kebutuhan para pengemudi. + + + + + + diff --git a/i18n/it/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/it/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..cb220bd89 --- /dev/null +++ b/i18n/it/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [Un ricercatore di sicurezza di Snyk distribuisce pacchetti NPM dannosi prendendo di mira cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- Un ricercatore di sicurezza di Snyk ha rilasciato pacchetti NPM dannosi mirati a Cursor.com, un'azienda di codifica AI, per raccogliere dati di sistema e inviarli a un servizio controllato da un attaccante. +- I pacchetti, identificati come "cursor-retrieval", "cursor-always-local" e "cursor-shadow-workspace", sono stati segnalati dallo scanner di analisi dei pacchetti OpenSSF, risultando negli avvisi MAL-2025-27, MAL-2025-28 e MAL-2025-29. +- Questo incidente evidenzia l'importanza di esaminare attentamente i pacchetti NPM prima dell'installazione per evitare potenziali minacce alla sicurezza. + +### [Reazioni](https://news.ycombinator.com/item?id=42690473) + +- Un ricercatore di sicurezza di Snyk ha rilasciato pacchetti NPM (Node Package Manager) dannosi mirati a cursor.com, evidenziando vulnerabilità di confusione delle dipendenze. - L'incidente ha suscitato un dibattito sull'etica della ricerca sulla sicurezza, in particolare riguardo all'esposizione pubblica delle variabili d'ambiente. - Cursor.com ha chiarito di non aver autorizzato l'azione, e Snyk si è successivamente scusato, sottolineando le sfide nel bilanciare la ricerca sulla sicurezza offensiva con gli standard etici. + +## [Io sono passato a Firefox e non sono mai tornato indietro](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox è apprezzato per la sua gestione superiore delle schede, la funzione Pocket integrata per salvare i link e un servizio di inoltro email incentrato sulla privacy, rendendolo una valida alternativa a Chrome. - Funzionalità aggiuntive come uno strumento di screenshot facile da usare, un pulsante ChatGPT, la modalità Picture-in-Picture, opzioni di ricerca personalizzabili e uno scorrimento fluido migliorano l'esperienza di navigazione. - Sebbene Firefox manchi della funzione di app web di Chrome, il suo design attento e la ridotta richiesta di risorse lo rendono una scelta preferita per alcuni utenti. + +### [Reazioni](https://news.ycombinator.com/item?id=42696081) + +- Gli utenti di Firefox affrontano sfide da piattaforme come YouTube, che potrebbero intenzionalmente degradare l'esperienza per i browser non Google o per gli utenti che utilizzano adblocker. - Questa tendenza solleva preoccupazioni riguardo all'autonomia degli utenti, poiché penalizza coloro che optano per un'esperienza web senza pubblicità e sorveglianza. - Firefox offre funzionalità uniche, come le schede contenitore, che migliorano la privacy e l'usabilità, rendendolo una scelta preferita per gli utenti che cercano indipendenza dai browser controllati da grandi aziende. + +## [Il CEO di Sonos si dimette dopo il fiasco dell'aggiornamento dell'app](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reazioni](https://news.ycombinator.com/item?id=42687932) + +- Il CEO di Sonos si è dimesso a seguito di un controverso aggiornamento dell'app che ha richiesto agli utenti di sostituire costosi sistemi audio, causando insoddisfazione tra i clienti. - L'aggiornamento ha introdotto un sistema basato su cloud, allontanandosi dal affidabile Universal Plug and Play (UPnP), il che ha portato a problemi di connettività e maggiore complessità. - Questa situazione sottolinea il conflitto tra strategie aziendali e mantenimento della fiducia dei clienti, mentre il CEO passa a un ruolo di consulenza con un pacchetto di buonuscita. + +## [Nella pancia di MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reazioni](https://news.ycombinator.com/item?id=42696691) + +- L'articolo esamina come l'algoritmo di YouTube influenzi la creazione di contenuti, utilizzando MrBeast come caso di studio, evidenziando un passaggio verso contenuti guidati dall'engagement piuttosto che significativi. - Discute le implicazioni più ampie per l'alfabetizzazione mediatica e l'impatto culturale di piattaforme come YouTube e TikTok, suggerendo una tendenza verso contenuti superficiali e reazionari. - Vengono considerate varie prospettive sul ruolo degli algoritmi nel plasmare i contenuti e l'influenza dei creatori popolari sulle norme culturali. + +## [Le operazioni Git su GitHub sono inattive](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub ha affrontato un'interruzione delle operazioni Git il 13 gennaio 2025, a causa di una modifica di configurazione che ha influenzato il bilanciatore di carico interno, durata dalle 23:35 alle 00:24 UTC. - Il problema è stato risolto ripristinando la modifica di configurazione, e GitHub sta lavorando per migliorare i processi di monitoraggio e distribuzione per prevenire incidenti simili. - L'interruzione ha anche influenzato i servizi Actions e Pages di GitHub, evidenziando la natura interconnessa dei loro servizi di piattaforma. + +### [Reazioni](https://news.ycombinator.com/item?id=42691184) + +- GitHub ha affrontato un'importante interruzione che ha influenzato le operazioni git, causando confusione tra gli sviluppatori che inizialmente sospettavano problemi con le loro chiavi SSH o configurazioni locali. - L'incidente ha sottolineato le sfide di affidarsi a servizi centralizzati, stimolando discussioni sui vantaggi dell'auto-hosting e dei sistemi decentralizzati. - Sebbene il problema sia stato risolto, ha evidenziato preoccupazioni sulla affidabilità di GitHub e i rischi di dipendere da piattaforme di terze parti per compiti essenziali. + +## [ZFS 2.3 rilasciato con espansione ZFS raidz](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 è stato rilasciato, introducendo funzionalità significative come l'espansione RAIDZ, la deduplicazione veloce, l'input/output diretto, l'output JSON e il supporto per nomi di file lunghi. - Il rilascio include correzioni di bug essenziali e miglioramenti delle prestazioni, compatibile con i kernel Linux 4.18 - 6.12 e le versioni FreeBSD 13.3, 14.0 - 14.2. - L'aggiornamento è uno sforzo collaborativo di 134 contributori, con documentazione completa e un registro delle modifiche disponibile per la revisione. + +### [Reazioni](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 è stato rilasciato, introducendo funzionalità come l'espansione RAIDZ, la deduplicazione veloce, l'IO diretto, l'output JSON e il supporto per nomi di file lunghi. - L'espansione RAIDZ è particolarmente degna di nota poiché consente agli utenti di aggiungere nuovi dispositivi a un pool RAIDZ esistente senza tempi di inattività, migliorando la capacità di archiviazione. - Il rilascio è considerato un avanzamento significativo per gli utenti ZFS, con confronti con altri filesystem come Btrfs e Windows Storage Spaces, nonostante alcune limitazioni come l'impossibilità di ridurre i pool. + +## [Webtop – Contenitori Alpine, Ubuntu, Fedora e Arch contenenti ambienti desktop completi](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop fornisce container basati su Alpine, Ubuntu, Fedora e Arch con ambienti desktop completi accessibili tramite browser web, supportando sia le architetture x86-64 che arm64. +- Gli utenti possono scegliere tra vari ambienti desktop come XFCE, KDE, MATE, i3, Openbox e IceWM utilizzando tag di immagine specifici e accedere al Webtop tramite URL designati. +- Le funzionalità di sicurezza includono l'opzione seccomp di Docker e la configurazione dell'autenticazione, con opzioni di personalizzazione disponibili tramite variabili d'ambiente, e supporto per l'accelerazione GPU con driver open-source. + +### [Reazioni](https://news.ycombinator.com/item?id=42690983) + +- Webtop fornisce container con ambienti desktop completi per Alpine, Ubuntu, Fedora e Arch, adatti per configurazioni rapide dietro una VPN. +- Gli utenti elogiano Webtop per la sua velocità e facilità d'uso, in particolare quando viene utilizzato con il container Gluetun per connessioni sicure, ma avvertono di non esporre i container a internet senza misure di sicurezza a causa della mancanza di autenticazione predefinita. +- Il progetto è apprezzato per essere open-source e flessibile, con gli utenti che condividono configurazioni, e alternative come Kasm e Selkies sono notate per scopi simili. + +## [1 su 5 annunci di lavoro online sono falsi o non vengono mai coperti, secondo uno studio](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- Un recente studio indica che il 20% delle offerte di lavoro online sono false o rimangono non occupate, aumentando la frustrazione dei cercatori di lavoro. - Questa tendenza dei "lavori fantasma" potrebbe essere una tattica delle aziende per proiettare un'immagine di crescita. - Piattaforme di lavoro come Greenhouse e LinkedIn hanno introdotto servizi di verifica delle offerte di lavoro per aiutare gli utenti a identificare opportunità di lavoro autentiche. + +### [Reazioni](https://news.ycombinator.com/item?id=42697783) + +- Uno studio rivela che il 20% delle offerte di lavoro online sono false o rimangono non occupate, spesso perché le aziende devono conformarsi alle politiche di immigrazione degli Stati Uniti. - Le aziende possono anche lasciare le offerte di lavoro aperte per trovare candidati ideali, cambiare i requisiti o avere candidati interni pre-selezionati. - Il mercato del lavoro è difficile per i candidati, che spesso incontrano ghosting e rifiuti automatizzati, spingendo a richiedere un intervento normativo. + +## [Rendere un incrocio pericoloso per i pedoni per risparmiare secondi agli automobilisti](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reazioni](https://news.ycombinator.com/item?id=42698557) + +- Il dibattito si concentra sul fatto se le intersezioni debbano dare priorità alla sicurezza dei pedoni o all'efficienza dei conducenti, con alcuni che preferiscono le intersezioni controllate da semafori e gli attraversamenti pedonali a raso rispetto agli incroci a 4 vie. +- Le opinioni variano sulle leggi del traffico e sul design delle infrastrutture, con discussioni sulla sicurezza dell'attraversamento pedonale non autorizzato e sui rischi associati alle svolte a destra con semaforo rosso. +- Alcuni sostengono soluzioni alternative come le rotatorie o l'adozione degli standard di ingegneria del traffico olandesi per migliorare sia la sicurezza che l'efficienza. + +## [PostgreSQL è il Sistema di Gestione di Database dell'Anno 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL è stato premiato come DBMS dell'anno 2024 da DB-Engines, ottenendo questo riconoscimento per la quinta volta, superando 423 altri sistemi di gestione di database. +- PostgreSQL, con una storia che si estende per quasi 35 anni, continua a innovare, come si vede nei recenti miglioramenti di PostgreSQL 17, rilasciato a settembre 2024. +- Snowflake e Microsoft si sono assicurati rispettivamente il secondo e il terzo posto, con Snowflake noto per il suo data warehousing basato su cloud e il supporto multi-cloud, mentre Microsoft offre robusti database relazionali gestiti tramite Azure SQL Database e SQL Server. + +### [Reazioni](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL è stato premiato come Database Management System dell'anno 2024 da db-engines.com, evidenziando la sua crescente popolarità e riconoscimento nel settore. +- Gli utenti stanno considerando di passare da Microsoft SQL Server a PostgreSQL a causa degli elevati costi di licenza e delle limitazioni delle risorse, nonostante le potenziali sfide di migrazione. +- PostgreSQL è apprezzato per le sue caratteristiche robuste e la convenienza economica, rendendolo una scelta preferita per i progetti futuri, sebbene alcuni utenti esplorino alternative come Babelfish per ridurre i costi. + +## [Il login OAuth di Google non protegge dall'acquisto di un dominio di una startup fallita](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reazioni](https://news.ycombinator.com/item?id=42699099) + +- Il dibattito mette in evidenza una vulnerabilità nel sistema di login OAuth di Google quando il dominio di una startup fallita viene acquisito da un nuovo proprietario, potenzialmente consentendo l'accesso non autorizzato ai servizi. +- Questo problema si verifica perché Google potrebbe non distinguere tra i proprietari originali e nuovi del dominio, influenzando qualsiasi sistema che utilizza l'autenticazione basata sul dominio. +- Una soluzione proposta è quella di utilizzare identificatori unici che rimangono costanti nel tempo, sebbene l'implementazione di questa soluzione vari tra i fornitori di identità. + +## [Utilizzare le competenze di programmazione per generare un reddito passivo](https://www.coryzue.com/writing/solopreneur/) + +- L'autore è passato da un ruolo di CTO a solopreneur, guadagnando con successo di più attraverso un portafoglio di prodotti software. +- Le strategie chiave includono concentrarsi sul lavoro profondo, iniziare con piccoli progetti, iterare rapidamente e dedicare tempo agli sforzi di marketing. +- Il viaggio sottolinea la resilienza a causa delle incertezze, ma mette in evidenza l'autonomia e la libertà impareggiabili di questo percorso professionale, incoraggiando coloro che possiedono competenze di programmazione a considerarlo per un reddito passivo. + +### [Reazioni](https://news.ycombinator.com/item?id=42696822) + +- Un utente ha descritto come generare reddito passivo attraverso siti web di spam SEO utilizzando nomi di dominio in scadenza, guadagnando circa $30k all'anno, nonostante le preoccupazioni etiche e la successiva repressione da parte di Google. +- Il post ha suscitato un dibattito sul reddito passivo, con alcuni utenti che sostengono che sia più simile a gestire un'attività piuttosto che a guadagni veramente passivi. +- I partecipanti hanno condiviso esperienze e sfide nei progetti paralleli, sottolineando l'importanza del tempo, della resilienza e della pianificazione strategica. + +## [Spagna propone una tassa del 100% sulle case acquistate da residenti non UE](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Spagna sta considerando un'imposta del 100% sugli acquisti immobiliari da parte di residenti non UE, con l'obiettivo di affrontare la crisi abitativa e frenare gli acquisti speculativi. +- Il piano del Primo Ministro Pedro Sánchez prevede l'espansione degli alloggi sociali e la regolamentazione degli affitti turistici per affrontare la disparità tra i prezzi delle case e i redditi. +- Il futuro della proposta come legge è incerto, con alcuni analisti che la vedono come un deterrente per gli investitori stranieri piuttosto che un cambiamento legislativo garantito. + +### [Reazioni](https://news.ycombinator.com/item?id=42690781) + +- Spagna sta considerando un'imposta del 100% sulle case acquistate da residenti non UE per affrontare i problemi di accessibilità abitativa. - I critici suggeriscono che gli acquirenti stranieri non sono la causa principale dei prezzi elevati delle case, citando la burocrazia lenta e le leggi urbanistiche come fattori più significativi. - La proposta ha acceso un dibattito sul ruolo della proprietà straniera nei mercati immobiliari e sulla sua efficacia nel risolvere i problemi di accessibilità. + +## [Apple riceverà presto chip 'made in America' dalla fabbrica di TSMC in Arizona](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple sta testando i processori della struttura di TSMC in Arizona, con piani per la produzione di massa entro il primo trimestre, potenzialmente diventando il primo cliente statunitense di TSMC per i chip prodotti localmente. - Questa iniziativa mira a rafforzare l'indipendenza del silicio degli Stati Uniti, riducendo la dipendenza da Taiwan, che è vulnerabile a rischi geopolitici e naturali. - La fabbrica di TSMC in Arizona è destinata a produrre chip avanzati a 3nm e 2nm, con sforzi in corso per migliorare il reclutamento locale e le collaborazioni con le università statunitensi, anche se l'imballaggio inizialmente avverrà a Taiwan fino a quando la struttura di Peoria sarà operativa. + +### [Reazioni](https://news.ycombinator.com/item?id=42699977) + +- Apple riceverà chip dall'impianto di TSMC in Arizona, ma devono essere rispediti a Taiwan per l'imballaggio a causa dell'insufficienza delle strutture negli Stati Uniti. - Oltre il 50% della forza lavoro nell'impianto dell'Arizona proviene da Taiwan, indicando una lacuna nel campo STEM (Scienza, Tecnologia, Ingegneria e Matematica) degli Stati Uniti. - L'iniziativa del CHIPS Act, volta a migliorare la produzione di semiconduttori negli Stati Uniti, affronta sfide poiché l'etichetta "Made in America" è messa in discussione a causa del processo di imballaggio che avviene a Taiwan, con piani per capacità di imballaggio negli Stati Uniti entro il 2027. + +## [43.000 conducenti in meno sulle strade di Manhattan dopo l'attivazione della tariffazione della congestione](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Dopo l'implementazione della tariffazione della congestione, c'è stata una riduzione del 7,5% dei conducenti che entrano a Manhattan sotto la 60ª strada, pari a 43.000 conducenti in meno ogni giorno feriale. +- La riduzione del traffico ha migliorato il flusso del traffico e aumentato la velocità degli autobus, con alcuni autobus espressi che registrano un aumento del numero di passeggeri. +- Il Metropolitan Transportation Authority (MTA) utilizza i ricavi dei pedaggi, stimati a 500 milioni di dollari all'anno, per miglioramenti del trasporto pubblico, nonostante alcune opposizioni politiche. + +### [Reazioni](https://news.ycombinator.com/item?id=42692730) + +- Il sistema di tariffazione della congestione implementato a Manhattan ha portato a 43.000 conducenti in meno, con un conseguente aumento della velocità degli autobus e potenzialmente tempi di risposta migliori per le emergenze. +- La politica è progettata per ridurre la congestione del traffico e migliorare la qualità dell'aria, anche se ha suscitato dibattiti sul suo impatto sulle persone a basso reddito. +- Secondo i sostenitori, i vantaggi includono un trasporto pubblico più efficiente e un'aria più pulita, mentre continuano le discussioni su come bilanciare questi vantaggi con le esigenze degli automobilisti. + + + + + + diff --git a/i18n/ja/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/ja/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..eccd9e36d --- /dev/null +++ b/i18n/ja/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [「Snykのセキュリティ研究者が、cursor.comを標的とする悪意のあるNPMパッケージを展開」](https://sourcecodered.com/snyk-malicious-npm-package/) + +- 「Snykのセキュリティ研究者が、AIコーディング会社であるCursor.comを標的とした悪意のあるNPMパッケージを公開し、システムデータを収集して攻撃者が制御するサービスに送信しました。」 +- 「パッケージ「cursor-retrieval」、「cursor-always-local」、「cursor-shadow-workspace」は、OpenSSFパッケージ分析スキャナーによってフラグが立てられ、勧告MAL-2025-27、MAL-2025-28、MAL-2025-29が発行されました。」 +- 「この事件は、潜在的なセキュリティ脅威を避けるために、インストール前にNPMパッケージを精査することの重要性を強調しています。」 + +### [反応](https://news.ycombinator.com/item?id=42690473) + +- 「Snykのセキュリティ研究者がcursor.comを狙った悪意のあるNPM(Node Package Manager)パッケージを公開し、依存関係の混乱による脆弱性を浮き彫りにしました。この事件は、特に環境変数の公表に関するセキュリティ研究の倫理についての議論を引き起こしました。Cursor.comはこの行動を許可していないことを明らかにし、Snykはその後謝罪し、攻撃的なセキュリティ研究と倫理基準のバランスを取ることの難しさを強調しました。」 + +## [「私はFirefoxに切り替えて、振り返ることはありませんでした」](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- 「Firefoxは、優れたタブ管理、リンクを保存するための内蔵Pocket機能、プライバシーに配慮したメールリレーで称賛されており、Chromeの強力な代替手段となっています。- ユーザーフレンドリーなスクリーンショットツール、ChatGPTボタン、ピクチャーインピクチャー、カスタマイズ可能な検索オプション、スムーズなスクロールなどの追加機能がブラウジング体験を向上させます。- FirefoxはChromeのウェブアプリ機能を欠いているものの、その考え抜かれたデザインとリソースの少ない要求が、一部のユーザーにとって好ましい選択肢となっています。」 + +### [反応](https://news.ycombinator.com/item?id=42696081) + +- 「Firefoxのユーザーは、YouTubeのようなプラットフォームからの挑戦に直面しています。これらのプラットフォームは、非Googleブラウザや広告ブロッカーを使用するユーザーに対して意図的に体験を劣化させることがあります。この傾向は、広告なしで監視のないウェブ体験を選ぶユーザーを罰するものであり、ユーザーの自主性に関する懸念を引き起こしています。Firefoxは、コンテナタブのようなプライバシーと使いやすさを向上させる独自の機能を提供しており、大手企業が管理するブラウザからの独立を求めるユーザーにとって好まれる選択肢となっています。」 + +## [「SonosのCEOがアプリの更新問題を受けて辞任」](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [反応](https://news.ycombinator.com/item?id=42687932) + +- 「SonosのCEOは、ユーザーに高価なサウンドシステムの交換を要求する物議を醸したアプリのアップデートに続いて辞任しました。このアップデートはクラウドベースのシステムを導入し、信頼性のあるUniversal Plug and Play(UPnP)から移行したため、接続の問題や複雑さが増しました。この状況は、ビジネス戦略と顧客の信頼維持の間の対立を浮き彫りにしており、CEOは退職金を伴うアドバイザリー役に移行します。」 + +## [MrBeastの腹の中で](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [反応](https://news.ycombinator.com/item?id=42696691) + +- 「このエッセイは、YouTubeのアルゴリズムがコンテンツ制作にどのように影響を与えるかを、MrBeastを事例として検討し、意味のあるコンテンツよりもエンゲージメント重視の方向へのシフトを強調しています。 - メディアリテラシーへの広範な影響と、YouTubeやTikTokのようなプラットフォームの文化的影響について議論し、表面的で反応的なコンテンツへの傾向を示唆しています。 - アルゴリズムがコンテンツを形成する役割と、人気クリエイターが文化的規範に与える影響について、さまざまな視点が考慮されています。」 + +## [GitHubのGit操作が停止しています](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- 「GitHubは、2025年1月13日に内部ロードバランサーに影響を与える設定変更のため、23:35から00:24 UTCまでGit操作の障害に直面しました。この問題は設定変更を元に戻すことで解決され、GitHubは同様のインシデントを防ぐために監視と展開プロセスの改善に取り組んでいます。この障害はGitHubのActionsとPagesサービスにも影響を与え、プラットフォームサービスの相互接続性を浮き彫りにしました。」 + +### [反応](https://news.ycombinator.com/item?id=42691184) + +- 「GitHubはgit操作に影響を与える大規模な障害に直面し、開発者たちは最初、SSHキーやローカル設定に問題があると疑いました。このインシデントは、集中型サービスに依存することの課題を浮き彫りにし、セルフホスティングや分散型システムの利点についての議論を促しました。問題は解決されたものの、GitHubの信頼性や、重要な作業をサードパーティプラットフォームに依存することのリスクに対する懸念が浮き彫りになりました。」 + +## [「ZFS 2.3がZFS raidz拡張機能と共にリリースされました」](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- 「OpenZFS 2.3.0がリリースされ、RAIDZ拡張、迅速な重複排除、直接入出力、JSON出力、長いファイル名のサポートなどの重要な機能が導入されました。このリリースには、Linuxカーネル4.18 - 6.12およびFreeBSDバージョン13.3、14.0 - 14.2と互換性のある重要なバグ修正とパフォーマンスの向上が含まれています。このアップデートは134人の貢献者による共同作業の成果であり、包括的なドキュメントと変更ログがレビューのために利用可能です。」 + +### [反応](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3がリリースされ、RAIDZ拡張、迅速な重複排除、ダイレクトIO、JSON出力、長いファイル名のサポートなどの機能が導入されました。- 特にRAIDZ拡張は注目に値し、ユーザーが既存のRAIDZプールに新しいデバイスをダウンタイムなしで追加できるようにし、ストレージ容量を拡張します。- このリリースはZFSユーザーにとって重要な進歩と見なされており、BtrfsやWindows Storage Spacesなどの他のファイルシステムと比較されていますが、プールを縮小できないといったいくつかの制限もあります。 + +## [Webtop – フルデスクトップ環境を含むAlpine、Ubuntu、Fedora、およびArchコンテナ](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtopは、Alpine、Ubuntu、Fedora、Archに基づいたコンテナを提供し、ウェブブラウザを通じてアクセス可能なフルデスクトップ環境を備えており、x86-64とarm64の両方のアーキテクチャをサポートしています。 +- ユーザーは、特定のイメージタグを使用して、XFCE、KDE、MATE、i3、Openbox、IceWMなどのさまざまなデスクトップ環境を選択し、指定されたURLを介してWebtopにアクセスできます。 +- 「セキュリティ機能には、Dockerのseccompオプションと認証設定が含まれ、環境変数を通じてカスタマイズオプションが利用可能であり、オープンソースドライバーによるGPUアクセラレーションのサポートもあります。」 + +### [反応](https://news.ycombinator.com/item?id=42690983) + +- Webtopは、Alpine、Ubuntu、Fedora、Archのフルデスクトップ環境を備えたコンテナを提供しており、VPNの背後での迅速なセットアップに適しています。 +- 「ユーザーは、Webtopがその速度と使いやすさで特にGluetunコンテナと組み合わせて安全な接続を行う際に称賛していますが、デフォルトの認証がないため、セキュリティ対策なしでコンテナをインターネットに公開することに対しては注意を促しています。」 +- 「このプロジェクトはオープンソースで柔軟性があることが評価されており、ユーザーが設定を共有しています。また、KasmやSelkiesのような代替案も同様の目的で注目されています。」 + +## [「オンライン求人の5件に1件は偽物であるか、または決して埋まらないことが研究で判明」](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- 「最近の研究によると、オンライン求人の20%が偽物であるか、未充足のままであり、求職者の不満を増大させています。この「ゴーストジョブ」トレンドは、企業が成長のイメージを投影するための戦術である可能性があります。GreenhouseやLinkedInなどの求人プラットフォームは、ユーザーが本物の求人を見分けるのを助けるために求人確認サービスを導入しています。」 + +### [反応](https://news.ycombinator.com/item?id=42697783) + +- 「調査によると、オンライン求人の20%が偽造であるか、未充足のままであることが明らかになりました。これはしばしば、企業が米国の移民政策に従う必要があるためです。企業はまた、理想的な候補者を見つけるために求人を掲載し続けたり、要件を変更したり、内部で事前に選ばれた候補者を持っていることもあります。求職者にとっては、ゴースティングや自動拒否に頻繁に遭遇するため、規制の介入を求める声が上がっています。」 + +## [「歩行者の安全を犠牲にして、運転者の数秒を節約する交差点を作ること」](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [反応](https://news.ycombinator.com/item?id=42698557) + +- 「議論は、交差点が歩行者の安全を優先すべきか、運転者の効率を優先すべきかに焦点を当てており、一部の人々は4方向停止よりも信号制御の交差点や歩行者スクランブルを支持しています。」 +- 「交通法やインフラ設計に関する意見はさまざまで、信号無視の安全性や赤信号での右折に伴うリスクについての議論が行われています。」 +- 「一部の人々は、安全性と効率性を向上させるために、ラウンドアバウトやオランダの交通工学基準の採用などの代替解決策を提唱しています。」 + +## [「PostgreSQLは2024年のデータベース管理システム・オブ・ザ・イヤーです」](https://db-engines.com/en/blog_post/109) + +- 「PostgreSQLは、DB-Enginesによって2024年のDBMSオブザイヤーに選ばれ、423の他のデータベース管理システムを上回り、5回目の受賞を果たしました。」 +- 「PostgreSQLは、約35年にわたる歴史を持ち、2024年9月にリリースされたPostgreSQL 17の最近の強化に見られるように、革新を続けています。」 +- 「スノーフレークとマイクロソフトはそれぞれ2位と3位を獲得しました。スノーフレークはクラウドベースのデータウェアハウジングとマルチクラウドサポートで注目され、マイクロソフトはAzure SQL DatabaseとSQL Serverを通じて強力なマネージドリレーショナルデータベースを提供しています。」 + +### [反応](https://news.ycombinator.com/item?id=42696080) + +- 「PostgreSQLは、db-engines.comによって2024年のデータベース管理システム・オブ・ザ・イヤーに選ばれ、その業界での人気と認知度の高まりが強調されています。」 +- 「ユーザーは、移行の課題があるにもかかわらず、高いライセンスコストとリソースの制限のために、Microsoft SQL ServerからPostgreSQLへの切り替えを検討しています。」 +- 「PostgreSQLは、その堅牢な機能とコスト効率の良さから、将来のプロジェクトにおいて好まれる選択肢となっていますが、一部のユーザーはコスト削減のためにBabelfishのような代替案を模索しています。」 + +## [「GoogleのOAuthログインは、失敗したスタートアップのドメイン購入に対して保護しません」](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [反応](https://news.ycombinator.com/item?id=42699099) + +- 「この議論は、失敗したスタートアップのドメインが新しい所有者に取得された際に、GoogleのOAuthログインシステムにおける脆弱性を強調しており、これがサービスへの不正アクセスを可能にする可能性があることを示しています。」 +- 「この問題は、Googleが元のドメイン所有者と新しいドメイン所有者を区別できない可能性があるために発生し、ドメインベースの認証を使用するシステムに影響を与える可能性があります。」 +- 「提案された解決策は、時間が経っても変わらない一意の識別子を使用することですが、この解決策の実施はアイデンティティプロバイダーによって異なります。」 + +## [「コーディングスキルを活用して不労所得を得る」](https://www.coryzue.com/writing/solopreneur/) + +- 「著者はCTOの役職からソロプレナーに転身し、ソフトウェア製品のポートフォリオを通じてより多くの収入を得ることに成功しました。」 +- 「主な戦略には、深い作業に集中すること、小さなプロジェクトから始めること、迅速に反復すること、そしてマーケティング活動に時間を割くことが含まれます。」 +- この旅は不確実性によるレジリエンスを強調していますが、このキャリアパスの比類のない自律性と自由を強調し、コーディングスキルを持つ人々に受動的収入のためにそれを検討するよう促しています。 + +### [反応](https://news.ycombinator.com/item?id=42696822) + +- 「あるユーザーが、期限切れのドメイン名を使用したSEOスパムウェブサイトを通じて受動的収入を得ており、倫理的な懸念やGoogleの最終的な取り締まりにもかかわらず、年間約3万ドルを稼いでいると説明しました。」 +- 「その投稿はパッシブインカムについての議論を引き起こし、一部のユーザーはそれが本当に受動的な収入というよりも、ビジネスを運営することに近いと主張しました。」 +- 「参加者はサイドプロジェクトでの経験と課題を共有し、時間、レジリエンス、戦略的計画の重要性を強調しました。」 + +## [「スペイン、非EU居住者による住宅購入に対して100%の税を提案」](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- 「スペインは、住宅危機に対処し、投機的な購入を抑制することを目的として、非EU居住者による不動産購入に対して100%の税を検討しています。」 +- 「首相ペドロ・サンチェスの提案には、住宅価格と収入の格差に対処するために、社会住宅の拡大と観光賃貸の規制が含まれています。」 +- 「提案の法制化の将来は不確実であり、一部のアナリストはこれを確実な法改正というよりも、むしろ外国投資家への抑止力と見なしています。」 + +### [反応](https://news.ycombinator.com/item?id=42690781) + +- 「スペインは、住宅の手頃な価格の問題に対処するために、非EU居住者によって購入された住宅に対して100%の税を検討しています。批評家は、外国人購入者が高い住宅価格の主な原因ではないとし、遅い官僚主義やゾーニング法がより重要な要因であると指摘しています。この提案は、住宅市場における外国人所有の役割と、手頃な価格の問題を解決する効果についての議論を引き起こしています。」 + +## [「アップルはまもなく、TSMCのアリゾナ工場から『メイド・イン・アメリカ』のチップを受け取る予定です」](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- 「AppleはTSMCのアリゾナ施設からのプロセッサをテストしており、第一四半期までに量産を計画している。これにより、TSMCの米国で製造されたチップの最初の顧客になる可能性がある。この取り組みは、台湾に依存しがちなシリコンの独立性を強化し、地政学的および自然のリスクに対する脆弱性を減少させることを目的としている。TSMCのアリゾナ工場は、先進的な3nmおよび2nmチップを生産する予定であり、地元の採用と米国の大学との提携を強化する努力が続けられているが、パッケージングは当初、ピオリア施設が稼働するまで台湾で行われる予定である。」 + +### [反応](https://news.ycombinator.com/item?id=42699977) + +- 「アップルはTSMCのアリゾナ工場からチップを受け取りますが、米国の施設が不十分なため、パッケージングのために台湾に送り返す必要があります。- アリゾナ工場の労働力の50%以上が台湾から来ており、米国のSTEM(科学、技術、工学、数学)分野のギャップを示しています。- 米国の半導体製造を強化することを目的としたCHIPS法のイニシアチブは、パッケージングプロセスが台湾で行われるため、「メイド・イン・アメリカ」ラベルが疑問視され、2027年までに米国でのパッケージング能力を計画していることから、課題に直面しています。」 + +## [「混雑料金が導入された後、マンハッタンの道路から43,000人のドライバーが減少」](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- 「混雑料金制度が導入された後、60丁目より南のマンハッタンに入る運転手が7.5%減少し、平日ごとに43,000人の運転手が減少しました。」 +- 「交通量の減少により交通の流れが改善され、バスの速度が向上し、一部の急行バスでは乗客数が増加しています。」 +- メトロポリタン交通局(MTA)は、年間約5億ドルと見積もられる通行料収入を、政治的な反対があるにもかかわらず、交通改善のために使用しています。 + +### [反応](https://news.ycombinator.com/item?id=42692730) + +- 「マンハッタンでの混雑料金の導入により、43,000人の運転手が減少し、バスの速度が向上し、緊急対応時間が改善される可能性があります。」 +- 「この政策は交通渋滞を緩和し、空気の質を改善することを目的としていますが、低所得者層への影響について議論を引き起こしています。」 +- 「支持者は、利点としてより効率的な公共交通機関と清潔な空気を挙げており、これらの利点と運転者のニーズをどのようにバランスさせるかについての議論が続いています。」 + + + + + + diff --git a/i18n/ko/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/ko/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..e592af789 --- /dev/null +++ b/i18n/ko/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [시닉 보안 연구원이 cursor.com을 대상으로 하는 악성 NPM 패키지를 배포하다](https://sourcecodered.com/snyk-malicious-npm-package/) + +- 한 Snyk 보안 연구원이 AI 코딩 회사인 Cursor.com을 대상으로 시스템 데이터를 수집하고 이를 공격자가 제어하는 서비스로 전송하기 위해 악성 NPM 패키지를 배포했습니다. +- 이 패키지들은 "cursor-retrieval," "cursor-always-local," 및 "cursor-shadow-workspace"로 식별되었으며, OpenSSF 패키지 분석 스캐너에 의해 플래그가 지정되어 권고 사항 MAL-2025-27, MAL-2025-28, 및 MAL-2025-29가 발행되었습니다. +- 이 사건은 잠재적인 보안 위협을 피하기 위해 NPM 패키지를 설치하기 전에 면밀히 검토하는 것의 중요성을 강조합니다. + +### [반응](https://news.ycombinator.com/item?id=42690473) + +- 한 Snyk 보안 연구원이 cursor.com을 겨냥한 악성 NPM(Node Package Manager) 패키지를 공개하여 의존성 혼동 취약점을 강조했습니다. - 이 사건은 특히 환경 변수의 공개 노출과 관련하여 보안 연구의 윤리에 대한 논쟁을 촉발했습니다. - Cursor.com은 이 행동을 승인하지 않았다고 밝혔으며, Snyk는 이후 사과하면서 공격적 보안 연구와 윤리적 기준 간의 균형을 맞추는 데 있어 어려움을 강조했습니다. + +## [파이어폭스로 전환하고 다시는 돌아보지 않았다](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox는 우수한 탭 관리, 링크 저장을 위한 내장 Pocket 기능, 그리고 프라이버시 중심의 이메일 릴레이로 칭찬받으며 Chrome의 강력한 대안이 됩니다. - 사용자 친화적인 스크린샷 도구, ChatGPT 버튼, 화면 속 화면(Picture-in-Picture), 맞춤형 검색 옵션, 부드러운 스크롤링과 같은 추가 기능들이 브라우징 경험을 향상시킵니다. - Firefox는 Chrome의 웹 앱 기능이 부족하지만, 신중한 디자인과 감소된 자원 요구로 인해 일부 사용자들에게 선호되는 선택이 됩니다. + +### [반응](https://news.ycombinator.com/item?id=42696081) + +- Firefox 사용자는 YouTube와 같은 플랫폼에서 비 Google 브라우저나 광고 차단기를 사용하는 사용자에게 의도적으로 경험을 저하시킬 수 있는 도전에 직면해 있습니다. - 이러한 경향은 광고 없는 감시 없는 웹 경험을 선택하는 사용자를 처벌하기 때문에 사용자 자율성에 대한 우려를 제기합니다. - Firefox는 컨테이너 탭과 같은 독특한 기능을 제공하여 프라이버시와 사용성을 향상시켜 주요 기업이 통제하는 브라우저로부터 독립을 추구하는 사용자에게 선호되는 선택이 되고 있습니다. + +## [Sonos CEO, 앱 업데이트 문제로 사임](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [반응](https://news.ycombinator.com/item?id=42687932) + +- Sonos의 CEO가 논란이 된 앱 업데이트 이후 사임했습니다. 이 업데이트는 사용자들이 비싼 사운드 시스템을 교체하도록 요구하여 고객 불만을 초래했습니다. - 업데이트는 클라우드 기반 시스템을 도입하여 신뢰할 수 있는 Universal Plug and Play (UPnP)에서 벗어나게 했고, 이로 인해 연결 문제와 복잡성이 증가했습니다. - 이 상황은 비즈니스 전략과 고객 신뢰 유지 간의 갈등을 강조하며, CEO는 퇴직 패키지를 받으며 자문 역할로 전환합니다. + +## [MrBeast의 배 속에서](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [반응](https://news.ycombinator.com/item?id=42696691) + +- 이 에세이는 YouTube의 알고리즘이 콘텐츠 제작에 어떻게 영향을 미치는지를 MrBeast를 사례로 사용하여 검토하며, 의미 있는 콘텐츠보다는 참여 중심으로의 전환을 강조합니다. - 이는 미디어 리터러시와 YouTube 및 TikTok과 같은 플랫폼의 문화적 영향에 대한 더 넓은 함의를 논의하며, 피상적이고 반응적인 콘텐츠로의 경향을 제안합니다. - 알고리즘이 콘텐츠를 형성하는 역할과 인기 있는 창작자들이 문화적 규범에 미치는 영향에 대한 다양한 관점이 고려됩니다. + +## [GitHub Git 작업이 중단되었습니다](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub은 2025년 1월 13일에 내부 로드 밸런서에 영향을 미치는 구성 변경으로 인해 Git 작업 중단을 겪었으며, 이는 23:35부터 00:24 UTC까지 지속되었습니다. - 문제는 구성 변경을 되돌림으로써 해결되었으며, GitHub은 유사한 사건을 방지하기 위해 모니터링 및 배포 프로세스를 개선하고 있습니다. - 이번 중단은 GitHub의 Actions 및 Pages 서비스에도 영향을 미쳐, 플랫폼 서비스의 상호 연결된 특성을 부각시켰습니다. + +### [반응](https://news.ycombinator.com/item?id=42691184) + +- GitHub는 git 작업에 영향을 미치는 주요 장애를 겪었고, 이로 인해 개발자들은 처음에 자신의 SSH 키나 로컬 설정에 문제가 있다고 의심하게 되었습니다. - 이 사건은 중앙 집중식 서비스에 의존하는 것의 어려움을 강조하며, 자체 호스팅 및 분산 시스템의 장점에 대한 논의를 촉발했습니다. - 문제는 해결되었지만, GitHub의 신뢰성과 필수 작업을 위해 타사 플랫폼에 의존하는 것의 위험성에 대한 우려를 부각시켰습니다. + +## [ZFS 2.3이 ZFS raidz 확장 기능과 함께 출시되었습니다.](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0이 출시되어 RAIDZ 확장, 빠른 중복 제거, 직접 입출력, JSON 출력, 긴 파일 이름 지원과 같은 중요한 기능이 도입되었습니다. - 이번 릴리스에는 필수적인 버그 수정과 성능 향상이 포함되어 있으며, Linux 커널 4.18 - 6.12 및 FreeBSD 버전 13.3, 14.0 - 14.2와 호환됩니다. - 이 업데이트는 134명의 기여자가 협력한 결과로, 포괄적인 문서와 변경 로그가 검토를 위해 제공됩니다. + +### [반응](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3이 출시되어 RAIDZ 확장, 빠른 중복 제거, 직접 IO, JSON 출력, 긴 파일 이름 지원과 같은 기능이 도입되었습니다. - 특히 RAIDZ 확장은 사용자가 기존 RAIDZ 풀에 새로운 장치를 추가하여 다운타임 없이 저장 용량을 확장할 수 있게 해주는 점에서 주목할 만합니다. - 이번 출시는 ZFS 사용자에게 중요한 발전으로 간주되며, Btrfs 및 Windows Storage Spaces와 같은 다른 파일 시스템과 비교되고 있지만, 풀을 축소할 수 없는 등의 몇 가지 제한 사항이 있습니다. + +## [Webtop – 전체 데스크톱 환경을 포함한 Alpine, Ubuntu, Fedora 및 Arch 컨테이너](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop은 웹 브라우저를 통해 접근할 수 있는 전체 데스크톱 환경을 제공하는 컨테이너를 Alpine, Ubuntu, Fedora, Arch 기반으로 제공하며, x86-64 및 arm64 아키텍처를 모두 지원합니다. +- 사용자는 특정 이미지 태그를 사용하여 XFCE, KDE, MATE, i3, Openbox, IceWM과 같은 다양한 데스크톱 환경을 선택할 수 있으며, 지정된 URL을 통해 Webtop에 접속할 수 있습니다. +- 보안 기능에는 Docker의 seccomp 옵션과 인증 설정이 포함되며, 환경 변수를 통한 사용자 정의 옵션과 오픈 소스 드라이버를 통한 GPU 가속 지원이 포함됩니다. + +### [반응](https://news.ycombinator.com/item?id=42690983) + +- Webtop은 Alpine, Ubuntu, Fedora 및 Arch에 대한 전체 데스크톱 환경을 갖춘 컨테이너를 제공하여 VPN 뒤에서 빠르게 설정할 수 있습니다. +- 사용자들은 Webtop이 속도와 사용의 용이성 면에서 특히 Gluetun 컨테이너와 함께 사용할 때 칭찬하지만, 기본 인증이 없기 때문에 보안 조치 없이 컨테이너를 인터넷에 노출하는 것에 대해 주의를 당부합니다. +- 이 프로젝트는 오픈 소스와 유연성으로 평가받고 있으며, 사용자들이 구성 설정을 공유하고 Kasm과 Selkies와 같은 대안들이 유사한 목적으로 주목받고 있습니다. + +## [연구에 따르면 온라인 구인 공고 중 5개 중 1개는 가짜이거나 채워지지 않는 것으로 나타났습니다.](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- 최근 연구에 따르면 온라인 구인 공고의 20%가 가짜이거나 채워지지 않은 상태로 남아 있어 구직자들의 좌절감을 더하고 있습니다. - 이러한 '유령 일자리' 트렌드는 기업들이 성장 이미지를 투영하기 위한 전술일 수 있습니다. - Greenhouse와 LinkedIn과 같은 구인 플랫폼은 사용자들이 진정한 취업 기회를 식별할 수 있도록 돕기 위해 구인 검증 서비스를 도입했습니다. + +### [반응](https://news.ycombinator.com/item?id=42697783) + +- 한 연구에 따르면 온라인 구인 공고의 20%가 가짜이거나 채워지지 않은 상태로 남아 있으며, 이는 종종 기업이 미국 이민 정책을 준수해야 하기 때문입니다. - 기업은 이상적인 후보자를 찾거나, 요구 사항을 변경하거나, 내부 후보자를 미리 선정하기 위해 구인 공고를 계속 게시할 수도 있습니다. - 구직자들은 유령 구인이나 자동 거절을 자주 경험하여 규제 개입을 요구하는 목소리가 높아지고 있습니다. + +## [운전자의 몇 초를 절약하기 위해 보행자에게 교차로를 위험하게 만들기](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [반응](https://news.ycombinator.com/item?id=42698557) + +- 논쟁은 교차로가 보행자 안전을 우선시해야 하는지 아니면 운전자 효율성을 우선시해야 하는지를 중심으로 진행되며, 일부는 4방향 정지보다 신호등이 있는 교차로와 보행자 전용 신호를 선호합니다. +- 교통 법규와 인프라 설계에 대한 의견은 다양하며, 무단횡단의 안전성과 적신호에서의 우회전에 관련된 위험에 대한 논의가 이루어지고 있습니다. +- 일부는 안전과 효율성을 모두 향상시키기 위해 회전 교차로나 네덜란드 교통 공학 기준을 채택하는 것과 같은 대안적 해결책을 지지합니다. + +## [PostgreSQL은 2024년 올해의 데이터베이스 관리 시스템입니다.](https://db-engines.com/en/blog_post/109) + +- PostgreSQL는 DB-Engines에 의해 2024년 DBMS 올해의 상을 수상했으며, 423개의 다른 데이터베이스 관리 시스템을 제치고 다섯 번째로 이 인정을 받았습니다. +- PostgreSQL은 거의 35년에 걸친 역사를 가지고 있으며, 2024년 9월에 출시된 PostgreSQL 17의 최근 개선에서 볼 수 있듯이 계속해서 혁신을 이어가고 있습니다. +- 스노우플레이크와 마이크로소프트는 각각 2위와 3위를 차지했으며, 스노우플레이크는 클라우드 기반 데이터 웨어하우징과 멀티 클라우드 지원으로 주목받았고, 마이크로소프트는 Azure SQL Database와 SQL Server를 통해 강력한 관리형 관계형 데이터베이스를 제공한다. + +### [반응](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL은 db-engines.com에 의해 2024년 올해의 데이터베이스 관리 시스템으로 선정되었으며, 이는 업계에서의 인지도와 인기가 높아지고 있음을 강조합니다. +- 사용자들은 높은 라이선스 비용과 자원 제한 때문에 마이그레이션의 잠재적 어려움에도 불구하고 Microsoft SQL Server에서 PostgreSQL로 전환하는 것을 고려하고 있습니다. +- PostgreSQL는 강력한 기능과 비용 효율성으로 인해 미래 프로젝트에서 선호되는 선택이며, 일부 사용자는 비용 절감을 위해 Babelfish와 같은 대안을 탐색하기도 합니다. + +## [Google의 OAuth 로그인은 실패한 스타트업 도메인 구매를 방지하지 않습니다.](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [반응](https://news.ycombinator.com/item?id=42699099) + +- 이 논의는 실패한 스타트업의 도메인이 새로운 소유자에게 인수될 때 Google의 OAuth 로그인 시스템에서 발생할 수 있는 취약점을 강조하며, 이는 잠재적으로 서비스에 대한 무단 접근을 허용할 수 있습니다. +- 이 문제는 Google이 원래 도메인 소유자와 새로운 도메인 소유자를 구별하지 못할 수 있기 때문에 발생하며, 도메인 기반 인증을 사용하는 모든 시스템에 영향을 미칩니다. +- 제안된 해결책은 시간이 지나도 변하지 않는 고유 식별자를 사용하는 것이지만, 이 해결책의 구현은 신원 제공자마다 다릅니다. + +## [코딩 기술을 사용하여 수동 소득 창출하기](https://www.coryzue.com/writing/solopreneur/) + +- 저자는 CTO 역할에서 솔로프리뉴어로 전환하여 소프트웨어 제품 포트폴리오를 통해 더 많은 수익을 성공적으로 올렸습니다. +- 주요 전략에는 깊이 있는 작업에 집중하고, 작은 프로젝트로 시작하며, 빠르게 반복하고, 마케팅 노력에 시간을 할애하는 것이 포함됩니다. +- 이 여정은 불확실성으로 인한 회복력을 강조하지만, 이 경력 경로의 비할 데 없는 자율성과 자유를 강조하며 코딩 기술을 가진 사람들이 이를 수동적 수입을 위한 경로로 고려하도록 권장합니다. + +### [반응](https://news.ycombinator.com/item?id=42696822) + +- 한 사용자가 만료되는 도메인 이름을 사용하여 SEO 스팸 웹사이트를 통해 수동 소득을 창출하고, 윤리적 우려와 구글의 최종 단속에도 불구하고 연간 약 3만 달러를 벌어들였다고 설명했습니다. +- 그 게시물은 수동 소득에 대한 논쟁을 불러일으켰으며, 일부 사용자들은 그것이 진정한 수동 수익보다는 사업 운영에 더 가깝다고 주장했습니다. +- 참가자들은 사이드 프로젝트에서의 경험과 도전 과제를 공유하며, 시간, 회복력, 전략적 계획의 중요성을 강조했습니다. + +## [스페인, 비EU 거주자가 구매한 주택에 100% 세금 제안](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- 스페인은 주택 위기 해결과 투기적 구매 억제를 목표로 비EU 거주자의 부동산 구매에 대해 100% 세금을 고려하고 있습니다. +- 페드로 산체스 총리의 제안에는 주택 가격과 소득 간의 격차를 해소하기 위해 사회 주택을 확장하고 관광 임대를 규제하는 것이 포함되어 있습니다. +- 그 제안의 법률로서의 미래는 불확실하며, 일부 분석가들은 이를 확실한 입법 변화라기보다는 외국인 투자자에 대한 억제책으로 보고 있습니다. + +### [반응](https://news.ycombinator.com/item?id=42690781) + +- 스페인은 주택 가격 문제를 해결하기 위해 비EU 거주자가 구매한 주택에 대해 100% 세금을 부과하는 방안을 고려하고 있습니다. - 비평가들은 외국인 구매자가 높은 주택 가격의 주요 원인이 아니며, 느린 관료주의와 구역법이 더 중요한 요인이라고 지적합니다. - 이 제안은 주택 시장에서 외국인 소유의 역할과 주택 가격 문제 해결의 효과에 대한 논쟁을 불러일으켰습니다. + +## [애플은 곧 TSMC의 애리조나 공장에서 '미국산' 칩을 받을 예정입니다.](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- 애플은 TSMC의 애리조나 시설에서 프로세서를 테스트하고 있으며, 첫 분기까지 대량 생산을 계획하고 있어 TSMC의 미국 내 제조 칩의 첫 번째 고객이 될 가능성이 있습니다. - 이 이니셔티브는 미국의 실리콘 독립성을 강화하고, 지정학적 및 자연적 위험에 취약한 대만에 대한 의존도를 줄이는 것을 목표로 합니다. - TSMC의 애리조나 공장은 첨단 3nm 및 2nm 칩을 생산할 예정이며, 현지 채용 강화 및 미국 대학과의 파트너십을 추진하고 있지만, 포장 작업은 피오리아 시설이 가동될 때까지 초기에는 대만에서 이루어질 것입니다. + +### [반응](https://news.ycombinator.com/item?id=42699977) + +- 애플은 TSMC의 애리조나 공장에서 칩을 받을 예정이지만, 미국 내 시설이 부족하여 포장을 위해 대만으로 다시 보내야 합니다. - 애리조나 공장의 인력 중 50% 이상이 대만 출신으로, 미국의 STEM(과학, 기술, 공학, 수학) 분야의 격차를 나타냅니다. - 미국 반도체 제조를 강화하기 위한 CHIPS 법안 이니셔티브는 포장 과정이 대만에서 이루어짐에 따라 '미국산' 라벨이 의문시되면서 도전에 직면하고 있으며, 2027년까지 미국 내 포장 역량을 갖출 계획입니다. + +## [혼잡 통행료가 시행된 후 맨해튼 도로에서 운전자가 43,000명 감소](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- 혼잡 통행료가 시행된 후 60번가 이하 맨해튼에 진입하는 운전자가 7.5% 감소하여 매주 평일마다 43,000명의 운전자가 줄어들었습니다. +- 교통량 감소로 인해 교통 흐름이 개선되고 버스 속도가 증가했으며, 일부 급행 버스는 승객 수가 증가했습니다. +- 메트로폴리탄 교통국(MTA)은 연간 약 5억 달러로 추산되는 통행료 수익을 교통 개선에 사용하고 있으며, 일부 정치적 반대에도 불구하고 이를 추진하고 있습니다. + +### [반응](https://news.ycombinator.com/item?id=42692730) + +- 맨해튼에서 혼잡 통행료 제도를 시행한 결과, 운전자가 43,000명 줄어들었으며, 이는 버스 속도 증가와 잠재적으로 더 나은 응급 대응 시간을 초래했습니다. +- 이 정책은 교통 혼잡을 줄이고 공기 질을 개선하기 위해 설계되었지만, 저소득층에 미치는 영향에 대한 논쟁을 불러일으켰습니다. +- 지지자들은 혜택으로 더 효율적인 대중교통과 더 깨끗한 공기를 포함한다고 주장하며, 이러한 장점을 운전자의 필요와 균형을 맞추는 논의가 계속되고 있다. + + + + + + diff --git a/i18n/nb/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/nb/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..27c7443c1 --- /dev/null +++ b/i18n/nb/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [Een Snyk-beveiligingsonderzoeker implementeert kwaadaardige NPM-pakketten die gericht zijn op cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- Een Snyk-beveiligingsonderzoeker heeft kwaadaardige NPM-pakketten vrijgegeven die gericht zijn op Cursor.com, een AI-coderingsbedrijf, om systeemgegevens te verzamelen en deze naar een door een aanvaller gecontroleerde dienst te sturen. +- De pakketten, geïdentificeerd als "cursor-retrieval," "cursor-always-local," en "cursor-shadow-workspace," werden gemarkeerd door de OpenSSF-pakketanalysescanner, resulterend in adviezen MAL-2025-27, MAL-2025-28, en MAL-2025-29. +- Dit voorval benadrukt het belang van het onderzoeken van NPM-pakketten voordat ze worden geïnstalleerd om mogelijke beveiligingsbedreigingen te vermijden. + +### [Reaksjoner](https://news.ycombinator.com/item?id=42690473) + +- Een Snyk-beveiligingsonderzoeker heeft kwaadaardige NPM (Node Package Manager) pakketten vrijgegeven die gericht zijn op cursor.com, waarmee afhankelijkheidsverwarringskwetsbaarheden worden benadrukt. - Het incident heeft een debat aangewakkerd over de ethiek van beveiligingsonderzoek, met name met betrekking tot de publieke blootstelling van omgevingsvariabelen. - Cursor.com verduidelijkte dat zij de actie niet hebben geautoriseerd, en Snyk heeft sindsdien zijn excuses aangeboden, waarmee de uitdagingen worden onderstreept in het balanceren van offensief beveiligingsonderzoek met ethische normen. + +## [Ik ben overgestapt naar Firefox en heb nooit meer achterom gekeken](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox wordt geprezen voor zijn superieure tabbladbeheer, ingebouwde Pocket-functie voor het opslaan van links en een privacygerichte e-mailrelay, waardoor het een sterk alternatief voor Chrome is. - Extra functies zoals een gebruiksvriendelijke screenshot-tool, een ChatGPT-knop, Picture-in-Picture, aanpasbare zoekopties en soepel scrollen verbeteren de browse-ervaring. - Hoewel Firefox de webapp-functie van Chrome mist, maken het doordachte ontwerp en de verminderde hulpbroneisen het voor sommige gebruikers een voorkeurskeuze. + +### [Reaksjoner](https://news.ycombinator.com/item?id=42696081) + +- Firefox-brukere møter utfordringer fra plattformer som YouTube, som kan med vilje forringe opplevelsen for ikke-Google-nettlesere eller brukere som benytter adblockere. - Denne trenden vekker bekymringer om brukernes autonomi, da den straffer de som velger en annonsefri og overvåkingsfri nettopplevelse. - Firefox tilbyr unike funksjoner, som container-faner, som forbedrer personvern og brukervennlighet, noe som gjør det til et foretrukket valg for brukere som søker uavhengighet fra store, bedriftskontrollerte nettlesere. + +## [Sonos-CEO stapt op na debacle met app-update](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reaksjoner](https://news.ycombinator.com/item?id=42687932) + +- De CEO van Sonos heeft ontslag genomen na een controversiële app-update die gebruikers dwong om dure geluidssystemen te vervangen, wat leidde tot ontevredenheid bij klanten. - De update introduceerde een cloud-gebaseerd systeem, waarmee werd afgestapt van het betrouwbare Universal Plug and Play (UPnP), wat leidde tot verbindingsproblemen en verhoogde complexiteit. - Deze situatie benadrukt het conflict tussen bedrijfsstrategieën en het behouden van klantvertrouwen, terwijl de CEO overgaat naar een adviserende rol met een ontslagvergoeding. + +## [De buik van de MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reaksjoner](https://news.ycombinator.com/item?id=42696691) + +- Het essay onderzoekt hoe het algoritme van YouTube invloed heeft op het maken van content, met MrBeast als casestudy, en benadrukt een verschuiving naar engagement-gedreven in plaats van betekenisvolle content. - Het bespreekt de bredere implicaties voor mediageletterdheid en de culturele impact van platforms zoals YouTube en TikTok, en suggereert een trend naar oppervlakkige en reactionaire content. - Verschillende perspectieven worden overwogen over de rol van algoritmen in het vormgeven van content en de invloed van populaire makers op culturele normen. + +## [GitHub Git-bewerkingen zijn niet beschikbaar](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub kreeg te maken met een storing in Git-operaties op 13 januari 2025, als gevolg van een configuratiewijziging die de interne load balancer beïnvloedde, en duurde van 23:35 tot 00:24 UTC. - Het probleem werd opgelost door de configuratiewijziging terug te draaien, en GitHub werkt aan het verbeteren van monitoring- en implementatieprocessen om soortgelijke incidenten te voorkomen. - De storing beïnvloedde ook de Actions- en Pages-diensten van GitHub, wat de onderling verbonden aard van hun platformdiensten benadrukt. + +### [Reaksjoner](https://news.ycombinator.com/item?id=42691184) + +- GitHub sto overfor et stort driftsavbrudd som påvirket git-operasjoner, noe som førte til forvirring blant utviklere som først mistenkte problemer med sine SSH-nøkler eller lokale konfigurasjoner. - Hendelsen understreket utfordringene ved å stole på sentraliserte tjenester, og førte til diskusjoner om fordelene ved selvhosting og desentraliserte systemer. - Selv om problemet ble løst, fremhevet det bekymringer om GitHubs pålitelighet og risikoene ved å være avhengig av tredjepartsplattformer for essensielle oppgaver. + +## [ZFS 2.3 uitgebracht met ZFS raidz-uitbreiding](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 har blitt utgitt, og introduserer betydelige funksjoner som RAIDZ-utvidelse, rask deduplisering, direkte inn-/utdata, JSON-utdata og støtte for lange filnavn. - Utgivelsen inkluderer essensielle feilrettinger og ytelsesforbedringer, kompatibel med Linux-kjerner 4.18 - 6.12 og FreeBSD-versjoner 13.3, 14.0 - 14.2. - Oppdateringen er et samarbeid fra 134 bidragsytere, med omfattende dokumentasjon og en endringslogg tilgjengelig for gjennomgang. + +### [Reaksjoner](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 har blitt lansert, og introduserer funksjoner som RAIDZ-utvidelse, rask deduplisering, direkte IO, JSON-utdata og støtte for lange filnavn. - RAIDZ-utvidelse er spesielt bemerkelsesverdig da det lar brukere legge til nye enheter i en eksisterende RAIDZ-pool uten nedetid, noe som øker lagringskapasiteten. - Utgivelsen anses som et betydelig fremskritt for ZFS-brukere, og trekker sammenligninger med andre filsystemer som Btrfs og Windows Storage Spaces, til tross for noen begrensninger som manglende evne til å krympe pools. + +## [Webtop – Alpine, Ubuntu, Fedora og Arch containere som inneholder komplette skrivebordsmiljøer](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop biedt containers gebaseerd op Alpine, Ubuntu, Fedora en Arch met volledige desktopomgevingen die toegankelijk zijn via webbrowsers, en ondersteunt zowel x86-64 als arm64 architecturen. +- Gebruikers kunnen kiezen uit verschillende desktopomgevingen zoals XFCE, KDE, MATE, i3, Openbox en IceWM door specifieke afbeeldingslabels te gebruiken en toegang te krijgen tot de Webtop via aangewezen URL's. +- Beveiligingsfuncties omvatten Docker's seccomp-optie en authenticatie-instellingen, met aanpassingsmogelijkheden beschikbaar via omgevingsvariabelen, en ondersteuning voor GPU-versnelling met open-source stuurprogramma's. + +### [Reaksjoner](https://news.ycombinator.com/item?id=42690983) + +- Webtop biedt containers met volledige desktopomgevingen voor Alpine, Ubuntu, Fedora en Arch, geschikt voor snelle installaties achter een VPN. +- Gebruikers prijzen Webtop voor zijn snelheid en gebruiksgemak, vooral wanneer het wordt gebruikt met de Gluetun-container voor veilige verbindingen, maar waarschuwen tegen het blootstellen van containers aan het internet zonder beveiligingsmaatregelen vanwege het ontbreken van standaardauthenticatie. +- Het project wordt gewaardeerd omdat het open-source en flexibel is, waarbij gebruikers configuraties delen, en alternatieven zoals Kasm en Selkies worden opgemerkt voor soortgelijke doeleinden. + +## [1 op de 5 online vacatures is ofwel nep of wordt nooit ingevuld, blijkt uit onderzoek](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- Een recente studie wijst uit dat 20% van de online vacatures ofwel nep zijn of onvervuld blijven, wat bijdraagt aan de frustratie van werkzoekenden. - Deze trend van "spookbanen" kan een tactiek zijn voor bedrijven om een beeld van groei te projecteren. - Banenplatforms zoals Greenhouse en LinkedIn hebben diensten voor vacatureverificatie geïntroduceerd om gebruikers te helpen echte kansen te identificeren. + +### [Reaksjoner](https://news.ycombinator.com/item?id=42697783) + +- Een studie onthult dat 20% van de online vacatures ofwel nep zijn of onvervuld blijven, vaak omdat bedrijven moeten voldoen aan de Amerikaanse immigratiebeleid. - Bedrijven kunnen ook vacatures laten staan om ideale kandidaten te vinden, eisen te veranderen, of omdat ze al interne kandidaten hebben geselecteerd. - De arbeidsmarkt is moeilijk voor sollicitanten, die vaak te maken krijgen met ghosting en geautomatiseerde afwijzingen, wat oproept tot regelgevende interventie. + +## [Een kruispunt onveilig maken voor voetgangers om seconden te besparen voor automobilisten](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reaksjoner](https://news.ycombinator.com/item?id=42698557) + +- Het debat draait om de vraag of kruispunten de veiligheid van voetgangers of de efficiëntie van bestuurders moeten prioriteren, waarbij sommigen de voorkeur geven aan lichtgeregelde kruispunten en voetgangersscrambles boven 4-wegstops. +- De meningen over verkeerswetten en infrastructuurontwerp lopen uiteen, met discussies over de veiligheid van het oversteken buiten de oversteekplaats en de risico's die gepaard gaan met rechtsaf slaan bij rood licht. +- Enkele pleiten voor alternatieve oplossingen zoals rotondes of het aannemen van Nederlandse verkeerskundige normen om zowel de veiligheid als de efficiëntie te verbeteren. + +## [PostgreSQL is het Database Management Systeem van het Jaar 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL is bekroond met de titel DBMS van het Jaar 2024 door DB-Engines, en behaalt deze erkenning voor de vijfde keer, waarmee het 423 andere databasebeheersystemen overtreft. +- PostgreSQL, med en historie som strekker seg over nesten 35 år, fortsetter å innovere, noe som ses i de nylige forbedringene av PostgreSQL 17, utgitt i september 2024. +- Snowflake en Microsoft sikret seg henholdsvis andre- og tredjeplass, med Snowflake kjent for sin skybaserte datalagring og støtte for flere skyer, mens Microsoft tilbyr robuste administrerte relasjonsdatabaser gjennom Azure SQL Database og SQL Server. + +### [Reaksjoner](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL is bekroond met de titel Database Management System van het Jaar 2024 door db-engines.com, wat de groeiende populariteit en erkenning in de industrie benadrukt. +- Gebruikers overwegen over te stappen van Microsoft SQL Server naar PostgreSQL vanwege de hoge licentiekosten en beperkingen in middelen, ondanks mogelijke migratie-uitdagingen. +- PostgreSQL wordt geprefereerd vanwege zijn robuuste functies en kosteneffectiviteit, waardoor het een voorkeurskeuze is voor toekomstige projecten, hoewel sommige gebruikers alternatieven zoals Babelfish verkennen om kosten te verlagen. + +## [De OAuth-login van Google beschermt niet tegen het kopen van een mislukte startup-domein.](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reaksjoner](https://news.ycombinator.com/item?id=42699099) + +- De discussie benadrukt een kwetsbaarheid in het OAuth-inlogsysteem van Google wanneer het domein van een mislukte startup wordt overgenomen door een nieuwe eigenaar, wat mogelijk ongeautoriseerde toegang tot diensten kan toestaan. +- Dit probleem ontstaat omdat Google mogelijk geen onderscheid maakt tussen de oorspronkelijke en nieuwe domeineigenaren, wat van invloed is op elk systeem dat domeingebaseerde authenticatie gebruikt. +- Een voorgestelde oplossing is om unieke identificatoren te gebruiken die constant blijven in de tijd, hoewel de implementatie van deze oplossing varieert tussen identiteitsaanbieders. + +## [Codering gebruiken om passief inkomen te genereren](https://www.coryzue.com/writing/solopreneur/) + +- De auteur ging over van een CTO-rol naar een solopreneur en verdiende met succes meer door middel van een portfolio van softwareproducten. +- Belangrijke strategieën omvatten het richten op diep werk, beginnen met kleine projecten, snel itereren en tijd besteden aan marketinginspanningen. +- De reis benadrukt veerkracht vanwege onzekerheden, maar benadrukt de ongeëvenaarde autonomie en vrijheid van dit carrièrepad, en moedigt degenen met codeervaardigheden aan om het te overwegen voor passief inkomen. + +### [Reaksjoner](https://news.ycombinator.com/item?id=42696822) + +- Een gebruiker beschreef het genereren van passief inkomen via SEO-spamwebsites met behulp van verlopen domeinnamen, waarbij hij ongeveer $30.000 per jaar verdiende, ondanks ethische bezwaren en Google's uiteindelijke optreden. +- De post veroorzaakte een debat over passief inkomen, waarbij sommige gebruikers betoogden dat het meer lijkt op het runnen van een bedrijf dan op echt passieve inkomsten. +- Deelnemers deelden ervaringen en uitdagingen in nevenprojecten, waarbij ze het belang van tijd, veerkracht en strategische planning benadrukten. + +## [Spanje stelt een belasting van 100% voor op woningen die door niet-EU-ingezetenen worden gekocht](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Spanje overweegt een belasting van 100% op vastgoed aankopen door niet-EU ingezetenen, met als doel de woningcrisis aan te pakken en speculatieve aankopen te beperken. +- Het voorstel van premier Pedro Sánchez omvat de uitbreiding van sociale huisvesting en het reguleren van toeristische verhuur om de kloof tussen woningprijzen en inkomens aan te pakken. +- De fremtidige statusen til forslaget som lov er usikker, med noen analytikere som ser det som en avskrekkende faktor for utenlandske investorer snarere enn en garantert lovendring. + +### [Reaksjoner](https://news.ycombinator.com/item?id=42690781) + +- Spanje overweegt een belasting van 100% op woningen die door niet-EU-ingezetenen worden gekocht om problemen met betaalbaarheid van woningen aan te pakken. - Critici suggereren dat buitenlandse kopers niet de primaire oorzaak zijn van de hoge huizenprijzen, en wijzen op trage bureaucratie en bestemmingsplannen als belangrijkere factoren. - Het voorstel heeft een debat aangewakkerd over de rol van buitenlands eigendom in woningmarkten en de effectiviteit ervan bij het oplossen van betaalbaarheidsproblemen. + +## [Apple zal binnenkort 'made in America'-chips ontvangen van TSMC's fabriek in Arizona](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple tester prosessorer fra TSMCs anlegg i Arizona, med planer om masseproduksjon innen første kvartal, og kan potensielt bli TSMCs første amerikanske kunde for lokalt produserte brikker. - Dette initiativet har som mål å styrke USAs silisiumuavhengighet, og redusere avhengigheten av Taiwan, som er sårbar for geopolitiske og naturlige risikoer. - TSMCs fabrikk i Arizona skal produsere avanserte 3nm og 2nm brikker, med pågående innsats for å forbedre lokal rekruttering og partnerskap med amerikanske universiteter, selv om pakking i utgangspunktet vil skje i Taiwan inntil anlegget i Peoria er operativt. + +### [Reaksjoner](https://news.ycombinator.com/item?id=42699977) + +- Apple vil motta brikker fra TSMCs fabrikk i Arizona, men de må sendes tilbake til Taiwan for pakking på grunn av utilstrekkelige fasiliteter i USA. - Over 50 % av arbeidsstyrken ved fabrikken i Arizona er fra Taiwan, noe som indikerer et gap i USAs STEM-felt (vitenskap, teknologi, ingeniørfag og matematikk). - CHIPS Act-initiativet, som har som mål å styrke USAs halvlederproduksjon, står overfor utfordringer ettersom "Made in America"-merket blir stilt spørsmål ved på grunn av pakkeprosessen som skjer i Taiwan, med planer om amerikanske pakkemuligheter innen 2027. + +## [43.000 færre sjåfører på veiene i Manhattan etter at veiprisene ble aktivert](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Na de invoering van tolheffing voor congestie was er een vermindering van 7,5% in het aantal bestuurders dat Manhattan onder 60th Street binnenreed, wat neerkomt op 43.000 minder bestuurders per weekdag. +- De vermindering van het verkeer heeft de doorstroming verbeterd en de snelheid van bussen verhoogd, waarbij sommige snelbussen een hogere bezetting ervaren. +- De Metropolitan Transportation Authority (MTA) gebruikt de tolinkomsten, geschat op $500 miljoen per jaar, voor verbeteringen in het openbaar vervoer, ondanks enige politieke tegenstand. + +### [Reaksjoner](https://news.ycombinator.com/item?id=42692730) + +- De implementatie van congestieheffing in Manhattan heeft geresulteerd in 43.000 minder automobilisten, wat heeft geleid tot hogere bussnelheden en mogelijk betere responstijden voor nooddiensten. +- Het beleid is ontworpen om verkeersopstoppingen te verminderen en de luchtkwaliteit te verbeteren, hoewel het debat heeft aangewakkerd over de impact ervan op mensen met een lager inkomen. +- Voorstanders beweren dat de voordelen efficiënter openbaar vervoer en schonere lucht omvatten, terwijl de discussies doorgaan over het balanceren van deze voordelen met de behoeften van automobilisten. + + + + + + diff --git a/i18n/nl/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/nl/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..591d2ef59 --- /dev/null +++ b/i18n/nl/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [En Snyk-sikkerhetsforsker distribuerer ondsinnede NPM-pakker rettet mot cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- En Snyk-sikkerhetsforsker ga ut ondsinnede NPM-pakker rettet mot Cursor.com, et AI-kodingsselskap, for å samle systemdata og sende dem til en angriperstyrt tjeneste. +- Pakker, identifisert som "cursor-retrieval," "cursor-always-local," og "cursor-shadow-workspace," ble flagget av OpenSSF-pakkeanalyseskanneren, noe som resulterte i rådgivninger MAL-2025-27, MAL-2025-28, og MAL-2025-29. +- Denne hendelsen understreker viktigheten av å granske NPM-pakker før installasjon for å unngå potensielle sikkerhetstrusler. + +### [Reacties](https://news.ycombinator.com/item?id=42690473) + +- En Snyk-sikkerhetsforsker ga ut ondsinnede NPM (Node Package Manager) pakker rettet mot cursor.com, og fremhevet sårbarheter knyttet til avhengighetsforvirring. - Hendelsen har utløst en debatt om etikken i sikkerhetsforskning, spesielt med hensyn til offentlig eksponering av miljøvariabler. - Cursor.com presiserte at de ikke autoriserte handlingen, og Snyk har siden beklaget, noe som understreker utfordringene med å balansere offensiv sikkerhetsforskning med etiske standarder. + +## [Jeg byttet til Firefox og har aldri sett meg tilbake](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox blir rost for sin overlegne fanebehandling, innebygde Pocket-funksjon for å lagre lenker, og en personvernfokusert e-postvideresending, noe som gjør det til et sterkt alternativ til Chrome. - Ytterligere funksjoner som et brukervennlig skjermbildeverktøy, en ChatGPT-knapp, bilde-i-bilde, tilpassbare søkealternativer og jevn rulling forbedrer nettleseropplevelsen. - Selv om Firefox mangler Chromes webapp-funksjon, gjør dens gjennomtenkte design og reduserte ressurskrav det til et foretrukket valg for noen brukere. + +### [Reacties](https://news.ycombinator.com/item?id=42696081) + +- Firefox-brukere møter utfordringer fra plattformer som YouTube, som kan med vilje forringe opplevelsen for ikke-Google-nettlesere eller brukere som benytter annonseblokkere. - Denne trenden vekker bekymring for brukernes autonomi, da den straffer de som velger en annonsefri og overvåkingsfri nettopplevelse. - Firefox tilbyr unike funksjoner, som containerfaner, som forbedrer personvern og brukervennlighet, noe som gjør det til et foretrukket valg for brukere som søker uavhengighet fra store selskapskontrollerte nettlesere. + +## [Sonos-sjef går av etter appoppdateringsfiasko](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reacties](https://news.ycombinator.com/item?id=42687932) + +- Sonos-sjefen har trukket seg etter en kontroversiell appoppdatering som krevde at brukerne måtte erstatte kostbare lydsystemer, noe som førte til misnøye blant kundene. - Oppdateringen introduserte et skybasert system, som gikk bort fra det pålitelige Universal Plug and Play (UPnP), noe som førte til tilkoblingsproblemer og økt kompleksitet. - Denne situasjonen understreker konflikten mellom forretningsstrategier og opprettholdelse av kundetillit, ettersom administrerende direktør går over i en rådgivende rolle med en sluttpakke. + +## [i magen til MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reacties](https://news.ycombinator.com/item?id=42696691) + +- Essayet undersøker hvordan YouTubes algoritme påvirker innholdsskaping, ved å bruke MrBeast som en case-studie, og fremhever et skifte mot engasjementsdrevet snarere enn meningsfullt innhold. - Det diskuterer de bredere implikasjonene for mediekunnskap og den kulturelle påvirkningen av plattformer som YouTube og TikTok, og antyder en trend mot overfladisk og reaksjonært innhold. - Ulike perspektiver vurderes på algoritmenes rolle i å forme innhold og innflytelsen av populære skapere på kulturelle normer. + +## [GitHub Git-operasjoner er nede](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub opplevde et driftsavbrudd for Git-operasjoner den 13. januar 2025, på grunn av en konfigurasjonsendring som påvirket den interne lastbalansereren, og varte fra 23:35 til 00:24 UTC. - Problemet ble løst ved å tilbakestille konfigurasjonsendringen, og GitHub jobber med å forbedre overvåkings- og distribusjonsprosessene for å forhindre lignende hendelser. - Avbruddet påvirket også GitHubs Actions- og Pages-tjenester, noe som fremhever den sammenkoblede naturen til deres plattformtjenester. + +### [Reacties](https://news.ycombinator.com/item?id=42691184) + +- GitHub opplevde et stort driftsavbrudd som påvirket git-operasjoner, noe som førte til forvirring blant utviklere som først mistenkte problemer med sine SSH-nøkler eller lokale konfigurasjoner. - Hendelsen understreket utfordringene ved å stole på sentraliserte tjenester, og førte til diskusjoner om fordelene med selvhosting og desentraliserte systemer. - Selv om problemet ble løst, fremhevet det bekymringer om GitHubs pålitelighet og risikoene ved å være avhengig av tredjepartsplattformer for viktige oppgaver. + +## [ZFS 2.3 utgitt med ZFS raidz-utvidelse](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 is uitgebracht en introduceert belangrijke functies zoals RAIDZ-uitbreiding, snelle deduplicatie, directe invoer/uitvoer, JSON-uitvoer en ondersteuning voor lange bestandsnamen. - De release bevat essentiële bugfixes en prestatieverbeteringen, compatibel met Linux-kernels 4.18 - 6.12 en FreeBSD-versies 13.3, 14.0 - 14.2. - De update is een gezamenlijke inspanning van 134 bijdragers, met uitgebreide documentatie en een wijzigingslogboek beschikbaar voor inzage. + +### [Reacties](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 is uitgebracht en introduceert functies zoals RAIDZ-uitbreiding, snelle deduplicatie, directe IO, JSON-uitvoer en ondersteuning voor lange bestandsnamen. - RAIDZ-uitbreiding is bijzonder opmerkelijk omdat het gebruikers in staat stelt om nieuwe apparaten toe te voegen aan een bestaande RAIDZ-pool zonder downtime, waardoor de opslagcapaciteit wordt vergroot. - De release wordt beschouwd als een belangrijke vooruitgang voor ZFS-gebruikers, met vergelijkingen met andere bestandssystemen zoals Btrfs en Windows Storage Spaces, ondanks enkele beperkingen zoals het onvermogen om pools te verkleinen. + +## [Webtop – Alpine, Ubuntu, Fedora og Arch containere som inneholder komplette skrivebordsmiljøer](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop tilbyr containere basert på Alpine, Ubuntu, Fedora og Arch med komplette skrivebordsmiljøer som er tilgjengelige gjennom nettlesere, og støtter både x86-64 og arm64 arkitekturer. +- Brukere kan velge mellom ulike skrivebordsmiljøer som XFCE, KDE, MATE, i3, Openbox og IceWM ved å bruke spesifikke bildetagger, og få tilgang til Webtop via angitte URL-er. +- SIkkershetsfunksjoner inkluderer Dockers seccomp-alternativ og autentiseringsoppsett, med tilpasningsmuligheter tilgjengelig gjennom miljøvariabler, og støtte for GPU-akselerasjon med åpen kildekode-drivere. + +### [Reacties](https://news.ycombinator.com/item?id=42690983) + +- Webtop tilbyr containere med komplette skrivebordsmiljøer for Alpine, Ubuntu, Fedora og Arch, egnet for raske oppsett bak en VPN. +- Brukere roser Webtop for hastigheten og brukervennligheten, spesielt når det brukes med Gluetun-containeren for sikre tilkoblinger, men advarer mot å eksponere containere for internett uten sikkerhetstiltak på grunn av manglende standardautentisering. +- Prosjektet er verdsatt for å være åpen kildekode og fleksibelt, med brukere som deler konfigurasjoner, og alternativer som Kasm og Selkies er kjent for lignende formål. + +## [1 av 5 nettbaserte stillingsannonser er enten falske eller aldri fylt, ifølge en studie](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- En nylig studie indikerer at 20 % av nettbaserte stillingsannonser enten er falske eller forblir ubesatte, noe som øker frustrasjonen blant jobbsøkere. - Denne "spøkelsesjobb"-trenden kan være en taktikk for selskaper for å projisere et bilde av vekst. - Jobbplattformer som Greenhouse og LinkedIn har introdusert jobbverifiseringstjenester for å hjelpe brukere med å identifisere ekte jobbmuligheter. + +### [Reacties](https://news.ycombinator.com/item?id=42697783) + +- En studie avslører at 20 % av nettbaserte stillingsannonser enten er falske eller forblir ubesatte, ofte fordi selskaper må overholde amerikanske immigrasjonsregler. - Selskaper kan også la stillingsannonser stå for å finne ideelle kandidater, endre krav eller ha forhåndsvalgte interne kandidater. - Arbeidsmarkedet er vanskelig for søkere, som ofte opplever ghosting og automatiserte avslag, noe som fører til krav om regulerende inngrep. + +## [Å gjøre et veikryss utrygt for fotgjengere for å spare sekunder for bilister](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reacties](https://news.ycombinator.com/item?id=42698557) + +- Debatten dreier seg om hvorvidt kryss skal prioritere fotgjengersikkerhet eller sjåføreffektivitet, med noen som foretrekker lysregulerte kryss og fotgjengerfelt fremfor 4-veis stopp. +- Meningen varierer om trafikklover og infrastrukturdesign, med diskusjoner om sikkerheten ved å krysse gaten utenfor gangfelt og risikoene forbundet med å svinge til høyre på rødt lys. +- Enkelte taler for alternative løsninger som rundkjøringer eller å ta i bruk nederlandske trafikkingeniørstandarder for å forbedre både sikkerhet og effektivitet. + +## [PostgreSQL er Database Management System of the Year 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL har blitt tildelt prisen DBMS of the Year 2024 av DB-Engines, og oppnår denne anerkjennelsen for femte gang, og overgår 423 andre databasehåndteringssystemer. +- PostgreSQL, med en historie som strekker seg over nesten 35 år, fortsetter å innovere, som sett i de nylige forbedringene av PostgreSQL 17, utgitt i september 2024. +- Snowflake og Microsoft sikret seg henholdsvis andre og tredje plass, med Snowflake kjent for sin skybaserte datalagring og støtte for flere skyer, mens Microsoft tilbyr robuste administrerte relasjonsdatabaser gjennom Azure SQL Database og SQL Server. + +### [Reacties](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL har blitt tildelt prisen for Database Management System of the Year 2024 av db-engines.com, noe som fremhever dens økende popularitet og anerkjennelse i bransjen. +- Brukere vurderer å bytte fra Microsoft SQL Server til PostgreSQL på grunn av høye lisenskostnader og ressursbegrensninger, til tross for potensielle migrasjonsutfordringer. +- PostgreSQL er foretrukket for sine robuste funksjoner og kostnadseffektivitet, noe som gjør det til et foretrukket valg for fremtidige prosjekter, selv om noen brukere utforsker alternativer som Babelfish for å redusere kostnader. + +## [Googles OAuth-pålogging beskytter ikke mot kjøp av et mislykket oppstartsdomenenavn](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reacties](https://news.ycombinator.com/item?id=42699099) + +- Diskusjonen fremhever en sårbarhet i Googles OAuth-påloggingssystem når et mislykket oppstartsdomene blir kjøpt opp av en ny eier, noe som potensielt kan tillate uautorisert tilgang til tjenester. +- Dette problemet oppstår fordi Google kanskje ikke skiller mellom de opprinnelige og nye domeneeierne, noe som påvirker ethvert system som bruker domenebasert autentisering. +- En foreslått løsning er å bruke unike identifikatorer som forblir konstante over tid, selv om implementeringen av denne løsningen varierer blant identitetsleverandører. + +## [Bruke kodingsevner for å tjene passiv inntekt](https://www.coryzue.com/writing/solopreneur/) + +- Forfatteren gikk fra en CTO-rolle til å bli en soloprenør, og tjente suksessfullt mer gjennom en portefølje av programvareprodukter. +- Viktige strategier inkluderer å fokusere på dypt arbeid, starte med små prosjekter, iterere raskt og dedikere tid til markedsføringsinnsats. +- Reisen understreker motstandskraft på grunn av usikkerheter, men fremhever den uovertrufne autonomien og friheten i denne karriereveien, og oppmuntrer de med kodingferdigheter til å vurdere den for passiv inntekt. + +### [Reacties](https://news.ycombinator.com/item?id=42696822) + +- En bruker beskrev hvordan de genererte passiv inntekt gjennom SEO-spam-nettsteder ved å bruke utløpende domenenavn, og tjente omtrent $30 000 årlig, til tross for etiske bekymringer og Googles eventuelle nedslag. +- Innlegget utløste en debatt om passiv inntekt, der noen brukere hevdet at det ligner mer på å drive en virksomhet enn virkelig passive inntekter. +- Deltakerne delte erfaringer og utfordringer i sideprosjekter, og fremhevet viktigheten av tid, motstandskraft og strategisk planlegging. + +## [Spania foreslår 100 % skatt på boliger kjøpt av ikke-EU-bosatte](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Spania vurderer en 100 % skatt på eiendomskjøp av ikke-EU-bosatte, med mål om å løse boligkrisen og dempe spekulative kjøp. +- Statsminister Pedro Sánchez sitt forslag inkluderer å utvide sosial boligbygging og regulere turistutleie for å takle forskjellen mellom boligpriser og inntekter. +- Forslagets fremtid som lov er usikker, med noen analytikere som ser det som en avskrekkende faktor for utenlandske investorer snarere enn en garantert lovendring. + +### [Reacties](https://news.ycombinator.com/item?id=42690781) + +- Spania vurderer en 100 % skatt på boliger kjøpt av ikke-EU-borgere for å takle problemer med boligoverkommelighet. - Kritikere antyder at utenlandske kjøpere ikke er den primære årsaken til høye boligpriser, og peker på treg byråkrati og reguleringslover som mer betydelige faktorer. - Forslaget har utløst en debatt om rollen til utenlandsk eierskap i boligmarkedene og dets effektivitet i å løse overkommelighetsproblemer. + +## [Apple vil snart motta 'laget i Amerika'-brikker fra TSMCs fabrikk i Arizona](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple tester prosessorer fra TSMCs anlegg i Arizona, med planer om masseproduksjon innen første kvartal, og kan potensielt bli TSMCs første amerikanske kunde for lokalt produserte brikker. - Dette initiativet har som mål å styrke USAs silisiumuavhengighet, og redusere avhengigheten av Taiwan, som er sårbar for geopolitiske og naturlige risikoer. - TSMCs fabrikk i Arizona skal produsere avanserte 3nm og 2nm brikker, med pågående innsats for å forbedre lokal rekruttering og partnerskap med amerikanske universiteter, selv om pakking i utgangspunktet vil skje i Taiwan inntil anlegget i Peoria er operativt. + +### [Reacties](https://news.ycombinator.com/item?id=42699977) + +- Apple vil motta brikker fra TSMCs anlegg i Arizona, men de må sendes tilbake til Taiwan for pakking på grunn av utilstrekkelige fasiliteter i USA. - Over 50 % av arbeidsstyrken ved anlegget i Arizona er fra Taiwan, noe som indikerer et gap i USAs STEM-felt (vitenskap, teknologi, ingeniørfag og matematikk). - CHIPS Act-initiativet, som har som mål å styrke USAs halvlederproduksjon, står overfor utfordringer ettersom "Made in America"-merket blir stilt spørsmål ved på grunn av pakkeprosessen som skjer i Taiwan, med planer om amerikanske pakkemuligheter innen 2027. + +## [43 000 færre sjåfører på veiene i Manhattan etter at veiprisene ble aktivert](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Etter at veiprising ble implementert, var det en reduksjon på 7,5 % i antall sjåfører som kjørte inn i Manhattan sør for 60th Street, noe som tilsvarer 43 000 færre sjåfører hver ukedag. +- Reduksjonen i trafikken har forbedret trafikkflyten og økt bussfartene, med noen ekspressbusser som opplever høyere passasjertall. +- Metropolitan Transportation Authority (MTA) bruker inntektene fra bompenger, anslått til 500 millioner dollar årlig, til forbedringer av kollektivtransport, til tross for en viss politisk motstand. + +### [Reacties](https://news.ycombinator.com/item?id=42692730) + +- Implementeringen av køprising i Manhattan har resultert i 43 000 færre sjåfører, noe som har ført til økte busshastigheter og potensielt bedre responstider for nødetatene. +- Politikken er utformet for å redusere trafikkbelastning og forbedre luftkvaliteten, selv om den har utløst debatt om dens innvirkning på personer med lavere inntekt. +- Forkjempere hevder at fordelene inkluderer mer effektiv kollektivtransport og renere luft, mens diskusjonene fortsetter om å balansere disse fordelene med behovene til sjåfører. + + + + + + diff --git a/i18n/pl/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/pl/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..250d1d474 --- /dev/null +++ b/i18n/pl/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [„Badacz ds. bezpieczeństwa z firmy Snyk wdraża złośliwe pakiety NPM, które są wymierzone w cursor.com”](https://sourcecodered.com/snyk-malicious-npm-package/) + +- „Badacz ds. bezpieczeństwa z firmy Snyk opublikował złośliwe pakiety NPM, które były wymierzone w Cursor.com, firmę zajmującą się kodowaniem AI, w celu zbierania danych systemowych i wysyłania ich do usługi kontrolowanej przez atakującego.” +- „Pakiety, zidentyfikowane jako „cursor-retrieval”, „cursor-always-local” i „cursor-shadow-workspace”, zostały oznaczone przez skaner analizy pakietów OpenSSF, co skutkowało wydaniem ostrzeżeń MAL-2025-27, MAL-2025-28 i MAL-2025-29.” +- „Ten incydent podkreśla znaczenie dokładnego sprawdzania pakietów NPM przed instalacją, aby uniknąć potencjalnych zagrożeń bezpieczeństwa.” + +### [Reakcje](https://news.ycombinator.com/item?id=42690473) + +- „Badacz bezpieczeństwa z firmy Snyk opublikował złośliwe pakiety NPM (Node Package Manager) skierowane na cursor.com, podkreślając podatności związane z zamieszaniem w zależnościach. - Incydent wywołał debatę na temat etyki badań bezpieczeństwa, szczególnie w kontekście publicznego ujawniania zmiennych środowiskowych. - Cursor.com wyjaśniło, że nie autoryzowali tego działania, a Snyk przeprosił, podkreślając wyzwania związane z równoważeniem ofensywnych badań bezpieczeństwa z normami etycznymi.” + +## [„Przeszedłem na Firefox i nigdy nie oglądałem się za siebie”](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- „Firefox jest chwalony za doskonałe zarządzanie kartami, wbudowaną funkcję Pocket do zapisywania linków oraz skoncentrowany na prywatności przekaźnik e-mail, co czyni go silną alternatywą dla Chrome. - Dodatkowe funkcje, takie jak przyjazne dla użytkownika narzędzie do zrzutów ekranu, przycisk ChatGPT, tryb Picture-in-Picture, konfigurowalne opcje wyszukiwania i płynne przewijanie, poprawiają wrażenia z przeglądania. - Chociaż Firefox nie ma funkcji aplikacji internetowych Chrome, jego przemyślany design i zmniejszone zapotrzebowanie na zasoby sprawiają, że jest preferowanym wyborem dla niektórych użytkowników.” + +### [Reakcje](https://news.ycombinator.com/item?id=42696081) + +- „Użytkownicy Firefoksa napotykają trudności ze strony platform takich jak YouTube, które mogą celowo pogarszać doświadczenie dla przeglądarek innych niż Google lub użytkowników korzystających z blokad reklam. - Ten trend budzi obawy dotyczące autonomii użytkowników, ponieważ karze tych, którzy wybierają internet bez reklam i nadzoru. - Firefox oferuje unikalne funkcje, takie jak karty kontenerowe, które zwiększają prywatność i użyteczność, czyniąc go ulubionym wyborem dla użytkowników poszukujących niezależności od przeglądarek kontrolowanych przez duże korporacje.” + +## [„Dyrektor generalny Sonos rezygnuje po fiasku aktualizacji aplikacji”](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reakcje](https://news.ycombinator.com/item?id=42687932) + +- „CEO firmy Sonos zrezygnował po kontrowersyjnej aktualizacji aplikacji, która wymagała od użytkowników wymiany kosztownych systemów dźwiękowych, co spowodowało niezadowolenie klientów. - Aktualizacja wprowadziła system oparty na chmurze, odchodząc od niezawodnego Universal Plug and Play (UPnP), co doprowadziło do problemów z łącznością i zwiększonej złożoności. - Ta sytuacja podkreśla konflikt między strategiami biznesowymi a utrzymaniem zaufania klientów, gdy CEO przechodzi do roli doradczej z pakietem odprawowym.” + +## [„W brzuchu MrBeast”](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reakcje](https://news.ycombinator.com/item?id=42696691) + +- „Esej bada, w jaki sposób algorytm YouTube wpływa na tworzenie treści, używając MrBeast jako studium przypadku, podkreślając przesunięcie w kierunku treści napędzanych zaangażowaniem, a nie znaczących. - Omawia szersze implikacje dla edukacji medialnej i wpływ kulturowy platform takich jak YouTube i TikTok, sugerując trend w kierunku powierzchownych i reakcyjnych treści. - Rozważane są różne perspektywy na temat roli algorytmów w kształtowaniu treści oraz wpływu popularnych twórców na normy kulturowe.” + +## [„Operacje Git na GitHubie są niedostępne”](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- „GitHub doświadczył awarii operacji Git 13 stycznia 2025 roku z powodu zmiany konfiguracji wpływającej na wewnętrzny load balancer, trwającej od 23:35 do 00:24 UTC. - Problem został rozwiązany poprzez cofnięcie zmiany konfiguracji, a GitHub pracuje nad poprawą procesów monitorowania i wdrażania, aby zapobiec podobnym incydentom. - Awaria wpłynęła również na usługi GitHub Actions i Pages, co podkreśla wzajemne powiązania ich usług platformowych.” + +### [Reakcje](https://news.ycombinator.com/item?id=42691184) + +- „GitHub doświadczył poważnej awarii wpływającej na operacje git, co spowodowało zamieszanie wśród deweloperów, którzy początkowo podejrzewali problemy z kluczami SSH lub lokalnymi konfiguracjami. - Incydent ten podkreślił wyzwania związane z poleganiem na scentralizowanych usługach, wywołując dyskusje na temat zalet hostingu własnego i systemów zdecentralizowanych. - Chociaż problem został rozwiązany, uwydatnił obawy dotyczące niezawodności GitHub i ryzyka związanego z poleganiem na platformach zewnętrznych do wykonywania kluczowych zadań.” + +## [„ZFS 2.3 wydany z rozszerzeniem ZFS raidz”](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- „OpenZFS 2.3.0 został wydany, wprowadzając znaczące funkcje, takie jak rozszerzenie RAIDZ, szybka deduplikacja, bezpośrednie wejście/wyjście, wyjście w formacie JSON oraz obsługa długich nazw plików. - Wydanie zawiera istotne poprawki błędów i ulepszenia wydajności, kompatybilne z jądrami Linuxa 4.18 - 6.12 oraz wersjami FreeBSD 13.3, 14.0 - 14.2. - Aktualizacja jest wynikiem współpracy 134 współtwórców, z dostępną obszerną dokumentacją i dziennikiem zmian do wglądu.” + +### [Reakcje](https://news.ycombinator.com/item?id=42694596) + +- „ZFS 2.3 został wydany, wprowadzając funkcje takie jak rozszerzenie RAIDZ, szybka deduplikacja, bezpośrednie IO, wyjście JSON i obsługa długich nazw plików. - Rozszerzenie RAIDZ jest szczególnie godne uwagi, ponieważ pozwala użytkownikom na dodawanie nowych urządzeń do istniejącej puli RAIDZ bez przestojów, zwiększając pojemność magazynową. - Wydanie to jest uważane za znaczący postęp dla użytkowników ZFS, porównywane z innymi systemami plików, takimi jak Btrfs i Windows Storage Spaces, pomimo pewnych ograniczeń, takich jak niemożność zmniejszenia puli.” + +## [„Webtop – kontenery Alpine, Ubuntu, Fedora i Arch zawierające pełne środowiska desktopowe”](https://docs.linuxserver.io/images/docker-webtop/) + +- „Linuxserver/webtop dostarcza kontenery oparte na Alpine, Ubuntu, Fedora i Arch z pełnymi środowiskami graficznymi dostępnymi przez przeglądarki internetowe, obsługującymi zarówno architektury x86-64, jak i arm64.” +- „Użytkownicy mogą wybierać spośród różnych środowisk pulpitu, takich jak XFCE, KDE, MATE, i3, Openbox i IceWM, używając określonych tagów obrazów, oraz uzyskiwać dostęp do Webtop za pośrednictwem wyznaczonych adresów URL.” +- „Funkcje zabezpieczeń obejmują opcję seccomp Dockera i konfigurację uwierzytelniania, z możliwością dostosowania poprzez zmienne środowiskowe oraz wsparcie dla akceleracji GPU z użyciem sterowników open-source.” + +### [Reakcje](https://news.ycombinator.com/item?id=42690983) + +- „Webtop dostarcza kontenery z pełnymi środowiskami desktopowymi dla Alpine, Ubuntu, Fedora i Arch, odpowiednie do szybkich konfiguracji za VPN.” +- „Użytkownicy chwalą Webtop za jego szybkość i łatwość obsługi, szczególnie w połączeniu z kontenerem Gluetun dla bezpiecznych połączeń, ale ostrzegają przed wystawianiem kontenerów na internet bez środków bezpieczeństwa z powodu braku domyślnego uwierzytelniania.” +- „Projekt jest ceniony za to, że jest open-source i elastyczny, a użytkownicy dzielą się konfiguracjami, a alternatywy takie jak Kasm i Selkies są zauważane w podobnych celach.” + +## [„1 na 5 ofert pracy online jest albo fałszywa, albo nigdy nie zostaje obsadzona, jak wynika z badania”](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- „Niedawne badanie wskazuje, że 20% ofert pracy online jest albo fałszywych, albo pozostaje nieobsadzonych, co zwiększa frustrację osób poszukujących pracy. - Ten trend „widmowych ofert pracy” może być taktyką firm mającą na celu kreowanie wizerunku wzrostu. - Platformy pracy, takie jak Greenhouse i LinkedIn, wprowadziły usługi weryfikacji ofert pracy, aby pomóc użytkownikom w identyfikacji prawdziwych możliwości zatrudnienia.” + +### [Reakcje](https://news.ycombinator.com/item?id=42697783) + +- „Badanie ujawnia, że 20% ofert pracy online jest albo fałszywych, albo pozostaje nieobsadzonych, często z powodu konieczności spełnienia przez firmy amerykańskich przepisów imigracyjnych. - Firmy mogą również pozostawiać oferty pracy, aby znaleźć idealnych kandydatów, zmieniać wymagania lub mieć wcześniej wybranych wewnętrznych kandydatów. - Rynek pracy jest trudny dla aplikantów, którzy często napotykają na brak odpowiedzi i automatyczne odrzucenia, co skłania do wezwania do interwencji regulacyjnej.” + +## [„Uczynienie skrzyżowania niebezpiecznym dla pieszych, aby zaoszczędzić sekundy dla kierowców”](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reakcje](https://news.ycombinator.com/item?id=42698557) + +- „Debata koncentruje się wokół tego, czy skrzyżowania powinny priorytetowo traktować bezpieczeństwo pieszych czy efektywność kierowców, przy czym niektórzy preferują skrzyżowania z sygnalizacją świetlną i przejścia dla pieszych nad skrzyżowaniami z czterema znakami stopu.” +- „Opinie na temat przepisów drogowych i projektowania infrastruktury są różne, a dyskusje dotyczą bezpieczeństwa przechodzenia na czerwonym świetle oraz ryzyka związanego z prawoskrętami na czerwonym świetle.” +- „Niektórzy opowiadają się za alternatywnymi rozwiązaniami, takimi jak ronda lub przyjęcie holenderskich standardów inżynierii ruchu drogowego, aby zwiększyć zarówno bezpieczeństwo, jak i efektywność.” + +## [„PostgreSQL jest Systemem Zarządzania Bazą Danych Roku 2024”](https://db-engines.com/en/blog_post/109) + +- „PostgreSQL został nagrodzony tytułem DBMS Roku 2024 przez DB-Engines, zdobywając to wyróżnienie po raz piąty, przewyższając 423 inne systemy zarządzania bazami danych.” +- „PostgreSQL, z historią sięgającą niemal 35 lat, nadal wprowadza innowacje, co widać w ostatnich usprawnieniach PostgreSQL 17, wydanych we wrześniu 2024 roku.” +- „Snowflake i Microsoft zajęły odpowiednio drugie i trzecie miejsce, przy czym Snowflake wyróżnia się magazynowaniem danych w chmurze i wsparciem dla wielu chmur, podczas gdy Microsoft oferuje solidne zarządzane relacyjne bazy danych za pośrednictwem Azure SQL Database i SQL Server.” + +### [Reakcje](https://news.ycombinator.com/item?id=42696080) + +- „PostgreSQL został nagrodzony tytułem Systemu Zarządzania Bazą Danych Roku 2024 przez db-engines.com, co podkreśla jego rosnącą popularność i uznanie w branży.” +- „Użytkownicy rozważają przejście z Microsoft SQL Server na PostgreSQL z powodu wysokich kosztów licencji i ograniczeń zasobów, pomimo potencjalnych wyzwań związanych z migracją.” +- „PostgreSQL jest ceniony za swoje solidne funkcje i opłacalność, co czyni go preferowanym wyborem dla przyszłych projektów, chociaż niektórzy użytkownicy rozważają alternatywy, takie jak Babelfish, aby obniżyć koszty.” + +## [„Logowanie OAuth Google nie chroni przed zakupem domeny upadłego startupu”](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reakcje](https://news.ycombinator.com/item?id=42699099) + +- „Dyskusja podkreśla lukę w systemie logowania OAuth Google, gdy domena nieudanej firmy startupowej zostaje przejęta przez nowego właściciela, co potencjalnie umożliwia nieautoryzowany dostęp do usług.” +- „Ten problem pojawia się, ponieważ Google może nie rozróżniać między oryginalnymi a nowymi właścicielami domen, co wpływa na każdy system korzystający z uwierzytelniania opartego na domenie.” +- „Proponowanym rozwiązaniem jest użycie unikalnych identyfikatorów, które pozostają niezmienne w czasie, chociaż wdrożenie tego rozwiązania różni się w zależności od dostawców tożsamości.” + +## [„Wykorzystywanie umiejętności kodowania do generowania pasywnego dochodu”](https://www.coryzue.com/writing/solopreneur/) + +- „Autor przeszedł z roli CTO do solopreneur, z powodzeniem zarabiając więcej dzięki portfolio produktów software'owych.” +- „Kluczowe strategie obejmują skupienie się na głębokiej pracy, rozpoczynanie od małych projektów, szybkie iterowanie oraz poświęcanie czasu na działania marketingowe.” +- „Podróż podkreśla odporność w obliczu niepewności, ale uwydatnia niezrównaną autonomię i wolność tej ścieżki kariery, zachęcając osoby z umiejętnościami kodowania do rozważenia jej jako źródła pasywnego dochodu.” + +### [Reakcje](https://news.ycombinator.com/item?id=42696822) + +- „Użytkownik opisał generowanie pasywnego dochodu poprzez strony spamowe SEO, wykorzystując wygasające nazwy domen, zarabiając około 30 tys. dolarów rocznie, pomimo obaw etycznych i ostatecznego rozprawienia się Google.” +- „Post wywołał debatę na temat dochodu pasywnego, z niektórymi użytkownikami argumentującymi, że jest to bardziej zbliżone do prowadzenia biznesu niż do prawdziwie pasywnych zarobków.” +- „Uczestnicy dzielili się doświadczeniami i wyzwaniami związanymi z projektami pobocznymi, podkreślając znaczenie czasu, odporności i strategicznego planowania.” + +## [„Hiszpania proponuje 100% podatek od domów kupowanych przez mieszkańców spoza UE”](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- „Hiszpania rozważa wprowadzenie 100% podatku od zakupu nieruchomości przez mieszkańców spoza UE, mając na celu rozwiązanie kryzysu mieszkaniowego i ograniczenie spekulacyjnych zakupów.” +- „Propozycja premiera Pedro Sáncheza obejmuje rozszerzenie zasobów mieszkań socjalnych oraz regulację wynajmu turystycznego w celu rozwiązania problemu dysproporcji między cenami mieszkań a dochodami.” +- „Przyszłość propozycji jako prawa jest niepewna, a niektórzy analitycy postrzegają ją jako czynnik odstraszający zagranicznych inwestorów, a nie jako gwarantowaną zmianę legislacyjną.” + +### [Reakcje](https://news.ycombinator.com/item?id=42690781) + +- „Hiszpania rozważa wprowadzenie 100% podatku na domy kupowane przez mieszkańców spoza UE, aby rozwiązać problemy z dostępnością mieszkań. - Krytycy sugerują, że zagraniczni nabywcy nie są główną przyczyną wysokich cen mieszkań, wskazując na powolną biurokrację i przepisy dotyczące zagospodarowania przestrzennego jako bardziej znaczące czynniki. - Propozycja wywołała debatę na temat roli zagranicznej własności na rynkach mieszkaniowych i jej skuteczności w rozwiązywaniu problemów z dostępnością.” + +## [„Apple wkrótce otrzyma 'wyprodukowane w Ameryce' chipy z fabryki TSMC w Arizonie”](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- „Apple testuje procesory z zakładu TSMC w Arizonie, planując masową produkcję do pierwszego kwartału, co może uczynić Apple pierwszym amerykańskim klientem TSMC dla lokalnie produkowanych chipów. - Inicjatywa ta ma na celu wzmocnienie niezależności USA w zakresie produkcji krzemu, zmniejszając zależność od Tajwanu, który jest narażony na ryzyko geopolityczne i naturalne. - Fabryka TSMC w Arizonie ma produkować zaawansowane chipy 3nm i 2nm, z trwającymi wysiłkami na rzecz zwiększenia lokalnej rekrutacji i współpracy z amerykańskimi uniwersytetami, chociaż pakowanie początkowo będzie odbywać się na Tajwanie, dopóki zakład w Peorii nie będzie operacyjny.” + +### [Reakcje](https://news.ycombinator.com/item?id=42699977) + +- „Apple będzie otrzymywać chipy z fabryki TSMC w Arizonie, ale muszą one zostać odesłane do Tajwanu w celu pakowania z powodu niewystarczających amerykańskich obiektów. - Ponad 50% siły roboczej w fabryce w Arizonie pochodzi z Tajwanu, co wskazuje na lukę w amerykańskim sektorze STEM (nauka, technologia, inżynieria i matematyka). - Inicjatywa CHIPS Act, mająca na celu wzmocnienie amerykańskiej produkcji półprzewodników, napotyka wyzwania, ponieważ etykieta „Made in America” jest kwestionowana z powodu procesu pakowania odbywającego się na Tajwanie, z planami na amerykańskie możliwości pakowania do 2027 roku.” + +## [„43 tysiące mniej kierowców na drogach Manhattanu po wprowadzeniu opłat za wjazd do centrum”](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- „Po wprowadzeniu opłat za wjazd do centrum, liczba kierowców wjeżdżających do Manhattanu poniżej 60. ulicy zmniejszyła się o 7,5%, co oznacza 43 000 mniej kierowców każdego dnia roboczego.” +- „Zmniejszenie ruchu poprawiło płynność ruchu i zwiększyło prędkości autobusów, a niektóre autobusy ekspresowe odnotowały większą liczbę pasażerów.” +- „Metropolitan Transportation Authority (MTA) wykorzystuje wpływy z opłat drogowych, szacowane na 500 milionów dolarów rocznie, na poprawę transportu, pomimo pewnego sprzeciwu politycznego.” + +### [Reakcje](https://news.ycombinator.com/item?id=42692730) + +- „Wprowadzenie opłat za wjazd do zatłoczonych obszarów na Manhattanie spowodowało zmniejszenie liczby kierowców o 43 000, co przyczyniło się do zwiększenia prędkości autobusów i potencjalnie lepszych czasów reakcji służb ratunkowych.” +- „Polityka ta ma na celu zmniejszenie zatorów drogowych i poprawę jakości powietrza, choć wywołała debatę na temat jej wpływu na osoby o niższych dochodach.” +- „Zwolennicy twierdzą, że korzyści obejmują bardziej efektywny transport publiczny i czystsze powietrze, podczas gdy trwają dyskusje na temat równoważenia tych zalet z potrzebami kierowców.” + + + + + + diff --git a/i18n/pt/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/pt/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..5de110636 --- /dev/null +++ b/i18n/pt/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [Pesquisador de segurança da Snyk implanta pacotes NPM maliciosos visando cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- A Snyk, uma pesquisadora de segurança, lançou pacotes NPM maliciosos visando a Cursor.com, uma empresa de codificação de IA, para coletar dados do sistema e enviá-los para um serviço controlado por um atacante. +- As pacotes, identificados como "cursor-retrieval", "cursor-always-local" e "cursor-shadow-workspace", foram sinalizados pelo scanner de análise de pacotes OpenSSF, resultando nos avisos MAL-2025-27, MAL-2025-28 e MAL-2025-29. +- Este incidente destaca a importância de examinar os pacotes NPM antes da instalação para evitar potenciais ameaças à segurança. + +### [Reações](https://news.ycombinator.com/item?id=42690473) + +- A Snyk, um pesquisador de segurança, lançou pacotes NPM (Node Package Manager) maliciosos direcionados ao cursor.com, destacando vulnerabilidades de confusão de dependência. - O incidente gerou um debate sobre a ética da pesquisa em segurança, especialmente no que diz respeito à exposição pública de variáveis de ambiente. - A Cursor.com esclareceu que não autorizou a ação, e a Snyk pediu desculpas, ressaltando os desafios de equilibrar a pesquisa de segurança ofensiva com os padrões éticos. + +## [I Switched to Firefox and Never Looked Back](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox é elogiado por seu gerenciamento superior de abas, recurso Pocket integrado para salvar links e um serviço de e-mail focado em privacidade, tornando-o uma forte alternativa ao Chrome. - Recursos adicionais como uma ferramenta de captura de tela fácil de usar, um botão ChatGPT, modo Picture-in-Picture, opções de pesquisa personalizáveis e rolagem suave melhoram a experiência de navegação. - Embora o Firefox não tenha o recurso de aplicativos da web do Chrome, seu design cuidadoso e menor demanda de recursos o tornam a escolha preferida para alguns usuários. + +### [Reações](https://news.ycombinator.com/item?id=42696081) + +- Os usuários do Firefox enfrentam desafios de plataformas como o YouTube, que podem intencionalmente degradar a experiência para navegadores não-Google ou usuários que utilizam bloqueadores de anúncios. - Essa tendência levanta preocupações sobre a autonomia do usuário, pois penaliza aqueles que optam por uma experiência na web sem anúncios e sem vigilância. - O Firefox oferece recursos únicos, como abas de contêiner, que melhoram a privacidade e a usabilidade, tornando-o uma escolha preferida para usuários que buscam independência de navegadores controlados por grandes corporações. + +## [CEO da Sonos renuncia após fiasco de atualização de aplicativo](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reações](https://news.ycombinator.com/item?id=42687932) + +- O CEO da Sonos renunciou após uma atualização controversa do aplicativo que exigia que os usuários substituíssem sistemas de som caros, causando insatisfação entre os clientes. - A atualização introduziu um sistema baseado em nuvem, afastando-se do confiável Universal Plug and Play (UPnP), o que levou a problemas de conectividade e aumento da complexidade. - Esta situação destaca o conflito entre estratégias de negócios e a manutenção da confiança do cliente, enquanto o CEO transita para um papel consultivo com um pacote de indenização. + +## [Na barriga do MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reações](https://news.ycombinator.com/item?id=42696691) + +- O ensaio examina como o algoritmo do YouTube influencia a criação de conteúdo, usando MrBeast como estudo de caso, destacando uma mudança em direção a um conteúdo impulsionado pelo engajamento em vez de significativo. - Discute as implicações mais amplas para a alfabetização midiática e o impacto cultural de plataformas como YouTube e TikTok, sugerindo uma tendência para conteúdos superficiais e reacionários. - Diversas perspectivas são consideradas sobre o papel dos algoritmos na formação de conteúdo e a influência de criadores populares nas normas culturais. + +## [Operações do Git no GitHub estão fora do ar](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub enfrentou uma interrupção nas operações do Git em 13 de janeiro de 2025, devido a uma alteração de configuração que afetou o balanceador de carga interno, durando das 23:35 às 00:24 UTC. - O problema foi resolvido revertendo a alteração de configuração, e o GitHub está trabalhando para melhorar os processos de monitoramento e implantação para evitar incidentes semelhantes. - A interrupção também afetou os serviços Actions e Pages do GitHub, destacando a natureza interconectada de seus serviços de plataforma. + +### [Reações](https://news.ycombinator.com/item?id=42691184) + +- GitHub enfrentou uma grande interrupção que impactou as operações de git, levando à confusão entre os desenvolvedores que inicialmente suspeitaram de problemas com suas chaves SSH ou configurações locais. - O incidente destacou os desafios de depender de serviços centralizados, provocando discussões sobre as vantagens de auto-hospedagem e sistemas descentralizados. - Embora o problema tenha sido resolvido, ele ressaltou preocupações sobre a confiabilidade do GitHub e os riscos de depender de plataformas de terceiros para tarefas essenciais. + +## [ZFS 2.3 lançado com expansão ZFS raidz](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 foi lançado, introduzindo recursos significativos como Expansão RAIDZ, Desduplicação Rápida, Entrada/Saída Direta, saída em JSON e suporte para nomes de arquivos longos. - O lançamento inclui correções de bugs essenciais e melhorias de desempenho, compatível com kernels Linux 4.18 - 6.12 e versões FreeBSD 13.3, 14.0 - 14.2. - A atualização é um esforço colaborativo de 134 colaboradores, com documentação abrangente e um registro de alterações disponível para revisão. + +### [Reações](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 foi lançado, introduzindo recursos como expansão RAIDZ, desduplicação rápida, IO direto, saída JSON e suporte para nomes de arquivos longos. - A expansão RAIDZ é particularmente notável, pois permite que os usuários adicionem novos dispositivos a um pool RAIDZ existente sem tempo de inatividade, aumentando a capacidade de armazenamento. - O lançamento é considerado um avanço significativo para os usuários de ZFS, sendo comparado a outros sistemas de arquivos como Btrfs e Windows Storage Spaces, apesar de algumas limitações, como a incapacidade de reduzir pools. + +## [Webtop – Contêineres Alpine, Ubuntu, Fedora e Arch contendo ambientes de desktop completos](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop fornece contêineres baseados em Alpine, Ubuntu, Fedora e Arch com ambientes de desktop completos acessíveis através de navegadores web, suportando as arquiteturas x86-64 e arm64. +- Os usuários podem selecionar entre vários ambientes de desktop, como XFCE, KDE, MATE, i3, Openbox e IceWM, usando tags de imagem específicas e acessar o Webtop por meio de URLs designados. +- Os recursos de segurança incluem a opção seccomp do Docker e a configuração de autenticação, com opções de personalização disponíveis através de variáveis de ambiente, além de suporte para aceleração de GPU com drivers de código aberto. + +### [Reações](https://news.ycombinator.com/item?id=42690983) + +- Webtop fornece contêineres com ambientes de desktop completos para Alpine, Ubuntu, Fedora e Arch, adequados para configurações rápidas por trás de uma VPN. +- Os usuários elogiam o Webtop por sua velocidade e facilidade de uso, especialmente quando utilizado com o contêiner Gluetun para conexões seguras, mas alertam contra a exposição de contêineres à internet sem medidas de segurança devido à falta de autenticação padrão. +- O projeto é valorizado por ser de código aberto e flexível, com usuários compartilhando configurações, e alternativas como Kasm e Selkies são destacadas para propósitos semelhantes. + +## [1 em cada 5 anúncios de emprego online são falsos ou nunca são preenchidos, aponta estudo](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- A recent study indicates that 20% of online job postings are either fake or remain unfilled, adding to job seekers' frustration. - This "ghost job" trend might be a tactic for companies to project an image of growth. - Job platforms such as Greenhouse and LinkedIn have introduced job verification services to assist users in identifying genuine job opportunities. + +### [Reações](https://news.ycombinator.com/item?id=42697783) + +- Um estudo revela que 20% das vagas de emprego online são falsas ou permanecem não preenchidas, muitas vezes devido à necessidade das empresas de cumprir com as políticas de imigração dos EUA. - As empresas também podem manter as vagas abertas para encontrar candidatos ideais, alterar requisitos ou já terem candidatos internos pré-selecionados. - O mercado de trabalho é difícil para os candidatos, que frequentemente enfrentam o desaparecimento das empresas e rejeições automatizadas, o que leva a pedidos por intervenção regulatória. + +## [Transformar um cruzamento em um local inseguro para pedestres para economizar segundos para motoristas](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reações](https://news.ycombinator.com/item?id=42698557) + +- O debate gira em torno de se os cruzamentos devem priorizar a segurança dos pedestres ou a eficiência dos motoristas, com alguns preferindo cruzamentos controlados por semáforos e travessias diagonais para pedestres em vez de paradas de 4 vias. +- Opiniões variam sobre leis de trânsito e design de infraestrutura, com discussões sobre a segurança de atravessar fora da faixa e os riscos associados a conversões à direita no sinal vermelho. +- Alguns defendem soluções alternativas, como rotatórias ou a adoção de padrões de engenharia de tráfego holandeses, para melhorar tanto a segurança quanto a eficiência. + +## [PostgreSQL é o Sistema de Gerenciamento de Banco de Dados do Ano de 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL foi premiado como DBMS do Ano 2024 pela DB-Engines, alcançando esse reconhecimento pela quinta vez, superando 423 outros sistemas de gerenciamento de banco de dados. +- PostgreSQL, com uma história que se estende por quase 35 anos, continua a inovar, como visto nas melhorias recentes do PostgreSQL 17, lançado em setembro de 2024. +- Snowflake e Microsoft garantiram o segundo e terceiro lugares, respectivamente, com a Snowflake sendo destacada por seu armazenamento de dados baseado em nuvem e suporte multi-nuvem, enquanto a Microsoft oferece bancos de dados relacionais gerenciados robustos através do Azure SQL Database e SQL Server. + +### [Reações](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL foi premiado como Sistema de Gerenciamento de Banco de Dados do Ano 2024 pelo db-engines.com, destacando sua crescente popularidade e reconhecimento na indústria. +- Os usuários estão considerando mudar do Microsoft SQL Server para o PostgreSQL devido aos altos custos de licenciamento e limitações de recursos, apesar dos potenciais desafios de migração. +- PostgreSQL é favorecido por seus recursos robustos e custo-benefício, tornando-o uma escolha preferida para projetos futuros, embora alguns usuários explorem alternativas como Babelfish para reduzir custos. + +## [Login OAuth do Google não protege contra a compra de um domínio de startup falida](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reações](https://news.ycombinator.com/item?id=42699099) + +- A discussão destaca uma vulnerabilidade no sistema de login OAuth do Google quando o domínio de uma startup falida é adquirido por um novo proprietário, potencialmente permitindo acesso não autorizado a serviços. +- Esse problema surge porque o Google pode não distinguir entre os proprietários originais e novos do domínio, afetando qualquer sistema que use autenticação baseada em domínio. +- A solução proposta é usar identificadores únicos que permanecem constantes ao longo do tempo, embora a implementação dessa solução varie entre os provedores de identidade. + +## [Usando habilidades de codificação para gerar renda passiva](https://www.coryzue.com/writing/solopreneur/) + +- O autor fez a transição de um cargo de CTO para solopreneur, conseguindo ganhar mais por meio de um portfólio de produtos de software. +- Principais estratégias incluem focar em trabalho profundo, começar com pequenos projetos, iterar rapidamente e dedicar tempo aos esforços de marketing. +- A jornada enfatiza a resiliência devido às incertezas, mas destaca a autonomia e liberdade incomparáveis deste caminho de carreira, encorajando aqueles com habilidades de codificação a considerá-lo para renda passiva. + +### [Reações](https://news.ycombinator.com/item?id=42696822) + +- Um usuário descreveu a geração de renda passiva por meio de sites de spam de SEO usando nomes de domínio expirantes, ganhando aproximadamente $30 mil anualmente, apesar das preocupações éticas e da eventual repressão do Google. +- O post gerou um debate sobre renda passiva, com alguns usuários argumentando que é mais parecido com administrar um negócio do que realmente ganhos passivos. +- Os participantes compartilharam experiências e desafios em projetos paralelos, destacando a importância do tempo, resiliência e planejamento estratégico. + +## [Proposta da Espanha: imposto de 100% sobre casas compradas por residentes fora da UE](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Considerando a crise habitacional e a necessidade de conter a compra especulativa, a Espanha está avaliando a implementação de um imposto de 100% sobre aquisições de imóveis por residentes de fora da UE. +- Proposta do Primeiro-Ministro Pedro Sánchez inclui a expansão da habitação social e a regulamentação dos aluguéis turísticos para enfrentar a disparidade entre os preços das habitações e os rendimentos. +- A futura transformação da proposta em lei é incerta, com alguns analistas vendo-a como um impedimento para investidores estrangeiros, em vez de uma mudança legislativa garantida. + +### [Reações](https://news.ycombinator.com/item?id=42690781) + +- Está sendo considerado na Espanha um imposto de 100% sobre casas compradas por residentes de fora da UE para enfrentar problemas de acessibilidade à moradia. - Críticos sugerem que compradores estrangeiros não são a principal causa dos altos preços das habitações, citando a burocracia lenta e as leis de zoneamento como fatores mais significativos. - A proposta gerou um debate sobre o papel da propriedade estrangeira nos mercados imobiliários e sua eficácia na resolução de questões de acessibilidade. + +## [Em breve, a Apple receberá chips 'feitos na América' da fábrica da TSMC no Arizona](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple está testando processadores da instalação da TSMC no Arizona, com planos para produção em massa até o primeiro trimestre, potencialmente se tornando o primeiro cliente dos EUA da TSMC para chips fabricados localmente. - Esta iniciativa visa fortalecer a independência de silício dos EUA, reduzindo a dependência de Taiwan, que é vulnerável a riscos geopolíticos e naturais. - A fábrica da TSMC no Arizona está programada para produzir chips avançados de 3nm e 2nm, com esforços contínuos para melhorar o recrutamento local e parcerias com universidades dos EUA, embora a embalagem ocorra inicialmente em Taiwan até que a instalação de Peoria esteja operacional. + +### [Reações](https://news.ycombinator.com/item?id=42699977) + +- Apple receberá chips da fábrica da TSMC no Arizona, mas eles precisam ser enviados de volta para Taiwan para embalagem devido à insuficiência de instalações nos EUA. - Mais de 50% da força de trabalho na fábrica do Arizona é de Taiwan, indicando uma lacuna no campo de STEM (Ciência, Tecnologia, Engenharia e Matemática) nos EUA. - A iniciativa do CHIPS Act, destinada a melhorar a fabricação de semicondutores nos EUA, enfrenta desafios, pois o rótulo "Feito na América" é questionado devido ao processo de embalagem ocorrer em Taiwan, com planos para capacidades de embalagem nos EUA até 2027. + +## [43 mil motoristas a menos nas estradas de Manhattan após a ativação da precificação de congestionamento](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Após a implementação da precificação de congestionamento, houve uma redução de 7,5% no número de motoristas entrando em Manhattan abaixo da 60th Street, o que equivale a 43.000 motoristas a menos a cada dia útil. +- A redução no tráfego melhorou o fluxo de trânsito e aumentou a velocidade dos ônibus, com alguns ônibus expressos experimentando um aumento no número de passageiros. +- O Metropolitan Transportation Authority (MTA) utiliza a receita de pedágio, estimada em $500 milhões anualmente, para melhorias no transporte, apesar de alguma oposição política. + +### [Reações](https://news.ycombinator.com/item?id=42692730) + +- A implementação da precificação de congestionamento em Manhattan resultou em 43.000 motoristas a menos, levando a um aumento na velocidade dos ônibus e, potencialmente, a melhores tempos de resposta em emergências. +- A política é projetada para reduzir a congestão do tráfego e melhorar a qualidade do ar, embora tenha gerado debate sobre seu impacto em indivíduos de baixa renda. +- Os defensores argumentam que os benefícios incluem um transporte público mais eficiente e ar mais limpo, enquanto as discussões continuam sobre como equilibrar essas vantagens com as necessidades dos motoristas. + + + + + + diff --git a/i18n/ro/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/ro/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..65bfe878e --- /dev/null +++ b/i18n/ro/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [„Cercetătorul de securitate Snyk lansează pachete NPM malițioase care vizează cursor.com”](https://sourcecodered.com/snyk-malicious-npm-package/) + +- „Un cercetător în securitate de la Snyk a lansat pachete NPM malițioase care vizează Cursor.com, o companie de codare AI, pentru a colecta date de sistem și a le trimite către un serviciu controlat de atacator.” +- „Pachetele, identificate ca „cursor-retrieval”, „cursor-always-local” și „cursor-shadow-workspace”, au fost semnalate de scannerul de analiză a pachetelor OpenSSF, rezultând în avizele MAL-2025-27, MAL-2025-28 și MAL-2025-29.” +- „Acest incident subliniază importanța examinării atente a pachetelor NPM înainte de instalare pentru a evita potențialele amenințări de securitate.” + +### [Reacții](https://news.ycombinator.com/item?id=42690473) + +- „Un cercetător în securitate de la Snyk a lansat pachete NPM (Node Package Manager) malițioase care vizau cursor.com, evidențiind vulnerabilitățile de confuzie a dependențelor. - Incidentul a declanșat o dezbatere privind etica cercetării în securitate, în special în ceea ce privește expunerea publică a variabilelor de mediu. - Cursor.com a clarificat că nu au autorizat acțiunea, iar Snyk și-a cerut scuze ulterior, subliniind provocările în echilibrarea cercetării ofensive în securitate cu standardele etice.” + +## [„Am trecut la Firefox și nu m-am mai uitat înapoi”](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- „Firefox este lăudat pentru gestionarea superioară a filelor, funcția Pocket integrată pentru salvarea linkurilor și un serviciu de redirecționare a e-mailurilor axat pe confidențialitate, făcându-l o alternativă puternică la Chrome. - Funcții suplimentare precum un instrument de captură de ecran ușor de utilizat, un buton ChatGPT, funcția Picture-in-Picture, opțiuni de căutare personalizabile și derularea lină îmbunătățesc experiența de navigare. - Deși Firefox nu dispune de funcția de aplicație web a Chrome, designul său atent și cerințele reduse de resurse îl fac o alegere preferată pentru unii utilizatori.” + +### [Reacții](https://news.ycombinator.com/item?id=42696081) + +- „Utilizatorii Firefox se confruntă cu provocări din partea platformelor precum YouTube, care pot degrada intenționat experiența pentru browserele non-Google sau utilizatorii care folosesc adblockere. - Această tendință ridică îngrijorări cu privire la autonomia utilizatorilor, deoarece penalizează pe cei care optează pentru o experiență web fără reclame și supraveghere. - Firefox oferă caracteristici unice, cum ar fi filele container, care îmbunătățesc confidențialitatea și utilizabilitatea, făcându-l o alegere preferată pentru utilizatorii care caută independență față de browserele controlate de mari corporații.” + +## [„CEO-ul Sonos demisionează după fiasco-ul actualizării aplicației”](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reacții](https://news.ycombinator.com/item?id=42687932) + +- „CEO-ul Sonos a demisionat în urma unei actualizări controversate a aplicației care a cerut utilizatorilor să înlocuiască sisteme audio costisitoare, provocând nemulțumirea clienților. - Actualizarea a introdus un sistem bazat pe cloud, renunțând la Universal Plug and Play (UPnP) fiabil, ceea ce a dus la probleme de conectivitate și complexitate crescută. - Această situație subliniază conflictul dintre strategiile de afaceri și menținerea încrederii clienților, pe măsură ce CEO-ul trece la un rol de consilier cu un pachet de compensații.” + +## [„În burta lui MrBeast”](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reacții](https://news.ycombinator.com/item?id=42696691) + +- „Eseul examinează modul în care algoritmul YouTube influențează crearea de conținut, folosindu-l pe MrBeast ca studiu de caz, evidențiind o schimbare către un conținut axat pe angajament mai degrabă decât pe semnificație. - Se discută implicațiile mai largi pentru alfabetizarea media și impactul cultural al platformelor precum YouTube și TikTok, sugerând o tendință către conținut superficial și reacționar. - Sunt luate în considerare diverse perspective asupra rolului algoritmilor în modelarea conținutului și influența creatorilor populari asupra normelor culturale.” + +## [„Operațiunile Git de pe GitHub sunt indisponibile”](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- „GitHub a întâmpinat o întrerupere a operațiunilor Git pe 13 ianuarie 2025, din cauza unei modificări de configurare care a afectat echilibratorul de sarcină intern, durând de la 23:35 la 00:24 UTC. - Problema a fost rezolvată prin revenirea la modificarea de configurare, iar GitHub lucrează la îmbunătățirea proceselor de monitorizare și implementare pentru a preveni incidente similare. - Întreruperea a afectat, de asemenea, serviciile Actions și Pages ale GitHub, evidențiind natura interconectată a serviciilor platformei lor.” + +### [Reacții](https://news.ycombinator.com/item?id=42691184) + +- „GitHub a întâmpinat o întrerupere majoră care a afectat operațiunile git, ceea ce a dus la confuzie în rândul dezvoltatorilor care inițial au suspectat probleme cu cheile lor SSH sau cu configurațiile locale. - Incidentul a subliniat provocările de a se baza pe servicii centralizate, determinând discuții despre avantajele găzduirii proprii și a sistemelor descentralizate. - Deși problema a fost rezolvată, aceasta a evidențiat preocupările legate de fiabilitatea GitHub și riscurile de a depinde de platforme terțe pentru sarcini esențiale.” + +## [„ZFS 2.3 lansat cu extinderea ZFS raidz”](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- „OpenZFS 2.3.0 a fost lansat, introducând caracteristici semnificative precum extinderea RAIDZ, deduplicarea rapidă, intrare/ieșire directă, ieșire JSON și suport pentru nume de fișiere lungi. - Lansarea include corecții esențiale de erori și îmbunătățiri de performanță, compatibile cu nucleele Linux 4.18 - 6.12 și versiunile FreeBSD 13.3, 14.0 - 14.2. - Actualizarea este un efort colaborativ al 134 de contribuitori, cu documentație cuprinzătoare și un jurnal de modificări disponibil pentru revizuire.” + +### [Reacții](https://news.ycombinator.com/item?id=42694596) + +- „ZFS 2.3 a fost lansat, introducând caracteristici precum extinderea RAIDZ, deduplicarea rapidă, IO direct, ieșire JSON și suport pentru nume de fișiere lungi. - Extinderea RAIDZ este deosebit de remarcabilă, deoarece permite utilizatorilor să adauge noi dispozitive la un pool RAIDZ existent fără timp de nefuncționare, sporind capacitatea de stocare. - Lansarea este considerată un avans semnificativ pentru utilizatorii ZFS, fiind comparată cu alte sisteme de fișiere precum Btrfs și Windows Storage Spaces, în ciuda unor limitări, cum ar fi incapacitatea de a micșora pool-urile.” + +## [„Webtop – Containere Alpine, Ubuntu, Fedora și Arch care conțin medii desktop complete”](https://docs.linuxserver.io/images/docker-webtop/) + +- „Linuxserver/webtop oferă containere bazate pe Alpine, Ubuntu, Fedora și Arch cu medii desktop complete accesibile prin browsere web, suportând atât arhitecturile x86-64, cât și arm64.” +- „Utilizatorii pot selecta din diverse medii desktop, cum ar fi XFCE, KDE, MATE, i3, Openbox și IceWM, folosind etichete de imagine specifice și pot accesa Webtop prin URL-uri desemnate.” +- „Caracteristicile de securitate includ opțiunea seccomp a Docker și configurarea autentificării, cu opțiuni de personalizare disponibile prin variabile de mediu, și suport pentru accelerarea GPU cu drivere open-source.” + +### [Reacții](https://news.ycombinator.com/item?id=42690983) + +- „Webtop oferă containere cu medii desktop complete pentru Alpine, Ubuntu, Fedora și Arch, potrivite pentru configurări rapide în spatele unui VPN.” +- „Utilizatorii laudă Webtop pentru viteza și ușurința sa de utilizare, în special atunci când este utilizat cu containerul Gluetun pentru conexiuni securizate, dar avertizează împotriva expunerii containerelor la internet fără măsuri de securitate din cauza lipsei autentificării implicite.” +- „Proiectul este apreciat pentru faptul că este open-source și flexibil, utilizatorii împărtășind configurații, iar alternative precum Kasm și Selkies sunt remarcate pentru scopuri similare.” + +## [„1 din 5 anunțuri de locuri de muncă online sunt fie false, fie nu sunt niciodată ocupate, arată un studiu”](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- „Un studiu recent indică faptul că 20% dintre anunțurile de locuri de muncă online sunt fie false, fie rămân neocupate, adăugând la frustrarea celor care caută un loc de muncă. - Această tendință de „locuri de muncă fantomă” ar putea fi o tactică a companiilor de a proiecta o imagine de creștere. - Platforme de locuri de muncă precum Greenhouse și LinkedIn au introdus servicii de verificare a locurilor de muncă pentru a ajuta utilizatorii să identifice oportunitățile de muncă autentice.” + +### [Reacții](https://news.ycombinator.com/item?id=42697783) + +- „Un studiu relevă că 20% dintre anunțurile de locuri de muncă online sunt fie false, fie rămân neocupate, adesea din cauza necesității companiilor de a respecta politicile de imigrație din SUA. - Companiile pot, de asemenea, să lase anunțurile de locuri de muncă active pentru a găsi candidați ideali, a schimba cerințele sau a avea candidați interni preselectați. - Piața muncii este dificilă pentru solicitanți, care întâlnesc frecvent lipsa de răspuns și respingeri automate, ceea ce determină apeluri pentru intervenții de reglementare.” + +## [„Transformarea unei intersecții într-un loc nesigur pentru pietoni pentru a economisi câteva secunde pentru șoferi”](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reacții](https://news.ycombinator.com/item?id=42698557) + +- „Dezbaterea se concentrează pe faptul dacă intersecțiile ar trebui să prioritizeze siguranța pietonilor sau eficiența șoferilor, unii favorizând intersecțiile controlate de semafoare și traversările pietonale simultane în detrimentul opririlor în patru direcții.” +- „Opiniile variază cu privire la legile de circulație și designul infrastructurii, cu discuții despre siguranța traversării neregulamentare și riscurile asociate cu virajele la dreapta pe roșu.” +- „Unii susțin soluții alternative, cum ar fi sensurile giratorii sau adoptarea standardelor olandeze de inginerie a traficului, pentru a îmbunătăți atât siguranța, cât și eficiența.” + +## [„PostgreSQL este Sistemul de Management al Bazelor de Date al Anului 2024”](https://db-engines.com/en/blog_post/109) + +- „PostgreSQL a fost desemnat DBMS-ul Anului 2024 de către DB-Engines, obținând această recunoaștere pentru a cincea oară, depășind alte 423 de sisteme de gestionare a bazelor de date.” +- „PostgreSQL, cu o istorie de aproape 35 de ani, continuă să inoveze, așa cum se vede în îmbunătățirile recente ale PostgreSQL 17, lansat în septembrie 2024.” +- „Snowflake și Microsoft au obținut locurile doi și trei, respectiv, cu Snowflake remarcat pentru depozitarea de date bazată pe cloud și suportul multi-cloud, în timp ce Microsoft oferă baze de date relaționale gestionate robust prin Azure SQL Database și SQL Server.” + +### [Reacții](https://news.ycombinator.com/item?id=42696080) + +- „PostgreSQL a fost desemnat Sistemul de Management al Bazelor de Date al Anului 2024 de către db-engines.com, evidențiind popularitatea și recunoașterea sa în creștere în industrie.” +- „Utilizatorii iau în considerare trecerea de la Microsoft SQL Server la PostgreSQL din cauza costurilor ridicate de licențiere și a limitărilor de resurse, în ciuda provocărilor potențiale de migrare.” +- „PostgreSQL este preferat pentru caracteristicile sale robuste și rentabilitatea sa, ceea ce îl face o alegere preferată pentru proiectele viitoare, deși unii utilizatori explorează alternative precum Babelfish pentru a reduce costurile.” + +## [„Conectarea OAuth de la Google nu protejează împotriva achiziționării unui domeniu al unei startup-uri eșuate”](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reacții](https://news.ycombinator.com/item?id=42699099) + +- „Discuția evidențiază o vulnerabilitate în sistemul de autentificare OAuth al Google atunci când domeniul unei startup eșuate este achiziționat de un nou proprietar, permițând potențial accesul neautorizat la servicii.” +- „Această problemă apare deoarece Google s-ar putea să nu facă distincția între proprietarii originali și noii proprietari ai domeniului, afectând orice sistem care utilizează autentificarea bazată pe domeniu.” +- „O soluție propusă este utilizarea identificatorilor unici care rămân constanți în timp, deși implementarea acestei soluții variază între furnizorii de identitate.” + +## [„Folosirea abilităților de programare pentru a obține venituri pasive”](https://www.coryzue.com/writing/solopreneur/) + +- „Autorul a făcut tranziția de la rolul de CTO la soloprenor, reușind să câștige mai mult printr-un portofoliu de produse software.” +- „Strategiile cheie includ concentrarea pe munca profundă, începerea cu proiecte mici, iterarea rapidă și dedicarea timpului pentru eforturile de marketing.” +- „Călătoria subliniază reziliența în fața incertitudinilor, dar evidențiază autonomia și libertatea de neegalat ale acestui parcurs profesional, încurajându-i pe cei cu abilități de programare să îl considere pentru venituri pasive.” + +### [Reacții](https://news.ycombinator.com/item?id=42696822) + +- „Un utilizator a descris generarea de venituri pasive prin site-uri web de tip spam SEO folosind nume de domenii care expiră, câștigând aproximativ 30.000 de dolari anual, în ciuda preocupărilor etice și a represaliilor ulterioare din partea Google.” +- „Postarea a stârnit o dezbatere despre veniturile pasive, unii utilizatori susținând că este mai degrabă asemănătoare cu administrarea unei afaceri decât cu câștigurile cu adevărat pasive.” +- „Participanții au împărtășit experiențe și provocări în proiectele secundare, subliniind importanța timpului, rezilienței și planificării strategice.” + +## [„Spania propune un impozit de 100% pe locuințele cumpărate de rezidenți din afara UE”](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- „Spania ia în considerare un impozit de 100% pe achizițiile imobiliare de către rezidenții din afara UE, având ca scop abordarea crizei locuințelor și limitarea achizițiilor speculative.” +- „Propunerea prim-ministrului Pedro Sánchez include extinderea locuințelor sociale și reglementarea închirierilor turistice pentru a aborda disparitatea dintre prețurile locuințelor și venituri.” +- „Viitorul propunerii ca lege este incert, unii analiști considerând-o mai degrabă un factor de descurajare pentru investitorii străini decât o schimbare legislativă garantată.” + +### [Reacții](https://news.ycombinator.com/item?id=42690781) + +- „Spania ia în considerare un impozit de 100% pe locuințele achiziționate de rezidenți din afara UE pentru a aborda problemele de accesibilitate a locuințelor. - Criticii sugerează că cumpărătorii străini nu sunt cauza principală a prețurilor ridicate ale locuințelor, menționând birocrația lentă și legile de zonare ca factori mai semnificativi. - Propunerea a declanșat o dezbatere cu privire la rolul proprietății străine pe piețele imobiliare și eficacitatea acesteia în rezolvarea problemelor de accesibilitate.” + +## [„Apple va primi în curând cipuri 'fabricate în America' de la fabrica TSMC din Arizona”](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- „Apple testează procesoare de la fabrica TSMC din Arizona, cu planuri de producție în masă până în primul trimestru, devenind potențial primul client american al TSMC pentru cipuri fabricate local. - Această inițiativă are ca scop consolidarea independenței siliconului în SUA, reducând dependența de Taiwan, care este vulnerabil la riscuri geopolitice și naturale. - Fabrica TSMC din Arizona este pregătită să producă cipuri avansate de 3nm și 2nm, cu eforturi continue de a îmbunătăți recrutarea locală și parteneriatele cu universitățile americane, deși ambalarea va avea loc inițial în Taiwan până când facilitatea din Peoria va fi operațională.” + +### [Reacții](https://news.ycombinator.com/item?id=42699977) + +- „Apple va primi cipuri de la fabrica TSMC din Arizona, dar acestea trebuie trimise înapoi în Taiwan pentru ambalare din cauza insuficienței facilităților din SUA. - Peste 50% din forța de muncă de la fabrica din Arizona provine din Taiwan, indicând un decalaj în domeniul STEM (Știință, Tehnologie, Inginerie și Matematică) din SUA. - Inițiativa CHIPS Act, care vizează îmbunătățirea producției de semiconductori în SUA, se confruntă cu provocări, deoarece eticheta „Fabricat în America” este pusă sub semnul întrebării din cauza procesului de ambalare care are loc în Taiwan, cu planuri pentru capacități de ambalare în SUA până în 2027.” + +## [„Cu 43.000 de șoferi mai puțin pe drumurile din Manhattan după ce a fost activată taxarea pentru congestionare”](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- „După implementarea taxării pentru congestionare, a existat o reducere de 7,5% a șoferilor care intră în Manhattan sub strada 60, ceea ce echivalează cu 43.000 de șoferi mai puțini în fiecare zi lucrătoare.” +- „Reducerea traficului a îmbunătățit fluxul de trafic și a crescut viteza autobuzelor, unele autobuze expres înregistrând o creștere a numărului de pasageri.” +- „Autoritatea Metropolitană de Transport (MTA) folosește veniturile din taxe, estimate la 500 de milioane de dolari anual, pentru îmbunătățiri ale transportului, în ciuda unei anumite opoziții politice.” + +### [Reacții](https://news.ycombinator.com/item?id=42692730) + +- „Implementarea taxării pentru congestionare în Manhattan a dus la reducerea cu 43.000 a numărului de șoferi, ceea ce a condus la creșterea vitezei autobuzelor și, posibil, la îmbunătățirea timpilor de răspuns pentru situațiile de urgență.” +- „Politica este concepută pentru a reduce congestionarea traficului și a îmbunătăți calitatea aerului, deși a stârnit dezbateri cu privire la impactul său asupra persoanelor cu venituri mai mici.” +- „Susținătorii susțin că beneficiile includ un transport public mai eficient și un aer mai curat, în timp ce discuțiile continuă asupra echilibrării acestor avantaje cu nevoile șoferilor.” + + + + + + diff --git a/i18n/ru/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/ru/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..6aa7c5f82 --- /dev/null +++ b/i18n/ru/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [Исследователь безопасности Snyk разворачивает вредоносные пакеты NPM, нацеленные на cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- Исследователь безопасности из Snyk выпустил вредоносные пакеты NPM, нацеленные на Cursor.com, компанию, занимающуюся AI-кодированием, чтобы собирать системные данные и отправлять их на сервис, контролируемый злоумышленником. +- Пакеты, идентифицированные как "cursor-retrieval", "cursor-always-local" и "cursor-shadow-workspace", были отмечены сканером анализа пакетов OpenSSF, что привело к предупреждениям MAL-2025-27, MAL-2025-28 и MAL-2025-29. +- Этот инцидент подчеркивает важность тщательной проверки пакетов NPM перед установкой, чтобы избежать потенциальных угроз безопасности. + +### [Реакции](https://news.ycombinator.com/item?id=42690473) + +- Исследователь безопасности из Snyk выпустил вредоносные пакеты NPM (Node Package Manager), нацеленные на cursor.com, подчеркивая уязвимости путаницы зависимостей. - Инцидент вызвал дебаты об этике исследований безопасности, особенно в отношении публичного раскрытия переменных окружения. - Cursor.com уточнили, что они не санкционировали это действие, и Snyk с тех пор извинились, подчеркивая трудности в балансировании наступательных исследований безопасности с этическими стандартами. + +## [Я перешел на Firefox и никогда не оглядывался назад](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox хвалят за превосходное управление вкладками, встроенную функцию Pocket для сохранения ссылок и ориентированную на конфиденциальность функцию пересылки электронной почты, что делает его сильной альтернативой Chrome. - Дополнительные функции, такие как удобный инструмент для создания скриншотов, кнопка ChatGPT, режим "картинка в картинке", настраиваемые параметры поиска и плавная прокрутка, улучшают впечатления от просмотра. - Хотя Firefox не имеет функции веб-приложений, как у Chrome, его продуманный дизайн и сниженные требования к ресурсам делают его предпочтительным выбором для некоторых пользователей. + +### [Реакции](https://news.ycombinator.com/item?id=42696081) + +- Пользователи Firefox сталкиваются с трудностями на платформах, таких как YouTube, которые могут намеренно ухудшать опыт для пользователей не-Google браузеров или тех, кто использует блокировщики рекламы. - Эта тенденция вызывает обеспокоенность по поводу автономии пользователей, так как она наказывает тех, кто выбирает веб-опыт без рекламы и слежки. - Firefox предлагает уникальные функции, такие как контейнерные вкладки, которые улучшают конфиденциальность и удобство использования, делая его предпочтительным выбором для пользователей, стремящихся к независимости от браузеров, контролируемых крупными корпорациями. + +## [Генеральный директор Sonos уходит в отставку после неудачного обновления приложения](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Реакции](https://news.ycombinator.com/item?id=42687932) + +- Генеральный директор Sonos ушел в отставку после спорного обновления приложения, которое требовало от пользователей замены дорогостоящих звуковых систем, что вызвало недовольство клиентов. - Обновление ввело облачную систему, отказавшись от надежной технологии Universal Plug and Play (UPnP), что привело к проблемам с подключением и увеличению сложности. - Эта ситуация подчеркивает конфликт между бизнес-стратегиями и поддержанием доверия клиентов, так как генеральный директор переходит на консультативную роль с выходным пособием. + +## [В чреве MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Реакции](https://news.ycombinator.com/item?id=42696691) + +- Эссе исследует, как алгоритм YouTube влияет на создание контента, используя MrBeast в качестве примера, подчеркивая сдвиг в сторону контента, ориентированного на вовлеченность, а не на значимость. - Обсуждаются более широкие последствия для медиаграмотности и культурное влияние таких платформ, как YouTube и TikTok, предполагая тенденцию к поверхностному и реакционному контенту. - Рассматриваются различные точки зрения на роль алгоритмов в формировании контента и влияние популярных создателей на культурные нормы. + +## [Операции Git на GitHub не работают](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub столкнулся с сбоем операций Git 13 января 2025 года из-за изменения конфигурации, повлиявшего на внутренний балансировщик нагрузки, который длился с 23:35 до 00:24 по UTC. - Проблема была решена путем отмены изменения конфигурации, и GitHub работает над улучшением процессов мониторинга и развертывания, чтобы предотвратить подобные инциденты. - Сбой также затронул сервисы GitHub Actions и Pages, что подчеркивает взаимосвязанную природу их платформенных сервисов. + +### [Реакции](https://news.ycombinator.com/item?id=42691184) + +- GitHub столкнулся с серьезным сбоем, который повлиял на операции с git, вызвав замешательство среди разработчиков, которые первоначально подозревали проблемы с их SSH-ключами или локальными конфигурациями. - Инцидент подчеркнул трудности, связанные с зависимостью от централизованных сервисов, вызвав обсуждения о преимуществах самохостинга и децентрализованных систем. - Хотя проблема была решена, она подчеркнула обеспокоенность по поводу надежности GitHub и рисков, связанных с зависимостью от сторонних платформ для выполнения важных задач. + +## [Выпущен ZFS 2.3 с расширением ZFS raidz](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 выпущен, представляя значительные функции, такие как расширение RAIDZ, быстрая дедупликация, прямой ввод/вывод, вывод в формате JSON и поддержка длинных имен файлов. - Выпуск включает в себя важные исправления ошибок и улучшения производительности, совместимые с ядрами Linux 4.18 - 6.12 и версиями FreeBSD 13.3, 14.0 - 14.2. - Обновление является совместной работой 134 участников, с доступной для ознакомления полной документацией и журналом изменений. + +### [Реакции](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 был выпущен, представив такие функции, как расширение RAIDZ, быстрая дедупликация, прямой ввод-вывод, вывод в формате JSON и поддержка длинных имен файлов. - Расширение RAIDZ особенно примечательно, так как позволяет пользователям добавлять новые устройства в существующий пул RAIDZ без простоя, увеличивая емкость хранилища. - Выпуск считается значительным достижением для пользователей ZFS, вызывая сравнения с другими файловыми системами, такими как Btrfs и Windows Storage Spaces, несмотря на некоторые ограничения, такие как невозможность уменьшения пулов. + +## [Webtop – контейнеры Alpine, Ubuntu, Fedora и Arch, содержащие полные настольные среды](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop предоставляет контейнеры на основе Alpine, Ubuntu, Fedora и Arch с полными настольными окружениями, доступными через веб-браузеры, поддерживая архитектуры x86-64 и arm64. +- Пользователи могут выбирать из различных настольных сред, таких как XFCE, KDE, MATE, i3, Openbox и IceWM, используя определенные теги изображений, и получать доступ к Webtop через указанные URL-адреса. +- Функции безопасности включают в себя опцию seccomp Docker и настройку аутентификации, с возможностью настройки через переменные окружения, а также поддержку ускорения GPU с использованием драйверов с открытым исходным кодом. + +### [Реакции](https://news.ycombinator.com/item?id=42690983) + +- Webtop предоставляет контейнеры с полными рабочими столами для Alpine, Ubuntu, Fedora и Arch, подходящие для быстрой настройки за VPN. +- Пользователи хвалят Webtop за его скорость и простоту использования, особенно при использовании с контейнером Gluetun для безопасных подключений, но предостерегают от вывода контейнеров в интернет без мер безопасности из-за отсутствия аутентификации по умолчанию. +- Проект ценится за то, что он является открытым и гибким, пользователи делятся конфигурациями, а такие альтернативы, как Kasm и Selkies, отмечены для схожих целей. + +## [1 из 5 онлайн-вакансий либо фальшивые, либо никогда не заполняются, как показало исследование.](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- Недавнее исследование показывает, что 20% онлайн-вакансий либо фальшивые, либо остаются незаполненными, что добавляет разочарования соискателям. - Эта тенденция "призрачных вакансий" может быть тактикой компаний для создания образа роста. - Платформы для поиска работы, такие как Greenhouse и LinkedIn, внедрили услуги проверки вакансий, чтобы помочь пользователям в идентификации подлинных возможностей трудоустройства. + +### [Реакции](https://news.ycombinator.com/item?id=42697783) + +- Исследование показывает, что 20% онлайн-вакансий либо фальшивые, либо остаются незаполненными, часто из-за необходимости компаний соблюдать иммиграционные политики США. - Компании также могут оставлять вакансии открытыми, чтобы найти идеальных кандидатов, изменить требования или иметь заранее выбранных внутренних кандидатов. - Рынок труда сложен для соискателей, которые часто сталкиваются с игнорированием и автоматическими отказами, что вызывает призывы к регуляторному вмешательству. + +## [Делать перекресток небезопасным для пешеходов, чтобы сэкономить секунды для водителей](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Реакции](https://news.ycombinator.com/item?id=42698557) + +- Дебаты сосредоточены на том, должны ли перекрестки отдавать приоритет безопасности пешеходов или эффективности водителей, причем некоторые предпочитают перекрестки с светофорами и пешеходные переходы вместо перекрестков с четырьмя стопами. +- Мнения расходятся по поводу законов о дорожном движении и проектирования инфраструктуры, обсуждаются вопросы безопасности перехода улицы в неположенном месте и риски, связанные с поворотом направо на красный свет. +- Некоторые выступают за альтернативные решения, такие как круговые перекрестки или принятие голландских стандартов дорожного проектирования для повышения как безопасности, так и эффективности. + +## [PostgreSQL - это система управления базами данных года 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL был удостоен звания СУБД года 2024 по версии DB-Engines, получив это признание в пятый раз, обойдя 423 другие системы управления базами данных. +- PostgreSQL, с историей, охватывающей почти 35 лет, продолжает внедрять инновации, что видно на примере последних улучшений PostgreSQL 17, выпущенного в сентябре 2024 года. +- Snowflake и Microsoft заняли второе и третье места соответственно, при этом Snowflake отмечен за свои облачные хранилища данных и поддержку мультиоблачности, в то время как Microsoft предлагает надежные управляемые реляционные базы данных через Azure SQL Database и SQL Server. + +### [Реакции](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL был удостоен звания Система управления базами данных года 2024 по версии db-engines.com, что подчеркивает его растущую популярность и признание в отрасли. +- Пользователи рассматривают возможность перехода с Microsoft SQL Server на PostgreSQL из-за высоких затрат на лицензирование и ограничений ресурсов, несмотря на возможные трудности с миграцией. +- PostgreSQL пользуется популярностью благодаря своим надежным функциям и экономической эффективности, что делает его предпочтительным выбором для будущих проектов, хотя некоторые пользователи рассматривают альтернативы, такие как Babelfish, чтобы снизить затраты. + +## [OAuth-авторизация Google не защищает от покупки домена неудавшегося стартапа.](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Реакции](https://news.ycombinator.com/item?id=42699099) + +- Обсуждение подчеркивает уязвимость в системе входа Google OAuth, когда домен неудавшегося стартапа приобретает новый владелец, что потенциально позволяет несанкционированный доступ к сервисам. +- Эта проблема возникает, потому что Google может не различать оригинальных и новых владельцев домена, что влияет на любую систему, использующую аутентификацию на основе домена. +- Предлагаемое решение заключается в использовании уникальных идентификаторов, которые остаются постоянными с течением времени, хотя реализация этого решения варьируется среди поставщиков идентификационных услуг. + +## [Использование навыков программирования для получения пассивного дохода](https://www.coryzue.com/writing/solopreneur/) + +- Автор перешел с должности технического директора на путь солопредпринимателя, успешно зарабатывая больше благодаря портфелю программных продуктов. +- Ключевые стратегии включают в себя сосредоточение на глубокой работе, начало с небольших проектов, быструю итерацию и выделение времени на маркетинговые усилия. +- Путешествие подчеркивает стойкость перед лицом неопределенностей, но выделяет несравненную автономию и свободу этого карьерного пути, побуждая тех, кто обладает навыками программирования, рассмотреть его для получения пассивного дохода. + +### [Реакции](https://news.ycombinator.com/item?id=42696822) + +- Пользователь описал создание пассивного дохода через SEO-спам-сайты, используя истекающие доменные имена, зарабатывая примерно $30k в год, несмотря на этические проблемы и последующее вмешательство Google. +- Публикация вызвала дебаты о пассивном доходе, при этом некоторые пользователи утверждают, что это больше похоже на ведение бизнеса, чем на действительно пассивный заработок. +- Участники поделились опытом и трудностями в побочных проектах, подчеркнув важность времени, устойчивости и стратегического планирования. + +## [Испания предлагает 100% налог на дома, купленные резидентами, не входящими в ЕС](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Испания рассматривает возможность введения 100% налога на покупку недвижимости для нерезидентов ЕС, стремясь решить жилищный кризис и ограничить спекулятивные покупки. +- Предложение премьер-министра Педро Санчеса включает расширение социального жилья и регулирование туристической аренды для решения проблемы несоответствия между ценами на жилье и доходами. +- Будущее предложения как закона остается неопределенным, и некоторые аналитики рассматривают его скорее как сдерживающий фактор для иностранных инвесторов, чем как гарантированное законодательное изменение. + +### [Реакции](https://news.ycombinator.com/item?id=42690781) + +- Испания рассматривает возможность введения 100% налога на дома, приобретаемые резидентами, не входящими в ЕС, чтобы решить проблемы доступности жилья. - Критики утверждают, что иностранные покупатели не являются основной причиной высоких цен на жилье, указывая на медлительность бюрократии и законы о зонировании как на более значительные факторы. - Это предложение вызвало дебаты о роли иностранной собственности на рынке жилья и ее эффективности в решении проблем доступности. + +## [Apple вскоре получит чипы 'сделано в Америке' с фабрики TSMC в Аризоне.](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple тестирует процессоры из аризонского завода TSMC, планируя массовое производство к первому кварталу, что потенциально делает её первым клиентом TSMC в США для локально произведённых чипов. - Эта инициатива направлена на укрепление независимости США в области кремния, снижая зависимость от Тайваня, который уязвим к геополитическим и природным рискам. - Аризонский завод TSMC будет производить передовые чипы 3нм и 2нм, с продолжающимися усилиями по улучшению местного набора сотрудников и партнёрств с американскими университетами, хотя упаковка изначально будет происходить на Тайване, пока объект в Пеории не станет операционным. + +### [Реакции](https://news.ycombinator.com/item?id=42699977) + +- Apple будет получать чипы с завода TSMC в Аризоне, но их необходимо отправлять обратно на Тайвань для упаковки из-за недостатка соответствующих мощностей в США. - Более 50% рабочей силы на заводе в Аризоне составляют сотрудники из Тайваня, что указывает на пробел в области STEM (наука, технологии, инженерия и математика) в США. - Инициатива CHIPS Act, направленная на усиление производства полупроводников в США, сталкивается с трудностями, так как маркировка "Сделано в Америке" ставится под сомнение из-за процесса упаковки, происходящего на Тайване, с планами по созданию возможностей для упаковки в США к 2027 году. + +## [На дорогах Манхэттена стало на 43 тысячи водителей меньше после введения платы за въезд в зону с высокой загруженностью.](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- После внедрения системы платного въезда количество водителей, въезжающих в Манхэттен ниже 60-й улицы, сократилось на 7,5%, что эквивалентно 43 000 водителей меньше каждый будний день. +- Снижение трафика улучшило поток движения и увеличило скорость автобусов, при этом некоторые экспресс-автобусы испытывают рост числа пассажиров. +- Метрополитенское транспортное управление (MTA) использует доходы от сборов, оцениваемые в 500 миллионов долларов в год, для улучшения транспорта, несмотря на некоторое политическое сопротивление. + +### [Реакции](https://news.ycombinator.com/item?id=42692730) + +- Введение платы за въезд в Манхэттен привело к сокращению числа водителей на 43 000, что способствовало увеличению скорости движения автобусов и, возможно, улучшению времени реагирования экстренных служб. +- Политика направлена на снижение заторов на дорогах и улучшение качества воздуха, хотя она вызвала дебаты по поводу ее влияния на людей с низким доходом. +- Сторонники утверждают, что преимущества включают более эффективный общественный транспорт и более чистый воздух, в то время как продолжаются обсуждения о том, как сбалансировать эти преимущества с потребностями водителей. + + + + + + diff --git a/i18n/sk/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/sk/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..9ed5e8b73 --- /dev/null +++ b/i18n/sk/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [„Výskumník bezpečnosti Snyk nasadzuje škodlivé balíky NPM zamerané na cursor.com“](https://sourcecodered.com/snyk-malicious-npm-package/) + +- „Bezpečnostný výskumník zo spoločnosti Snyk vydal škodlivé NPM balíčky zamerané na Cursor.com, spoločnosť zaoberajúcu sa AI kódovaním, s cieľom zhromažďovať systémové údaje a posielať ich na službu kontrolovanú útočníkom.“ +- „Balíky, identifikované ako „cursor-retrieval“, „cursor-always-local“ a „cursor-shadow-workspace“, boli označené skenerom analýzy balíkov OpenSSF, čo viedlo k upozorneniam MAL-2025-27, MAL-2025-28 a MAL-2025-29.“ +- „Tento incident zdôrazňuje dôležitosť dôkladného preskúmania NPM balíkov pred ich inštaláciou, aby sa predišlo potenciálnym bezpečnostným hrozbám.“ + +### [Reakcie](https://news.ycombinator.com/item?id=42690473) + +- „Bezpečnostný výskumník zo spoločnosti Snyk zverejnil škodlivé balíčky NPM (Node Package Manager) zamerané na cursor.com, čím poukázal na zraniteľnosti spôsobené zmätkom v závislostiach. - Tento incident vyvolal diskusiu o etike bezpečnostného výskumu, najmä pokiaľ ide o verejné zverejňovanie premenných prostredia. - Cursor.com objasnil, že túto akciu neautorizovali, a Snyk sa odvtedy ospravedlnil, čím zdôraznil výzvy pri vyvažovaní ofenzívneho bezpečnostného výskumu s etickými normami.“ + +## [„Prešiel som na Firefox a nikdy som sa neobzrel späť“](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- „Firefox je chválený za svoju vynikajúcu správu kariet, vstavanú funkciu Pocket na ukladanie odkazov a súkromie zameraný emailový relé, čo z neho robí silnú alternatívu k Chrome. - Ďalšie funkcie ako užívateľsky prívetivý nástroj na snímanie obrazovky, tlačidlo ChatGPT, funkcia Obraz v obraze, prispôsobiteľné možnosti vyhľadávania a plynulé posúvanie zlepšujú zážitok z prehliadania. - Aj keď Firefox nemá funkciu webových aplikácií ako Chrome, jeho premyslený dizajn a znížené nároky na zdroje ho robia preferovanou voľbou pre niektorých používateľov.“ + +### [Reakcie](https://news.ycombinator.com/item?id=42696081) + +- „Používatelia Firefoxu čelia výzvam zo strany platforiem ako YouTube, ktoré môžu úmyselne zhoršovať zážitok pre používateľov ne-Google prehliadačov alebo tých, ktorí používajú blokovače reklám. - Tento trend vyvoláva obavy o autonómiu používateľov, pretože penalizuje tých, ktorí sa rozhodnú pre web bez reklám a sledovania. - Firefox ponúka jedinečné funkcie, ako sú kontajnerové karty, ktoré zvyšujú súkromie a použiteľnosť, čo z neho robí obľúbenú voľbu pre používateľov hľadajúcich nezávislosť od veľkých korporátne kontrolovaných prehliadačov.“ + +## [„Generálny riaditeľ spoločnosti Sonos odstupuje po fiasku s aktualizáciou aplikácie“](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reakcie](https://news.ycombinator.com/item?id=42687932) + +- „Generálny riaditeľ spoločnosti Sonos rezignoval po kontroverznej aktualizácii aplikácie, ktorá vyžadovala, aby používatelia nahradili drahé zvukové systémy, čo spôsobilo nespokojnosť zákazníkov. - Aktualizácia zaviedla systém založený na cloude, čím sa vzdialila od spoľahlivého Universal Plug and Play (UPnP), čo viedlo k problémom s pripojením a zvýšenej zložitosti. - Táto situácia zdôrazňuje konflikt medzi obchodnými stratégiami a udržiavaním dôvery zákazníkov, keďže generálny riaditeľ prechádza do poradenskej úlohy s odstupným balíkom.“ + +## [„V bruchu MrBeasta“](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reakcie](https://news.ycombinator.com/item?id=42696691) + +- „Esej skúma, ako YouTube algoritmus ovplyvňuje tvorbu obsahu, pričom ako prípadovú štúdiu používa MrBeasta, a zdôrazňuje posun smerom k obsahu zameranému na zapojenie skôr než na zmysluplný obsah. - Diskutuje o širších dôsledkoch pre mediálnu gramotnosť a kultúrny vplyv platforiem ako YouTube a TikTok, naznačujúc trend smerom k povrchnému a reakčnému obsahu. - Zvažujú sa rôzne perspektívy o úlohe algoritmov pri formovaní obsahu a vplyve populárnych tvorcov na kultúrne normy.“ + +## [„Operácie Git na GitHube sú nefunkčné“](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- „GitHub čelil výpadku operácií Git 13. januára 2025 kvôli zmene konfigurácie, ktorá ovplyvnila interný vyvažovač záťaže, a trval od 23:35 do 00:24 UTC. - Problém bol vyriešený návratom k pôvodnej konfigurácii a GitHub pracuje na zlepšení monitorovacích a nasadzovacích procesov, aby sa predišlo podobným incidentom. - Výpadok tiež ovplyvnil služby GitHub Actions a Pages, čo poukazuje na prepojenú povahu ich platformových služieb.“ + +### [Reakcie](https://news.ycombinator.com/item?id=42691184) + +- „GitHub čelil veľkému výpadku, ktorý ovplyvnil git operácie, čo viedlo k zmätku medzi vývojármi, ktorí spočiatku podozrievali problémy so svojimi SSH kľúčmi alebo lokálnymi konfiguráciami. - Incident zdôraznil výzvy spojené so spoliehaním sa na centralizované služby, čo podnietilo diskusie o výhodách samohostovania a decentralizovaných systémov. - Hoci bol problém vyriešený, poukázal na obavy o spoľahlivosť GitHubu a riziká spoliehania sa na platformy tretích strán pre základné úlohy.“ + +## [„ZFS 2.3 vydaný s rozšírením ZFS raidz“](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- „OpenZFS 2.3.0 bol vydaný a prináša významné funkcie ako rozšírenie RAIDZ, rýchlu deduplikáciu, priamy vstup/výstup, výstup vo formáte JSON a podporu pre dlhé názvy súborov. - Vydanie zahŕňa dôležité opravy chýb a vylepšenia výkonu, kompatibilné s jadrami Linuxu 4.18 - 6.12 a verziami FreeBSD 13.3, 14.0 - 14.2. - Aktualizácia je výsledkom spolupráce 134 prispievateľov, s dostupnou komplexnou dokumentáciou a záznamom zmien na preštudovanie.“ + +### [Reakcie](https://news.ycombinator.com/item?id=42694596) + +- „ZFS 2.3 bol vydaný, prinášajúc funkcie ako rozšírenie RAIDZ, rýchlu deduplikáciu, priamy IO, výstup v JSON a podporu pre dlhé názvy súborov. - Rozšírenie RAIDZ je obzvlášť pozoruhodné, pretože umožňuje používateľom pridávať nové zariadenia do existujúceho RAIDZ poolu bez prestojov, čím zvyšuje kapacitu úložiska. - Vydanie je považované za významný pokrok pre používateľov ZFS, pričom sa porovnáva s inými súborovými systémami ako Btrfs a Windows Storage Spaces, napriek niektorým obmedzeniam, ako je neschopnosť zmenšiť pooly.“ + +## [„Webtop – kontajnery Alpine, Ubuntu, Fedora a Arch obsahujúce plné desktopové prostredia“](https://docs.linuxserver.io/images/docker-webtop/) + +- „Linuxserver/webtop poskytuje kontajnery založené na Alpine, Ubuntu, Fedora a Arch s plnými desktopovými prostrediami prístupnými cez webové prehliadače, podporujúcimi architektúry x86-64 aj arm64.“ +- „Používatelia si môžu vybrať z rôznych desktopových prostredí, ako sú XFCE, KDE, MATE, i3, Openbox a IceWM, pomocou špecifických značiek obrázkov a pristupovať k Webtopu prostredníctvom určených URL adries.“ +- „Bezpečnostné funkcie zahŕňajú možnosť seccomp v Dockeri a nastavenie autentifikácie, s možnosťami prispôsobenia prostredníctvom premenných prostredia a podporou akcelerácie GPU s open-source ovládačmi.“ + +### [Reakcie](https://news.ycombinator.com/item?id=42690983) + +- „Webtop poskytuje kontajnery s plnými desktopovými prostrediami pre Alpine, Ubuntu, Fedora a Arch, vhodné pre rýchle nastavenia za VPN.“ +- „Používatelia chvália Webtop za jeho rýchlosť a jednoduchosť použitia, najmä keď sa používa s kontajnerom Gluetun pre zabezpečené pripojenia, ale varujú pred vystavením kontajnerov internetu bez bezpečnostných opatrení kvôli absencii predvolenej autentifikácie.“ +- „Projekt je cenený za to, že je open-source a flexibilný, pričom používatelia zdieľajú konfigurácie, a alternatívy ako Kasm a Selkies sú známe pre podobné účely.“ + +## [„1 z 5 online pracovných ponúk je buď falošná, alebo nikdy nie je obsadená, zistila štúdia“](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- „Nedávna štúdia naznačuje, že 20 % online pracovných ponúk je buď falošných, alebo zostáva neobsadených, čo pridáva k frustrácii uchádzačov o zamestnanie. - Tento trend „duchovných pracovných miest“ môže byť taktikou spoločností na projekciu obrazu rastu. - Pracovné platformy ako Greenhouse a LinkedIn zaviedli služby overovania pracovných miest, aby pomohli používateľom identifikovať skutočné pracovné príležitosti.“ + +### [Reakcie](https://news.ycombinator.com/item?id=42697783) + +- „Štúdia odhaľuje, že 20 % online pracovných ponúk je buď falošných, alebo zostáva neobsadených, často kvôli tomu, že spoločnosti musia dodržiavať imigračné politiky USA. - Spoločnosti môžu tiež ponechať pracovné ponuky zverejnené, aby našli ideálnych kandidátov, zmenili požiadavky alebo mali vopred vybraných interných kandidátov. - Trh práce je pre uchádzačov náročný, často sa stretávajú s ignorovaním a automatizovanými odmietnutiami, čo vyvoláva výzvy na regulačné zásahy.“ + +## [„Urobiť križovatku nebezpečnou pre chodcov, aby sa ušetrili sekundy pre vodičov“](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reakcie](https://news.ycombinator.com/item?id=42698557) + +- „Debata sa sústreďuje na to, či by križovatky mali uprednostňovať bezpečnosť chodcov alebo efektívnosť vodičov, pričom niektorí uprednostňujú svetelne riadené križovatky a prechody pre chodcov pred štvorcestnými zastaveniami.“ +- „Názory na dopravné zákony a návrh infraštruktúry sa líšia, pričom sa diskutuje o bezpečnosti prechádzania mimo priechodu a rizikách spojených s odbočovaním doprava na červenú.“ +- „Niektorí obhajujú alternatívne riešenia, ako sú kruhové objazdy alebo prijatie holandských štandardov dopravného inžinierstva na zvýšenie bezpečnosti a efektívnosti.“ + +## [„PostgreSQL je systém na správu databáz roka 2024“](https://db-engines.com/en/blog_post/109) + +- „PostgreSQL získal ocenenie DBMS roka 2024 od DB-Engines, čím dosiahol toto uznanie už piatykrát, prekonávajúc 423 ďalších systémov na správu databáz.“ +- „PostgreSQL, s históriou trvajúcou takmer 35 rokov, naďalej inovuje, čo je vidieť na nedávnych vylepšeniach PostgreSQL 17, vydaných v septembri 2024.“ +- „Snowflake a Microsoft si zabezpečili druhé a tretie miesto, pričom Snowflake je známy svojím cloudovým dátovým skladovaním a podporou viacerých cloudov, zatiaľ čo Microsoft ponúka robustné spravované relačné databázy prostredníctvom Azure SQL Database a SQL Server.“ + +### [Reakcie](https://news.ycombinator.com/item?id=42696080) + +- „PostgreSQL bol ocenený ako Systém na správu databáz roka 2024 podľa db-engines.com, čo zdôrazňuje jeho rastúcu popularitu a uznanie v priemysle.“ +- „Používatelia zvažujú prechod z Microsoft SQL Server na PostgreSQL kvôli vysokým licenčným nákladom a obmedzeniam zdrojov, napriek potenciálnym výzvam pri migrácii.“ +- „PostgreSQL je obľúbený pre svoje robustné funkcie a nákladovú efektívnosť, čo z neho robí preferovanú voľbu pre budúce projekty, hoci niektorí používatelia skúmajú alternatívy ako Babelfish na zníženie nákladov.“ + +## [„Google OAuth prihlásenie nechráni pred kúpou domény neúspešného startupu“](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reakcie](https://news.ycombinator.com/item?id=42699099) + +- „Diskusia poukazuje na zraniteľnosť v systéme prihlásenia Google OAuth, keď doménu neúspešného startupu získa nový vlastník, čo môže potenciálne umožniť neoprávnený prístup k službám.“ +- „Tento problém vzniká, pretože Google nemusí rozlišovať medzi pôvodnými a novými vlastníkmi domény, čo ovplyvňuje akýkoľvek systém, ktorý používa autentifikáciu založenú na doméne.“ +- „Navrhovaným riešením je použitie jedinečných identifikátorov, ktoré zostávajú konštantné v priebehu času, hoci implementácia tohto riešenia sa líši medzi poskytovateľmi identity.“ + +## [„Používanie programovacích zručností na vytváranie pasívneho príjmu“](https://www.coryzue.com/writing/solopreneur/) + +- „Autor prešiel z pozície CTO na solopodnikateľa a úspešne zarába viac prostredníctvom portfólia softvérových produktov.“ +- „Kľúčové stratégie zahŕňajú zameranie sa na hlbokú prácu, začínanie s malými projektmi, rýchle iterovanie a venovanie času marketingovým aktivitám.“ +- „Cesta zdôrazňuje odolnosť kvôli neistotám, ale vyzdvihuje neprekonateľnú autonómiu a slobodu tejto kariérnej cesty, čím povzbudzuje tých, ktorí majú zručnosti v kódovaní, aby ju zvážili ako pasívny príjem.“ + +### [Reakcie](https://news.ycombinator.com/item?id=42696822) + +- „Používateľ opísal generovanie pasívneho príjmu prostredníctvom SEO spamových webových stránok pomocou expirovaných doménových mien, pričom zarábal približne 30 tisíc dolárov ročne, napriek etickým obavám a následnému zásahu zo strany Googlu.“ +- „Príspevok vyvolal diskusiu o pasívnom príjme, pričom niektorí používatelia tvrdili, že je to skôr podobné vedeniu podnikania než skutočne pasívnym zárobkom.“ +- „Účastníci sa podelili o skúsenosti a výzvy v bočných projektoch, pričom zdôraznili dôležitosť času, odolnosti a strategického plánovania.“ + +## [„Španielsko navrhuje 100% daň na domy kúpené obyvateľmi mimo EÚ“](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- „Španielsko zvažuje 100% daň na nákupy nehnuteľností obyvateľmi mimo EÚ, s cieľom riešiť krízu bývania a obmedziť špekulatívne nákupy.“ +- „Návrh premiéra Pedra Sáncheza zahŕňa rozšírenie sociálneho bývania a reguláciu turistických prenájmov na riešenie rozdielu medzi cenami bývania a príjmami.“ +- „Budúcnosť návrhu ako zákona je neistá, pričom niektorí analytici ho vnímajú skôr ako odstrašujúci prostriedok pre zahraničných investorov než ako zaručenú legislatívnu zmenu.“ + +### [Reakcie](https://news.ycombinator.com/item?id=42690781) + +- „Španielsko zvažuje 100% daň na domy kúpené obyvateľmi mimo EÚ, aby riešilo problémy s dostupnosťou bývania. - Kritici naznačujú, že zahraniční kupci nie sú hlavnou príčinou vysokých cien bývania, pričom ako významnejšie faktory uvádzajú pomalú byrokraciu a územné zákony. - Návrh vyvolal diskusiu o úlohe zahraničného vlastníctva na trhoch s bývaním a jeho účinnosti pri riešení problémov s dostupnosťou.“ + +## [„Apple čoskoro dostane čipy 'vyrobené v Amerike' z továrne TSMC v Arizone“](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- „Apple testuje procesory z arizonského závodu TSMC s plánmi na hromadnú výrobu do prvého štvrťroka, pričom by sa mohol stať prvým americkým zákazníkom TSMC pre lokálne vyrábané čipy. - Táto iniciatíva má za cieľ posilniť americkú nezávislosť na silikóne, čím sa zníži závislosť na Taiwane, ktorý je zraniteľný voči geopolitickým a prírodným rizikám. - Arizonská továreň TSMC má vyrábať pokročilé 3nm a 2nm čipy, pričom prebiehajú snahy o zlepšenie miestneho náboru a partnerstiev s americkými univerzitami, hoci balenie sa spočiatku bude vykonávať na Taiwane, kým nebude prevádzková továreň v Peorii.“ + +### [Reakcie](https://news.ycombinator.com/item?id=42699977) + +- „Apple dostane čipy z arizonskej továrne TSMC, ale musia byť poslané späť na Taiwan na balenie kvôli nedostatočným zariadeniam v USA. - Viac ako 50 % pracovnej sily v arizonskej továrni pochádza z Taiwanu, čo naznačuje medzeru v oblasti STEM (veda, technológia, inžinierstvo a matematika) v USA. - Iniciatíva CHIPS Act, zameraná na posilnenie výroby polovodičov v USA, čelí výzvam, pretože označenie „Vyrobené v Amerike“ je spochybňované kvôli procesu balenia prebiehajúcemu na Taiwane, s plánmi na americké baliace kapacity do roku 2027.“ + +## [„O 43 tisíc menej vodičov na cestách v Manhattane po zavedení poplatkov za preťaženie dopravy“](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- „Po zavedení poplatkov za preťaženie došlo k zníženiu počtu vodičov vstupujúcich do Manhattanu pod 60. ulicou o 7,5 %, čo predstavuje o 43 000 menej vodičov každý pracovný deň.“ +- „Zníženie premávky zlepšilo plynulosť dopravy a zvýšilo rýchlosť autobusov, pričom niektoré expresné autobusy zaznamenali vyšší počet cestujúcich.“ +- „Metropolitný dopravný úrad (MTA) využíva príjmy z mýta, odhadované na 500 miliónov dolárov ročne, na zlepšenie dopravy, napriek určitému politickému odporu.“ + +### [Reakcie](https://news.ycombinator.com/item?id=42692730) + +- „Zavedenie poplatkov za preťaženie dopravy na Manhattane viedlo k zníženiu počtu vodičov o 43 000, čo viedlo k zvýšeniu rýchlosti autobusov a potenciálne lepším časom reakcie záchranných služieb.“ +- „Politika je navrhnutá tak, aby znížila dopravné zápchy a zlepšila kvalitu ovzdušia, hoci vyvolala diskusiu o jej dopade na osoby s nižšími príjmami.“ +- „Zástancovia tvrdia, že výhody zahŕňajú efektívnejšiu verejnú dopravu a čistejší vzduch, zatiaľ čo diskusie pokračujú o vyvážení týchto výhod s potrebami vodičov.“ + + + + + + diff --git a/i18n/sv/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/sv/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..a8dbb381e --- /dev/null +++ b/i18n/sv/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [En säkerhetsforskare från Snyk distribuerar skadliga NPM-paket som riktar sig mot cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- En säkerhetsforskare från Snyk släppte skadliga NPM-paket som riktade sig mot Cursor.com, ett AI-kodningsföretag, för att samla in systemdata och skicka den till en tjänst kontrollerad av angriparen. +- Paketen, identifierade som "cursor-retrieval", "cursor-always-local" och "cursor-shadow-workspace", flaggades av OpenSSF:s paketanalysverktyg, vilket resulterade i rådgivningar MAL-2025-27, MAL-2025-28 och MAL-2025-29. +- Denna incident belyser vikten av att granska NPM-paket innan installation för att undvika potentiella säkerhetshot. + +### [Reaktioner](https://news.ycombinator.com/item?id=42690473) + +- En säkerhetsforskare från Snyk släppte skadliga NPM (Node Package Manager) paket riktade mot cursor.com, vilket belyser sårbarheter i beroendekonfusion. - Händelsen har väckt en debatt om etiken inom säkerhetsforskning, särskilt när det gäller offentlig exponering av miljövariabler. - Cursor.com klargjorde att de inte godkände åtgärden, och Snyk har sedan dess bett om ursäkt, vilket understryker utmaningarna i att balansera offensiv säkerhetsforskning med etiska standarder. + +## [Jag bytte till Firefox och har aldrig sett tillbaka](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox beröms för sin överlägsna flikhantering, inbyggda Pocket-funktion för att spara länkar och en integritetsfokuserad e-postrelä, vilket gör det till ett starkt alternativ till Chrome. - Ytterligare funktioner som ett användarvänligt skärmdumpsverktyg, en ChatGPT-knapp, Bild-i-bild, anpassningsbara sökalternativ och smidig rullning förbättrar surfupplevelsen. - Även om Firefox saknar Chromes webbappfunktion, gör dess genomtänkta design och minskade resurskrav det till ett föredraget val för vissa användare. + +### [Reaktioner](https://news.ycombinator.com/item?id=42696081) + +- Firefox-användare står inför utmaningar från plattformar som YouTube, som kan avsiktligt försämra upplevelsen för icke-Google-webbläsare eller användare som använder annonsblockerare. - Denna trend väcker oro över användarens autonomi, eftersom den straffar dem som väljer en annonsfri och övervakningsfri webbupplevelse. - Firefox erbjuder unika funktioner, såsom containerflikar, som förbättrar integritet och användbarhet, vilket gör det till ett föredraget val för användare som söker oberoende från stora företagskontrollerade webbläsare. + +## [Sonos VD avgår efter appuppdateringsfiasko](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Reaktioner](https://news.ycombinator.com/item?id=42687932) + +- Sonos VD har avgått efter en kontroversiell appuppdatering som krävde att användare ersatte kostsamma ljudsystem, vilket orsakade kundmissnöje. - Uppdateringen introducerade ett molnbaserat system, vilket innebar en övergång från det pålitliga Universal Plug and Play (UPnP), vilket ledde till anslutningsproblem och ökad komplexitet. - Denna situation understryker konflikten mellan affärsstrategier och att upprätthålla kundförtroende, då VD:n övergår till en rådgivande roll med ett avgångsvederlag. + +## [I magen på MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Reaktioner](https://news.ycombinator.com/item?id=42696691) + +- Uppsatsen undersöker hur YouTubes algoritm påverkar innehållsskapande, med MrBeast som ett fallstudieexempel, och belyser en förskjutning mot engagemangsdrivet snarare än meningsfullt innehåll. - Den diskuterar de bredare konsekvenserna för medieläskunnighet och den kulturella påverkan av plattformar som YouTube och TikTok, och föreslår en trend mot ytligt och reaktionärt innehåll. - Olika perspektiv beaktas på algoritmers roll i att forma innehåll och populära skapares inflytande på kulturella normer. + +## [GitHub Git-operationer är nere](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub drabbades av ett avbrott i Git-operationer den 13 januari 2025 på grund av en konfigurationsändring som påverkade den interna lastbalanseraren, vilket varade från 23:35 till 00:24 UTC. - Problemet löstes genom att återställa konfigurationsändringen, och GitHub arbetar på att förbättra övervaknings- och distributionsprocesser för att förhindra liknande incidenter. - Avbrottet påverkade även GitHubs Actions- och Pages-tjänster, vilket belyser den sammanlänkade naturen hos deras plattformstjänster. + +### [Reaktioner](https://news.ycombinator.com/item?id=42691184) + +- GitHub drabbades av ett stort avbrott som påverkade git-operationer, vilket ledde till förvirring bland utvecklare som initialt misstänkte problem med sina SSH-nycklar eller lokala konfigurationer. - Händelsen betonade utmaningarna med att förlita sig på centraliserade tjänster och ledde till diskussioner om fördelarna med egen hosting och decentraliserade system. - Även om problemet löstes, belyste det oro över GitHubs tillförlitlighet och riskerna med att vara beroende av tredjepartsplattformar för viktiga uppgifter. + +## [ZFS 2.3 släppt med ZFS raidz-expansion](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 har släppts och introducerar betydande funktioner som RAIDZ Expansion, snabb deduplicering, direkt in-/utmatning, JSON-utmatning och stöd för långa filnamn. - Utgåvan inkluderar viktiga buggfixar och prestandaförbättringar, kompatibel med Linux-kärnor 4.18 - 6.12 och FreeBSD-versioner 13.3, 14.0 - 14.2. - Uppdateringen är ett samarbetsprojekt från 134 bidragsgivare, med omfattande dokumentation och en ändringslogg tillgänglig för granskning. + +### [Reaktioner](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 har släppts och introducerar funktioner som RAIDZ-expansion, snabb deduplicering, direkt IO, JSON-utdata och stöd för långa filnamn. - RAIDZ-expansion är särskilt anmärkningsvärd eftersom den tillåter användare att lägga till nya enheter till en befintlig RAIDZ-pool utan driftstopp, vilket ökar lagringskapaciteten. - Utgåvan anses vara ett betydande framsteg för ZFS-användare och jämförs med andra filsystem som Btrfs och Windows Storage Spaces, trots vissa begränsningar som oförmågan att krympa pooler. + +## [Webtop – Alpine, Ubuntu, Fedora och Arch-containrar som innehåller fullständiga skrivbordsmiljöer](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop tillhandahåller containrar baserade på Alpine, Ubuntu, Fedora och Arch med fullständiga skrivbordsmiljöer som är tillgängliga via webbläsare, och stöder både x86-64 och arm64-arkitekturer. +- Användare kan välja mellan olika skrivbordsmiljöer som XFCE, KDE, MATE, i3, Openbox och IceWM genom att använda specifika bildtaggar, och få tillgång till Webtop via angivna URL:er. +- Till säkerhetsfunktionerna hör Dockers seccomp-alternativ och autentiseringsinställningar, med anpassningsmöjligheter tillgängliga via miljövariabler, samt stöd för GPU-acceleration med öppen källkod-drivrutiner. + +### [Reaktioner](https://news.ycombinator.com/item?id=42690983) + +- Webtop tillhandahåller containrar med fullständiga skrivbordsmiljöer för Alpine, Ubuntu, Fedora och Arch, lämpliga för snabba installationer bakom en VPN. +- Användare berömmer Webtop för dess snabbhet och användarvänlighet, särskilt när det används med Gluetun-containern för säkra anslutningar, men varnar för att exponera containrar för internet utan säkerhetsåtgärder på grund av brist på standardautentisering. +- Projektet värderas för att vara öppen källkod och flexibelt, med användare som delar konfigurationer, och alternativ som Kasm och Selkies noteras för liknande ändamål. + +## [1 av 5 jobbannonser online är antingen falska eller aldrig tillsatta, enligt en studie.](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- En nyligen genomförd studie visar att 20% av online-jobbannonser antingen är falska eller förblir obesatta, vilket ökar frustrationen hos arbetssökande. - Denna trend med "spökjobb" kan vara en taktik för företag att projicera en bild av tillväxt. - Jobbplattformar som Greenhouse och LinkedIn har infört tjänster för jobbverifiering för att hjälpa användare att identifiera äkta jobbmöjligheter. + +### [Reaktioner](https://news.ycombinator.com/item?id=42697783) + +- En studie avslöjar att 20% av onlinejobbannonser antingen är falska eller förblir obesatta, ofta på grund av att företag behöver följa amerikanska immigrationsregler. - Företag kan också låta jobbannonser vara kvar för att hitta idealiska kandidater, ändra krav eller ha förvalda interna kandidater. - Arbetsmarknaden är svår för sökande, som ofta stöter på ghosting och automatiserade avslag, vilket leder till krav på reglerande ingripanden. + +## [Att göra en korsning osäker för fotgängare för att spara sekunder för bilister](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Reaktioner](https://news.ycombinator.com/item?id=42698557) + +- Debatten kretsar kring huruvida korsningar bör prioritera fotgängarsäkerhet eller förarens effektivitet, där vissa föredrar ljusreglerade korsningar och fotgängarövergångar framför fyrvägsstopp. +- Åsikterna varierar om trafiklagar och infrastrukturdesign, med diskussioner om säkerheten vid att gå mot röd gubbe och riskerna förknippade med högersvängar vid rött ljus. +- Vissa förespråkar alternativa lösningar som rondeller eller att anta nederländska trafikingenjörsstandarder för att förbättra både säkerhet och effektivitet. + +## [PostgreSQL är Årets Databashanteringssystem 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL har tilldelats utmärkelsen DBMS of the Year 2024 av DB-Engines, och har därmed uppnått denna erkänsla för femte gången, vilket överträffar 423 andra databashanteringssystem. +- PostgreSQL, med en historia som sträcker sig över nästan 35 år, fortsätter att förnya sig, vilket ses i de senaste förbättringarna av PostgreSQL 17, som släpptes i september 2024. +- Snowflake och Microsoft säkrade andra respektive tredje plats, där Snowflake noterades för sin molnbaserade datalagring och stöd för flera moln, medan Microsoft erbjuder robusta hanterade relationsdatabaser genom Azure SQL Database och SQL Server. + +### [Reaktioner](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL har tilldelats utmärkelsen Årets Databashanteringssystem 2024 av db-engines.com, vilket understryker dess växande popularitet och erkännande inom branschen. +- Användare överväger att byta från Microsoft SQL Server till PostgreSQL på grund av höga licenskostnader och resursbegränsningar, trots potentiella migrationsutmaningar. +- PostgreSQL är omtyckt för sina robusta funktioner och kostnadseffektivitet, vilket gör det till ett föredraget val för framtida projekt, även om vissa användare utforskar alternativ som Babelfish för att minska kostnaderna. + +## [Googles OAuth-inloggning skyddar inte mot att köpa en misslyckad startup-domän](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Reaktioner](https://news.ycombinator.com/item?id=42699099) + +- Diskussionen belyser en sårbarhet i Googles OAuth-inloggningssystem när en misslyckad startups domän förvärvas av en ny ägare, vilket potentiellt kan tillåta obehörig åtkomst till tjänster. +- Detta problem uppstår eftersom Google kanske inte kan skilja mellan de ursprungliga och nya domänägarna, vilket påverkar alla system som använder domänbaserad autentisering. +- En föreslagen lösning är att använda unika identifierare som förblir konstanta över tid, även om implementeringen av denna lösning varierar mellan olika identitetsleverantörer. + +## [Använda kodningsfärdigheter för att skapa passiv inkomst](https://www.coryzue.com/writing/solopreneur/) + +- Författaren övergick från en CTO-roll till att bli soloprenör och tjänade framgångsrikt mer genom en portfölj av mjukvaruprodukter. +- Nyckelstrategier inkluderar att fokusera på djupt arbete, börja med små projekt, iterera snabbt och ägna tid åt marknadsföringsinsatser. +- Resan betonar motståndskraft på grund av osäkerheter, men framhäver den oöverträffade autonomin och friheten i denna karriärväg, vilket uppmuntrar dem med kodningsfärdigheter att överväga den för passiv inkomst. + +### [Reaktioner](https://news.ycombinator.com/item?id=42696822) + +- En användare beskrev hur de genererade passiv inkomst genom SEO-spamwebbplatser med hjälp av utgående domännamn, och tjänade cirka 30 000 dollar årligen, trots etiska betänkligheter och Googles slutliga nedslag. +- Det inlägget väckte en debatt om passiv inkomst, där vissa användare hävdade att det liknar mer att driva ett företag än verkligt passiva intäkter. +- Deltagarna delade med sig av erfarenheter och utmaningar i sidoprojekt, och betonade vikten av tid, motståndskraft och strategisk planering. + +## [Spanien föreslår 100% skatt på bostäder köpta av icke-EU-invånare](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Spanien överväger en 100% skatt på fastighetsköp av icke-EU-invånare, med målet att hantera bostadskrisen och begränsa spekulativa köp. +- Premiärminister Pedro Sánchez förslag inkluderar att utöka socialt boende och reglera turistuthyrning för att hantera skillnaden mellan bostadspriser och inkomster. +- Förslagets framtid som lag är osäker, med vissa analytiker som ser det som en avskräckande faktor för utländska investerare snarare än en garanterad lagändring. + +### [Reaktioner](https://news.ycombinator.com/item?id=42690781) + +- Spanien överväger en 100% skatt på bostäder köpta av icke-EU-invånare för att hantera problem med bostadspriser. - Kritiker menar att utländska köpare inte är den främsta orsaken till höga bostadspriser och pekar på långsam byråkrati och zonindelningar som mer betydande faktorer. - Förslaget har väckt en debatt om utländskt ägandes roll på bostadsmarknaderna och dess effektivitet i att lösa prisfrågor. + +## [Apple kommer snart att få 'tillverkade i Amerika' chips från TSMC:s fabrik i Arizona](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple testar processorer från TSMC:s anläggning i Arizona, med planer på massproduktion under första kvartalet, vilket potentiellt gör dem till TSMC:s första amerikanska kund för lokalt tillverkade chip. - Detta initiativ syftar till att stärka USA:s kiseloberoende och minska beroendet av Taiwan, som är sårbart för geopolitiska och naturliga risker. - TSMC:s fabrik i Arizona ska producera avancerade 3nm och 2nm chip, med pågående ansträngningar för att förbättra lokal rekrytering och samarbeten med amerikanska universitet, även om förpackning initialt kommer att ske i Taiwan tills anläggningen i Peoria är i drift. + +### [Reaktioner](https://news.ycombinator.com/item?id=42699977) + +- Apple kommer att få chips från TSMC:s fabrik i Arizona, men de måste skickas tillbaka till Taiwan för förpackning på grund av otillräckliga anläggningar i USA. - Över 50 % av arbetskraften vid fabriken i Arizona kommer från Taiwan, vilket indikerar en brist inom det amerikanska STEM-området (vetenskap, teknik, ingenjörskonst och matematik). - CHIPS Act-initiativet, som syftar till att förbättra den amerikanska halvledartillverkningen, står inför utmaningar då "Made in America"-märkningen ifrågasätts på grund av att förpackningsprocessen sker i Taiwan, med planer på amerikanska förpackningsmöjligheter till 2027. + +## [43 000 färre förare på Manhattans vägar efter att trängselavgifter införts](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Efter att trängselavgifter infördes minskade antalet förare som körde in i Manhattan söder om 60:e gatan med 7,5 %, vilket motsvarar 43 000 färre förare varje vardag. +- Den minskade trafiken har förbättrat trafikflödet och ökat bussarnas hastighet, med vissa expressbussar som upplever högre passagerarantal. +- Metropolitan Transportation Authority (MTA) använder intäkterna från vägtullar, uppskattade till 500 miljoner dollar årligen, för förbättringar av kollektivtrafiken, trots viss politisk opposition. + +### [Reaktioner](https://news.ycombinator.com/item?id=42692730) + +- Införandet av trängselavgifter på Manhattan har resulterat i 43 000 färre bilister, vilket har lett till ökad busshastighet och potentiellt bättre responstider för räddningstjänsten. +- Policyn är utformad för att minska trafikstockningar och förbättra luftkvaliteten, även om den har väckt debatt om dess påverkan på låginkomsttagare. +- Förespråkare hävdar att fördelarna inkluderar mer effektiv kollektivtrafik och renare luft, medan diskussioner fortsätter om att balansera dessa fördelar med förarnas behov. + + + + + + diff --git a/i18n/ta/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/ta/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..b7b60ded8 --- /dev/null +++ b/i18n/ta/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [ச்னிக் பாதுகாப்பு ஆராய்ச்சியாளர் cursor.com ஐ இலக்காகக் கொண்ட தீங்கிழைக்கும் NPM தொகுப்புகளைப் பரப்புகிறார்](https://sourcecodered.com/snyk-malicious-npm-package/) + +- ஒரு Snyk பாதுகாப்பு ஆராய்ச்சியாளர் Cursor.com என்ற AI குறியீட்டு நிறுவனத்தை இலக்காகக் கொண்ட தீங்கிழைக்கும் NPM தொகுப்புகளை வெளியிட்டு, கணினி தரவுகளை சேகரித்து, அதை தாக்குதலாளி கட்டுப்பாட்டில் உள்ள சேவைக்கு அனுப்பினார். +- பொதியங்கள், "கர்சர்-மீட்டெடுப்பு," "கர்சர்-எப்போதும்-உள்ளூர்," மற்றும் "கர்சர்-நிழல்-வேலைநிலம்" என அடையாளம் காணப்பட்டன, OpenSSF பொதிய பகுப்பாய்வு ஸ்கேனர் மூலம் குறிக்கப்படுவதால், MAL-2025-27, MAL-2025-28, மற்றும் MAL-2025-29 என அறிவுறுத்தல்கள் வெளியிடப்பட்டன. +- இந்த நிகழ்வு, சாத்தியமான பாதுகாப்பு அச்சுறுத்தல்களை தவிர்க்க, நிறுவுவதற்கு முன் NPM தொகுப்புகளை ஆராய்வதின் முக்கியத்துவத்தை வெளிப்படுத்துகிறது. + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42690473) + +- ஒரு Snyk பாதுகாப்பு ஆராய்ச்சியாளர் cursor.com-ஐ குறிவைத்து தீங்கிழைக்கும் NPM (Node Package Manager) தொகுப்புகளை வெளியிட்டார், சார்பு குழப்பம் பாதிப்புகளை வெளிப்படுத்தினார். - இந்த சம்பவம் பாதுகாப்பு ஆராய்ச்சியின் நெறிமுறைகள் குறித்து விவாதத்தை தூண்டியுள்ளது, குறிப்பாக சூழல் மாறிலிகளை பொது வெளியில் வெளிப்படுத்துவது தொடர்பாக. - Cursor.com அவர்கள் இந்த நடவடிக்கையை அங்கீகரிக்கவில்லை என்று தெளிவுபடுத்தியது, மேலும் Snyk மன்னிப்பு கேட்டுள்ளது, நெறிமுறைகள் மற்றும் தாக்குதல் பாதுகாப்பு ஆராய்ச்சியை சமநிலைப்படுத்துவதில் உள்ள சவால்களை வலியுறுத்துகிறது. + +## [நான் ஃபயர்பாக்ஸுக்கு மாறினேன் மற்றும் மீண்டும் ஒருபோதும் திரும்பிப் பார்க்கவில்லை](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox அதன் மேம்பட்ட தாவல் மேலாண்மை, இணைக்கப்பட்ட பாக்கெட் அம்சம் மூலம் இணைப்புகளை சேமிக்க, மற்றும் தனியுரிமை மையமாகிய மின்னஞ்சல் ரிலே ஆகியவற்றிற்காக பாராட்டப்படுகிறது, இதனால் இது Chrome க்கு ஒரு வலுவான மாற்றாக உள்ளது. - பயனர் நட்பு ஸ்கிரீன்ஷாட் கருவி, ChatGPT பொத்தான், படம்-இன்-படம், தனிப்பயனாக்கக்கூடிய தேடல் விருப்பங்கள், மற்றும் மென்மையான ஸ்க்ரோலிங் போன்ற கூடுதல் அம்சங்கள் உலாவல் அனுபவத்தை மேம்படுத்துகின்றன. - Firefox Chrome இன் வலை பயன்பாட்டு அம்சத்தை கொண்டிருக்கவில்லை என்றாலும், அதன் சிந்தனையுடன் வடிவமைப்பு மற்றும் குறைந்த வள தேவைகள் சில பயனர்களுக்கு விருப்பமான தேர்வாக இதை மாற்றுகின்றன. + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42696081) + +- பயன்பாட்டாளர்கள், யூடியூப் போன்ற தளங்களால் எதிர்கொள்ளும் சவால்கள், குறிப்பாக கூகிள் அல்லாத உலாவிகள் அல்லது விளம்பர தடுப்பிகளை பயன்படுத்தும் பயனர்களுக்கு அனுபவத்தை குறைக்கலாம். - இந்த போக்கு பயனர் சுயாதீனத்திற்கான கவலைகளை எழுப்புகிறது, ஏனெனில் இது விளம்பரமற்ற மற்றும் கண்காணிப்பற்ற இணைய அனுபவத்தை தேர்ந்தெடுக்கும் பயனர்களை தண்டிக்கிறது. - பயனர் சுயாதீனத்திற்காக பெரும் நிறுவனங்களால் கட்டுப்படுத்தப்படும் உலாவிகளில் இருந்து விடுபட விரும்பும் பயனர்களுக்கு, பிரத்தியேக தன்மை மற்றும் பயன்பாட்டை மேம்படுத்தும் கொண்டெய்னர் டேப்கள் போன்ற தனித்துவமான அம்சங்களை வழங்குவதால், ஃபயர்பாக்ஸ் ஒரு விருப்பமான தேர்வாக உள்ளது. + +## [சோனோஸ் தலைமை நிர்வாக அதிகாரி செயலி புதுப்பிப்பு சிக்கலுக்குப் பிறகு பதவி விலகினார்](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42687932) + +- சோனோஸ் நிறுவனத்தின் தலைமை நிர்வாக அதிகாரி, வாடிக்கையாளர்களின் அதிருப்தியை ஏற்படுத்திய விலையுயர்ந்த ஒலிக்கருவிகளை மாற்ற வலியுறுத்திய சர்ச்சைக்குரிய செயலி புதுப்பிப்பைத் தொடர்ந்து ராஜினாமா செய்துள்ளார். - இந்த புதுப்பிப்பு மேக அடிப்படையிலான அமைப்பை அறிமுகப்படுத்தியது, நம்பகமான யுனிவர்சல் பிளக் அண்ட் பிளே (UPnP) முறையிலிருந்து விலகியது, இது இணைப்பு சிக்கல்களை மற்றும் அதிகரித்த சிக்கல்களை ஏற்படுத்தியது. - இந்த நிலைமை வணிக உத்திகள் மற்றும் வாடிக்கையாளர் நம்பிக்கையை பராமரிப்பதற்கிடையிலான மோதலை வலியுறுத்துகிறது, ஏனெனில் தலைமை நிர்வாக அதிகாரி ஒரு ஆலோசனைப் பங்கிற்கு மாற்றம் செய்யப்படுகிறார் மற்றும் ஒரு பிரிவு தொகுப்புடன். + +## [MrBeast என்பவரின் வயிற்றில்](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42696691) + +- கட்டுரை YouTube இன் ஆல்கொரிதம் உள்ளடக்க உருவாக்கத்தை எவ்வாறு பாதிக்கிறது என்பதை ஆய்வு செய்கிறது, MrBeast ஐ ஒரு வழக்குக் கற்பிதமாகக் கொண்டு, ஈர்ப்பை மையமாகக் கொண்ட உள்ளடக்கத்திற்கேற்ற மாற்றத்தை வெளிப்படுத்துகிறது. - இது ஊடக கல்வி மற்றும் YouTube மற்றும் TikTok போன்ற தளங்களின் கலாச்சார தாக்கம் பற்றிய பரந்த விளைவுகளை விவரிக்கிறது, மேற்பரப்பான மற்றும் எதிர்வினை உள்ளடக்கத்திற்கான ஒரு போக்கை முன்மொழிகிறது. - ஆல்கொரிதங்கள் உள்ளடக்கத்தை வடிவமைப்பதில் மற்றும் பிரபலமான உருவாக்குநர்கள் கலாச்சார நெறிமுறைகளில் ஏற்படுத்தும் தாக்கத்தில் பல்வேறு பார்வைகள் பரிசீலிக்கப்படுகின்றன. + +## [GitHub Git செயல்பாடுகள் செயலிழந்துள்ளன](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub, ஜனவரி 13, 2025 அன்று, உள்துறை சுமை சமநிலை மாற்றத்தை பாதித்த ஒரு கட்டமைப்பு மாற்றம் காரணமாக Git செயல்பாடுகள் தடை ஏற்பட்டது, இது 23:35 முதல் 00:24 UTC வரை நீடித்தது. - இந்த பிரச்சினை கட்டமைப்பு மாற்றத்தை மாற்றுவதன் மூலம் தீர்க்கப்பட்டது, மேலும் இதுபோன்ற சம்பவங்களைத் தடுக்க கண்காணிப்பு மற்றும் பிரசாரம் செயல்முறைகளை மேம்படுத்த GitHub பணியாற்றி வருகிறது. - இந்த தடை GitHub இன் Actions மற்றும் Pages சேவைகளையும் பாதித்தது, அவர்களின் தள சேவைகளின் பரஸ்பர இணைந்த தன்மையை வெளிப்படுத்தியது. + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42691184) + +- GitHub ஒரு முக்கியமான சேவையின்மை பிரச்சினையை எதிர்கொண்டது, இது git செயல்பாடுகளை பாதித்தது, இதனால் முதலில் தங்கள் SSH விசைகள் அல்லது உள்ளூர் கட்டமைப்புகளுடன் பிரச்சினைகள் உள்ளன என்று சந்தேகித்த டெவலப்பர்களுக்கு குழப்பம் ஏற்பட்டது. - இந்த சம்பவம் மையமயமாக்கப்பட்ட சேவைகளின் மீது நம்பிக்கை வைப்பதன் சவால்களை வலியுறுத்தியது, சுய-ஹோஸ்டிங் மற்றும் மையமற்ற அமைப்புகளின் நன்மைகள் பற்றிய விவாதங்களைத் தூண்டியது. - பிரச்சினை தீர்க்கப்பட்டாலும், GitHub இன் நம்பகத்தன்மை மற்றும் முக்கிய பணிகளுக்காக மூன்றாம் தரப்பு தளங்களின் மீது நம்பிக்கை வைப்பதன் அபாயங்களைப் பற்றிய கவலைகளை இது வெளிப்படுத்தியது. + +## [ZFS 2.3 வெளியிடப்பட்டது ZFS raidz விரிவாக்கத்துடன்](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- TEXT: OpenZFS 2.3.0 வெளியிடப்பட்டுள்ளது, RAIDZ விரிவாக்கம், வேகமான Deduplication, நேரடி உள்ளீடு/வெளியீடு, JSON வெளியீடு மற்றும் நீண்ட கோப்பு பெயர்களுக்கு ஆதரவு போன்ற முக்கிய அம்சங்களை அறிமுகப்படுத்துகிறது. - இந்த வெளியீடு முக்கிய பிழை திருத்தங்கள் மற்றும் செயல்திறன் மேம்பாடுகளை உள்ளடக்கியது, Linux kernels 4.18 - 6.12 மற்றும் FreeBSD பதிப்புகள் 13.3, 14.0 - 14.2 உடன் இணக்கமானது. - இந்த புதுப்பிப்பு 134 பங்களிப்பாளர்களின் கூட்டாண்மை முயற்சியாகும், விரிவான ஆவணங்கள் மற்றும் மாற்றம் பதிவு மதிப்பீட்டிற்காக கிடைக்கின்றன. + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 வெளியிடப்பட்டுள்ளது, RAIDZ விரிவாக்கம், வேகமான டிடுப்ளிகேஷன், நேரடி IO, JSON வெளியீடு, நீண்ட கோப்பு பெயர்களுக்கு ஆதரவு போன்ற அம்சங்களை அறிமுகப்படுத்துகிறது. - RAIDZ விரிவாக்கம் குறிப்பாக குறிப்பிடத்தக்கது, ஏனெனில் இது பயனர்களுக்கு எந்த இடையூறும் இல்லாமல் உள்ள RAIDZ குளத்தில் புதிய சாதனங்களைச் சேர்க்க அனுமதிக்கிறது, சேமிப்பு திறனை மேம்படுத்துகிறது. - இந்த வெளியீடு ZFS பயனர்களுக்கு ஒரு முக்கிய முன்னேற்றமாகக் கருதப்படுகிறது, Btrfs மற்றும் Windows Storage Spaces போன்ற பிற கோப்பக அமைப்புகளுடன் ஒப்பிடப்படுகிறது, குளங்களைச் சுருக்க முடியாதது போன்ற சில வரம்புகள் இருந்தாலும். + +## [வலைமேடை – முழுமையான டெஸ்க்டாப் சூழல்களைக் கொண்ட ஆல்பைன், உபுண்டு, ஃபெடோரா மற்றும் ஆர்ச் கண்டெய்னர்கள்](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop ஆனது Alpine, Ubuntu, Fedora, மற்றும் Arch அடிப்படையிலான கன்டெய்னர்களை வழங்குகிறது, அவை முழுமையான டெஸ்க்டாப் சூழல்களை வலை உலாவிகளின் மூலம் அணுகக்கூடியவாறு செய்கின்றன, மேலும் x86-64 மற்றும் arm64 கட்டமைப்புகளையும் ஆதரிக்கின்றன. +- பயனர்கள் XFCE, KDE, MATE, i3, Openbox, மற்றும் IceWM போன்ற பல்வேறு டெஸ்க்டாப் சூழல்களில் இருந்து தேர்வு செய்யலாம், குறிப்பிட்ட படக்குறிகளைப் பயன்படுத்தி, குறிப்பிட்ட URLகளின் மூலம் வலைமேடையை அணுகலாம். +- பாதுகாப்பு அம்சங்களில் Docker இன் seccomp விருப்பம் மற்றும் அங்கீகார அமைப்பு அடங்கும், சூழல் மாறிகள் மூலம் தனிப்பயனாக்கல் விருப்பங்கள் கிடைக்கின்றன, மேலும் திறந்த மூல இயக்கிகள் மூலம் GPU வேகப்படுத்தலுக்கான ஆதரவு உள்ளது. + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42690983) + +- Webtop, Alpine, Ubuntu, Fedora, மற்றும் Arch ஆகியவற்றிற்கான முழுமையான டெஸ்க்டாப் சூழல்களுடன் கொண்டெய்னர்களை வழங்குகிறது, இது VPN பின்னால் விரைவான அமைப்புகளுக்கு ஏற்றதாகும். +- பயனர்கள் Webtop ஐ அதன் வேகம் மற்றும் பயன்படுத்த எளிமையான தன்மைக்காக பாராட்டுகின்றனர், குறிப்பாக Gluetun கொண்டெய்னருடன் பாதுகாப்பான இணைப்புகளுக்கு பயன்படுத்தும்போது, ஆனால் இயல்புநிலை அங்கீகாரம் இல்லாததால் பாதுகாப்பு நடவடிக்கைகள் இல்லாமல் கொண்டெய்னர்களை இணையத்துடன் வெளிப்படுத்துவதை எச்சரிக்கின்றனர். +- தமிழில் எழுத வேண்டும். இந்த திட்டம் திறந்த மூலமாகவும், நெகிழ்வானதாகவும் மதிக்கப்படுகிறது, பயனர்கள் கட்டமைப்புகளை பகிர்ந்து கொள்கின்றனர், மேலும் Kasm மற்றும் Selkies போன்ற மாற்றுகள் இதே போன்ற நோக்கங்களுக்காக குறிப்பிடப்படுகின்றன. + +## [ஆன்லைன் வேலைவாய்ப்பு விளம்பரங்களில் 5 இல் 1 என்பது போலியானது அல்லது ஒருபோதும் நிரப்பப்படாதது என்று ஆய்வு கண்டறிந்துள்ளது](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- சமீபத்திய ஆய்வு ஒன்று, ஆன்லைன் வேலைவாய்ப்பு அறிவிப்புகளில் 20% போலியானவையாகவோ அல்லது நிரப்பப்படாதவையாகவோ உள்ளன என்று காட்டுகிறது, இது வேலை தேடுபவர்களின் ஏமாற்றத்தை அதிகரிக்கிறது. - இந்த "பேய் வேலை" போக்கு, நிறுவனங்கள் வளர்ச்சி படத்தை வெளிப்படுத்தும் உத்தியாக இருக்கலாம். - கிரீன்ஹவுஸ் மற்றும் லிங்க்ட்இன் போன்ற வேலைவாய்ப்பு தளங்கள், பயனர்களுக்கு உண்மையான வேலை வாய்ப்புகளை அடையாளம் காண உதவ வேலை சரிபார்ப்பு சேவைகளை அறிமுகப்படுத்தியுள்ளன. + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42697783) + +- தமிழில் எழுத வேண்டும். ஒரு ஆய்வு தெரிவிக்கிறது, ஆன்லைன் வேலைவாய்ப்பு அறிவிப்புகளில் 20% போலியானவையாகவோ அல்லது நிரப்பப்படாதவையாகவோ உள்ளன, பெரும்பாலும் அமெரிக்க குடியேற்றக் கொள்கைகளை பின்பற்ற நிறுவனங்கள் தேவைப்படும் காரணத்தினால். - நிறுவனங்கள் கூடுதல் நேரத்திற்காக வேலைவாய்ப்பு அறிவிப்புகளை வைத்திருக்கலாம், சிறந்த வேட்பாளர்களைத் தேட, தேவைகளை மாற்ற, அல்லது முன்பே தேர்ந்தெடுக்கப்பட்ட உள்நாட்டு வேட்பாளர்களை வைத்திருக்கலாம். - வேலை சந்தை விண்ணப்பதாரர்களுக்கு கடினமாக உள்ளது, அவர்கள் அடிக்கடி 'கோஸ்டிங்' மற்றும் தானியங்கி மறுப்புகளை சந்திக்கின்றனர், இது ஒழுங்குமுறை தலையீட்டை கோருகிறது. + +## [வாகன ஓட்டிகளுக்காக விநாடிகளை சேமிக்க பாதசாரிகளுக்கு ஒரு சந்திப்பை பாதுகாப்பற்றதாக மாற்றுதல்](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42698557) + +- தமிழில் எழுத வேண்டும். விவாதம் சந்திப்புகளில் பாதசாரி பாதுகாப்பை முன்னுரிமைப்படுத்த வேண்டுமா அல்லது வாகன ஓட்டுநரின் செயல்திறனை முன்னுரிமைப்படுத்த வேண்டுமா என்பதைக் குறிக்கிறது, சிலர் ஒளி கட்டுப்பாட்டிலான சந்திப்புகள் மற்றும் பாதசாரி சறுக்கல்களை 4 வழி நிறுத்தங்களுக்குப் பதிலாக ஆதரிக்கின்றனர். +- பாதுகாப்பற்ற இடங்களில் சாலையை கடக்குதல் மற்றும் சிவப்பு விளக்கில் வலதுபுறம் திரும்புவதால் ஏற்படும் அபாயங்கள் குறித்து போக்குவரத்து சட்டங்கள் மற்றும் உள்கட்டமைப்பு வடிவமைப்பில் கருத்துக்கள் மாறுபடுகின்றன. +- தமிழில் எழுத வேண்டும்: சிலர் பாதுகாப்பையும் செயல்திறனையும் மேம்படுத்துவதற்காக சுற்றுச்சாலை அல்லது டச்சு போக்குவரத்து பொறியியல் தரநிலைகளை ஏற்கும் மாற்று தீர்வுகளை ஆதரிக்கின்றனர். + +## [PostgreSQL 2024 ஆம் ஆண்டின் தரவுத்தள மேலாண்மை அமைப்பாகும்](https://db-engines.com/en/blog_post/109) + +- PostgreSQL, 2024 ஆம் ஆண்டிற்கான DBMS ஆஃப் தி இயர் விருதை DB-Engines மூலம் பெற்றுள்ளது, 423 பிற தரவுத்தள மேலாண்மை அமைப்புகளை முந்தி, ஐந்தாவது முறையாக இந்த அங்கீகாரத்தை பெற்றுள்ளது. +- PostgreSQL, 35 ஆண்டுகளுக்கு மேல் நீடிக்கும் வரலாற்றுடன், 2024 செப்டம்பரில் வெளியிடப்பட்ட PostgreSQL 17 இன் சமீபத்திய மேம்பாடுகளில் காணப்படும் புதிய முயற்சிகளை தொடர்ந்து மேற்கொள்கிறது. +- Snowflake மற்றும் Microsoft முறையே இரண்டாம் மற்றும் மூன்றாம் இடங்களைப் பெற்றன, Snowflake அதன் மேக அடிப்படையிலான தரவுத்தொகுப்பு மற்றும் பல மேக ஆதரவுக்காக குறிப்பிடப்பட்டது, அதேசமயம் Microsoft Azure SQL Database மற்றும் SQL Server மூலம் வலுவான மேலாண்மை செய்யப்பட்ட தொடர்பு தரவுத்தொகுப்புகளை வழங்குகிறது. + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL 2024 ஆம் ஆண்டிற்கான தரவுத்தள மேலாண்மை அமைப்பு விருதை db-engines.com மூலம் பெற்றுள்ளது, இது அதன் வளர்ந்து வரும் பிரபலத்தையும், தொழில்துறையில் கிடைக்கும் அங்கீகாரத்தையும் வெளிப்படுத்துகிறது. +- பயனர்கள் மைக்ரோசாஃப்ட் SQL சர்வர் இருந்து PostgreSQL க்கு மாறுவதைக் கருதுகின்றனர், அதிக உரிமம் செலவுகள் மற்றும் வளக் கட்டுப்பாடுகள் காரணமாக, இடமாற்ற சவால்கள் இருந்தாலும். +- PostgreSQL அதன் வலுவான அம்சங்கள் மற்றும் செலவுக் குறைவுக்காக விரும்பப்படுகிறது, இது எதிர்கால திட்டங்களுக்கு விருப்பமான தேர்வாக இருக்கிறது, ஆனால் சில பயனர்கள் செலவுகளை குறைக்க Babelfish போன்ற மாற்றங்களை ஆராய்கிறார்கள். + +## [Google இன் OAuth உள்நுழைவு ஒரு தோல்வியுற்ற ஸ்டார்ட்அப் டொமைனை வாங்குவதிலிருந்து பாதுகாக்காது](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42699099) + +- இந்த விவாதம், தோல்வியடைந்த ஸ்டார்ட்அப்பின் டொமைன் புதிய உரிமையாளரால் கைப்பற்றப்படும் போது, கூகிளின் OAuth உள்நுழைவு அமைப்பில் உள்ள ஒரு பாதிப்பை வெளிப்படுத்துகிறது, இது அனுமதியற்ற அணுகலை சேவைகளுக்கு அனுமதிக்கக்கூடும். +- இந்த பிரச்சனை உருவாகிறது, ஏனெனில் கூகுள் அசல் மற்றும் புதிய டொமைன் உரிமையாளர்களை வேறுபடுத்தாமல் இருக்கலாம், இது டொமைன் அடிப்படையிலான அங்கீகாரத்தைப் பயன்படுத்தும் எந்தவொரு அமைப்பையும் பாதிக்கக்கூடும். +- ஒரு பரிந்துரைக்கப்பட்ட தீர்வு என்பது காலப்போக்கில் மாறாத தனித்துவமான அடையாளங்களைப் பயன்படுத்துவது, ஆனால் இந்த தீர்வின் செயலாக்கம் அடையாள வழங்குநர்களிடையே மாறுபடுகிறது. + +## [கோடிங் திறன்களை பயன்படுத்தி பாசிவ் வருமானம் பெறுதல்](https://www.coryzue.com/writing/solopreneur/) + +- TEXT: ஆசிரியர் CTO பங்கிலிருந்து தனியார் தொழில்முனைவோராக மாறி, மென்பொருள் தயாரிப்புகளின் தொகுப்பின் மூலம் அதிக வருமானம் ஈட்டினார். TEXT: +- முக்கிய உத்திகள் ஆழமான பணியில் கவனம் செலுத்துவது, சிறிய திட்டங்களுடன் தொடங்குவது, விரைவாக திருத்துவது மற்றும் சந்தைப்படுத்தல் முயற்சிகளுக்கு நேரத்தை ஒதுக்குவது ஆகியவற்றை உள்ளடக்கியவை. +- இந்த பயணம் நிச்சயமற்ற தன்மையால் பொறுமையை வலியுறுத்துகிறது, ஆனால் இந்த தொழில் பாதையின் ஒப்பற்ற சுயாதீனத்தையும் சுதந்திரத்தையும் சிறப்பிக்கிறது, குறியீட்டு திறன்களைக் கொண்டவர்களை இதை பாசிவ் வருமானத்திற்காக பரிசீலிக்க ஊக்குவிக்கிறது. + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42696822) + +- ஒரு பயனர், முடிவடையும் டொமைன் பெயர்களைப் பயன்படுத்தி SEO ஸ்பாம் வலைத்தளங்கள் மூலம் பாசிவ் வருமானத்தை உருவாக்கி, ஆண்டுக்கு சுமார் $30k சம்பாதிப்பதாக, நெறிமுறைக் கவலைகள் மற்றும் கூகிளின் இறுதியில் நடவடிக்கை எடுப்பதைப் பொருட்படுத்தாமல் விவரித்தார். +- TEXT: இந்த பதிவு, சில பயனர்கள் உண்மையில் பாசிவ் வருமானத்தை விட ஒரு வணிகத்தை நடத்துவது போன்றது என்று வாதிடுவதால், பாசிவ் வருமானம் குறித்த விவாதத்தை தூண்டியது. TEXT: +- TEXT: பங்கேற்பாளர்கள் பக்கத் திட்டங்களில் அனுபவங்களையும் சவால்களையும் பகிர்ந்து கொண்டனர், நேரம், பொறுமை மற்றும் மூலோபாய திட்டமிடலின் முக்கியத்துவத்தை வலியுறுத்தினர். + +## [ஸ்பெயின், ஐரோப்பிய ஒன்றியத்திற்கு வெளியே உள்ள குடியிருப்பாளர்களால் வாங்கப்படும் வீடுகளுக்கு 100% வரி விதிக்க முன்மொழிகிறது](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- ஸ்பெயின், வீட்டு வசதி நெருக்கடியை சமாளிக்கவும், ஊக வணிகத்தை கட்டுப்படுத்தவும் நோக்கி, ஐரோப்பிய ஒன்றியத்திற்கு வெளியே உள்ள குடியிருப்பாளர்களால் செய்யப்படும் நில விற்பனை வாங்குதல்களுக்கு 100% வரி விதிப்பதை பரிசீலிக்கிறது. +- பிரதமர் பெட்ரோ சாஞ்சஸ் முன்மொழிந்த திட்டம் சமூக வீடுகளை விரிவுபடுத்துவதையும், வீட்டு விலை மற்றும் வருமானங்களுக்கிடையேயான வேறுபாட்டை சமாளிக்க சுற்றுலா வாடகைகளை ஒழுங்குபடுத்துவதையும் உள்ளடக்கியது. +- தமிழில் எழுத வேண்டும். சில பகுப்பாய்வாளர்கள் இதை ஒரு உறுதியான சட்ட மாற்றமாக அல்லாமல், வெளிநாட்டு முதலீட்டாளர்களுக்கு தடையாகக் காண்கிறார்கள் என்பதால், அந்த முன்மொழிவின் சட்டமாக்கலின் எதிர்காலம் நிச்சயமற்றதாக உள்ளது. + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42690781) + +- ஸ்பெயின், இல்லத்திற்கான விலை ஏற்றத்தை சமாளிக்க, ஐரோப்பிய ஒன்றியத்திற்கு வெளியே உள்ள குடியிருப்பாளர்களால் வாங்கப்படும் வீடுகளுக்கு 100% வரி விதிக்க பரிசீலிக்கிறது. - விமர்சகர்கள், வெளிநாட்டு வாங்குபவர்கள் இல்லத்திற்கான விலை உயர்வின் முதன்மை காரணம் அல்ல என்று கூறி, மந்தமான நிர்வாகம் மற்றும் மண்டல சட்டங்கள் போன்றவை முக்கியமான காரணிகள் எனக் குறிப்பிடுகின்றனர். - இந்த முன்மொழிவு, வீட்டு சந்தைகளில் வெளிநாட்டு சொந்தக்காரர்களின் பங்கு மற்றும் விலை ஏற்றத்தை தீர்க்க அதன் பயன்தன்மை குறித்து விவாதத்தை தூண்டியுள்ளது. + +## [ஆப்பிள் விரைவில் TSMC இன் அரிசோனா தொழிற்சாலையில் இருந்து 'அமெரிக்காவில் தயாரிக்கப்பட்ட' சிப்களை பெறும்](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- உரை: ஆப்பிள் TSMC இன் அரிசோனா தொழிற்சாலையில் இருந்து செயலிகளை சோதித்து வருகிறது, முதல் காலாண்டிற்குள் பெருமளவில் உற்பத்தி செய்ய திட்டமிட்டுள்ளது, இது உள்ளூர் தயாரிக்கப்பட்ட சிப்களுக்கான TSMC இன் முதல் அமெரிக்க வாடிக்கையாளராக ஆப்பிள் மாறக்கூடும். - இந்த முயற்சி அமெரிக்காவின் சிலிகான் சுயாதீனத்தை வலுப்படுத்துவதற்காக, புவியியல் மற்றும் இயற்கை அபாயங்களுக்கு ஆளாகக்கூடிய தைவானின் மீது சார்பை குறைப்பதற்காக மேற்கொள்ளப்படுகிறது. - TSMC இன் அரிசோனா தொழிற்சாலை மேம்பட்ட 3nm மற்றும் 2nm சிப்களை தயாரிக்க அமைக்கப்பட்டுள்ளது, உள்ளூர் ஆட்சேர்ப்பு மற்றும் அமெரிக்க பல்கலைக்கழகங்களுடன் கூட்டாண்மைகளை மேம்படுத்தும் முயற்சிகள் நடைபெற்று வருகின்றன, ஆனால் பேக்கேஜிங் ஆரம்பத்தில் தைவானில் நடைபெறும், பியோரியா தொழிற்சாலை செயல்பாட்டுக்கு வரும்வரை. + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42699977) + +- உரை: ஆப்பிள் TSMC இன் அரிசோனா ஆலையிலிருந்து சிப்களைப் பெறும், ஆனால் போதுமான அமெரிக்க வசதிகள் இல்லாததால் அவற்றை திருப்பி தைவானுக்கு அனுப்பி மூடுவதற்குத் தேவையாகிறது. - அரிசோனா ஆலையில் பணிபுரியும் பணியாளர்களில் 50% க்கும் மேற்பட்டோர் தைவானிலிருந்து வந்தவர்கள், இது அமெரிக்காவின் STEM (அறிவியல், தொழில்நுட்பம், பொறியியல் மற்றும் கணிதம்) துறையில் ஒரு இடைவெளியைக் குறிக்கிறது. - அமெரிக்க அரைக்கட்டமைப்பு உற்பத்தியை மேம்படுத்தும் நோக்கில் CHIPS சட்டம் முயற்சி சவால்களை எதிர்கொள்கிறது, ஏனெனில் "அமெரிக்காவில் தயாரிக்கப்பட்டது" என்ற லேபிள் கேள்விக்குறியாகிறது, மூடுதல் செயல்முறை தைவானில் நடைபெறுவதால், 2027 ஆம் ஆண்டுக்குள் அமெரிக்க மூடுதல் திறன்களை உருவாக்கும் திட்டங்களுடன். + +## [மெருகூட்டல் கட்டணம் செயல்படுத்தப்பட்ட பிறகு மான்ஹாட்டன் சாலைகளில் 43,000 ஓட்டுநர்கள் குறைந்துள்ளனர்](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- கூட்ட நெரிசல் விலை நிர்ணயம் செயல்படுத்தப்பட்ட பிறகு, 60வது தெருவுக்கு கீழே மான்ஹாட்டனில் நுழையும் வாகன ஓட்டிகளின் எண்ணிக்கை 7.5% குறைந்தது, இது வாரத்தின் ஒவ்வொரு வேலை நாளிலும் 43,000 வாகன ஓட்டிகள் குறைவாக உள்ளனர் என்பதற்கு சமமாகும். +- பேருந்து போக்குவரத்து குறைந்ததன் காரணமாக போக்குவரத்து ஓட்டம் மேம்பட்டுள்ளது மற்றும் பேருந்து வேகங்கள் அதிகரித்துள்ளன, சில விரைவு பேருந்துகளில் பயணிகள் எண்ணிக்கை அதிகரித்துள்ளது. +- மெட்ரோபாலிடன் போக்குவரத்து ஆணையம் (MTA) ஆண்டுக்கு $500 மில்லியன் என மதிப்பிடப்பட்ட சுங்க வருவாயை, சில அரசியல் எதிர்ப்புகள் இருந்தபோதிலும், போக்குவரத்து மேம்பாடுகளுக்காக பயன்படுத்துகிறது. + +### [எதிர்வினைகள்](https://news.ycombinator.com/item?id=42692730) + +- மஹாட்டனில் நெரிசல் கட்டணத்தை நடைமுறைப்படுத்துவதன் மூலம் 43,000 கார் ஓட்டிகள் குறைந்துள்ளனர், இது பேருந்து வேகங்களை அதிகரிக்கவும், அவசர சேவை நேரங்களை மேம்படுத்தவும் வழிவகுக்கிறது. +- கொள்கை போக்குவரத்து நெரிசலை குறைத்து காற்றின் தரத்தை மேம்படுத்த வடிவமைக்கப்பட்டுள்ளது, ஆனால் இது குறைந்த வருமானம் கொண்ட நபர்களின் மீது அதன் தாக்கம் குறித்து விவாதத்தை ஏற்படுத்தியுள்ளது. +- ஆதரவாளர்கள், அதிக செயல்திறன் கொண்ட பொது போக்குவரத்து மற்றும் சுத்தமான காற்று போன்ற நன்மைகளை உள்ளடக்கியதாக வாதிடுகின்றனர், அதே நேரத்தில் இவை சாரதிகளின் தேவைகளுடன் சமநிலைப்படுத்துவது பற்றிய விவாதங்கள் தொடர்கின்றன. + + + + + + diff --git a/i18n/th/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/th/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..a4a340005 --- /dev/null +++ b/i18n/th/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [นักวิจัยด้านความปลอดภัยของ Snyk ปล่อยแพ็กเกจ NPM ที่เป็นอันตรายโดยมีเป้าหมายที่ cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- นักวิจัยด้านความปลอดภัยจาก Snyk ได้ปล่อยแพ็กเกจ NPM ที่เป็นอันตรายซึ่งมุ่งเป้าไปที่ Cursor.com ซึ่งเป็นบริษัทเขียนโค้ด AI เพื่อรวบรวมข้อมูลระบบและส่งไปยังบริการที่ผู้โจมตีควบคุม +- แพ็กเกจที่ถูกระบุว่าเป็น "cursor-retrieval," "cursor-always-local," และ "cursor-shadow-workspace" ถูกตั้งค่าสถานะโดยเครื่องสแกนการวิเคราะห์แพ็กเกจของ OpenSSF ส่งผลให้มีคำแนะนำ MAL-2025-27, MAL-2025-28, และ MAL-2025-29 +- เหตุการณ์นี้เน้นย้ำถึงความสำคัญของการตรวจสอบแพ็กเกจ NPM ก่อนการติดตั้งเพื่อหลีกเลี่ยงภัยคุกคามด้านความปลอดภัยที่อาจเกิดขึ้น + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42690473) + +- นักวิจัยด้านความปลอดภัยจาก Snyk ได้ปล่อยแพ็กเกจ NPM (Node Package Manager) ที่เป็นอันตรายซึ่งมุ่งเป้าไปที่ cursor.com โดยเน้นถึงช่องโหว่ของการสับสนในความพึ่งพา - เหตุการณ์นี้ได้จุดประกายการถกเถียงเกี่ยวกับจริยธรรมของการวิจัยด้านความปลอดภัย โดยเฉพาะอย่างยิ่งเกี่ยวกับการเปิดเผยตัวแปรสภาพแวดล้อมต่อสาธารณะ - Cursor.com ได้ชี้แจงว่าพวกเขาไม่ได้อนุญาตให้ดำเนินการดังกล่าว และ Snyk ได้ขอโทษในภายหลัง โดยเน้นถึงความท้าทายในการสร้างสมดุลระหว่างการวิจัยด้านความปลอดภัยเชิงรุกกับมาตรฐานทางจริยธรรม + +## [ฉันเปลี่ยนไปใช้ Firefox และไม่เคยหันกลับไปมองอีกเลย](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox ได้รับการยกย่องในเรื่องการจัดการแท็บที่ยอดเยี่ยม ฟีเจอร์ Pocket ในตัวสำหรับบันทึกลิงก์ และการส่งต่ออีเมลที่เน้นความเป็นส่วนตัว ทำให้เป็นทางเลือกที่แข็งแกร่งสำหรับ Chrome - ฟีเจอร์เพิ่มเติมเช่น เครื่องมือจับภาพหน้าจอที่ใช้งานง่าย ปุ่ม ChatGPT โหมด Picture-in-Picture ตัวเลือกการค้นหาที่ปรับแต่งได้ และการเลื่อนที่ราบรื่น ช่วยเพิ่มประสบการณ์การท่องเว็บ - แม้ว่า Firefox จะขาดฟีเจอร์แอปเว็บของ Chrome แต่การออกแบบที่รอบคอบและการใช้ทรัพยากรที่ลดลงทำให้เป็นตัวเลือกที่ผู้ใช้บางคนชื่นชอบ + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42696081) + +- ผู้ใช้ Firefox เผชิญกับความท้าทายจากแพลตฟอร์มอย่าง YouTube ซึ่งอาจจงใจลดประสบการณ์การใช้งานสำหรับเบราว์เซอร์ที่ไม่ใช่ของ Google หรือผู้ใช้ที่ใช้ตัวบล็อกโฆษณา - แนวโน้มนี้ก่อให้เกิดความกังวลเกี่ยวกับความเป็นอิสระของผู้ใช้ เนื่องจากเป็นการลงโทษผู้ที่เลือกใช้งานเว็บที่ปราศจากโฆษณาและการสอดส่อง - Firefox มีคุณสมบัติเฉพาะ เช่น แท็บคอนเทนเนอร์ ซึ่งช่วยเพิ่มความเป็นส่วนตัวและการใช้งาน ทำให้เป็นตัวเลือกที่ผู้ใช้ที่ต้องการความเป็นอิสระจากเบราว์เซอร์ที่ถูกควบคุมโดยบริษัทใหญ่ๆ นิยมใช้ + +## [ซีอีโอของ Sonos ลาออกหลังจากปัญหาการอัปเดตแอป](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42687932) + +- ซีอีโอของ Sonos ได้ลาออกหลังจากการอัปเดตแอปที่เป็นที่ถกเถียงซึ่งบังคับให้ผู้ใช้ต้องเปลี่ยนระบบเสียงที่มีราคาแพง ทำให้เกิดความไม่พอใจในหมู่ลูกค้า - การอัปเดตนี้ได้แนะนำระบบที่ใช้คลาวด์ แทนที่ระบบ Universal Plug and Play (UPnP) ที่เชื่อถือได้ ซึ่งนำไปสู่ปัญหาการเชื่อมต่อและความซับซ้อนที่เพิ่มขึ้น - สถานการณ์นี้เน้นย้ำถึงความขัดแย้งระหว่างกลยุทธ์ทางธุรกิจกับการรักษาความไว้วางใจของลูกค้า ในขณะที่ซีอีโอเปลี่ยนไปสู่บทบาทที่ปรึกษาพร้อมกับแพ็คเกจชดเชย + +## [ในท้องของ MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42696691) + +- บทความนี้ตรวจสอบว่าอัลกอริทึมของ YouTube มีอิทธิพลต่อการสร้างเนื้อหาอย่างไร โดยใช้ MrBeast เป็นกรณีศึกษา เน้นการเปลี่ยนแปลงไปสู่เนื้อหาที่ขับเคลื่อนด้วยการมีส่วนร่วมมากกว่าเนื้อหาที่มีความหมาย - มีการอภิปรายถึงผลกระทบที่กว้างขึ้นต่อการรู้เท่าทันสื่อและผลกระทบทางวัฒนธรรมของแพลตฟอร์มอย่าง YouTube และ TikTok โดยเสนอแนวโน้มไปสู่เนื้อหาที่ผิวเผินและตอบโต้ - มีการพิจารณามุมมองต่างๆ เกี่ยวกับบทบาทของอัลกอริทึมในการกำหนดเนื้อหาและอิทธิพลของผู้สร้างยอดนิยมต่อบรรทัดฐานทางวัฒนธรรม + +## [การดำเนินการ Git บน GitHub หยุดทำงาน](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub ประสบปัญหาการหยุดชะงักของการดำเนินการ Git เมื่อวันที่ 13 มกราคม 2025 เนื่องจากการเปลี่ยนแปลงการกำหนดค่าที่ส่งผลกระทบต่อโหลดบาลานเซอร์ภายใน ซึ่งกินเวลาตั้งแต่ 23:35 ถึง 00:24 UTC - ปัญหาได้รับการแก้ไขโดยการย้อนกลับการเปลี่ยนแปลงการกำหนดค่า และ GitHub กำลังทำงานเพื่อปรับปรุงกระบวนการตรวจสอบและการปรับใช้เพื่อป้องกันเหตุการณ์ที่คล้ายกัน - การหยุดชะงักยังส่งผลกระทบต่อบริการ Actions และ Pages ของ GitHub ซึ่งเน้นถึงธรรมชาติที่เชื่อมโยงกันของบริการแพลตฟอร์มของพวกเขา + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42691184) + +- GitHub ประสบปัญหาการหยุดทำงานครั้งใหญ่ที่ส่งผลกระทบต่อการดำเนินการของ git ทำให้นักพัฒนาสับสนในตอนแรกที่สงสัยว่ามีปัญหากับคีย์ SSH หรือการตั้งค่าท้องถิ่นของพวกเขา - เหตุการณ์นี้เน้นย้ำถึงความท้าทายของการพึ่งพาบริการแบบรวมศูนย์ กระตุ้นให้เกิดการสนทนาเกี่ยวกับข้อดีของการโฮสต์เองและระบบแบบกระจาย - แม้ว่าปัญหาจะได้รับการแก้ไขแล้ว แต่ก็ได้เน้นย้ำถึงความกังวลเกี่ยวกับความน่าเชื่อถือของ GitHub และความเสี่ยงของการพึ่งพาแพลตฟอร์มของบุคคลที่สามสำหรับงานที่จำเป็น + +## [ZFS 2.3 เปิดตัวพร้อมกับการขยาย ZFS raidz](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 ได้รับการเปิดตัวแล้ว โดยมีการแนะนำฟีเจอร์สำคัญเช่น RAIDZ Expansion, Fast Deduplication, Direct Input/Output, การแสดงผลแบบ JSON และการรองรับชื่อไฟล์ที่ยาว - การเปิดตัวนี้รวมถึงการแก้ไขบั๊กที่สำคัญและการปรับปรุงประสิทธิภาพ ซึ่งสามารถใช้งานร่วมกับเคอร์เนล Linux เวอร์ชัน 4.18 - 6.12 และ FreeBSD เวอร์ชัน 13.3, 14.0 - 14.2 - การอัปเดตนี้เป็นความร่วมมือจากผู้ร่วมพัฒนา 134 คน พร้อมด้วยเอกสารประกอบและบันทึกการเปลี่ยนแปลงที่สามารถตรวจสอบได้ + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 ได้รับการเปิดตัวแล้ว โดยมีการแนะนำฟีเจอร์ต่างๆ เช่น การขยาย RAIDZ, การลดข้อมูลซ้ำอย่างรวดเร็ว, การใช้งาน IO โดยตรง, การแสดงผล JSON และการรองรับชื่อไฟล์ที่ยาว - การขยาย RAIDZ นั้นโดดเด่นเป็นพิเศษเนื่องจากช่วยให้ผู้ใช้สามารถเพิ่มอุปกรณ์ใหม่ลงใน RAIDZ pool ที่มีอยู่โดยไม่ต้องหยุดทำงาน เพิ่มความจุในการจัดเก็บข้อมูล - การเปิดตัวนี้ถือเป็นความก้าวหน้าที่สำคัญสำหรับผู้ใช้ ZFS โดยมีการเปรียบเทียบกับระบบไฟล์อื่นๆ เช่น Btrfs และ Windows Storage Spaces แม้ว่าจะมีข้อจำกัดบางประการ เช่น การไม่สามารถลดขนาด pool ได้ + +## [Webtop – คอนเทนเนอร์ Alpine, Ubuntu, Fedora และ Arch ที่มีสภาพแวดล้อมเดสก์ท็อปแบบเต็มรูปแบบ](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop ให้บริการคอนเทนเนอร์ที่มีพื้นฐานจาก Alpine, Ubuntu, Fedora, และ Arch พร้อมด้วยสภาพแวดล้อมเดสก์ท็อปเต็มรูปแบบที่สามารถเข้าถึงได้ผ่านเว็บเบราว์เซอร์ รองรับทั้งสถาปัตยกรรม x86-64 และ arm64 +- ผู้ใช้สามารถเลือกจากสภาพแวดล้อมเดสก์ท็อปต่าง ๆ เช่น XFCE, KDE, MATE, i3, Openbox และ IceWM โดยใช้แท็กภาพเฉพาะ และเข้าถึง Webtop ผ่าน URL ที่กำหนด +- คุณสมบัติด้านความปลอดภัยประกอบด้วยตัวเลือก seccomp ของ Docker และการตั้งค่าการยืนยันตัวตน พร้อมตัวเลือกการปรับแต่งที่สามารถทำได้ผ่านตัวแปรสภาพแวดล้อม และรองรับการเร่งความเร็ว GPU ด้วยไดรเวอร์โอเพ่นซอร์ส + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42690983) + +- Webtop ให้บริการคอนเทนเนอร์ที่มีสภาพแวดล้อมเดสก์ท็อปเต็มรูปแบบสำหรับ Alpine, Ubuntu, Fedora, และ Arch ซึ่งเหมาะสำหรับการตั้งค่าอย่างรวดเร็วหลัง VPN +- ผู้ใช้ชื่นชม Webtop ในเรื่องความเร็วและความง่ายในการใช้งาน โดยเฉพาะเมื่อใช้ร่วมกับ Gluetun container เพื่อการเชื่อมต่อที่ปลอดภัย แต่เตือนให้ระวังการเปิดเผย container สู่อินเทอร์เน็ตโดยไม่มีมาตรการรักษาความปลอดภัย เนื่องจากขาดการยืนยันตัวตนเริ่มต้น +- โครงการนี้มีคุณค่าสำหรับการเป็นโอเพ่นซอร์สและยืดหยุ่น โดยผู้ใช้สามารถแบ่งปันการตั้งค่าได้ และทางเลือกอื่น ๆ เช่น Kasm และ Selkies ก็ถูกกล่าวถึงเพื่อวัตถุประสงค์ที่คล้ายกัน + +## [1 ใน 5 ของประกาศรับสมัครงานออนไลน์เป็นของปลอมหรือไม่เคยมีการจ้างงานจริง, การศึกษาพบ](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- การศึกษาล่าสุดระบุว่า 20% ของประกาศรับสมัครงานออนไลน์เป็นของปลอมหรือยังไม่ได้รับการเติมเต็ม ซึ่งเพิ่มความหงุดหงิดให้กับผู้หางาน - แนวโน้ม "งานผี" นี้อาจเป็นกลยุทธ์ของบริษัทในการสร้างภาพลักษณ์ของการเติบโต - แพลตฟอร์มงานเช่น Greenhouse และ LinkedIn ได้แนะนำบริการตรวจสอบงานเพื่อช่วยผู้ใช้ในการระบุโอกาสงานที่แท้จริง + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42697783) + +- การศึกษาพบว่า 20% ของประกาศรับสมัครงานออนไลน์เป็นประกาศปลอมหรือยังไม่ได้รับการเติมเต็ม ซึ่งมักเกิดจากบริษัทที่ต้องปฏิบัติตามนโยบายการย้ายถิ่นฐานของสหรัฐฯ - บริษัทอาจปล่อยประกาศรับสมัครงานไว้เพื่อหาผู้สมัครที่เหมาะสม เปลี่ยนแปลงข้อกำหนด หรือมีผู้สมัครภายในที่ได้รับการคัดเลือกไว้ล่วงหน้า - ตลาดงานเป็นเรื่องยากสำหรับผู้สมัคร ที่มักพบกับการถูกเมินเฉยและการปฏิเสธอัตโนมัติ ทำให้เกิดการเรียกร้องให้มีการแทรกแซงด้านกฎระเบียบ + +## [ทำให้ทางแยกไม่ปลอดภัยสำหรับคนเดินเท้าเพื่อประหยัดเวลาไม่กี่วินาทีสำหรับผู้ขับขี่](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42698557) + +- การอภิปรายมุ่งเน้นไปที่ว่าทางแยกควรให้ความสำคัญกับความปลอดภัยของคนเดินเท้าหรือประสิทธิภาพของผู้ขับขี่ โดยบางคนสนับสนุนทางแยกที่ควบคุมด้วยสัญญาณไฟและการข้ามถนนของคนเดินเท้าแทนที่จะใช้จุดหยุด 4 ทาง +- ความคิดเห็นเกี่ยวกับกฎหมายจราจรและการออกแบบโครงสร้างพื้นฐานมีความหลากหลาย โดยมีการอภิปรายเกี่ยวกับความปลอดภัยของการเดินข้ามถนนในที่ห้ามและความเสี่ยงที่เกี่ยวข้องกับการเลี้ยวขวาเมื่อสัญญาณไฟแดง +- บางคนสนับสนุนทางเลือกอื่น เช่น วงเวียน หรือการนำมาตรฐานวิศวกรรมจราจรของเนเธอร์แลนด์มาใช้เพื่อเพิ่มความปลอดภัยและประสิทธิภาพ + +## [PostgreSQL เป็นระบบจัดการฐานข้อมูลแห่งปี 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL ได้รับรางวัล DBMS of the Year 2024 จาก DB-Engines โดยได้รับการยอมรับนี้เป็นครั้งที่ห้า แซงหน้า 423 ระบบจัดการฐานข้อมูลอื่น ๆ +- PostgreSQL ซึ่งมีประวัติยาวนานเกือบ 35 ปี ยังคงสร้างสรรค์นวัตกรรมใหม่ ๆ ดังที่เห็นได้จากการปรับปรุงล่าสุดของ PostgreSQL 17 ที่เปิดตัวในเดือนกันยายน 2024 +- Snowflake และ Microsoft ได้รับตำแหน่งที่สองและสามตามลำดับ โดย Snowflake มีความโดดเด่นในด้านการจัดเก็บข้อมูลบนคลาวด์และการสนับสนุนหลายคลาวด์ ในขณะที่ Microsoft มีการจัดการฐานข้อมูลเชิงสัมพันธ์ที่แข็งแกร่งผ่าน Azure SQL Database และ SQL Server + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL ได้รับรางวัลระบบจัดการฐานข้อมูลแห่งปี 2024 จาก db-engines.com ซึ่งเน้นย้ำถึงความนิยมที่เพิ่มขึ้นและการยอมรับในอุตสาหกรรม +- ผู้ใช้กำลังพิจารณาเปลี่ยนจาก Microsoft SQL Server ไปเป็น PostgreSQL เนื่องจากค่าใช้จ่ายในการออกใบอนุญาตที่สูงและข้อจำกัดด้านทรัพยากร แม้ว่าจะมีความท้าทายในการย้ายข้อมูลก็ตาม +- PostgreSQL ได้รับความนิยมเนื่องจากมีฟีเจอร์ที่แข็งแกร่งและคุ้มค่า ทำให้เป็นตัวเลือกที่นิยมสำหรับโครงการในอนาคต แม้ว่าผู้ใช้บางรายจะสำรวจทางเลือกอื่นเช่น Babelfish เพื่อลดค่าใช้จ่าย + +## [การเข้าสู่ระบบ OAuth ของ Google ไม่ได้ป้องกันการซื้อโดเมนของสตาร์ทอัพที่ล้มเหลว](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42699099) + +- การอภิปรายเน้นถึงช่องโหว่ในระบบล็อกอิน OAuth ของ Google เมื่อโดเมนของสตาร์ทอัพที่ล้มเหลวถูกซื้อโดยเจ้าของใหม่ ซึ่งอาจทำให้เกิดการเข้าถึงบริการโดยไม่ได้รับอนุญาต +- ปัญหานี้เกิดขึ้นเนื่องจาก Google อาจไม่สามารถแยกแยะระหว่างเจ้าของโดเมนเดิมและเจ้าของโดเมนใหม่ได้ ซึ่งส่งผลกระทบต่อระบบใด ๆ ที่ใช้การยืนยันตัวตนตามโดเมน +- วิธีแก้ปัญหาที่เสนอคือการใช้ตัวระบุที่ไม่ซ้ำกันซึ่งคงที่ตลอดเวลา แม้ว่าการนำวิธีแก้ปัญหานี้ไปใช้จะแตกต่างกันไปในหมู่ผู้ให้บริการระบุตัวตน + +## [การใช้ทักษะการเขียนโค้ดเพื่อสร้างรายได้แบบพาสซีฟ](https://www.coryzue.com/writing/solopreneur/) + +- ผู้เขียนเปลี่ยนจากบทบาท CTO มาเป็นผู้ประกอบการเดี่ยว โดยประสบความสำเร็จในการสร้างรายได้มากขึ้นผ่านพอร์ตโฟลิโอของผลิตภัณฑ์ซอฟต์แวร์ +- กลยุทธ์หลักประกอบด้วยการมุ่งเน้นที่การทำงานอย่างลึกซึ้ง เริ่มต้นด้วยโครงการขนาดเล็ก ทำซ้ำอย่างรวดเร็ว และทุ่มเทเวลาให้กับความพยายามทางการตลาด +- การเดินทางนี้เน้นย้ำถึงความยืดหยุ่นเนื่องจากความไม่แน่นอน แต่ยังชี้ให้เห็นถึงความเป็นอิสระและเสรีภาพที่ไม่มีใครเทียบได้ของเส้นทางอาชีพนี้ โดยกระตุ้นให้ผู้ที่มีทักษะการเขียนโค้ดพิจารณาเพื่อรายได้แบบพาสซีฟ + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42696822) + +- ผู้ใช้คนหนึ่งได้อธิบายถึงการสร้างรายได้แบบพาสซีฟผ่านเว็บไซต์สแปม SEO โดยใช้ชื่อโดเมนที่กำลังจะหมดอายุ ทำรายได้ประมาณ $30,000 ต่อปี แม้ว่าจะมีข้อกังวลด้านจริยธรรมและการปราบปรามของ Google ในที่สุด +- โพสต์ดังกล่าวจุดประกายการถกเถียงเกี่ยวกับรายได้แบบพาสซีฟ โดยมีผู้ใช้บางคนโต้แย้งว่ามันคล้ายกับการดำเนินธุรกิจมากกว่าที่จะเป็นรายได้แบบพาสซีฟอย่างแท้จริง +- ผู้เข้าร่วมได้แบ่งปันประสบการณ์และความท้าทายในการทำโครงการเสริม โดยเน้นถึงความสำคัญของเวลา ความยืดหยุ่น และการวางแผนเชิงกลยุทธ์ + +## [สเปนเสนอภาษี 100% สำหรับบ้านที่ซื้อโดยผู้อยู่อาศัยนอกสหภาพยุโรป](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- สเปนกำลังพิจารณาภาษี 100% สำหรับการซื้ออสังหาริมทรัพย์โดยผู้ที่ไม่ใช่ผู้อยู่อาศัยในสหภาพยุโรป โดยมีเป้าหมายเพื่อแก้ไขปัญหาวิกฤตที่อยู่อาศัยและควบคุมการซื้อเพื่อเก็งกำไร +- ข้อเสนอของนายกรัฐมนตรีเปโดร ซานเชซ รวมถึงการขยายที่อยู่อาศัยสังคมและการควบคุมการเช่าที่พักสำหรับนักท่องเที่ยวเพื่อแก้ไขความไม่สมดุลระหว่างราคาที่อยู่อาศัยและรายได้ +- อนาคตของข้อเสนอนี้ในฐานะกฎหมายยังไม่แน่นอน โดยนักวิเคราะห์บางคนมองว่าเป็นการขัดขวางนักลงทุนต่างชาติมากกว่าการเปลี่ยนแปลงทางกฎหมายที่รับประกันได้ + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42690781) + +- สเปนกำลังพิจารณาภาษี 100% สำหรับบ้านที่ซื้อโดยผู้ที่ไม่ใช่ผู้อยู่อาศัยในสหภาพยุโรปเพื่อแก้ปัญหาความสามารถในการซื้อที่อยู่อาศัย - นักวิจารณ์แนะนำว่าผู้ซื้อชาวต่างชาติไม่ใช่สาเหตุหลักของราคาที่อยู่อาศัยสูง โดยอ้างถึงระบบราชการที่ล่าช้าและกฎหมายการแบ่งเขตว่าเป็นปัจจัยที่สำคัญกว่า - ข้อเสนอนี้ได้จุดประกายการถกเถียงเกี่ยวกับบทบาทของการเป็นเจ้าของโดยชาวต่างชาติในตลาดที่อยู่อาศัยและประสิทธิภาพของมันในการแก้ไขปัญหาความสามารถในการซื้อ + +## [แอปเปิลจะได้รับชิป 'ผลิตในอเมริกา' จากโรงงานของ TSMC ในรัฐแอริโซนาในไม่ช้า](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple กำลังทดสอบโปรเซสเซอร์จากโรงงานของ TSMC ในรัฐแอริโซนา โดยมีแผนที่จะผลิตในปริมาณมากภายในไตรมาสแรก ซึ่งอาจทำให้ Apple กลายเป็นลูกค้ารายแรกของ TSMC ในสหรัฐฯ สำหรับชิปที่ผลิตในท้องถิ่น - โครงการนี้มีเป้าหมายเพื่อเสริมสร้างความเป็นอิสระด้านซิลิคอนของสหรัฐฯ ลดการพึ่งพาไต้หวันซึ่งมีความเสี่ยงต่อปัญหาทางภูมิรัฐศาสตร์และธรรมชาติ - โรงงานของ TSMC ในแอริโซนามีกำหนดจะผลิตชิปขั้นสูงขนาด 3nm และ 2nm โดยมีความพยายามอย่างต่อเนื่องในการเพิ่มการสรรหาบุคลากรในท้องถิ่นและความร่วมมือกับมหาวิทยาลัยในสหรัฐฯ แม้ว่าการบรรจุหีบห่อจะเกิดขึ้นในไต้หวันในช่วงแรกจนกว่าโรงงานใน Peoria จะเริ่มดำเนินการ + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42699977) + +- แอปเปิลจะได้รับชิปจากโรงงานของ TSMC ในรัฐแอริโซนา แต่จำเป็นต้องส่งกลับไปยังไต้หวันเพื่อบรรจุภัณฑ์เนื่องจากสิ่งอำนวยความสะดวกในสหรัฐฯ ไม่เพียงพอ - กว่า 50% ของแรงงานที่โรงงานในแอริโซนามาจากไต้หวัน ซึ่งบ่งชี้ถึงช่องว่างในสาขา STEM (วิทยาศาสตร์ เทคโนโลยี วิศวกรรมศาสตร์ และคณิตศาสตร์) ของสหรัฐฯ - โครงการ CHIPS Act ที่มุ่งเสริมสร้างการผลิตเซมิคอนดักเตอร์ในสหรัฐฯ เผชิญกับความท้าทายเนื่องจากป้าย "ผลิตในอเมริกา" ถูกตั้งคำถามเนื่องจากกระบวนการบรรจุภัณฑ์เกิดขึ้นในไต้หวัน โดยมีแผนสำหรับความสามารถในการบรรจุภัณฑ์ในสหรัฐฯ ภายในปี 2027 + +## [มีผู้ขับขี่น้อยลง 43,000 คนบนถนนในแมนฮัตตันหลังจากการเปิดใช้งานการคิดค่าผ่านทางตามความหนาแน่นของการจราจร](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- หลังจากการใช้ระบบการคิดค่าธรรมเนียมการจราจร มีการลดลงของผู้ขับขี่ที่เข้าสู่แมนฮัตตันใต้ถนนที่ 60 ลง 7.5% ซึ่งเท่ากับมีผู้ขับขี่น้อยลง 43,000 คนในแต่ละวันธรรมดา +- การลดลงของการจราจรได้ปรับปรุงการไหลของการจราจรและเพิ่มความเร็วของรถบัส โดยมีรถบัสด่วนบางสายที่มีจำนวนผู้โดยสารเพิ่มขึ้น +- การขนส่งมวลชนมหานคร (MTA) ใช้รายได้จากค่าผ่านทาง ซึ่งประมาณการไว้ที่ 500 ล้านดอลลาร์ต่อปี สำหรับการปรับปรุงระบบขนส่ง แม้ว่าจะมีการคัดค้านทางการเมืองอยู่บ้าง + +### [ปฏิกิริยา](https://news.ycombinator.com/item?id=42692730) + +- การนำระบบการคิดค่าธรรมเนียมการจราจรติดขัดมาใช้ในแมนฮัตตันส่งผลให้มีผู้ขับขี่รถยนต์น้อยลง 43,000 คน นำไปสู่ความเร็วของรถโดยสารที่เพิ่มขึ้นและอาจทำให้เวลาตอบสนองฉุกเฉินดีขึ้น +- นโยบายนี้ถูกออกแบบมาเพื่อลดความแออัดของการจราจรและปรับปรุงคุณภาพอากาศ แม้ว่าจะก่อให้เกิดการถกเถียงเกี่ยวกับผลกระทบต่อบุคคลที่มีรายได้น้อย +- ผู้สนับสนุนโต้แย้งว่าประโยชน์รวมถึงระบบขนส่งสาธารณะที่มีประสิทธิภาพมากขึ้นและอากาศที่สะอาดขึ้น ในขณะที่การอภิปรายยังคงดำเนินต่อไปเกี่ยวกับการสร้างสมดุลระหว่างข้อดีเหล่านี้กับความต้องการของผู้ขับขี่ + + + + + + diff --git a/i18n/tr/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/tr/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..502e9c741 --- /dev/null +++ b/i18n/tr/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [Bir Snyk güvenlik araştırmacısı, cursor.com'u hedef alan kötü niyetli NPM paketleri dağıtıyor.](https://sourcecodered.com/snyk-malicious-npm-package/) + +- Bir Snyk güvenlik araştırmacısı, sistem verilerini toplamak ve saldırgan kontrolündeki bir hizmete göndermek amacıyla, bir yapay zeka kodlama şirketi olan Cursor.com'u hedef alan kötü niyetli NPM paketleri yayımladı. +- Bu paketler, "cursor-retrieval," "cursor-always-local" ve "cursor-shadow-workspace" olarak tanımlandı ve OpenSSF paket analiz tarayıcısı tarafından işaretlenerek MAL-2025-27, MAL-2025-28 ve MAL-2025-29 uyarılarına yol açtı. +- Bu olay, potansiyel güvenlik tehditlerinden kaçınmak için NPM paketlerini yüklemeden önce dikkatlice incelemenin önemini vurgulamaktadır. + +### [Tepkiler](https://news.ycombinator.com/item?id=42690473) + +- Snyk güvenlik araştırmacısı, cursor.com'u hedef alan kötü amaçlı NPM (Node Package Manager) paketlerini yayınlayarak bağımlılık karışıklığı açıklarını vurguladı. - Olay, özellikle ortam değişkenlerinin kamuya açıklanması konusunda güvenlik araştırmalarının etiği üzerine bir tartışma başlattı. - Cursor.com, bu eylemi yetkilendirmediklerini açıkladı ve Snyk, saldırgan güvenlik araştırmalarını etik standartlarla dengelemenin zorluklarını vurgulayarak özür diledi. + +## [Firefox'a Geçtim ve Bir Daha Asla Geriye Bakmadım](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox, üstün sekme yönetimi, bağlantıları kaydetmek için yerleşik Pocket özelliği ve gizlilik odaklı e-posta yönlendirmesi ile övülmekte olup, Chrome'a güçlü bir alternatif oluşturmaktadır. - Kullanıcı dostu ekran görüntüsü aracı, ChatGPT düğmesi, Resim içinde Resim, özelleştirilebilir arama seçenekleri ve akıcı kaydırma gibi ek özellikler, gezinme deneyimini geliştirmektedir. - Firefox, Chrome'un web uygulama özelliğinden yoksun olsa da, düşünceli tasarımı ve azaltılmış kaynak talepleri, bazı kullanıcılar için tercih edilen bir seçenek haline getirmektedir. + +### [Tepkiler](https://news.ycombinator.com/item?id=42696081) + +- Firefox kullanıcıları, YouTube gibi platformlardan, özellikle Google dışı tarayıcılar veya reklam engelleyiciler kullanan kullanıcılar için deneyimi kasıtlı olarak kötüleştirebilecek zorluklarla karşı karşıya kalıyor. - Bu eğilim, reklamsız ve gözetimsiz bir web deneyimi tercih edenleri cezalandırdığı için kullanıcı özerkliği konusunda endişeleri artırıyor. - Firefox, gizliliği ve kullanılabilirliği artıran konteyner sekmeleri gibi benzersiz özellikler sunarak, büyük şirketlerin kontrolündeki tarayıcılardan bağımsızlık arayan kullanıcılar için tercih edilen bir seçenek haline geliyor. + +## [Sonos CEO'su, uygulama güncelleme fiyaskosunun ardından istifa etti](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [Tepkiler](https://news.ycombinator.com/item?id=42687932) + +- Sonos CEO'su, kullanıcıların pahalı ses sistemlerini değiştirmesini gerektiren tartışmalı bir uygulama güncellemesinin ardından istifa etti ve bu durum müşteri memnuniyetsizliğine yol açtı. - Güncelleme, güvenilir Universal Plug and Play (UPnP) sisteminden uzaklaşarak bulut tabanlı bir sistem tanıttı ve bu da bağlantı sorunlarına ve artan karmaşıklığa neden oldu. - Bu durum, iş stratejileri ile müşteri güvenini sürdürme arasındaki çatışmayı vurgularken, CEO bir kıdem tazminatı paketi ile danışmanlık rolüne geçiş yapıyor. + +## [MrBeast'in karnında](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [Tepkiler](https://news.ycombinator.com/item?id=42696691) + +- Makale, YouTube'un algoritmasının içerik oluşturmayı nasıl etkilediğini inceliyor ve MrBeast'i bir vaka çalışması olarak kullanarak, anlamlı içerikten ziyade etkileşim odaklı bir kaymaya dikkat çekiyor. - Medya okuryazarlığı ve YouTube ile TikTok gibi platformların kültürel etkileri için daha geniş sonuçları tartışıyor ve yüzeysel ve tepkisel içeriğe doğru bir eğilim öneriyor. - Algoritmaların içeriği şekillendirmedeki rolü ve popüler içerik oluşturucuların kültürel normlar üzerindeki etkisi hakkında çeşitli bakış açıları ele alınıyor. + +## [GithHub Git İşlemleri Çalışmıyor](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub, 13 Ocak 2025'te, iç yük dengeleyicisini etkileyen bir yapılandırma değişikliği nedeniyle 23:35'ten 00:24 UTC'ye kadar süren bir Git operasyonları kesintisi yaşadı. - Sorun, yapılandırma değişikliğinin geri alınmasıyla çözüldü ve GitHub, benzer olayları önlemek için izleme ve dağıtım süreçlerini iyileştirmeye çalışıyor. - Kesinti, GitHub'ın Actions ve Pages hizmetlerini de etkiledi ve platform hizmetlerinin birbirine bağlı doğasını vurguladı. + +### [Tepkiler](https://news.ycombinator.com/item?id=42691184) + +- GitHub, git işlemlerini etkileyen büyük bir kesinti yaşadı ve bu durum, başlangıçta SSH anahtarları veya yerel yapılandırmalarla ilgili sorunlar olduğunu düşünen geliştiriciler arasında kafa karışıklığına neden oldu. - Olay, merkezi hizmetlere güvenmenin zorluklarını vurguladı ve kendi kendine barındırma ve merkezi olmayan sistemlerin avantajları üzerine tartışmaları tetikledi. - Sorun çözülmüş olmasına rağmen, GitHub'ın güvenilirliği ve temel görevler için üçüncü taraf platformlara bağımlılığın riskleri konusundaki endişeleri gündeme getirdi. + +## [ZFS 2.3, ZFS raidz genişletmesi ile yayınlandı](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0, RAIDZ Genişletme, Hızlı Tekilleştirme, Doğrudan Giriş/Çıkış, JSON çıktısı ve uzun dosya adları desteği gibi önemli özellikler sunarak yayınlandı. - Sürüm, Linux çekirdekleri 4.18 - 6.12 ve FreeBSD sürümleri 13.3, 14.0 - 14.2 ile uyumlu olan temel hata düzeltmeleri ve performans iyileştirmelerini içeriyor. - Güncelleme, 134 katkıda bulunanın işbirliğiyle hazırlandı ve incelenmek üzere kapsamlı bir dokümantasyon ve değişiklik günlüğü mevcut. + +### [Tepkiler](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3, RAIDZ genişletme, hızlı veri tekilleştirme, doğrudan IO, JSON çıktısı ve uzun dosya adları desteği gibi özellikler sunarak piyasaya sürüldü. - RAIDZ genişletme, özellikle dikkat çekicidir çünkü kullanıcıların mevcut bir RAIDZ havuzuna yeni cihazlar eklemesine olanak tanır ve bu da depolama kapasitesini artırırken kesinti süresi olmadan yapılabilir. - Bu sürüm, ZFS kullanıcıları için önemli bir ilerleme olarak kabul edilir ve Btrfs ve Windows Storage Spaces gibi diğer dosya sistemleriyle karşılaştırmalar yapılır, havuzları küçültme yeteneği gibi bazı sınırlamalar olmasına rağmen. + +## [Webtop – Tam masaüstü ortamları içeren Alpine, Ubuntu, Fedora ve Arch konteynerleri](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop, web tarayıcılar aracılığıyla erişilebilen tam masaüstü ortamları sunan, Alpine, Ubuntu, Fedora ve Arch tabanlı konteynerler sağlar ve hem x86-64 hem de arm64 mimarilerini destekler. +- Kullanıcılar, belirli imaj etiketlerini kullanarak XFCE, KDE, MATE, i3, Openbox ve IceWM gibi çeşitli masaüstü ortamlarından seçim yapabilir ve belirlenmiş URL'ler aracılığıyla Webtop'a erişebilirler. +- Metin: Güvenlik özellikleri arasında Docker'ın seccomp seçeneği ve kimlik doğrulama kurulumu bulunur, ortam değişkenleri aracılığıyla özelleştirme seçenekleri mevcuttur ve açık kaynak sürücülerle GPU hızlandırma desteği sunulmaktadır. + +### [Tepkiler](https://news.ycombinator.com/item?id=42690983) + +- Webtop, Alpine, Ubuntu, Fedora ve Arch için tam masaüstü ortamlarına sahip konteynerler sunar ve bir VPN arkasında hızlı kurulumlar için uygundur. +- Kullanıcılar, Webtop'un hızını ve kullanım kolaylığını, özellikle güvenli bağlantılar için Gluetun konteyneri ile kullanıldığında övüyorlar, ancak varsayılan kimlik doğrulama eksikliği nedeniyle konteynerleri internete güvenlik önlemleri olmadan açma konusunda uyarıda bulunuyorlar. +- Proje, açık kaynaklı ve esnek olması nedeniyle değerli bulunmakta, kullanıcılar yapılandırmaları paylaşmakta ve Kasm ile Selkies gibi alternatifler benzer amaçlar için belirtilmektedir. + +## [Çalışma, çevrimiçi iş ilanlarının 5'te 1'inin ya sahte olduğunu ya da hiç doldurulmadığını ortaya koyuyor.](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- Son yapılan bir çalışma, çevrimiçi iş ilanlarının %20'sinin ya sahte olduğunu ya da doldurulmadığını, bu durumun iş arayanların hayal kırıklığını artırdığını gösteriyor. - Bu "hayalet iş" trendi, şirketlerin büyüme imajı yansıtmak için bir taktik olabilir. - Greenhouse ve LinkedIn gibi iş platformları, kullanıcıların gerçek iş fırsatlarını belirlemelerine yardımcı olmak için iş doğrulama hizmetleri sunmaya başladı. + +### [Tepkiler](https://news.ycombinator.com/item?id=42697783) + +- Bir çalışma, çevrimiçi iş ilanlarının %20'sinin ya sahte olduğunu ya da doldurulmadığını, bunun genellikle şirketlerin ABD göçmenlik politikalarına uyması gerektiğinden kaynaklandığını ortaya koyuyor. - Şirketler ayrıca ideal adayları bulmak, gereksinimleri değiştirmek veya önceden seçilmiş iç adaylara sahip olmak için iş ilanlarını açık bırakabilir. - İş piyasası, sık sık hayalet muamele ve otomatik reddedilme ile karşılaşan başvuru sahipleri için zordur ve bu durum düzenleyici müdahale çağrılarına yol açmaktadır. + +## [Yayalar için bir kavşağı güvensiz hale getirerek sürücüler için saniyeler kazanmak](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [Tepkiler](https://news.ycombinator.com/item?id=42698557) + +- Bu tartışma, kavşakların yaya güvenliğini mi yoksa sürücü verimliliğini mi önceliklendirmesi gerektiği etrafında dönüyor; bazıları ışık kontrollü kavşakları ve yaya geçitlerini 4 yönlü duraklara tercih ediyor. +- Fikirler, trafik yasaları ve altyapı tasarımı konusunda farklılık göstermektedir; bu, yaya geçidi olmayan yerlerde karşıdan karşıya geçmenin güvenliği ve kırmızı ışıkta sağa dönüşle ilgili riskler üzerine tartışmaları içermektedir. +- Kimileri, hem güvenliği hem de verimliliği artırmak için dönel kavşaklar veya Hollanda trafik mühendisliği standartlarının benimsenmesi gibi alternatif çözümleri savunuyor. + +## [PostgreSQL, 2024 Yılının Veritabanı Yönetim Sistemi oldu.](https://db-engines.com/en/blog_post/109) + +- PostgreSQL, 423 diğer veritabanı yönetim sistemini geride bırakarak, DB-Engines tarafından 2024 Yılının DBMS'si ödülüne layık görüldü ve bu tanınırlığı beşinci kez elde etti. +- PostgreSQL, neredeyse 35 yıllık bir geçmişe sahip olup, Eylül 2024'te piyasaya sürülen PostgreSQL 17'nin son geliştirmelerinde görüldüğü gibi yenilik yapmaya devam ediyor. +- Snowflake ve Microsoft sırasıyla ikinci ve üçüncü sırayı aldı; Snowflake bulut tabanlı veri ambarı ve çoklu bulut desteği ile dikkat çekerken, Microsoft Azure SQL Veritabanı ve SQL Server aracılığıyla güçlü yönetilen ilişkisel veritabanları sunuyor. + +### [Tepkiler](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL, db-engines.com tarafından 2024 Yılının Veritabanı Yönetim Sistemi ödülüne layık görüldü ve bu, endüstrideki artan popülaritesini ve tanınırlığını vurguluyor. +- Kullanıcılar, olası geçiş zorluklarına rağmen yüksek lisans maliyetleri ve kaynak sınırlamaları nedeniyle Microsoft SQL Server'dan PostgreSQL'e geçmeyi düşünüyor. +- PostgreSQL, sağlam özellikleri ve maliyet etkinliği nedeniyle gelecekteki projeler için tercih edilen bir seçenek olup, bazı kullanıcılar maliyetleri azaltmak için Babelfish gibi alternatifleri de araştırmaktadır. + +## [Google’ın OAuth girişi, başarısız bir girişim alan adının satın alınmasına karşı koruma sağlamaz.](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [Tepkiler](https://news.ycombinator.com/item?id=42699099) + +- Bu tartışma, başarısız bir girişimin alan adının yeni bir sahip tarafından satın alındığında, Google'ın OAuth giriş sisteminde yetkisiz erişime izin verebilecek bir güvenlik açığını vurgulamaktadır. +- Bu sorun, Google'ın orijinal ve yeni alan adı sahiplerini ayırt edememesi nedeniyle ortaya çıkar ve alan adı tabanlı kimlik doğrulama kullanan herhangi bir sistemi etkileyebilir. +- Önerilen bir çözüm, zamanla sabit kalan benzersiz tanımlayıcılar kullanmaktır, ancak bu çözümün uygulanması kimlik sağlayıcıları arasında farklılık göstermektedir. + +## [Pasif gelir elde etmek için kodlama becerilerini kullanma](https://www.coryzue.com/writing/solopreneur/) + +- Yazar, CTO rolünden soloprenörlüğe geçiş yaparak, bir dizi yazılım ürünü aracılığıyla daha fazla kazanç elde etti. +- Temel stratejiler arasında derin çalışmaya odaklanmak, küçük projelerle başlamak, hızlı bir şekilde yinelemek ve pazarlama çabalarına zaman ayırmak yer alır. +- Yolculuk, belirsizlikler nedeniyle dayanıklılığı vurgularken, bu kariyer yolunun eşsiz özerklik ve özgürlüğünü öne çıkarıyor ve kodlama becerilerine sahip olanları pasif gelir için bunu düşünmeye teşvik ediyor. + +### [Tepkiler](https://news.ycombinator.com/item?id=42696822) + +- Kullanıcı, etik kaygılara ve Google'ın nihai baskısına rağmen, sona eren alan adlarını kullanarak SEO spam web siteleri aracılığıyla pasif gelir elde etmeyi ve yıllık yaklaşık 30 bin dolar kazanmayı tarif etti. +- Bu gönderi, pasif gelir konusunda bir tartışma başlattı ve bazı kullanıcılar bunun gerçekten pasif kazançlardan ziyade bir iş yürütmeye daha çok benzediğini savundu. +- Katılımcılar, yan projelerdeki deneyimlerini ve zorluklarını paylaşarak zamanın, dayanıklılığın ve stratejik planlamanın önemini vurguladılar. + +## [İspanya, AB üyesi olmayan sakinler tarafından satın alınan evlere %100 vergi öneriyor](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- İspanya, konut krizini ele almak ve spekülatif alımları sınırlamak amacıyla AB üyesi olmayan sakinler tarafından yapılan gayrimenkul alımlarına %100 vergi getirmeyi düşünüyor. +- Başbakan Pedro Sánchez'in teklifi, konut fiyatları ile gelirler arasındaki eşitsizliği ele almak için sosyal konutların genişletilmesini ve turistik kiralamaların düzenlenmesini içeriyor. +- Teklifin yasa olarak geleceği belirsiz, bazı analistler bunu kesin bir yasal değişiklikten ziyade yabancı yatırımcılar için bir caydırıcı olarak görüyor. + +### [Tepkiler](https://news.ycombinator.com/item?id=42690781) + +- İspanya, konutların uygun fiyatlı olma sorunlarını ele almak için AB dışı sakinler tarafından satın alınan evlere %100 vergi getirmeyi düşünüyor. - Eleştirmenler, yabancı alıcıların yüksek konut fiyatlarının birincil nedeni olmadığını, yavaş bürokrasi ve imar yasalarının daha önemli faktörler olduğunu öne sürüyor. - Öneri, konut piyasalarında yabancı mülkiyetin rolü ve uygun fiyatlılık sorunlarını çözmedeki etkinliği konusunda bir tartışma başlattı. + +## [Apple yakında TSMC'nin Arizona fabrikasından 'Amerika'da üretilmiş' çipler alacak](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple, TSMC'nin Arizona tesisinden işlemcileri test ediyor ve ilk çeyrekte seri üretime geçmeyi planlıyor, bu da TSMC'nin yerel olarak üretilen çipler için ilk ABD müşterisi olma potansiyelini taşıyor. - Bu girişim, ABD'nin silikon bağımsızlığını güçlendirmeyi, jeopolitik ve doğal risklere karşı savunmasız olan Tayvan'a bağımlılığı azaltmayı amaçlıyor. - TSMC'nin Arizona fabrikası, gelişmiş 3nm ve 2nm çipler üretecek ve yerel işe alım ile ABD üniversiteleriyle ortaklıkları geliştirme çabaları devam ediyor, ancak paketleme başlangıçta Tayvan'da gerçekleşecek ve Peoria tesisi faaliyete geçene kadar bu durum sürecek. + +### [Tepkiler](https://news.ycombinator.com/item?id=42699977) + +- Apple, TSMC'nin Arizona tesisinden çip alacak, ancak ABD'deki yetersiz tesisler nedeniyle paketleme için Tayvan'a geri gönderilmeleri gerekiyor. - Arizona tesisindeki iş gücünün %50'den fazlası Tayvan'dan, bu da ABD'nin STEM (Bilim, Teknoloji, Mühendislik ve Matematik) alanında bir boşluk olduğunu gösteriyor. - ABD yarı iletken üretimini artırmayı amaçlayan CHIPS Yasası girişimi, paketleme sürecinin Tayvan'da gerçekleşmesi nedeniyle "Amerika'da Üretildi" etiketinin sorgulanmasıyla zorluklarla karşılaşıyor, 2027 yılına kadar ABD'de paketleme yetenekleri için planlar yapılıyor. + +## [Yoğunluk fiyatlandırması devreye girdikten sonra Manhattan yollarında 43 bin daha az sürücü var.](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Yoğunluk fiyatlandırması uygulandıktan sonra, 60. Cadde'nin altındaki Manhattan'a giren sürücülerde %7,5'lik bir azalma oldu, bu da her hafta içi 43.000 daha az sürücüye eşdeğer. +- Trafikteki azalma, trafik akışını iyileştirmiş ve otobüs hızlarını artırmıştır, bazı ekspres otobüsler daha yüksek yolcu sayısı yaşamaktadır. +- MTA, bazı siyasi muhalefetlere rağmen, yıllık yaklaşık 500 milyon dolar olarak tahmin edilen geçiş ücreti gelirini ulaşım iyileştirmeleri için kullanıyor. + +### [Tepkiler](https://news.ycombinator.com/item?id=42692730) + +- Manhattan'da tıkanıklık fiyatlandırmasının uygulanması, 43.000 daha az sürücüye yol açarak otobüs hızlarının artmasına ve potansiyel olarak daha iyi acil durum müdahale sürelerine neden oldu. +- Politika, trafik sıkışıklığını azaltmak ve hava kalitesini iyileştirmek için tasarlanmıştır, ancak düşük gelirli bireyler üzerindeki etkisi konusunda tartışmalara yol açmıştır. +- Destekleyenler, faydalar arasında daha verimli toplu taşıma ve daha temiz hava olduğunu savunurken, bu avantajların sürücülerin ihtiyaçlarıyla nasıl dengeleneceği konusunda tartışmalar devam ediyor. + + + + + + diff --git a/i18n/vi/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/vi/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..8c5e22540 --- /dev/null +++ b/i18n/vi/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [Snyk nhà nghiên cứu bảo mật triển khai các gói NPM độc hại nhắm mục tiêu vào cursor.com](https://sourcecodered.com/snyk-malicious-npm-package/) + +- Một nhà nghiên cứu bảo mật của Snyk đã phát hành các gói NPM độc hại nhắm vào Cursor.com, một công ty mã hóa AI, để thu thập dữ liệu hệ thống và gửi nó đến một dịch vụ do kẻ tấn công kiểm soát. +- Những gói này, được xác định là "cursor-retrieval," "cursor-always-local," và "cursor-shadow-workspace," đã bị gắn cờ bởi máy quét phân tích gói OpenSSF, dẫn đến các khuyến cáo MAL-2025-27, MAL-2025-28, và MAL-2025-29. +- Vụ việc này nhấn mạnh tầm quan trọng của việc kiểm tra kỹ lưỡng các gói NPM trước khi cài đặt để tránh các mối đe dọa an ninh tiềm ẩn. + +### [phản ứng](https://news.ycombinator.com/item?id=42690473) + +- Ai nghiên cứu bảo mật của Snyk đã phát hành các gói NPM (Node Package Manager) độc hại nhắm vào cursor.com, làm nổi bật các lỗ hổng nhầm lẫn phụ thuộc. - Sự cố này đã gây ra một cuộc tranh luận về đạo đức trong nghiên cứu bảo mật, đặc biệt là liên quan đến việc công khai các biến môi trường. - Cursor.com đã làm rõ rằng họ không ủy quyền cho hành động này, và Snyk đã xin lỗi kể từ đó, nhấn mạnh những thách thức trong việc cân bằng nghiên cứu bảo mật tấn công với các tiêu chuẩn đạo đức. + +## [Tôi đã chuyển sang Firefox và không bao giờ nhìn lại](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox được khen ngợi vì khả năng quản lý tab vượt trội, tính năng Pocket tích hợp để lưu liên kết và dịch vụ chuyển tiếp email tập trung vào quyền riêng tư, làm cho nó trở thành một lựa chọn thay thế mạnh mẽ cho Chrome. - Các tính năng bổ sung như công cụ chụp màn hình thân thiện với người dùng, nút ChatGPT, chế độ Picture-in-Picture, tùy chọn tìm kiếm có thể tùy chỉnh và cuộn mượt mà nâng cao trải nghiệm duyệt web. - Mặc dù Firefox thiếu tính năng ứng dụng web của Chrome, thiết kế chu đáo và yêu cầu tài nguyên giảm khiến nó trở thành lựa chọn ưa thích của một số người dùng. + +### [phản ứng](https://news.ycombinator.com/item?id=42696081) + +- Người dùng Firefox đối mặt với thách thức từ các nền tảng như YouTube, có thể cố ý làm giảm trải nghiệm cho các trình duyệt không phải của Google hoặc người dùng sử dụng trình chặn quảng cáo. - Xu hướng này gây lo ngại về quyền tự chủ của người dùng, vì nó trừng phạt những người chọn trải nghiệm web không có quảng cáo và giám sát. - Firefox cung cấp các tính năng độc đáo, như tab container, giúp tăng cường quyền riêng tư và khả năng sử dụng, làm cho nó trở thành lựa chọn ưa thích cho những người dùng tìm kiếm sự độc lập khỏi các trình duyệt do các tập đoàn lớn kiểm soát. + +## [CEO của Sonos từ chức sau vụ bê bối cập nhật ứng dụng](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [phản ứng](https://news.ycombinator.com/item?id=42687932) + +- Theo thông tin, CEO của Sonos đã từ chức sau khi có một bản cập nhật ứng dụng gây tranh cãi, yêu cầu người dùng thay thế các hệ thống âm thanh đắt tiền, dẫn đến sự không hài lòng của khách hàng. - Bản cập nhật này đã giới thiệu một hệ thống dựa trên đám mây, chuyển từ hệ thống Universal Plug and Play (UPnP) đáng tin cậy, dẫn đến các vấn đề kết nối và tăng độ phức tạp. - Tình huống này nhấn mạnh mâu thuẫn giữa chiến lược kinh doanh và duy trì niềm tin của khách hàng, khi CEO chuyển sang vai trò cố vấn với một gói trợ cấp thôi việc. + +## [Trong bụng của MrBeast](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [phản ứng](https://news.ycombinator.com/item?id=42696691) + +- Theo bài tiểu luận, thuật toán của YouTube ảnh hưởng đến việc tạo nội dung như thế nào, sử dụng MrBeast làm trường hợp nghiên cứu, nhấn mạnh sự chuyển dịch hướng tới nội dung dựa trên sự tương tác hơn là nội dung có ý nghĩa. - Nó thảo luận về những tác động rộng lớn hơn đối với khả năng hiểu biết về truyền thông và ảnh hưởng văn hóa của các nền tảng như YouTube và TikTok, gợi ý một xu hướng hướng tới nội dung hời hợt và phản ứng. - Nhiều quan điểm khác nhau được xem xét về vai trò của thuật toán trong việc định hình nội dung và ảnh hưởng của những người sáng tạo nổi tiếng đối với các chuẩn mực văn hóa. + +## [Hoạt động Git trên GitHub đang gặp sự cố](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- GitHub đã gặp sự cố gián đoạn hoạt động Git vào ngày 13 tháng 1 năm 2025, do thay đổi cấu hình ảnh hưởng đến bộ cân bằng tải nội bộ, kéo dài từ 23:35 đến 00:24 UTC. - Vấn đề đã được giải quyết bằng cách hoàn nguyên thay đổi cấu hình, và GitHub đang làm việc để cải thiện quy trình giám sát và triển khai nhằm ngăn chặn các sự cố tương tự. - Sự cố gián đoạn cũng ảnh hưởng đến các dịch vụ Actions và Pages của GitHub, làm nổi bật tính chất liên kết của các dịch vụ nền tảng của họ. + +### [phản ứng](https://news.ycombinator.com/item?id=42691184) + +- GitHub đã gặp phải một sự cố lớn ảnh hưởng đến các hoạt động git, dẫn đến sự nhầm lẫn trong cộng đồng phát triển khi ban đầu họ nghi ngờ có vấn đề với các khóa SSH hoặc cấu hình cục bộ của mình. - Sự cố này nhấn mạnh những thách thức của việc phụ thuộc vào các dịch vụ tập trung, thúc đẩy các cuộc thảo luận về lợi ích của việc tự lưu trữ và các hệ thống phi tập trung. - Mặc dù vấn đề đã được giải quyết, nhưng nó đã làm nổi bật những lo ngại về độ tin cậy của GitHub và những rủi ro khi phụ thuộc vào các nền tảng bên thứ ba cho các nhiệm vụ quan trọng. + +## [ZFS 2.3 phát hành với mở rộng ZFS raidz](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- OpenZFS 2.3.0 đã được phát hành, giới thiệu các tính năng quan trọng như Mở rộng RAIDZ, Khử trùng lặp Nhanh, Đầu vào/Đầu ra Trực tiếp, đầu ra JSON và hỗ trợ tên tệp dài. - Bản phát hành bao gồm các bản sửa lỗi quan trọng và cải tiến hiệu suất, tương thích với các nhân Linux từ 4.18 đến 6.12 và các phiên bản FreeBSD 13.3, 14.0 - 14.2. - Bản cập nhật là nỗ lực hợp tác từ 134 người đóng góp, với tài liệu đầy đủ và nhật ký thay đổi có sẵn để xem xét. + +### [phản ứng](https://news.ycombinator.com/item?id=42694596) + +- ZFS 2.3 đã được phát hành, giới thiệu các tính năng như mở rộng RAIDZ, khử trùng lặp nhanh, IO trực tiếp, đầu ra JSON và hỗ trợ tên tệp dài. - Mở rộng RAIDZ đặc biệt đáng chú ý vì nó cho phép người dùng thêm thiết bị mới vào một pool RAIDZ hiện có mà không cần thời gian ngừng hoạt động, tăng cường khả năng lưu trữ. - Bản phát hành này được coi là một bước tiến đáng kể cho người dùng ZFS, được so sánh với các hệ thống tệp khác như Btrfs và Windows Storage Spaces, mặc dù có một số hạn chế như không thể thu nhỏ pool. + +## [Webtop – Các container Alpine, Ubuntu, Fedora và Arch chứa các môi trường desktop đầy đủ](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop cung cấp các container dựa trên Alpine, Ubuntu, Fedora và Arch với các môi trường desktop đầy đủ có thể truy cập thông qua trình duyệt web, hỗ trợ cả kiến trúc x86-64 và arm64. +- Người dùng có thể chọn từ nhiều môi trường desktop khác nhau như XFCE, KDE, MATE, i3, Openbox và IceWM bằng cách sử dụng các thẻ hình ảnh cụ thể, và truy cập Webtop thông qua các URL được chỉ định. +- Những tính năng bảo mật bao gồm tùy chọn seccomp của Docker và thiết lập xác thực, với các tùy chọn tùy chỉnh có sẵn thông qua các biến môi trường, và hỗ trợ tăng tốc GPU với các trình điều khiển mã nguồn mở. + +### [phản ứng](https://news.ycombinator.com/item?id=42690983) + +- Webtop cung cấp các container với môi trường desktop đầy đủ cho Alpine, Ubuntu, Fedora và Arch, phù hợp cho các thiết lập nhanh chóng đằng sau một VPN. +- Người dùng khen ngợi Webtop vì tốc độ và dễ sử dụng, đặc biệt khi sử dụng với container Gluetun để kết nối an toàn, nhưng cảnh báo không nên để lộ các container ra internet mà không có biện pháp bảo mật do thiếu xác thực mặc định. +- Đề án được đánh giá cao vì là mã nguồn mở và linh hoạt, với người dùng chia sẻ các cấu hình, và các lựa chọn thay thế như Kasm và Selkies được ghi nhận cho các mục đích tương tự. + +## [1 trong 5 tin tuyển dụng trực tuyến là giả hoặc không bao giờ được lấp đầy, nghiên cứu cho thấy](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- Một nghiên cứu gần đây chỉ ra rằng 20% các bài đăng tuyển dụng trực tuyến là giả mạo hoặc không được lấp đầy, làm tăng thêm sự thất vọng của người tìm việc. - Xu hướng "công việc ma" này có thể là một chiến thuật của các công ty để tạo ra hình ảnh phát triển. - Các nền tảng việc làm như Greenhouse và LinkedIn đã giới thiệu các dịch vụ xác minh công việc để hỗ trợ người dùng nhận diện các cơ hội việc làm thực sự. + +### [phản ứng](https://news.ycombinator.com/item?id=42697783) + +- Một nghiên cứu tiết lộ rằng 20% các tin tuyển dụng trực tuyến là giả hoặc không được lấp đầy, thường do các công ty cần tuân thủ các chính sách nhập cư của Mỹ. - Các công ty cũng có thể để lại các tin tuyển dụng để tìm ứng viên lý tưởng, thay đổi yêu cầu, hoặc đã có sẵn ứng viên nội bộ được chọn trước. - Thị trường việc làm khó khăn cho các ứng viên, những người thường xuyên gặp phải tình trạng bị bỏ rơi và từ chối tự động, dẫn đến những lời kêu gọi can thiệp quy định. + +## [Biến một giao lộ trở nên không an toàn cho người đi bộ để tiết kiệm vài giây cho người lái xe](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [phản ứng](https://news.ycombinator.com/item?id=42698557) + +- Cuộc tranh luận xoay quanh việc liệu các giao lộ nên ưu tiên an toàn cho người đi bộ hay hiệu quả cho người lái xe, với một số người ủng hộ các giao lộ có đèn điều khiển và lối đi bộ chéo thay vì dừng 4 chiều. +- Ý kiến khác nhau về luật giao thông và thiết kế cơ sở hạ tầng, với các cuộc thảo luận về sự an toàn của việc đi bộ không đúng luật và những rủi ro liên quan đến việc rẽ phải khi đèn đỏ. +- Một số người ủng hộ các giải pháp thay thế như vòng xuyến hoặc áp dụng các tiêu chuẩn kỹ thuật giao thông của Hà Lan để nâng cao cả an toàn và hiệu quả. + +## [PostgreSQL là Hệ quản trị cơ sở dữ liệu của năm 2024](https://db-engines.com/en/blog_post/109) + +- PostgreSQL đã được trao giải DBMS của năm 2024 bởi DB-Engines, đạt được sự công nhận này lần thứ năm, vượt qua 423 hệ thống quản lý cơ sở dữ liệu khác. +- PostgreSQL, với lịch sử kéo dài gần 35 năm, tiếp tục đổi mới, như được thấy trong những cải tiến gần đây của PostgreSQL 17, phát hành vào tháng 9 năm 2024. +- Snowflake và Microsoft lần lượt giành vị trí thứ hai và thứ ba, với Snowflake được ghi nhận nhờ kho dữ liệu dựa trên đám mây và hỗ trợ đa đám mây, trong khi Microsoft cung cấp các cơ sở dữ liệu quan hệ được quản lý mạnh mẽ thông qua Azure SQL Database và SQL Server. + +### [phản ứng](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL đã được trao giải Hệ thống Quản lý Cơ sở Dữ liệu của Năm 2024 bởi db-engines.com, nhấn mạnh sự phổ biến ngày càng tăng và sự công nhận trong ngành. +- Người dùng đang cân nhắc chuyển từ Microsoft SQL Server sang PostgreSQL do chi phí cấp phép cao và hạn chế về tài nguyên, mặc dù có thể gặp phải những thách thức trong quá trình di chuyển. +- PostgreSQL được ưa chuộng nhờ các tính năng mạnh mẽ và hiệu quả về chi phí, khiến nó trở thành lựa chọn ưu tiên cho các dự án trong tương lai, mặc dù một số người dùng tìm kiếm các giải pháp thay thế như Babelfish để giảm chi phí. + +## [Đăng nhập OAuth của Google không bảo vệ chống lại việc mua một tên miền của startup thất bại](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [phản ứng](https://news.ycombinator.com/item?id=42699099) + +- Cuộc thảo luận nêu bật một lỗ hổng trong hệ thống đăng nhập OAuth của Google khi tên miền của một công ty khởi nghiệp thất bại được chủ sở hữu mới mua lại, có thể cho phép truy cập trái phép vào các dịch vụ. +- Vấn đề này phát sinh vì Google có thể không phân biệt giữa chủ sở hữu tên miền gốc và mới, ảnh hưởng đến bất kỳ hệ thống nào sử dụng xác thực dựa trên tên miền. +- Một giải pháp đề xuất là sử dụng các định danh duy nhất không thay đổi theo thời gian, mặc dù việc triển khai giải pháp này khác nhau giữa các nhà cung cấp danh tính. + +## [Kiếm thu nhập thụ động bằng cách sử dụng kỹ năng lập trình](https://www.coryzue.com/writing/solopreneur/) + +- Người tác giả đã chuyển từ vai trò CTO sang làm một doanh nhân độc lập, thành công kiếm được nhiều hơn thông qua một danh mục các sản phẩm phần mềm. +- Những chiến lược chính bao gồm tập trung vào công việc sâu, bắt đầu với các dự án nhỏ, lặp lại nhanh chóng và dành thời gian cho các nỗ lực tiếp thị. +- Chuyến hành trình nhấn mạnh sự kiên cường do những bất định, nhưng làm nổi bật sự tự chủ và tự do vô song của con đường sự nghiệp này, khuyến khích những người có kỹ năng lập trình nên cân nhắc nó để có thu nhập thụ động. + +### [phản ứng](https://news.ycombinator.com/item?id=42696822) + +- Một người dùng đã mô tả việc tạo thu nhập thụ động thông qua các trang web spam SEO bằng cách sử dụng tên miền sắp hết hạn, kiếm được khoảng 30 nghìn đô la hàng năm, mặc dù có những lo ngại về đạo đức và việc Google cuối cùng sẽ trấn áp. +- Đoạn đăng đã gây ra một cuộc tranh luận về thu nhập thụ động, với một số người dùng cho rằng nó giống như điều hành một doanh nghiệp hơn là thu nhập thực sự thụ động. +- Những người tham gia đã chia sẻ kinh nghiệm và thách thức trong các dự án phụ, nhấn mạnh tầm quan trọng của thời gian, sự kiên cường và lập kế hoạch chiến lược. + +## [Tây Ban Nha đề xuất thuế 100% đối với nhà ở được mua bởi cư dân không thuộc EU](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- Tây Ban Nha đang xem xét áp dụng thuế 100% đối với việc mua bất động sản bởi các cư dân không thuộc EU, nhằm giải quyết cuộc khủng hoảng nhà ở và hạn chế việc mua bán mang tính đầu cơ. +- Đề xuất của Thủ tướng Pedro Sánchez bao gồm việc mở rộng nhà ở xã hội và điều chỉnh cho thuê du lịch để giải quyết sự chênh lệch giữa giá nhà và thu nhập. +- Việc đề xuất này trở thành luật trong tương lai là không chắc chắn, với một số nhà phân tích coi nó như một biện pháp ngăn cản các nhà đầu tư nước ngoài hơn là một sự thay đổi lập pháp được đảm bảo. + +### [phản ứng](https://news.ycombinator.com/item?id=42690781) + +- Tây Ban Nha đang xem xét áp dụng thuế 100% đối với các ngôi nhà được mua bởi cư dân ngoài EU để giải quyết vấn đề khả năng chi trả nhà ở. - Những người chỉ trích cho rằng người mua nước ngoài không phải là nguyên nhân chính gây ra giá nhà cao, mà thay vào đó là do thủ tục hành chính chậm chạp và luật quy hoạch. - Đề xuất này đã khơi dậy một cuộc tranh luận về vai trò của quyền sở hữu nước ngoài trong thị trường nhà ở và hiệu quả của nó trong việc giải quyết các vấn đề về khả năng chi trả. + +## [Apple sẽ sớm nhận được chip 'sản xuất tại Mỹ' từ nhà máy của TSMC ở Arizona](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- Apple đang thử nghiệm các bộ vi xử lý từ cơ sở của TSMC tại Arizona, với kế hoạch sản xuất hàng loạt vào quý đầu tiên, có thể trở thành khách hàng đầu tiên của TSMC tại Mỹ cho các chip sản xuất trong nước. - Sáng kiến này nhằm tăng cường sự độc lập về silicon của Mỹ, giảm sự phụ thuộc vào Đài Loan, nơi dễ bị tổn thương trước các rủi ro địa chính trị và thiên nhiên. - Nhà máy của TSMC tại Arizona dự kiến sẽ sản xuất các chip tiên tiến 3nm và 2nm, với nỗ lực liên tục để tăng cường tuyển dụng địa phương và hợp tác với các trường đại học Mỹ, mặc dù việc đóng gói ban đầu sẽ diễn ra tại Đài Loan cho đến khi cơ sở Peoria đi vào hoạt động. + +### [phản ứng](https://news.ycombinator.com/item?id=42699977) + +- Apple sẽ nhận chip từ nhà máy của TSMC ở Arizona, nhưng chúng cần được gửi lại Đài Loan để đóng gói do thiếu cơ sở ở Mỹ. - Hơn 50% lực lượng lao động tại nhà máy Arizona đến từ Đài Loan, cho thấy một khoảng trống trong lĩnh vực STEM (Khoa học, Công nghệ, Kỹ thuật và Toán học) của Mỹ. - Sáng kiến Đạo luật CHIPS, nhằm tăng cường sản xuất chất bán dẫn của Mỹ, đang đối mặt với thách thức khi nhãn "Sản xuất tại Mỹ" bị đặt câu hỏi do quá trình đóng gói diễn ra ở Đài Loan, với kế hoạch cho khả năng đóng gói tại Mỹ vào năm 2027. + +## [43 nghìn tài xế ít hơn trên các con đường ở Manhattan sau khi thu phí tắc nghẽn được kích hoạt](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- Sau khi áp dụng giá cước tắc nghẽn, đã có sự giảm 7,5% số lượng tài xế vào Manhattan dưới phố 60, tương đương với 43.000 tài xế ít hơn mỗi ngày trong tuần. +- Việc giảm lưu lượng giao thông đã cải thiện dòng chảy giao thông và tăng tốc độ xe buýt, với một số xe buýt nhanh có lượng hành khách tăng cao hơn. +- Mặc dù có một số phản đối chính trị, Cơ quan Giao thông Vận tải Đô thị (MTA) sử dụng doanh thu từ phí cầu đường, ước tính khoảng 500 triệu đô la hàng năm, để cải thiện hệ thống giao thông. + +### [phản ứng](https://news.ycombinator.com/item?id=42692730) + +- Việc thực hiện giá cước tắc nghẽn ở Manhattan đã dẫn đến việc giảm 43.000 tài xế, làm tăng tốc độ xe buýt và có thể cải thiện thời gian phản ứng khẩn cấp. +- Chính sách này được thiết kế để giảm tắc nghẽn giao thông và cải thiện chất lượng không khí, mặc dù nó đã gây ra tranh luận về tác động của nó đối với những người có thu nhập thấp hơn. +- Những người ủng hộ lập luận rằng lợi ích bao gồm giao thông công cộng hiệu quả hơn và không khí sạch hơn, trong khi các cuộc thảo luận tiếp tục về việc cân bằng những lợi ích này với nhu cầu của người lái xe. + + + + + + diff --git a/i18n/zh-Hans/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/zh-Hans/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..7511393f8 --- /dev/null +++ b/i18n/zh-Hans/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [“思客安全研究员部署恶意NPM包,目标是cursor.com”](https://sourcecodered.com/snyk-malicious-npm-package/) + +- “一个 Snyk 安全研究员发布了针对 AI 编码公司 Cursor.com 的恶意 NPM 包,以收集系统数据并将其发送到攻击者控制的服务。” +- “这些被标识为“cursor-retrieval”、“cursor-always-local”和“cursor-shadow-workspace”的软件包被OpenSSF软件包分析扫描器标记,导致发布了MAL-2025-27、MAL-2025-28和MAL-2025-29的建议。” +- “此事件突显了在安装之前仔细审查NPM包以避免潜在安全威胁的重要性。” + +### [反应](https://news.ycombinator.com/item?id=42690473) + +- “一个 Snyk 安全研究员发布了针对 cursor.com 的恶意 NPM(Node Package Manager)包,突显了依赖混淆漏洞。- 这一事件引发了关于安全研究伦理的辩论,特别是关于环境变量的公开暴露。- Cursor.com 澄清他们并未授权此行为,Snyk 随后道歉,强调了在平衡攻击性安全研究与伦理标准方面的挑战。” + +## [“我切换到 Firefox 后再也没有回头”](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox因其出色的标签管理、内置的Pocket功能用于保存链接以及注重隐私的电子邮件中继而受到赞誉,使其成为Chrome的强大替代品。- 其他功能如用户友好的截图工具、ChatGPT按钮、画中画、自定义搜索选项和流畅的滚动增强了浏览体验。- 尽管Firefox缺乏Chrome的网络应用功能,但其周到的设计和较低的资源需求使其成为一些用户的首选。 + +### [反应](https://news.ycombinator.com/item?id=42696081) + +- “Firefox用户面临来自YouTube等平台的挑战,这些平台可能故意降低非谷歌浏览器或使用广告拦截器用户的体验。- 这一趋势引发了对用户自主权的担忧,因为它惩罚了那些选择无广告和无监控网络体验的用户。- Firefox提供了独特的功能,如容器标签,增强了隐私和可用性,使其成为寻求独立于大型企业控制浏览器的用户的首选。” + +## [“Sonos首席执行官在应用程序更新风波后辞职”](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [反应](https://news.ycombinator.com/item?id=42687932) + +- “Sonos首席执行官因一项有争议的应用程序更新而辞职,该更新要求用户更换昂贵的音响系统,导致客户不满。- 该更新引入了基于云的系统,放弃了可靠的通用即插即用(UPnP),导致连接问题和复杂性增加。- 这一情况突显了商业策略与维护客户信任之间的冲突,因为首席执行官将过渡到顾问角色,并获得遣散费。” + +## [“在MrBeast的腹中”](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [反应](https://news.ycombinator.com/item?id=42696691) + +- “这篇文章探讨了YouTube的算法如何影响内容创作,以MrBeast为案例研究,强调了一种向以参与度为导向而非有意义内容的转变。- 它讨论了对媒体素养的更广泛影响以及像YouTube和TikTok这样的平台的文化影响,暗示了一种趋向于肤浅和反应性内容的趋势。- 文章考虑了各种观点,探讨了算法在塑造内容中的作用以及流行创作者对文化规范的影响。” + +## [“GitHub Git 操作已中断”](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- “GitHub在2025年1月13日因配置更改影响内部负载均衡器而面临Git操作中断,从23:35持续到00:24(UTC)。- 通过恢复配置更改解决了该问题,GitHub正在努力改进监控和部署流程以防止类似事件。- 此次中断还影响了GitHub的Actions和Pages服务,突显了其平台服务的互联性质。” + +### [反应](https://news.ycombinator.com/item?id=42691184) + +- “GitHub遭遇了一次重大故障,影响了git操作,导致开发者们最初怀疑是他们的SSH密钥或本地配置出现了问题。- 这一事件突显了依赖集中式服务的挑战,引发了关于自托管和去中心化系统优势的讨论。- 尽管问题已得到解决,但它突显了对GitHub可靠性的担忧以及依赖第三方平台处理关键任务的风险。” + +## [“ZFS 2.3发布,支持ZFS raidz扩展”](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- “OpenZFS 2.3.0 已发布,引入了重要功能,如 RAIDZ 扩展、快速重复数据删除、直接输入/输出、JSON 输出和对长文件名的支持。- 此版本包括基本的错误修复和性能增强,兼容 Linux 内核 4.18 - 6.12 和 FreeBSD 版本 13.3, 14.0 - 14.2。- 此更新是由 134 位贡献者共同努力的成果,提供了全面的文档和变更日志供审阅。” + +### [反应](https://news.ycombinator.com/item?id=42694596) + +- “ZFS 2.3 已发布,推出了诸如 RAIDZ 扩展、快速重复数据删除、直接 IO、JSON 输出和对长文件名的支持等功能。- RAIDZ 扩展尤其值得注意,因为它允许用户在不中断的情况下向现有的 RAIDZ 池添加新设备,从而增强存储容量。- 尽管存在一些限制,如无法缩小池,但此次发布被认为是 ZFS 用户的重大进步,与其他文件系统如 Btrfs 和 Windows Storage Spaces 相比备受关注。” + +## [“Webtop – Alpine、Ubuntu、Fedora 和 Arch 容器包含完整的桌面环境”](https://docs.linuxserver.io/images/docker-webtop/) + +- “Linuxserver/webtop 提供基于 Alpine、Ubuntu、Fedora 和 Arch 的容器,这些容器具有可通过网络浏览器访问的完整桌面环境,支持 x86-64 和 arm64 架构。” +- “用户可以通过使用特定的镜像标签,从各种桌面环境中进行选择,如XFCE、KDE、MATE、i3、Openbox和IceWM,并通过指定的URL访问Webtop。” +- “安全功能包括 Docker 的 seccomp 选项和身份验证设置,通过环境变量提供自定义选项,并支持使用开源驱动程序进行 GPU 加速。” + +### [反应](https://news.ycombinator.com/item?id=42690983) + +- “Webtop 提供带有完整桌面环境的容器,适用于 Alpine、Ubuntu、Fedora 和 Arch,适合在 VPN 后快速设置。” +- “用户称赞 Webtop 的速度和易用性,特别是在与 Gluetun 容器一起使用以实现安全连接时,但警告不要在没有安全措施的情况下将容器暴露在互联网上,因为缺乏默认身份验证。” +- “该项目因其开源和灵活性而受到重视,用户可以共享配置,类似的替代方案如 Kasm 和 Selkies 也因类似用途而受到关注。” + +## [“研究发现,五分之一的在线招聘信息要么是假的,要么从未被填补。”](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- “最近的一项研究表明,20%的在线招聘信息要么是假的,要么无人填补,这增加了求职者的挫败感。- 这种“幽灵职位”趋势可能是公司为了展示增长形象而采取的一种策略。- Greenhouse和LinkedIn等招聘平台已经推出了职位验证服务,以帮助用户识别真实的就业机会。” + +### [反应](https://news.ycombinator.com/item?id=42697783) + +- “研究显示,20%的在线招聘信息要么是假的,要么未被填补,这通常是因为公司需要遵守美国移民政策。- 公司也可能会保留招聘信息以寻找理想的候选人、更改要求,或已有预选的内部候选人。- 对于求职者来说,求职市场很困难,他们经常遇到失联和自动拒绝,这促使人们呼吁进行监管干预。” + +## [“为了给司机节省几秒钟而使行人交叉路口变得不安全”](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [反应](https://news.ycombinator.com/item?id=42698557) + +- “辩论的焦点在于十字路口应优先考虑行人安全还是驾驶员效率,一些人倾向于使用灯控十字路口和行人专用过街道而不是四向停车。” +- “关于交通法规和基础设施设计的意见各不相同,其中包括对乱穿马路的安全性以及红灯右转所带来的风险的讨论。” +- “有些人提倡采用替代方案,如环形交叉路口或采用荷兰交通工程标准,以提高安全性和效率。” + +## [PostgreSQL是2024年度数据库管理系统](https://db-engines.com/en/blog_post/109) + +- PostgreSQL被DB-Engines评为2024年度数据库管理系统(DBMS),这是其第五次获得此殊荣,超过了其他423个数据库管理系统。 +- “PostgreSQL 拥有近 35 年的历史,仍在不断创新,这在 2024 年 9 月发布的 PostgreSQL 17 的最新增强功能中得到了体现。” +- “雪花公司和微软分别获得了第二和第三名,雪花公司因其基于云的数据仓库和多云支持而受到关注,而微软则通过 Azure SQL 数据库和 SQL 服务器提供强大的托管关系数据库。” + +### [反应](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL被db-engines.com评为2024年度数据库管理系统,突显其在行业中的日益普及和认可。 +- “用户正在考虑从 Microsoft SQL Server 切换到 PostgreSQL,原因是高昂的许可费用和资源限制,尽管可能面临迁移挑战。” +- “PostgreSQL因其强大的功能和成本效益而受到青睐,使其成为未来项目的首选,尽管一些用户会探索像Babelfish这样的替代方案以降低成本。” + +## [“Google 的 OAuth 登录无法防止购买失败初创公司的域名”](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [反应](https://news.ycombinator.com/item?id=42699099) + +- “讨论指出,当一个失败的初创公司的域名被新所有者收购时,谷歌的OAuth登录系统存在一个漏洞,这可能允许未经授权的访问服务。” +- “此问题的出现是因为谷歌可能无法区分原始域名所有者和新域名所有者,从而影响任何使用基于域名认证的系统。” +- “一个建议的解决方案是使用在时间上保持不变的唯一标识符,尽管这一解决方案的实施在不同的身份提供者之间有所不同。” + +## [“利用编程技能赚取被动收入”](https://www.coryzue.com/writing/solopreneur/) + +- “作者从首席技术官的角色转变为独立创业者,通过一系列软件产品成功赚取了更多收入。” +- “关键策略包括专注于深度工作,从小项目开始,快速迭代,并投入时间进行营销工作。” +- “这段旅程强调了由于不确定性而需要的韧性,但同时突出了这一职业道路无与伦比的自主性和自由,鼓励那些拥有编码技能的人考虑将其作为被动收入的来源。” + +### [反应](https://news.ycombinator.com/item?id=42696822) + +- “有用户描述了通过使用即将过期的域名创建SEO垃圾网站来产生被动收入,尽管存在道德问题和谷歌最终的打击,但每年仍能赚取大约3万美元。” +- “这篇帖子引发了关于被动收入的辩论,一些用户认为这更像是经营一项业务,而不是真正的被动收入。” +- “参与者分享了在副项目中的经验和挑战,强调了时间、韧性和战略规划的重要性。” + +## [西班牙提议对非欧盟居民购买的房屋征收100%税](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- “西班牙正在考虑对非欧盟居民的房地产购买征收100%的税,以解决住房危机并遏制投机性购买。” +- “首相佩德罗·桑切斯的提议包括扩大社会住房和规范旅游租赁,以解决房价与收入之间的差距。” +- “该提案作为法律的未来尚不确定,一些分析人士认为它更像是对外国投资者的威慑,而不是一项有保障的立法变更。” + +### [反应](https://news.ycombinator.com/item?id=42690781) + +- 西班牙正在考虑对非欧盟居民购买的房屋征收100%的税,以解决住房负担能力问题。- 批评者认为,外国买家并不是高房价的主要原因,缓慢的官僚程序和分区法才是更重要的因素。- 这一提议引发了关于外国所有权在住房市场中的作用及其在解决负担能力问题上的有效性的辩论。 + +## [“苹果将很快从台积电的亚利桑那州工厂收到‘美国制造’的芯片。”](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- “苹果正在测试来自台积电亚利桑那工厂的处理器,计划在第一季度实现量产,可能成为台积电首个使用本地制造芯片的美国客户。- 这一举措旨在增强美国的硅独立性,减少对台湾的依赖,因为台湾易受地缘政治和自然风险的影响。- 台积电的亚利桑那工厂计划生产先进的3纳米和2纳米芯片,并正在努力加强本地招聘和与美国大学的合作,尽管封装工作最初将在台湾进行,直到皮奥里亚工厂投入运营。” + +### [反应](https://news.ycombinator.com/item?id=42699977) + +- “苹果将从台积电的亚利桑那工厂接收芯片,但由于美国设施不足,这些芯片需要送回台湾进行封装。- 亚利桑那工厂超过50%的员工来自台湾,这表明美国在STEM(科学、技术、工程和数学)领域存在差距。- 《芯片法案》旨在提升美国半导体制造能力,但由于封装过程在台湾进行,“美国制造”标签受到质疑,计划到2027年在美国建立封装能力。” + +## [“拥堵收费启动后,曼哈顿道路上的司机减少了4.3万人。”](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- “在实施拥堵收费后,进入曼哈顿60街以下地区的司机减少了7.5%,相当于每个工作日减少了43,000名司机。” +- “交通量的减少改善了交通流量并提高了公交车速度,一些快速公交的乘客量有所增加。” +- “尽管存在一些政治反对意见,大都会运输署(MTA)将估计每年5亿美元的收费收入用于交通改善。” + +### [反应](https://news.ycombinator.com/item?id=42692730) + +- “在曼哈顿实施拥堵收费后,司机数量减少了43,000人,这导致公交车速度加快,并可能改善紧急响应时间。” +- “该政策旨在减少交通拥堵并改善空气质量,尽管它引发了关于其对低收入人群影响的争论。” +- “支持者认为,优点包括更高效的公共交通和更清洁的空气,同时关于如何平衡这些优势与司机需求的讨论仍在继续。” + + + + + + diff --git a/i18n/zh-Hant/docusaurus-plugin-content-docs/current/2025/01/14.md b/i18n/zh-Hant/docusaurus-plugin-content-docs/current/2025/01/14.md new file mode 100644 index 000000000..1157d53d3 --- /dev/null +++ b/i18n/zh-Hant/docusaurus-plugin-content-docs/current/2025/01/14.md @@ -0,0 +1,147 @@ +--- +slug: '/2025/01/14' +--- + +# 2025-01-14 + +## [「Snyk 資安研究員部署惡意 NPM 套件以攻擊 cursor.com」](https://sourcecodered.com/snyk-malicious-npm-package/) + +- 「一位 Snyk 的安全研究員發布了針對 AI 編碼公司 Cursor.com 的惡意 NPM 套件,以收集系統數據並將其發送到由攻擊者控制的服務。」 +- 「這些套件被標識為“cursor-retrieval”、“cursor-always-local”和“cursor-shadow-workspace”,並被 OpenSSF 套件分析掃描器標記,導致發出建議 MAL-2025-27、MAL-2025-28 和 MAL-2025-29。」 +- 此事件突顯了在安裝前仔細檢查 NPM 套件以避免潛在安全威脅的重要性。 + +### [評論](https://news.ycombinator.com/item?id=42690473) + +- 「一位 Snyk 的安全研究員發布了針對 cursor.com 的惡意 NPM(Node Package Manager)套件,突顯了依賴混淆漏洞。此事件引發了關於安全研究倫理的辯論,特別是涉及環境變數公開的問題。Cursor.com 澄清他們並未授權此行為,而 Snyk 也已道歉,強調在攻擊性安全研究與倫理標準之間取得平衡的挑戰。」 + +## [「我改用 Firefox 後就再也沒有回頭過」](https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/) + +- Firefox 因其優越的分頁管理、內建的 Pocket 功能用於儲存連結,以及注重隱私的電子郵件中繼功能而受到讚譽,使其成為 Chrome 的強大替代品。- 其他功能如使用者友好的截圖工具、ChatGPT 按鈕、畫中畫、可自訂的搜尋選項和流暢的滾動效果,提升了瀏覽體驗。- 雖然 Firefox 缺乏 Chrome 的網頁應用程式功能,但其周到的設計和較低的資源需求使其成為某些使用者的首選。 + +### [評論](https://news.ycombinator.com/item?id=42696081) + +- 「Firefox 使用者面臨來自 YouTube 等平台的挑戰,這些平台可能故意降低非 Google 瀏覽器或使用廣告攔截器的用戶的體驗。這一趨勢引發了對用戶自主權的擔憂,因為它懲罰了那些選擇無廣告和無監控網路體驗的人。Firefox 提供了獨特的功能,例如容器分頁,這些功能增強了隱私和可用性,使其成為尋求擺脫大型企業控制的瀏覽器的用戶的首選。」 + +## [Sonos 執行長在應用程式更新風波後辭職](https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/) + +### [評論](https://news.ycombinator.com/item?id=42687932) + +- 「Sonos 的執行長在一項具爭議的應用程式更新後辭職,該更新要求用戶更換昂貴的音響系統,導致顧客不滿。- 此次更新引入了一個基於雲端的系統,捨棄了可靠的通用即插即用(UPnP),這導致了連接問題和複雜度增加。- 這種情況突顯了商業策略與維持顧客信任之間的衝突,執行長將轉任顧問角色並獲得遣散費。」 + +## [「在 MrBeast 的肚子裡」](https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast) + +### [評論](https://news.ycombinator.com/item?id=42696691) + +- 這篇文章探討了 YouTube 的演算法如何影響內容創作,並以 MrBeast 作為案例研究,強調了一種從有意義內容轉向以互動為驅動的內容的轉變。- 它討論了對媒體素養的更廣泛影響以及像 YouTube 和 TikTok 這樣的平台對文化的影響,指出了一種趨勢,即內容變得表面化和反應性。- 各種觀點被考慮在內,討論了演算法在塑造內容中的角色以及受歡迎的創作者對文化規範的影響。 + +## [「GitHub Git 操作暫時無法使用」](https://www.githubstatus.com/incidents/qd96yfgvmcf9) + +- 「GitHub 在 2025 年 1 月 13 日因為一項影響內部負載平衡器的配置變更而遭遇 Git 操作中斷,持續時間從 UTC 時間 23:35 到 00:24。- 問題通過恢復配置變更得到解決,GitHub 正在努力改進監控和部署流程以防止類似事件發生。- 此次中斷也影響了 GitHub 的 Actions 和 Pages 服務,突顯了其平台服務的互聯性。」 + +### [評論](https://news.ycombinator.com/item?id=42691184) + +- GitHub 遭遇了一次重大故障,影響了 git 操作,導致開發者感到困惑,最初懷疑是他們的 SSH 金鑰或本地配置出了問題。- 這次事件突顯了依賴集中式服務的挑戰,促使人們討論自我託管和去中心化系統的優勢。- 雖然問題已經解決,但這次事件突顯了對 GitHub 可靠性的擔憂,以及依賴第三方平台進行重要任務的風險。 + +## [「ZFS 2.3 發佈,新增 ZFS raidz 擴展功能」](https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0) + +- 「OpenZFS 2.3.0 已經發布,推出了重要功能,如 RAIDZ 擴展、快速重複資料刪除、直接輸入/輸出、JSON 輸出以及對長檔名的支援。此版本包含了基本的錯誤修正和效能增強,與 Linux 核心 4.18 - 6.12 和 FreeBSD 版本 13.3、14.0 - 14.2 相容。這次更新是由 134 位貢獻者共同努力的成果,並提供了完整的文件和變更記錄供檢閱。」 + +### [評論](https://news.ycombinator.com/item?id=42694596) + +- 「ZFS 2.3 已經發布,推出了 RAIDZ 擴展、快速重複資料刪除、直接 IO、JSON 輸出以及對長檔名的支援等功能。- RAIDZ 擴展尤其值得注意,因為它允許使用者在不需要停機的情況下,將新設備添加到現有的 RAIDZ 磁碟陣列中,從而提升儲存容量。- 此次發布被認為是 ZFS 使用者的一項重大進展,儘管存在一些限制,例如無法縮小磁碟陣列,但仍被拿來與其他檔案系統如 Btrfs 和 Windows Storage Spaces 相提並論。」 + +## [Webtop-包含完整桌面環境的 Alpine、Ubuntu、Fedora 和 Arch 容器](https://docs.linuxserver.io/images/docker-webtop/) + +- Linuxserver/webtop 提供基於 Alpine、Ubuntu、Fedora 和 Arch 的容器,這些容器具有完整的桌面環境,可透過網頁瀏覽器存取,並支援 x86-64 和 arm64 架構。 +- 使用者可以透過特定的映像標籤選擇各種桌面環境,例如 XFCE、KDE、MATE、i3、Openbox 和 IceWM,並透過指定的 URL 存取 Webtop。 +- 安全功能包括 Docker 的 seccomp 選項和身份驗證設置,並可透過環境變數進行自訂,且支援使用開源驅動程式的 GPU 加速。 + +### [評論](https://news.ycombinator.com/item?id=42690983) + +- Webtop 提供包含完整桌面環境的容器,適用於 Alpine、Ubuntu、Fedora 和 Arch,適合在 VPN 後快速設置。 +- 使用者讚揚 Webtop 的速度和易用性,特別是在與 Gluetun 容器搭配使用以確保連線安全時,但警告不要在沒有安全措施的情況下將容器暴露在網際網路上,因為缺乏預設的身份驗證。 +- 「該專案因其開源和靈活性而受到重視,使用者可以分享配置,並且像 Kasm 和 Selkies 這樣的替代方案也因類似用途而受到關注。」 + +## [研究發現,每五個線上職缺中就有一個是假的或從未被填補。](https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706) + +- 「一項最近的研究顯示,20% 的線上職缺要麼是假的,要麼是未填補的,這增加了求職者的挫折感。這種“幽靈職缺”趨勢可能是公司用來展示成長形象的一種策略。像 Greenhouse 和 LinkedIn 這樣的求職平台已經推出了職缺驗證服務,以協助用戶識別真實的工作機會。」 + +### [評論](https://news.ycombinator.com/item?id=42697783) + +- 「一項研究顯示,20% 的線上職缺要麼是假的,要麼未被填補,這通常是因為公司需要遵守美國的移民政策。- 公司也可能會保留職缺以尋找理想的候選人、更改要求,或已經預先選定內部候選人。- 對於求職者來說,求職市場是困難的,他們經常遇到音訊全無和自動拒絕,這引發了對監管干預的呼籲。」 + +## [為了讓駕駛節省幾秒鐘而使行人穿越道變得不安全](https://collegetowns.substack.com/p/making-an-intersection-unsafe-for) + +### [評論](https://news.ycombinator.com/item?id=42698557) + +- 辯論的焦點在於十字路口應優先考慮行人安全還是駕駛效率,有些人偏好使用紅綠燈控制的路口和行人專用交叉道,而非四向停車標誌。 +- 對於交通法規和基礎設施設計的看法各異,討論包括闖紅燈的安全性以及紅燈右轉所帶來的風險。 +- 有些人主張採用替代方案,如圓環或採用荷蘭交通工程標準,以提升安全性和效率。 + +## [PostgreSQL 是 2024 年度的資料庫管理系統](https://db-engines.com/en/blog_post/109) + +- PostgreSQL 獲得了 DB-Engines 頒發的 2024 年度資料庫管理系統獎,這是它第五次獲得此殊榮,超越了其他 423 種資料庫管理系統。 +- PostgreSQL 擁有近 35 年的歷史,持續創新,這在 2024 年 9 月發布的 PostgreSQL 17 的最新增強功能中可見一斑。 +- 「Snowflake 和 Microsoft 分別獲得第二和第三名,Snowflake 因其雲端資料倉儲和多雲支援而受到讚譽,而 Microsoft 則透過 Azure SQL Database 和 SQL Server 提供強大的託管關聯式資料庫。」 + +### [評論](https://news.ycombinator.com/item?id=42696080) + +- PostgreSQL 獲得了 db-engines.com 頒發的 2024 年度資料庫管理系統獎,這突顯了其在業界日益增長的受歡迎程度和認可度。 +- 儘管可能面臨遷移挑戰,使用者正在考慮從 Microsoft SQL Server 轉換到 PostgreSQL,原因是高昂的授權費用和資源限制。 +- PostgreSQL 因其強大的功能和成本效益而受到青睞,使其成為未來專案的首選,儘管有些使用者會探索像 Babelfish 這樣的替代方案以降低成本。 + +## [「Google 的 OAuth 登入無法防止購買失敗的新創公司網域」](https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw) + +### [評論](https://news.ycombinator.com/item?id=42699099) + +- 「討論強調了 Google 的 OAuth 登入系統中的一個漏洞,當一個失敗的初創公司的網域被新擁有者收購時,可能會允許未經授權的服務存取。」 +- 「此問題的產生是因為 Google 可能無法區分原始域名擁有者和新域名擁有者,從而影響任何使用基於域名驗證的系統。」 +- 「一個建議的解決方案是使用隨時間保持不變的唯一識別碼,儘管此解決方案的實施在不同的身份提供者之間有所不同。」 + +## [利用程式設計技能賺取被動收入](https://www.coryzue.com/writing/solopreneur/) + +- 作者從首席技術官的職位轉型為個人創業者,透過一系列軟體產品成功賺取更多收入。 +- 關鍵策略包括專注於深度工作、從小型專案開始、快速迭代,以及投入時間於行銷工作。 +- 這段旅程強調了因不確定性而需要的韌性,但也突顯了這條職業道路無與倫比的自主性和自由,鼓勵擁有程式設計技能的人考慮將其作為被動收入的來源。 + +### [評論](https://news.ycombinator.com/item?id=42696822) + +- 有一位使用者描述了透過 SEO 垃圾網站來產生被動收入的方法,這些網站使用即將到期的網域名稱,儘管存在道德上的顧慮以及 Google 最終的打擊行動,他每年仍能賺取約 3 萬美元。 +- 「這篇文章引發了關於被動收入的辯論,一些使用者認為這更像是經營一門生意,而非真正的被動收入。」 +- 「參與者分享了在副業專案中的經驗和挑戰,強調了時間、韌性和策略規劃的重要性。」 + +## [西班牙提議對非歐盟居民購買的房屋徵收100%稅](https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents) + +- 西班牙正在考慮對非歐盟居民的房地產購買徵收100%的稅,旨在解決住房危機並抑制投機性購買。 +- 首相佩德羅·桑切斯的提議包括擴大社會住宅和規範旅遊租賃,以解決房價與收入之間的差距。 +- 該提案作為法律的未來尚不確定,一些分析師認為它更像是對外國投資者的威懾,而不是一項保證的立法變革。 + +### [評論](https://news.ycombinator.com/item?id=42690781) + +- 西班牙正在考慮對非歐盟居民購買的房屋徵收 100% 的稅,以解決住房負擔能力問題。- 批評者認為,外國買家並不是房價高漲的主要原因,並指出緩慢的官僚程序和分區法規是更重要的因素。- 這項提案引發了關於外國擁有權在住房市場中的角色及其在解決負擔能力問題上的有效性的辯論。 + +## [蘋果即將從台積電位於亞利桑那州的工廠獲得「美國製造」的晶片](https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification) + +- 蘋果正在測試來自台積電亞利桑那廠的處理器,計劃在第一季度開始量產,可能成為台積電首位使用美國本地製造晶片的客戶。此舉旨在加強美國的矽獨立性,減少對台灣的依賴,因為台灣易受地緣政治和自然風險的影響。台積電的亞利桑那廠將生產先進的3奈米和2奈米晶片,並持續努力增強當地的招聘和與美國大學的合作,儘管封裝工作將在台灣進行,直到皮奧里亞設施投入運營。 + +### [評論](https://news.ycombinator.com/item?id=42699977) + +- 蘋果將從台積電的亞利桑那州工廠獲得晶片,但由於美國設施不足,這些晶片需要送回台灣進行封裝。- 亞利桑那州工廠超過50%的勞動力來自台灣,顯示出美國在STEM(科學、技術、工程和數學)領域的差距。- 《晶片法案》計畫旨在增強美國半導體製造能力,但由於封裝過程在台灣進行,導致「美國製造」標籤受到質疑,並計畫在2027年前提升美國的封裝能力。 + +## [在擁擠收費啟用後,曼哈頓道路上的駕駛人數減少了43,000人](https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says) + +- 「在實施擁擠收費後,進入曼哈頓60街以下的駕駛人數減少了7.5%,相當於每個工作日減少了43,000名駕駛。」 +- 交通量的減少改善了交通流量並提高了公車速度,部分快捷公車的乘客量有所增加。 +- 大都會運輸署(MTA)將估計每年5億美元的通行費收入用於交通改善,儘管面臨一些政治反對。 + +### [評論](https://news.ycombinator.com/item?id=42692730) + +- 在曼哈頓實施擁擠收費政策後,駕駛人數減少了43,000人,這導致公車速度加快,並可能改善緊急應變時間。 +- 該政策旨在減少交通擁擠並改善空氣品質,儘管它引發了關於其對低收入者影響的辯論。 +- 支持者認為,這些好處包括更高效的公共交通和更清潔的空氣,同時討論仍在繼續,以平衡這些優勢與駕駛者需求之間的關係。 + + + + + + diff --git a/records/2025-01-14/2025-01-14.ar.json b/records/2025-01-14/2025-01-14.ar.json new file mode 100644 index 000000000..48ae44620 --- /dev/null +++ b/records/2025-01-14/2025-01-14.ar.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "باحث أمني في Snyk ينشر حزم NPM خبيثة تستهدف cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "أصدر باحث أمني من شركة Snyk حزم NPM خبيثة تستهدف موقع Cursor.com، وهي شركة متخصصة في البرمجة بالذكاء الاصطناعي، لجمع بيانات النظام وإرسالها إلى خدمة يتحكم فيها المهاجم.", + "تم تحديد الحزم المسماة \"cursor-retrieval\"، \"cursor-always-local\"، و\"cursor-shadow-workspace\" بواسطة ماسح تحليل الحزم OpenSSF، مما أدى إلى إصدار التحذيرات MAL-2025-27، MAL-2025-28، وMAL-2025-29.", + "تسلط هذه الحادثة الضوء على أهمية فحص حزم NPM قبل التثبيت لتجنب التهديدات الأمنية المحتملة." + ], + "commentSummary": [ + "أصدر باحث أمني من Snyk حزم NPM (مدير حزم Node) خبيثة تستهدف cursor.com، مما يبرز ثغرات الارتباك في الاعتماديات. - أثار الحادث نقاشًا حول أخلاقيات البحث الأمني، خاصة فيما يتعلق بالكشف العلني عن متغيرات البيئة. - أوضحت cursor.com أنها لم تأذن بهذا الإجراء، واعتذرت Snyk منذ ذلك الحين، مما يبرز التحديات في موازنة البحث الأمني الهجومي مع المعايير الأخلاقية." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "لقد انتقلت إلى فايرفوكس ولم أنظر إلى الوراء أبدًا", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "يُشاد بمتصفح فايرفوكس لإدارته الفائقة للتبويبات وميزة Pocket المدمجة لحفظ الروابط وميزة البريد الإلكتروني التي تركز على الخصوصية، مما يجعله بديلاً قوياً لمتصفح كروم. - ميزات إضافية مثل أداة لقطة الشاشة سهلة الاستخدام، زر ChatGPT، وضع الصورة داخل الصورة، خيارات البحث القابلة للتخصيص، والتمرير السلس تعزز تجربة التصفح. - على الرغم من أن فايرفوكس يفتقر إلى ميزة تطبيقات الويب الخاصة بكروم، إلا أن تصميمه المدروس ومتطلباته المنخفضة للموارد تجعله الخيار المفضل لبعض المستخدمين." + ], + "commentSummary": [ + "يواجه مستخدمو فايرفوكس تحديات من منصات مثل يوتيوب، التي قد تقوم عمدًا بتقليل جودة التجربة لمتصفحات غير تابعة لجوجل أو للمستخدمين الذين يستخدمون أدوات حجب الإعلانات. - يثير هذا الاتجاه مخاوف بشأن استقلالية المستخدم، حيث يعاقب أولئك الذين يختارون تجربة ويب خالية من الإعلانات والمراقبة. - يقدم فايرفوكس ميزات فريدة، مثل علامات التبويب الحاوية، التي تعزز الخصوصية وسهولة الاستخدام، مما يجعله خيارًا مفضلًا للمستخدمين الذين يسعون للاستقلال عن المتصفحات التي تسيطر عليها الشركات الكبرى." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "الرئيس التنفيذي لشركة سونوس يتنحى بعد فضيحة تحديث التطبيق", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "استقال الرئيس التنفيذي لشركة سونوس بعد تحديث تطبيق مثير للجدل أجبر المستخدمين على استبدال أنظمة الصوت المكلفة، مما تسبب في استياء العملاء. - قدم التحديث نظامًا قائمًا على السحابة، مبتعدًا عن نظام التوصيل والتشغيل العالمي الموثوق (UPnP)، مما أدى إلى مشاكل في الاتصال وزيادة التعقيد. - يبرز هذا الوضع الصراع بين استراتيجيات الأعمال والحفاظ على ثقة العملاء، حيث ينتقل الرئيس التنفيذي إلى دور استشاري مع حزمة تعويضات." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "في بطن مستر بيست", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "تتناول المقالة كيفية تأثير خوارزمية يوتيوب على إنشاء المحتوى، باستخدام MrBeast كدراسة حالة، مسلطة الضوء على التحول نحو المحتوى الذي يحركه التفاعل بدلاً من المحتوى ذو المعنى. - تناقش الآثار الأوسع على محو الأمية الإعلامية والتأثير الثقافي للمنصات مثل يوتيوب وتيك توك، مشيرة إلى اتجاه نحو المحتوى السطحي والتفاعلي. - يتم النظر في وجهات نظر مختلفة حول دور الخوارزميات في تشكيل المحتوى وتأثير المبدعين المشهورين على المعايير الثقافية." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "عمليات Git على GitHub متوقفة", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "واجهت GitHub انقطاعًا في عمليات Git في 13 يناير 2025 بسبب تغيير في التكوين أثر على موازن التحميل الداخلي، واستمر من الساعة 23:35 حتى 00:24 بالتوقيت العالمي. - تم حل المشكلة عن طريق التراجع عن تغيير التكوين، وتعمل GitHub على تحسين عمليات المراقبة والنشر لمنع حوادث مماثلة. - أثر الانقطاع أيضًا على خدمات Actions وPages في GitHub، مما يبرز الطبيعة المترابطة لخدمات منصتهم." + ], + "commentSummary": [ + "واجه GitHub انقطاعًا كبيرًا أثر على عمليات git، مما أدى إلى ارتباك بين المطورين الذين اشتبهوا في البداية بوجود مشكلات في مفاتيح SSH الخاصة بهم أو تكويناتهم المحلية. - سلط الحادث الضوء على التحديات المرتبطة بالاعتماد على الخدمات المركزية، مما أثار مناقشات حول مزايا الاستضافة الذاتية والأنظمة اللامركزية. - وعلى الرغم من حل المشكلة، إلا أنها أبرزت المخاوف بشأن موثوقية GitHub والمخاطر المرتبطة بالاعتماد على منصات الطرف الثالث للمهام الأساسية." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "تم إصدار ZFS 2.3 مع توسيع ZFS raidz", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "تم إصدار OpenZFS 2.3.0، حيث تم تقديم ميزات هامة مثل توسيع RAIDZ، وإزالة التكرار السريع، والإدخال/الإخراج المباشر، وإخراج JSON، ودعم الأسماء الطويلة للملفات. - يتضمن الإصدار إصلاحات أساسية للأخطاء وتحسينات في الأداء، وهو متوافق مع نوى لينكس من 4.18 إلى 6.12 وإصدارات FreeBSD من 13.3 إلى 14.0 - 14.2. - التحديث هو جهد تعاوني من 134 مساهمًا، مع توفر وثائق شاملة وسجل تغييرات للمراجعة." + ], + "commentSummary": [ + "تم إصدار ZFS 2.3، حيث تم تقديم ميزات مثل توسيع RAIDZ، وإلغاء التكرار السريع، وIO المباشر، وإخراج JSON، ودعم الأسماء الطويلة للملفات. - يُعتبر توسيع RAIDZ ملحوظًا بشكل خاص لأنه يسمح للمستخدمين بإضافة أجهزة جديدة إلى مجموعة RAIDZ موجودة دون توقف، مما يعزز سعة التخزين. - يُعتبر الإصدار تقدمًا كبيرًا لمستخدمي ZFS، حيث يتم مقارنته بأنظمة ملفات أخرى مثل Btrfs وWindows Storage Spaces، على الرغم من بعض القيود مثل عدم القدرة على تقليص المجموعات." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "ويب توب - حاويات ألباين، أوبونتو، فيدورا، وآرتش تحتوي على بيئات سطح مكتب كاملة", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "يوفر Linuxserver/webtop حاويات تعتمد على أنظمة Alpine وUbuntu وFedora وArch مع بيئات سطح مكتب كاملة يمكن الوصول إليها عبر متصفحات الويب، وتدعم كل من معماريات x86-64 وarm64.", + "يمكن للمستخدمين اختيار بيئات سطح المكتب المختلفة مثل XFCE وKDE وMATE وi3 وOpenbox وIceWM باستخدام علامات الصور المحددة، والوصول إلى Webtop عبر عناوين URL المخصصة.", + "تشمل ميزات الأمان خيار seccomp في Docker وإعداد المصادقة، مع توفر خيارات التخصيص من خلال متغيرات البيئة، ودعم تسريع GPU باستخدام برامج تشغيل مفتوحة المصدر." + ], + "commentSummary": [ + "يوفر Webtop حاويات ببيئات سطح مكتب كاملة لأنظمة Alpine وUbuntu وFedora وArch، وهي مناسبة لإعدادات سريعة خلف VPN.", + "يشيد المستخدمون بـ Webtop لسرعته وسهولة استخدامه، خاصة عند استخدامه مع حاوية Gluetun للاتصالات الآمنة، لكنهم يحذرون من تعريض الحاويات للإنترنت دون اتخاذ تدابير أمنية بسبب عدم وجود مصادقة افتراضية.", + "يُقدَّر المشروع لكونه مفتوح المصدر ومرنًا، حيث يشارك المستخدمون التكوينات، وتُلاحظ بدائل مثل Kasm وSelkies لأغراض مشابهة." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "وجدت دراسة أن 1 من كل 5 إعلانات وظائف عبر الإنترنت إما مزيفة أو لم يتم شغلها أبدًا", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "تشير دراسة حديثة إلى أن 20% من إعلانات الوظائف عبر الإنترنت إما زائفة أو تبقى شاغرة، مما يزيد من إحباط الباحثين عن عمل. - قد تكون هذه الظاهرة المعروفة بـ\"الوظائف الشبحية\" تكتيكًا تستخدمه الشركات لإظهار صورة عن النمو. - وقد قدمت منصات التوظيف مثل Greenhouse وLinkedIn خدمات تحقق من الوظائف لمساعدة المستخدمين في التعرف على فرص العمل الحقيقية." + ], + "commentSummary": [ + "تكشف دراسة أن 20% من إعلانات الوظائف عبر الإنترنت إما زائفة أو تبقى شاغرة، غالبًا بسبب حاجة الشركات للامتثال لسياسات الهجرة الأمريكية. - قد تترك الشركات أيضًا إعلانات الوظائف مفتوحة للعثور على المرشحين المثاليين، أو لتغيير المتطلبات، أو لوجود مرشحين داخليين تم اختيارهم مسبقًا. - سوق العمل صعب بالنسبة للمتقدمين، الذين يواجهون بشكل متكرر التجاهل والرفض الآلي، مما يدفع إلى الدعوة لتدخل تنظيمي." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "جعل التقاطع غير آمن للمشاة لتوفير ثوانٍ للسائقين", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "يدور النقاش حول ما إذا كان يجب على التقاطعات أن تعطي الأولوية لسلامة المشاة أو كفاءة السائقين، حيث يفضل البعض التقاطعات التي يتم التحكم فيها بالإشارات الضوئية وعبور المشاة على التوقفات الرباعية.", + "تختلف الآراء حول قوانين المرور وتصميم البنية التحتية، مع مناقشات حول سلامة عبور المشاة في غير الأماكن المخصصة والمخاطر المرتبطة بالانعطاف إلى اليمين عند الإشارة الحمراء.", + "يدعو البعض إلى حلول بديلة مثل الدوارات أو تبني معايير الهندسة المرورية الهولندية لتعزيز كل من السلامة والكفاءة." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL هو نظام إدارة قواعد البيانات لعام 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "تم منح PostgreSQL جائزة نظام إدارة قواعد البيانات لعام 2024 من قبل DB-Engines، محققًا هذا الاعتراف للمرة الخامسة، متفوقًا على 423 نظامًا آخر لإدارة قواعد البيانات.", + "يواصل PostgreSQL الابتكار بعد تاريخ يمتد لأكثر من 35 عامًا، كما يتضح من التحسينات الأخيرة في PostgreSQL 17، الذي تم إصداره في سبتمبر 2024.", + "احتلت Snowflake وMicrosoft المركزين الثاني والثالث على التوالي، حيث تميزت Snowflake بتخزين البيانات السحابي ودعم السحابة المتعددة، بينما تقدم Microsoft قواعد بيانات علائقية مُدارة قوية من خلال Azure SQL Database وSQL Server." + ], + "commentSummary": [ + "تم منح PostgreSQL جائزة نظام إدارة قواعد البيانات لعام 2024 من قبل db-engines.com، مما يبرز شعبيته المتزايدة والاعتراف به في الصناعة.", + "يفكر المستخدمون في الانتقال من Microsoft SQL Server إلى PostgreSQL بسبب التكاليف العالية للتراخيص والقيود على الموارد، على الرغم من التحديات المحتملة في عملية الانتقال.", + "يُفضل PostgreSQL لميزاته القوية وفعاليته من حيث التكلفة، مما يجعله خيارًا مفضلاً للمشاريع المستقبلية، على الرغم من أن بعض المستخدمين يستكشفون بدائل مثل Babelfish لتقليل التكاليف." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "تسجيل الدخول باستخدام OAuth من جوجل لا يحمي من شراء نطاق شركة ناشئة فاشلة", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "تسلط المناقشة الضوء على ثغرة في نظام تسجيل الدخول OAuth الخاص بجوجل عندما يتم الاستحواذ على نطاق شركة ناشئة فاشلة من قبل مالك جديد، مما قد يسمح بالوصول غير المصرح به إلى الخدمات.", + "تنشأ هذه المشكلة لأن جوجل قد لا تميز بين المالكين الأصليين والجدد للنطاق، مما يؤثر على أي نظام يستخدم المصادقة المستندة إلى النطاق.", + "الحل المقترح هو استخدام معرفات فريدة تظل ثابتة مع مرور الوقت، على الرغم من أن تنفيذ هذا الحل يختلف بين مزودي الهوية." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "استخدام مهارات البرمجة لتحقيق دخل سلبي", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "انتقل المؤلف من دور مدير التكنولوجيا التنفيذي إلى العمل كريادي منفرد، ونجح في كسب المزيد من خلال مجموعة من المنتجات البرمجية.", + "تشمل الاستراتيجيات الرئيسية التركيز على العمل العميق، والبدء بمشاريع صغيرة، والتكرار بسرعة، وتخصيص الوقت للجهود التسويقية.", + "تؤكد الرحلة على المرونة بسبب عدم اليقين، لكنها تسلط الضوء على الاستقلالية والحرية التي لا مثيل لها في هذا المسار الوظيفي، مما يشجع أولئك الذين يمتلكون مهارات البرمجة على التفكير فيه كمصدر دخل سلبي." + ], + "commentSummary": [ + "وصف مستخدم كيفية توليد دخل سلبي من خلال مواقع الويب التي تستخدم البريد العشوائي لتحسين محركات البحث باستخدام أسماء النطاقات المنتهية، حيث يكسب حوالي 30 ألف دولار سنويًا، على الرغم من المخاوف الأخلاقية وحملة جوجل النهائية ضد هذه الممارسات.", + "أثار المنشور نقاشًا حول الدخل السلبي، حيث جادل بعض المستخدمين بأنه يشبه إدارة الأعمال أكثر من كونه أرباحًا سلبية حقيقية.", + "شارك المشاركون تجاربهم وتحدياتهم في المشاريع الجانبية، مسلطين الضوء على أهمية الوقت والمرونة والتخطيط الاستراتيجي." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "إسبانيا تقترح ضريبة بنسبة 100% على المنازل التي يشتريها المقيمون من خارج الاتحاد الأوروبي", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "تدرس إسبانيا فرض ضريبة بنسبة 100% على شراء العقارات من قبل المقيمين من خارج الاتحاد الأوروبي، بهدف معالجة أزمة الإسكان والحد من الشراء المضاربي.", + "تشمل اقتراحات رئيس الوزراء بيدرو سانشيز توسيع الإسكان الاجتماعي وتنظيم الإيجارات السياحية لمعالجة التفاوت بين أسعار المساكن والدخول.", + "مستقبل الاقتراح كقانون غير مؤكد، حيث يرى بعض المحللين أنه يشكل رادعًا للمستثمرين الأجانب بدلاً من أن يكون تغييرًا تشريعيًا مضمونًا." + ], + "commentSummary": [ + "تدرس إسبانيا فرض ضريبة بنسبة 100% على المنازل التي يشتريها المقيمون من خارج الاتحاد الأوروبي لمعالجة مشاكل القدرة على تحمل تكاليف السكن. - يشير النقاد إلى أن المشترين الأجانب ليسوا السبب الرئيسي لارتفاع أسعار المساكن، مشيرين إلى البيروقراطية البطيئة وقوانين تقسيم المناطق كعوامل أكثر أهمية. - أثار الاقتراح نقاشًا حول دور الملكية الأجنبية في أسواق الإسكان وفعاليته في حل قضايا القدرة على تحمل التكاليف." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "ستتلقى شركة آبل قريبًا رقائق 'صُنعت في أمريكا' من مصنع TSMC في أريزونا", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "تختبر شركة آبل معالجات من منشأة TSMC في أريزونا، مع خطط للإنتاج الضخم بحلول الربع الأول، مما قد يجعلها أول عميل لـ TSMC في الولايات المتحدة للرقائق المصنعة محليًا. - تهدف هذه المبادرة إلى تعزيز استقلالية السيليكون في الولايات المتحدة، وتقليل الاعتماد على تايوان، التي تعتبر عرضة للمخاطر الجيوسياسية والطبيعية. - من المقرر أن تنتج منشأة TSMC في أريزونا رقائق متقدمة بحجم 3 نانومتر و2 نانومتر، مع جهود مستمرة لتعزيز التوظيف المحلي والشراكات مع الجامعات الأمريكية، على الرغم من أن التغليف سيتم في البداية في تايوان حتى تصبح منشأة بيوريا جاهزة للعمل." + ], + "commentSummary": [ + "ستتلقى شركة آبل رقائق من مصنع TSMC في أريزونا، ولكن يجب إرسالها مرة أخرى إلى تايوان للتغليف بسبب نقص المرافق في الولايات المتحدة. - أكثر من 50% من القوى العاملة في مصنع أريزونا هم من تايوان، مما يشير إلى وجود فجوة في مجال العلوم والتكنولوجيا والهندسة والرياضيات (STEM) في الولايات المتحدة. - تواجه مبادرة قانون الرقائق، التي تهدف إلى تعزيز تصنيع أشباه الموصلات في الولايات المتحدة، تحديات حيث يتم التشكيك في علامة \"صنع في أمريكا\" بسبب عملية التغليف التي تحدث في تايوان، مع خطط لتوفير قدرات تغليف في الولايات المتحدة بحلول عام 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43 ألف سائق أقل على طرق مانهاتن بعد تفعيل تسعير الازدحام", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "بعد تنفيذ تسعير الازدحام، كان هناك انخفاض بنسبة 7.5% في عدد السائقين الذين يدخلون مانهاتن أسفل الشارع الستين، مما يعادل 43,000 سائق أقل كل يوم من أيام الأسبوع.", + "أدى تقليل حركة المرور إلى تحسين تدفق الحركة وزيادة سرعات الحافلات، حيث شهدت بعض الحافلات السريعة زيادة في عدد الركاب.", + "تستخدم هيئة النقل الحضرية (MTA) إيرادات الرسوم، التي تُقدر بحوالي 500 مليون دولار سنويًا، لتحسينات النقل، على الرغم من بعض المعارضة السياسية." + ], + "commentSummary": [ + "أدى تنفيذ تسعير الازدحام في مانهاتن إلى تقليل عدد السائقين بمقدار 43,000، مما أدى إلى زيادة سرعات الحافلات وربما تحسين أوقات استجابة الطوارئ.", + "تم تصميم السياسة لتقليل الازدحام المروري وتحسين جودة الهواء، على الرغم من أنها أثارت جدلاً حول تأثيرها على الأفراد ذوي الدخل المنخفض.", + "يجادل المؤيدون بأن الفوائد تشمل وسائل نقل عام أكثر كفاءة وهواء أنظف، بينما تستمر المناقشات حول موازنة هذه المزايا مع احتياجات السائقين." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.bn.json b/records/2025-01-14/2025-01-14.bn.json new file mode 100644 index 000000000..b6bb69603 --- /dev/null +++ b/records/2025-01-14/2025-01-14.bn.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "স্নাইক নিরাপত্তা গবেষক ক্ষতিকারক এনপিএম প্যাকেজ স্থাপন করেছেন যা কার্সর.কমকে লক্ষ্য করে।", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "একজন Snyk নিরাপত্তা গবেষক Cursor.com, একটি এআই কোডিং কোম্পানিকে লক্ষ্য করে ক্ষতিকারক NPM প্যাকেজ প্রকাশ করেছেন, যা সিস্টেম ডেটা সংগ্রহ করে এবং তা আক্রমণকারী নিয়ন্ত্রিত সার্ভিসে পাঠায়।", + "প্যাকেজগুলি, যা \"cursor-retrieval,\" \"cursor-always-local,\" এবং \"cursor-shadow-workspace\" নামে চিহ্নিত হয়েছে, OpenSSF প্যাকেজ বিশ্লেষণ স্ক্যানার দ্বারা চিহ্নিত হয়েছিল, যার ফলে MAL-2025-27, MAL-2025-28, এবং MAL-2025-29 পরামর্শগুলি জারি করা হয়।", + "এই ঘটনা ইনস্টলেশনের আগে NPM প্যাকেজগুলি পরীক্ষা করার গুরুত্বকে তুলে ধরে যাতে সম্ভাব্য নিরাপত্তা হুমকি এড়ানো যায়।" + ], + "commentSummary": [ + "একজন Snyk নিরাপত্তা গবেষক cursor.com লক্ষ্য করে ক্ষতিকারক NPM (Node Package Manager) প্যাকেজ প্রকাশ করেছেন, যা নির্ভরতা বিভ্রান্তি দুর্বলতাগুলি তুলে ধরেছে। - এই ঘটনা নিরাপত্তা গবেষণার নীতিশাস্ত্র নিয়ে বিতর্ক উস্কে দিয়েছে, বিশেষ করে পরিবেশ ভেরিয়েবলগুলির প্রকাশ্য উন্মোচন সম্পর্কে। - Cursor.com স্পষ্ট করেছে যে তারা এই কাজের অনুমোদন দেয়নি, এবং Snyk পরে ক্ষমা চেয়েছে, আক্রমণাত্মক নিরাপত্তা গবেষণা এবং নৈতিক মানগুলির মধ্যে ভারসাম্য বজায় রাখার চ্যালেঞ্জগুলি তুলে ধরেছে।" + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "আমি ফায়ারফক্সে স্যুইচ করেছি এবং আর কখনও পিছনে ফিরে তাকাইনি", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "ফায়ারফক্স তার উন্নত ট্যাব ব্যবস্থাপনা, লিঙ্ক সংরক্ষণের জন্য বিল্ট-ইন পকেট ফিচার এবং গোপনীয়তা-কেন্দ্রিক ইমেল রিলে জন্য প্রশংসিত হয়, যা এটিকে ক্রোমের একটি শক্তিশালী বিকল্প করে তোলে। - ব্যবহারকারী-বান্ধব স্ক্রিনশট টুল, একটি ChatGPT বোতাম, পিকচার-ইন-পিকচার, কাস্টমাইজযোগ্য অনুসন্ধান বিকল্প এবং মসৃণ স্ক্রলিং এর মতো অতিরিক্ত বৈশিষ্ট্যগুলি ব্রাউজিং অভিজ্ঞতাকে উন্নত করে। - যদিও ফায়ারফক্সের ক্রোমের ওয়েব অ্যাপ ফিচার নেই, এর চিন্তাশীল নকশা এবং কম সম্পদ চাহিদা এটিকে কিছু ব্যবহারকারীর জন্য পছন্দের পছন্দ করে তোলে।" + ], + "commentSummary": [ + "ফায়ারফক্স ব্যবহারকারীরা ইউটিউবের মতো প্ল্যাটফর্ম থেকে চ্যালেঞ্জের সম্মুখীন হন, যা ইচ্ছাকৃতভাবে গুগল-বহির্ভূত ব্রাউজার বা বিজ্ঞাপন ব্লকার ব্যবহারকারীদের জন্য অভিজ্ঞতা খারাপ করতে পারে। - এই প্রবণতা ব্যবহারকারীর স্বায়ত্তশাসন সম্পর্কে উদ্বেগ উত্থাপন করে, কারণ এটি বিজ্ঞাপন-মুক্ত এবং নজরদারি-মুক্ত ওয়েব অভিজ্ঞতা বেছে নেওয়া ব্যক্তিদের শাস্তি দেয়। - ফায়ারফক্স অনন্য বৈশিষ্ট্যগুলি অফার করে, যেমন কন্টেইনার ট্যাব, যা গোপনীয়তা এবং ব্যবহারযোগ্যতা বাড়ায়, এটিকে প্রধান কর্পোরেট-নিয়ন্ত্রিত ব্রাউজার থেকে স্বাধীনতা খুঁজছেন ব্যবহারকারীদের জন্য একটি পছন্দের বিকল্প করে তোলে।" + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "অ্যাপ আপডেট বিপর্যয়ের পর সোনোস সিইও পদত্যাগ করেছেন", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "সোনোসের সিইও একটি বিতর্কিত অ্যাপ আপডেটের পর পদত্যাগ করেছেন যা ব্যবহারকারীদের ব্যয়বহুল সাউন্ড সিস্টেম প্রতিস্থাপন করতে বাধ্য করেছিল, যার ফলে গ্রাহকদের অসন্তোষ সৃষ্টি হয়েছিল। - আপডেটটি একটি ক্লাউড-ভিত্তিক সিস্টেম প্রবর্তন করেছিল, যা নির্ভরযোগ্য ইউনিভার্সাল প্লাগ অ্যান্ড প্লে (UPnP) থেকে দূরে সরে গিয়েছিল, যা সংযোগ সমস্যার সৃষ্টি করেছিল এবং জটিলতা বৃদ্ধি করেছিল। - এই পরিস্থিতি ব্যবসায়িক কৌশল এবং গ্রাহক আস্থা বজায় রাখার মধ্যে দ্বন্দ্বকে তুলে ধরে, কারণ সিইও একটি পরামর্শমূলক ভূমিকায় একটি সেভারেন্স প্যাকেজ সহ স্থানান্তরিত হচ্ছেন।" + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "মিস্টার বিস্টের পেটের মধ্যে", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "প্রবন্ধটি ইউটিউবের অ্যালগরিদম কীভাবে কন্টেন্ট তৈরি প্রভাবিত করে তা পরীক্ষা করে, মিস্টারবিস্টকে একটি কেস স্টাডি হিসেবে ব্যবহার করে, যা অর্থবহ কন্টেন্টের পরিবর্তে সম্পৃক্ততা-চালিত কন্টেন্টের দিকে একটি পরিবর্তনকে তুলে ধরে। - এটি মিডিয়া সাক্ষরতার জন্য বিস্তৃত প্রভাব এবং ইউটিউব ও টিকটকের মতো প্ল্যাটফর্মগুলির সাংস্কৃতিক প্রভাব নিয়ে আলোচনা করে, যা পৃষ্ঠতল এবং প্রতিক্রিয়াশীল কন্টেন্টের দিকে একটি প্রবণতা নির্দেশ করে। - অ্যালগরিদমগুলি কীভাবে কন্টেন্ট গঠন করে এবং জনপ্রিয় নির্মাতারা সাংস্কৃতিক নিয়মগুলিতে কীভাবে প্রভাব ফেলে সে সম্পর্কে বিভিন্ন দৃষ্টিভঙ্গি বিবেচনা করা হয়।" + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "গিটহাব গিট অপারেশনগুলি ডাউন রয়েছে", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "গিটহাব ১৩ জানুয়ারি, ২০২৫ তারিখে একটি গিট অপারেশন আউটেজের সম্মুখীন হয়েছিল, যা অভ্যন্তরীণ লোড ব্যালান্সারে প্রভাবিত একটি কনফিগারেশন পরিবর্তনের কারণে হয়েছিল এবং এটি ২৩:৩৫ থেকে ০০:২৪ ইউটিসি পর্যন্ত স্থায়ী হয়েছিল। - সমস্যাটি কনফিগারেশন পরিবর্তন ফিরিয়ে নিয়ে সমাধান করা হয়েছিল এবং গিটহাব মনিটরিং এবং ডিপ্লয়মেন্ট প্রক্রিয়াগুলি উন্নত করার জন্য কাজ করছে যাতে অনুরূপ ঘটনা প্রতিরোধ করা যায়। - আউটেজটি গিটহাবের অ্যাকশনস এবং পেজেস পরিষেবাগুলিকেও প্রভাবিত করেছিল, যা তাদের প্ল্যাটফর্ম পরিষেবাগুলির আন্তঃসংযুক্ত প্রকৃতিকে তুলে ধরে।" + ], + "commentSummary": [ + "গিটহাব একটি বড় আউটেজের সম্মুখীন হয়েছিল যা গিট অপারেশনগুলিকে প্রভাবিত করেছিল, যার ফলে ডেভেলপারদের মধ্যে বিভ্রান্তি সৃষ্টি হয়েছিল যারা প্রাথমিকভাবে তাদের SSH কী বা স্থানীয় কনফিগারেশনের সমস্যাগুলি সন্দেহ করেছিল। - এই ঘটনা কেন্দ্রীভূত পরিষেবাগুলির উপর নির্ভর করার চ্যালেঞ্জগুলিকে তুলে ধরেছিল, যা স্ব-হোস্টিং এবং বিকেন্দ্রীভূত সিস্টেমের সুবিধাগুলি নিয়ে আলোচনার সূত্রপাত করেছিল। - যদিও সমস্যাটি সমাধান করা হয়েছিল, এটি গিটহাবের নির্ভরযোগ্যতা সম্পর্কে উদ্বেগ এবং প্রয়োজনীয় কাজগুলির জন্য তৃতীয় পক্ষের প্ল্যাটফর্মগুলির উপর নির্ভর করার ঝুঁকিগুলিকে হাইলাইট করেছিল।" + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 মুক্তি পেয়েছে ZFS raidz সম্প্রসারণ সহ", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 প্রকাশিত হয়েছে, যা RAIDZ Expansion, Fast Deduplication, Direct Input/Output, JSON আউটপুট এবং দীর্ঘ ফাইল নামের জন্য সমর্থন সহ উল্লেখযোগ্য বৈশিষ্ট্যগুলি প্রবর্তন করেছে। - এই প্রকাশনায় প্রয়োজনীয় বাগ ফিক্স এবং কর্মক্ষমতা উন্নয়ন অন্তর্ভুক্ত রয়েছে, যা লিনাক্স কার্নেল 4.18 - 6.12 এবং ফ্রিBSD সংস্করণ 13.3, 14.0 - 14.2 এর সাথে সামঞ্জস্যপূর্ণ। - এই আপডেটটি 134 জন অবদানকারীর একটি যৌথ প্রচেষ্টা, যার জন্য বিস্তৃত ডকুমেন্টেশন এবং একটি পরিবর্তন লগ পর্যালোচনার জন্য উপলব্ধ।" + ], + "commentSummary": [ + "ZFS 2.3 প্রকাশিত হয়েছে, যা RAIDZ সম্প্রসারণ, দ্রুত ডিডুপ্লিকেশন, সরাসরি IO, JSON আউটপুট এবং দীর্ঘ ফাইল নামের জন্য সমর্থন সহ বৈশিষ্ট্যগুলি প্রবর্তন করেছে। - RAIDZ সম্প্রসারণ বিশেষভাবে উল্লেখযোগ্য কারণ এটি ব্যবহারকারীদের বিদ্যমান RAIDZ পুলে নতুন ডিভাইস যোগ করার অনুমতি দেয় কোনো ডাউনটাইম ছাড়াই, যা স্টোরেজ ক্ষমতা বাড়ায়। - এই প্রকাশনাটি ZFS ব্যবহারকারীদের জন্য একটি উল্লেখযোগ্য অগ্রগতি হিসাবে বিবেচিত হয়, যা Btrfs এবং Windows Storage Spaces এর মতো অন্যান্য ফাইল সিস্টেমের সাথে তুলনা করে, যদিও পুল সংকুচিত করতে অক্ষমতার মতো কিছু সীমাবদ্ধতা রয়েছে।" + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "ওয়েবটপ – আলপাইন, উবুন্টু, ফেডোরা, এবং আর্চ কন্টেইনারগুলি সম্পূর্ণ ডেস্কটপ পরিবেশ সহ অন্তর্ভুক্ত করে", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop সম্পূর্ণ ডেস্কটপ পরিবেশ সহ কন্টেইনার প্রদান করে যা Alpine, Ubuntu, Fedora, এবং Arch এর উপর ভিত্তি করে তৈরি এবং ওয়েব ব্রাউজারের মাধ্যমে অ্যাক্সেসযোগ্য, যা x86-64 এবং arm64 আর্কিটেকচার উভয়কেই সমর্থন করে।", + "ব্যবহারকারীরা নির্দিষ্ট ইমেজ ট্যাগ ব্যবহার করে XFCE, KDE, MATE, i3, Openbox, এবং IceWM এর মতো বিভিন্ন ডেস্কটপ পরিবেশ থেকে নির্বাচন করতে পারেন এবং নির্দিষ্ট URL এর মাধ্যমে ওয়েবটপে প্রবেশ করতে পারেন।", + "নিরাপত্তা বৈশিষ্ট্যগুলির মধ্যে রয়েছে Docker-এর seccomp অপশন এবং প্রমাণীকরণ সেটআপ, পরিবেশ ভেরিয়েবলের মাধ্যমে কাস্টমাইজেশন বিকল্পগুলি উপলব্ধ, এবং ওপেন-সোর্স ড্রাইভার সহ GPU ত্বরণ সমর্থন।" + ], + "commentSummary": [ + "ওয়েবটপ অ্যালপাইন, উবুন্টু, ফেডোরা এবং আর্চের জন্য সম্পূর্ণ ডেস্কটপ পরিবেশ সহ কন্টেইনার সরবরাহ করে, যা ভিপিএন-এর পিছনে দ্রুত সেটআপের জন্য উপযুক্ত।", + "ব্যবহারকারীরা ওয়েবটপের গতি এবং ব্যবহার সহজতার জন্য প্রশংসা করেন, বিশেষ করে যখন এটি গ্লুটুন কন্টেইনারের সাথে নিরাপদ সংযোগের জন্য ব্যবহার করা হয়, তবে ডিফল্ট প্রমাণীকরণের অভাবে নিরাপত্তা ব্যবস্থা ছাড়া কন্টেইনারগুলোকে ইন্টারনেটে উন্মুক্ত করার বিরুদ্ধে সতর্ক করেন।", + "প্রকল্পটি ওপেন-সোর্স এবং নমনীয় হওয়ার জন্য মূল্যবান, যেখানে ব্যবহারকারীরা কনফিগারেশন শেয়ার করে, এবং কাসম এবং সেলকিসের মতো বিকল্পগুলি একই উদ্দেশ্যে উল্লেখযোগ্য।" + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "অনুসন্ধানে দেখা গেছে, প্রতি ৫টি অনলাইন চাকরির বিজ্ঞাপনের মধ্যে ১টি হয় ভুয়া অথবা কখনো পূরণ হয় না।", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "একটি সাম্প্রতিক গবেষণায় দেখা গেছে যে অনলাইন চাকরির বিজ্ঞাপনগুলির ২০% হয় মিথ্যা বা পূরণ হয় না, যা চাকরি প্রার্থীদের হতাশা বাড়ায়। - এই \"ভূত চাকরি\" প্রবণতা হতে পারে কোম্পানিগুলির জন্য একটি কৌশল তাদের বৃদ্ধির চিত্র প্রদর্শনের জন্য। - গ্রিনহাউস এবং লিঙ্কডইন-এর মতো চাকরি প্ল্যাটফর্মগুলি ব্যবহারকারীদের প্রকৃত চাকরির সুযোগ সনাক্ত করতে সহায়তা করার জন্য চাকরি যাচাইকরণ পরিষেবা চালু করেছে।" + ], + "commentSummary": [ + "একটি গবেষণায় প্রকাশ করা হয়েছে যে অনলাইন চাকরির বিজ্ঞাপনগুলির ২০% হয় ভুয়া বা পূরণ হয় না, প্রায়শই মার্কিন অভিবাসন নীতির সাথে সামঞ্জস্য রাখতে কোম্পানিগুলির প্রয়োজনের কারণে। - কোম্পানিগুলি আদর্শ প্রার্থীদের খুঁজে পেতে, প্রয়োজনীয়তা পরিবর্তন করতে, বা পূর্বনির্ধারিত অভ্যন্তরীণ প্রার্থীদের থাকতে চাকরির বিজ্ঞাপনগুলি রেখে দিতে পারে। - চাকরির বাজার আবেদনকারীদের জন্য কঠিন, যারা প্রায়শই ঘোস্টিং এবং স্বয়ংক্রিয় প্রত্যাখ্যানের সম্মুখীন হয়, যা নিয়ন্ত্রক হস্তক্ষেপের আহ্বান জানায়।" + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "চালকদের সেকেন্ড বাঁচানোর জন্য পথচারীদের জন্য একটি সংযোগস্থলকে অনিরাপদ করা", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "আলোচনাটি কেন্দ্রীভূত হয়েছে যে, চৌরাস্তা গুলোতে পথচারীর নিরাপত্তা অগ্রাধিকার পাবে নাকি চালকের কার্যকারিতা, যেখানে কিছু লোক লাইট-নিয়ন্ত্রিত চৌরাস্তা এবং পথচারী স্ক্র্যাম্বলকে ৪-ওয়ে স্টপের চেয়ে বেশি পছন্দ করে।", + "ট্রাফিক আইন এবং অবকাঠামো নকশা নিয়ে মতামত ভিন্ন হয়, যেখানে জেব্রা ক্রসিংয়ের নিরাপত্তা এবং লাল বাতিতে ডান দিকে মোড় নেওয়ার সাথে সম্পর্কিত ঝুঁকি নিয়ে আলোচনা হয়।", + "কিছু লোক বিকল্প সমাধানের পক্ষে যেমন গোলচত্বর বা ডাচ ট্রাফিক প্রকৌশল মানদণ্ড গ্রহণের পক্ষে যুক্তি দেন যাতে উভয় নিরাপত্তা এবং দক্ষতা বৃদ্ধি পায়।" + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL হল ২০২৪ সালের ডেটাবেস ম্যানেজমেন্ট সিস্টেম অফ দ্য ইয়ার", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL DB-Engines দ্বারা ২০২৪ সালের DBMS অফ দ্য ইয়ার পুরস্কার পেয়েছে, যা ৪২৩টি অন্যান্য ডাটাবেস ম্যানেজমেন্ট সিস্টেমকে অতিক্রম করে পঞ্চমবারের মতো এই স্বীকৃতি অর্জন করেছে।", + "প্রায় ৩৫ বছরের ইতিহাস নিয়ে PostgreSQL এখনও উদ্ভাবন করে চলেছে, যা সেপ্টেম্বর ২০২৪-এ প্রকাশিত PostgreSQL 17-এর সাম্প্রতিক উন্নতিগুলিতে দেখা যায়।", + "স্নোফ্লেক এবং মাইক্রোসফট যথাক্রমে দ্বিতীয় এবং তৃতীয় স্থান অর্জন করেছে, যেখানে স্নোফ্লেক তার ক্লাউড-ভিত্তিক ডেটা ওয়্যারহাউজিং এবং মাল্টি-ক্লাউড সমর্থনের জন্য উল্লেখযোগ্য, অন্যদিকে মাইক্রোসফ্ট অ্যাজুর এসকিউএল ডেটাবেস এবং এসকিউএল সার্ভারের মাধ্যমে শক্তিশালী পরিচালিত রিলেশনাল ডেটাবেস সরবরাহ করে।" + ], + "commentSummary": [ + "PostgreSQL ২০২৪ সালের ডেটাবেস ম্যানেজমেন্ট সিস্টেম অফ দ্য ইয়ার পুরস্কার পেয়েছে db-engines.com থেকে, যা এর ক্রমবর্ধমান জনপ্রিয়তা এবং শিল্পে স্বীকৃতি প্রদর্শন করে।", + "ব্যবহারকারীরা উচ্চ লাইসেন্সিং খরচ এবং সম্পদের সীমাবদ্ধতার কারণে মাইক্রোসফট SQL সার্ভার থেকে PostgreSQL-এ পরিবর্তন করার কথা বিবেচনা করছেন, যদিও সম্ভাব্য মাইগ্রেশন চ্যালেঞ্জ রয়েছে।", + "PostgreSQL তার শক্তিশালী বৈশিষ্ট্য এবং খরচ-সাশ্রয়ী হওয়ার জন্য পছন্দ করা হয়, যা এটিকে ভবিষ্যতের প্রকল্পগুলির জন্য একটি পছন্দের বিকল্প করে তোলে, যদিও কিছু ব্যবহারকারী খরচ কমানোর জন্য Babelfish এর মতো বিকল্পগুলি অন্বেষণ করেন।" + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "গুগলের OAuth লগইন একটি ব্যর্থ স্টার্টআপ ডোমেইন কেনার বিরুদ্ধে সুরক্ষা প্রদান করে না", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "আলোচনাটি গুগলের OAuth লগইন সিস্টেমের একটি দুর্বলতাকে তুলে ধরে যখন একটি ব্যর্থ স্টার্টআপের ডোমেইন নতুন মালিক দ্বারা অধিগ্রহণ করা হয়, যা সম্ভাব্যভাবে অননুমোদিত সেবাগুলিতে প্রবেশের অনুমতি দিতে পারে।", + "এই সমস্যা দেখা দেয় কারণ গুগল হয়তো মূল এবং নতুন ডোমেইন মালিকদের মধ্যে পার্থক্য করতে পারে না, যা ডোমেইন-ভিত্তিক প্রমাণীকরণ ব্যবহার করে এমন যে কোনো সিস্টেমকে প্রভাবিত করতে পারে।", + "একটি প্রস্তাবিত সমাধান হল এমন অনন্য শনাক্তকারী ব্যবহার করা যা সময়ের সাথে সাথে অপরিবর্তিত থাকে, যদিও এই সমাধানের বাস্তবায়ন পরিচয় প্রদানকারীদের মধ্যে ভিন্ন হয়।" + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "কোডিং দক্ষতা ব্যবহার করে প্যাসিভ আয় করা", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "লেখক একজন সিটিও ভূমিকা থেকে একক উদ্যোক্তা হিসেবে রূপান্তরিত হয়েছেন, সফটওয়্যার পণ্যের একটি পোর্টফোলিওর মাধ্যমে সফলভাবে আরও বেশি উপার্জন করছেন।", + "মূল কৌশলগুলির মধ্যে রয়েছে গভীর কাজের উপর মনোযোগ দেওয়া, ছোট প্রকল্প দিয়ে শুরু করা, দ্রুত পুনরাবৃত্তি করা এবং বিপণন প্রচেষ্টার জন্য সময় উৎসর্গ করা।", + "যাত্রাটি অনিশ্চয়তার কারণে স্থিতিস্থাপকতার উপর জোর দেয়, তবে এই ক্যারিয়ার পথের অতুলনীয় স্বায়ত্তশাসন এবং স্বাধীনতাকে তুলে ধরে, কোডিং দক্ষতা সম্পন্ন ব্যক্তিদের এটি প্যাসিভ আয়ের জন্য বিবেচনা করার জন্য উৎসাহিত করে।" + ], + "commentSummary": [ + "একজন ব্যবহারকারী বর্ণনা করেছেন যে কীভাবে তারা SEO স্প্যাম ওয়েবসাইটের মাধ্যমে প্যাসিভ আয় তৈরি করেছেন, যা মেয়াদোত্তীর্ণ ডোমেইন নাম ব্যবহার করে বার্ষিক প্রায় $30k উপার্জন করে, যদিও নৈতিক উদ্বেগ এবং গুগলের শেষ পর্যন্ত দমন করার পরেও।", + "পোস্টটি প্যাসিভ আয়ের উপর একটি বিতর্ক উস্কে দিয়েছে, যেখানে কিছু ব্যবহারকারী যুক্তি দিয়েছেন যে এটি প্রকৃতপক্ষে প্যাসিভ আয়ের চেয়ে ব্যবসা পরিচালনার সাথে বেশি সাদৃশ্যপূর্ণ।", + "অংশগ্রহণকারীরা পার্শ্ব প্রকল্পগুলিতে অভিজ্ঞতা এবং চ্যালেঞ্জগুলি শেয়ার করেছেন, সময়, স্থিতিশীলতা এবং কৌশলগত পরিকল্পনার গুরুত্বকে তুলে ধরে।" + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "স্পেন অ-ইউরোপীয় ইউনিয়নের বাসিন্দাদের দ্বারা কেনা বাড়ির উপর ১০০% কর প্রস্তাব করেছে", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "স্পেন অ-ইউরোপীয় ইউনিয়নের বাসিন্দাদের দ্বারা রিয়েল এস্টেট ক্রয়ের উপর ১০০% কর আরোপের কথা বিবেচনা করছে, যা আবাসন সংকট মোকাবেলা এবং জল্পনামূলক ক্রয় নিয়ন্ত্রণের লক্ষ্যে।", + "প্রধানমন্ত্রী পেদ্রো সানচেজের প্রস্তাবের মধ্যে রয়েছে সামাজিক আবাসন সম্প্রসারণ এবং পর্যটক ভাড়াগুলি নিয়ন্ত্রণ করা, যা আবাসন মূল্য এবং আয়ের মধ্যে বৈষম্য মোকাবেলা করতে সহায়ক হবে।", + "প্রস্তাবটির আইন হিসেবে ভবিষ্যৎ অনিশ্চিত, কিছু বিশ্লেষক এটিকে বিদেশি বিনিয়োগকারীদের জন্য একটি প্রতিবন্ধকতা হিসেবে দেখছেন, নিশ্চিত আইনগত পরিবর্তন হিসেবে নয়।" + ], + "commentSummary": [ + "স্পেন অ-ইউরোপীয় ইউনিয়নের বাসিন্দাদের দ্বারা কেনা বাড়ির উপর ১০০% কর আরোপের কথা বিবেচনা করছে যাতে আবাসন সাশ্রয়ীতা সমস্যার সমাধান করা যায়। - সমালোচকরা বলছেন যে বিদেশী ক্রেতারা উচ্চ আবাসন মূল্যের প্রধান কারণ নয়, বরং ধীর প্রশাসনিক প্রক্রিয়া এবং জোনিং আইনকে আরও গুরুত্বপূর্ণ কারণ হিসেবে উল্লেখ করেছেন। - এই প্রস্তাবটি আবাসন বাজারে বিদেশী মালিকানার ভূমিকা এবং সাশ্রয়ীতা সমস্যার সমাধানে এর কার্যকারিতা নিয়ে বিতর্কের সূচনা করেছে।" + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "অ্যাপল শীঘ্রই TSMC-এর অ্যারিজোনা ফ্যাব থেকে 'মেড ইন আমেরিকা' চিপস পাবে", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "অ্যাপল টিএসএমসি'র অ্যারিজোনা কারখানার প্রসেসর পরীক্ষা করছে, প্রথম ত্রৈমাসিকের মধ্যে ব্যাপক উৎপাদনের পরিকল্পনা নিয়ে, যা স্থানীয়ভাবে উত্পাদিত চিপের জন্য টিএসএমসি'র প্রথম মার্কিন গ্রাহক হতে পারে। - এই উদ্যোগটি মার্কিন সিলিকন স্বাধীনতা বাড়ানোর লক্ষ্যে, তাইওয়ানের উপর নির্ভরতা কমানোর জন্য, যা ভূ-রাজনৈতিক এবং প্রাকৃতিক ঝুঁকির প্রতি সংবেদনশীল। - টিএসএমসি'র অ্যারিজোনা ফ্যাব উন্নত ৩এনএম এবং ২এনএম চিপ উৎপাদন করবে, স্থানীয় নিয়োগ এবং মার্কিন বিশ্ববিদ্যালয়গুলির সাথে অংশীদারিত্ব বাড়ানোর প্রচেষ্টা চলমান রয়েছে, যদিও প্যাকেজিং প্রাথমিকভাবে তাইওয়ানে ঘটবে যতক্ষণ না পিওরিয়া কারখানাটি কার্যকর হয়।" + ], + "commentSummary": [ + "অ্যাপল টিএসএমসি'র অ্যারিজোনা প্ল্যান্ট থেকে চিপ পাবে, কিন্তু সেগুলো প্যাকেজিংয়ের জন্য তাইওয়ানে ফেরত পাঠাতে হবে কারণ যুক্তরাষ্ট্রে পর্যাপ্ত সুবিধা নেই। - অ্যারিজোনা প্ল্যান্টের কর্মশক্তির ৫০% এরও বেশি তাইওয়ান থেকে এসেছে, যা যুক্তরাষ্ট্রের এসটিইএম (বিজ্ঞান, প্রযুক্তি, প্রকৌশল, এবং গণিত) ক্ষেত্রে একটি ফাঁক নির্দেশ করে। - চিপস অ্যাক্ট উদ্যোগ, যা যুক্তরাষ্ট্রের সেমিকন্ডাক্টর উৎপাদন বাড়ানোর লক্ষ্যে কাজ করছে, চ্যালেঞ্জের সম্মুখীন হচ্ছে কারণ \"মেড ইন আমেরিকা\" লেবেলটি প্রশ্নবিদ্ধ হচ্ছে প্যাকেজিং প্রক্রিয়া তাইওয়ানে হওয়ার কারণে, যদিও ২০২৭ সালের মধ্যে যুক্তরাষ্ট্রে প্যাকেজিং সক্ষমতা তৈরির পরিকল্পনা রয়েছে।" + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "কনজেশন প্রাইসিং চালু হওয়ার পর ম্যানহাটনের রাস্তায় ৪৩ হাজার কম গাড়িচালক", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "যখন যানজট মূল্য নির্ধারণ কার্যকর করা হয়েছিল, তখন ৬০তম স্ট্রিটের নিচে ম্যানহাটনে প্রবেশকারী চালকদের সংখ্যা ৭.৫% হ্রাস পেয়েছিল, যা প্রতিদিনের সপ্তাহের দিনে ৪৩,০০০ কম চালকের সমান।", + "যানজট কমে যাওয়ায় ট্রাফিক প্রবাহ উন্নত হয়েছে এবং বাসের গতি বেড়েছে, কিছু এক্সপ্রেস বাসে যাত্রী সংখ্যা বৃদ্ধি পেয়েছে।", + "মেট্রোপলিটন ট্রান্সপোর্টেশন অথরিটি (এমটিএ) কিছু রাজনৈতিক বিরোধিতা সত্ত্বেও ট্রানজিট উন্নতির জন্য টোল রাজস্ব, যা বার্ষিক প্রায় ৫০০ মিলিয়ন ডলার অনুমান করা হয়, ব্যবহার করে।" + ], + "commentSummary": [ + "ম্যানহাটনে যানজট মূল্যায়নের বাস্তবায়নের ফলে ৪৩,০০০ কম চালক হয়েছে, যা বাসের গতি বৃদ্ধি এবং সম্ভাব্যভাবে জরুরি সেবার প্রতিক্রিয়া সময় উন্নত করেছে।", + "নীতিটি যানজট কমানো এবং বায়ুর গুণমান উন্নত করার জন্য তৈরি করা হয়েছে, যদিও এটি নিম্ন আয়ের ব্যক্তিদের উপর এর প্রভাব নিয়ে বিতর্ক সৃষ্টি করেছে।", + "সমর্থকরা যুক্তি দেন যে এর সুবিধাগুলির মধ্যে রয়েছে আরও দক্ষ গণপরিবহন এবং পরিষ্কার বাতাস, যখন এই সুবিধাগুলির সাথে চালকদের প্রয়োজনের ভারসাম্য বজায় রাখার বিষয়ে আলোচনা অব্যাহত রয়েছে।" + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.cs.json b/records/2025-01-14/2025-01-14.cs.json new file mode 100644 index 000000000..129e9674b --- /dev/null +++ b/records/2025-01-14/2025-01-14.cs.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "„Výzkumník bezpečnosti Snyk nasazuje škodlivé balíčky NPM zaměřené na cursor.com“", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "„Bezpečnostní výzkumník ze společnosti Snyk zveřejnil škodlivé balíčky NPM zaměřené na Cursor.com, společnost zabývající se AI kódováním, s cílem shromažďovat systémová data a odesílat je na službu ovládanou útočníkem.“", + "„Balíčky, identifikované jako „cursor-retrieval“, „cursor-always-local“ a „cursor-shadow-workspace“, byly označeny skenerem analýzy balíčků OpenSSF, což vedlo k vydání upozornění MAL-2025-27, MAL-2025-28 a MAL-2025-29.“", + "„Tento incident zdůrazňuje důležitost pečlivého prověřování NPM balíčků před jejich instalací, aby se předešlo možným bezpečnostním hrozbám.“" + ], + "commentSummary": [ + "„Bezpečnostní výzkumník společnosti Snyk zveřejnil škodlivé balíčky NPM (Node Package Manager) zaměřené na cursor.com, čímž poukázal na zranitelnosti způsobené záměnou závislostí. - Incident vyvolal debatu o etice bezpečnostního výzkumu, zejména pokud jde o veřejné odhalení proměnných prostředí. - Cursor.com objasnil, že tuto akci neautorizovali, a Snyk se od té doby omluvil, což zdůrazňuje výzvy při vyvažování ofenzivního bezpečnostního výzkumu s etickými standardy.“" + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "„Přešel jsem na Firefox a nikdy se neohlédl zpět“", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "„Firefox je chválen za svou vynikající správu karet, vestavěnou funkci Pocket pro ukládání odkazů a e-mailový relé zaměřený na ochranu soukromí, což z něj činí silnou alternativu k Chromu. - Další funkce jako uživatelsky přívětivý nástroj pro snímky obrazovky, tlačítko ChatGPT, režim obraz v obraze, přizpůsobitelné možnosti vyhledávání a plynulé rolování zlepšují zážitek z prohlížení. - Ačkoli Firefox postrádá funkci webových aplikací Chromu, jeho promyšlený design a nižší nároky na zdroje z něj činí preferovanou volbu pro některé uživatele.“" + ], + "commentSummary": [ + "„Uživatelé Firefoxu čelí výzvám ze strany platforem jako YouTube, které mohou záměrně zhoršovat zážitek pro prohlížeče mimo Google nebo pro uživatele používající blokátory reklam. Tento trend vyvolává obavy ohledně autonomie uživatelů, protože penalizuje ty, kteří se rozhodnou pro webový zážitek bez reklam a sledování. Firefox nabízí jedinečné funkce, jako jsou kontejnerové karty, které zvyšují soukromí a použitelnost, což z něj činí oblíbenou volbu pro uživatele hledající nezávislost na prohlížečích ovládaných velkými korporacemi.“" + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "„Generální ředitel společnosti Sonos odstupuje po fiasku s aktualizací aplikace“", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Generální ředitel společnosti Sonos rezignoval po kontroverzní aktualizaci aplikace, která vyžadovala, aby uživatelé nahradili drahé zvukové systémy, což způsobilo nespokojenost zákazníků. - Aktualizace zavedla systém založený na cloudu, čímž se odklonila od spolehlivého Universal Plug and Play (UPnP), což vedlo k problémům s konektivitou a zvýšené složitosti. - Tato situace zdůrazňuje konflikt mezi obchodními strategiemi a udržováním důvěry zákazníků, zatímco generální ředitel přechází do poradní role s odstupným balíčkem.“" + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "„V břiše MrBeasta“", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Esej zkoumá, jak algoritmus YouTube ovlivňuje tvorbu obsahu, přičemž jako případovou studii používá MrBeasta, a zdůrazňuje posun směrem k obsahu řízenému zapojením spíše než k smysluplnému obsahu. Diskutuje o širších důsledcích pro mediální gramotnost a kulturní dopad platforem jako YouTube a TikTok, naznačujíc trend směrem k povrchnímu a reakčnímu obsahu. Zvažují se různé perspektivy na roli algoritmů při formování obsahu a vliv populárních tvůrců na kulturní normy.“" + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "„Operace Git na GitHubu jsou mimo provoz“", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "„GitHub čelil výpadku operací Git dne 13. ledna 2025 kvůli změně konfigurace ovlivňující interní vyrovnávač zatížení, který trval od 23:35 do 00:24 UTC. - Problém byl vyřešen vrácením změny konfigurace a GitHub pracuje na zlepšení monitorovacích a nasazovacích procesů, aby se předešlo podobným incidentům. - Výpadek také ovlivnil služby GitHub Actions a Pages, což zdůrazňuje propojenou povahu jejich platformových služeb.“" + ], + "commentSummary": [ + "„GitHub čelil významnému výpadku, který ovlivnil git operace, což vedlo ke zmatku mezi vývojáři, kteří zpočátku podezřívali problémy se svými SSH klíči nebo místními konfiguracemi. - Incident zdůraznil výzvy spojené se spoléháním na centralizované služby, což vyvolalo diskuse o výhodách samostatného hostování a decentralizovaných systémů. - Ačkoli byl problém vyřešen, poukázal na obavy ohledně spolehlivosti GitHubu a rizik spojených se závislostí na platformách třetích stran pro klíčové úkoly.“" + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "„ZFS 2.3 vydán s rozšířením ZFS raidz“", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "„OpenZFS 2.3.0 byl vydán a přináší významné funkce jako rozšíření RAIDZ, rychlou deduplikaci, přímý vstup/výstup, výstup ve formátu JSON a podporu pro dlouhé názvy souborů. - Vydání zahrnuje důležité opravy chyb a vylepšení výkonu, kompatibilní s jádry Linuxu 4.18 - 6.12 a verzemi FreeBSD 13.3, 14.0 - 14.2. - Aktualizace je výsledkem spolupráce 134 přispěvatelů, s dostupnou komplexní dokumentací a seznamem změn k nahlédnutí.“" + ], + "commentSummary": [ + "„ZFS 2.3 byl vydán a přináší funkce jako rozšíření RAIDZ, rychlou deduplikaci, přímý vstup/výstup, výstup ve formátu JSON a podporu pro dlouhé názvy souborů. - Rozšíření RAIDZ je obzvláště pozoruhodné, protože umožňuje uživatelům přidávat nové zařízení do stávajícího RAIDZ poolu bez výpadku, čímž zvyšuje kapacitu úložiště. - Toto vydání je považováno za významný pokrok pro uživatele ZFS, přičemž se srovnává s jinými souborovými systémy jako Btrfs a Windows Storage Spaces, i přes některá omezení, jako je neschopnost zmenšit pooly.“" + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "„Webtop – kontejnery Alpine, Ubuntu, Fedora a Arch obsahující plná desktopová prostředí“", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "„Linuxserver/webtop poskytuje kontejnery založené na Alpine, Ubuntu, Fedora a Arch s plnými desktopovými prostředími přístupnými přes webové prohlížeče, podporujícími jak architektury x86-64, tak arm64.“", + "„Uživatelé si mohou vybrat z různých desktopových prostředí, jako jsou XFCE, KDE, MATE, i3, Openbox a IceWM, pomocí specifických značek obrázků a přistupovat k Webtopu prostřednictvím určených URL.“", + "„Bezpečnostní funkce zahrnují možnost seccomp v Dockeru a nastavení autentizace, s možnostmi přizpůsobení prostřednictvím proměnných prostředí, a podporu pro akceleraci GPU s open-source ovladači.“" + ], + "commentSummary": [ + "„Webtop poskytuje kontejnery s plnými desktopovými prostředími pro Alpine, Ubuntu, Fedora a Arch, vhodné pro rychlé nastavení za VPN.“", + "„Uživatelé chválí Webtop za jeho rychlost a snadnost použití, zejména při použití s kontejnerem Gluetun pro zabezpečené připojení, ale varují před vystavením kontejnerů internetu bez bezpečnostních opatření kvůli absenci výchozí autentizace.“", + "„Projekt je ceněn za to, že je open-source a flexibilní, přičemž uživatelé sdílejí konfigurace, a alternativy jako Kasm a Selkies jsou zmíněny pro podobné účely.“" + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "„1 z 5 online pracovních nabídek je buď falešná, nebo nikdy není obsazena, zjistila studie.“", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "„Nedávná studie naznačuje, že 20 % online pracovních nabídek je buď falešných, nebo zůstává neobsazených, což přispívá k frustraci uchazečů o zaměstnání. - Tento trend „duchovních pracovních míst“ může být taktikou firem, jak projektovat obraz růstu. - Pracovní platformy jako Greenhouse a LinkedIn zavedly služby ověřování pracovních nabídek, aby uživatelům pomohly identifikovat skutečné pracovní příležitosti.“" + ], + "commentSummary": [ + "„Studie odhaluje, že 20 % online pracovních nabídek je buď falešných, nebo zůstává neobsazených, často kvůli potřebě firem dodržovat imigrační politiky USA. - Firmy mohou také ponechat pracovní nabídky aktivní, aby našly ideální kandidáty, změnily požadavky nebo měly předem vybrané interní kandidáty. - Trh práce je pro uchazeče obtížný, často se setkávají s ignorováním a automatickým odmítáním, což vyvolává výzvy k regulačnímu zásahu.“" + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "„Učinit křižovatku nebezpečnou pro chodce, aby se ušetřily sekundy pro řidiče“", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Debata se soustředí na to, zda by křižovatky měly upřednostňovat bezpečnost chodců nebo efektivitu řidičů, přičemž někteří upřednostňují světelně řízené křižovatky a přechody pro chodce před čtyřcestnými zastávkami.“", + "„Názory na dopravní předpisy a návrh infrastruktury se různí, přičemž se diskutuje o bezpečnosti přecházení mimo přechod a rizicích spojených s odbočováním vpravo na červenou.“", + "„Někteří prosazují alternativní řešení, jako jsou kruhové objezdy nebo přijetí nizozemských standardů dopravního inženýrství, aby se zvýšila bezpečnost i efektivita.“" + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "„PostgreSQL je systém pro správu databází roku 2024“", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "„PostgreSQL byl oceněn jako DBMS roku 2024 podle DB-Engines, čímž získal toto uznání popáté a překonal 423 dalších systémů pro správu databází.“", + "„PostgreSQL, s historií sahající téměř 35 let zpět, nadále inovuje, jak je vidět na nedávných vylepšeních PostgreSQL 17, vydaných v září 2024.“", + "„Snowflake a Microsoft si zajistily druhé a třetí místo, přičemž Snowflake je známý pro své cloudové datové sklady a podporu více cloudů, zatímco Microsoft nabízí robustní spravované relační databáze prostřednictvím Azure SQL Database a SQL Server.“" + ], + "commentSummary": [ + "„PostgreSQL byl oceněn jako Systém pro správu databází roku 2024 podle db-engines.com, což zdůrazňuje jeho rostoucí popularitu a uznání v oboru.“", + "„Uživatelé zvažují přechod z Microsoft SQL Server na PostgreSQL kvůli vysokým licenčním nákladům a omezením zdrojů, i přes možné výzvy spojené s migrací.“", + "„PostgreSQL je oblíbený pro své robustní funkce a nákladovou efektivitu, což z něj činí preferovanou volbu pro budoucí projekty, ačkoli někteří uživatelé zkoumají alternativy jako Babelfish ke snížení nákladů.“" + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "„Google OAuth přihlášení nechrání proti nákupu domény zkrachovalého startupu“", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Diskuse poukazuje na zranitelnost v systému přihlašování Google OAuth, když je doména neúspěšného startupu získána novým vlastníkem, což může potenciálně umožnit neoprávněný přístup ke službám.“", + "„Tento problém vzniká, protože Google nemusí rozlišovat mezi původními a novými vlastníky domény, což ovlivňuje jakýkoli systém, který používá autentizaci založenou na doméně.“", + "„Navrhovaným řešením je použití jedinečných identifikátorů, které zůstávají konstantní v průběhu času, ačkoli implementace tohoto řešení se liší mezi poskytovateli identity.“" + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "„Použití programovacích dovedností k vytváření pasivního příjmu“", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "„Autor přešel z role CTO na solopodnikatele a úspěšně vydělává více prostřednictvím portfolia softwarových produktů.“", + "„Klíčové strategie zahrnují zaměření na hlubokou práci, začínání s malými projekty, rychlé iterace a věnování času marketingovým aktivitám.“", + "„Cesta zdůrazňuje odolnost kvůli nejistotám, ale vyzdvihuje jedinečnou autonomii a svobodu této kariérní cesty, čímž povzbuzuje ty, kteří mají dovednosti v programování, aby ji zvážili jako zdroj pasivního příjmu.“" + ], + "commentSummary": [ + "„Uživatel popsal generování pasivního příjmu prostřednictvím SEO spamových webů s využitím expirovaných doménových jmen, přičemž vydělával přibližně 30 tisíc dolarů ročně, navzdory etickým obavám a následnému zásahu ze strany Googlu.“", + "„Příspěvek vyvolal debatu o pasivním příjmu, přičemž někteří uživatelé tvrdili, že je to spíše podobné provozování podnikání než skutečně pasivní výdělky.“", + "„Účastníci sdíleli zkušenosti a výzvy v rámci vedlejších projektů, zdůrazňujíc důležitost času, odolnosti a strategického plánování.“" + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "„Španělsko navrhuje 100% daň na domy koupené rezidenty mimo EU“", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "„Španělsko zvažuje zavedení 100% daně na nákupy nemovitostí osobami, které nejsou rezidenty EU, s cílem řešit krizi bydlení a omezit spekulativní nákupy.“", + "„Návrh premiéra Pedra Sáncheze zahrnuje rozšíření sociálního bydlení a regulaci turistických pronájmů, aby se řešila nerovnováha mezi cenami bydlení a příjmy.“", + "„Budoucnost návrhu jako zákona je nejistá, přičemž někteří analytici jej vnímají spíše jako odstrašující prostředek pro zahraniční investory než jako zaručenou legislativní změnu.“" + ], + "commentSummary": [ + "„Španělsko zvažuje 100% daň na domy zakoupené rezidenty mimo EU, aby řešilo problémy s dostupností bydlení. - Kritici naznačují, že zahraniční kupci nejsou hlavní příčinou vysokých cen bydlení, přičemž jako významnější faktory uvádějí pomalou byrokracii a územní zákony. - Návrh vyvolal debatu o roli zahraničního vlastnictví na trzích s bydlením a jeho účinnosti při řešení problémů s dostupností.“" + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "„Apple brzy obdrží čipy 'vyrobené v Americe' z továrny TSMC v Arizoně“", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "„Apple testuje procesory z arizonského závodu TSMC s plány na hromadnou výrobu v prvním čtvrtletí, což by mohlo z TSMC udělat prvního amerického zákazníka pro lokálně vyráběné čipy. - Tato iniciativa má za cíl posílit americkou nezávislost na křemíku a snížit závislost na Tchaj-wanu, který je zranitelný vůči geopolitickým a přírodním rizikům. - Arizonská továrna TSMC má vyrábět pokročilé 3nm a 2nm čipy, s probíhajícími snahami o posílení místního náboru a partnerství s americkými univerzitami, ačkoli balení bude zpočátku probíhat na Tchaj-wanu, dokud nebude provozuschopné zařízení v Peorii.“" + ], + "commentSummary": [ + "„Apple obdrží čipy z arizonské továrny TSMC, ale ty musí být odeslány zpět na Tchaj-wan k balení kvůli nedostatečným zařízením v USA. - Více než 50 % pracovní síly v arizonské továrně pochází z Tchaj-wanu, což naznačuje mezeru v oblasti STEM (věda, technologie, inženýrství a matematika) v USA. - Iniciativa CHIPS Act, zaměřená na posílení americké výroby polovodičů, čelí výzvám, protože označení „Vyrobeno v Americe“ je zpochybňováno kvůli procesu balení probíhajícímu na Tchaj-wanu, s plány na americké balicí kapacity do roku 2027.“" + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "„O 43 tisíc řidičů méně na silnicích Manhattanu poté, co bylo zavedeno zpoplatnění dopravy.“", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "„Po zavedení poplatků za vjezd do centra došlo k 7,5% snížení počtu řidičů vjíždějících do Manhattanu pod 60. ulicí, což odpovídá 43 000 méně řidičům každý všední den.“", + "„Snížení provozu zlepšilo plynulost dopravy a zvýšilo rychlost autobusů, přičemž některé expresní autobusy zaznamenaly vyšší počet cestujících.“", + "„Metropolitní dopravní úřad (MTA) využívá příjmy z mýtného, které se odhadují na 500 milionů dolarů ročně, na zlepšení dopravy, a to i přes určitou politickou opozici.“" + ], + "commentSummary": [ + "„Zavedení poplatků za vjezd do přeplněných oblastí na Manhattanu vedlo k poklesu počtu řidičů o 43 000, což přispělo ke zvýšení rychlosti autobusů a potenciálně lepším časům reakce záchranných složek.“", + "„Politika je navržena tak, aby snížila dopravní zácpy a zlepšila kvalitu ovzduší, i když vyvolala debatu o jejím dopadu na osoby s nižšími příjmy.“", + "„Zastánci tvrdí, že přínosy zahrnují efektivnější veřejnou dopravu a čistší ovzduší, zatímco diskuse pokračují o vyvážení těchto výhod s potřebami řidičů.“" + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.da.json b/records/2025-01-14/2025-01-14.da.json new file mode 100644 index 000000000..51eca4648 --- /dev/null +++ b/records/2025-01-14/2025-01-14.da.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "En Snyk-sikkerhedsforsker implementerer ondsindede NPM-pakker rettet mod cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "En Snyk-sikkerhedsforsker frigav ondsindede NPM-pakker rettet mod Cursor.com, et AI-kodningsfirma, for at indsamle systemdata og sende dem til en angriberkontrolleret tjeneste.", + "Pakkerne, identificeret som \"cursor-retrieval,\" \"cursor-always-local,\" og \"cursor-shadow-workspace,\" blev markeret af OpenSSF-pakkeanalysescanneren, hvilket resulterede i rådgivninger MAL-2025-27, MAL-2025-28 og MAL-2025-29.", + "Denne hændelse understreger vigtigheden af at undersøge NPM-pakker grundigt inden installation for at undgå potentielle sikkerhedstrusler." + ], + "commentSummary": [ + "En Snyk-sikkerhedsforsker frigav ondsindede NPM (Node Package Manager) pakker rettet mod cursor.com, hvilket fremhævede sårbarheder ved afhængighedsforvirring. - Hændelsen har udløst en debat om etikken i sikkerhedsforskning, især med hensyn til offentlig eksponering af miljøvariabler. - Cursor.com præciserede, at de ikke havde godkendt handlingen, og Snyk har siden undskyldt, hvilket understreger udfordringerne ved at balancere offensiv sikkerhedsforskning med etiske standarder." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "Jeg skiftede til Firefox og har aldrig set mig tilbage", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox bliver rost for sin overlegne fanebladshåndtering, indbyggede Pocket-funktion til at gemme links og en privatlivsfokuseret e-mail-relæ, hvilket gør det til et stærkt alternativ til Chrome. - Yderligere funktioner som et brugervenligt skærmbilledeværktøj, en ChatGPT-knap, Billede-i-billede, tilpasselige søgemuligheder og jævn rullefunktion forbedrer browseroplevelsen. - Selvom Firefox mangler Chromes webapp-funktion, gør dets gennemtænkte design og reducerede ressourcekrav det til et foretrukket valg for nogle brugere." + ], + "commentSummary": [ + "Firefox-brugere står over for udfordringer fra platforme som YouTube, der muligvis bevidst forringer oplevelsen for ikke-Google browsere eller brugere, der anvender annonceblokkere. - Denne tendens vækker bekymring om brugerautonomi, da det straffer dem, der vælger en annoncefri og overvågningsfri weboplevelse. - Firefox tilbyder unikke funktioner, såsom containerfaner, der forbedrer privatliv og brugervenlighed, hvilket gør det til et foretrukket valg for brugere, der søger uafhængighed fra store virksomhedskontrollerede browsere." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Sonos' administrerende direktør træder tilbage efter app-opdateringsfiasko", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Sonos' administrerende direktør har trukket sig efter en kontroversiel app-opdatering, der krævede, at brugerne skulle udskifte dyre lydsystemer, hvilket forårsagede utilfredshed blandt kunderne. - Opdateringen introducerede et cloud-baseret system, der bevægede sig væk fra det pålidelige Universal Plug and Play (UPnP), hvilket førte til forbindelsesproblemer og øget kompleksitet. - Denne situation understreger konflikten mellem forretningsstrategier og opretholdelse af kundetillid, da direktøren overgår til en rådgivende rolle med en fratrædelsespakke." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "I maven på MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Essayet undersøger, hvordan YouTubes algoritme påvirker indholdsskabelse ved at bruge MrBeast som et casestudie, og fremhæver en skift mod engagement-drevet snarere end meningsfuldt indhold. - Det diskuterer de bredere implikationer for mediekompetence og den kulturelle indflydelse af platforme som YouTube og TikTok, og antyder en tendens mod overfladisk og reaktionært indhold. - Forskellige perspektiver overvejes om algoritmers rolle i at forme indhold og indflydelsen af populære skabere på kulturelle normer." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "GitHub Git-operationer er nede", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub oplevede et nedbrud i Git-operationer den 13. januar 2025 på grund af en konfigurationsændring, der påvirkede den interne load balancer, og varede fra 23:35 til 00:24 UTC. - Problemet blev løst ved at tilbageføre konfigurationsændringen, og GitHub arbejder på at forbedre overvågnings- og implementeringsprocesser for at forhindre lignende hændelser. - Nedbruddet påvirkede også GitHubs Actions og Pages-tjenester, hvilket fremhæver den indbyrdes forbundne natur af deres platformtjenester." + ], + "commentSummary": [ + "GitHub oplevede et større nedbrud, der påvirkede git-operationer, hvilket førte til forvirring blandt udviklere, der først mistænkte problemer med deres SSH-nøgler eller lokale konfigurationer. - Hændelsen understregede udfordringerne ved at stole på centraliserede tjenester og fremkaldte diskussioner om fordelene ved selv-hosting og decentrale systemer. - Selvom problemet blev løst, fremhævede det bekymringer om GitHubs pålidelighed og risikoen ved at være afhængig af tredjepartsplatforme til essentielle opgaver." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 udgivet med ZFS raidz-udvidelse", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 er blevet udgivet og introducerer betydelige funktioner som RAIDZ-udvidelse, hurtig deduplikering, direkte input/output, JSON-output og understøttelse af lange filnavne. - Udgivelsen inkluderer væsentlige fejlrettelser og ydeevneforbedringer, kompatibel med Linux-kerner 4.18 - 6.12 og FreeBSD-versioner 13.3, 14.0 - 14.2. - Opdateringen er et samarbejde fra 134 bidragydere, med omfattende dokumentation og en ændringslog tilgængelig for gennemgang." + ], + "commentSummary": [ + "ZFS 2.3 er blevet udgivet og introducerer funktioner som RAIDZ-udvidelse, hurtig deduplikering, direkte IO, JSON-output og understøttelse af lange filnavne. - RAIDZ-udvidelse er særligt bemærkelsesværdig, da det giver brugerne mulighed for at tilføje nye enheder til en eksisterende RAIDZ-pool uden nedetid, hvilket øger lagerkapaciteten. - Udgivelsen betragtes som et betydeligt fremskridt for ZFS-brugere og sammenlignes med andre filsystemer som Btrfs og Windows Storage Spaces, på trods af nogle begrænsninger som manglende evne til at reducere poolstørrelser." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Alpine, Ubuntu, Fedora og Arch containere, der indeholder fulde desktop-miljøer", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop tilbyder containere baseret på Alpine, Ubuntu, Fedora og Arch med fulde skrivebordsmiljøer, der er tilgængelige gennem webbrowsere, og som understøtter både x86-64 og arm64 arkitekturer.", + "Brugere kan vælge mellem forskellige skrivebordsmiljøer som XFCE, KDE, MATE, i3, Openbox og IceWM ved at bruge specifikke billedtags og få adgang til Webtop via angivne URL'er.", + "Security-funktioner inkluderer Dockers seccomp-option og autentificeringsopsætning, med tilpasningsmuligheder tilgængelige gennem miljøvariabler, samt support til GPU-acceleration med open-source drivere." + ], + "commentSummary": [ + "Webtop tilbyder containere med fulde desktop-miljøer til Alpine, Ubuntu, Fedora og Arch, velegnet til hurtige opsætninger bag en VPN.", + "Brugere roser Webtop for dets hastighed og brugervenlighed, især når det bruges med Gluetun-containeren for sikre forbindelser, men advarer mod at eksponere containere for internettet uden sikkerhedsforanstaltninger på grund af manglende standardgodkendelse.", + "Projektet værdsættes for at være open-source og fleksibelt, hvor brugere deler konfigurationer, og alternativer som Kasm og Selkies bemærkes for lignende formål." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 ud af 5 online jobopslag er enten falske eller aldrig besat, viser undersøgelse", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "En nylig undersøgelse viser, at 20% af online jobopslag enten er falske eller forbliver ubesatte, hvilket øger jobsøgendes frustration. - Denne \"spøgelsesjob\"-tendens kan være en taktik for virksomheder til at projicere et billede af vækst. - Jobplatforme som Greenhouse og LinkedIn har introduceret jobverifikationstjenester for at hjælpe brugere med at identificere ægte jobmuligheder." + ], + "commentSummary": [ + "En undersøgelse afslører, at 20% af online jobopslag enten er falske eller forbliver ubesatte, ofte fordi virksomheder skal overholde amerikanske immigrationspolitikker. - Virksomheder kan også lade jobopslag stå for at finde ideelle kandidater, ændre krav eller have forudvalgte interne kandidater. - Arbejdsmarkedet er vanskeligt for ansøgere, der ofte oplever ghosting og automatiske afslag, hvilket har ført til opfordringer til regulerende indgreb." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "At gøre et vejkryds usikkert for fodgængere for at spare sekunder for bilister", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Debatten drejer sig om, hvorvidt kryds skal prioritere fodgængersikkerhed eller førereffektivitet, hvor nogle foretrækker lysregulerede kryds og fodgængerfelter frem for 4-vejs stop.", + "Der er delte meninger om færdselslove og infrastrukturdesign, med diskussioner om sikkerheden ved at krydse vejen uden for fodgængerfeltet og de risici, der er forbundet med højresving for rødt lys.", + "Der er nogle, der går ind for alternative løsninger som rundkørsler eller vedtagelse af hollandske trafikingeniørstandarder for at forbedre både sikkerhed og effektivitet." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL er Årets Databasestyringssystem 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL er blevet tildelt prisen som Årets DBMS 2024 af DB-Engines, og opnår denne anerkendelse for femte gang, idet det overgår 423 andre databasehåndteringssystemer.", + "PostgreSQL, med en historie der strækker sig over næsten 35 år, fortsætter med at innovere, som det ses i de seneste forbedringer af PostgreSQL 17, der blev udgivet i september 2024.", + "Snowflake og Microsoft sikrede sig henholdsvis anden- og tredjepladsen, hvor Snowflake blev bemærket for sin cloud-baserede datawarehousing og multi-cloud support, mens Microsoft tilbyder robuste administrerede relationelle databaser gennem Azure SQL Database og SQL Server." + ], + "commentSummary": [ + "PostgreSQL er blevet tildelt prisen som Årets Database Management System 2024 af db-engines.com, hvilket fremhæver dets voksende popularitet og anerkendelse i branchen.", + "Brugere overvejer at skifte fra Microsoft SQL Server til PostgreSQL på grund af høje licensomkostninger og ressourcebegrænsninger, på trods af potentielle migrationsudfordringer.", + "PostgreSQL foretrækkes for sine robuste funktioner og omkostningseffektivitet, hvilket gør det til et foretrukket valg for fremtidige projekter, selvom nogle brugere udforsker alternativer som Babelfish for at reducere omkostningerne." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Googles OAuth-login beskytter ikke mod køb af et mislykket startup-domæne", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Diskussionen fremhæver en sårbarhed i Googles OAuth-login-system, når et mislykket startups domæne erhverves af en ny ejer, hvilket potentielt tillader uautoriseret adgang til tjenester.", + "Dette problem opstår, fordi Google muligvis ikke skelner mellem de oprindelige og nye domæneejer, hvilket påvirker ethvert system, der bruger domænebaseret autentifikation.", + "En foreslået løsning er at bruge unikke identifikatorer, der forbliver konstante over tid, selvom implementeringen af denne løsning varierer blandt identitetsudbydere." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Brug af kodningsfærdigheder til at skabe passiv indkomst", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "Forfatteren gik fra en CTO-rolle til at blive soloprenør og tjente med succes mere gennem en portefølje af softwareprodukter.", + "Vigtige strategier inkluderer at fokusere på dybt arbejde, starte med små projekter, iterere hurtigt og dedikere tid til markedsføringsindsatser.", + "Rejsen understreger modstandskraft på grund af usikkerheder, men fremhæver den uovertrufne autonomi og frihed ved denne karrierevej, hvilket opmuntrer dem med kodningsfærdigheder til at overveje det som en kilde til passiv indkomst." + ], + "commentSummary": [ + "En bruger beskrev, hvordan de genererede passiv indkomst gennem SEO-spamwebsteder ved at bruge udløbende domænenavne, og tjente cirka $30.000 årligt, på trods af etiske bekymringer og Googles eventuelle nedslag.", + "Opslaget udløste en debat om passiv indkomst, hvor nogle brugere argumenterede for, at det minder mere om at drive en virksomhed end om virkelig passive indtægter.", + "Deltagerne delte erfaringer og udfordringer i sideprojekter og fremhævede vigtigheden af tid, modstandsdygtighed og strategisk planlægning." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Spanien foreslår 100% skat på boliger købt af ikke-EU-borgere", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "Spanien overvejer en 100% skat på ejendomskøb foretaget af ikke-EU-borgere med det formål at tackle boligkrisen og begrænse spekulative køb.", + "Premierminister Pedro Sánchez' forslag omfatter udvidelse af sociale boliger og regulering af turistudlejninger for at tackle forskellen mellem boligpriser og indkomster.", + "Forslagets fremtid som lov er usikker, da nogle analytikere ser det som en afskrækkelse for udenlandske investorer snarere end en garanteret lovgivningsændring." + ], + "commentSummary": [ + "Spanien overvejer en 100% skat på boliger købt af ikke-EU-borgere for at tackle problemer med boligoverkommelighed. - Kritikere foreslår, at udenlandske købere ikke er den primære årsag til de høje boligpriser og peger på langsom bureaukrati og planlovgivning som mere betydelige faktorer. - Forslaget har antændt en debat om udenlandsk ejerskabs rolle på boligmarkederne og dets effektivitet i at løse overkommelighedsproblemer." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple vil snart modtage 'fremstillet i Amerika' chips fra TSMC's fabrik i Arizona", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple tester processorer fra TSMC's facilitet i Arizona med planer om masseproduktion i første kvartal, hvilket potentielt gør dem til TSMC's første amerikanske kunde for lokalt fremstillede chips. - Dette initiativ har til formål at styrke USA's uafhængighed inden for silicium og reducere afhængigheden af Taiwan, som er sårbar over for geopolitiske og naturlige risici. - TSMC's fabrik i Arizona skal producere avancerede 3nm og 2nm chips, med igangværende bestræbelser på at forbedre lokal rekruttering og partnerskaber med amerikanske universiteter, selvom pakning i første omgang vil finde sted i Taiwan, indtil anlægget i Peoria er operationelt." + ], + "commentSummary": [ + "Apple vil modtage chips fra TSMC's fabrik i Arizona, men de skal sendes tilbage til Taiwan for pakning på grund af utilstrækkelige faciliteter i USA. - Over 50% af arbejdsstyrken på fabrikken i Arizona er fra Taiwan, hvilket indikerer en mangel i det amerikanske STEM (Science, Technology, Engineering, and Mathematics) felt. - CHIPS Act-initiativet, der sigter mod at styrke amerikansk halvlederproduktion, står over for udfordringer, da \"Made in America\"-mærket bliver sat spørgsmålstegn ved på grund af pakningsprocessen, der foregår i Taiwan, med planer om amerikanske pakningsmuligheder inden 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43.000 færre bilister på Manhattans veje efter indførelsen af trængselsafgifter", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Efter indførelsen af trængselsafgifter var der en reduktion på 7,5 % i antallet af bilister, der kørte ind i Manhattan under 60th Street, hvilket svarer til 43.000 færre bilister hver hverdag.", + "Reduktionen i trafikken har forbedret trafikflowet og øget bussernes hastigheder, hvor nogle ekspresbusser oplever højere passagertal.", + "Metropolitan Transportation Authority (MTA) bruger indtægterne fra vejafgifter, anslået til 500 millioner dollars årligt, til forbedringer af offentlig transport, på trods af en vis politisk modstand." + ], + "commentSummary": [ + "Implementeringen af trængselsafgifter i Manhattan har resulteret i 43.000 færre bilister, hvilket har ført til øgede busfart og potentielt bedre responstider for nødtjenester.", + "Politikken er designet til at reducere trafikbelastning og forbedre luftkvaliteten, selvom den har udløst debat om dens indvirkning på personer med lavere indkomst.", + "Fortalere hævder, at fordelene inkluderer mere effektiv offentlig transport og renere luft, mens diskussionerne fortsætter om at balancere disse fordele med bilisternes behov." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.de.json b/records/2025-01-14/2025-01-14.de.json new file mode 100644 index 000000000..79656683c --- /dev/null +++ b/records/2025-01-14/2025-01-14.de.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "„Snyk-Sicherheitsforscher setzt bösartige NPM-Pakete ein, die auf cursor.com abzielen.“", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "„Ein Snyk-Sicherheitsforscher veröffentlichte bösartige NPM-Pakete, die auf Cursor.com, ein KI-Coding-Unternehmen, abzielen, um Systemdaten zu sammeln und an einen von Angreifern kontrollierten Dienst zu senden.“", + "„Die Pakete, die als „cursor-retrieval“, „cursor-always-local“ und „cursor-shadow-workspace“ identifiziert wurden, wurden vom OpenSSF-Paketanalysescanner markiert, was zu den Warnungen MAL-2025-27, MAL-2025-28 und MAL-2025-29 führte.“", + "„Dieser Vorfall unterstreicht die Bedeutung der Überprüfung von NPM-Paketen vor der Installation, um potenzielle Sicherheitsbedrohungen zu vermeiden.“" + ], + "commentSummary": [ + "„Ein Snyk-Sicherheitsforscher hat bösartige NPM (Node Package Manager)-Pakete veröffentlicht, die auf cursor.com abzielen und Schwachstellen in der Abhängigkeitsverwirrung aufzeigen. - Der Vorfall hat eine Debatte über die Ethik der Sicherheitsforschung ausgelöst, insbesondere in Bezug auf die öffentliche Offenlegung von Umgebungsvariablen. - Cursor.com stellte klar, dass sie die Aktion nicht autorisiert haben, und Snyk hat sich inzwischen entschuldigt, was die Herausforderungen bei der Balance zwischen offensiver Sicherheitsforschung und ethischen Standards unterstreicht.“" + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "„Ich bin zu Firefox gewechselt und habe nie zurückgeblickt.“", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "„Firefox wird für seine überlegene Tab-Verwaltung, die integrierte Pocket-Funktion zum Speichern von Links und ein datenschutzorientiertes E-Mail-Relay gelobt, was es zu einer starken Alternative zu Chrome macht. - Zusätzliche Funktionen wie ein benutzerfreundliches Screenshot-Tool, ein ChatGPT-Button, Bild-in-Bild, anpassbare Suchoptionen und sanftes Scrollen verbessern das Surferlebnis. - Obwohl Firefox die Web-App-Funktion von Chrome fehlt, machen sein durchdachtes Design und der reduzierte Ressourcenbedarf es für einige Benutzer zur bevorzugten Wahl.“" + ], + "commentSummary": [ + "„Firefox-Nutzer stehen vor Herausforderungen durch Plattformen wie YouTube, die möglicherweise absichtlich das Erlebnis für Nicht-Google-Browser oder Nutzer, die Werbeblocker verwenden, verschlechtern. - Dieser Trend wirft Bedenken hinsichtlich der Nutzerautonomie auf, da er diejenigen bestraft, die sich für ein werbefreies und überwachungsfreies Web-Erlebnis entscheiden. - Firefox bietet einzigartige Funktionen wie Container-Tabs, die die Privatsphäre und Benutzerfreundlichkeit verbessern und es zu einer bevorzugten Wahl für Nutzer machen, die Unabhängigkeit von großen, konzernkontrollierten Browsern suchen.“" + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "„Sonos-CEO tritt nach Debakel mit App-Update zurück“", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Der CEO von Sonos ist nach einem umstrittenen App-Update zurückgetreten, das die Nutzer dazu zwang, teure Soundsysteme zu ersetzen, was zu Unzufriedenheit bei den Kunden führte. - Das Update führte ein cloudbasiertes System ein und entfernte sich vom zuverlässigen Universal Plug and Play (UPnP), was zu Konnektivitätsproblemen und erhöhter Komplexität führte. - Diese Situation unterstreicht den Konflikt zwischen Geschäftsstrategien und der Aufrechterhaltung des Kundenvertrauens, während der CEO in eine beratende Rolle mit einem Abfindungspaket wechselt.“" + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "„Im Bauch des MrBeast“", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Der Aufsatz untersucht, wie der YouTube-Algorithmus die Inhaltserstellung beeinflusst, wobei MrBeast als Fallstudie dient und eine Verschiebung hin zu engagementgetriebenen statt sinnvollen Inhalten hervorgehoben wird. - Es werden die breiteren Auswirkungen auf Medienkompetenz und den kulturellen Einfluss von Plattformen wie YouTube und TikTok diskutiert, wobei ein Trend zu oberflächlichen und reaktionären Inhalten vorgeschlagen wird. - Verschiedene Perspektiven werden in Betracht gezogen, um die Rolle von Algorithmen bei der Gestaltung von Inhalten und den Einfluss populärer Ersteller auf kulturelle Normen zu beleuchten.“" + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "„GitHub-Git-Operationen sind ausgefallen“", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "„GitHub erlebte am 13. Januar 2025 einen Ausfall der Git-Operationen aufgrund einer Konfigurationsänderung, die den internen Load Balancer betraf und von 23:35 bis 00:24 UTC andauerte. - Das Problem wurde durch Rückgängigmachen der Konfigurationsänderung behoben, und GitHub arbeitet daran, die Überwachungs- und Bereitstellungsprozesse zu verbessern, um ähnliche Vorfälle zu verhindern. - Der Ausfall betraf auch die Dienste GitHub Actions und Pages, was die miteinander verbundene Natur ihrer Plattformdienste verdeutlicht.“" + ], + "commentSummary": [ + "„GitHub erlebte einen größeren Ausfall, der git-Operationen beeinträchtigte und zu Verwirrung unter Entwicklern führte, die zunächst Probleme mit ihren SSH-Schlüsseln oder lokalen Konfigurationen vermuteten. - Der Vorfall unterstrich die Herausforderungen, die mit der Abhängigkeit von zentralisierten Diensten einhergehen, und führte zu Diskussionen über die Vorteile von Selbsthosting und dezentralen Systemen. - Obwohl das Problem behoben wurde, machte es Bedenken hinsichtlich der Zuverlässigkeit von GitHub und der Risiken deutlich, die mit der Abhängigkeit von Drittanbieterplattformen für wesentliche Aufgaben verbunden sind.“" + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "„ZFS 2.3 veröffentlicht mit ZFS raidz-Erweiterung“", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "„OpenZFS 2.3.0 wurde veröffentlicht und führt bedeutende Funktionen wie RAIDZ-Erweiterung, schnelle Deduplizierung, direkte Ein-/Ausgabe, JSON-Ausgabe und Unterstützung für lange Dateinamen ein. - Die Veröffentlichung umfasst wesentliche Fehlerbehebungen und Leistungsverbesserungen, die mit Linux-Kernen 4.18 - 6.12 und FreeBSD-Versionen 13.3, 14.0 - 14.2 kompatibel sind. - Das Update ist eine gemeinsame Anstrengung von 134 Mitwirkenden, mit umfassender Dokumentation und einem Änderungsprotokoll zur Überprüfung.“" + ], + "commentSummary": [ + "„ZFS 2.3 wurde veröffentlicht und führt Funktionen wie RAIDZ-Erweiterung, schnelle Deduplizierung, Direct IO, JSON-Ausgabe und Unterstützung für lange Dateinamen ein. - Die RAIDZ-Erweiterung ist besonders bemerkenswert, da sie es Benutzern ermöglicht, neue Geräte zu einem bestehenden RAIDZ-Pool ohne Ausfallzeiten hinzuzufügen, wodurch die Speicherkapazität erhöht wird. - Die Veröffentlichung wird als bedeutender Fortschritt für ZFS-Benutzer angesehen und zieht Vergleiche mit anderen Dateisystemen wie Btrfs und Windows Storage Spaces, trotz einiger Einschränkungen wie der Unfähigkeit, Pools zu verkleinern.“" + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "„Webtop – Alpine-, Ubuntu-, Fedora- und Arch-Container mit vollständigen Desktop-Umgebungen“", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "„Linuxserver/webtop bietet Container basierend auf Alpine, Ubuntu, Fedora und Arch mit vollständigen Desktop-Umgebungen, die über Webbrowser zugänglich sind und sowohl die x86-64- als auch die arm64-Architekturen unterstützen.“", + "„Benutzer können aus verschiedenen Desktop-Umgebungen wie XFCE, KDE, MATE, i3, Openbox und IceWM auswählen, indem sie spezifische Image-Tags verwenden und über festgelegte URLs auf den Webtop zugreifen.“", + "„Sicherheitsfunktionen umfassen die seccomp-Option von Docker und die Einrichtung der Authentifizierung, mit Anpassungsoptionen über Umgebungsvariablen und Unterstützung für GPU-Beschleunigung mit Open-Source-Treibern.“" + ], + "commentSummary": [ + "„Webtop bietet Container mit vollständigen Desktop-Umgebungen für Alpine, Ubuntu, Fedora und Arch, die sich für schnelle Setups hinter einem VPN eignen.“", + "„Benutzer loben Webtop für seine Geschwindigkeit und Benutzerfreundlichkeit, insbesondere in Verbindung mit dem Gluetun-Container für sichere Verbindungen, warnen jedoch davor, Container ohne Sicherheitsmaßnahmen dem Internet auszusetzen, da es an standardmäßiger Authentifizierung fehlt.“", + "„Das Projekt wird für seine Open-Source-Natur und Flexibilität geschätzt, wobei Benutzer Konfigurationen teilen, und Alternativen wie Kasm und Selkies werden für ähnliche Zwecke erwähnt.“" + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "„1 von 5 Online-Stellenanzeigen ist entweder gefälscht oder wird nie besetzt, wie eine Studie herausfand.“", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "„Eine aktuelle Studie zeigt, dass 20 % der Online-Stellenanzeigen entweder gefälscht sind oder unbesetzt bleiben, was die Frustration der Arbeitssuchenden erhöht. - Dieser Trend der „Geisterjobs“ könnte eine Taktik von Unternehmen sein, um ein Wachstumsbild zu projizieren. - Jobplattformen wie Greenhouse und LinkedIn haben Jobverifizierungsdienste eingeführt, um Nutzern bei der Identifizierung echter Jobmöglichkeiten zu helfen.“" + ], + "commentSummary": [ + "„Eine Studie zeigt, dass 20 % der Online-Stellenanzeigen entweder gefälscht sind oder unbesetzt bleiben, oft weil Unternehmen den US-Einwanderungsrichtlinien entsprechen müssen. - Unternehmen lassen Stellenanzeigen möglicherweise auch online, um ideale Kandidaten zu finden, Anforderungen zu ändern oder bereits intern ausgewählte Kandidaten zu haben. - Der Arbeitsmarkt ist für Bewerber schwierig, die häufig auf Ghosting und automatisierte Ablehnungen stoßen, was zu Forderungen nach regulatorischen Eingriffen führt.“" + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "„Eine Kreuzung unsicher für Fußgänger machen, um Fahrern Sekunden zu sparen“", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Die Debatte dreht sich darum, ob Kreuzungen die Sicherheit von Fußgängern oder die Effizienz der Fahrer priorisieren sollten, wobei einige lichtgesteuerte Kreuzungen und Fußgängerüberwege gegenüber 4-Wege-Stoppkreuzungen bevorzugen.“", + "„Die Meinungen über Verkehrsregeln und Infrastrukturdesign gehen auseinander, wobei Diskussionen über die Sicherheit des unerlaubten Überquerens der Straße und die Risiken im Zusammenhang mit Rechtsabbiegen bei Rot geführt werden.“", + "„Einige befürworten alternative Lösungen wie Kreisverkehre oder die Übernahme niederländischer Verkehrstechnikstandards, um sowohl die Sicherheit als auch die Effizienz zu verbessern.“" + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "„PostgreSQL ist das Datenbankverwaltungssystem des Jahres 2024“", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "„PostgreSQL wurde von DB-Engines zum DBMS des Jahres 2024 gekürt und hat diese Auszeichnung zum fünften Mal erhalten, wobei es 423 andere Datenbankmanagementsysteme übertroffen hat.“", + "„PostgreSQL, mit einer Geschichte von fast 35 Jahren, setzt seine Innovationen fort, wie in den jüngsten Verbesserungen von PostgreSQL 17 zu sehen ist, das im September 2024 veröffentlicht wurde.“", + "„Snowflake und Microsoft sicherten sich den zweiten bzw. dritten Platz, wobei Snowflake für seine cloudbasierte Datenlagerung und Multi-Cloud-Unterstützung bekannt ist, während Microsoft über Azure SQL Database und SQL Server robuste verwaltete relationale Datenbanken anbietet.“" + ], + "commentSummary": [ + "„PostgreSQL wurde von db-engines.com als Datenbankverwaltungssystem des Jahres 2024 ausgezeichnet, was seine wachsende Beliebtheit und Anerkennung in der Branche unterstreicht.“", + "„Benutzer ziehen in Betracht, von Microsoft SQL Server zu PostgreSQL zu wechseln, aufgrund hoher Lizenzkosten und Ressourcenbeschränkungen, trotz potenzieller Migrationsherausforderungen.“", + "„PostgreSQL wird aufgrund seiner robusten Funktionen und Kosteneffizienz bevorzugt, was es zu einer bevorzugten Wahl für zukünftige Projekte macht, obwohl einige Benutzer Alternativen wie Babelfish erkunden, um Kosten zu senken.“" + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "„Googles OAuth-Login schützt nicht vor dem Kauf einer gescheiterten Startup-Domain“", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Die Diskussion hebt eine Schwachstelle im OAuth-Anmeldesystem von Google hervor, wenn die Domain eines gescheiterten Startups von einem neuen Eigentümer übernommen wird, was möglicherweise unbefugten Zugriff auf Dienste ermöglicht.“", + "„Dieses Problem tritt auf, weil Google möglicherweise nicht zwischen den ursprünglichen und den neuen Domaininhabern unterscheidet, was sich auf jedes System auswirken kann, das eine domänenbasierte Authentifizierung verwendet.“", + "„Ein vorgeschlagener Lösungsansatz besteht darin, eindeutige Kennungen zu verwenden, die im Laufe der Zeit konstant bleiben, obwohl die Umsetzung dieser Lösung bei verschiedenen Identitätsanbietern variiert.“" + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "„Mit Programmierkenntnissen passives Einkommen erzielen“", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "„Der Autor wechselte von einer CTO-Rolle zu einem Solopreneur und verdiente erfolgreich mehr durch ein Portfolio von Softwareprodukten.“", + "„Zu den wichtigsten Strategien gehören der Fokus auf tiefgehende Arbeit, der Beginn mit kleinen Projekten, schnelles Iterieren und die Widmung von Zeit für Marketingbemühungen.“", + "„Die Reise betont die Widerstandsfähigkeit angesichts von Unsicherheiten, hebt jedoch die unvergleichliche Autonomie und Freiheit dieses Karrierewegs hervor und ermutigt diejenigen mit Programmierkenntnissen, ihn für passives Einkommen in Betracht zu ziehen.“" + ], + "commentSummary": [ + "„Ein Nutzer beschrieb, wie er passives Einkommen durch SEO-Spam-Websites mit ablaufenden Domainnamen generierte und dabei trotz ethischer Bedenken und Googles letztendlichem Durchgreifen etwa 30.000 US-Dollar jährlich verdiente.“", + "„Der Beitrag löste eine Debatte über passives Einkommen aus, wobei einige Nutzer argumentierten, dass es eher dem Betreiben eines Unternehmens ähnelt als wirklich passiven Einnahmen.“", + "„Teilnehmer teilten Erfahrungen und Herausforderungen in Nebenprojekten und hoben die Bedeutung von Zeit, Widerstandsfähigkeit und strategischer Planung hervor.“" + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "„Spanien schlägt 100% Steuer auf von Nicht-EU-Bürgern gekaufte Immobilien vor“", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "„Spanien erwägt eine 100%ige Steuer auf Immobilienkäufe durch Nicht-EU-Bürger, um die Wohnungsnot zu bekämpfen und spekulative Käufe einzudämmen.“", + "„Der Vorschlag von Premierminister Pedro Sánchez umfasst die Ausweitung des sozialen Wohnungsbaus und die Regulierung von Touristenvermietungen, um das Ungleichgewicht zwischen Wohnungspreisen und Einkommen anzugehen.“", + "„Die Zukunft des Vorschlags als Gesetz ist ungewiss, da einige Analysten ihn eher als Abschreckung für ausländische Investoren denn als garantierte gesetzliche Änderung betrachten.“" + ], + "commentSummary": [ + "„Spanien erwägt eine 100%ige Steuer auf von Nicht-EU-Bürgern gekaufte Immobilien, um Probleme mit der Erschwinglichkeit von Wohnraum anzugehen. - Kritiker argumentieren, dass ausländische Käufer nicht die Hauptursache für hohe Immobilienpreise sind und verweisen auf langsame Bürokratie und Zonengesetze als bedeutendere Faktoren. - Der Vorschlag hat eine Debatte über die Rolle des ausländischen Eigentums auf den Wohnungsmärkten und seine Wirksamkeit bei der Lösung von Erschwinglichkeitsproblemen ausgelöst.“" + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "„Apple wird bald 'Made in America'-Chips aus der TSMC-Fabrik in Arizona erhalten.“", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "„Apple testet Prozessoren aus TSMCs Anlage in Arizona und plant die Massenproduktion bis zum ersten Quartal, was TSMC möglicherweise zum ersten US-Kunden für lokal hergestellte Chips machen könnte. - Diese Initiative zielt darauf ab, die Unabhängigkeit der USA im Bereich Silizium zu stärken und die Abhängigkeit von Taiwan zu verringern, das anfällig für geopolitische und natürliche Risiken ist. - TSMCs Fabrik in Arizona soll fortschrittliche 3nm- und 2nm-Chips produzieren, mit laufenden Bemühungen zur Verbesserung der lokalen Rekrutierung und Partnerschaften mit US-Universitäten, obwohl die Verpackung zunächst in Taiwan erfolgen wird, bis die Anlage in Peoria betriebsbereit ist.“" + ], + "commentSummary": [ + "„Apple wird Chips aus TSMCs Werk in Arizona erhalten, aber sie müssen zum Verpacken nach Taiwan zurückgeschickt werden, da es in den USA an ausreichenden Einrichtungen mangelt. - Über 50 % der Belegschaft im Werk in Arizona stammt aus Taiwan, was auf eine Lücke im US-amerikanischen MINT-Bereich (Mathematik, Informatik, Naturwissenschaften und Technik) hinweist. - Die CHIPS-Act-Initiative, die darauf abzielt, die US-Halbleiterproduktion zu stärken, steht vor Herausforderungen, da das Label „Made in America“ aufgrund des Verpackungsprozesses in Taiwan in Frage gestellt wird, mit Plänen für US-Verpackungskapazitäten bis 2027.“" + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "„43.000 weniger Fahrer auf den Straßen Manhattans, nachdem die Staugebühr aktiviert wurde“", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "„Nach der Einführung der Staugebühr gab es einen Rückgang von 7,5 % bei den Fahrern, die unterhalb der 60. Straße nach Manhattan einfahren, was 43.000 weniger Fahrer an jedem Wochentag entspricht.“", + "„Die Verringerung des Verkehrs hat den Verkehrsfluss verbessert und die Busgeschwindigkeiten erhöht, wobei einige Expressbusse eine höhere Fahrgastzahl verzeichnen.“", + "„Die Metropolitan Transportation Authority (MTA) verwendet die Mauterlöse, die auf jährlich 500 Millionen Dollar geschätzt werden, für Verbesserungen im öffentlichen Nahverkehr, trotz einiger politischer Opposition.“" + ], + "commentSummary": [ + "„Die Einführung der Staugebühren in Manhattan hat zu 43.000 weniger Fahrern geführt, was zu höheren Busgeschwindigkeiten und möglicherweise besseren Reaktionszeiten für Notfälle führt.“", + "„Die Richtlinie ist darauf ausgelegt, Verkehrsstaus zu reduzieren und die Luftqualität zu verbessern, obwohl sie eine Debatte über ihre Auswirkungen auf einkommensschwächere Personen ausgelöst hat.“", + "„Befürworter argumentieren, dass die Vorteile effizientere öffentliche Verkehrsmittel und sauberere Luft umfassen, während die Diskussionen darüber fortgesetzt werden, wie diese Vorteile mit den Bedürfnissen der Autofahrer in Einklang gebracht werden können.“" + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.el.json b/records/2025-01-14/2025-01-14.el.json new file mode 100644 index 000000000..c1b118321 --- /dev/null +++ b/records/2025-01-14/2025-01-14.el.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "Ερευνητής ασφαλείας της Snyk αναπτύσσει κακόβουλα πακέτα NPM που στοχεύουν το cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "Ένας ερευνητής ασφαλείας της Snyk κυκλοφόρησε κακόβουλα πακέτα NPM που στοχεύουν την Cursor.com, μια εταιρεία κωδικοποίησης AI, για να συλλέξει δεδομένα συστήματος και να τα στείλει σε μια υπηρεσία που ελέγχεται από επιτιθέμενο.", + "Τα πακέτα, που αναγνωρίστηκαν ως \"cursor-retrieval,\" \"cursor-always-local,\" και \"cursor-shadow-workspace,\" επισημάνθηκαν από τον σαρωτή ανάλυσης πακέτων OpenSSF, με αποτέλεσμα τις συμβουλές MAL-2025-27, MAL-2025-28, και MAL-2025-29.", + "Αυτό το περιστατικό υπογραμμίζει τη σημασία της προσεκτικής εξέτασης των πακέτων NPM πριν από την εγκατάσταση για την αποφυγή πιθανών απειλών ασφαλείας." + ], + "commentSummary": [ + "Ένας ερευνητής ασφαλείας της Snyk κυκλοφόρησε κακόβουλα πακέτα NPM (Node Package Manager) που στοχεύουν το cursor.com, επισημαίνοντας ευπάθειες σύγχυσης εξαρτήσεων. - Το περιστατικό έχει προκαλέσει συζήτηση σχετικά με την ηθική της έρευνας ασφαλείας, ιδιαίτερα όσον αφορά τη δημόσια έκθεση μεταβλητών περιβάλλοντος. - Το Cursor.com διευκρίνισε ότι δεν εξουσιοδότησε την ενέργεια, και η Snyk έχει έκτοτε ζητήσει συγγνώμη, υπογραμμίζοντας τις προκλήσεις στην εξισορρόπηση της επιθετικής έρευνας ασφαλείας με τα ηθικά πρότυπα." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "Άλλαξα σε Firefox και δεν κοίταξα ποτέ πίσω", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Ο Firefox επαινείται για την ανώτερη διαχείριση καρτελών, τη λειτουργία Pocket για αποθήκευση συνδέσμων και την εστιασμένη στην ιδιωτικότητα υπηρεσία αναμετάδοσης email, καθιστώντας τον μια ισχυρή εναλλακτική λύση στο Chrome. - Πρόσθετα χαρακτηριστικά όπως το φιλικό προς τον χρήστη εργαλείο λήψης στιγμιότυπων, το κουμπί ChatGPT, η λειτουργία Picture-in-Picture, οι προσαρμόσιμες επιλογές αναζήτησης και η ομαλή κύλιση βελτιώνουν την εμπειρία περιήγησης. - Αν και ο Firefox στερείται της δυνατότητας web app του Chrome, ο προσεκτικός σχεδιασμός του και οι μειωμένες απαιτήσεις πόρων τον καθιστούν προτιμώμενη επιλογή για ορισμένους χρήστες." + ], + "commentSummary": [ + "Οι χρήστες του Firefox αντιμετωπίζουν προκλήσεις από πλατφόρμες όπως το YouTube, οι οποίες μπορεί να υποβαθμίζουν σκόπιμα την εμπειρία για μη-Google περιηγητές ή χρήστες που χρησιμοποιούν adblockers. - Αυτή η τάση εγείρει ανησυχίες σχετικά με την αυτονομία των χρηστών, καθώς τιμωρεί εκείνους που επιλέγουν μια εμπειρία διαδικτύου χωρίς διαφημίσεις και παρακολούθηση. - Ο Firefox προσφέρει μοναδικά χαρακτηριστικά, όπως οι καρτέλες κοντέινερ, που ενισχύουν την ιδιωτικότητα και τη χρηστικότητα, καθιστώντας τον μια προτιμώμενη επιλογή για χρήστες που αναζητούν ανεξαρτησία από περιηγητές που ελέγχονται από μεγάλες εταιρείες." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Ο Διευθύνων Σύμβουλος της Sonos παραιτείται μετά από το φιάσκο της ενημέρωσης της εφαρμογής", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Ο διευθύνων σύμβουλος της Sonos παραιτήθηκε μετά από μια αμφιλεγόμενη ενημέρωση εφαρμογής που απαιτούσε από τους χρήστες να αντικαταστήσουν ακριβά ηχοσυστήματα, προκαλώντας δυσαρέσκεια στους πελάτες. - Η ενημέρωση εισήγαγε ένα σύστημα βασισμένο στο cloud, απομακρυνόμενο από το αξιόπιστο Universal Plug and Play (UPnP), το οποίο οδήγησε σε προβλήματα συνδεσιμότητας και αυξημένη πολυπλοκότητα. - Αυτή η κατάσταση υπογραμμίζει τη σύγκρουση μεταξύ επιχειρηματικών στρατηγικών και διατήρησης της εμπιστοσύνης των πελατών, καθώς ο διευθύνων σύμβουλος μεταβαίνει σε συμβουλευτικό ρόλο με ένα πακέτο αποζημίωσης." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "Στην κοιλιά του MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Το δοκίμιο εξετάζει πώς ο αλγόριθμος του YouTube επηρεάζει τη δημιουργία περιεχομένου, χρησιμοποιώντας τον MrBeast ως μελέτη περίπτωσης, υπογραμμίζοντας μια μετατόπιση προς το περιεχόμενο που βασίζεται στην αλληλεπίδραση παρά στο ουσιαστικό περιεχόμενο. - Συζητά τις ευρύτερες επιπτώσεις για την παιδεία στα μέσα και τον πολιτιστικό αντίκτυπο πλατφορμών όπως το YouTube και το TikTok, προτείνοντας μια τάση προς επιφανειακό και αντιδραστικό περιεχόμενο. - Εξετάζονται διάφορες προοπτικές για τον ρόλο των αλγορίθμων στη διαμόρφωση περιεχομένου και την επιρροή των δημοφιλών δημιουργών στους πολιτιστικούς κανόνες." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "Οι λειτουργίες Git στο GitHub είναι εκτός λειτουργίας", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "Η GitHub αντιμετώπισε διακοπή λειτουργίας των Git operations στις 13 Ιανουαρίου 2025, λόγω αλλαγής διαμόρφωσης που επηρέασε τον εσωτερικό εξισορροπιστή φορτίου, διαρκώντας από τις 23:35 έως τις 00:24 UTC. - Το πρόβλημα επιλύθηκε με την επαναφορά της αλλαγής διαμόρφωσης, και η GitHub εργάζεται για τη βελτίωση των διαδικασιών παρακολούθησης και ανάπτυξης για την αποτροπή παρόμοιων περιστατικών. - Η διακοπή επηρέασε επίσης τις υπηρεσίες Actions και Pages της GitHub, υπογραμμίζοντας τη διασυνδεδεμένη φύση των υπηρεσιών της πλατφόρμας τους." + ], + "commentSummary": [ + "Το GitHub αντιμετώπισε μια σημαντική διακοπή που επηρέασε τις λειτουργίες git, προκαλώντας σύγχυση μεταξύ των προγραμματιστών που αρχικά υποψιάστηκαν προβλήματα με τα SSH κλειδιά τους ή τις τοπικές ρυθμίσεις τους. - Το περιστατικό υπογράμμισε τις προκλήσεις της εξάρτησης από κεντρικές υπηρεσίες, προκαλώντας συζητήσεις για τα πλεονεκτήματα της αυτο-φιλοξενίας και των αποκεντρωμένων συστημάτων. - Αν και το πρόβλημα επιλύθηκε, ανέδειξε ανησυχίες σχετικά με την αξιοπιστία του GitHub και τους κινδύνους της εξάρτησης από πλατφόρμες τρίτων για βασικές εργασίες." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "Κυκλοφόρησε το ZFS 2.3 με επέκταση ZFS raidz", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "Η έκδοση OpenZFS 2.3.0 έχει κυκλοφορήσει, εισάγοντας σημαντικά χαρακτηριστικά όπως την επέκταση RAIDZ, την ταχεία αποαναπαραγωγή, την άμεση είσοδο/έξοδο, την έξοδο JSON και την υποστήριξη για μακρά ονόματα αρχείων. - Η έκδοση περιλαμβάνει βασικές διορθώσεις σφαλμάτων και βελτιώσεις απόδοσης, συμβατή με πυρήνες Linux 4.18 - 6.12 και εκδόσεις FreeBSD 13.3, 14.0 - 14.2. - Η ενημέρωση είναι αποτέλεσμα συνεργασίας 134 συνεισφερόντων, με πλήρη τεκμηρίωση και αρχείο αλλαγών διαθέσιμα για ανασκόπηση." + ], + "commentSummary": [ + "Η έκδοση ZFS 2.3 έχει κυκλοφορήσει, εισάγοντας χαρακτηριστικά όπως η επέκταση RAIDZ, η γρήγορη αποαναπαραγωγή, το άμεσο IO, η έξοδος JSON και η υποστήριξη για μακριά ονόματα αρχείων. - Η επέκταση RAIDZ είναι ιδιαίτερα αξιοσημείωτη καθώς επιτρέπει στους χρήστες να προσθέτουν νέες συσκευές σε μια υπάρχουσα δεξαμενή RAIDZ χωρίς διακοπή λειτουργίας, ενισχύοντας τη χωρητικότητα αποθήκευσης. - Η κυκλοφορία θεωρείται σημαντική πρόοδος για τους χρήστες του ZFS, συγκρινόμενη με άλλα συστήματα αρχείων όπως το Btrfs και το Windows Storage Spaces, παρά κάποιους περιορισμούς όπως η αδυναμία συρρίκνωσης δεξαμενών." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Κοντέινερ Alpine, Ubuntu, Fedora και Arch που περιέχουν πλήρη περιβάλλοντα επιφάνειας εργασίας", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Το Linuxserver/webtop παρέχει κοντέινερ βασισμένα σε Alpine, Ubuntu, Fedora και Arch με πλήρη περιβάλλοντα επιφάνειας εργασίας προσβάσιμα μέσω προγραμμάτων περιήγησης ιστού, υποστηρίζοντας τόσο τις αρχιτεκτονικές x86-64 όσο και arm64.", + "Οι χρήστες μπορούν να επιλέξουν από διάφορα περιβάλλοντα επιφάνειας εργασίας όπως τα XFCE, KDE, MATE, i3, Openbox και IceWM χρησιμοποιώντας συγκεκριμένες ετικέτες εικόνας, και να έχουν πρόσβαση στο Webtop μέσω καθορισμένων URLs.", + "Τα χαρακτηριστικά ασφαλείας περιλαμβάνουν την επιλογή seccomp του Docker και τη ρύθμιση αυθεντικοποίησης, με διαθέσιμες επιλογές προσαρμογής μέσω μεταβλητών περιβάλλοντος, καθώς και υποστήριξη για επιτάχυνση GPU με ανοιχτού κώδικα οδηγούς." + ], + "commentSummary": [ + "Το Webtop παρέχει κοντέινερ με πλήρη περιβάλλοντα επιφάνειας εργασίας για Alpine, Ubuntu, Fedora και Arch, κατάλληλα για γρήγορες ρυθμίσεις πίσω από ένα VPN.", + "Οι χρήστες επαινούν το Webtop για την ταχύτητα και την ευκολία χρήσης του, ιδιαίτερα όταν χρησιμοποιείται με το κοντέινερ Gluetun για ασφαλείς συνδέσεις, αλλά προειδοποιούν κατά της έκθεσης των κοντέινερ στο διαδίκτυο χωρίς μέτρα ασφαλείας λόγω έλλειψης προεπιλεγμένης αυθεντικοποίησης.", + "Το έργο εκτιμάται για το ότι είναι ανοιχτού κώδικα και ευέλικτο, με τους χρήστες να μοιράζονται διαμορφώσεις, ενώ εναλλακτικές όπως το Kasm και το Selkies σημειώνονται για παρόμοιους σκοπούς." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 στις 5 διαδικτυακές αγγελίες εργασίας είναι είτε ψεύτικες είτε δεν καλύπτονται ποτέ, σύμφωνα με μελέτη.", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "Μια πρόσφατη μελέτη δείχνει ότι το 20% των διαδικτυακών αγγελιών εργασίας είναι είτε ψεύτικες είτε παραμένουν κενές, προσθέτοντας στην απογοήτευση των αναζητούντων εργασία. - Αυτή η τάση των \"φανταστικών θέσεων εργασίας\" μπορεί να είναι μια τακτική για τις εταιρείες να προβάλλουν μια εικόνα ανάπτυξης. - Πλατφόρμες εργασίας όπως το Greenhouse και το LinkedIn έχουν εισαγάγει υπηρεσίες επαλήθευσης θέσεων εργασίας για να βοηθήσουν τους χρήστες να εντοπίζουν αυθεντικές ευκαιρίες εργασίας." + ], + "commentSummary": [ + "Μια μελέτη αποκαλύπτει ότι το 20% των διαδικτυακών αγγελιών εργασίας είναι είτε ψεύτικες είτε παραμένουν κενές, συχνά λόγω της ανάγκης των εταιρειών να συμμορφωθούν με τις πολιτικές μετανάστευσης των ΗΠΑ. - Οι εταιρείες μπορεί επίσης να αφήνουν τις αγγελίες εργασίας ανοιχτές για να βρουν ιδανικούς υποψηφίους, να αλλάξουν απαιτήσεις ή να έχουν προεπιλεγμένους εσωτερικούς υποψηφίους. - Η αγορά εργασίας είναι δύσκολη για τους αιτούντες, οι οποίοι συχνά αντιμετωπίζουν την αδιαφορία και τις αυτοματοποιημένες απορρίψεις, προκαλώντας εκκλήσεις για ρυθμιστική παρέμβαση." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Κάνοντας μια διασταύρωση επικίνδυνη για τους πεζούς για να εξοικονομηθούν δευτερόλεπτα για τους οδηγούς", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Η συζήτηση επικεντρώνεται στο αν οι διασταυρώσεις πρέπει να δίνουν προτεραιότητα στην ασφάλεια των πεζών ή στην αποδοτικότητα των οδηγών, με κάποιους να προτιμούν τις διασταυρώσεις με φανάρια και τις διαβάσεις πεζών έναντι των διασταυρώσεων με στάση σε όλες τις κατευθύνσεις.", + "Οι απόψεις ποικίλλουν σχετικά με τους νόμους κυκλοφορίας και τον σχεδιασμό υποδομών, με συζητήσεις για την ασφάλεια της παράνομης διάβασης πεζών και τους κινδύνους που συνδέονται με τις δεξιές στροφές με κόκκινο.", + "Μερικοί υποστηρίζουν εναλλακτικές λύσεις όπως οι κυκλικοί κόμβοι ή η υιοθέτηση των ολλανδικών προτύπων μηχανικής κυκλοφορίας για την ενίσχυση τόσο της ασφάλειας όσο και της αποδοτικότητας." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "Το PostgreSQL είναι το Σύστημα Διαχείρισης Βάσεων Δεδομένων της Χρονιάς 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "Η PostgreSQL έχει βραβευτεί ως το DBMS της Χρονιάς 2024 από την DB-Engines, επιτυγχάνοντας αυτή την αναγνώριση για πέμπτη φορά, ξεπερνώντας 423 άλλα συστήματα διαχείρισης βάσεων δεδομένων.", + "Το PostgreSQL, με ιστορία που εκτείνεται σχεδόν 35 χρόνια, συνεχίζει να καινοτομεί, όπως φαίνεται στις πρόσφατες βελτιώσεις του PostgreSQL 17, που κυκλοφόρησε τον Σεπτέμβριο του 2024.", + "Η Snowflake και η Microsoft κατέλαβαν τη δεύτερη και τρίτη θέση, αντίστοιχα, με τη Snowflake να σημειώνεται για την αποθήκευση δεδομένων στο cloud και την υποστήριξη πολλαπλών cloud, ενώ η Microsoft προσφέρει ισχυρές διαχειριζόμενες σχεσιακές βάσεις δεδομένων μέσω του Azure SQL Database και του SQL Server." + ], + "commentSummary": [ + "Η PostgreSQL έχει βραβευτεί ως το Σύστημα Διαχείρισης Βάσεων Δεδομένων της Χρονιάς 2024 από το db-engines.com, υπογραμμίζοντας την αυξανόμενη δημοτικότητά της και την αναγνώρισή της στη βιομηχανία.", + "Οι χρήστες σκέφτονται να μεταβούν από το Microsoft SQL Server στο PostgreSQL λόγω των υψηλών κόστους αδειοδότησης και των περιορισμών πόρων, παρά τις πιθανές προκλήσεις της μετανάστευσης.", + "Το PostgreSQL προτιμάται για τα ισχυρά χαρακτηριστικά του και την οικονομική του αποδοτικότητα, καθιστώντας το μια προτιμώμενη επιλογή για μελλοντικά έργα, αν και ορισμένοι χρήστες εξερευνούν εναλλακτικές λύσεις όπως το Babelfish για να μειώσουν το κόστος." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Η σύνδεση μέσω OAuth της Google δεν προστατεύει από την αγορά ενός domain αποτυχημένης startup.", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Η συζήτηση αναδεικνύει μια ευπάθεια στο σύστημα σύνδεσης OAuth της Google όταν το domain μιας αποτυχημένης startup αποκτάται από νέο ιδιοκτήτη, επιτρέποντας ενδεχομένως μη εξουσιοδοτημένη πρόσβαση σε υπηρεσίες.", + "Αυτό το ζήτημα προκύπτει επειδή η Google μπορεί να μην διακρίνει μεταξύ των αρχικών και των νέων ιδιοκτητών του τομέα, επηρεάζοντας οποιοδήποτε σύστημα που χρησιμοποιεί αυθεντικοποίηση βάσει τομέα.", + "Μια προτεινόμενη λύση είναι η χρήση μοναδικών αναγνωριστικών που παραμένουν σταθερά με την πάροδο του χρόνου, αν και η εφαρμογή αυτής της λύσης διαφέρει μεταξύ των παρόχων ταυτότητας." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Χρησιμοποιώντας δεξιότητες προγραμματισμού για να δημιουργήσετε παθητικό εισόδημα", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "Ο συγγραφέας μεταπήδησε από τη θέση του CTO σε έναν ρόλο solopreneur, κερδίζοντας επιτυχώς περισσότερα μέσω ενός χαρτοφυλακίου λογισμικών προϊόντων.", + "Οι βασικές στρατηγικές περιλαμβάνουν την εστίαση σε βαθιά εργασία, την έναρξη με μικρά έργα, την ταχεία επανάληψη και την αφιέρωση χρόνου στις προσπάθειες μάρκετινγκ.", + "Το ταξίδι δίνει έμφαση στην ανθεκτικότητα λόγω των αβεβαιοτήτων, αλλά υπογραμμίζει την απαράμιλλη αυτονομία και ελευθερία αυτής της επαγγελματικής πορείας, ενθαρρύνοντας όσους έχουν δεξιότητες προγραμματισμού να τη σκεφτούν για παθητικό εισόδημα." + ], + "commentSummary": [ + "Ένας χρήστης περιέγραψε τη δημιουργία παθητικού εισοδήματος μέσω ιστοσελίδων SEO spam χρησιμοποιώντας ληγμένα ονόματα τομέων, κερδίζοντας περίπου $30k ετησίως, παρά τις ηθικές ανησυχίες και την τελική καταστολή από την Google.", + "Η ανάρτηση προκάλεσε μια συζήτηση σχετικά με το παθητικό εισόδημα, με ορισμένους χρήστες να υποστηρίζουν ότι μοιάζει περισσότερο με τη λειτουργία μιας επιχείρησης παρά με πραγματικά παθητικά κέρδη.", + "Οι συμμετέχοντες μοιράστηκαν εμπειρίες και προκλήσεις σε παράπλευρα έργα, υπογραμμίζοντας τη σημασία του χρόνου, της ανθεκτικότητας και του στρατηγικού σχεδιασμού." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Η Ισπανία προτείνει φόρο 100% στα σπίτια που αγοράζονται από κατοίκους εκτός ΕΕ", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "Η Ισπανία εξετάζει την επιβολή φόρου 100% στις αγορές ακινήτων από κατοίκους εκτός ΕΕ, με στόχο την αντιμετώπιση της στεγαστικής κρίσης και τον περιορισμό των κερδοσκοπικών αγορών.", + "Η πρόταση του Πρωθυπουργού Πέδρο Σάντσεθ περιλαμβάνει την επέκταση της κοινωνικής στέγασης και τη ρύθμιση των τουριστικών ενοικιάσεων για την αντιμετώπιση της ανισότητας μεταξύ των τιμών των κατοικιών και των εισοδημάτων.", + "Το μέλλον της πρότασης ως νόμος είναι αβέβαιο, με ορισμένους αναλυτές να τη θεωρούν ως αποτρεπτικό παράγοντα για ξένους επενδυτές παρά ως εγγυημένη νομοθετική αλλαγή." + ], + "commentSummary": [ + "Η Ισπανία εξετάζει την επιβολή φόρου 100% στα σπίτια που αγοράζονται από κατοίκους εκτός ΕΕ για να αντιμετωπίσει τα προβλήματα προσιτότητας στέγασης. - Οι επικριτές υποστηρίζουν ότι οι ξένοι αγοραστές δεν είναι η κύρια αιτία των υψηλών τιμών κατοικιών, αναφέροντας τη βραδεία γραφειοκρατία και τους νόμους ζωνοποίησης ως πιο σημαντικούς παράγοντες. - Η πρόταση έχει προκαλέσει συζήτηση σχετικά με το ρόλο της ξένης ιδιοκτησίας στις αγορές κατοικίας και την αποτελεσματικότητά της στην επίλυση ζητημάτων προσιτότητας." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Η Apple σύντομα θα παραλάβει τσιπ 'κατασκευασμένα στην Αμερική' από το εργοστάσιο της TSMC στην Αριζόνα.", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Η Apple δοκιμάζει επεξεργαστές από την εγκατάσταση της TSMC στην Αριζόνα, με σχέδια για μαζική παραγωγή μέχρι το πρώτο τρίμηνο, ενδεχομένως να γίνει ο πρώτος πελάτης της TSMC στις Η.Π.Α. για τοπικά κατασκευασμένα τσιπ. - Αυτή η πρωτοβουλία στοχεύει στην ενίσχυση της ανεξαρτησίας των Η.Π.Α. στον τομέα του πυριτίου, μειώνοντας την εξάρτηση από την Ταϊβάν, η οποία είναι ευάλωτη σε γεωπολιτικούς και φυσικούς κινδύνους. - Το εργοστάσιο της TSMC στην Αριζόνα πρόκειται να παράγει προηγμένα τσιπ 3nm και 2nm, με συνεχιζόμενες προσπάθειες για ενίσχυση της τοπικής πρόσληψης και συνεργασίες με πανεπιστήμια των Η.Π.Α., αν και η συσκευασία θα πραγματοποιείται αρχικά στην Ταϊβάν μέχρι να λειτουργήσει η εγκατάσταση στην Peoria." + ], + "commentSummary": [ + "Η Apple θα παραλάβει τσιπ από το εργοστάσιο της TSMC στην Αριζόνα, αλλά πρέπει να σταλούν πίσω στην Ταϊβάν για συσκευασία λόγω ανεπαρκών εγκαταστάσεων στις Η.Π.Α. - Πάνω από το 50% του εργατικού δυναμικού στο εργοστάσιο της Αριζόνα προέρχεται από την Ταϊβάν, υποδεικνύοντας ένα κενό στον τομέα STEM (Επιστήμη, Τεχνολογία, Μηχανική και Μαθηματικά) στις Η.Π.Α. - Η πρωτοβουλία του νόμου CHIPS, που στοχεύει στην ενίσχυση της κατασκευής ημιαγωγών στις Η.Π.Α., αντιμετωπίζει προκλήσεις καθώς η ετικέτα \"Κατασκευασμένο στην Αμερική\" αμφισβητείται λόγω της διαδικασίας συσκευασίας που πραγματοποιείται στην Ταϊβάν, με σχέδια για δυνατότητες συσκευασίας στις Η.Π.Α. μέχρι το 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43.000 λιγότεροι οδηγοί στους δρόμους του Μανχάταν μετά την ενεργοποίηση της χρέωσης συμφόρησης", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Μετά την εφαρμογή της τιμολόγησης συμφόρησης, υπήρξε μείωση κατά 7,5% των οδηγών που εισέρχονται στο Μανχάταν κάτω από την 60η Οδό, που ισοδυναμεί με 43.000 λιγότερους οδηγούς κάθε καθημερινή.", + "Η μείωση της κυκλοφορίας έχει βελτιώσει τη ροή της κυκλοφορίας και αυξήσει τις ταχύτητες των λεωφορείων, με ορισμένα λεωφορεία express να παρουσιάζουν αυξημένη επιβατική κίνηση.", + "Η Μητροπολιτική Αρχή Μεταφορών (MTA) χρησιμοποιεί τα έσοδα από τα διόδια, που εκτιμώνται σε 500 εκατομμύρια δολάρια ετησίως, για βελτιώσεις στις μεταφορές, παρά την πολιτική αντίθεση." + ], + "commentSummary": [ + "Η εφαρμογή της τιμολόγησης συμφόρησης στο Μανχάταν έχει οδηγήσει σε 43.000 λιγότερους οδηγούς, με αποτέλεσμα την αύξηση των ταχυτήτων των λεωφορείων και πιθανώς καλύτερους χρόνους απόκρισης έκτακτης ανάγκης.", + "Η πολιτική έχει σχεδιαστεί για να μειώσει τη συμφόρηση της κυκλοφορίας και να βελτιώσει την ποιότητα του αέρα, αν και έχει προκαλέσει συζήτηση σχετικά με την επίδρασή της στα άτομα με χαμηλότερο εισόδημα.", + "Οι υποστηρικτές υποστηρίζουν ότι τα οφέλη περιλαμβάνουν πιο αποδοτικές δημόσιες συγκοινωνίες και καθαρότερο αέρα, ενώ οι συζητήσεις συνεχίζονται για την εξισορρόπηση αυτών των πλεονεκτημάτων με τις ανάγκες των οδηγών." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.en.json b/records/2025-01-14/2025-01-14.en.json new file mode 100644 index 000000000..7ea562e9e --- /dev/null +++ b/records/2025-01-14/2025-01-14.en.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "Snyk security researcher deploys malicious NPM packages targeting cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "HOME SERVICES TRAINING BLOG CONTACT Snyk security researcher deploys malicious NPM packages targeting Cursor.com Published January 8, 2025 Every morning I get up and check what malicious packages my detector had found the night before. It’s like someone checking their fishing nets to see what fish they caught. As I was looking at last nights malicious packages I noticed something strange: Someone from Snyk had deployed several packages to NPM. Even weirder, the names of those packages appeared to show they were targeting Cursor, the hot new AI coding company. These packages were deployed by an NPM user named sn4k-s3c. The packages are named things like “cursor-retreival”, “cursor-always-local” and “cursor-shadow-workspace”. If you install any of these packages they will collect data about your system and send it to an attacker controlled web service. You can find the packages on NPM here: https://www.npmjs.com/~sn4k-s3c You can see in this screen shot that the package is grabbing the output of a env command which will include many configuration options for your system. Often things like AWS keys, NPM tokens, GitHub credentials and other sensitive variables are exposed by the env command, so guess what? The threat actor now has all those credentials too! You can see in the screenshot that the data is then exfiltrated to a website that the attacker owns. Now, typically, when we see packages like this, they are attempting to perform a dependency confusion attack on a specific company. I don’t know if Cursor.com has a bug bounty program or a specific background. Still, I would suspect that Cursor has several NPM private packages named “cursor-always-local”, “cursor-retrieval”, and “cursor-shadow-workspace”. The person who created these packages is probably hoping that Cursor employees accidentally install these public packages, which will send their data to the attacker-controlled web service. Luckily, in addition to me seeing these files, the OpenSSF package analysis scanner identified these packages as malicious. OSV generated 3 malware advisories: MAL-2025-27, MAL-2025-28 and MAL-2025-29. You can see the malware advisories here: https://osv.dev/list?q=cursor&ecosystem=npm Who deployed these malicious packages? Okay, we know what the packages do when installing them, and we think they target Cursor.com. Who would do this? Well, the answer is in the NPM package metadata. The user who published the NPM package uses a snyk.io email address for the Snyk Security Labs team. This part of the metadata cannot be faked. The author field in the metadata specifically mentions an employee at Snyk. This part of the NPM package metadata can be faked, but since the publisher is a verified Snyk email, my guess is that this genuinely came from Snyk. What can you do? I’ve alerted NPM but these packages haven’t been marked as malicious yet, so no security tool could protect you from these malicious packages. Unfortunately, that’s how most software supply chain security tools work: you have to know that a package is malicious before the tool can protect you. But in general, it’s a good idea not to install NPM packages blindly. If you know what to look for, there are definite signals that these packages are dodgy. All of these packages have just two files: package.json and index.js (or main.js). This is one of several flags that you can use to determine if a package is legit or not. Hopefully, NPM will remove these packages soon. Paul McCarty SourceCodeRed.com Security Research & Trainer https://www.linkedin.com/in/mccartypaul/ Read about Software Supply Chain Red Teaming Learn More Copyright © 2024 – SOURCECODERED All Rights Reserved", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "Snyk security researcher deploys malicious NPM packages targeting cursor.com (sourcecodered.com)540 points by arkadiyt 20 hours agohidepastfavorite270 comments n2d4 16 hours ago[EDIT: See the response by a Cursor dev below — looks like it was not authorized by them] Sounds to me like Cursor internally has a private NPM registry with those packages. Because of how NPM works, it's quite easy to trick it to fetch the packages from the public registry instead, which could be used by an attacker [0]. Assumably, this Snyk employee either found or suspected that some part of Cursor's build is misconfigured as above, and uploaded those packages as a POC. (Given the package description \"for Cursor\", I'd think they were hired for this purpose.) If that's the case, then there's not much to see here. The security researcher couldn't have used a private NPM registry to perform the POC if the point is to demonstrate a misconfiguration which skips the private registry. . [0] In particular, many proxies will choose the public over the private registry if the latest package version is higher: https://snyk.io/blog/detect-prevent-dependency-confusion-att... reply ArVID220u 15 hours agoparentcursor dev here. reasonable assumptions, but not quite the case. the snyk packages are just the names of our bundled extensions, which we never package nor upload to any registry. (we do it just like how VS Code does it: https://github.com/microsoft/vscode/tree/main/extensions) we did not hire snyk, but we reached out to them after seeing this and they apologized. we did not get any confirmation of what exactly they were trying to do here (but i think your explanation that someone there suspected a dependency confusion vulnerability is plausible. though it's pretty irresponsible imo to do that on public npm and actually sending up the env variables) reply nomilk 14 hours agorootparent> \"pretty irresponsible\" Wouldn't it be more like \"pretty illegal\"? They could have simply used body: JSON.stringify(\"worked\"), i.e. not sent target machines’ actual environment variables, including keys. reply reubenmorais 11 hours agorootparentIt's an unfortunate incentive structure. If you're doing offensive security research, there's two ways you can go about it: you can report the potential vulnerability without exploiting it, in which case you risk the company coming back to you and saying \"thanks but we don't consider this a vulnerability because it's only exploited through misconfiguration and we're too smart for that\". Maybe you get some token reward of $50. Or you can exploit it and say here's the PoC, this many people at your company fell for it, and this is some of the valuable data I got, including some tokens you'll have to rotate. This puts you into actual bug bounty territory. Certainly the PR side of things alone will incentivize them to pay you so you don't make too much of a noise about how Cursor leaked a bunch of credentials due to a misconfiguration that surely every good programmer knows about and defends against (like so many vulnerabilities seem so dumb in hindsight). reply xmodem 7 hours agorootparentCursor does not have a bug bounty though, and its hard to see how this constitutes anything other than a direct attack on them, their users, or both. \"The incentive structure made me do it\" does not justify acting like a criminal. reply grajaganDev 5 hours agorootparentCursor asks researchers to report vulnerabilities to their GitHub security page. The same incentive to show impact applies even without a paid bounty. reply px43 5 hours agorootparentprev> Cursor does not have a bug bounty Shouldn't this alone be considered criminal negligence at this point? Cursor isn't some random open source project. It's a company that has funding, and subscriptions. Hell, I pay Cursor for a monthly subscription. Pretty incredible that they have no bounty program. reply britannio 5 hours agorootparentThe lack of a bug bounty program doesn't prohibit them from rewarding reported vulnerabilities. reply taskforcegemini 1 hour agorootparentdo they though? reply miki123211 8 hours agorootparentprevYou can also console.log those credentials as a PoC, and then show that the console.log could trivially be replaced by a fetch(). Kind of like a lot of exploit PoCs just \"pop a calc\" (AKA open the Calculator app), not because opening the calculator is valuable to an attacker, but because if you can open calculator, you can do anything. reply objectified 6 hours agorootparentThe problem there though, is that with PoCs like this, as an attacker you want to have a ping back to your system so that you know the attack has been successful (in this case they probably expected/hoped someone at Cursor to install the package, that's the usual objective in a dependency confusion attack). But what they could have done, is send a less sensitive thing like just the current working directory or current effective user, instead of the whole environment. reply fkyoureadthedoc 4 hours agorootparentWhat actually changes though in your scenario? Potential bad actor gets RCE on your dev machines, it doesn't really matter what they sent home, you're rotating keys and doing your due diligence either way. reply mistercow 9 hours agorootparentprevI wonder how viable it would be to find a public key your target owns and use it to encrypt the data you send back. Then you could prove to them that you exfiltrated real data without exposing it to anyone outside the company. Alternatively, you could hash it and say “Look, it’s a sha of your database password hyphen “yougotpwnd”” reply necovek 7 hours agorootparentHTTPS certificates should already have that public key for you, so it should be trivial. reply Szpadel 6 hours agorootparentprevwouldn't capturing only env names without values be ideal middle ground? look we had access to your Aws tokens, we could take over your account but we didn't steal actual token, we just got proof that we could access it reply reubenmorais 1 hour agorootparentYes I agree names only would have been a better approach here. reply whimsicalism 2 hours agorootparentpreva prerequisite of “offensive security research” is that it is solicited, no ifs or buts. what they did was absolutely wrong and frankly likely illegal reply 6mile 10 hours agorootparentprevYeah, I agree the incentive structure is broken for bug bounty hunters. Until the BB platforms themselves create some rules for their customers and researchers, we are gonna continue to have the sh*t show that we do now. The reality is that bug bounty hunters are deploying a significant percentage of the total malicious NPM packages each month. reply mcherm 9 hours agorootparent> The reality is that bug bounty hunters are deploying a significant percentage of the total malicious NPM packages each month. I don't actually think that is a bad thing. The TSA screening at airports would be vastly better if TSA maintained a \"red team\" that regularly tried smuggling guns (or water bottles or whatever) into airports. The agents would be more attentive if the number of incidents they dealt with was large enough that they could practice more often. The system could improve if it had actual feedback on how accurate and effective it was. And instead of agents overreacting or underreacting they could tune their responses to an appropriate level. The same applies to supply chain attacks. The REAL ones are rare, dangerous, and performed by experts; having a chance to practice catching them, to assess our detection rates, and to adjust our reactions is healthy. reply dagw 9 hours agorootparentThe TSA screening at airports would be vastly better if TSA maintained a \"red team\" that regularly tried smuggling guns They actually do have this. TSA seem to still suck at their job: https://www.forbes.com/sites/michaelgoldstein/2017/11/09/tsa... https://www.gao.gov/products/gao-19-374 reply LtWorf 2 hours agorootparentYou'd also suck if you knew your job is useless busywork. reply peanut-walrus 9 hours agorootparentprevYeah, it sucks, but that's the way it is. It is super common for bug bounty findings to be ignored or downgraded unless you show actual code exec on their machines or dump some of their creds. reply DigitalNoumena 8 hours agorootparentprevIt may interest you that Guy Podjarny, one of the Snyk founders, now has an AI coding company (https://www.tessl.io/about) that looks like a competitor of yours reply syndicatedjelly 15 hours agorootparentprevnext [3 more] [flagged] benatkin 14 hours agorootparentYeah, I strongly disagree with the way it's characterized here. reply TimTheTinker 14 hours agorootparent> we reached out to them after seeing this and they apologized. How does this make it sound like they made Snyk apologize? reply IAmGraydon 14 hours agorootparentprevnext [19 more] [flagged] not_a_bot_4sho 13 hours agorootparentIt was a thing back in the late 90s. I still do it in casual conversations with friends, less so in professional settings. It's a gen X thing, like using \"lol\" to mean literal laughter reply johnny22 13 hours agorootparentprevit's been a thing at least on irc for at least 20 years. i've been used to it for a long time. reply dovin 14 hours agorootparentprevI like to call it informal case. reply furyofantares 13 hours agorootparentprevWhen I grew up online in the 90s, on IRC, AOL/AIM, ICQ and web forums, it was extremely common. Most of the people I know from then still do it, and I still do it with them and in many other places, although for whatever reason I don't do it here. Although it's 50/50 when on their phones now that phones auto-capitalize by default now. reply urig 12 hours agorootparentprevRules are put in place to be followed, for a reason. Capital letters at the start of the sentence increase readability. People who don't bother with them are being incosiderate towards their readers. reply wahnfrieden 10 hours agorootparentnot at all reply pizza 13 hours agorootparentprevyes but there could be many possible reasons, for instance - it's muuch faster on mobile - you're aiming to convey litheness to potential target audiences who will know to recognize it as intentional litheness - you've gotten used to minimizing the amount of keystrokes necessary for communicating things, to the point it's second nature - you've worked a lot in the past with older nlp systems, where ignoring capitalization was a given for inputs anyhow, and just got used to treating it as syntactic cruft only strictly necessary in more formal settings ;) reply cjbprime 12 hours agorootparentWith the current default mobile keyboards, I'd guess it's slower, not faster. reply stouset 11 hours agorootparentprev> it's muuch faster on mobile This isn’t 1998. Mobile keyboards autocapitalize. You have to go out of your way to avoid capitalization on mobile. reply Piisamirotta 12 hours agorootparentprevI have been thinking of this too. I find it super annoying to read and it looks unprofessional. reply demarq 11 hours agorootparentprevhow does this bother you, what greater meaning does it have? reply Atotalnoob 14 hours agorootparentprevIt’s a techbro thing. Sama does it too reply benatkin 14 hours agorootparentYou're writing in rust-inspired English it seems, omitting the punctuation mark at the end of your second sentence so it gets returned. reply compootr 13 hours agorootparentit's typesafe and efficient reply brookst 13 hours agorootparentpreve. e. cummings, techbro. who knew? reply mmaunder 13 hours agorootparentprevIt’s a low effort flex. As in: you’re unimportant, this is unimportant, and I’m very busy, so I can’t or won’t bother to capitalize. Which is ironic because it’s more effort to not capitalize. reply wahnfrieden 10 hours agorootparentit's many more keypresses, and using modifier keys is generally rsi-prone reply maxbond 10 hours agorootparentWithout commenting on this subthread (I don't have an opinion), you or anyone else with this concern should look into sticky modifiers (modifiers that apply to the next key press without being held). They were a game changer for me personally as far as managing RSI, as I had a bad habit of tilting my wrist to eg type a capital T. reply arkadiyt 15 hours agoparentprev> If that's the case, then there's not much to see here They could have demonstrated the POC without sending data about the installing host, including all your environment variables, upstream. That seems like crossing the line reply nomilk 15 hours agoparentprev> If that's the case, then there's not much to see here. Allowing someone full access to the contents of your environment (i.e. output of env command) is a big deal to most, I suspect. reply LtWorf 2 hours agorootparentIf /proc is mounted you can read all of that. reply NitpickLawyer 12 hours agoparentprevWasn't this supposed to be fixed in NPM? I remember a talk by the researcher behind portswigger (sorry blanking on his name) doing this a while back, with great success (apple,ms,meta, basically all faang were vulnerable at that time). reply tankster 10 hours agoprevAlso interestingly the Snyk cofounder has started a competitor to cursor https://www.tessl.io/ https://techcrunch.com/2024/11/14/tessl-raises-125m-at-at-50... I hope there is no foul play. reply guappa 10 hours agoparentGiven how all my interactions with them have been extremely negative (see my other comment), I think it's rather likely that there is foul play. reply gortok 4 hours agoprevThe only part of the article I disagree with is this line: > But in general, it’s a good idea not to install NPM packages blindly. If you know what to look for, there are definite signals that these packages are dodgy. All of these packages have just two files: package.json and index.js (or main.js). This is one of several flags that you can use to determine if a package is legit or not. This works -- maybe OK for top-level packages. But for transitive dependencies it's nearly impossible to vet every transitive dependency. If you're pulling in a package that has 400 dependencies, how the heck would you even competently check 10% of that surface area? https://gist.github.com/anvaka/8e8fa57c7ee1350e3491#top-1000... reply ziddoap 4 hours agoparent>If you're pulling in a package that has 400 dependencies, how the heck would you even competently check 10% of that surface area? This would be where different security advice would apply: don't pull in a package that has 400 dependencies. reply krainboltgreene 3 hours agorootparentGiven the nature of software development and software developers, especially given American companies decide to value shareholder profits over programmer productivity, this might as well be effectively \"You don't need to get vaccines, simply don't get sick from other people.\" reply wyldberry 1 hour agorootparentThings like this are suppose to be provenance of an organizations security engineering teams. Helping to ensure you don't ship something like this. It's also hard for them too because no one wants to force developers to re-implement already solved functionality. reply krainboltgreene 1 hour agorootparentI also have never met a security engineer that was eager to do that. reply nightpool 2 hours agorootparentprevOut of curiosity, I've always meant to ask, are you related to the famous Geoguesser content creator in any way? It's a pretty distinctive last name. reply krainboltgreene 2 hours agorootparentI believe he might be a distant cousin. I've done some family tree searching myself and haven't found many things, since the Rainbolt side has mostly been scoundrels and vagabonds there aren't many details, but we do have a mountain that we named after ourselves after we stole it from natives. reply chamomeal 3 hours agoparentprevWait how in the world does a React carousel component have over 400 deps… reply jbreckmckye 48 minutes agorootparentDo you mean https://www.npmjs.com/package/carousel-react? By the looks of it, this was published by someone 7 years ago as part of a personal project. Nothing uses it. Going through that list... they all look like personal projects, with no dependents, and a single release by a single person. reply chamomeal 14 minutes agorootparentOk now that I’ve actually looked at the package.json, it seems like this must be a joke or something. It’s got packages for CLI arg parsing, math expression evaluation, hashing, etc. When I’m back on my computer I may look at the source and confirm my suspicion that none of those are required for the carousel functionality lol reply cloverich 2 hours agorootparentprevHistory of \"micro dependencies\" where many flexible utilities are split up into separate packages, such that many npm dependencies are a single function (ie rather than a package exporting ten methods, its ten separate dependencies). Then because there is no standard library, many reinventions of similar but incompatible utilities. etc. reply tristor 2 hours agorootparentprevBecause Javascript is a drug that makes developers stupid. It's almost trite at this point to comment on the obsession that Node has created with developers to reduce functionality to the smallest possible reusable parts, even trivial things, and publish them as packages, then to import and use those dependencies. The idea, in and of itself, is not terrible, but it's been taken to a logical extreme which is very much the definition of terrible. reply jbreckmckye 47 minutes agorootparentNearly all of these look like demo projects. You're making inferences about an entire group of developers based on a meme plus a search over the very 'worst' offenders. reply KuhlMensch 3 hours agorootparentprev/giphy \"first time?\" meme reply Sohcahtoa82 2 hours agorootparentprevDid you think the meme about node_modules having more gravity than a star was just a meme? It's very much based on reality. The npm ecosystem is just absolutely fucked. reply XorNot 3 hours agoparentprevThis is really where SELinux had the right idea overall: preclassifying files with data about their sensitivity, and denying access based on that, does adequately solve this problem (i.e. keeping npm installations away from id_rsa). reply beardedwizard 2 hours agorootparentThe issue with SElinux is usability. A company called intrinsic tried a similar \"allowlist\" approach to javascript based on the assumption that you could never control this sprawl and had to assume every package was malicious. I never saw the technology take off because generating the allowlist was of course error prone. im not sure what has to change in UX to make these approaches more palatable, but if you have to frequently allow 'good' behaviors, my experience is it never takes off. reply __MatrixMan__ 1 hour agorootparentI think we need to to focus on empirical consensus rather than taking as authoritative some file which makes claims about what a particular piece of software will or won't do. So before running any code you'd hash it and ask your peers: \"what do we think this does?\" If it does something surprising, you roll back its effects (or maybe it was in a sandbox in the first place) and you update your peers so that next time they're not surprised. I keep saying \"you\" but this would just be part of calling a function, handled by a tool and only surfaced to the user when they ask or when the surprising thing happens. It could be a useful dataset both for maintainers and for people who want to better understand how to use the thing. reply loaph 1 hour agoparentprev> If you're pulling in a package that has 400 dependencies, how the heck would you even competently check 10% of that surface area? At my place of work we use this great security too called Snyk. Definitely check it out /s reply 3eb7988a1663 15 hours agoprevI need to get serious about doing all development inside a virtual machine. One project per VM. There are just too many insidious ways in which I can ignorantly slip up such that I compromise my security. My only solace is that I am a nobody without secrets or a fortune to steal. IDEs, plugins, development utilities, language libraries, OS packages, etc. So much code that I take on blind faith. reply redserk 15 hours agoparentVagrant’s popularity seems to have died down with Docker containers but it’s by far my favorite way to make dev environments. Several years ago I worked somewhere that prohibited web browsers and development tools on laptops. If you needed to use a browser, you’d have to use one over Citrix. If you needed to code, you’d use a VDI or run the tools in a VM. At the time I thought their approach was clinically insane, but I’m slowly starting to appreciate it. reply arcanemachiner 12 hours agorootparentI still like Vagrant. But I believe it's yet another victim of the Hashicorp license change debacle from a year or two ago. Unlike with Terraform/OpenBao, I know of no community effort effort to keep the open-source version of this project alive. The latest open source version is still available on the Ubuntu repo, but who knows who long it will work until somefor of bit rot occurs. reply pizza234 5 hours agorootparent> I still like Vagrant. But I believe it's yet another victim of the Hashicorp license change debacle from a year or two ago. The license change is irrelevant - from the licensing page: > All non-production uses are permitted. Devs who use Vagrant in a development environment can do it as they used to do it before. > The latest open source version is still available on the Ubuntu repo, but who knows who long it will work until somefor of bit rot occurs. Hashicorp products have always been intended to be downloaded from the website, since they're statically linked binaries (I don't like that they're huge, but matter of factually, they make distribution trivial). reply fancyswimtime 11 hours agorootparentprevmore so a victim of speed reply hresvelgr 8 hours agorootparentprevDevcontainers[1] are the new incarnation of this pattern. We use them at work and they are a dream for onboarding new developers. The only downside is the VSCode lock-in but if that's a concern there's always DevPod[2]. [1] https://containers.dev/ [2] https://devpod.sh/ reply bluehatbrit 6 hours agorootparentIt looks like the team behind it have been moving it towards more of an open standard over the last year. There's now a CLI reference implementation, and the Jetbrains IDE's have an implementation for it. There's also a thread for Zed about a path to implementing it there [0]. Hopefully it'll become a bit more common over 2025. [0] - https://github.com/zed-industries/zed/issues/11473 reply roland35 6 hours agorootparentprevI think vs code is the easiest way to set up dev containers, but once they are created I mostly just shell into them and use neovim! reply pmontra 13 hours agorootparentprevA customer of mine still uses vagrant on a project, for local development. That project started in 2016. We are developing on a mix of Linux, Mac, Windows and it's not as straightforward as it could be. Linux is easier, Windows is messier. A newer project fires up VMs from a Python script that calls an adapter for EC2 (with the boto library) when run on AWs and for VirtualBox (by calling VBoxManage) when running locally. That allows us to simulate EC2 locally: it's a project that has to deal with many long jobs so we start VMs for them and terminate the VMs when the jobs are done. That also runs better on our mix of development systems. WSL2 helped to ease the pains of developing on Windows. We call the native Windows VirtualBox, not the one we could have installed inside WSL2, but we keep most of the code that runs on Linux. reply tacticus 14 hours agorootparentprevThis is the practice in many government sites these days. Except the vm is some old windows version without any tools on it. no shell access. can't actually do anything useful on there at all. VDI systems could work if implemented properly. but that's the last thing a security team actually wants to do. reply dacryn 11 hours agorootparentVDI is actually preferred by our security teams, because they have complete deep packet inspection on literally all traffic going in and out. On our laptops, there are still some flows that avoid the vpn etc.. reply spike021 11 hours agorootparentprevAt my first job almost 10 years ago we had the concept of \"X-in-a-box\" using Vagrant + VMs and I miss that pattern so much ever since (multiple job skips later). None of my jobs since have had any semblance of a better way to set up a local dev environment easily. It was just way easier to encapsulate services or other things in a quickly reproducible state. I digress.. reply flyinghamster 7 hours agorootparentprevI started using Ansible a few years back to set up VMs (or Raspberry Pis) with a consistent environment. Once I wrapped my head around it, I've found it very nice for any situation where I need to treat systems as livestock rather than pets. reply bloopernova 1 hour agorootparentI use Ansible in local only mode to install/configure macOS as a development environment. Works well with Homebrew, and copies all the config files that devs often don't set up. reply buildbot 14 hours agorootparentprevVagrant is still kicking! But yeah not as popular as back in 2014-2016? A hybrid(?) alternative is enroot, which is pretty neat IMO, it converts a docker container into a squashfs file that can be mounted rw or used in an ephemeral way. https://github.com/NVIDIA/enroot reply whitehexagon 12 hours agoparentprevIt's horrible that trust is being eroded so much, and seeing monthly GB updates to my OS doesnt reassure me at all. I like the idea of having a stable isolated VM for each project. Are there standard open-source tools to do this? Specifically I'm transitioning my Go and Zig development environments from an old mac to an M1 with Asahi Linux and getting a bit lost even finding replacements for Truecrypt and Little Snitch. Do these VM tools support encrypted VM's with firewall rules? I saw Vagrant mentioned here and that sounds like it might cover the network isolation, but what else would you suggest? reply pritambaral 11 hours agorootparentI run all my dev environments under LXD. Even the IDE: full graphical Emacs (or Vim) over X11 forwarding over SSH. Host is Wayland, so security concerns with X are handled. WayPipe also works, but is jankier than X, probably because X, unlike Wayland, was designed for network transparency. LXD, unlike Docker, doesn't play fast-and-loose with security. It runs rootless by default, and I don't allow non-root access to the LXD socket on host. Each container is a full userspace, so it's much more convenient to configure and use than Dockerfiles. SSH from a container to a remote works transparently because I forward my SSH Agent. This is secure because my agent confirms each signing request with a GUI popup (on host). reply 3eb7988a1663 10 hours agorootparentCan you point to a write-up somewhere that details this setup? Part of the appeals of VMs is that they were built with security as a primary objective. I probably have to do something stupid to break that isolation. A custom ad hoc configuration makes me a bit nervous that I will unknowingly punch a Docker sized hole through my firewall and have less security than if I ran a stock workflow. reply cheema33 9 hours agorootparentFor me, I don't use LXD, but use Proxmox containers. These are non-root Linux containers by default. Super lightweight compared to a VM. Proxmox makes managing LXC containers a little easier with a UI, compared to managing containers strictly using command line. If you go this route, create a container template that has everything you want in every instance. And then spin out new containers whenever you need one. reply khimaros 6 hours agorootparentyou might be interested in the incus webui reply stevage 10 hours agorootparentprevI always used to do that, using Vagrant. Mostly because it was the only practical way to maintain independent environments for the tools I was using. These days I work in JavaScript and rarely have issues with project environments interfering with each other. I've gotten lazy and don't use VMs anymore. In theory docker type setups could work but they just seem so much effort to learn and setup. reply smatija 10 hours agorootparentSeconding vagrant - especially because it's the only reasonable way I found so far to test linux release on my windows rig (would prefer to dev on linux, but windows-only company is windows-only company). Basically I put a Vagrantfile in src folder, then run docker compose with db, caddy, app server and other services inside it - then I forward ports 80 and 443 from vm and use localhost.whateverdomain.igot with self-signed cert on caddy (since https is just enough different than http that I otherwise get bitten by bugs every so often). When I start a new project I can usually just copy the Vagrantfile with minimal changes. reply mjl- 9 hours agoparentprevi develop on linux, on various projects. i'm mostly concerned with all the tools, build scripts and tests that may read sensitive data, or accidentally destroy data. so i'm limiting access to files when working on a project with linux namespaces, using bubblewrap. i've got a simple per-project dot file that describes the file system binds. while i'm working on a project, new terminals i open are automatically isolated to that project based on that dot file. it has very low (cognitive) overhead and integrates pretty much seamlessly. i suspect many developers have similar scripts. i looked for projects that did this some time ago, but couldn't find it. either because it's too simple to make a project about, or because i don't know how others would describe it. if anyone has pointers... i don't limit network access (though i did experiment with logging all traffic, and automatically setting up a mitm proxy for all traffic; it wasn't convenient enough to use as regular user). there is still a whole kernel attack surface of course. though i'm mostly concerned about files being read/destroyed. reply arkh 11 hours agoparentprevTime to main Qubes OS on your development machine. https://www.qubes-os.org/ reply 3eb7988a1663 10 hours agorootparentI actually did try to install Qubes over the holiday, but I repeatedly encountered installation failures and could not ever login to the system. Someone had posted an identical issue, but they were similarly stymied. I should revisit, but my initial foray tells me I am going to have to withstand quite a few papercuts in order to get the isolation I want. reply sim7c00 9 hours agorootparentnever had issues with qubes like that but i did pick something tested (hw). u can check hardware compat list. it has also some good links to forums for specific hw related tweaks u might need. that being said, runing qubes fully and workin with it is something else... i decided i am uninteresting enough just to use ubuntu these days :p... maybe sometime ill have the patience again. reply dacryn 11 hours agoparentprevI wonder how this is mitigated by my current workflow of running jupyter and vscode from a docker container. I did not start doing this because of security, but just to get something more or less self managed without any possibility to break different projects. I am tired of my team spending too much time on extensions, versions, packages, ... Docker compose files have saved our team many hours, even if it's extremely wasteful to have multiple vscode instances running alongside each other reply technion 15 hours agoparentprevI think a lot of the issues in this particular example is the ease with which api keys, once leaked, are single factor passwords. If you ran a key logger on my machine you would never get into any major site with mfa. You couldn't watch me log on to the azure console with passkey and do much with it. But if you scrape a saved key with publish abilities bad things happen. reply chrismarlow9 14 hours agorootparentWhat's to stop me from installing custom certs and MITM your login session proxying the info. Or an extension to harvest the data after you login. I'm pretty sure if I have root it's game over one way or another. The surface is massive. reply technion 12 hours agorootparentAt that point you've done something much more invasive and detectable than exporting a .env file and you've walked away with a very short lived token. There's always \"something more an attacker can do\", I'll stand by the view that requiring further authentication to perform interactive actions and pushes is worthwhile. reply cedws 13 hours agoparentprevI started doing development under a separate non-admin user on my MacBook. I switch to another user for personal stuff, or the admin user to install stuff with Homebrew. Doesn't protect from zero days but it's better than nothing. reply 3eb7988a1663 10 hours agorootparentI toyed around with this a bit, and it feels like it has significant merit. User separation is about the only security boundary built into Linux from the beginning. I was not totally happy with the workflow I adopted, but it is probably going to be less burdensome than the VM approach. reply cedws 5 hours agorootparentWith Fast User Switching on macOS it's pretty convenient too. The difficulty is remembering to switch user when changing contexts. I tried to set a different wallpaper/icon for each user to make it more obvious which user I'm on, but macOS just resets them all to be the same. reply weinzierl 9 hours agoparentprevI know where you are coming from and I considered this myself again and again. For me and for now it is not something I want to do and not primarily because of the effort. The VM might protect me, but it will not protect the users of the software I am producing. How can I ship a product to the customer and expect them to safely use it without protection when I myself only touch it when in a hazmat suit? No, that is not the environment I want. My current solution is to be super picky with my dependencies. More specifically I hold the opinion that we should neither trust projects nor companies but only people. This is not easy to do, but I do not see a better alternative as for now. reply guappa 10 hours agoparentprevI just stick to using whatever is on my distribution for personal use. For work use I use a work machine and if it gets compromised it's not really my own problem. reply Alifatisk 4 hours agorootparent> For work I use a work machine and if it gets compromised it's not really my own problem. Is that really a good mindset for a organization? reply guappa 4 hours agorootparentI guess so… there seems to be absolutely no consequences to getting hacked, so from a business perspective it makes a lot of sense. It's not up to me to decide what policy to use, and if it was I couldn't just do whatever I wanted, I'd have to justify its cost. And every company does the same… I can decide the policy at my home :) reply pjmlp 9 hours agoparentprevThe security, and overall application stability attack vector, is why I now vouch for processes with OS IPC instead of shared libraries, even if it requires more resources. It doesn't fully sort out the trust issue though, even if everything is sandboxed in some fashion. reply uticus 4 hours agorootparentI know of IPC, but it has never occurred to me to view as an alternative to shared libraries. It's an intriguing viewpoint I'm having trouble wrapping my mind around. Are there battle-tested real-life examples of IPC being used where shared libs could have been used instead? reply pjmlp 4 hours agorootparentVSCode would be one such example. All the stuff using Android intents, out-proc COM extensions in Windows, XPS in macOS, are other relevant set of examples. I assume you are kind of new to the computing world, OS IPC is how we extended applications almost 40 years before shared libraries became common feature across all major operating systems. Naturally with them being around, shared memory in-process was much easier, and less resource intensive. IPC calls require processes, which take more kernel resources, and context switch. Microservices isn't a new concept, rather re-branding. Sun had as marketing quote, \"The network is the computer\", exactly because of how it used to be. reply XorNot 13 hours agoparentprevThe real problem is video performance in VMs. It still just...kind of sucks. Running Cinnamon in a VM is just about impossible to get GL acceleration working properly. nvidia gates it's virtualized GPU offerings behind their enterprise cards, so we're left with ineffective command translation. IMO: I can tolerate just about every other type of VM overhead, but choppy/unresponsive GUIs have a surprisingly bad ergonomic effect (and somehow leak into the performance of everything else). If we could get that fixed, at least amongst Linux-on-Linux virtualization, I think virtualizing everything would be a much more tenable option. reply alias_neo 9 hours agorootparentThere are ways around it. There is a community of people who use Nvidia enterprise cards with vGPU for gaming, performance is excellent, or PCI pass through an entire GPU. If you can't do that because it's for company/corporate purposes then I can sympathise with not wanting to pay Nvidia's prices. reply danieldk 6 hours agorootparentprevBut would it matter much for development? Either SSH into the VM and use vi/emacs or use an IDE/editor with remote support. VS Code even lets you use a container as a development environment (I know, not a VM by default): https://code.visualstudio.com/docs/devcontainers/containers reply dsissitka 5 hours agorootparentI don't know about VS Code's dev containers extension but the SSH extension's README says: > Using Remote-SSH opens a connection between your local machine and the remote. Only use Remote-SSH to connect to secure remote machines that you trust and that are owned by a party whom you trust. A compromised remote could use the VS Code Remote connection to execute code on your local machine. https://marketplace.visualstudio.com/items?itemName=ms-vscod... If you're worried about extensions there's also: > When a user installs an extension, VS Code automatically installs it to the correct location based on its kind. If an extension can run as either kind, VS Code will attempt to choose the optimal one for the situation; https://code.visualstudio.com/api/advanced-topics/remote-ext... reply z3t4 11 hours agorootparentprevYou can get good security without virtualization, for example SeLinux and namespaces in Linux. Jails in BSD and zones in Solaris. We would have many viable and competing solutions if it wasn't for Microsoft monopoly. reply petesergeant 12 hours agoparentprevI wonder how long until this is standard, and PFYs coming into the industry look at our current practices much like people now look at non-encrypted credentials being sent over the network. reply pinoy420 13 hours agoparentprevWhy would you do anything but work related activities on a work machine. If you really want trust for software. Don’t use a computer. reply smokel 10 hours agorootparentIt is good to wind down every now and then during work time. Also, many people here work on multiple projects for different customers. Having a security breach for one affecting the other is not something you'd be happy with. reply 3eb7988a1663 10 hours agorootparentprevI never said anything about personal stuff on a work machine? I want my own hardware to have isolation between my email/banking/etc and side project programming. reply pinoy420 9 hours agorootparentThen have a separate machine if you’re that paranoid. Funny how it doesn’t cause issue for the hundreds of thousands of other people in the world reply guappa 10 hours agoprevsnyk is the same company that instead of rotating oublic keys just… changes them without notice. https://github.com/snyk/cli/pull/5649 They also mark projects as \"abandoned\" if they move to any other forge that isn't github. And they stay abandoned even if new releases appear on npm/pypi :D Their competence isn't as big as their fame, in my opinion. Also one of their sales people insulted me over email, because apparently not being interested in buying their product means you're an incompetent developer who can only write software filled with vulnerabilities. reply azemetre 2 hours agoparentThey also penalize libraries that are \"done,\" and require minimal development. Completely backwards software that corpos only seem to buy because their insurers force them to check off some security list box. reply alp1n3_eth 1 hour agoparentprevThat's extremely unfortunate, especially about the \"abandoned\" labelling. I've been looking to move off GitHub recently as well, it feels like it's got a bit too much control. Codeberg looks interesting, and there are self-hosted ones like Forejo that also look great if you're okay with the maintenance. reply gyoridavid 10 hours agoparentprev\"insulted me over email\" - whoa, that's wild, do you still have the email? would be fun to see it :D reply guappa 10 hours agorootparentSorry, I searched, it seems all my emails from before the last company rename are gone. edit: or microsoft outlook sucks… I tried to sort in reverse my inbox to see what's the oldest email there and \"the request cannot be satisfied\" reply unixhero 9 hours agorootparentOuch, I kind of trusted it. ... more than Gmail and Google reply ceejayoz 7 hours agorootparentprevI get surprisingly many cold emails these days with a passive aggressive “shall we schedule a call, or are you a bad person who doesn’t give a shit about security?” approach. reply matwood 4 hours agorootparentYeah. Or 'make this change to help our processes'. Um, that's not my job. reply bilekas 10 hours agoparentprev> hey also mark projects as \"abandoned\" if they move to any other forge that isn't github. And they stay abandoned even if new releases appear on npm/pypi :D Well theres a sign of a good team.. /s That's actually an interesting take, I haven't heard too much about them except that they do have an ego. reply Ylpertnodi 6 hours agoparentprevI'm sure you can provide the body of the [appropriately redacted] said email? reply guappa 5 hours agorootparentI was also sure until I found out that outlook refuses to search old emails. reply woodruffw 18 hours agoprevWithout more context, this doesn't look great for Snyk either way: either they have an employee using NPM to live test their own services, or they have insufficient controls/processes for performing a legitimate audit of Cursor without using public resources. reply tru3_power 16 hours agoparentWhy not? NPM behaves oddly when there is a public package named the same as one on a private repo, in some cases it’ll fetch the public one instead. I believe it’s called package squatting or something. They might have just been showing that this is possible during an assessment. No harm no foul here imo reply woodruffw 15 hours agorootparent> They might have just been showing that this is possible during an assessment. No harm no foul here imo You're not supposed to leave public artifacts or test on public services during an assessment. It's possible Cursor asked them to do so, but there's no public indication of this either. That's why I qualified my original comment. However, even if they did ask them to, it's typically not appropriate to use a separate unrelated public service (NPM) to perform the demo. Source: I've done a handful of security assessments of public packaging indices. reply guappa 10 hours agorootparentComments here seem to indicate that cursor did NOT ask them to (unless of course someone inside the company did and didn't tell the others) reply compootr 13 hours agorootparentprevif Cursor is secure it shouldn't be a problem for them! (and, according to their comments, it is) reply woodruffw 13 hours agorootparentIt's not about being a problem or not. It's a basic responsibility when doing security research: maintaining an isolated test environment is table stakes. reply mmsc 12 hours agorootparentHow should it have been done differently? How else is the researcher supposed to know if the attack works? \"Hey random company, we have no proof it's going to work but we think maybe your system, which we can't see, is vulnerable! Go waste time and check!\" reply cheema33 9 hours agorootparentCursor team has already stated here that they did not ask Snyk to perform a security audit. I wonder if Snyk's actions are equivalent to me coming to your house late at night and then trying to open any and all doors and windows. In the name of security research. Without an invitation from you. How else am I to validate that your house is secure? reply bostik 12 hours agorootparentprevLocal DNS override, and two registries. One mirroring the relevant public NPM packages as they are, and one \"normal\" internal one. Make the mirror registry resolvable with the same name(s) as the real, public NPM registry. Then test the behaviour. reply mmsc 11 hours agorootparentI think there's an incorrect assumption that the Snyk team has any access to Cursor's systems, or their source code. reply BeefWellington 13 hours agorootparentprev\"No Harm No Foul\" in this case would be a simple demonstrative failure case, not functioning malware. reply fintechie 5 hours agoprevHopefully this makes the Cursor team reconsider security (which doesn't seem very good really). Stopped using it for serious stuff after I noticed their LLMs grabs your whole .env files and sends them to their server... even after you add them to their .cursorignore file. Bizarre stuff. Now imagine a bad actor exploiting this... recipe for disaster. reply miohtama 5 hours agoparentSecurity often means the opposite of scalability and growth, so why should they? The business goal is to make sure Cursor grows large enough that they have economics of scale to be a viable business. If you want secure LLM you can use Mistral, which comes with all the EU limitations, good and bad. reply yunwal 4 hours agorootparentMistral (an LLM company) is not really a substitute for cursor (an IDE). Tabby is probably the closest open-source alternative. https://github.com/TabbyML/tabby reply nikcub 17 hours agoprevLooks like a white hat audit from Snyk testing. Got flagged because oastify.com is a default Burp Collaborator server. They should be running a private npm repo for tests (not difficult to override locally) and also their own collaborator server. reply Cthulhu_ 8 hours agoparentIt's not white hat because they actively extract data; if it was just to prove it worked they could've done a console.log, cause npm install to fail, or not extract a payload. reply that_guy_iain 5 hours agorootparentThe data they extract is nothing sensitive and this way they can see how many hits they get. The more affected the bigger the headline for them. reply __jonas 4 hours agorootparentIn what world is \"all environment variables\" nothing sensitive? reply dannyallan 5 hours agoprevSnyk Research Labs regularly contributes back to the community with testing and research of common software packages. This particular research into Cursor was not intended to be malicious and included Snyk Research Labs and the contact information of the researcher. We were very specifically looking at dependency confusion in some VS Code extensions. The packages would not be installed directly by a developer. Snyk does follow a responsible disclosure policy and while no one picked this package up, had anyone done so, we would have immediately followed up with them. reply luma 4 hours agoparentSpraying your attack into the public with hopes of hitting your target is the polar opposite of responsible. The only \"good\" part of this is that you were caught in the act before anyone else got hit in the crossfire. In response, you suggest that you'll send a letter of apology to the funeral home of anyone that got hit. Compromising their credentials, even if you have \"good intentions\", still puts them into a compromised position and they have to react the same as they would for any other malevolent attacker. This is so close to \"malicious\" that it's hard to perceive a difference. edit: Let's also remind everyone that a Snyk stakeholder is currently attempting to launch a Cursor competitor, so assuming good intentions is even MORE of a stretch. reply yabones 4 hours agoparentprevThis is grey-hat at best. Intent may have been good, but the fact is that this team created and distributed software to access and exfiltrate data without permission which is very illegal. You may want to consult with the legal department before posting about this on a public forum fyi. reply senorrib 4 hours agoparentprevCool. Why phone home the user's environment, then? The vulnerability could very much be confirmed by simply sending a stub instead of live envs. reply etyp 4 hours agoparentprevSeems reasonable enough, but why would it (allegedly) send environment variables back via a POST? Even if it's entirely in good faith, I'd rather some random package not have my `env` output.. reply austinkhale 2 hours agoparentprevUpvoting this since presumably you're actually the CTO at Snyk and people should see your official response, but wow this feels wildly irresponsible. You could have proved the PoC without actually stealing innocent developer credentials. Furthermore, additional caution should have been taken given the conflict of interest with the competitor product to Cursor. Terrible decision making and terrible response. reply pizzalife 2 hours agoparentprevWhat is responsible about sending the environment over in a proof of concept? reply kittikitti 3 hours agoprevNPM packages are the most bloated and unreadable pieces of code I've encountered. The creator of Node apparently hates all software and yet Google gave him the captain's hat and we're left with the absolute crap shoot that is web development. I feel guilty with an additional 1KB of code or 500 bytes of RAM but this is seen as an outsider opinion. I hope big tech rots and this is just a symptom. https://news.ycombinator.com/item?id=3055154 reply zelphirkalt 3 hours agoparentNPM packages VS Wordpress plugins ... I think it is a head to head race there. reply mirkodrummer 15 hours agoprevLooks like NPM is generating jobs for those in the security field. It’s an unfixable mess, I really hope some competition like JSR will put enough pressure on the organization. reply devjab 9 hours agoparentIt's not just NPM, it's the trust in third party libraries in general. Even though it's much rarer, you'll see exploits on platforms like Nuget. You're also going to see them on JSR. You have more security because they are immutable, but you're not protected from downloading a malicious pacakge before it's outed. I think what we're more likely to see is that leglislation like DORA and NSIS increasinly require that you audit third party packages. This enforcing a different way of doing development in critical industries. I also think you're going to see a lot less usage of external packages in the age of LLM's. Because why would you pull an external package to generate something like your OpenAPI specification when any LLM can write a cli script that does it for you in an hour or two of configuring it to your needs? Similarily, you don't need to use LLM's directly to auto-generate \"boring\" parts of your code, you can have them build cli tools which does it. That way you're not relying on outside factors, and while I can almost guarantee that these cli tools will be horrible cowboy code, their output will be what you refine the tools to make. With languages like Go pushing everything you need in their standard packages, you're looking at a world where you can do a lot of things with nothing but the standard library very easily. reply rettichschnidi 16 hours agoprevOT: Has anyone ever gotten (proper) SBOMs for Snyks own tools and services? Asking because they want to sell my employee their solution (which does SBOMs). reply KennyBlanken 15 hours agoparentSnyk is founded by people from the Israeli Army's Unit 8200. I wouldn't install it if you paid me to, because it feels a lot like Unit 8200 pumps out entrepreneurs and funds them so that (like the NSA) they have their foot already in the door. reply alpb 13 hours agorootparentWiz.io (who almost sold to Google for $25bn) also had founders from IDF Unit 8200. Dozens of other companies like Waze, Palo Alto Networks were also the same. reply sgammon 10 hours agorootparentprevIncredibuild is on this list (at least with regard to current leadership) reply woodruffw 14 hours agorootparentprevConspiracies and politics aside, the reasons for the prominence of 8200 are somewhat boring: it's the largest unit in the IDF, in a relatively small country. Teenagers who demonstrate just about any degree of technical savviness get funneled into it for their mandatory service. It's the equivalent of observing that SFBA startups tend to have a lot of Stanford grads at the helm. (I don't have any particular love for Snyk as a product suite. I think most supply chain security products are severely over-hyped.) reply manquer 11 hours agorootparentTalent or skills is essential but alone is not enough. while the size and quality of the talent pool helps it is not sufficient to explain the success rate, considering that there are similar or better quality talent pools which are larger in many countries around the world, but they don't have the success rates Israeli startups and 8200 ones specifically have compared to their home market and talent pool size. It is not some conspiracy either, success as founder has strong network effects and positive feedback loops, right mentorship, access to talent pool, or access to funding and people who can open doors all becomes easier when your network already has some success. Similar reason second time founders have it easier they can tap into their personal version of a network. It is not unusual to Israel/8200, the valley itself benefits from this effect heavily after all. reply woodruffw 2 hours agorootparentRight, it's not about talent. It's the fact that it's an extremely strong network with a flywheel between defense spending and startup tech. The same things that make the US's startup industry indefatigable. reply ignoramous 7 hours agorootparentprev> benefits from this effect \"Benefits\" from whose perspective? For instance, the Brazilians (the State apparatus, specifically) are also benefiting [0], but are their citizens [1]? [0] https://www.jstor.org/stable/48595312 [1] https://idanlandau-com.translate.goog/2016/02/04/technologie... reply manquer 6 hours agorootparentbenefits from the perspective of the startup, i.e. chances of its success or growth. Who in turn benefits from that in terms wealth, power, influence is whole different topic for which i have no expertise, i was only talking about frequency of successes in startup clusters. reply ignoramous 8 hours agorootparentprev> Conspiracies Not when the dissidents put their name to paper. We, veterans of Unit 8200, reserve soldiers both past and present, declare that we refuse to take part in actions against Palestinians and refuse to continue serving as tools in deepening the military control over the Occupied Territories. It is commonly thought that the service in military intelligence is free of moral dilemmas and solely contributes to the reduction of violence and harm to innocent people. However, our military service has taught us that intelligence is an integral part of Israel's military occupation over the territories. The Palestinian population under military rule is completely exposed to espionage and surveillance by Israeli intelligence. While there are severe limitations on the surveillance of Israeli citizens, the Palestinians are not afforded this protection. There's no distinction between Palestinians who are, and are not, involved in violence. Information that is collected and stored harms innocent people. It is used for political persecution and to create divisions within Palestinian society by recruiting collaborators and driving parts of Palestinian society against itself. In many cases, intelligence prevents defendants from receiving a fair trial in military courts, as the evidence against them is not revealed. Intelligence allows for the continued control over millions of people through thorough and intrusive supervision and invasion of most areas of life. This does not allow for people to lead normal lives, and fuels more violence further distancing us from the end of the conflict. https://www.theguardian.com/world/2014/sep/12/israeli-intell... (and that's from 2014) reply woodruffw 5 hours agorootparentI don’t think this conflicts with what I’ve said. I’m not claiming Unit 8200 is moral or absolved; I’m saying only that you will run into a lot of 8200 veterans if you interact with any Israeli startup, since it’s a massive unit. Assuming that those people don’t have opinions of their own is likely incorrect, as this letter demonstrates. reply davedx 11 hours agoparentprevLots of false positives IME reply gunnarmorling 10 hours agoprevIn the Java world, you need to prove ownership of a given namespace (group id), e.g. via a TXT record for that domain. Isn't there a similar concept for NPM? The package is named sn4k-s3c/call-home, how will a victim be tricked into referencing that namespace sn4k-s3c (which I suppose is owned by the attacker, not Cursor)? I feel like I'm missing part of the picture here. reply hennell 9 hours agoparentYou're not really missing anything so much as adding a misguided assumption of competence to NPM. Npm doesn't really do namespaces. There's just no ownership to prove as most packages are published like \"call-home\" with no namespace required. This gives exciting opportunities for you to register cal-home to trap users who miss type, or caII-home to innocuously add to your own or open source projects or whatever. Fun isn't it? In this case the call home package is namespaced, but the real attack is the packages like \"cursor-always-local\" which has no namespace. Which can sometimes (?) take precedence over a private package with the same name. It's not a pretty picture, you were better off missing it really. reply Vaguely2178 1 hour agorootparent> Npm doesn't really do namespaces. Yes it really does. npm has namespaces (called scoped packages) and even explicitly encourages their use for private packages to avoid this sort of attack. From the npm docs: \"A variant of this attack is when a public package is registered with the same name of a private package that an organization is using. We strongly encourage using scoped packages to ensure that a private package isn’t being substituted with one from the public registry.\" [1] > This gives exciting opportunities for you to register cal-home to trap users who miss type, or caII-home to innocuously add to your own or open source projects or whatever. Fun isn't it? npm actively blocks typo-squatting attacks during the publishing process: \"Attackers may attempt to trick others into installing a malicious package by registering a package with a similar name to a popular package, in hopes that people will mistype or otherwise confuse the two. npm is able to detect typosquat attacks and block the publishing of these packages.\" [1] This thread is full of people demonstrating the concept of confirmation bias. [1] https://docs.npmjs.com/threats-and-mitigations reply hu3 11 hours agoprevA colleague of mine vendors npm dependencies to diff code between third party lib changes. Those are also covered in pull request reviews. Helps in cases like this. reply absqueued 9 hours agoparentCould you please explain a little more. I can use such practice in my dev workflow. reply robszumski 32 minutes agorootparentthis is an area that is top of mind for me right now. you don't have to vendor your deps to get a detailed report of what changed, and bonus, how your app calls into it. just wrote about it: https://edgebit.io/blog/code-diff-reachability/ reply hu3 8 hours agorootparentprevSure. They don't include \"node_modules\" directory in their .gitignore file. So any third party code changes end up in git commits and are easily visible and reviweable. So running npm update/upgrade includes the code that changed in the dependencies in the commit. reply MortyWaves 8 hours agorootparentSurely there has to be better ways of “vendoring” (including hosting your own package repository that doesn’t automatically pull new versions) than adding thousands or maybe tens of thousands of files to the git repo? reply compootr 8 hours agorootparentif it's dumb and it works it isn't dumb! another rather simple solution is a git mirror of each package, then point npm to a git url reply xdennis 6 hours agorootparentprevIf my podcast memory serves, that's how Isaac (the NPM guy) said it was intended. You would `npm install` and then `git commit`. That's why npm didn't have a lock file back then. Git was the lock file. reply VPenkov 7 hours agorootparentprevThis is an option but that makes it easier to conceal malicious code within node_modules as an internal threat actor or make super sure there's a culture of actually reviewing those changes. In cases like that it helps to do npm install on the CI and make sure you end up with identical code. Decent trade-off. reply nomilk 15 hours agoprev> All of these packages have just two files: package.json and index.js (or main.js). This is one of several flags that you can use to determine if a package is legit or not. Wouldn't a lot of small packages consist of just these two files, meaning seeing just these two files in a package may raise an eyebrow but hardly be a smoking gun? reply 6mile 10 hours agoparentIt's not a smoking gun. It is just one of a number of signals you look for when identifying potentially malicious packages. Other things you look for are number of collaborators, how long it existed, domains it talks to, and artifacts it pulls in. reply jdthedisciple 27 minutes agoprevSeriously: How do we know there aren't dozens or hundreds of comprimsed npm packages installed on every other server out there at this point? Think xz-utils but even much less sophisticated exploits. I don't see any systematic protection against this? reply supriyo-biswas 14 hours agoprevIs there a link for the \"githax\" tool shown in the blog post, which seems to be quite useful? There's [1] but it's just a banner image. [1] https://www.githax.com/ reply edm0nd 13 hours agoparentThe dev is https://github.com/6mile (same as author of the article) seems to be either a tool that isnt out yet or perhaps not available for free or the public. reply 6mile 11 hours agorootparentGitHax is a labour of love right now and is in heavy development. I'm going to create a small beta testing group soon. Hit me up if you want to be in that group. Contact deets are in my GH profile. reply bugtodiffer 10 hours agoprevWe have read this exact story before, please learn not to leak too much sensitive data with your PoCs reply stuaxo 10 hours agoprev\"It's a good idea not to use npm packages blindly\" Yes, but also impractical. reply lopkeny12ko 16 hours agoprevWhy, after all these years, are we still doing this stupid thing of using a global namespace for packages? If you are a company with an internal package registry just publish all your packages as @companyname/mylib and then no one can squat the name on a public registry. I thought we collectively learned this 4 years ago when dependency confusion attacks were first disclosed. reply 0xbadcafebee 14 hours agoparentThe usual reasons: laziness, ignorance, poor design. Most package managers suck at letting you add 3rd party repos. Most package managers don't have namespaces of any kind. The ones that do have terrible design. Most of them lack a verification system or curation. Most of them have terrible search. None of them seem to have been exposed to hierarchical naming or package inheritance. And a very small number of people understand security in general, many fewer are educated about all the attack classes. But all of that is why they get popular. Lazy, crappy, easy things are more popular than intentional, complex, harder things. Shitty popular tech wins. reply SebFender 5 hours agoprevBehind hundreds of builds Snyk has been a challenging integration that ultimately creates very low value. I recommend using a decent team that goes in for flow weaknesses as these are most responsible for significant findings... reply jijji 14 hours agoprevnpm is rife with this activity, its like wordpress plugins reply mrweasel 11 hours agoparentAs much as I don't like NPM, these issues aren't limited to NPM. It's just that NPM is getting so much attention that we're more likely to find and hear about these issues when when they target NPM. I'm fairly concerned about the state of Python packages. It's not every week, but I frequently stumble upon packages that are not what they appear to be. Sometimes not maliciously, sometimes the author just got overly ambitious and failed to deliver, other times, someone is clearly typo-squatting or attempting to get you to install the wrong thing. reply skirge 9 hours agoprev\"no one can hack us\" and then \"you can't hack us, how dare you\" game, 25 years and more reply cheema33 9 hours agoparent> \"no one can hack us\" Did Cursor made claims to this effect and invited public to hack them? Or are you equating someone saying they \"take security seriously\" to \"it's an open season, please attack our systems.\"? reply skirge 6 hours agorootparentyes it is, like independent product reviews or crash tests of cars. Anyway Kim Jong Un doesn't care. reply justmarc 9 hours agoprevnext [2 more] [flagged] cheema33 9 hours agoparent> Yawn. Wrong forum perhaps? Or wrong story? But you clicked the story. Read it. And then even bothered to comment on it. You are putting a lot of effort into something that does not interest you. reply PoppinFreshDo 14 hours agoprevI'm sure it's all part of some tiktok prank video. reply bbqfog 18 hours agoprevJust a reminder that Snyk was founded by ex-IDF Unit 8200 soldiers. I would not trust them given what we've seen Israel do to supply chains. https://en.wikipedia.org/wiki/Snyk reply kstrauser 17 hours agoparentI don't have a dog in this hunt. I've never worked with Snyk, I've never been a customer, and I don't think I even know anyone who works there. That said, they've built their whole company around being trustworthy and doubt they'd knowingly do anything to risk their entire business. Also, I can hardly imagine someone better positioned to protect against supply chain attacks. Your criticism sounds to me like \"just a reminder that this armed bodyguard service comprises Navy SEALs and Army Rangers\". Uh, great! reply xyzzy123 14 hours agorootparentI'd give good odds it was a mistake by a staff member (or small group) who overstepped and was not part of any formal work. Most companies where I've worked as a security researcher, you get some time as part of your job to hack on random stuff to be able to generate interesting talks / research. This feels like that. This isn't a special cyber spooky practice, most pentesting companies do this to generate IP (rarely, lol), buzz (reasonably often) and keep the staff happy (this is really the main thing). It's rare for management to be fully across the scope of this. reply CuriouslyC 17 hours agorootparentprevMaybe if you change that to \"armed bodyguard services employ ex KGB assassins\" reply nullityrofl 16 hours agorootparentI think you've missed the point: it's Americentric to assume that Navy SEALs and Army Rangers are inherently pure, good and have done nothing evil on behalf of the American government when we largely know that to be untrue. reply kstrauser 15 hours agorootparentThat wasn't my point at all. The point was that often the best people to protect a resource are the ones who know how to attack it. reply manquer 11 hours agorootparentprevI would say it is on similar to criticism of TikTok or Huwaei and China. It has less to do with whether it malicious intent from the start of building an organization for explicit intent of capturing core infra. It has more to do with how the Government of Israel operates and the legal requests they can make of their citizens and/or veterans. Perhaps concern over Israeli products should be probably higher than for China as Israel more well known incidents of exploits as a State actor like with Stuxnet, Pegasus or more recently with pagers etc. China no doubt has their own share of operations but they either have not used them as publicly in a large scale overt operation or been more discreet about it. Point is the concern is valid just as it would be valid for China. reply kstrauser 3 hours agorootparentYou mean like how we found out that China attacked and pwn3d the entire US phone system? That’s not a shining example of discretion. reply bbqfog 14 hours agorootparentprevI have no downside to seeking alternatives. The pager incident ensured that I will always look for non-Israeli tech. reply kstrauser 14 hours agorootparentAnd what does that have to do with Snyk, other than that some of their employees use to work for IDF? I'm a US Navy veteran. Would you also stay away from my employers because they have veterans on staff? Seriously, I get what you're trying to say, but I don't understand the broader point you're trying to make. So Snyk has some ex-IDF employees. Find a high-profile infosec firm that doesn't. They military service they were compelled to has a reputation at being really, really good at infosec. I see no reason why companies shouldn't want to hire them afterward. reply defrost 13 hours agorootparentWithout wanting to take a position here, the GP comment had a specific narrow point. The claim was that Snyk was founded by Unit 8200 members. Not that it had a few Israeli veterens, almost all Israeli's serve in the IDF after all. https://en.wikipedia.org/wiki/Unit_8200 To be fair I have a former Unit 8200 member in my larger extended family who left and has since been vocal in opposition to Netanyahu so membership in an elite Cyber Unit alone doesn't define a person. That aside, most Governments would keep an eye on a company started by, say, former NSA employees and watch for covert activity under any overt actions. reply dekelpilli 6 hours agorootparentIt would correlate strongly that 8200 alumni end up being educated and working in tech, and likely living in Tel Aviv. This is a group of people who, by and large, are not big fans of the current government. reply dekelpilli 13 hours agorootparentprevBased on the pager incident, I'd think you should avoid companies that don't have a publicly-known link to Israel. It's not like Hezbollah thought they were buying pagers from 8200 alumni. reply PoppinFreshDo 14 hours agorootparentprevWhat pager incident? reply mhitza 14 hours agorootparenthttps://en.m.wikipedia.org/wiki/2024_Lebanon_electronic_devi... reply PoppinFreshDo 10 hours agorootparentWell, if the mossad put \"made in israel\" on those devices I doubt they would have worked. reply defrost 14 hours agorootparentprevThe recent one in which Israeli techs compromised pager supply chains. It was very widely reported across the globe. reply myth_drannon 16 hours agorootparentprevnext [27 more] [flagged] PessimalDecimal 16 hours agorootparentThis is a tiresome motte-and-bailey argument. You are trying to conflate the OP comment with something it's not (base antisemitism). Just like companies founded by say former operatives of the CIA, NSA, MI6, etc. would (and maybe should?) be viewed with skepticism, so too are companies founded by former members of Unit 8200. Mentioning that Israel's military (like many others) has engaged in some less than ethical behavior is not equivalent to antisemitism. Trying to pretend otherwise is ridiculous. reply lolinder 16 hours agorootparentIsrael has mandatory military service. If anyone who has ever served in the IDF is tarnished and has that part of their life periodically dragged out as evidence that they may be untrustworthy, you're saying that the entire Jewish population of the state of Israel needs to have a giant asterisk attached to them reminding everyone that they were in the IDF. That may not be strictly antisemitic—maybe you're totally fine with Jews as long as they were raised anywhere else—but it's still not a healthy way to treat people. reply joseppudev 15 hours agorootparentI don't understand the purpose of creating ambiguity by confusing mandatory military service and intelligence corp that operates under secrecy. Original post getting flagged is not a great sight either. reply lolinder 15 hours agorootparentIDF Unit 8200 consists of thousands of conscripts serving their mandatory military service. If I were in Israel subject to conscription, I would absolutely have attempted to position myself into that unit for my mandatory service, as would most here. Beats the infantry. What exactly am I confusing by pointing that out? Were you under the impression that this unit was something like the NSA, staffed with people who chose to spy on people as a career? Because it's not. It's staffed by kids who are very good with computers and who—when given a choice between covert intelligence and a branch that actively shoots guns at people—chose the intelligence arm. Which would you have chosen? reply PessimalDecimal 15 hours agorootparenthttps://www.timesofisrael.com/hezbollah-pager-explosions-put... Just months ago, some of those \"kids who are very good with computers\" caused compromised pagers to explode, with no knowledge of who would be near them. Civilians, including children, died as a result. It is right to think people who are \"good with computers\" in this way might not have the best intentions in their other applications of computers. reply lolinder 15 hours agorootparentThe other alternative that those kids were given was to shoot guns or missiles. Are you really comfortable blaming them for the rest of their lives for choosing the option that likely gave them the smallest chance of killing people? Any Israeli citizen in that age bracket today is going to be running a real risk of killing people. They don't have a choice (dodging the draft doesn't count as a choice). If you're going to hold that over for them for the rest of their lives I don't know how that's distinct from racism (or countryism if you prefer). reply PessimalDecimal 15 hours agorootparent> Are you really comfortable blaming them for the rest of their lives for choosing the option that likely gave them the smallest chance of killing people? Yes. The \"just following orders\" excuse has been tried in the past. People didn't buy it then and we won't buy it now. https://www.nbcnews.com/news/world/israel-soldiers-arrest-ab... If the IDF wants to name the specific individuals from Unit 8200 who were involved in maiming or killing civilians including children by blowing up electronics in their faces, that might change things. Then it'd be a lot easier for people to avoid having concerns about that entire unit. Not naming them seems a lot like tacit support by the IDF for the actions of those in Unit 8200 who killed those children. Otherwise, people very well may have concerns about that entire unit. That's not \"racism.\" reply lolinder 14 hours agorootparent(I deleted a comment that didn't seem relevant any more now that you added a bunch.) So it's okay to blame vets of Unit 8200 for its actions 10 years after they founded Snyk (I have no idea how long after they left the unit) on the grounds that the intelligence arm of the IDF doesn't name names? So just in case and in the face of all the facts of the timelines, we should make sure to drag out these people's former mandatory service and remind everyone they served alongside bad guys 10+ years ago? I'm not okay with blaming soldiers for following orders. When it's that or getting shot by your own side, there isn't a real choice. But I can't even begin to understand the mindset that would blame soldiers for the orders that other, unrelated soldiers followed more than 10 years later. That's some next-level hatred. reply mardifoufs 10 hours agorootparentYes, because it's an institutional problem. I'm sure you have no issues using products developed by say, ex FSB agents just because it's been 10 years? reply lolinder 5 hours agorootparentThe FSB is no comparison because it's more equivalent to the NSA—it was a career path, not a place to serve out mandatory military service. FSB agents worked there for decades and chose that instead of any number of other things they could have done. Unit 8200 conscripts worked there for at most 2 years 8 months and chose it instead of a different, more gun-blazing branch of the military. Mandatory military service completely changes the profile of the vets in a way that makes all these comparisons totally irrational. They're founded in fear and hatred for Israelis, not any reasonable similarity. reply mardifoufs 4 hours agorootparentFear of Israelis, sure. But hatred? Come on. Israel has done a lot in the past year, and is being accused of genocide. The fact that is used a conscript army makes it worse, not better. Also, okay then let's switch it up to the Russian army. Would you use a product with known ties to some electronic warfare russian army unit. Or rather, would you consider any doubts or hesitations over using said product to be \"russophobic\"? reply lolinder 57 minutes agorootparent> The fact that is used a conscript army makes it worse, not better. I'm not defending the state, I'm defending the individuals who were conscripted. The entire point of this subthread is that it's heinous to confuse the two. > Would you use a product with known ties to some electronic warfare russian army unit. Or rather, would you consider any doubts or hesitations over using said product to be \"russophobic\"? If I suddenly learned that some founding members of the JetBrains team had previously been conscripted into the Russian army and had served in a cyberwarfare unit, that would change absolutely nothing for me. And yes, I do consider the backlash against JetBrains in the aftermath of the invasion of Ukraine to have been highly rusophobic. reply danenania 14 hours agorootparentprevWhy doesn’t refusing the draft count as a choice? reply lolinder 14 hours agorootparentBecause it means a serious risk of the end of your life as you know it. I'm not willing to hold someone else to a standard that I know that I couldn't live up to. If you truly believe that you'd risk your government's wrath instead of just picking the least dangerous and least likely to kill people branch of your military, then feel free to throw stones. For myself, my plan if the draft were reinstated in the US while I was still of that age was to find out how to join a cyberwarfare division, which would have led me straight to Unit 8200 if I were Israeli. reply KennyBlanken 15 hours agorootparentprevThose \"kids who are very good with computers\" designed a black-box AI that has been designating people terrorists which the military then uses to bomb not just them but their entire family. https://www.npr.org/2023/12/14/1218643254/israel-is-using-an... reply lolinder 15 hours agorootparentAnd their peers in the other branches are killing civilians in other ways. Your point? The only way to hold this against the individuals rationally, especially for those on this forum who would absolutely have chosen Unit 8200 as the least bad option given conscription, is to blame every citizen of the state of Israel and hold them all in distrust for having ever been in any branch of the IDF. I'm personally not okay with that level of sweeping blame and distrust. Are you? reply KennyBlanken 15 hours agorootparent> is to blame every citizen of the state of Israel nobody has said or even implied this > hold them all in distrust for having ever been in any branch of the IDF nobody has said or even implied this > that level of sweeping blame and distrust There has not been any such thing in this discussion. We're done here. reply lolinder 15 hours agorootparentYes, it was done by OP, the comment that was rightly flagged and then later resurrected: > Just a reminder that Snyk was founded by ex-IDF Unit 8200 soldiers. I would not trust them given what we've seen Israel do to supply chains. Given that Unit 8200 is staffed by conscripts, how is this anything other than attempting to ensure that any person who ever came of age in Israel has that held against them for the rest of their careers? Members of Unit 8200 weren't given a choice between that and the private sector—they were given a choice between that and shooting a gun, which for a technically inclined new-adult isn't much of a choice at all. And am I seriously supposed to believe that OP would argue that choosing to be a grunt who shoots a gun at people would be the morally purer choice that would make someone more trustworthy? reply joseppudev 15 hours agorootparentprevSize seems to be classified. Their officers seem to be classified as well. I understand how getting into the unit might be very normal. But doubt here is the healthy thing. Especially as a goyim. reply RHSeeger 16 hours agorootparentprevThey just recently snuck bombs into a supply chain and then remotely detonated them in positions where the caused civilian injuries. I would assume the comment has nothing to do with religion/race, and everything to do with the actions taken. Even for someone that is a supporter of that government, it's hard to deny they've taken some actions that are unsupportable. reply lolinder 16 hours agorootparentWho is \"they\"? Are we talking about Snyk? IDF Unit 8200? The IDF as a whole? The state of Israel? Jews in general? The reason why OP's comment feels like a racist dog whistle is because it's an enormous and dangerous generalization that seems to encompass an entire country. Israel has mandatory military service—if everyone who's ever served in the IDF is untrustworthy because they served in the IDF then you're by definition excluding nearly every Israeli citizen from trust. I guess that's not strictly antisemitism—maybe you're happy to trust Jews that don't live in Israel—but it's definitely an unsavory position to take. reply KennyBlanken 15 hours agorootparentGodwin's got an itch he can't scratch and doesn't know why.... \"Encompassing the entire country\" would be anti-zionist, not antisemitic. There is a huge difference, and that does not change because the majority of people in that country are a particular religion, just like it's not \"Anti-Protestant\" if someone attacks Great Britain policies, or \"Anti-Hindu\" if someone criticizes India. There is a difference, to the extent that there are plenty of jews who are anti-zionist. Would you like to accuse them of being antisemitic because \"nearly every Israeli citizen is Jewish\"? Also, it's your construct that criticizing the policies and actions of a country's military and government is \"anti\" that county... reply lolinder 15 hours agorootparent> Also, it's your construct that criticizing the policies and actions of a country's military and government is \"anti\" that county... No, it's not—we're in a subthread where the OP said \"Just a reminder that Snyk was founded by ex-IDF Unit 8200 soldiers. I would not trust them given what we've seen Israel do to supply chains.\" They took the country's current policy and made it personal against specific IDF vets. That's what I'm standing against. For the rest, I specifically said that it may not be antisemitic given that it's country-specific, so I'm not sure what you were getting at. I'm still not okay with blanket blaming an entire country's citizenry for its government actions. I wasn't okay with that when it came to Russia and Ukraine, I don't know why I should treat this differently now. reply Der_Einzige 15 hours agorootparentprevIt's not just the IDF, you have a CHOICE to join the spymaster side of it, vs being a regular grunt. That unit is part of Aman, the military version of Mossad. reply lolinder 15 hours agorootparentAnd why would choosing to be a grunt be more morally pure? I'm a techie, if I were forced into conscription I would absolutely choose an option that let me use computers over one that forced me to shoot a gun. There's no way on Earth I can hold it against a bunch of kids who were forced to make that choice that they chose the intelligence arm. And frankly, I have a hard time seeing how someone on this forum could hold that against them in good faith. Nearly everyone here would make the same call given that choice. If you think you wouldn't have, you're probably deluding yourself. reply myth_drannon 16 hours agorootparentprevHow the hell that is connected to a private software company? Nvidia, Google, Microsoft, Intel is full of ex-8200. reply weatherlite 9 hours agoparentprevSo every Israeli is now a Mossad agent and every customer is an enemy of Israel like Hezbollah? You won't buy from Snyk because you want to boycott Israel, just own up to it it's a popular position to take. reply bbqfog 4 hours agorootparentI’d put Unit 8200 and Mossad in the same basket. I think I made it clear I’m boycotting Israeli products, I’m not hiding that. reply Cthulhu_ 8 hours agoparentprevAs the pager / radio terrorist attack showed, it's the Mossad involvement you don't know about that you should be worried about. Same with the CIA, they were behind \"secure\" radio communication in Europe for decades (https://en.wikipedia.org/wiki/Crypto_AG) and nobody had any idea. reply krembo 10 hours agoparentprevThat's absurd. If that's your claim, do you know how many of your daily tools and hardware you should also drop? reply bbqfog 4 hours agorootparentI’m dropping as many as I can as is my prerogative as a consumer. reply lolinder 14 hours agoparentprevJust a reminder that Unit 8200 is staffed mostly by conscripts who are serving out their mandatory military service and chose to accept an invitation to serve in the cyberwarfare arm of the IDF instead of choosing to shoot guns. In other words, it's staffed by Israeli kids who made the choice most of us would have made under the circumstances. It seems a bit unfair to hold that against them more than 10 years later, no? reply lmm 11 hours agorootparent> In other words, it's staffed by Israeli kids who made the choice most of us would have made under the circumstances. It seems a bit unfair to hold that against them more than 10 years later, no? You could say the same about the guy in a call center in India trying to pull a tech support scam on you over the phone. Yes, he's probably making the best choice he can for his own livelihood, probably the same thing you would do in his position. No, that doesn't mean you should trust him. Just as you have to treat all Chinese companies as under control of the PRC government and all Australian companies as compromised by their security services, you have to treat all Israeli citizens as under the control of the Israeli military. Any adult can be conscripted and they have a history of disguising military operations as civilian ones. Someone might tell you they left the Israeli military 10 years ago and they're probably telling the truth, but if you make a habit of believing that statement you're going to get burned. reply lolinder 5 hours agorootparent> You could say the same about the guy in a call center in India trying to pull a tech support scam on you over the phone. Yes, he's probably making the best choice he can for his own livelihood, probably the same thing you would do in his position. No, that doesn't mean you should trust him. No, you can't, because the scammer in the call center is choosing that over thousands of other options. Are they choosing to maximize their pay? Maybe. But for every scammer there are thousands of Indians who show a different option. Choosing to dodge or resist the draft is totally different—very few people do it, and those who do get prison terms. If you sincerely believe that you'd have chosen to go to prison rather than be drafted, more power to you, but I and most others would aim to minimize the likelihood of ourselves dying and minimize the number of people I'd have to kill. For me that would have meant signing up for cyberwarfare, which in Israel would have meant Unit 8200. The rest of your comment is totally irrational fear-based speculation. Anti-Israel sentiment may not be antisemitic, but it sure shares the same tendency towards irrational fear and aggression. reply lmm 4 hours agorootparent> the scammer in the call center is choosing that over thousands of other options. No, they're the people who don't have other options (because they lack the skills and/or qualifications and/or are discriminated against). It's not malice, it's just desperation to get money to live on (or, often, to provide for people who depend on them). But of course the end result is the same. > The rest of your comment is totally irrational fear-based speculation. Entirely rational given the historical pattern of behaviour shown by the Israeli military, and the fact that they have no reason to change (quite the opposite). reply weatherlite 5 hours agorootparentprev> Just as you have to treat all Chinese companies as under control of the PRC government and all Australian companies as compromised by their security services, you have to treat all Israeli citizens as under the control of the Israeli military Got it , and are now all American companies suspect because they are managed behind the scenes by Musk and Trump? reply lmm 4 hours agorootparentAll American companies are suspect given the National Security Letter system yes. (Also South Korea and Kazakhstan, and obviously also any country where the \"rule of law\" is low enough that governments can do as they wish without formal legal powers) reply bbqfog 4 hours agorootparentprevI feel the same way about companies with CIA founders. reply bbqfog 4 hours agorootparentprevI would under no circumstance join the IDF or even live in Israel. They’re not “kids”, they are military personnel. reply arccy 4 hours agorootparentkey word: \"conscript\" if you're born there, you have little choice in the matter. reply bbqfog 4 hours agorootparentI've never met an Israeli who wasn't a dual citizen. It's a choice to stay in Israel and fight in the IDF. In fact, the Snyk founder lives in London now: https://uk.linkedin.com/in/guypo reply lolinder 1 hour agorootparent> I've never met an Israeli who wasn't a dual citizen. Given that unless you are in Israel you're most likely to be meeting Israeli expats or at the very least people who travel, that's hardly surprising and not great evidence for anything. > In fact, the Snyk founder lives in London now So you're acknowledging that you're going to hold their country of origin against them even after they've moved. Got it. reply bbqfog 48 minutes agorootparentI don’t understand your complaint. People are free to vocally denounce Zionism. These founders have not done that. Quite the opposite, Snyk has offices in Israel and has been vocal about their ties to the IDF. It’s absolutely within my agency to not use their products. Again, there’s zero downside to do that. reply lolinder 24 minutes agorootparentCorrect, you're welcome to do that, and I'm welcome to denounce you for advocating boycotting a product because of the country of origin of its founders. People can't help where they're born, and you're wrong to hold that against them. You're welcome to work through that cognitive dissonance however you like, but in the meantime I will continue to advocate for treating individuals as individuals. reply bbqfog 20 minutes agorootparentNo one is entitled to my business. I have no cognitive dissonance, my business interests are aligned with my moral interests in this case. I don’t use Israeli tech whenever possible. You “denouncing” people who make a rational calculation isn’t really helping to market the firms you are supporting. reply lolinder 0 minutes agorootparentI'm not supporting firms, I'm supporting the right of individuals to be seen as individuals. That said, this obviously isn't going anywhere, so have a nice day. yard2010 13 hours agoparentprevDon't hate the player hate the game ;) reply sneak 13 hours agoprevSide note: Snyk (founded 2015, computer and network security) has nothing to do with @sneak (hacking since 1998, computer and network security). I was dismayed to learn about their choice of brand, and think it might cause confusion. :( reply vips7L 12 hours agoparentI don’t even read those the same. To me snyk is read as snick and not sneak. reply xyst 16 hours agoprevYou either die as a white hat or live long enough to see yourself become a black hat. reply nathabonfim59 16 hours agoprevThings like this could _synk_ their reputation... reply guappa 10 hours agoparentThey're terrible already. If you invest enough in marketing nothing matters. reply dalton_zk 15 hours agoprev [–] Literally a test in production. The dev commit their work go to home thinking \"not will happen\" reply Sophira 13 hours agoparent [–] If it was really a test, then why would it be sending environment variables via HTTP POST? There are many better ways to do this if you're legitimately deploying code remotely. reply GuidelinesFAQListsAPISecurityLegalApply to YCContact Search:", + "originSummary": [ + "A Snyk security researcher released malicious NPM packages targeting Cursor.com, an AI coding company, to collect system data and send it to an attacker-controlled service.", + "The packages, identified as \"cursor-retrieval,\" \"cursor-always-local,\" and \"cursor-shadow-workspace,\" were flagged by the OpenSSF package analysis scanner, resulting in advisories MAL-2025-27, MAL-2025-28, and MAL-2025-29.", + "This incident highlights the importance of scrutinizing NPM packages before installation to avoid potential security threats." + ], + "commentSummary": [ + "A Snyk security researcher released malicious NPM (Node Package Manager) packages aimed at cursor.com, highlighting dependency confusion vulnerabilities. - The incident has sparked a debate on the ethics of security research, particularly regarding the public exposure of environment variables. - Cursor.com clarified they did not authorize the action, and Snyk has since apologized, underscoring the challenges in balancing offensive security research with ethical standards." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "I Switched to Firefox and Never Looked Back", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "Why I Switched to Firefox and Never Looked Back By Faisal Rasool Published 2 days ago Follow Like Thread 20 Link copied to clipboard Firefox RELATED Chrome Is Top Dog, but Firefox Is Still My Favorite Browser Spectrum Just Raised Its Prices Again Why You Shouldn't Sign In With Google or Facebook Sign In To Your How-To Geek Account Lucas Gouveia/How-To Geek QUICK LINKS Everything That Chrome Can Do and More Superior Tab Management Built-in Pocket So You Never Lose a Link Keep Your Real Email Safe Built-in Screenshot Tool Handy ChatGPT Button in the Right-Click Menu Other Thoughtful Touches My work PC is an old potato, and Chrome makes its fans cry whenever I open a lot of tabs. I always thought it was just my aging computer’s fault, until I switched to Firefox and found out it was Chrome all along. Everything That Chrome Can Do and More For as long as I can remember, Chrome has been my go-to. All my passwords, bookmarks, and extensions are always available wherever I log into my Google account. I only use the browser on my PC, which is why I’ve never felt the need to upgrade it. At least until recently, when it started to struggle when I installed a couple of new Chrome extensions. I figured it’s finally time to add more RAM to this machine or say farewell to it entirely. For the time being, I switched to Firefox. I made a new account for it and linked it to the sync chain on the PC and my phone. To my surprise, my old timer PC runs it just fine, even with a ton of tabs open. No more angry fan noises. Lucas Gouveia / How-To Geek And even more surprisingly, Firefox does everything Chrome does. The sync works perfectly across devices. You get a huge selection of browser add-ons, and you can customize a lot of the interface. It even has many neat features that Chrome doesn’t. The one feature it doesn’t have is the ability to turn regular web pages into web apps that you can launch from the desktop or taskbar. That’s something I wish the devs would add, but except for this nitpick, I don’t think I’ll be switching back to Chrome. Let me try to convince you why you should try Firefox too. Superior Tab Management Other than the search tabs feature, managing tabs in Chrome hasn’t changed in almost two decades (I’m not counting “Tab Groups” because they’re messy and confusing). A lot of people keep countless tabs open and all Chrome gives you is a cramped-up bar filled with tiny buttons that hide the text. Good luck finding a tab without hovering over each one. Firefox has similar tab bars and buttons, but it has something Chrome doesn’t: Firefox View. Firefox View is a window where you can see all your open tabs in one place. It’s conveniently stashed in a corner and opens with a single click. You can sort the open tabs by recent activity or just by tab order. You can also search for open tabs. You can cycle through recently closed tabs, the entire search history, and even the tabs you’ve got open on other devices—all easily accessible, searchable, and sortable. There’s also a recent browsing tab where all the open tabs, recent tabs, and tabs from other devices are pooled together. If you’re someone who keeps a lot of tabs open and wastes too much time rummaging through them, trust me, you’ll love Firefox View. Built-in Pocket So You Never Lose a Link You know when you don’t want to lose a link, but it’s also not important enough to bookmark? Firefox has a button for that. It’s called Pocket and it keeps all your links safe in a tidy little collection. Even more importantly, it does so with a single click. Just click the tiny Pocket icon next to the address bar once, and it’ll be added to your saved collection. The collection syncs directly with your Firefox profile, so you can access it anywhere. To view your saves, you can open the Pocket app and find all your saved URLs in a beautiful layout. You can organize, tag, and archive the collections too. Keep Your Real Email Safe Firefox Relay is an in-built privacy feature for protecting your real email addresses. When you’re signing up for a website, instead of giving out your real email address, you can share any of the five randomly generated Relay emails that Firefox provides. Any emails sent to these aliases will be forwarded to your real email address. That way, the real email addresses stay hidden, but you still get your mail sent to them. There is also a handy Firefox Relay extension that autofills these burners when you’re filling out forms with email addresses. Built-in Screenshot Tool Firefox makes it super convenient to take screenshots. You don’t need to install any clunky browser extensions. Just right click anywhere, and click “Take Screenshot.” You can choose a full-page view or select an area to capture. It also detects web page elements, so you can capture perfect rectangular or square screenshots. I know Chrome has a screenshot tool hidden in the developer options, but it’s not user-friendly at all. Handy ChatGPT Button in the Right-Click Menu If you use ChatGPT or other AI bots like it often, you’ll appreciate how Firefox handles them. In Firefox, you can quickly send ChatGPT a prompt with a single click. Just right-click anywhere on any webpage (or select a chunk of text) and ask ChatGPT to “Summarize,” “Explain this,” or “Quiz me.” It’ll open an AI Chatbot panel on the side where you can ask follow-ups or tweak the original prompt. If you don't find it on your Firefox, open Settings and look for the \"AI Chatbot\" feature in your Firebox Labs settings. Other Thoughtful Touches I also found some neat little features that Chrome doesn't have natively. Picture-In-Picture for Any Video On Firefox, you can pop out any video into its own little window. That way, you can watch multiple videos side by side, or work on other tabs or apps while the video plays in the corner. You can use this Picture in Picture feature by clicking the tiny pop-out icon that shows up when you play a video. Very handy. Firefox Omnibar Is Far More Useful Than Chrome’s You can only search with the default engine on Chrome’s address bar. Firefox lets you pick how you want to run a search each time. Simply click the small search engine icons to quickly search with Wikipedia, Bing, or DuckDuckGo. Network Settings to Configure Browser Proxies Most people will probably not need this feature, but it’s nice to have. If your ISP is blocking a website for some reason, you can configure a proxy in the network settings to bypass those restrictions. Smooth Scroll Firefox has a buttery smooth scrolling animation that I enjoy. This one’s an aesthetic preference, so you might prefer Chrome’s version. Mutes Auto-Playing Videos Some websites autoplay videos, full volume, which I’m sure everybody hates. Firefox automatically mutes playback for videos like that. Using Firefox for just a week convinced me to change the default browser on my phone and PC, and I don’t intend to change back any time soon. Why don't you give it a try? Web Firefox Web Browsers Follow Like Share Readers like you help support How-To Geek. When you make a purchase using links on our site, we may earn an affiliate commission. Read More. THREAD 20 Sign In To Your How-To Geek Account We want to hear from you! Share your opinions in the thread below and remember to keep it respectful. Reply / Post Images Sort by: Popular Oldest Newest MEGA_ME Plus when you use Firefox you are taking away from the Google monopoly. Firefox isn't a chromium browser. I use Firefox and it is amazing! 2025-01-12 21:49:06 5 Eric I also switched to Firefox from Chrome. You pointed out some handy features I had not found yet. Thank you 2025-01-12 22:04:08 3 Johnny I've been using FF for >19 years, I had no idea there was the AI Chatbot thing until I read this ! (It seems it is turned OFF by default). I didn't know about the safe email relay either ! Let's not forget that Chrome has nerfed ad blocking by using Manifest v3, whereas Firefox fully supports v2 and has full ad blocking capabilities. 2025-01-13 02:08:27 3 David Firefox supports progressive web apps with an extension. I use it all the time. 2025-01-13 03:20:45 2 2 HTGMember Which one? 2025-01-13 04:15:27 2 ericnsmith Me too. I'm using Progressive Web Apps for Firefox. 2025-01-14 12:48:19 Rob The best feature of Firefox is when Chrome implements new manifest UBlock Origin will keep working in Firefox. I predict a ridiculous number of new Firefox users that day... 2025-01-13 08:37:07 1 Kefah I couldn't agree more. I have very similar experience. Firefox is by far my favorite and default goto option. 2025-01-13 01:21:48 1 Mike I switch between Vivaldi and Firefox. I prefer the layout of Vivaldi, but I've been using Firefox for many years. And Netscape Navigator before that. 2025-01-12 22:59:24 1 Ashish I don't know if anyone's gonna like it. But my laptop is also old. Edge seems to be working fine for me than Chrome. It also has some additional features. Will also think about Firefox now 2025-01-13 10:29:53 Pat Some site doesn't work, some plugin doesn't work. I have to go back with a chromium browser. I wish switching is that easy 2025-01-13 23:28:20 Charles Mozilla dex. Support is abysmal. Unusable. I need a more robust mobile browder 2025-01-13 17:52:11 Palanivelu Firefox is ok, but I prefer Opera because of its \"Workspaces\" & sidebar customizable sidebar features And I use Brave browser which has powerful built-in ad blocker. 2025-01-13 01:57:02 Ed Been using FF for over fifteen years now , don't think I would ever use any other browser 2025-01-14 05:05:08 TheDragon What about chrome built in password autofill...will that be available if switching to FF?...if not... Suggestions? 2025-01-13 10:33:42 Zen I've been using Duck Duck Go and I Love it. It's what the Tor browser uses, that says alot. If you value your privacy then get it and be free and safe. ;-) 2025-01-13 14:18:17 Ben I really like using an extension called simple tab groups. Since I'm a college student I have one for personal and then one group for each class when you change groups you only see the tabs in that specific group. It even integrates with firefox's containers feature. The containers feature acts similarly to having multiple users registered in Chrome each container can have different account logins saved for the same websites. So I can tell any tab that I use for school to only open tabs in the school container so the same link on my homepage that brings me to Gmail can open My personal email in my personal tab group, then if I'm in one of my classes tab groups it will open my school email. I also use another extension called containerize to force certain websites mostly banking websites to open in their own separate container so that they are a bit more separated from the rest of my browsing 2025-01-13 09:38:24 Cathy I gave used Firefox forever (I worked at a university and they prefered Firefox even bacķ then). I tried Chrome for about 2 days and went back to Forefox. I appreciate this article because there are some features in Firefox that even I was unaware of! 2025-01-13 09:44:10 PanYan I tried switchng from a Vivaldi and unfortunately Firefox is noticably slower and a lot more unstable. Some webpages which worked totally fine in Vivaldi, caused my Firefox to freeze and not respond. So no, thank you... At least Thunderbird is more reliable. 2025-01-13 08:42:52 Raymond Yes I agree, Firefox is just very good, I have just changed my old laptop to run Linux Mint and started to use Firefox all the time, I do perfere it to chrome ... 2025-01-13 03:23:17 Terms Privacy Feedback RECOMMENDED Microsoft Office vs. Google Docs, Sheets, Slides: Which Is Best? Microsoft Office Which office suite is for you? 15 Aug 27, 2024 I Won't Use a VPN Without These 6 Features VPNs These are the VPN features I consider non-negotiable. 12 Aug 28, 2024 I Paid for Google's Drive Storage. Here's Why I Don't Regret It Google Drive The convenience is worth 2 dollars a month. 12 Jun 29, 2024 Don’t Share That Google Photos Memory Yet—Make These 4 Edits First Google Photos Supercharge your memories 4 days ago What Happens to Old Websites? Internet Does a website ever \"die,\" and if it does, where does it go? 4 2 days ago Amazon is Killing Its Try-Before-You-Buy Program Web Good luck trying to fit your shoes with AI. 23 hours ago DESKTOP MOBILE How I Use the Microsoft To Do App to Maximize My Productivity 3 hours ago GPD's New Gaming Handheld is Not Just Another Steam Deck 4 hours ago MSI’s New Gaming PC Has a Touchscreen Case, and I’m Slightly Obsessed 22 hours ago See More TRENDING NOW Why the Witcher 4 Trailer Being \"Pre-rendered\" on an RTX 5090 Means Nothing What Is Widevine and Why Does It Matter for Mobile Streaming? Over a Decade of iPads: How Apple's Tablet Became My Most-Used Computer", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "I Switched to Firefox and Never Looked Back (howtogeek.com)480 points by Vinnl 7 hours agohidepastfavorite391 comments ustad 5 hours agoCurrently the main attack facing Firefox is coming from advertising companies such as YouTube. It’s crazy to think that some software engineers might actually intentionally degrade user experience on non-Google browsers or for people using adblockers. The mentality here is pretty disturbing: it’s almost like punishing users for making the choice to browse the web without ads, or without the surveillance mechanisms that come with them. Instead of building a better experience, these engineers seem to be focused on sabotaging alternatives in the name of profit or control. The kind of mindset behind this reeks of the same tactics we see in some ad networks or big tech companies - if we can’t convince you to opt in, we’ll make sure you’re inconvenienced or frustrated until you do. It’s a dangerous precedent because it introduces a toxic game of cat-and-mouse, where the user is constantly playing defense, trying to protect themselves from deliberate misdirection. It’s not just an ethical concern, but also an issue of how we value user autonomy in the digital space. For the hackers out there, this is a opportunity to dig into the JavaScript code responsible for this. There’s almost certainly some interesting obfuscation or odd behavior hiding in the code, and by pulling it apart, we can both understand how these tactics work and build tools or methods to counteract them. Let’s make sure the only thing that slows down the web is bad design or slow servers, not malicious code aimed at punishing the user for making their own choices. reply squarefoot 4 hours agoparent> Currently the main attack facing Firefox is coming from advertising companies such as YouTube. I would add to the list the Linux Foundation too. https://www.linuxfoundation.org/press/linux-foundation-annou... reply surajrmal 4 hours agorootparentNote that the effort there is to shift chromium to a more open governance model. This would mean Google has less influence on the project. reply evanjrowley 1 hour agorootparentI don't believe splitting Chromium governance model across Google, Meta, Microsoft, and Opera will help Firefox in any way. reply Yizahi 2 hours agorootparentprevHow is that possible? Would Chrome Chromium maintainer make a different implementation decision from the original Chrome, and then support and develop a real branch in the code? To have Google less influence? I highly doubt it. It is all chromewashing, to make it sound as if Chrome Chromium is an independent browser. reply ilbeeper 1 hour agorootparentThe origin(al) is developed within the chromium project, Chrome is already a Google styled chromium fork. reply Yizahi 1 hour agorootparentThat's how it is advertised. But in reality all decisions are made by Google for Chrome and other Chrome forks just implement all of them without questions. Google wants to add a new protocol - all forks add it. Google wants to cripple adblock support - all forks do it. Etc. reply troyvit 2 hours agorootparentprevAnd yet Google is a member of the initiative. Maybe, possibly, this initiative coupled with detaching Chromium from Alphabet might lead to an opening of the Chromium engine, but more likely Alphabet joined so that if it _does_ get split off from the mother-ship due to anti-trust they'll still have sway over Chromium's direction. And that will be an advertiser-centric direction. I'll add that whatever the purpose of this project, it isn't going to help the overall openness of the web and will only continue to boost the adoption of an engine that already has an outsized influence over web standards. reply xvilka 1 hour agorootparentprevThey should go all in for Servo as the only future-proof browser engine. reply dotancohen 4 hours agorootparentprevThis is so backwards it seems like a joke. Honestly it reads like a rebel group announcing peace with the dictator and joining the oppression. reply 20after4 4 hours agorootparentLinux foundation is far from a rebel group. Look at who is involved. reply daghamm 3 hours agorootparentLinux Foundation is much closer to an Evil Corporate than a rebel group. It is a pay-for-legitimacy scheme that abuses the Linux name and goodwill. I wish Linus & co would distance themselves from these people. reply gjsman-1000 3 hours agorootparentLinus & co do not follow, or respect, the values of the FOSS zealots. He actively dislikes the GPLv3, has a good working relationship with Google on Android and ChromeOS, and has criticized attitudes in the Linux desktop community for over a decade. He famously roasted his own distribution's package maintainer for wasting their life. All hats off to him, frankly. The Linux community can be extremely delusional at times. reply segasaturn 3 hours agorootparentAll that Facebook money has gone to his head I guess. Thankfully we should still have the ability to fork the kernel if he fully loses the plot to corporate interests. reply immibis 3 hours agorootparentLet me copy the actually important information from the sibling comment that's about to be deleted, because this is actually important: Linus has hated GPLv3 since at least 2006. Linux development has been over 80% corporate funded for over a decade. FOSS contributors do not have enough talent or interest to maintain the kernel for even a few weeks. If corporate interests weren't in the kernel, the kernel would not run on modern devices, period. It would have fallen behind the times and been abandoned like countless other technologies, or replaced with a new proprietary kernel from someone else. Linux on the desktop is not somewhat usable in spite of corporate interests. Linux on the desktop is usable today because of corporate interests. reply gjsman-1000 3 hours agorootparentThe original comment I was replying to has an inaccurate mindset: Linux supporters generally still envision this as a community project, with community contributors, and they are so successful, that companies knock at the door politely and are lucky to get code into the kernel. It's actually the other way around: This is a collaborative corporate project, with corporate employees contributing, but there are some random community members who can knock at the door politely and are lucky to get code into the kernel. The community-first development model died about 2 decades ago. When the Linux Foundation talks about \"community,\" they are talking about their corporate contributors and their communities, not us. This is also why I cringe at the excessive (not all, just excessive) hate for corporations in the online community. Without their work, rip out 80%-90% of the kernel commits every year for the last decade, and see how advanced Linux would be. This same change is also underway at another open source project - Blender; which is now increasingly corporate funded and developed. When I see online forum posts arguing that Blender is a perfect example of how we can beat the corporations as a community, I just shake my head now. reply segasaturn 2 hours agorootparentI actually agree with you that Linux development has been captured by corporations. Except that I believe it's not sustainable. Eventually the Shareholders are going to come knocking and ask why so much engineering time and money is being wasted on some hippie-dippy Open Source junk and not returning value to them. It needs AI in it, or maybe a Linux Pro subscription with ads for the freeloaders. This is why I'm glad the kernel is tied to the GPL, so we can fork when their interests stop aligning with ours. reply nh2 2 hours agorootparent> ask why so much engineering time and money is being wasted on [Linux] Most likely the corporations will say \"because that is much cheaper than developing our own; 10 of our devs on Linux an 99% of devs from other corporations are much cheaper than 1000 of our devs on our own OS\". And the shareholders will likely accept that. The key thing is that for most corporations that contribute to Linux, Linux is not the product (except Red Hat, SuSe etc). Google, Facebook, etc, just need a good OS to run their billions of servers on. > so we can fork when their interests stop aligning with ours You can fork but you likely cannot maintain Linux as-is. Where do the 1M hours/year come from? That's hard to do in free time. That is also fine from the perspecitve of Free Software. The 4 freedoms do not include \"the program must be maintainable with little enough manpower for people to do it in their free time, free of independence on corporate interests\": https://www.gnu.org/philosophy/free-sw.en.html#four-freedoms The GPL is great in that it gives large power to users of the software, no matter if those users are corporate or personal, and even if the makers of the software are mostly corporations. reply segasaturn 1 hour agorootparent> You can fork but you likely cannot maintain Linux as-is. Where do the 1M hours/year come from? That's hard to do in free time. Maybe a question too radical for Hacker News, but why does Linux need 1M hours/year? How much \"worse\" would Linux be for the end user if this year, that time spent dropped to 100k or even 10k? And which \"type\" of Linux user was benefiting most from that time spent (person or corporation)? Why is more automatically treated as better than less? > The GPL is great in that it gives large power to users of the software, no matter if those users are corporate or personal, and even if the makers of the software are mostly corporations. Indeed, I respect the wisdom and forethought of Stallman greatly in drafting the GPL. reply atq2119 53 minutes agorootparentI think it's a reasonable question to ask, and there's surely some churn that we could do without. But don't underestimate the effort that goes into device drivers. reply gjsman-1000 43 minutes agorootparentprevA. How do you contribute to the kernel in a way that only benefits the contributing organization? That's quite literally impossible in this kind of project. Even the more niche stuff like virtualization support is used by homelab enthusiasts. It's also not like Linux has 100,000 APIs for every customer under the sun. B. Most of the effort goes into hardware enablement; CPUs, GPUs, power management, etc. Without corporate interests, try running Linux 2.2 from 1999 on a modern PC (which came out just before the $1B IBM investment). See how well it works. Fork modern 2025 Linux, and try running it on a computer that comes out in 2028. See if it even boots. If Intel's only done a minor refresh, it might work; if it's something bigger like the split to P cores and E cores, expect a brick. Even if it does boot, don't be surprised if it crashes, acts unstable, has borked performance, broken sleep/wake, broken audio, broken USB, you name it, it's probably broken. C. A forked Linux would not have the same level of security research behind it. For example, the Linux 4 era was marked by the introduction of fuzzers and the fixing of countless bugs. A C codebase with handwritten Assembly is rather unlikely to ever become bug-free. How well would your forked non-corporate codebase handle Spectre and Meltdown, just an example, with Google's experts contributing the technique for fixing these problems efficiently (Retpoline)? TL;DR: A forked Linux, is a broken Linux, that will never run well on newer hardware, and will quickly become insecure. This isn't a hypothetical: The FSF didn't like the practice of proprietary firmware blobs being in the kernel; so they made their own commercial-interest-free version of Linux called Trisquel. It still uses commercially written code if it's open source; so even it can't be called completely free of commercial influence. The kicker: It runs on almost nothing, and people were complaining about how it works on nothing 13 years ago. reply gjsman-1000 2 hours agorootparentprevYou're assuming that community driven FOSS development is sustainable, or can make a good long term project the size of a kernel, or a multimedia package, or anything larger than a tool or library. In practice, I'm going to be honest and blunt, it's never worked. 3 decades of trying to replace Photoshop with GIMP (founded 1995)? Barely a dent. 3 decades of trying to unsettle Windows with the Linux desktop (KDE, 1998)? Barely a dent. 3 decades of trying to beat 3D packages with Blender (founded 1994)? Finally working now, ironically only because corporations started getting involved. Before then, Blender 2.7 was never going to do it. 2 decades of Apache trying to kill Skype with OpenMeetings (founded 2007)? Not even a dent. 2 decades of trying to kill proprietary CAD packages with FreeCAD (founded 2002)? Not even a dent. 4 decades of trying to beat Microsoft Office with what is now LibreOffice (roots in StarOffice, 1985, which was ironically a proprietary corporate project for the first decade and a half)? Barely a dent. The Linux community, and FOSS communities, overestimate their strength without corporate interests. They have none. reply segasaturn 2 hours agorootparentWhy should I care that Microsoft Office has more users than LibreOffice? I care which is the better product and has my interests as the user, and not the product, in mind. For example, and relevant to the article, I can use an ad blocker on Firefox without Big Brother Google stepping in and taking it away. Photoshop takes 30 seconds to open and illegally scrapes its users' private data for AI training. Windows has mass surveillance built in with Recall and shoves tabloid garbage and ads into the Start Menu. It means nothing to me that the worse products have more users, they are still worse products. reply dotancohen 1 hour agorootparent> Why should I care that Microsoft Office has more users than LibreOffice? Because people are going to send you documents in Word format, and expect you to be able to send them documents in Word format. Including embedded objects, RTL text, animations, and many other features that LibreOffice barely support and do not transfer well between its own native format and the Word format. reply jacoblambda 4 hours agorootparentprevIt's not too terribly unreasonable. It's largely the Linux Foundation trying to wrest control over chromium from Google before the FTC antitrusts them or before Google does more manipulative market controlling BS. In more polite terms they are framing themselves as an ideal long term steward for the chromium project given that courts have already ruled that Google isn't a suitable steward anymore. Chromium wouldn't be so problematic if it wasn't run by such an anticompetitive organisation. If the Linux Foundation ran chromium and orgs like Igalia (who already do a near majority of the dev work for chromiumm) took over the brunt of senior development and leadership control then it'd be a pretty solid technology stack (albeit with some weaknesses). I personally prefer Firefox and it's associated technologies but I also acknowledge the appeal of Chromium distributions like Vanadium. reply pkasting 2 hours agorootparentIgalia is a valued Chromium contributor, but your notion that they do a near-majority of the dev work is off by an order of magnitude. reply jacoblambda 2 hours agorootparentAh yep. I'm mistaken there. I had read somewhere at one point that they were the second largest contributor to Chromium and made assumptions I shouldn't have. My apologies. reply tgv 4 hours agorootparentprevMy first though: WTF? All hail Manifest v3? reply basilgohar 4 hours agorootparentLinux Foundation is made up of corporations. This should not be a surprising outcome when you think about it that way. Edit: https://www.linuxfoundation.org/about/members reply mossTechnician 4 hours agorootparentAnd the Chromium supporter group is just a subset of those corporations. Several leading organizations have already pledged their support for the [\"Supporters of Chromium-Based Browsers\"] initiative, including Google, Meta, Microsoft, and Opera. reply immibis 3 hours agorootparentprevReminds me of the Open Source Initiative. People tell me that licenses like the SSPL aren't open source because the OSI says they aren't. I tell them to look at who comprises the OSI. Nobody has yet showed me a reason why we should believe the OSI when it tells us what open source is or isn't. reply bartread 5 hours agoparentprevIt’s also laziness in software development practices. Developers (still) only develop and test with Chrome. My last job a bunch of us used Firefox as our main browser, which was hugely helpful. As recently as yesterday I ran into an e-commerce site that didn’t work in Firefox (CPC Farnell, I’m looking at you), giving some obscure security error in multiple languages. I thought it might be caused by an extension at first (e.g., uBlock Origin) but, after trying various workarounds, I realised the site would only work in Chrome. It’s not OK. reply PaulHoule 4 hours agorootparentFor years I have used Firefox as my daily driver, anything I work on works on Firefox. Maybe once a year my tester finds a problem w/ Chrome, if that. Developers like myself are the thread that Firefox keeps hanging on by. reply phkahler 2 hours agorootparent>> Developers like myself are the thread that Firefox keeps hanging on by. Yep. A majority of HN crowd claim to like open source and all that, but then they use Chrome instead of Firefox due to some small perceived convenience. Nobody makes decisions based on principles these days, only their immediate wants. Hoe_math is right, we're on the edge of civilization collapse because to that. reply mrweasel 3 hours agorootparentprevTo some extend this is also down to developer having to stop trying to be clever. I can understand having something look a little weird, maybe not align 100% correctly, but how to you actively go about building something like an e-commerce site that doesn't work in Firefox? My guess is that the developers didn't actively try to do that, but used some framework that's all well an good for a SPA or something that needs to be more like a \"real\" application and applied that to something that just needs to be a bloody website. People need to stop doing that. reply gorhill 2 hours agorootparentprevI randomly browsed the site with Firefox stable and I couldn't see any obvious malfunction. What exactly is not working? Is there a specific webpage where the malfunction can be seen? reply PaulDavisThe1st 55 minutes agorootparentprevrei.com generally continues to have issues with firefox. Completely absurd. reply theshrike79 5 hours agorootparentprev> Developers (still) only develop and test with Chrome I've heard this before... Oh yeah, replace Chrome with IE and you've got the same thing happening again. reply ethbr1 4 hours agorootparentDevelopers will always be time crunched / lazy. Why target multiple platforms when you can just support one? reply basilgohar 4 hours agorootparentThis is a management problem, not a developer problem. Yes, developers should advocate, but it's not the developers' burden to make time out of thin air. reply rileymat2 4 hours agorootparentI have never had a manager that said “don’t make it work for firefox”. What I have seen is developers do it wrong to start, then tasks to fix it get low priority due to market share based priority. reply doctor_radium 13 minutes agorootparentEarly fall 2023 it certainly feels like I caught Verizon discriminating against Firefox. It was a CSS issue in their payment portal where some information wasn't rendering as a DHTML popup but at the bottom of the page. You could still pay your bill, but to an untrained eye it looked broken. I reported it and was sent to \"Executive Custom Service\", which would never acknowledge the problem. They would call once a week and make some statements like the problem was on my side and they couldn't reproduce it at all, to which my BS meter kept responding \"I don't believe you.\" After several weeks of this, the issue mysteriously disappeared one Saturday morning, with no further word to me. I'd also complained to my state PUC (this was a landline bill) and think the added pressure helped convince them to do the right thing, even though the PUC has no online jurisdiction. At the time I hadn't thought to go back to tech support and ask somebody there to simply try it with Firefox. Then Verizon would have been pointing fingers at themselves. Any Verizon developers here? I'd love to know the real story. reply PaulHoule 4 hours agorootparentprevI had one who did say \"don't make it work for firefox\" but he was the only one. The basic mechanic is that the off brand browser has to work hard to be compatible whereas the dominant browser works hard to be incompatible. If you develop Firefox first (have some really ideological devs) you'll find Chrome related bugs eat up 1% of your time if that. If you develop Chrome first you'll find supporting other browsers is a bear. (In the early 2000's when IE was dominant I was afraid it wouldn't be possible to browse the web with Linux. I worked at a library that would have deployed Sun Rays as public computers if we could get Mozilla to compile on Solaris but we couldn't, even with the help of Sun support. I developed Mozilla-first and then Firefox-first and helped keep the flame alive back then.) The system I work on now works on both because I develop Firefox-first. There's one screen that loads up 40,000 rows (crazy you say?) worth of data that performs fine on Chrome and is laggy on Firefox, but otherwise the site spins like a top on both of those. Once in a while we run into a serious headscratcher on mobile Safari that burns up some dev*weeks. reply assimpleaspossi 1 hour agorootparentThis is why I always develop to web standards and not to any browser. You follow the web standards and then check to see which browsers do it right. Then adjust for that browser if necessary. reply horsawlarway 3 hours agorootparentprevI agree that this is a \"management problem\" in the sense that if you want to support Firefox, you should allocate resources for testing on Firefox. But also - it's not high up the priority list given Firefox's marketshare. In most cases, you'll get the support by default, but I don't really see many US managers being tasked with allocating resources to support UC browser, or Opera, and those are both in the same space marketshare-wise. My management is actively discussing EOLing several Firefox products because we have basically no real paying customers on them, and Mozilla is unpleasant to deal with in the extension space (genuinely - https://www.neowin.net/news/ublock-origin-lite-maker-ends-fi...) reply samuellavoie90 3 hours agorootparentprevThe goal of a standard is to not be forced to code specific things for each implementation out there. This is failure of the web standards that the google implementation has become the standard. reply cj 3 hours agorootparentWe have web standards, but one area they breakdown is adoption of those standards. Each browser seems to pick and choose which standards they want to adopt and when. Sometimes Chrome will support a new CSS syntax for months or years before another browser finally picks up support (or vice versa). For web standards to truly work, there would need to be better coordination between browsers to adopt new standards in unison. Until then, developers (should) keep track of whether the syntax they're using is supported by all major browsers. Or, develop just for Chrome, which seems to be favored by most. reply pkasting 2 hours agorootparentWe vendors disagree about the relative value of different standards. Adopting at different times makes life harder on web devs, but it also seems like the only route forward. Do you want any one vendor to be able to force the others to implement something they disagree with, or (vice versa) to have veto power? reply segasaturn 5 hours agoparentprevThe irony that Google, who made their bones on the \"open web\", is now attacking open web standards and trying to turn the internet into their own walled garden that they control every aspect of I hope is not lost on the people here. reply delecti 5 hours agorootparentI have trouble seeing that as irony in a world where \"embrace, extend, extinguish\" exists. reply ryandvm 4 hours agorootparentAgreed. It would be ironic if it wasn't literally the exact same arc that every single company in this industry goes through. * Scrappy upstart catches the industry off guard * Wild success and growth * Becomes bloated, unable to innovate, and addicted to its cash cow * Begins turning the screws on its users to appease shareholders reply 20after4 4 hours agorootparentIt's all just a natural part of the enshittification progression. reply fouc 4 hours agorootparentprevhttps://en.wikipedia.org/wiki/Embrace,_extend,_and_extinguis.... We could also start calling it Embrace, Extend, and Enshittificate reply kurble 4 hours agorootparentExtinguish is fine. reply diggan 5 hours agorootparentprevOnce the love of \"Microsoft Loves FOSS Again\" fades away as they aim to enter the next phase, some other company (Cloudflare? Tailscale?) will receive all the developer love until yet again, people realize that for-profit companies don't actually have their best interest at heart. Rinse and repeat forever... reply bluGill 4 hours agorootparentThe only one who has your best interests at heart is you. And you sometimes get it wrong. It is very common the case that someone else will do something that aligns with your best interest. (love for example) In fact it is often in your best interest to do something that helps someone else and appears to harm you. (giving money to the poor at first glance appears to harm you and thus be illogical - but there are a number of secondary results of this that make it in your best interest anyway) reply ragnese 2 hours agorootparentprevI was convinced at the time--and I'm still convinced--that there was a TON of astroturfing on places like Reddit and even here when Nadella became CEO of Microsoft and there was that whole \"Microsoft hearts Open Source\" campaign. Every other comment was \"You're just stuck in the past. You're as bad as the conspiracy theorists. It's not even the same people running the company anymore. Blah blah blah.\" And now they own Github and they're training their AI models on you and your code and forcing that crap into a bunch of PCs. They were about to push out a \"feature\" to Windows that periodically took screenshots of what you were doing and used AI to analyze what you were doing. Then they sprinkle some glitter for the easily-distracted and tell you that it's actually a feature for you. Last I heard, they shelved the idea for now because of the backlash, but we all know they'll circle back around. But, yeah, I'm a tinfoil hat weirdo who's just a \"hater.\" reply tttttrhowwwwai 4 hours agoparentprevmaybe my rant is going to be a bit out of place here but here it goes anyways: sometimes im glad im a technical person that can get away with a somewhat \"healthy digital life\" im basically immune to all the crap going on. i don't need to work too hard to meet my digital needs because im also a simple person. but i really feel bad for the normies who have to deal with all the shit the tech industry throws at them. they don't even know what's wrong, they can't pinpoint what's giving them that extra stress, building up day by day when they use their devices, handle their info, or consume entertainment. like account exhaustion, confusing UI changes every day, or why they have to navigate a sea of crap just to unsubscribe. and why do they need a new computer for software that worked fine 15 years ago? and don't even get me started on what they're doing to older people. cable companies for example are ripping them off with terrible TV boxes and nonsense plans. all their appliances need subscriptions or apps and have cryptic buttons. stores now feel like border control, straight out of a black mirror episode. i can't imagine the frustration they must feel. it just feels backwards. reply neilv 3 hours agorootparentAFAICT, current tech industry culture is most like what I understood of the '80s stereotype of Wall Street bro culture: sociopathic unchecked-greed that will do whatever it can get away with. I'm not saying this to complain, but to suggest a risk of what might come next. So far, they've run wild, and taken over computers, the Internet, AI, and information technology in general. What happens when there's a disruptive breakthrough in medical care, and the exploiters rush in with the same thinking? Right now, one of the few firewalls against that might be that doctors generally have traditions of ethics, and some stature to hold their ground and influence things. Earlier Internet didn't have the same formalized ethical traditions, but had a lot of very smart people people who had altruistic intentions, as well as suspicion of those who'd attempt to twist online potential. All those ethical people were pretty much swept away in a funding gold rush, suddenly with little to no influence over it. (Google did grab some of those people, because Google said the right words, so the altruistic techies thought it was their people, but look what eventually happened even there.) Just like virtually every IoT product and Web site violates every user, what happens if a medical gold rush (say, some kind of implant, or transformative process) means that what we thought was a bulwark of ethical practitioners, is easily bulldozed over, by investment money and culture. And then everyone's body is violated by the newly unchecked industry-wide socipathy, with no alternatives to even live? reply depingus 2 hours agorootparent> What happens when there's a disruptive breakthrough in medical care, and the exploiters rush in with the same thinking? Allow me to simultaneously assuage and stoke your fears. There is little chance of big tech disrupting the medical field; Because every aspect of the medical field has already been seized by the insurance companies. See United Health / Optum. reply Yizahi 1 hour agorootparentprevWe have never asked for this (c) :) reply HunOL 4 hours agoparentprev> It’s crazy to think that some software engineers might actually intentionally degrade user experience on non-Google browsers or for people using adblockers. Pretty sure that was happening back in a days when Opera was using own engine (Presto). They shipped browser with scripts to fix some popular sites. Actually Firefox also has some fixes for particular sites about:compat reply immibis 2 hours agorootparentEven market-dominant companies do this. Windows ships a bunch of backward compatibility patches. Graphics card drivers (especially Nvidia) wholesale replace shaders in popular games. reply darknavi 2 hours agorootparentWebkit does this. Examples: - https://github.com/WebKit/WebKit/blob/main/Source/WebCore/pa... - https://github.com/WebKit/WebKit/blob/main/Source/WebCore/pl... reply jshen 1 hour agoparentprevDon't like YouTube's ads, great don't use it. You aren't entitled to get it for free though. reply segasaturn 55 minutes agorootparentGoogle isn't entitled to invade my privacy, harvest my data and waste my time with ads. Installing an adblocker isn't an act of entitlement, it's an act of self-defense. reply recursive 37 minutes agorootparentAnd google is entitled to infer that you're using it and serve you different content, or none at all. reply observationist 1 hour agorootparentprevIf your internet server serves content, I'm entitled to connect to it. If you don't want to serve content without a login, you have the option to not do so. That's the way the internet works. You don't get to have your cake - free and public access to content - and eat it, too, by imposing your own requirements on the technology, introducing an adtech gatekeeping system. YouTube or any of the others could simply put up a login gate, and then nobody could access any of the content unless they're logged in, and have agreed to additional terms of use. As it stands, all the content is free and public. In legal terms, as per the Supreme Court of the US, the gate is up, and they are not entitled to impose additional restrictions except where allowed or required by law, such as age restriction, moderation, or copyright situations. You are entitled to get those videos for free unless or until YouTube decides to lower the gate. That's how the internet works, and it's a wonderful, good thing. Fuck ads. Block them all. Eventually they're going to be regulated and companies will be forced to stop mass commercial surveillance under threat of fines and hopefully prison time. Absent surveillance and mass data harvesting, adtech becomes much less lucrative, and maybe we'll see markets develop that compete on product quality, and value to the consumer, instead of the endless cycle of enshittified garbage and attempts to derail the open and free public internet. reply bdhcuidbebe 41 minutes agoparentprevfreetube is a superior experience for consuming youtube content in every way, including not running google’s javascript so they cannot mess with the users in the same way. it has adblock and sponsorblock built in. that said, firefox has been my browser of choice as a web dev for most of my career. (im old enough to have used netscape before that). i remember having super powers compared to other devs with the help of firebug :-) reply PaulHoule 4 hours agoparentprevAlso it boggles my mind that an advertising company (1) offers its own ad blocker to block competitors ads, and (2) circumscribes what ad blockers can do, and (3) nobody stops them... All when the FBI is saying you should run an ad blocker to avoid being the victim of a crime. reply paulryanrogers 4 hours agorootparentAnti trust has been a joke since the 70s, when the threshold moved to \"consumer harm (so blatant people will vote me out of office)\" reply hmmm-i-wonder 4 hours agoparentprev>it’s almost like punishing users for making the choice to browse the web without ads, or without the surveillance mechanisms that come with them. I don't think its \"almost like\", I think it \"actually is\", and that its intentional. There is a perspective that is now prevalent in tech and business that users are good only as far as you can monetize them. Any concepts of respect or value outside of that have been discarded. There used to be a sense that you needed to continue improving a product to keep charging the same or more for it. Now companies expect you to pay more every year while products are stagnating or being enshittified to extract higher profit margins on top of the increased prices they are charging. Tech is now run by Business/Sales people, and every user is a statistic in a spreadsheet they are trying to extract the most money from for the least amount of investment. Data collection and behaviour tracking is one side of the coin, but we really don't talk about why companies are willing to pay so much for that data or what they do with it... that's a conversation I think needs to be focused on. reply cornstalks 2 hours agoparentprev> It’s crazy to think that some software engineers might actually intentionally degrade user experience on non-Google browsers Is this actually a thing? As far as I'm aware all degradations in non-Chromium browsers have been unintentional bugs, either caused by a YouTube bug or a non-YouTube bug (i.e. in the browser or an extension) (note I'm specifically not commenting on the last portion of your comment regarding \"for people using adblockers\"). reply recursive 35 minutes agorootparentIf you have a lot of technical churn, and only test perf on Chromium, then you could certainly claim that the result is \"unintentional\", but it's almost guaranteed based on that circumstance. reply Timshel 4 hours agoparentprev> Currently the main attack facing Firefox is coming from advertising companies such as YouTube. While I agree; between an up-to-date uBlock Origin and https://addons.mozilla.org/fr/firefox/addon/chrome-mask YT is quite usable. Long term I'm more worried by Mozilla leadership than Google shenanigans. reply normie3000 4 hours agorootparentFrom your link: > Please don't use Chrome Mask on YouTube. It won't resolve any issues, and it will make your experience worse over time. If some issue got fixed after toggling Chrome Mask on, it most likely got fixed by the addon clearing the cache. But you can do that yourself, too, without the need for this addon. reply Timshel 4 hours agorootparentI can't seem to find your citation from the add-on page. Might be a placebo but YT appear more responsive with it on than off after a ctrl+f5. Edit: appears to be in the reviews: https://addons.mozilla.org/en-US/firefox/addon/chrome-mask/r... reply tapoxi 5 hours agoparentprev> It’s crazy to think that some software engineers might actually intentionally degrade user experience on non-Google browsers or for people using adblockers. Why would I, as a developer whose income stream is based on advertising, intentionally cater to users who are costing me money? There is a web based on hobbyist platforms like PeerTube and Mastodon, and you can clearly see why they haven't captured the masses. reply notanastronaut 3 hours agorootparentThere is no reason I, a user, will intentionally use your product when you fill it with ads that are, at best annoying, and at worst malware vectors. You have your right to develop things your way, I have a right to say no thank you. Google, though, is so big it is basically saying \"you don't have a choice.\" That's the problem and one that Google spends billions to enforce. They use the weight of the uninformed to apply pressure to the rest of us. It was no better when Microsoft did it with IE, nor is it any way proper, now. reply apricot 1 hour agorootparentprev> Why would I, as a developer whose income stream is based on advertising, intentionally cater to users who are costing me money? Thank goodness you're not a doctor. reply bee_rider 4 hours agorootparentprevThis is basically true. The ad supported web sucks, but the solution is to not use it. reply wruza 1 hour agorootparentThe solution is how we solve it. There’s a technical end to every demand, and at the end of the day regulation only can do so much for both sides. The reality sorts everything else. The solution you mentioned is valid too. But you cannot ignore the fact that internet is for everyone and not for google. Google minus all the shit it does to the internet can definitely exist in some form. Claiming it’s either this or nothing is just defeatist. If google and youtube disappeared tomorrow, I’d be the first among those guys who buy hdds and torrent videos from these. For no money, like I did with all torrents in my life. There would be less professional videos obviously, but almost everyone agrees it’s a good thing (quit SM, anxiety, kids social issues, etc talks). reply bee_rider 1 hour agorootparentSorry, I was ambiguous. I just meant not to use the ad-supported part of the web. Yes, the rest of it is fine. Even a large chunk of the ad supported internet is happy to continue sending you bits if you don’t render their ads. This is fine, the convention has always been I’ll send whatever (non-malicious) bits I want, you send whatever you want, and we’ll render it however we want. YouTube specifically doesn’t send bits to people who don’t render their ads, on purpose, which is also fine, they just don’t want those of us who don’t render ads around. Entitled ad guys don’t get to change the social convention to add some obligation to render their ads. If they don’t want to serve bits to users that block their ads, that’s fine, but if they send bits I’ll render them however I want on my system. reply wruza 52 minutes agorootparentExactly. It’s amazing that ads-ers send bits regardless and expect them to be consumed as is, as if it was some fundamental law of nature to do so. Simply don’t send, wink. That wink makes them feel uneasy because it breaks that wonderful narrative of theirs. “If you don’t want to watch ads, just don’t visit”. Yeah, just paywall us then, come on, we’re all yours, signed in, vendor locked. I’m so ready to leave and delete the bookmark, what are you waiting for? reply bee_rider 41 minutes agorootparentPeople are playing this cat-and-mouse game with YouTube specifically, where they’ll circumvent the desire to block them for not rendering ads. I think this is a bad thing for users to do. But I mostly think it should make the ad providers uncomfortable. Because they know that most people won’t play cat and mouse for their content. In any case other than YouTube, people would just move on. They know it. We know they know it, because if they really didn’t want to send bits to ad-blockers, they’d copy the first step of the back-and-forth that Google did with YouTube, and those users would no longer be a problem. reply lentil_soup 1 hour agorootparentprevBecause it's not catering, it's actively making it worse for the rest of us? Because not everything is about money? Because of ethics? Why would I, as a doctor whose income stream is based on people getting sick, intentionally support policies that make people healthier reply p3rls 4 hours agorootparentprevYou can tell who has never been in control of a budget and had to fire people because more than half their audience is using adblockers. reply wruza 1 hour agorootparentWhy you even start a business so risky and bad mannered? reply pif 1 hour agorootparentprevI get your points, but have you tried with less invasive advertising? Like, you know, static pictures downloaded from your domain with a HREF on them? reply Workaccount2 4 hours agorootparentprevPlease stfu and work for free so I can maintain what I am entitled to. If you really need money just give more invasive ads to the idiots who don't adblock. Thanks. reply eipi10_hn 4 hours agorootparentprevBecause you cannot even control your ads to users? No one of you devs gets punishment for tracking users' personal information, pushing scam, phishing and malware to users, and now users are not even allowed to protect themselves? Users don't drop trackers and malwares to your servers, why do you drop trackers and malwares to users' machines? Because you are working for a corporation that joins in World Wide Web Consortium, who literally says this in the Ethical Web Principles? > People must be able to change web pages according to their needs. For example, people should be able to install style sheets, assistive browser extensions, and blockers of unwanted content or scripts. We will build features and write specifications that respect people's agency, and will create user agents to represent those preferences on the web user's behalf. https://www.w3.org/TR/ethical-web-principles/#render If you cannot maintain your service, paywall your features, not forcing malwares and trackers to users. No one forced you to serve 1080p, 1440p or 4K videos to everyone for free. You were the one literally \"advertised\" yourself as a \"free\" service at beginning, in order to hoard how many users you could. And now when you cannot control your own costs, you push malwares and trackers to users? The mentality of hoarding users with \"baits\" like \"free\" are the real poisons for the internet, for both of you and your users, NOT users who are doing exactly what World Wide Web Consortium tells them. Where are all your MBAs in your corporations? The ones bragging about themselves on LinkedIn and now the only resolutions you can think of is pushing malwares and trackers to users? All of the finance classes in your college should be simplified to advertisement classes I guess? That would save a lot of resources for everyone. reply Workaccount2 3 hours agorootparentLet me remind you that Ad-Block Plus collapsed when it's users revolted over their plan to whitelist simple vetted advertisements in a truce with advertisers. ABP was foolish and actually believed it's users were trying to make a statement about invasive ads. Really their users just didn't want to see any ads at all, ever, regardless of the circumstances. reply eipi10_hn 2 hours agorootparentABP didn't even address any trackings with their program. It's just pure cosmetics. > Really their users just didn't want to see any ads at all Because the internet was filled with malicious ads before any content blockers having more people? The hazardours time of Windows XP/7 with malwares-affected from the ads appear like meals in every day's news? Sorry, internet ads are doomed from those times. They are migrained to everyone's minds that users are walking in a landmines with those ads. If a business is entirely dependent on those ads, that business should not exist. Doing business is hard, right? I mean, like, most of other ethical jobs on the world. Users are just doing what World Wide Web Consortium says. reply debugnik 2 hours agorootparentprevYou forgot to mention it involved paid whitelisting, and the requirements for compliance were so weak that even major malvertising vectors, like Google, were considered acceptable. reply p3rls 4 hours agorootparentprevThose corporations with MBAs will find another way-- you're only hurting the independents and destroying the open web with your hipster nonsense reply eipi10_hn 2 hours agorootparent> Those corporations with MBAs will find another way Not YouTube. Those \"nonsense\" are from World Wide Web Consortium, users are just doing what they say. The \"hipster\" are the ones not respecting those Ethical Web Principles. Users are not injecting trackers and malwares to those independents' servers. Why do those independents inject trackers and malwares to users' machines? The ones who destroyed the open web are the business, including independents and corporations, with the mentality of luring more users to use their \"free\" services, without any plans of controlling the cost, ETHICALLY and MORALLY. Scale, scale, scale, more users, more beautiful number; until their pocket is burnt and now their resolution is pushing those trackers and malwares to compensate the cost. Ads, malvertisements and trackers are not the open web. reply ethbr1 5 hours agoparentprevWhat doesn't work with YouTube on Firefox? Asked as on mobile I run as few apps as possible, so use the web version. Haven't seen any issues. reply diggan 5 hours agorootparent> What doesn't work with YouTube on Firefox? The performance is way worse (which Google engineers will explain by some browser API being slower in Firefox and they haven't yet had time to optimize it, N years later [they did the same with Inbox + Firefox before]) and you'll also see more ads if you're not a paying user and using Firefox compared to if you used Google Chrome. reply jeffbee 4 hours agorootparentThe last serious performance issue I saw with FF+YT was when YT added a glowing border around videos when the tab was in dark mode. FF just wasn't able to efficiently run that effect. I don't think it's very reasonable to say that YT or any other site should be limited by the performance problems of FF. Maybe they should have detected the issue before release but the explosion of browser x platform x dark/light theme x graphics driver is a large space to sweep. reply WorldMaker 4 hours agorootparent\"Should have detected the issue\" implies it was an accident. YouTube has intentionally tanked performance in non-Chrome browsers before and been caught. Even when they weren't actively sabotaging other browsers they had big Chrome banners and \"Works Better in Chrome\" signs for several years in the past. If they did it _then_, it's hard to give them the benefit of the doubt that they just \"missed it\" now, and easier to assume they do things that are broken in other browsers intentionally. reply cornstalks 2 hours agorootparent> YouTube has intentionally tanked performance in non-Chrome browsers before and been caught. Can you please share sources regarding this? I'm not familiar with any instance like this. reply WorldMaker 14 minutes agorootparentEdge (Spartan or Legacy) had a big fight with YouTube that YouTube was doing a hidden (not visible to users) DOM animation underneath the video player in a way that Chrome ignored but tanked Edge performance. There were several release cycles where Edge would specifically target that hidden animation performance, only for YouTube to make the animation worse and ratchet it back. I lived through that as a user. (I was one of the like 5 Edge Spartan users, I know, lol.) I could see the dumb animation in dev tools and manually delete it for better performance. It was a nice thing I had some technical skills. I know for mainstream users the solution was \"watch YouTube in Chrome\". It's hard to find to other sources because Microsoft intentionally broke the SEO on the Edge brand and you know Google is the only other major search engine. Not that they'd intentionally down-pagerank bad news about a Google property, I'm sure. reply jeffbee 3 hours agorootparentprev\"Intentionally tanked\" is just nerd spin. I've never seen an actually convincing recitation of these stories. reply ustad 5 hours agorootparentprevA lot of the reported issues with YouTube on Firefox (especially when paired with adblockers) involve things like increased page load times, UI elements not functioning as smoothly, or even video playback glitches. Some of this is due to JavaScript that’s intentionally designed to slow things down if you’re blocking ads or using a non-Google browser, as we’ve been discussing. reply Izkata 4 hours agorootparentI would guess most of that is probably Polymer. IIRC the story was, when Youtube was redesigned a while ago they used an early spec for Web Components, that they were pushing to be standardized and was fully implemented in Chrome. But they had to add Polymer as a polyfill for other browsers. Then the version of Web Components we actually got wasn't entirely compatible with that early spec, so Polymer is still in use for non-Chrome browsers. I don't know how much of that's changed since then, but the complaints are basically the same as when that happened. reply ethbr1 4 hours agorootparentprevI haven't seen any bugs on Firefox mobile + uBlock Origin + Android + Pixel 4a 5g (I hate upgrading phones, sue me). The only glitch I reliably get is watching videos at 1.5x sometimes freezes video (but audio still plays). Expect that's more hardware and memory pressure related tho. Also, I wasn't aware YouTube mobile has ads? I think uBlock might be eating them. Although possibly whatever is lagging others experiences too... reply officeplant 5 minutes agorootparent>Also, I wasn't aware YouTube mobile has ads? I think uBlock might be eating them. That would be the point of an ad-block add-on wouldn't it? reply elephanlemon 5 hours agorootparentprevI ended up switching back from Firefox to Chrome after a few weeks because I found that if I had more than about 6 YouTube tabs opened, the YouTube interface would become very laggy. I blamed it on Firefox at the time but maybe it was something intentional by Google. reply flexd 4 hours agorootparentMy Firefox does this on Windows. I have no idea how many tabs I have open, but regularly the whole YouTube tab I have open freezes, especially if you try to watch one video, and then another, and the whole UI is delayed by many seconds. Even closing the tab will have the audio playing for several seconds in the background. It's not due to load or hardware as far as I can tell. The videos play just fine in Chrome or Edge. I still use Firefox as my daily browser (previously Chrome), but these issues are super annoying. I don't want to have to restart my browser or PC all the time. I don't know if it's some combination of extension/ad-blocking or YouTube doing stuff, but it's very annoying. Unrelated to that, but on a Ubuntu laptop I have Firefox tabs regularly stop working entirely. They just won't load anything, and the only fix is to open a new tab and that loads fine most of the time. Other times I have to restart Firefox. I've tried searching for others experiencing this problem and even asked in Mozilla channels on Matrix, but even then I didn't come up with any answers. The laptop's hinge broke last year so I haven't used it since then, so likely never going to figure out what was going on. reply wussboy 4 hours agorootparentprevHow…how many videos are you watching at one time? reply wruza 4 hours agorootparentI go through my feed or history and bg-open the links I want to watch. Then I watch them. What a strange confusion, as if all people must have the same \"workflow\". Sorry, no intent to sound negative, but why not give it some thought at least. It's \"6 tabs\", not \"6 videos playing at the same time\". reply WorldMaker 3 hours agorootparentAs someone who hates the auto-recommendation system on YouTube and turns it off, I also appreciate this is sometimes the safest/easiest way to watch only the videos I actually intend to watch. This seems intentionally YouTube's UX design fault, they too heavily try to push you to \"auto-play\". YouTube has a \"Watchlist\" feature where you can build a playlist. When it works it is exactly what I want, but it feels like every so many months it mysteriously breaks for a while or they hide the button for it behind some new hidden gesture or menu they expect you psychic out of their UI. (If you've never heard of \"Watchlist\", no wonder. It seems intentionally hard to discover.) Lately I've been complaining that YouTube adds random \"auto-play\" videos even to a manually curated \"Watchlist\" if you don't pay enough attention or watch past the end of the list (even with auto-play and recommendations entirely off). reply scott_w 4 hours agorootparentprevNot OP but I read it as \"6 tabs\" not \"6 YouTube tabs.\" reply lxgr 4 hours agorootparentI sometimes do have several Youtube tabs open to line up things I want to watch next. reply ethbr1 4 hours agorootparentTo this, have you tried running a no-autoplay style extension? (Not exactly this scenario, but lists might be modifiable) I expect YT is probably doing some preloading or heavyweight running in a loaded-but-not-playing tab. Convert that to load-on-click, and you'll likely fix your issue. reply wruza 40 minutes agorootparentWe’re shifting targets here. The fact is, it doesn’t happen in Chrome for “magical” reasons, according to a comment few levels up. And regular non-tech users won’t debug this with click to play or whatever. We expect that YT does it absolutely intentionally. It bends userbases however it wants due to its multi-dimensional reach, and we’re like “hmm maybe extension would help prevent accidental preloading issue”. I just don’t get it. reply lxgr 2 hours agorootparentprevNo need – Firefox does that out of the box for tabs opened in the background (I open tabs via middle/command click)! So there is no problem for me. reply ethbr1 4 hours agorootparentprevOn the internet, no one knows you have compound eyes. reply 20after4 3 hours agorootparentprevAre you on Android? AFAIK Mobile Firefox on iOS is just safari with a different skin and on Android it's still not really the same as desktop Firefox. I think what's actually happening is that they are targeting uBlock + Firefox on desktop for punishment. reply ethbr1 2 hours agorootparentMobile Firefox on Android. reply conradfr 4 hours agorootparentprevNot totally related but on Firefox mobile you can't have a Youtube video playing while switching to another app anymore. reply tuukkah 4 hours agorootparentI think this is something that Google requires on Play Store, but there's a Firefox extension you can install to make it work: https://addons.mozilla.org/en-US/android/addon/video-backgro... reply prmoustache 4 hours agorootparentprevAren't every firefox user using newpipe or other yt frontends on mobile? I mean if you care enough to not use the default mobile browser, surely you found out about newpipe and the myriad of other youtube frontends. reply officeplant 1 minute agorootparentMy main issue is NewPipe struggles with being attached to an account. Its a great app for me to open a video link in / use to download it. While using firefox mobile + ublock its easier to be logged into a youtube account and dig through favorites, etc. rurban 2 hours agorootparentprevWith Firefox on Linux HD Videos are the default, whilst Chrome hasn't integrated DRM for a long time, leading to SD only. On Android, Firefox has much more extensions, such adblockers. FUD reply asdfasdf1 5 hours agoparentprevabout youtube being totally unusable on firefox: is it just youtube/google being evil as is customary or also firefox having loads of memory leaks, as its usual too? (plenty of mem leak bugs with video/audio reported over the years, many very recent and still open) reply danielbln 4 hours agorootparentI was about to write that YouTube works flawlessly for me in Firefox on Mac, but I just upgraded to a monster of a M4 MBP, so it's probably just overcoming these issues (malicious or otherwise) via brute force. reply kome 4 hours agorootparentI watch youtube on a 10 years old macbook air 11, and it works flawlessly with firefox and ublock origin. reply josephd79 4 hours agorootparentprevI've used firefox for a very long time and have never had an issue with youtube... reply prmoustache 4 hours agorootparentprevFirefox + ublock origin seems to be the combo allowing me the best user experience with youtube. I have no idea what the previous poster is talking about really. reply dartos 5 hours agorootparentprevYes reply dismalaf 4 hours agorootparentprevYouTube works perfectly on Firefox if you pay for YouTube Premium. Haven't noticed any bugs, if it leaks memory or something it's not noticeable on my machine. reply snarfy 4 hours agoparentprevIt's not the engineers making these decisions. They write the code they are told to write. Some middle manager / VP gets a promotion if they 'increase engagement', 'increase ad-spend', or some other hollow metric they chase. They are the ones deciding to send any 1-3 star ratings to customer support, and 4-5 ratings recorded as an actual rating. It's not about the users at all. It's about gaming the system for some manager's benefit. reply LegitShady 3 hours agorootparentI am not a person who normally moralizes to others, but I can say I have quit jobs where I found the work to be unethical or that company policies required me to bend my ethics. The engineers implement all of the \"features\" that these management types decide on. I understand there are infinite engineers so eventually the features will get implemented, but I do not blame the managers alone for tasks done by unethical engineers who do not consider the effect of their work in the long run. reply adamc 3 hours agorootparentThis. If you only shoot the crowds when your overlord demands it, that does not make you innocent. reply snarfy 3 hours agorootparentYes because implementing a pop-up is akin to murder. reply adamc 2 hours agorootparentThe moral issues are the same even when the gravity of the offense is different. reply snarfy 3 hours agorootparentprevThat's privilege talking. Not everyone is in a position to quit their jobs over the morality of implementing a pop-up. reply i_love_retros 4 hours agoparentprev> Currently the main attack facing Firefox is coming from advertising companies such as YouTube. Can you explain this more? I don't understand what this means. reply 20after4 3 hours agorootparentYoutube intentionally degrades the user experience if you use Firefox, at least if you are using a proper ad blocker. And there really isn't much reason to use Firefox if you aren't also using uBlock. So by targeting the users of uBlock+Firefox, YouTube is aggressively degrading the experience of Firefox users. Things I've noticed include: 1. Every video defaults to the absolute lowest resolution (240 or 320) until I manually switch it to a higher setting. 2. Occasional (but fairly frequent) 30-second delay before a page loads (loads enough to show a black page, then just freezes for a while. During this delay, refreshing the page gives the same result. 3. Rarely, interstitial notice pages threatening vague consequences if I continue to use an ad blocker. reply rsyring 2 hours agorootparentI'm only an occasional YT user, but I don't have any of those issues and use uBlock+Firefox and NextDNS. reply i_love_retros 3 hours agorootparentprevI wonder if using DNS level ad blocking would prevent this. I avoid YouTube as much as possible anyway as they force me to login. reply 20after4 3 hours agorootparentThey may actually be implementing something on the server side to degrade the performance of connections because they have me flagged as a ublock user. reply jacoblambda 3 hours agorootparentprevGoogle has a habit of intentionally delivering degraded versions of their services to not Chromium based browsers, particularly non-Chrome versions of their browsers (determined by User Agent). There's a pretty famous example of Google deploying a specific variations of Youtube to Microsoft Edge browsers (back when Edge had it's own engine) and that specific variation would cause Edge's hardware acceleration to break. If you overrode the user agent to present as google chrome, the problematic invisible parts of the page disappeared and everything worked as intended. And what the specific problem HTML was would change just as fast as the MS team could roll out fixes. In effect they were playing a game of \"break the browser\" against their competitors to force them to apply temporary fixes that would then later have to be removed resulting in unnecessary code churn in their competitors' code bases. https://news.ycombinator.com/item?id=18697824 reply vanous 5 hours agoparentprevA while back nobody would believe that Google's search dominance could be disturbed... and now many have either switched away or stopped using search altogether. It takes me two clicks to set a search to DDG, Kagi or other and Google has lost this customer (often a family) forever. So let them be arrogant and loose their YouTube customers over time too. reply scarface_74 5 hours agorootparentGoogle still has close to 90% market share with DDG being a little more than a half percent. https://gs.statcounter.com/search-engine-market-share/all/wo... Edit:Wrong year - that was 2020 this is 2024 https://gs.statcounter.com/search-engine-market-share/all/wo... reply normie3000 4 hours agorootparentYou've linked to 2020. 2024 is at https://gs.statcounter.com/search-engine-market-share/all/wo..., but the numbers seem to be identical. reply dartos 5 hours agorootparentprevChange is sometimes slow. Let’s see how Google does as a century old company. In the grand scheme of things, they’re still a fairly young giant. reply prmoustache 4 hours agorootparentThe thing is I see it everywhere around me. People don't care looking for a better search engine. Worse I am pretty sure that most people do not know they can choose their search engine and can define whatever is used when searching in the url bar. reply scarface_74 4 hours agorootparentprevI didn’t realize I was looking at the 2020 stats. But the 2024 stats are the same reply bachmeier 4 hours agorootparentprevDefining the market correctly is always an important first step. Those numbers don't include LLMs. reply scarface_74 4 hours agorootparentWhile I’ve been using ChatGPT with web search for almost two years as a paid user, the majority of people don’t and that has just gone free in the last few months. But when I just want a simple search, I still use Google first out of habit. reply cnotv 2 hours agoparentprev> these engineers seem to be focused Managers. reply Der_Einzige 3 hours agoparentprevYou used LLMs to write this comment. reply WorldMaker 3 hours agoparentprev> It’s crazy to think that some software engineers might actually intentionally degrade user experience on non-Google browsers or for people using adblockers. It's also crazy that we've let ad companies tell us that using a non-Google browser is the same thing as using an adblocker. It is not the same and it never was. I use Firefox with no adblocker installed. I don't mind ads to an extent. I do mind tracking and find micro-targeting disgusting and creepy and evil, so I use Firefox, and I use its Enhanced Tracking Protection, and I only log in to the major Ad Companies like Google/YouTube, Amazon, Meta, others in dedicated containers that only are for their sites themselves. It's sad and annoying how many ad networks accuse me of having an adblocker just for using Firefox (or Safari) with relatively cleaner than average cookies. Show me the old school of ads, the \"Superbowl\" broadest audience ads, the stuff that advertising companies \"knew\" for centuries of their existence as \"common sense\" that was the most useful way to make and sell ads before tech companies got involved and decided that user privacy was up for auction to the highest bidder. The way I see it: If an ad network can't do that and sees this as \"adblocking\", it deserves to die and something better needs to step up and eat their lunch. That includes Google and Meta's ad networks. That includes \"Admiral\" and any other network that buys ads from creepy \"Temu\". reply 2OEH8eoCRo0 2 hours agoparentprevThe firehose of cash is ads and user tracking, not serving better video. It's such an unprecedented amount of money that it corrupts everything else and distorts the market. reply wruza 5 hours agoparentprevThat's how Chrome started. I remember it showing a banner with itself on /. which froze a page on scrolling over it for a few seconds. In all browsers except Chrome. Never understood this Chrome-go-go mob mentality that everyone had back then. It was literally an ads-network prodived crappy browser with just tabs and urlbar. It was fast, because it did nothing and had no cpu pressure from the banners. I wouldn't be surprised if it was \"fast\" all this time only due to special treatment from google, youtube and the corresponding ads/tracking scripts. \"Precedent\", yeah. reply ethbr1 5 hours agorootparentIt was fast because in 2008 it used V8 [0] and other browsers didn't. Eventually competitors caught up. [0] https://en.m.wikipedia.org/wiki/V8_(JavaScript_engine) reply wruza 4 hours agorootparentAnd that was fast because google pushed on megabytes of javascript and tight loops in it. Regular ajax (now known as htmx) webpages worked absolutely fine in other browsers. I regularly scrolled through a whole freebsd single-html handbook and it never lagged in e.g. presto. Websites aren't expensive to run even on a slow interpreter. Even medium-complexity apps don't do much and could be written in python or ruby back then. The only source of website lag is ads networks. reply Apocryphon 1 hour agorootparentNah, I remember Firefox in 2008 being a miserably bloated and slow experience. Guess it was because of no Electrolysis and any other refinements in the last two decades. reply bigstrat2003 1 hour agorootparentYep, same. Firefox now is decent, but back in the day it was awful. I remember trying it out early on and immediately going back to IE because Firefox was significantly slower. Chrome was a marked improvement over both IE and Firefox, so it won. reply dismalaf 4 hours agoparentprevUsing an ad blocker (and not paying for a subscription in the case of YouTube) isn't the \"user making their own choices\", it's stealing content. If a creator puts up ads or a paywall, it's because they want to be compensated. You should either respect their wish or simply not view their content. reply godshatter 4 minutes agorootparentAccessing a web page using standard protocols with no authentication and filtering what I want to see of it on my computer is not stealing content. YT might want me to do something else, but I am not bound by their wishes. reply basilgohar 4 hours agorootparentprevI understand this perspective, but I disagree with it. If someone wants to use a public space (i.e., the Internet), then they have accept that technological solutions to annoyances are also part of that. Block it with a subscription if you don't accept this reality. But getting the benefits of a free, global audience doesn't entitle the artist to any means of revenue they choose, including what annoys and harms people. It's like saying you have to walk the long way around to your exhibit through the concessions hall before seeing my display, when someone can just take a shortcut and skip that, and blaming them for doing so. reply carlosjobim 2 hours agorootparentA restaurant is also a public space. But you can't eat for free or behave as you wish there. reply dismalaf 4 hours agorootparentprev> But getting the benefits of a free, global audience The benefit of the audience is literally the ad views (or Premium views). reply asdfasdf1 4 hours agorootparentprevusing an ad blocker is the ONLY option to avoid adds. You can pay evilcorp for a subscription/premium account/whatever and they'll still try to force you to watch 10 minutes of adds for a 1 minute video. Fuck them. We own them nothing. Banksy said it better: People are taking the piss out of you everyday. They butt into your life, take a cheap shot at you and then disappear. They leer at you from tall buildings and make you feel small. They make flippant comments from buses that imply you're not sexy enough and that all the fun is happening somewhere else. They are on TV making your girlfriend feel inadequate. They have access to the most sophisticated technology the world has ever seen and they bully you with it. They are The Advertisers and they are laughing at you. You, however, are forbidden to touch them. Trademarks, intellectual property rights and copyright law mean advertisers can say what they like wherever they like with total impunity. Fuck that. Any advert in a public space that gives you no choice whether you see it or not is yours. It's yours to take, re-arrange and re-use. You can do whatever you like with it. Asking for permission is like asking to keep a rock someone just threw at your head. You owe the companies nothing. Less than nothing, you especially don't owe them any courtesy. They owe you. They have re-arranged the world to put themselves in front of you. They never asked for your permission, don't even start asking for theirs. reply dismalaf 4 hours agorootparent> using an ad blocker is the ONLY option to avoid adds. You can pay evilcorp for a subscription/premium account/whatever and they'll still try to force you to watch 10 minutes of adds for a 1 minute video. Fuck them. We own them nothing. On YouTube? No. I pay for Premium, there's no ads. reply HanClinto 3 hours agorootparentI pay for YouTube Premium. I'm thankful that it exists. I still get sponsored segments in the middle of my videos (from the content creators themselves). I haven't (yet) installed SponsorBlock -- currently, I have no plans to, but I do fast-forward to skip those commercials in the middle of the videos. I pay for Amazon Prime, and they've started showing me preroll ads on my streaming content. I also still get sponsored product recommendations in my search list. I pay for Kagi search. Thankfully, this area is still relatively clean. reply dismalaf 3 hours agorootparentMost of the creators I watch don't have sponsored segments. I do agree, Prime is annoying with their ads, it definitely affects how much I watch on their platform. reply shultays 3 hours agorootparentprevThere is still embedded ads or promotional content or whatever that you can only block with sponsorblock reply Workaccount2 4 hours agoparentprev> it’s almost like punishing users for making the choice to browse the web without ads, A local cafe I go to has a \"pay what you can\" business model. One of the smartest decisions I ever made was to go there and not pay. I seriously don't have to pay for one or sometimes two meals a day. Usually just a free coffee and bagel though. I recommend others to try it too. You can just not pay and they still give you food. I cannot figure out why people still pay them. If they understood their customers, the food would just be free to everyone. But whatever, in the meantime I will eat free. reply wruza 4 hours agorootparentYou forgot to tell another half of this story where this cafe used all sorts of tactics to kill competition and uses semi-related businesses to ensure its dominance. Then they nicely suggested everyone to pay what they can, or else. It's not an innocent local cafe as you paint it. It is a corporate network monster whose win strategy is \"leave no survivors\". reply Workaccount2 4 hours agorootparentAnd rather than stop going to this evil cafe, people just go and don't pay. So as long as you make out your flavor of the month business as \"greedy and evil\" you can paint yourself a moral crusader by going there and taking things for free. How convenient, eh? \"This coffee shop is a terrible place, therefore I will eat there for free everyday in protest!\" reply jraph 3 hours agorootparentThe network effect kinda prevents you from finding coffee at an honest place. (The content is on YouTube and nowhere else) Until this changes and one can choose to go somewhere else, I wouldn't worry too much about the terrible cafe's income, because it is one of the richest entities in the world, it already shouldn't be that rich and powerful, and if it disappeared, it would finally let one go find coffee somewhere else. The other possibility is to stop drinking coffee, of course. Though you can't really do this with everything. reply Workaccount2 3 hours agorootparentYouTube is hardly the only website on the Internet. And besides that, YouTube splits ad revenue 40/60 yt/creator anyway. So I suppose those creators are all in on the scheme too? reply wruza 1 hour agorootparentprevAnd rather than blocking me access, like in “please pay to watch it”, they squiggle and babble incomprehensibly. Note that I’m not freeloading Nebula etc. Your analogy was shallow from the start. Continuing it makes little sense. reply PaulHoule 4 hours agorootparentprevPart of the problem is a lack of a feedback channel that pushes back against the worst tranche of ads. It is one of these situations https://en.wikipedia.org/wiki/Exit,_Voice,_and_Loyalty_Model where you have no \"Voice\". At home we were talking about food ads on Youtube. Sure, once in a while you see an ad for a meal box that is actual food but I see a lot of ads for things like Huel which float in this strange space where it's not \"I used to eat bread and meat and vegetables and now I drink all my meals\" but where it's normal to drink your meals (they pose as if they were trying to persuade you to switch from some other meal replacement), where you have to work just as hard taking supplements every day as you would work lifting weights or not eating junk food -- there's McDonald's and there are ultra-processed foods, but this is ridiculous. (A friend of mine received a huge quantity of 4Patriots dried food from his mom who was sucked in by some ad that claimed it was on sale because they made too much. We got some and the smell when my son made it turned my stomach.) In terms of sponsorships there was the \"Established Titles\" scandal; I am a big fan of Ryan Szymanski who's a world authority on battleships. One day he got bribed to make a video about https://en.wikipedia.org/wiki/Scapa_Flow which was a good reason to talk about battleships and Scotland. Pretty soon he's adding a cringy pitch to all his videos and unfortunately it is so hard to give somebody like the right kind of \"tough love\" which will set him straight, although after the scandal popped most of the people involved went back to remove the junk. reply Workaccount2 4 hours agorootparentYears ago, when it was the dominant player, Ad-Block Plus sought to strike a truce with advertisers, where they would dial back the invasiveness of ads, and ABP would sign off on these and whitelist them. This quickly led to a revolt from ABP users, and the ultimate collapse of the plugin. That is when uBlock was born and become the king. What we have is a positive feedback cycle where creators are forced to resort to worse and worse ads to cover the cost of the ever increasing number of ad-block users. It's just plainly true that every revenue generating ad you block (not necessarily profit generating ad) is an ad that must be fed to someone else to view for you. reply PaulHoule 3 hours agorootparentBad ads just aren't just on the web. I've had a longtime gym habit which sometimes has me in front of the TV around noon where the ads are all for products for people who don't have any money. I remember seeing a series of ads where my first thought was \"anybody except a TV executive or a politician would look at that and say it it's a medicare scam\" and watching the ads for a decade before it got in the news that it really was a scam and people are going to jail. Those ads win an auction to get there, they might be the optimal ads for that slot, but if you want to know why people have low trust in the media and low trust in the government, start there. I watched Tubi a lot last summer, which is in a wonderful honeymoon period, and was watching saturation advertising for P&G products that featured upbeat black people cleaning up (their own messes) with Dawn and Tide. Great, I say. They've got some awareness that they shouldn't run ads that drive viewers away. Maybe targeted ads will be good for television but the specter of https://en.wikipedia.org/wiki/Enshittification haunts the industry. reply ceejayoz 4 hours agorootparentprev\"I Don't Know How To Explain To You That You Should Care About Other People\" https://www.huffpost.com/entry/i-dont-know-how-to-explain-to... reply Workaccount2 4 hours agorootparentWhere is the article titled \"I don't know how to explain that ads (and the \"suckers\" who view them) are what keep the internet running\" reply endemic 1 hour agorootparentSure, I don't mind the ads. The pervasive tracking and data collection and profile building is where I draw the line. Tons and tons of JS churning my browser to sell me stuff. If my adblock eventually causes some sort of economic disaster, so be it. reply cobbaut 3 hours agorootparentprevThe Internet worked fine without ads though. reply Croftengea 4 hours agorootparentprevImagine your local cafe notices and starts feeding you poisoned food instead of asking to pay. reply Workaccount2 4 hours agorootparent>> it’s almost like punishing users for making the choice to browse the web without ads, reply carlosjobim 3 hours agorootparentprevYet hackers would be outside shouting and banging the doors, demanding to be let in to have the free poison, writing five hundred miles of comments about why they should not pay. reply ToucanLoucan 4 hours agorootparentprevYou are the exact type of person who ruins everything good in our society and burns out everyone who tries to do good for others because of your bottomless selfishness. And no, this is not a personal attack. This is an evaluation of your character as stated in your own comment. You and people like you are everything wrong with the modern world. People like you are why we have the most productive economy in human history and still have people starving to death next to grocery stores full of food. People like you are why people work 60 hours per week and still can barely afford to live. People like you built this awful, inhumane system that we're all forced to live under that exploits us at every single turn because there is no law against doing so, and so you do it. You put the screws to every last thing in your life to get maximum value returned for minimum effort. I genuinely do not use the word hate lightly, but I would use it here. reply staindk 4 hours agorootparentThe free coffee story is clearly just an analogy to the adblock thing. reply ToucanLoucan 4 hours agorootparentThat's possible, but it doesn't sound like an analogy to me, and I've known enough selfish assholes in my life to absolutely be able to picture this as a real thing that's currently happening. reply Workaccount2 4 hours agorootparentgestures towards the masses of shameless ad-blocking internet users Even here on HN, the first thing people do when a paywalled article is posted is provide the archive.ph bypass. reply taylodl 1 hour agoparentprev> it’s almost like punishing users for making the choice to browse the web without ads AKA depriving content creators of their revenue. If you're saying their content isn't good enough to pay for directly, and isn't good enough to endure ads in order to engage, then why are you trying to consume it? Look elsewhere. > or without the surveillance mechanisms that come with them I agree with this depending on what you mean by \"surveillance.\" There's a minimum amount of \"surveillance\" required to measure ad penetration and effectiveness and essentially provide assurance to advertisers that they aren't getting scammed. There's a whole other level of \"surveillance\" where the ad network (usually Google) is building a dossier on all your interests and every site you've ever visited. Some of that information enables targeted advertising, but you should always retain the right to opt-out, and see all the data that's been collected on you and edit it. You should also be able to opt-in to that data being sold and getting a cut of the proceeds, should you so desire. I wouldn't, but I could imagine some people would. Bottom line - people gotta make money to eat and oftentimes they're not giving away content for free. If you don't want to pay for it - that's your choice as a user: pay and consume or don't pay and move on. Calling on hackers to figure out a way to steal it may not have a future that works out to your liking. reply internet_points 5 hours agoprevIt's the closest we have to a browser not controlled by the corporate giants. Sometimes Mozilla makes unpopular choices and people raise a stink about it, but we do that because we hold them to a higher standard. With Microsoft and Google, we just expect them to Do More Evil, with Mozilla we expect Good and will complain loudly when they fail to uphold our principles, and we recommend Firefox because we feel like it is possible to expect Good from them. reply input_sh 5 hours agoparentMore like \"we'll complain all the time regardless of what they do by repeating the same talking points over and over again\". > How much do they pay the CEO? Why aren't they exploring other funding options? At the same time, why are they \"wasting resoures\" working on other things!? They should exclusively work on Firefox! > ...and that's why I stick to this Chromium fork with its own digital advertising service and its own cryptocurrency, but you can easily switch it off! reply mossTechnician 5 hours agorootparentOf all the ways to critique Brave, consider Mozilla's exploration of \"other funding options\" has recently been digital advertising. They purchased two advertising companies - Anonym[0] and FakeSpot - and have integrated FakeSpot directly into Firefox. Mozilla has an ad sales division [1]. Mozilla even added extra telemetry just for advertisers[2]. [0] https://www.theregister.com/2024/06/18/mozilla_buys_anonym_b... [1] https://www.mozilla.org/en-US/advertising/formats/ [2] https://www.privacyguides.org/articles/2024/07/14/mozilla-di... reply diggan 5 hours agorootparentprevYou know parent made a good point when comments come in attacking points parent didn't even mention or brought up. reply woolion 3 hours agorootparentprevI almost never use Chrome-based browsers, but recently was forced because debug points were simply not working on Firefox. You can strawman all you want, there are unfortunately technical points where Google is abusing its position to force its standards, but the primary architects of Firefox downfall is Mozilla. For the record, I used a Firefox phone for many years (and yes it did cause me a lot of problems), and remember vividly when they announced a luxury Firefox phone about one week before killing the project. reply pessimizer 2 hours agorootparentprevSo weird to paint consistency as a vice. \"Talking points\" is from the same land as \"gotcha questions.\" \"Talking points\" are the points that people are talking about that you'd prefer not to talk about because you don't have good answers for. So you pretend like repeating an unanswered question is an dirty underhanded plot. > How much do they pay the CEO? Why aren't they exploring other funding options? At the same time, why are they \"wasting resoures\" working on other things!? They should exclusively work on Firefox! This isn't a quote. Don't make up quotes. This is you putting words in people's mouths, and choosing the ones that allow you to reply with something about Brave. At the same time, you're excusing Firefox for doing things because Brave does similar things. The people switching to for-profit Brave from Firefox would have prefer a non-profit, user-focused Firefox, but have been pushed to the point where they don't see any moral difference between the two, so they might as well experiment. When Firefox was innovating, it was the founder of Brave that was running it. Most Firefox haters use Firefox. They just wish that it wasn't so bad, that it wasn't so much torture to put it into a usable state, and that the developers weren't actively fighting the users to keep them from putting it in that state, rather than centering on the users. They largely blame this on the company, Google, who subsidizes Firefox while competing with it. And on the company, Mozilla, that sucks all of that subsidy up in salaries, while seemingly neglecting the browser. reply pveierland 5 hours agoparentprevMozilla does plenty of really useful things! Super happy with Firefox as my primary browser. Shout-out to MDN as well for being an excellent reference on all things web: https://developer.mozilla.org/en-US/ reply kokada 5 hours agoparentprevYes, pretty much. While I don't concur with Mozilla 100% of the time, it is still the only major browser that I can have control (e.g.: by still having Manifest V2 extensions available). Also most of controversial choices in Firefox can be disabled or changed in `about:config`. reply scarface_74 5 hours agorootparentWhat about the choice not to optimize for battery efficiency on my Mac? reply julienwaj 5 hours agorootparentCan you please elaborate on that? reply scarface_74 4 hours agorootparentNeither Firefox nor Chrome optimize for battery efficiency like Safari does on Macs or Edge does for Windows. I’m not trying to be the “just Google it” guy without citations. But I couldn’t find a definitive citation - just general discussions and some YouTube videos including earlier discussions on HN. I searched for “firefox vs safari battery mac” and the same for Edge on Windows. reply lern_too_spel 6 minutes agorootparentChrome doesn't optimize for battery efficiency like Safari on Macs. It optimizes better than Safari. https://birchtree.me/blog/everyone-says-chrome-devastates-ma... reply Klonoar 4 hours agorootparentprevThey may be referring to the fact that Firefox is probably the worst on battery of the 3 main browsers when used on macOS. Safari does admittedly set a very high bar though, and only cares about 1-2 platforms at most. reply baxtr 5 hours agoparentprevI actually really like Safari… sometimes tabs sync across devices is buggy, reloads a lot. But other than that I’m quite content. reply politelemon 57 minutes agorootparentTo continue GP's comment, > With Microsoft and Google, we just expect them to Do More Evil, with Mozilla we expect Good And with Safari, a loathsome browser that's intent on recreating the IE6 conditions of yore, we give it a free pass. reply infinityplus1 4 hours agorootparentprevI tried switching to Safari 2-3 years back after getting a new M1 Air . After using it for a few hours, websites would just stop working and only fix was to restart the browser. After a few times, I gave up and went back to Firefox. reply p_ing 1 hour agorootparentprevI find the UI atrocious and primitive. The extensions are ManifestV3 alike and worse yet, pollute /Applications (why?!). I don't particular find Safari fast, it uses just as much memory as any other browser, and all the claims about power efficiency are never backed by any numbers, just like /r/macos parroting \"macOS good cus UNIX\" while not understanding there have been plenty of shit UNIX distributions. Plus the incompatibility with various sites... Just sticking with FF. I can certainly appreciate an OS-integrated browser, though. It makes life simpler for users and if you have the full Apple ecosystem, the tab sync is useful. reply segasaturn 5 hours agorootparentprevI find Safari on iOS to be nice, and Safari on macOS to be horrifically slow and inadequate, even on the newest M-series processors. It's like two different worlds, you can really tell that all of the engineering time is going into iOS because that's where all the money is at. reply ethbr1 4 hours agorootparentI heard someone recently describe Apple as a great hardware company with a few software people. Rings true! Most of the iOS / MacOS software issues are things that more bodies could fix. reply segasaturn 4 hours agorootparentIndeed, although most of the real work on the hardware side is done by TSMC on the processors, and Apple just does a good job wrapping that piece of silicon into a shiny glass and metal body. Apple's real superpower is getting people to spend money inside their ecosystem. They've essentially turned into a finance corporation pretending to be a tech company. reply ethbr1 2 hours agorootparentI'd strongly disagree. Apple designs their own processors (now), specs/sources their components (e.g. screens), and then does all the integration engineering. That's the bulk of device work. Which isn't to say that semi manufacturing isn't hard, but is to say there's a lot of effort between a chip and a device. reply frizlab 4 hours agorootparentprevI use Safari on macOS and don’t find it particularly slow reply frizlab 4 hours agorootparentprevI like it too. I use the Add to Dock feature a lot! E.g. for slack, which does not have a native app, I use the website instead. reply jampekka 5 hours agorootparentprev> I actually really like Safari… I guess you don't do web dev? reply redman25 5 hours agorootparentI do web dev and prefer safari. It’s less power hungry on a laptop. If you develop for the lowest common denominator, every other browser just works. There’s something to be said for adding _less_ features to web browsers. A simple web is a web where open source solutions can compete with chrome. It helps avoid a browser monoculture. reply dartos 5 hours agorootparentYeah but we’re not in a simple web. Safari isn’t trying to make it simple for you, they just use it to keep you in their walled garden. PWAs are a great example of this. The general idea was even a product of the Jobs era of Apple, before the App Store. Safari and iOS’s poor support of PWAs is exactly a result of Apple wanting to prevent app distribution channels other than their App Store. Choosing safari is choosing a more closed web, where missing standards means that you, as a safari user, are unable to access certain features or apps that Apple doesn’t want you to access. reply mrweasel 4 hours agorootparentI get that Apple shouldn't be allowed to dictate which features belong on the web, but you're just letting Google to it instead if you opt to use Chrome. Maybe I don't care about PWAs (which I don't), maybe I don't feel like the majority of APIs introduced lately belongs in the browser. There's very little of what you should be able to do on the web that you could not do 10 years ago. Yes, flexbox is awesome, let's have that, so is the dialog tag. WebGL, Blutooth, USB, device memory, battery status... No, the browser doesn't need to support that. reply gjsman-1000 3 hours agorootparentprev> exactly a result of Apple wanting to prevent app distribution channels other than their App Store Nah, it's because PWAs were a standard created by Google, with Google being the primary market driver, solely with the interest of advancing Google's own interests (both in undermining Apple, and making lower-end devices more usable in developing markets). Don't think Google invented PWAs, or heavily pushed them, out of some charity. Notice also that as the ultra-cheap phones (~$100) have become more powerful, and as Apple refused to take the bait, that Google's efforts behind PWA have mostly ended. The same goes for RCS, even though it was initially made by a neutral vendor forum. Google became the heavy pusher of RCS, not just for the sake of Android, but because they had carrier deals to use Google's own infrastructure (Jibe) for RCS, and forcing Apple to accept and integrate with their own infrastructure is a better position to be in. This is also, let's be clear, not the first time that Google has tried an \"open\" standard to advance their interests and bludgeon competition. AMP is what happens when the standard catastrophically fails. reply jamespo 4 hours agorootparentprevMissing standards like Manifest V3 that everyone was crying out for? reply mrweasel 4 hours agorootparentprevProbably depends on how you do web development. I don't like Chrome for web development, but others claim it's better than Firefox and Safari. I normally use Firefox, but would probably pick Safari over Chrome, if nothing else to avoid having to install yet another browser. We all know that the best web development tools ever to be created was those that shipped with Opera when they still used Presto. reply baxtr 5 hours agorootparentprevThat I do in Chrome I admit :) but for my personal browsing I use safari reply anthk 5 hours agoparentprevIcecat it's far more free than Firefox. reply Idesmi 2 hours agorootparentIcecat is Firefox. reply ekianjo 4 hours agoparentprev> Sometimes Mozilla makes unpopular choices Sometimes? They tend to hit the mark of bad decisions more often than not reply ziddoap 4 hours agorootparentPeople just remember the shitty decisions more vividly and for longer than people remember the dozens of good decisions made in between. Most good decisions don't get a full press cycle (because they are boring). reply mossTechnician 4 hours agorootparentMozilla's brand identity is tethered to specific moral prescriptions[0] that their products are supposed to abide by. People sold on that identity are bound to care. [0] https://www.mozilla.org/en-US/about/manifesto/ reply ziddoap 4 hours agorootparentThis seems unrelated to whether or not Mozilla makes bad decisions more often than not. I'm talking about frequency, you're talking about severity. People don't remember the 1000 times you did something correctly. reply scarface_74 5 hours agoparentprevMost of Firefox’s revenue comes from Google…. reply KaiserPro 5 hours agoprevI have been using mozilla for _years_ it got shit, then better, then shit, and now its close enough. The thing I _Love_ is container tabs. I can isolate empires by using container tabs to sandbox cookies and other web state. This means that ebay doesn't change my adverts to the last thing I searched on every site, and autoplay embedded youtube doesn't fuck up my video recommendations. It means I can hide my work gmail from my home, and separate search histories (although thats less relevant now with AI.) lastly, being able to scroll left and right on my tabs, rather than new ones being unaccesable is great. reply Vinnl 5 hours agoparentAnd for those who do actually feel they want to separate their extensions and passwords and such as well, there's a Profiles revamp coming up that's looking really good in Nightly: https://connect.mozilla.org/t5/discussions/here-s-what-we-re... But yes, people should learn about Multi-Account Containers if they haven't, yet. It's a killer feature that no other browser has. This is the extension to enable the UI for it: https://addons.mozilla.org/firefox/addon/multi-account-conta... reply asabla 4 hours agorootparent> there's a Profiles revamp coming up that's looking really good in Nightly Oh wow! I totally missed this. Thank for sharing! I've been using multiple browsers for as long as I can remember. But always liked Firefox ocer the others. Especially now with container tabs. And the only thing I keep wishing for, has been a better experience with profile management, but also running the browser in different profiles. I'm really looking forward for these updates reply WorldMaker 3 hours agorootparentI've been using the silly hack of using two versions of Firefox side-by-side (so, multiple browsers but they are both Firefox today), one which is Default in the OS and focuses on a single profile and Container Tab management. The other launches into the ProfileManager at startup to choose a Profile and doesn't pick up random links because it isn't Default. Better Profile Management tools may be nice to see. Maybe I won't need dueling builds of Firefox. Or maybe I'll keep it, we'll see. reply pxoe 4 hours agorootparentprevFinally, it only took them 10 years to get around to updating that decades old UI. Wonder which other decade old UI parts are they gonna tackle next? ooh, will they finally do something about Library and the whole bookmarks/history menu/sidebar/window mess? It's a little insane how so much time has passed and so many versions were released, and some interface stuff still remains unpolished and disparate. Firefox simply can't get it together on that front. For tab containers, maybe there's a \"good reason\" that no other browser has that feature, cause it is confusing both as a concept and in use, and doesn't separate the rest of the stuff (or even the stuff in intends to separate when it's cumbersome and peculiar to use). Like, shared history, or inability to have separate extensions, defeats many of the purposes people use profiles for - which is an actual complete separation of things. reply vianneychevalie 3 hours agorootparentAs a consultant, switching between my many clients, testing, and home accounts is simply Alt+F+B+Arrow down (\"Open new container tab\"), all within the same UI, in the same window, with colored tabs, with the same extensions, and same password manager. I've been in situations needing up to half a dozen different Microsoft accounts (multiple Teams clients in Firefox, for instance), other browsers haven't solved this daily use-case for me. It's an easier account management tool. reply greggyb 1 hour agoparentprevI have 4 Microsoft accounts I use regularly for work. I also do some consulting and often end up with credentials provisioned at a client (don't get me started on this). It is so convenient to have container tabs. All my extensions are available in new containers, unlike multiple Chromium profiles (or Firefox profiles). Container tabs also pair very well with Simple Tab Groups, which allow you to pin a container to a group, so that everything for one account ends up in one place. reply magicmicah85 5 hours agoparentprevI'd been using Firefox for my work device for years but I only discovered containers and how awesome they are. My company was acquired and we still use microsoft accounts for different purposes. Jira works with this account, but sharepoint works with that account. Can't be logged in with the same azure account at the same time, but with containers, I can. It's great. reply prmoustache 4 hours agorootparentIt is really useful to log on different aws account at the same time too. reply _zamorano_ 1 hour agoparentprevI agree on the desktop version (Wi", + "originSummary": [ + "Firefox is praised for its superior tab management, built-in Pocket feature for saving links, and a privacy-focused email relay, making it a strong alternative to Chrome. - Additional features like a user-friendly screenshot tool, a ChatGPT button, Picture-in-Picture, customizable search options, and smooth scrolling enhance the browsing experience. - Although Firefox lacks Chrome's web app feature, its thoughtful design and reduced resource demands make it a preferred choice for some users." + ], + "commentSummary": [ + "Firefox users face challenges from platforms like YouTube, which may intentionally degrade the experience for non-Google browsers or users employing adblockers. - This trend raises concerns about user autonomy, as it penalizes those opting for an ad-free and surveillance-free web experience. - Firefox offers unique features, such as container tabs, which enhance privacy and usability, making it a favored choice for users seeking independence from major corporate-controlled browsers." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Sonos CEO steps down after app update debacle", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "reuters.com#cmsg{animation: A 1.5s;}@keyframes A{0%{opacity:0;}99%{opacity:0;}100%{opacity:1;}}Please enable JS and disable any ad blockervar dd={'rt':'c','cid':'AHrlqAAAAAMAl5pnFgxguYcArMi08A==','hsh':'2013457ADA70C67D6A4123E0A76873','t':'bv','s':46743,'e':'97abffb06feaf1774bc6926350dbfe2303755360fa852007a9f276482c8afb37','host':'geo.captcha-delivery.com','cookie':'qx37WficR5b98NKukCh5Ozoy0XjPDW~3EN653ha4rkvM~eRW9sI_qbwr3DmKhHw2HemzW5gG3bK_GBkO~T4X~L_y~DNaB2b36CAgANRN~yExPwnKkT_JbnGnC38D7NKH'}", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "Sonos CEO steps down after app update debacle (reuters.com)409 points by saaaaaam 23 hours agohidepastfavorite493 comments crooked-v 22 hours agoIt's less the app, more the business decision to tell people who had spent thousands and thousands of dollars on elaborate sound systems to go throw it all in the trash and start over, all at once. Even Apple has never been that bad. They drop support for things over time but even their roughest transitions (x86, Apple Silicon) have come with extensive day 1 support for previous functionality. reply schappim 21 hours agoparent> throw it all in the trash and start over People will think what you’re saying is hyperbole; however, I was on a walk with the family, and I saw a Sonos speaker in the trash. It looked like new and a fairly recent model. I lugged it home, and it was a $US500 Sonos Play:5 speaker system [1]. Once home, I plugged it in, and it powered up. I tried to pair it with my iPhone using the new Sonos app, and it didn’t work (the app never found the speaker). I then tried the same again using my development Android device, and it instantly worked! Once it was set up with the Android app, I could access it via the iPhone version of the app. I can only imagine some iPhone owner literally threw it in the trash because he couldn’t get the iOS app to work. Bonkers… [1] https://files.littlebird.com.au/pb-BfEVPbWlDe-hkxfK0.png reply dmazzoni 15 hours agorootparentI have some old Sonos speakers that have been gathering dust for a while. I decided to sell them because they still have some value but I don't really want them, especially with what the company has done recently. However, I wanted to set them up again to make sure they work. I spent hours trying to get them to set up again with no luck. I'm sure this is exactly what other users are experiencing. The old app was so nice and reliable. I don't have an opinion on the new app because I just literally can't get it to connect. And I know they're not dead. One has an audio-in jack and still plays. It works great. There's no reason any of them shouldn't be fine. The only thing that changed was the app. I just want to get them set up so I can sell them on Marketplace for a good price as fully working. reply jwr 7 hours agorootparentOld Sonos hardware works great with Roon. I am very annoyed at the planned obsolescence that Sonos has been pushing for a while now. I stopped buying new Sonos hardware, I'm still using all my old hardware, just not with the terrible Sonos apps, but with Roon. I also took to aggressively repairing very old hardware that was actually failing (ZP80 players), because of the Sonos planned obsolescence policy. Recapping the PSU did the job, and I intend to keep them going for as long as I possibly can. reply CamelCaseName 9 hours agorootparentprevIt's insane to think of the collective number of hours wasted on this. Yet people will still buy Sonos! reply Spivak 4 hours agorootparentAre there any alternatives (for multi-speaker synced audio) since the Chromecast Audio was discontinued? reply applied_heat 2 hours agorootparentI’m still using chromecast audio they work great! reply petepete 10 hours agorootparentprevFunnily enough I bought a Sub Mini last year and had to borrow an iPad to add it to my system because it failed on Android, even when being walked through the process by someone from Sonos support. reply aksss 20 hours agorootparentprevEEVBlog had a video about mod'ing a dumpster-found Sonos Play 5 into a cloud-free working system. EDIT: Whoops, here's the link: https://www.youtube.com/watch?v=IeIk-4ItQ70 They (Sonos) basically willfully attempted to brick their consumer devices, and since many sonos customers were prosumer enthusiasts but not technical (hw or sw) it really did signal EOL for the products. Bananas. I still have a my Play1/3/5 infrastructure operating through Home Assistant and AirBridge that turns them into Airplay devices. It's not perfect but still gives them utility. Considering how much they f'n cost.. reply schappim 20 hours agorootparentPerfect! It turns out this was a Sonos Play 5 too[1], although mine is seems to be a newer Model S100! Funnily enough, I own an electronics company and Dave is just down the road :-) [1] https://files.littlebird.com.au/pb-BfEVPbWlDe-hkxfK0.png reply isatty 21 hours agoparentprevAt the risk of defending a megacorp: Apple has always been great about supporting their devices for a long time. reply HanClinto 4 hours agorootparentIt boggles my mind that I'm not able to download the oldest released version of software that was compatible with my old version of iOS. My iPad is too old to upgrade to the new OS, but yet no software is available for it in the store, because all new apps are encouraged to be re-released for the newest version of the OS. My device is completely frozen in time from whatever software was installed on it when it went out of support. reply Ntrails 1 hour agorootparentI have an old iphone somewhere and I also experienced this frustration. I appreciate you're not compatible with my ios - so give me the one that was. I don't care about whatever features you've added However, I do suspect app developers don't want to be on the hook for supporting old versions, should they continue to serve things in need of security fixes etc etc. I don't entirely attribute it to malice. reply philistine 1 hour agorootparentprevWhat are you talking about? You can absolutely download the last compatible version of an app: https://appleinsider.com/inside/ios/tips/how-to-get-apps-for... reply HanClinto 49 minutes agorootparentThanks for the link! I wasn't aware of some of these workarounds. Your link is very helpful, but also notes some of the limitations. Namely, this doesn't work if the software has been purged due to not being updated recently, and it doesn't really work to find new-to-me software (that I haven't purchased previously). Even if it's technically possible to reinstall software that I've previously purchased, it is very limited in its ability to install new-to-me software. reply troad 16 hours agorootparentprevBy phone standards, yes. By computer standards, absolutely not. reply cocacola1 15 hours agorootparentI dunno, I ran my mid-2012 MBP until ~October 2021. In that time, I got it serviced once for a screen issue that they fixed under some program (after the warranty period). I think it got security patches as recently as then. That seemed like a solid run to me. reply troad 14 hours agorootparentThe last new OS that a mid-2012 MBP received was High Sierra, in 2017. That was the OS that added warnings about the impending breakage of all existing 32-bit apps (!), you may recall. My own MBP from the same era as yours succumbed to a logic board long before then, and I replaced it with a late 2016 MBP, which came with a touch bar + butterfly keyboard, had terrible performance, stopped receiving updates after Monterey (2021), no longer receives security updates, and (obviously) can't run modern ARM-based Mac software. (Incidentally, it was also the single most expensive computer I ever bought, even to date!) Not a very solid run, I'd say. Personal anecdotes aside, I don't think it's too disputable that Mac has never taken backwards compatibility or computer longevity anywhere as seriously as Windows or Linux have. reply cocacola1 14 hours agorootparentI had the Retina, which went up to Catalina (which is the last major OS mine had), but it also got security patches up until 2022. I upgraded to the M1 MBP when they were released, but last I tried, my old MBP still booted up. Ah, yeah, I do recall the horror stories about the butterfly keyboard ones. Sorry to hear it. I was able to skip that entire generation because mine ran like a champ. > Personal anecdotes aside, I don't think it's too disputable that Mac has never taken backwards compatibility or computer longevity anywhere as seriously as Windows or Linux have. I think this is probably true. Unfortunately, the reason I moved to MacBook's in the first place was because I had a terrible run of Windows PCs & laptops. I think I had 4 or so between 2002 and 2012, but only 1 between 2012 and 2021. I suppose that's why I'm partial to Macs. reply troad 14 hours agorootparentI hear you! You had a great device through some of the best years of OS X. I wasn't as lucky, but that was a big impetus for eventually pushing me to Linux, where I'm very content with my combo of a Mac-ish DE and actually being in control of my device. reply cocacola1 11 hours agorootparentYeah, if I ever were to switch OS’s, it’d probably be to Linux thanks to it being more Maclike. Could never go back to Windows at this point. reply adamors 9 hours agorootparentprevWhat are computer standards actually? I have two macbook pros from 2015 running still, perfectly fine for regular \"computer\" usage (non-development). reply mixermachine 9 hours agorootparentYour Macbooks no longer receive (security) updates. They already have missed three MacOS releases: https://eshop.macsales.com/guides/Mac_OS_X_Compatibility Please don't do anything security critical with them. Other OS providers do support the devices longer. At least for core OS updates. reply philistine 1 hour agorootparent> Other OS providers do support the devices longer. At least for core OS updates. Microsoft is abandoning 63% of its user base later this year, with an untold amount of those users unable to update to Windows 11 due to the requirements of a processor released after 2017. Keep in mind that with how the average Windows user buys their device, it's common to see brand new computers with two years old CPUs. With the pandemic having forced everyone to scrape the bottom of the barrel for laptops, there are so many people getting bitten by Microsoft right now. reply davweb 8 hours agorootparentprevThe last security update to Monterey was in July 2024. 9 years of OS support seems pretty good to me. reply msoad 9 hours agorootparentprevNot sure why you say this. I know multiple 10+ yo MacBooks still operation. reply coro_1 19 hours agorootparentprevUsually yeah. Though it sure appears that a lot of apps requiring a recent iOS lately don't need too. It's curious where that push is coming from, if they're all individual company choices, made at once, for the first time ever. reply rogerrogerr 19 hours agorootparentIt’s relatively easy to justify supporting only one or two major versions back if you’re writing an iOS app. There are stats out there on how many active devices are on what version, it’s pretty striking. Especially compared to Android. reply coro_1 19 hours agorootparentAgreed of course. Though currently iOS 16 is the standard and that goes back about 2.5 years. Which is sort of a shift from many major apps supporting an iOS dating back 4-5 years. reply marcellus23 18 hours agorootparentWhere are you getting these numbers from? Do you have stats to back them up? When I worked as an app developer we would only support back 2 or 3 versions, and that was 5 years ago. Anecdotally I have not noticed a shift to only supporting more recent OSes. reply pcl 18 hours agorootparentpreviOS 16 is supported on devices back to iPhone 8, which came out in September 2017. That’s seven and a half years ago. Apple has done a good job of supporting old devices with new OS releases; they also subset old OS’s. That seems like a fair trade. reply NoPicklez 19 hours agoparentprevThat sounds a bit over the top I have two Play 5's that I have had for a decade and they're still currently set up working completely fine on an Apple device. That's a speaker that was released 16 years ago and still works through the Sonos app, still allows me to play Spotify, still works natively with the Playbar to watch movies and TV. That sounds pretty good to me. If people want to throw out their hardware and buy new that's fine, but they haven't needed to throw out their Play 5's. If I was still using an Apple iPhone from 2009 you can bet it would be a terrible experience reply mrWiz 16 hours agorootparentThere was a time when Sonos really tried to EOL \"Gen 1\" devices, including the Play 5. There was such a backlash that they backpedaled a bit, but Gen 1 devices lost the ability to interact with Gen 2 and later devices and you need to use a different app for them. reply NoPicklez 16 hours agorootparentGen 1 devices included among their product line was really only the Play 5 (Gen 1). Every other device, Play 1, Play 5 (Gen 2), AMP, Play 3, Playbar, Playbase, Sub all of these products were made compatible with both S1 & S2 apps. Outside of the Play 5 (Gen 1) there weren't really many other products people were buying that were left out. reply exodust 11 hours agorootparentI'm a Sonos hater. I will never ever buy a speaker again that comes pre-bricked unless you \"activate it\". I will never ever buy a speaker again that demands I enable precise location in order to \"discover\" the speaker on my network. Approximate location is not enough. Sonos demands your home address before it permits you to use your speaker. Even aux line-in. I will never ever buy a speaker again that requires I log-in before I can set certain things unrelated to online use, such as the volume limiter. I will never ever buy a speaker again that has an obscene amount of delay even when using the aux line-in. And yes I toggled the setting in the app to \"reduce delay\" and followed all the steps to reduce the delay as much as possible, but the delay was still there. Forget about using a Play5 gen2 for home theatre or anywhere you need low-latency. Rant over! reply jjcob 8 hours agorootparentRequiring \"precise location\" is probably necessary because it wants to use Bluetooth to discover speakers. Any app that uses direct bluetooth could theoretically get your precise location from a Bluetooth geotag, so Apple requires apps to get \"precise location\" permission before being allowed to use bluetooth. reply exodust 37 minutes agorootparentNot correct, not even close. reply pcchristie 13 hours agorootparentprevKind of dishonest to compare a speaker to an iPhone isn't it? reply ssl-3 20 hours agoparentprev2 out of 3 of my Sonos devices were rendered useless by their policies. One day they were functional and working, and the next day they were not. One of these was a fancy, very expensive jog-wheel remote that I rather liked (every one of these in use all got absolutely bricked, deliberately, in a bullshit move), and the other was a Sonos Bridge (a wireless access point) that they didn't deem worthy of working with new software (even though that was also bullshit). The remaining device has mechanical issues (as old speakers sometimes do). This one is disappointing, but at least it isn't irrational. reply flybrand 16 hours agorootparentwe moved into a home that had wired speakers installed in every room all to a central Sonos enabled device - it is all old. It worked perfectly until this. Funny thing is, we thought it was silly when we moved in - then we grew to love it. Now I hate them! reply matwood 8 hours agoparentprev> It's less the app, more the business decision I like to reverse decisions further back. The connected speaker is basically a commodity at this point. Sonos does have some nice features, but they are very expensive. I think the ceo saw the down sales and lack of new products and rushed out the app hoping it would work and boost sales. Obviously it was a disaster, but I’m not sure if sticking to the status quo would have led to any different outcome in sales. reply Closi 12 hours agoparentprev> It's less the app, more the business decision to tell people who had spent thousands and thousands of dollars on elaborate sound systems to go throw it all in the trash and start over, all at once. As a Sonos purchaser, ironically product longevity was the reason I bought so much of their stuff! While other similar systems would drop support for old devices eventually, I could be confident with Sonos that I was investing in stuff that would continue to work. … until now! I’ve started to lose confidence. Which is a shame - I’m moving into a new house and wanting a sub, but now questioning if that’s a sensible decision given I don’t know how long my older speakers will work for now they are going glitchy. Real shame! reply alkonaut 10 hours agoparentprev> It's less the app, more the business decision to tell people who had spent thousands and thousands of dollars on elaborate sound systems to go throw it all in the trash and start over, all at once. What does this refer to? Did Sonos drop support for products? When was this, which products? reply philjohn 5 hours agoparentprevIf this is the thing YEARS ago, they backtracked and they still work via the S1 app. reply mandibles 20 hours agoparentprevAre there any projects working on open protocols for digital audio distribution? Any chance manufacturers opt into open protocols? reply paradox460 19 hours agorootparentThere's a bunch of stuff built around the old Logitech media server system, with open source implementations running on esp32 and raspberry pi, as well as a slew of other devices reply noman-land 1 hour agorootparentGot any links you can share? reply kjkjadksj 22 hours agoparentprevWell that is basically the model of the home stereo today. People don’t realize sound was solved decades ago. How they could get the same stereo their grandfather could have ordered from the sears catalog and some cabinets from that sears catalog and that would be better sound than they are capable of ever perceiving, and how it would last them their entire life on that one stereo and probably the lives of multiple generations of family members. With IO that has always been a standard and always will be a standard. And a stereo like this isn’t even terribly expensive. A couple hundred up front for never having to make another home audio equipment purchase in your life is some serious savings. Instead they are sold soundbars and other crap tiny speakers that are not built to last, and might use specific io to connect over open standards that have been around for decades. They end up spending quite a lot more money for a shit experience that they are none the wiser that there are even alternatives to, without becoming audiophiles themselves consuming hundreds of pages of relevant media in that niche. What a cash cow of an industry. reply jnwatson 21 hours agorootparentI've been dabbling in Hifi for most of my life, a hobby inherited from my father. I have some awareness of consumer Hifi over the last 50 years. Speaker and amplifier design are vastly better than even 15 years ago, partially because of better engineering and mostly because of advances in electronics. An entry level receiver today would wipe the floor with consumer level equipment from the 80s. Still, traditional Hifi is dying to the \"crap tiny speaker\" folks. The company that owns Denon and Marantz may go out business this year. It is ironic because traditional Hifi is in an amazing place in terms of value. I recently bought a budget ( The company that owns Denon and Marantz may go out business this year. Oh man. I guess I better stock up on the latest Marantz before the go out of business. The last one I had was my dad's and it lasted 50 years. Actually, it still works, it just requires you to manually power it on. reply kuschku 17 hours agorootparentprev> Speaker and amplifier design are vastly better than even 15 years ago Let's break this down into the components: Speaker drivers: very little change Speaker chassis design: still changing, last major change was improved computational modeling Amplifier: Class D was the last major change, not much since DSP: Still evolving, getting better every day AV Receiver control boards: Standards are changing every day, whether that's new HDMI standards, new bluetooth versions, or new AirPlay/Chromecast protocols. TL;DR: Buy old speakers and a new receiver/amp. reply pcchristie 13 hours agorootparentOr buy a great, \"dumb\" amp and a modern Streamer (e.g. Wiim) as the best way to minimise waste when standards inevitably evolve. reply alkonaut 9 hours agorootparentNeeding cables between a \"streamer\" box and my amp, and then cables from the amp to the speaker(s) already makes it a whole different category of gadget from Sonos. The key thing Sonos sells is the single power cable setup. Wiim does sell an amp model that removes one of the steps. That's probably the one I'd go for if I accepted speaker cables. Less waste reduction BUT at least you don't have the separate amp volume knob and power switch to worry about. reply Terr_ 14 hours agorootparentprev> Still, traditional Hifi is dying to the \"crap tiny speaker\" folks. I wonder if it also ties into living situations and customers that are in a separate house. With my apartment-situation, I'm always using a headset (or bluetooth headphones.) Perhaps not crap tiny speakers, but not so big that making them good takes as much effort. reply stetrain 21 hours agorootparentprevWell one of those options lets me click a button on the phone in my pocket and play music across multiple rooms without running any wires between rooms. And similarly supports surround-sound audio without running wires around or inside walls. I appreciate the value in a basic stereo system but there are some major differences in functionality to the end user. reply xp84 21 hours agorootparentI'd point out that all that was needed to add that capability to a 1970 stereo is one of these devices: https://www.sonos.com/en-us/shop/port Although I laughed out loud that they're asking $450 for that little box. That's pretty cheeky. The BOM on that must be $15. Margin level: Apple! I wonder if they make it $450 to discourage doing just what I'm describing. To make people consider that for that kind of money they could buy one decent Sonos speaker and \"simplify.\" Even though the Sonos speaker won't have anywhere near the sound quality or longevity of a 40-year-old stereo amp and speakers. reply ssl-3 20 hours agorootparentSort-of. Neither a Sonos Port nor something like an Alexa Echo Dot nor the long-discontinued Chromecast Audio can awaken my stereo (whether from 1955 or 2025), select the appropriate input, and allow me to start playing music from my phone. A Sonos speaker does allow that, though. And so might a modern sound bar when combined with things like CEC and a regular-ass $25 HDMI Chromecast. reply xp84 19 hours agorootparentThe Sonos Port claims to be able to trigger your amp to turn on, though I don't know how it works. It's called a \"12v trigger.\" Quick searching mostly found people asking on Reddit how the heck they could use it and mostly getting \"most hardware doesn't support it.\" I did find this interesting comment, though: > You can get a secondhand Sonos Connect (Gen 2) for about $100 these days; they are the predecessor of the Port and are functionally the same for your purposes. Also if I wanted to make a product like the Connect/Port I think I would spend another $3 in materials to add both an IR blaster (like the Harmony hub has -- it's so powerful it bounces off the walls perfectly well even to devices on different shelves) for amps with remotes, and to also offer as a separate purchase, a simple relay switch module for old stereos that don't have remotes -- they could be left on and have their power controlled by the Sonos. As far as I know that's not a thing with any Sonos or competing product, though. reply kuschku 17 hours agorootparent> though I don't know how it works. It's called a \"12v trigger.\" THX introduced the trigger port to allow one amp to start other amps. Before that amps would have a 110V passthrough socket. THX trigger is a mono 1/8th inch / 3.5mm TS plug. Each device usually has one 12V in and a 12V out. While it's on, it'll output 12V at up to 30mA[1]. Due to current fluctuation and the low max amp it's recommended to use an opto-electronic isolator at the input. THX originally introduced it to allow for home cinema surround. At the time commercially available amps only supported 2 channels, so the first THX systems had one receiver decoding the dolby signal, providing a line level output that you'd connect to multiple stereo amps. Due to the currents required the 110V passthrough wasn't an option, so 12V trigger was born. Before 12V trigger existed the IR/Remote port, which allowed you to connect an external IR receiver to TVs, VHS recorders and Amps. This used the same plug, but would modulate the IR remote signal directly. You could also use this to connect multiple devices and allow them to send remote control codes to one another. But that feature disappeared quickly due to limited compatibility. In computers 12V trigger and remote ports inspired the I²C based DDC standard for VGA monitors, which allowed turning them on or off or changing settings. DVI and DisplayPort kept DDC as is, while HDMI expanded DDC into the CEC standard, which also allows controlling volume or sending media controls in a standardized way. Nowadays 12V trigger is mostly being replaced by HDMI CEC. ________________________ 1. Some devices support up to 80mA, Sonos even provides 100mA reply ssl-3 14 hours agorootparentprevSuch a 12v trigger would be useful for a plain stereo amplifier, which are relatively simple things -- so simple that they may not even have a volume control. This would allow a Sonos Port to have a dedicated amplifier connected (for driving one big stereo pair of speakers, or maybe an array of 70v distributed audio speakers, or who knows what) and control when it is powered on. But it won't turn on my AV receiver (it has 12v triggers, but they're all outputs), nor switch its input mode appropriately. (Yeah, sure. I can hack something up with an ESP32 with IR or RS-232 or even Lego Mindstorms or something from Switchbot, but Sonos buyers and hardware hackers are naturally somewhat diametrically opposed: A person who buys Sonos gear wants stuff that just works, not a new hobby.) reply erinaceousjones 18 hours agorootparentprevChromecast Audios are still easy to pick up on eBay (or if you're in the UK, CeX, that's where I got one). Any old cheap plug tied to Home Assistant (or plain old Google Home in my case) for auto powering on my Cambridge Audio amp. (I'm not fancy enough to care about automated input switching between TV and music, I just get up and turn the knob, but turning off the hifi remotely I like) Music Assistant supports streaming to Chromecast from TIDAL at the native (24 bit, 96khz, flac/m4a?) format. And TIDAL mobile app itself supports casting to Chromecast devices as you'd expect. Those 3 things combined got me an old school hifi set up which I can include in my Chromecast groups of shitty sounding second-hand nest minis, so I get multi room audio where one room has the most audio :-) but I could swap out the shitty pucks for some more CC audios if I wanted to fork out for more amps and bookshelf speakers. I trust Google to at least not intentionally brick their old devices and chromecast is built on mDNS and documented http endpoints enough that you can automate your own stuff in your LAN that you should be able to keep that stuff working in home assistant + music assistant should Google ever decide randomly they wanna sunset Google home (so, 50% chance of them announcing that in 2025). Homebrew you can roll your own DIY multi room hifi audio using stuff like Hifiberry, too. Pipewire/PulseAudio/JACK on raspberry pi / NUCs should be able to get you surround sound over the network with minimal latency (although you probably want decent ethernet), since you can make a virtual sink that bridges the audio servers together. You have one of those fancy hifis that has hdmi inputs and digital input selection and whatnot? Okay yeah you'd have to roll your own HDMI CEC automation again with a raspberry pi or whatever. Eminently doable. There's definitely ways to get multi room audio of equivalent or better quality and at-least-equal user experience as long as you're willing to invest the time in doing loads of DIY shenanigans, but honestly it's pretty easy these days. For me, I think the \"this is too complicated for me to implement\" bar is not high enough to warrant buying Sonos reply javier2 20 hours agorootparentprevYes, this is annoying. I settled for the cheap variant: Let any hdmi device grab focus. The tv has spdif to the amp. Amp is always on the spdif input. I can change sources on the tv and the sound will follow, if I want youtube or spotify to play, I have to use chromecast on the tv or airplay to apple tv. It works ok for only a single cable. If the tv is off, the sound is off. reply gizmo 20 hours agorootparentAn amp will wake on hdmi (arc) input, but it won't wake on spdif. Unless you figured out something clever you still have to mess with multiple remotes and turn devices on/off individually. reply hmottestad 21 hours agorootparentprevI have a 40-year old amp and speakers at home. My dad’s old stereo. Works fine, but it has so much static buzz. Sounds great though. I’m just a bit hesitant to leave it powered on all the time which means I don’t use it much compared to my Bluetooth speakers. Old power supplies are not very efficient. They can get hot. There is also a decent amount of dust. And then there is the risk of some old cap blowing. reply mixmastamyk 1 hour agorootparentBuzz is not normal. Either it was really low quality, (unlikely since it has lasted this long), or it is not properly grounded. reply tshaddox 20 hours agorootparentprevI would be surprised if that device can power cycle or control the volume of a stereo from 1970. reply turbojet1321 13 hours agorootparentprevMy favorite recent discovery in the HiFi world (after losing interest about 15 years ago) are the WiiM network streamers. Connect them up to any old system via RCA, toslink or coax and you can: - stream from a wide number of subscription services - stream from your own DLNA server or samba share - cast from Chromecast or AirPlay - with multiple devices, you can do multi-room synchronized streaming - apply parametric EQ, including (in the higher end models) auto room correction - hook up a digital source (eg, TV) so you can apply EQ - hook up an analog device (like a turntable) and stream it to the rest of the devices in the house The app's surprisingly good, the firmware updated regularly. The cheapest version is under $100. They're like Chromecast Audio's on steroids. When (eventually) they die or get superseded, it's easy to replace without needing to touch the rest of the system. I have 3 at the moment, the main one hooked up my amp and speakers from the 80s, which I picked up used in the 2000s. reply pcchristie 12 hours agorootparentWell said. I have a Wiim Pro & Mini, and love them both. And it's the best way of minimising waste (given some waste is inevitable as standards change, until they let us change the board inside the Wiim or something!) reply turbojet1321 12 hours agorootparentI've been really impressed by how they keep pushing features out to old devices. Like, there was no reason for them to give the Mini 10 band PEQ - they could have made people upgrade. But no, the working (seemingly quite hard) to get the performance out of the chip in the Mini to do it, and pushed the update out to everyone. reply tyre 19 hours agorootparentprevI have a raspberry pi running an AirPlay server[0] and nothing else. Turned some nice analog speakers into airplayable for like $20 [0]: https://github.com/juhovh/shairplay reply semi-extrinsic 20 hours agorootparentprevIf only there was a small and very cheap device with wifi and aux out that you could plug into your old stereo, and instantly get the possibility to cast music directly from all your Android apps. Like a Chromecast but for Audio. Seriously, this was a thing 10 years ago! I bought five, and they all still work perfectly. They do multiroom audio. They are compatible with the new Nest speakers. The only reason we can't have them today is corporate greed and rent-seeking MBA fuckers. reply addicted 20 hours agorootparentThe Chromecast Audio was a wonderful device. I unfortunately lost all mine in a move but there’s been absolutely no way to replace them :-( reply ssl-3 19 hours agorootparentThey're still out there. In the US, MSRP at launch in 2015 was $35. With inflation, that's worth ~$46 today. I see one on eBay right now (open-box, allegedly never used) for $60, delivered, in buy-it-now format. $60 is not an ideal sort of price, but it's not something that seems extortionist or anything compared to the inflation-adjusted price from 2015. reply addicted 12 hours agorootparentTrue, but relying on old units available on eBay is not a long term solution. reply applied_heat 35 minutes agorootparentIt is Probably just fine for the next 10 years. Chromecast audio are working great for me with my 70’s receiver and modern mini amp and Bluetooth speakers with line in. reply izacus 10 hours agorootparentprevThere are companies out there that make similar devices now luckily (sadly they're more expensive :/ ) reply jamesy0ung 17 hours agorootparentprevUsed Airport Express is pretty good if you're an Apple household. reply ramses0 12 hours agorootparentBelkin SoundForm Connect + a physical power button amp. So many people chasing so much complexity, but this seems like the precursor to the WiiM(?) - first I'm hearing of that one. (FYI, I chased that route, there is/was _one_ model that worked as an airplay2 device, but it still didn't feel as \"native\" as the modern HomePods ... icon was different, pairing was slower and slightly flakey... I moved to the belkin directly and have been happier. That and home assistant allowing single target airplay1 support to chrome cast / google nest devices sometimes is useful in a pinch) reply herf 15 hours agorootparentprevPeople seem to like the WiiM streamers, but I have not tried one yet. reply turbojet1321 13 hours agorootparentI have 3 - they're awesome. reply JetSetIlly 12 hours agorootparentOh interesting. I was recently in my local HiFi shop (been a customer there for 40 years) to buy a new CD player and I noticed a WiiM box behind the counter in a display cabinet. I just assumed it was some sort of aging Nintendo Wii gimmick. I'm being serious. If it has nothing to do with Nintendo then it's terrible branding. reply turbojet1321 12 hours agorootparentThere are a bunch of hifi brands that are making great products but don't have great name branding: SMSL, Topping, WiiM, Fosi (I own 3 of those 4, lol). The upside is that they mostly seem to care about making good products rather than branding. reply JetSetIlly 12 hours agorootparentRight. I'll go back to the shop and have a closer look in that case. I like the idea of a streaming device to connect to a normal stereo system. TBH, I didn't even know such devices existed. I thought that if I wanted to stream from Spotify without a PC I would need to go down the Sonos route, which I obviously don't want to do. The problem with not having good branding is that potential customers walk right past your products. It's only chance comments in this thread that's made me take a second look. Thanks for the info :-) reply dfltr 21 hours agorootparentprevIt feels like one of those low-sci-fi settings where we thought it'd be funny and quaint to have post-collapse scavengers endlessly repairing retro tech, but now it's actually happening and it's not funny anymore. Like for example: My dad bought a hulking integrated Akai amp / cassette / turntable combo in the early 80s. Every user-facing component was brushed aluminum, the volume pot was the size of a Dallas church, and it probably would have killed any living organism you dropped it on. My dad died over a decade ago and I guarantee that amp is still sitting in someone's living room heating the place up. I'm just mad it's not in mine. reply kd913 22 hours agorootparentprevI think there can be a difference here. Was looking recently at the power requirements of an amp + subwoofer + 5 5.1 JBL surround speakers. The setup was done decade ago, and the power needed for it was nuts. Something like 500W for a Denon amp and 250W for a JBL subwoofer? For reference something like a OG HomePod consumes what 45W? The Sony srs xg500 boombox can last 30hours and is a giant room shaking boombox. The difference in power efficiency between these old and new setups are nuts. Nevermind compatibility with AirPlay, streaming etc… reply kristjansson 21 hours agorootparent> 500W Amplifiers are quoted in peak output, not average (and play some games with other parameters e.g. resistance) to capture bigger-number-better sales. A 750w system will consume nowhere near 750w at typical listening volumes (just like your 750w PC doesn't use 18 kWh every day.) reply throw-qqqqq 21 hours agorootparentprevUnless you’re playing REALLY loud, I don’t think you are anywhere near 250 or 500W of consumption. I would guess it is the maximum rated power? Even with quite old and inefficient amp + speaker combo, 30W of sound is usually a lot(!). Tube amps are an exception. They can be very power hungry, but it’s difficult to buy such tech today compared to class D etc. reply kingnothing 21 hours agorootparentprevThere's also an absolutely massive difference in audio quality between a HomePod or Sonos anything and a proper amp + speakers. reply jkolio 21 hours agorootparentYup. Newer products use various tricks to try to fill in the gaps that their physical reality can't overcome, but ultimately there's no getting around that reality. I will say that the Sony upright boom boxes aren't to be slept on (and, if one is active, fat chance). They're quite good for their intended use cases (parties, and closed Best Buys during clean-up/inventory). reply tpm 21 hours agorootparentprevA 500W amp is probably a class A and can't really be made more efficient. It would still be 500W in 2024. Decades ago there were more efficient setups too, though of course now they sound better and also have lots more features and connectivity. reply rurp 21 hours agorootparentprevYep, and this kind of needlessly wasteful consumerism is everywhere in the tech industry. All of the token statements about sustainability that come from the same industry that normalized and celebrates this kind of product strategy drives me a little crazy sometimes. reply whatevaa 6 hours agorootparentprevSound might be solved, but multi-room audio is not. On major renovations you could layout speaker cables, but then you can't adjust positions. Custom solutions with, like, snapcast and raspberries (like mine), works and you don't need to deal with any of this, but then you need to deal with software setup annoyances. It get's technical. reply marcosdumay 6 hours agorootparentprev> People don’t realize sound was solved decades ago. Not wireless transmission, and not uniform spatial distribution. AFAIK, Sonos was about those two. They didn't solve them either, there's still plenty of space to make a dent there. reply PaulDavisThe1st 21 hours agorootparentprev> A couple hundred up front for never having to make another home audio equipment purchase in your life is some serious savings. I have a rather nice NAD amplifier that I bought about 29 years ago. It had to be repaired once at about the 6 year mark. Recently, it has developed a new electronic failure mode that I don't believe can be repaired. So ... yes, but let's not overdo the \"never have to make another home audio purchase\" part ... reply mitjam 21 hours agorootparentprevStill enjoy my Elac speakers from 20+ years ago at an analog amp, a class D amp wouldn‘t be bad, though. For smaller speakers at computers I like active nearfield monitors and a good interface like Focusrite. Can recommend Genelec speakers, for example. reply a-french-anon 10 hours agorootparentNB: the D in \"class D\" doesn't stand for \"digital\". reply theshrike79 20 hours agorootparentprevI had a fancy separate stereo system with a HDMI switcher in the AV amp, well reviewed speakers I bought from a hi-fi enthusiast friend and all that. It was a massive pain to put out all the cables, adjust the system manually little by little (the setup mic kinda helped, but wasn't that good). Then I got a Sonos Beam and that set of \"crap tiny speakers\" with a fancy DSP brought so much more dimension to movies that it wasn't even funny. Upgraded to a Sub and it automatically offloaded those frequencies to it and the Beam got even better now that it didn't have to cosplay a subwoofer. For setup all I had to do was walk around the space and wave my phone around and the difference was clearly audible even to my non-discerning ears. Later I upgraded to an Arc + got two rears and everything got a lot better. The v2 app is utter crap, I haven't had to use it for anything else than Trueplay adjustment when we moved a while ago. The v1 let me debug what the soundbar was receiving (my TV was sending data in the wrong format and I was just getting fancy stereo instead of Dolby Atmos). V2 doesn't have any power user features at all. I'm not going back to a wired setup with a separate amp unless I get a dedicated theater room I can sound proof and manage the acoustics. I _am_ considering switching to a brand that doesn't need an app to setup, but it's slim pickings in the upper tier of soundbars. reply kridsdale1 20 hours agorootparentSimilar to you I had lugged my 7.1 speakers and amp and wires around to every address I’ve had in 20 years. For the current house I had enough and put a HomePod in every room and top tier Samsung bar + satellites + sub. It’s not as good at dimensions as discrete speakers but now I have reflected Atmos Waves off the ceiling and setup was super easy. I had to use the app one time to calibrate but I already had it since I have a Washing machine it connects to. reply theshrike79 11 hours agorootparentThe DSPs in sound bars are absolute marvels. I haven't checked the AV amp market in a good half decade, but I'm guessing there aren't any valid options if you want 4k 120Hz + room correcting DSP that are even close to the price of a mid/high end sound bar. reply sgarland 18 hours agorootparentprevI never had a “proper” HT setup; my first was an Arc + Sub. I thought it was pretty great, and then I added two Era 300s for rears. My god. I’m sure things can get better, but I’m pretty happy with my setup as-is. I’d probably splurge on an OLED TV first. I have an 85” Sony X91J that I quite like, but I can’t deny the absolute inky blacks of OLED (just couldn’t justify the price at the time at that size). reply theshrike79 11 hours agorootparentIMO Sound bar + sub is perfectly enough for 90% of home theaters, with properly placed rears it easily goes up to 98%. Just a basic sound bar instead of the shitty rear-firing TV speakers is a complete game changer for few hundred monetary units. reply creddit 16 hours agorootparentprev> People don’t realize sound was solved decades ago. This really isn't true at all. HiFi has an obscene amount of snake-oil and non-rigorous design decision making. Audio Science Review (https://www.audiosciencereview.com/forum/index.php) has documented this very clearly and well. reply worik 22 hours agorootparentprev> Well that is basically the model of the home stereo today. The entire digital ecosystem seems to be heading this way. Even cars reply gazchop 22 hours agorootparentprevNailed it. You don’t even have to buy new stuff now. Still rocking my early 90s system. Has required a couple of amp repairs (capacitors and sticky relay) but no big issue. Bought a Bluetooth DAC for streaming stuff. Job done. reply DidYaWipe 21 hours agorootparentprevExcept the industry is nearly dead. Almost nobody is buying legitimate stereo systems anymore, and the ones that are out there (at almost any price) are mind-bogglingly incompetent. I'm shocked that Sonos is even a going concern at this point, although I suppose it is because of what I relate below. The home-audio market is consolidated into a tiny number of manufacturers masquerading under once-proud brands they bought. The crippling incompetence of the products themselves is depressing. A few years ago my Denon A/V receiver crapped out and I decided to go \"upmarket\" and get an NAD T758. I accept a bit of quirkiness from a smaller name, but \"quirkiness\" doesn't come close to describing the design and functionality defects that plagued this thing. Everything from baffling menu navigation (not kidding: Pressing Enter did not select a menu entry; you were supposed to use an arrow key) to the fact that it would only pass 720p video because it reported erroneous EDID info to HDMI devices. It didn't pass the info from the connected display device; it just provided its own EDID blob to everything, which reported a max resolution of 720p. The NAD also featured Dirac processing, which I shelled out for to get the full license and spent hours with a test mic profiling my room and speakers. Then... it would just lose the entire configuration. Deleted off the receiver. \"We haven't been able to figure out why this happens,\" said NAD. In fact, in several years they never fixed a single one of the crippling defects I encountered and reported. But NAD isn't the only shitshow in town. Let me address the biggest impediment to whole-home audio (or even multi-zone audio): manufacturers' bizarre conceit that anyone can use secondary zones that only play ANALOG sources. The NAD was crippled by this stupidity, as is the top-of-the-line Pioneer I bought to replace it. In the case of the NAD, I addressed this defect by running RCA cables across the back of the receiver, from its preamp outputs to a CD-player input; and assigning that input to Zone 2. Why the hell didn't NAD just do that internally with a switch? On the Pioneer, it's actually worse. There ARE no preamp outputs. It has THREE zones, one of which I can tie to the main one but the third, yep, can only play analog sources. All I want to do is play the same shit on ALL MY SPEAKERS. My living-room ones, my patio ones, and my backyard ones. All I need is A, B, and C speaker switches. But NOPE. As far as I can tell, nobody makes this. Nobody addresses the 99% use case for multiple \"zones.\" There are at least NINE AMPS in my receiver, but I can't play the same source on three pairs of speakers. BTW, I did build a patch bay with switches, to wire the secondary zone in parallel with the first... but this overloaded one pair of amps in the NAD and destroyed the entire receiver. Yep: NAD doesn't have a simple overload breaker. They just burn the entire amplifier board up; that's the breaker. Unfuckingbelievable. But back to the main issue: Who is seriously going to dick around trying to select sources and adjust volume to each zone (with what, by the way, an app?) on one receiver instead of simply buying a bookshelf system for every remote room you want to play music in? I sure as shit wouldn't, and I'm the kind of person who ran digital cables under my house to an equipment closet so I could have a proper surround setup in my living room. I have a projector and home-built screen, but even I would never bother with the stupid usage scenario Pioneer, NAD, and the two other makers envision: This scenario revolves around nonexistent people who are going to put on a RECORD or TAPE, then go to the other side of their house or down to their rec room for half an hour... and then come running back to the other side of the house to flip the record or tape over. WTF. reply vessenes 20 hours agorootparentRisking major flames here but .. my Sonos amps do this perfectly. Analog cable through the house, amps on eth in the media closet, it’s is very very solid. Also I hate the new app with fiery passion reply DidYaWipe 16 hours agorootparentYeah, that's why I added the caveat at the top of my rant. Too bad they messed up the app so badly. I've written some hardware-control applications and they're not necessarily easy, but... well, that's the job. Meanwhile I've had my time stolen on numerous \"ghost job\" postings. Maybe someday, somewhere someone will take a lesson from Boeing and Sonos and other companies that have suffered from grossly incompetent software engineering and put a halt to the despicable disrespect for our time and knowledge. reply baq 10 hours agorootparentprev> All I want to do is play the same shit on ALL MY SPEAKERS. Actually that's what Denon's HEOS does, might want to take another look at their mid-level X1800H or the bigger ones if you need more zones from a single AVR instead of multiple devices. reply 100pctremote 20 hours agorootparentprevThe NAD downfall was so frustrating and sad to experience. Mine has been boxed and shelved in the garage for years now. reply DidYaWipe 20 hours agorootparentThey should just fold. I read in some other forum that they just cobble together crap that they source from numerous and variable providers, so one unit's guts can vary widely from the next. It's the absurd design defects that I will never excuse. I mean... incompetent MENUS? A modern receiver that doesn't support even HD video? My burned-out T758 is gathering dust in my office; I'm keeping it in hopes of using the chassis for a project case someday. I would replace my stupid Pioneer too if anyone made a stand-alone surround processor with preamp outputs. Then I'd get separate amplifiers and that would be that. But nobody makes such a processor, as far as I can tell. reply skydhash 1 hour agorootparent> I would replace my stupid Pioneer too if anyone made a stand-alone surround processor with preamp outputs What you’re looking for is this. https://emotiva.com/products/basx-mc1-13-2-channel-dolby-atm... reply 100pctremote 20 hours agorootparentprevYes. The entire platform -- hardware & software -- is just a mess. I bought an MDC phono module for my digital amp only to discover it wasn't supported by its firmware. I waited 18 months to be able to actually use it. I experienced the same non-persistent configuration problem you described and also very sketchy things like the power button simply not working. Unacceptable by any measure and at any price point as far as I'm concerned. reply DidYaWipe 17 hours agorootparentOh yeah, I forgot about the power-button problem! I had the same thing. Super fun to reach back behind the equipment rack to unplug the POS. reply turbojet1321 13 hours agorootparentprev> The home-audio market is consolidated into a tiny number of manufacturers masquerading under once-proud brands they bought. The crippling incompetence of the products themselves is depressing. There's quite a rise in Chinese HiFi companies that are making some great equipment. I've found audiosciencereview.com an excellent resource for getting back into hifi and avoiding much of the nonsense. I recently picked up a Fosi amp which, to me, functions at least as well as my NAD from the 80s. It cost me half of what I just spent on getting the NAD serviced. > All I want to do is play the same shit on ALL MY SPEAKERS. My living-room ones, my patio ones, and my backyard ones. All I need is A, B, and C speaker switches. But NOPE. As far as I can tell, nobody makes this. Nobody addresses the 99% use case for multiple \"zones.\" There are at least NINE AMPS in my receiver, but I can't play the same source on three pairs of speakers. Look into WiiM streamers. Cheap and quite impressive IME. Multi-room streaming from digital or analog sources, PEQ, room correction etc. reply _fzslm 18 hours agorootparentprev> All I want to do is play the same shit on ALL MY SPEAKERS. My living-room ones, my patio ones, and my backyard ones. All I need is A, B, and C speaker switches. But NOPE. As far as I can tell, nobody makes this. Nobody addresses the 99% use case for multiple \"zones.\" There are at least NINE AMPS in my receiver, but I can't play the same source on three pairs of speakers. Maybe a smart speaker switch like an Audioflow[0] is up your alley? [0] https://flow.audio reply DidYaWipe 17 hours agorootparentThanks for that reference. Hadn't seen that one before. \"This three way switch has Zone A and Zone B in Series. Zone C is in Parallel with A+B.\" Important info that they provide up-front, which I like. reply DidYaWipe 21 hours agoparentprevDo you have details on that? How and why was that necessary? reply sorenjan 21 hours agorootparent> Sonos has a good reputation for building quality speakers, but its latest move has disappointed some buyers. Recently, the company offered a trade-up program, giving legacy customers 30 percent off the latest One, Beam or Port. In exchange, buyers just had to \"recycle\" their existing products. However, what Sonos meant by \"recycle\" was to activate a feature called \"Recycle Mode\" that permanently bricks the speaker. It then becomes impossible for recycling firms to resell it or do anything else but strip it for parts. > Sonos suggests that after bricking the device in Recycle Mode, users drop it off at a recycling facility or give it to Sonos to do the same. https://www.engadget.com/2019-12-31-sonos-recycle-mode-expla... reply DidYaWipe 20 hours agorootparentThat truly lives up to the term \"outrage.\" reply philjohn 5 hours agorootparentExcept they reversed course after the outrage, and people are happily still using those speakers, albeit with the S1 app. reply Mindwipe 7 hours agoparentprev> They drop support for things over time but even their roughest transitions (x86, Apple Silicon) have come with extensive day 1 support for previous functionality. Catalina literally just dumped half the software that ever ran on MacOS overnight to make the transition to Apple Silicon seem smoother than it actually was. reply YetAnotherNick 22 hours agoparentprevFirst of all \"Even Apple\" implies Apple is particularly bad, in fact it is one of the better ones in supporting older usecases and devices. But even then x86 to Apple silicon is not the roughest by far. For me, it is the removal of x86-32 bit software support. The removal wasn't needed at all and broke all the steam games. reply hmottestad 21 hours agorootparentI assumed it was part of the migration plan to Apple silicon. Rosetta 2 makes x86 apps work on Apple silicon, but I had assumed that Apple could only really get 64-bit x86 apps working smoothly and that’s why they removed 32-bit support a few years earlier. reply dagmx 21 hours agorootparentRosetta supports 32 bit apps. I've read conjecture on here that the removal of 32 bit was due to unresolvable pointer security issues on their 32 bit SDK, which was different than how its done with their 64 bit system. reply ClassyJacket 21 hours agoparentprevI mean, the week the iPhone X came out, they put out an irreversible update for the iPhone 7 that made it unusable. They also tried to charge me 2,300$ to fix just one broken keyboard key. Apple is definitely that bad. reply hmottestad 21 hours agorootparentI tried to search for info about an update that broke iPhone 7 phones. Couldn’t find anything. Can you point me to some more info? reply lotsofpulp 21 hours agorootparentIt never happened. I used a 6 and a 6S Plus, fully updated, for many years after my I got my wife an XS. Not that it proves nothing happened to the 7 the year before the XS came out, but, A) it would have been huge news if Apple bricked all iPhone 7, and B) it makes no sense to brick iPhone 7, but not the ones before it. reply DidYaWipe 20 hours agorootparentYeah I used my original SE until iOS 16 came out (actually until last year) and it was never bricked. reply hoorible 16 hours agorootparentprevLooks like we found the “things that never happened” double Jeopardy for today reply acchow 1 hour agoprev> He’ll remain an adviser to the Sonos board through June and get paid $7,500 per month until then. He’ll be paid a cash severance of about $1.9 million, and his unvested shares in Sonos will vest. Incredible vesting schedule reply dguido 21 hours agoprevPlease stop putting salespeople in charge of highly technical product companies like Sonos. I'm so glad that Tom Conrad is an engineer by training. I hope he can turn this mess around. The key technical change that broke Sonos was abandoning their reliable UPnP (Universal Plug and Play) system for device discovery in favor of mDNS, while also shifting from direct device communication to a cloud-based API approach. This new architecture made all network traffic encrypted and routed through Sonos cloud servers (even for local operations), adding significant overhead and latency, especially for older Sonos devices with limited processing power. They also switched from native platform-specific UX frameworks to a JavaScript-based interface while moving music service interactions through their cloud instead of direct SMAPI calls, resulting in slower performance and reduced functionality. For a more extended discussion, see this excellent LinkedIn post from Andy Pennell, a principal engineer at Microsoft with a deep technical understanding of Sonos systems. He created one of the most successful third-party Sonos apps for Windows Phone and worked directly with Sonos on their official Windows Phone 8 app. https://www.linkedin.com/pulse/what-happened-sonos-app-techn... reply jedberg 20 hours agoparentI don't think having a sales person in charge was the problem. The problem is the fundamental disconnect between what's good for users and what's good for the company. The company wants you to have to pay them money every month and control how you interact with the product, so that they can be a services company with recurring revenue. The consumer wants a device that they buy once and it just works. reply griomnib 14 hours agorootparentI have experienced this most acutely with the most recent round of macOS and iOS updates. Nothing Apple is shipping seems to be for me, the user. Rather it’s a grab bag of crap “AI” for Wall Street, ways to make it harder to run software of my choosing, and wholesale trashing of perfectly fine UX to cram in whatever useless feature some PM landed for their promotion. I could say a few hundred things much worse about the direction of windows 11, which is even more obnoxious than Apple, but then I’d have to relieve the horror of being forced to submit my email address to Microsoft to install the damn OS. Day by day I feel the devices I’ve spent a huge sum of money on no longer belong to me. I’m getting really fucking tired of it, and something has to give. reply 4ggr0 8 hours agorootparent> but then I’d have to relieve the horror of being forced to submit my email address to Microsoft to install the damn OS. all it takes to install Windows 11 without an account is to press SHIFT + F10 on the \"Connect your internet\"-screen and execute this command: OOBE\\BYPASSNRO never in my life have i linked an MS-Account to my personal windows, i always use a local account. reply martin_a 7 hours agorootparent> all it takes to install Windows 11 without an account Well, that does not really look very user-friendly, does it? Which probably only underlines the point of the parent. reply whywhywhywhy 10 minutes agorootparentit’s actually not even as “simple” as that comment they’ve changed it to be a bit more obtuse to get to the command part, exemplifying exactly why going along with it is a problem. reply 4ggr0 5 hours agorootparentprevWe're on a tech-focused site where someone mentioned that they don't install windows, because they don't want to login with an online-account. i agree that my described work-around is not made for the common enduser and i hate that this feature is so hidden, but i think executing a single command you find after 30 seconds of googling is not too much to ask for from a tech-adjacent person :) i see posts on here of people reverse-engineering firmwares, hacking together new things, finding and using exploits etc., not sure why installing a windows seems to be a huge topic, then. reply griomnib 12 minutes agorootparentBecause they made it a worse product, they made it my job to fix it. That’s the point. reply griomnib 17 minutes agorootparentprevIf I wanted to type in commands to install my OS I’d use Linux desktop. reply Gazoche 3 hours agorootparentprevStep 1: add online login as an option Step 2: make online login the default option Step 3: make online login mandatory, leave an escape hatch for technical usersStep 4: remove the escape hatch reply nzach 6 hours agorootparentprevI wonder if 'OOBE\\BYPASSNRO' will be the FCKGW-RHQQ2-YXRKT... for the new generation of people entering the IT world. reply godzillabrennus 6 hours agorootparentDoubt it. Kids today are phoners who live on mobile devices. reply jkestner 4 hours agorootparentAt what point in time were “kids today” into computers? If it wasn’t phones, it was video games or comic books or serial Dickens. It’s always been a subset who want to play with the tech beneath. reply 4ggr0 5 hours agorootparentprevit's certainly a step i teach to kids coming into the IT-space, right before teaching them about Mass Activation Scripts :) reply lupusreal 7 hours agorootparentprevOh that's all? Just some obscure magical incantations which will probably be gone as soon as Microsoft management learns of it. Brilliant. reply 4ggr0 5 hours agorootparentsibling, we are on _hacker_ news. if a single command is too much to ask for, i don't know what to think. ever installed Linux? takes exponentially more knowledge than this windows-local-only workaround. i'm sure that management is aware of this feature, as it exists for years now and can be trivially found, it's not like this is hidden somewhere in a vault, you know. Same as MAS. i'm not even a defender of Windows and only use it at home because i game, but if i see that someone has never installed a windows just because they don't want to give M$ their e-mail address (hope they don't have a github or linkedin account, but, you know...), then i want to give them the hint they need :) i use them same functionality to install windows for my parents etc., as they want to have local-only accounts as well. even without this weird work-around, i would still be the one installing windows. OS installation is not hard, but already too difficult or confusing for lots of endusers. not sure why you chose to reply in such a snarky tone :( reply lupusreal 4 hours agorootparentI use linux because it's much easier than fixing Windows. I lost interest in tinkering with my computer years ago. reply rocketvole 5 hours agorootparentprevMicrosoft knows about this. Its why they included the option in the command line. The fact that Massgavel's activation scripts still work on windows is telling of how much they'll care. reply scarface_74 14 hours agorootparentprevIf you turn Apple Intelligence off, how is the UI in iOS 18 any different than the previous version? reply azraellzanella 9 hours agorootparentI have it off, it still uses 5GB of storage... reply griomnib 12 minutes agorootparentHey, just pay extortion prices for more storage! reply griomnib 14 hours agorootparentprevMail is dogshit. Photos is dogshit. Image playground is streaming hot dog shit. Etc etc. reply scarface_74 14 hours agorootparentYou can modify the Photos app to be just like pre iOS 18 just by using “Customize and Reorder”. Absolutely nothing has changed about mail if you turn off Apple Intelligence and Image Playgrounds is just an app that you don’t have to use. reply miramba 12 hours agorootparentI did not know that, thanks. But still - if I have to research now how to do that it‘s still going in the wrong direction, no? Besides, it‘s rare that Apple gives a choice, usually you have to adapt at whatever they decide. reply scarface_74 5 hours agorootparentSo Apple shouldn’t make things more customizable? reply wao0uuno 12 hours agorootparentprevThere is no way to get the old Photos interface back. reply sunnybeetroot 13 hours agorootparentprevI see mail now has mandatory images next to each mail item, how can that be turned off? reply hypothesis 13 hours agorootparentSettings -> Apps -> Mail -> Show Contact Photos reply sunnybeetroot 13 hours agorootparentWow as simple as that, thank you. reply dt3ft 12 hours agorootparentprevBluetooth is horrible. I see spinning loader (connection indicator) even when I switch bluetooth off. It’s been stuck at it for days. You’d think that this would be core functionality and ultra stable by now. reply dacryn 11 hours agorootparentreboot your phone at that point ... reply godzillabrennus 6 hours agorootparentprevMail has been terrible since inception. It’s just more terrible now. Photos in iOS 17 was fantastic but the new version in iOS 18 is unforgivably bad. It’s the new “pc load letter”… reply educasean 14 hours agorootparentprevNot an Apple user here. What's changed? Can you share more details about what made them \"dogshit\"? reply wao0uuno 11 hours agorootparentMail got category buttons on top that split your inbox so now to check your mail you have to click around because shipping notification are in a separate list from work emails. Photos had a perfectly fine interface with tabs that got changed into a long list of often redundant categories. Thankfully it can be customized a bit. New control center (wifi toggles etc.) was replaced with a customizable grid of widgets that is buggy, slow and looks ugly and unprofessional in comparison with the old interface. Gimmick. Home screen icon size and color is customizable now and it looks out of place. Gimmick. If you have a dark theme enabled then icons in settings become themed and look different than icons on the home screen with is weird and inconsistent with the rest of the interface. All animations were reworked and feel like crap. There is a delay to every action and it feels like animation smoothness takes priority over interface responsiveness. Home screen swiping animation stutters every time. Even though there is not a single new feature available for EU users other than the interface changes the entire OS feels sluggish, bloated and unfinished. Performance is terrible. This update made my iPhone 12 slow down to a crawl. Feels like running Vista on a Windows XP machine and since they dropped security updates for iOS 17 I had no choice but to upgrade. This combined with the recent news about iPhones listening to people at homes makes me want to get rid of my phone entirely. I don’t want a new iPhone and I sure as hell don’t want an Android. reply lloeki 11 hours agorootparentMail: top right (...) menu -> List View reply griomnib 14 minutes agorootparentYes I had to do that, which is my entire point - everything worked, and they made it worse. scarface_74 5 hours agorootparentprev> Photos had a perfectly fine interface with tabs that got changed into a long list of often redundant categories “Pin” the categories you want access to. reply geraldhh 8 hours agorootparentprevamen home screen icon theming hit like an empty bus reply griomnib 10 minutes agorootparentUsually when they shamelessly copy from Android they made some improvements, this isn’t even close to material on Pixel, which is pretty nice. (Not a fanboy of either; use both.) conradfr 8 hours agorootparentprev> and something has to give Well yes, the user. reply btreecat 5 hours agorootparentprevSounds like your ready for some flavor of Linux reply griomnib 9 minutes agorootparentI use Linux all day on the server, but I’ve never liked it on desktop. I do think I’ll be forced into it within a few years. reply jimt1234 11 hours agorootparentprev> Nothing [insert company] is shipping seems to be for me, the user. I have a 90/10 rule when it comes to new products/features these days: they're 90% benefit to the company and 10% benefit to me. reply redeux 14 hours agorootparentprevIt's called enshittification, and it's pervasive throughout our entire economy. https://en.wikipedia.org/wiki/Enshittification reply marcosdumay 6 hours agorootparentIt's called monopolization, and it's dependent on those companies selling products that you can't switch for another competitor. Or, some times it's plain simple cartelization, making sure no competitor is better. That seems to be the case with smart TVs for example. It's good to have a word for the impact it causes, but focusing on that novelty makes it looks like it's a new phenomenon that we don't know the causes or how to fix. reply redeux 5 hours agorootparentAbsolutely. I don't mean to imply that it's \"just happening.\" It's happening for very good reasons, like the ones you mentioned. reply InDubioProRubio 6 hours agorootparentprevThe natural state of a ex-free-market economy sliding into feudalism without a systemic competition present. reply astrange 14 hours agorootparentprevApple doesn't have PMs. reply griomnib 14 hours agorootparentI’m sure they have some “magical” Cupertino world for infighting assholes putting their careers before users, whatever that may be. reply LudwigNagasena 13 hours agorootparentprevDoesn’t seem so. https://jobs.apple.com/en-us/details/200318153/get-connected... reply astrange 10 hours agorootparentThat is not in the OS. I also sort of suspect they're being hired as a prank because there is basically no power structure for them to have control over anything. Execs and designers have all the power. (Note: there are \"EPMs\" but it's a totally different thing.) reply Czarcasm 12 hours agorootparentprevMy team at Apple had PMs. reply mrandish 16 hours agorootparentprev> The company wants you to have to pay them money every month and control how you interact with the product, so that they can be a services company with recurring revenue. Yes! This pervasive trend has nerfed so much consumer tech. I simply won't buy any more hardware that relies on proprietary clouds reply danielmarkbruce 17 hours agorootparentprev> The problem is the fundamental disconnect between what's good for users and what's good for the company The fundamental problem with 95% of companies, and 99% of publicly listed companies. reply BrenBarn 10 hours agorootparentAt that point it's really a fundamental problem with our society that allows and even incentivizes the growth of such companies. reply danielmarkbruce 3 hours agorootparentActually it's fine - they go bankrupt. Look at the list of companies that make it through time, it's very short. Being selfish is common in human nature. reply Earw0rm 12 hours agorootparentprevThat suggests it's perhaps about what's good for investors, not what's good for companies themselves. reply gadders 7 hours agorootparentprevIt's 100% of PE-owned companies. reply benreesman 17 hours agorootparentprevI haven’t owned Sonos gear in a long time, but certainly back in the day they had just amazing products. That SUB where it was so perfectly balanced? They did a demo (that you could easily reproduce at home) where you could have it driving “call the cops” noise disturbance bass without upsetting a nickel set lengthwise on top, just a great unit and not the only one. Awesome stuff. But while superior products at a price point can capture a bunch of share, after that they grow at the rate of the market. Those markets have “matured”. For whatever reason we don’t as a society let “tech” markets mature. We demand growth long after everyone is satisfied. This is where ideas like “growth” and ideas like “useful” diverge: raise your hand if you like Facebook or Google in 2025 more than 10-15 years ago. Sonos (and I’m aware of the structure) “grew” right out of a sustainably profitable business with happy customers. reply vachina 17 hours agorootparentIt’s a company that makes speakers. Unbelievable that it can have such value to be able to be listed on NASDAQ. My Google Home costs $30 second hand, don’t sound as good, but I’ve not spent a single cent on it after setting it up. What is SONOS doing? reply belthesar 16 hours agorootparentI think you're underselling the technical complexity of doing what Sonos did. It was a pretty impressive feat for them to do what they did over WiFi. The reason your Google Home can do it is because, while it's a pretty decent technical challenge, it's not insurmountable, and Google decided that the price tag Sonos put on themselves was more expensive then Google dedicating a reasonable quantity of their highly talented engineering staff to recreate the technology. I think that's the kicker. It was revolutionary when it came out, and it's a solid technical solution, but Sonos was novel over a decade ago. reply skydhash 6 hours agorootparentEvery novel invention becomes commodity over time. The issue is that, instead of trying to invent something new, they’re adding gimmicks and present it as growth. reply jkestner 4 hours agorootparentTrue, but as the comment a few above mentions, “we demand growth long after everyone is satisfied.” Why even grow at all once you’ve achieved a great networked speaker? If the product is mature, everything after is gimmicks especially weighed against user satisfaction, the ultimate goal. reply bmelton 16 hours agorootparentprevThe market has matured, but as of a year ago, there isn't another solution that I could drop in that could replace my SONOS system. SONOS is so far ahead and had to establish themselves by solving for so many fringe use cases that they are generally the only ones who have things like the connect:amps to bridge wired outdoor speakers and architectural in-ceiling/in-garden speakers within the same ecosystem I'm sure that at some point, Samsung or Google or Sony or some upstart will catch up, but it will be a long time before someone eliminates SONOS from contention despite this multi-year setback reply glitchinc 14 hours agorootparentHEOS-capable gear from Marantz and Denon cover a lot of the applications you referenced. I decided I would never buy another Sonos product after the S2 rollout, and I now have a mix of eleven Denon and Marantz receivers driving both built-in, freestanding, and outdoor speakers of my choice all over my house. reply baq 10 hours agorootparentHEOS is amazing for the size of the dev team, which I think is a couple folks somewhere in a large garage in Minnesota[0]. The amount of things they never touch is amazing. I appreciate the stability - my HEOS 1 speaker is still working, streaming tunein and tidal without issues - but when it comes to the app, it's borderline stagnation at this point. [0] I have no idea what it is actually reply kdmtctl 11 hours agorootparentprevThis probably costs a fortune. Certainly there is a market. reply simondotau 13 hours agorootparentprevSo basically the only USP of Sonos is mindshare. reply bluescrn 10 hours agorootparentThey had a fairly unique and high-quality product in the early days. It just did’t evolve very far or very fast, or even adapt pricing to better fit a rapidly changing market. They switched away from a focus on multi-room hi-fi (or at least mid-fi) audio and users with their own hoard of digital audio to focus more on streaming services and chase the trend of little monophonic speakers. The higher-end devices remained good but became ever more niche. Then they broke everything, particularly customer trust, with the app update. reply Newlaptop 12 hours agorootparentprevHeh, this thread reminded me that I own Sonos speakers that I haven't used in several years because at some point they updated and I needed to install an app or make an account or something to use them and never did. So while it's maybe neat that they solved fringe use cases, it's unfortunate that they failed at the basic use case of \"just easily play audio from my phone\" reply iamacyborg 9 hours agorootparentprevLook into Roon. reply dehrmann 15 hours agorootparentprevYou can always short SONO. It'll probably muddle along for 5+ more years until someone buys it up for the brand name. There just isn't the market for their speakers that there used to be. reply _factor 13 hours agorootparentprevI did this with an amplifier and a couple cheap AudioCast devices as inputs. I can go to the app and pick which zones play together. reply vikramkr 16 hours agorootparentprevNot exactly sure what you mean - is there some reason companies that sell speakers shouldn't be able to be publically traded? reply jkestner 4 hours agorootparentYes. It will further abstract the owners’ responsibility to the users, and the product will get shittier faster. reply vikramkr 2 hours agorootparentThat's a general rant against publically traded companies. I'm specifically asking about the original posters take that a company that makes speakers specifically shouldn't be publicly traded. Like it sounded like they thought a speaker company couldn't be big enough to be on NASDAQ or something? reply Earw0rm 12 hours agorootparentprevAmen. reply Newlaptop 12 hours agorootparentprev> For whatever reason we don’t as a society let “tech” markets mature. We demand growth long after everyone is satisfied. The reason is tax law and it applies to all companies not just tech. Removing the double-taxation of dividends would fix so much of our economy. If you run a stable, no-growth but profitable company, and each year return the profits to the owners (shareholders) in the form of a dividend, that's bad because the income is first taxed when the corporation declares it as income and then again when the shareholders receive the dividend. If instead you don't issue the dividend, but re-invest to grow the company, then the value of the shares can increase without creating a taxable event for the shareholders. We could avoid a lot of the boom-bust cycles, enshittification of products and other economic problems if we just structured tax law to encourage stable, profitable companies issuing boring predictable dividends instead of our current system that requires infinite growth. reply callmeal 11 hours agorootparent>that's bad because the income is first taxed when the corporation declares it as income and then again when the shareholders receive the dividend. Why is that bad? The first case is income to the corporation and they pay income tax on it. The second is income to the shareholder and they pay income tax on it. How is it different from the corporation's employees paying income tax on money received from the corporation? >If instead you don't issue the dividend, but re-invest to grow the company, then the value of the shares can increase without creating a taxable event for the shareholders. That's true as long as the shareholders never sell their shares. Once they do, it's a taxable event like the dividend. reply dmurray 10 hours agorootparent> How is it different from the corporation's employees paying income tax on money received from the corporation The money paid to employees is only taxed once. We (pretty much everywhere) tax companies on their profits, but individuals on their income. It seems unfair, it leads to some weird but accepted inequalities (like the cost of renting a house vs buying), but no alternative seems to work. reply consp 12 hours agorootparentprevOr tax sale of shares the same so there is no loophole and you can either spend it on something useful or lower taxes for everyone instead of just for shareholders. reply lifeisstillgood 12 hours agorootparentprevSo is this the difference between capital gains and income tax? reply dmurray 10 hours agorootparentprevThis is nonsense because companies can and do replace dividends with share buybacks. While sometimes criticized as \"executives juicing the stock price because that's what their incentives are tied to\", in fact investors recognise that buybacks are economically equivalent to dividends, but tax-advantaged (for exactly the reasons you gave, they don't create a taxable event for the shareholders). One problem with buybacks is it's socially difficult for companies to replace dividends with buybacks - by convention, dividends are usually issued on a regular schedule and buybacks are ad-hoc, so \"cutting dividends\" is seen as a sign of a company that no longer has reliable profits. But that really is just convention and it would only take a few companies switching to normalize this. reply lotsofpulp 17 hours agorootparentprev> For whatever reason we don’t as a society let “tech” markets mature. We demand growth long after everyone is satisfied. That reason is people like more money than less money. No one logs into their brokerage account and invests in Sonos because they have a great product that is growing (or shrinking) at the rate of the speaker market. People want to see their year end report at least equal the broad market returns. The directive for all business leaders is to hit those benchmark returns, not pump out a solid speaker for however many years. And if a private business owner operates their company in a way that lags the market’s returns, then they are basically doing charity work. They’re going to have to pay a lot of cash compared to their competitors who can use RSUs to incentivize employees. reply benreesman 17 hours agorootparentWell, we could at least examine the idea of paying executives over a longer time horizon. Clearly everyone likes money. We could pay them for good things rather than the transient illusion of good things. Yes it would be imperfect. No it wouldn’t be worse than this mess. Bell Labs didn’t invent the transistor on this model, JFK didn’t send us to the moon on this model. This “privatize the commons of a century of effective public/private partnership” model is going rather shit in fact. reply lotsofpulp 16 hours agorootparent>Well, we could at least examine the idea of paying executives over a longer time horizon. Every publicly listed business already does this, in the form of stock grants and options with various targets to hit at various intervals. See bottom of page 51 for an example: https://investor.apple.com/sec-filings/sec-filings-details/d... It’s where all those rage bait headlines of extreme executive compensation come from, from maturing equity granted before the stock appreciated a good amount over the course of a few years. reply benreesman 14 hours agorootparentThere is absolutely no basis for the sweeping, extraordinary claim that “every publicly listed business” is managed and incentivized around sustainable long-term value. I hate to be aggressive but it’s really pretty godawful that people let absurd, corrosive claims like this fly. There is a creeping normalcy to weird Art Laffer talking points and weird Milton Friedman Freak Offs with no evidence. Things suck for the typical person since Dick Cheney and Art Laffer started “cutting taxes”. You’re wrong in a way that demands a complete ignorance of everything from news to history to human empathy. This mindset needs fucking therapy and where therapy fails the legal system for a fucking change. reply lotsofpulp 14 hours agorootparent> Well, we could at least examine the idea of paying executives over a longer time horizon. This is not > There is absolutely no basis for the sweeping, extraordinary claim that “every publicly listed business” is managed and incentivized around sustainable long-term value. There has been plenty of research into figuring out how executive compensation can be tied to longer term performance, but “sustainable long term value” is such a nebulous term, I have no idea what it could mean other than a fantasy where people are able to magically measure everything they want. https://en.wikipedia.org/wiki/Executive_compensation I only meant to highlight the fact that it is standard practice at publicly listed businesses to hire consultants whose job it is to figure out how to align executives and reward them for achieving long term goals. Maybe you think the current timetables are not long term enough, or the measures are not correct, but it’s not as if cash is being handed out Willy nilly. reply benreesman 13 hours agorootparentNVIDIA is posting profit margins up there with the Dutch East India Company (check it) on the back of the “agents” that are about to obsolete not just programmers specifically but white collar workers generally. We’re handing out trillions in cap for press releases. What on God’s green earth the fuck are you talking about? Willy nilly? Will Wonka with a chocolate factory is closer to earth. reply consp 11 hours agorootparentAnd NVidia is pretty much a monopoly in its field like the VoC was, only not legally bound. But the AI boom is pretty much a tulip mania at this point so I would hedge my bets. reply alkonaut 10 hours agorootparentprevBut Sonos doesn't sell any services/subscriptions, just products, correct? So even if they wanted to have recurring revenue how would they do it? They sell gadgets? reply wiether 8 hours agorootparentThey sell \"Sonos Radio HD\", a subscription based radio service which is supposed to be an upgrade from their free offering. But as much as I dislike the \"new\" app, it doesn't push subscribing to this service, so I'm not sure they absolutely want device customers to become subscribers. reply mfld 6 hours agorootparentIt would be a bad timing if they pushed the subscriptions already... reply Iulioh 6 hours agorootparentprevThey don't push the subscription..yet I hate the slippery slope fallacy but this is how was gonna end reply mixermachine 9 hours agorootparentprev...so far, yes. But somebody has to pay all of that new network traffic and cpu cycles ;). reply alkonaut 9 hours agorootparentI'm sure it's one of the biggest questions asked by the Sonos C-suite: how do we get recurring revenue or make the moat wider. But that goes for every product company in the world. reply givemeethekeys 12 hours agorootparentprevBait and switch is the fundamental problem. Abuse of power. reply atoav 11 hours agorootparentprevAs a music fan one would think I'd be their target group. But I haven't even considered their product and classified it as \"some smart crap that is an excuse to syphon data out and lock me in\". So all stick, no carrot. reply Nursie 6 hours agorootparentIt never really was that at the beginning. It was a good, locally-controlled system which would build itself a wifi mesh (back when that was unheard of) be configured to pick up things like samba/cifs shares and play your library, with some really neat features like combining speakers into stereo pairs or surround systems, and then playing your music and any input devices arbitrarily across these zones you have set up. At some point they integrated spotify and other similar services, which risked what you talked about, but was fine. There are even third party controller frontends available on linux. But recently (mid 2024) they delivered an absolute stinker of a new app which routes everything via their cloud, fails to load half the time, barely responds, and looks suspiciously like that grab for control you imagine reply nelox 13 hours agorootparentprevAgree. Just ask Steve Jobs. reply observationist 20 hours agorootparentprevEngineers are in a better position to understand what the customer wants and needs. Salespeople are there to sell their product, and fundamentally don't need to understand what the customer wants, or needs. Give a good salesperson a handwavy outline of something to sell, and they will sell it. They don't need technical accuracy for success. Yes, this is bad for customers, and makes life harder, and results in ridiculous, counterproductive, infuriating situations for IT staff, engineers, and other people who have to deal with the technical realities of every day business. A salesperson can just mash psychological buttons in manager's brains, and they'll make the sale. The consumer, in enterprise level markets, is hardly ever the team or individual in charge of operating the technology. The consumer is the manager, or managerial team, looking to check boxes and shuffle numbers and spend $X on Y department, for which they get rewarded for a wide array of arbitrary outcomes, almost none of which have anything to do with the practical impact of the product in question on the people who end up most affected by the purchase. If an engineer with a solid understanding of the product being sold is in charge, he's in the best place to rein in the sales and marketing teams, and to direct development based on customer reality. This probably results in lower profits, overall, but a better product, and a better reputation in the long run. reply dkokelley 19 hours agorootparent> Engineers are in a better position to understand what the customer wants and needs. Salespeople are there to sell their product, and fundamentally don't need to understand what the customer wants, or needs. Why do you say that? My gut reaction is that the opposite is true. Salespeople must understand their customers' wants and needs in order to effectively sell! Engineers are generally a step or two removed from the customers. This may be an unpopular take on HN but I'd wager the people who spend time directly with the customers have a better chance at understanding what they want. Taken a step further, customer support probably has the best understanding of their markets' needs! reply atonse 19 hours agorootparentI'd go as far as to say that the role doesn't matter, it's the attitude of the individual. I've worked with a few developers AND sales people that didn't give a hoot about what their customers thought. In the case of Sales, they only cared about making their targets. In the case of the devs that didn't care, they spent 99% of their time doing silly (in my opinion) arguments about frameworks, design patterns, and whitespace and formatting rules in CI. Not that things like design patterns are inherently silly. But if they don't result in a better customer experience (via more stable and maintainable software, for example), then it's a waste of time. I'm a developer by trade but have ALWAYS had an attitude of \"it only matters if it's useful to the user\" – and have butted heads sometimes with developers on which features to prioritize. reply majormunky 19 hours agorootparentprev> Taken a step further, customer support probably has the best understanding of their markets' needs! People working in customer support, from my experience, sort of see the anti-survivorship bias working in action. Not many people call up to say how well something works. I would agree with you though on good Salespeople (ones that do try to understand what customers need and all that, not necessarily ones that sell the most) knowing what the customer wants/needs. reply saghm 18 hours agorootparent> People working in customer support, from my experience, sort of see the anti-survivorship bias working in action. I used to see this all the time at an old job where my team worked on open source client libraries for using the main product that our company sold. A decent number people seemed to think that an increasing number of tickets being filed against one of the libraries was a sign that users weren't happy with it, but it always seemed obvious to me that you couldn't easily conclude that; you might have 99 happy users with no issues for every 1 unhappy user who filed a ticket, or you might have literally only unhappy users and nobody without issues. On the other hand, getting literally zero tickets might mean that you have plenty of happy users, or it might mean you have basically no users at all. I'd often talk to younger engineers who were interning on the team or recently joined full-time about how this dynamic informed how I approached my job; usually, we'd only hear from users who had issues, so the \"goal\" in some ways to was to make the software so good that you'd never hear from them. If you did hear from a user, that was a valuable opportunity where you might learn something you could do in the future to make things better the first time. reply chiefalchemist 17 hours agorootparent> so the \"goal\" in some ways to was to make the software so good that you'd never hear from them. Yes. There are people who talk about product experiences that delight or whatever. Nah, the ultimate experience is one that's so flawless, so frictionless that it's completely forgettable. The user doesn't want to remember anything. They have a problem a/o need, the goal is to make it disappear w/out a trace. reply magicalhippo 17 hours agorootparentprevIn my experience it's more like customer-facing people, sales and support, get to know the customers needs and pain points, while good technical people knows the limitations and possibilities of the systems involved. By working together the sum can be greater than the parts. As a dev I strive to talk to sales and support for this reason. It's not seldom I can do a small change that drastically improves the user experience for one or more clients, be it existing or potential. reply Wolfenstein98k 18 hours agorootparentprevThink about individual incentives rather than of the role, though. I agree with your assessment, except that an engineer has the incentive to make the product work as specified. A salesperson is given their goals by management, and they are compensated on achieving that goal - not necessarily what the customer wants. reply ako 12 hours agorootparentToo many developers only focus on the specifications, and don’t try to understand the specifications by trying to understand the user. Instead they complain that product owners, product managers, designers, or analysts fail to give the proper specifications. I don’t see many developers really trying to understand their users. But this may be different per domain… reply alkonaut 10 hours agorootparentprev> the people who spend time directly with the customers Unless engineers spend time directly with customers, something is broken in the organization to begin with. If salespeople and customers dream up solutions and then hand the task to produce this solution over to engineers, then that business is frankly doomed. reply observationist 19 hours agorootparentprevYour gut reaction is something salespeople play off of. I've been in the sales position before, handling the people in charge of making the purchasing decision, selling them bells and whistles they absolutely didn't need, but giving them the emotional satisfaction of a \"successful\" transaction, leaving with a sense of victory, that translated into a strong relationship and many years of repeat sales, with incremental upselling over time. Good sales, ethical sales, aren't parasitic. A vast majority of sales in todays markets, especially in enterprise markets, are parasitic. The salespeople are interchangeable. The ones that make the most money are the ones most willing to be parasitic. The sales script is targeted and tailored to the intended audience, which in most large companies, is several degrees of separation from the eventual user of the product. You don't need to know what the end user needs. You need to know what the person in charge of buying wants, and that's ultimately emotional validation, hope, a sense of \"innovating\", a feeling of victory in pricing negotiations, being respected and treated well, and so forth. You can run them through the wringer with sales engineers and migrations after the contract is signed, and even if the end user and the product engineers recognize that your product is the wrong tool for the job, that won't matter if the buying manager is emotionally satisfied with the transaction. People will bend over backwards to justify what they know is \"right.\" A salesperson CEO will make more money, but will make the world a shittier place, because they're the cotton candy of management. They'll burn credibility and reputation in exchange for profit, kick the can down the road for someone else to clean up the mess later. Sure, in a healthy, respectable, ethical, functional company, you'd be right, and the CEO would also be the best salesperson for the product, because they'd know it, and the customers, inside and out, and be able to explain and demonstrate exactly what was necessary and why, and justify all the costs and benefits. This is a world that has Goodharted the measure of success - profit - and empowered people in the execution of shitty behavior. The market rewards higher profits and punishes \"failures,\" often completely out of sync with quality and merit. We don't live in a good world - companies that behave like you describe would be wonderful. We live in a thoroughly enshittified world, and a whole lot of people \"earning\" a whole lot of money are in between you and any meaningful change. From Apple and Microsoft on down, companies want endless, infinitely increasing returns year over year, and they will do anything that isn't explicitly illegal to get it. They'll also do illegal things if the cost of getting caught is less than the profit earned. Alignment with end user needs, benefit to the consumer - these are far down the list of things meaningful to the systems and people making decisions on how money is spent. The job of a salesperson is to understand that system, and exploit it for the benefit of their company. reply redserk 20 hours agorootparentprevNot sure if I agree with an engineer inherently being better here. The ideal case is having leadership who uses the product, or at least is willing to walk in the shoes of an end-user. Plenty of engineers do not do this either. reply sgarland 19 hours agorootparentAnecdotally, having worked at multiple small-medium companies with a variety of leadership backgrounds, the worst have been sales background. Engineering backgrounds have ranged from OK to great. reply scarface_74 14 hours agorootparentprev> Engineers are in a better position to understand what the customer wants and needs As an engineer, I had no idea about: - what the utility companies wanted when I was working for a SaaS company that printed and processed bills - what the field service techs wanted when I was writing software for ruggedized windows ce devices - what the railroad car owners or repairmen wanted when I was working for a company creating a SaaS (https://public.railinc.com/sites/default/files/documents/CRB...) - I knew nothing about what the healthcare industry needed in the three SaaS companies I worked for including software for health care workers dealing with special needs kids - the various “enterprises” mostly in the edtech or state and local government space in consulting. reply rezistik 13 hours agorootparentIn all of your examples you're working at a company, ideally the person running the company had that domain expertise. reply ako 12 hours agorootparentNo, the person running the company has expertise running companies. Customer understanding lies with designers, analysts, product owners, product management, but also sales: what is the pain we’re addressing, how can ensure the customers really understands the consequences of not addressing the pain, how can we ensure the customer sees our product is the best to address their pain. reply karaterobot 17 hours agorootparentprev> Engineers are in a better position to understand what the customer wants and needs. Salespeople are there to sell their product, and fundamentally don't need to understand what the customer wants, or needs. There's no reason to believe an engineer would understand the customer needs more than a salesperson. I know a lot of engineers who would do literally anything to avoid dealing with a real customer. At the companies I've worked for, engineers don't even talk to customers if there isn't a specific, technical issue they need to be there for. Meanwhile, salespeople actually talk to customers, probably more than anyone except support. reply jedberg 18 hours agorootparentprev> Engineers are in a better position to understand what the customer wants and needs. Salespeople are there to sell their product, and fundamentally don't need to un", + "originSummary": [], + "commentSummary": [ + "The Sonos CEO has resigned following a controversial app update that required users to replace costly sound systems, causing customer dissatisfaction. - The update introduced a cloud-based system, moving away from the reliable Universal Plug and Play (UPnP), which led to connectivity issues and increased complexity. - This situation underscores the conflict between business strategies and maintaining customer trust, as the CEO transitions to an advisory role with a severance package." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "In the belly of the MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "Just a moment...*{box-sizing:border-box;margin:0;padding:0}html{line-height:1.15;-webkit-text-size-adjust:100%;color:#313131;font-family:system-ui,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji}body{display:flex;flex-direction:column;height:100vh;min-height:100vh}.main-content{margin:8rem auto;max-width:60rem;padding-left:1.5rem}@media (width Enable JavaScript and cookies to continue(function(){window._cf_chl_opt={cvId: '3',cZone: \"kevinmunger.substack.com\",cType: 'non-interactive',cRay: '901fe4679a41e600',cH: 'fRVQOBO7Jy.ZvMr2JHbQz90T.PsCl8y0CIIzfRchxSQ-1736881470-1.2.1.1-MoBJ4zxzcAPXUtqtLTYZEwiWHMhXtq1cd5Tk2mmMC4YuYx5n9zIhYfVVwNJ1lFEd',cUPMDTk: \"\\/p\\/in-the-belly-of-the-mrbeast?__cf_chl_tk=.hI5vsGyd6nDt5dOdzpcqY34qOspSGki.uZyo_SBmiw-1736881470-1.0.1.1-qGGWE7p9jSD8IFYxfhfsoWb_Fd4jONsafaowRmwsNh8\",cFPWv: 'b',cITimeS: '1736881470',cTTimeMs: '1000',cMTimeMs: '120000',cTplC: 0,cTplV: 5,cTplB: 'cf',cK: \"\",fa: \"\\/p\\/in-the-belly-of-the-mrbeast?__cf_chl_f_tk=.hI5vsGyd6nDt5dOdzpcqY34qOspSGki.uZyo_SBmiw-1736881470-1.0.1.1-qGGWE7p9jSD8IFYxfhfsoWb_Fd4jONsafaowRmwsNh8\",md: \"l4TNcLDvd.uzJUcSydebXogQXGn8fYYCRZ9Wp6JMzLg-1736881470-1.2.1.1-paRwFxsXtt6WIIdx53q0xWN1sQ5oy566UEO6yDR6PACX4aHlnD9qDoPrLzzItww28mRuawHK79szlC0HNd3p7_gtQLOMtUZ5CVVSHPqY6Wc_iBW6eLIWByIM.gY0xkx0rmlD9Uii4YexfMKSegfb_MBC8RPKfoanatOJRfHSa3zSdBvdpKz7YerdTgVzU89K1zr2m0cv.JeWfjudO6d77cZh1FmhetG5PHAbWWiLZf54i9FyrF8MmCLhXdOPCWSbZS9UaFeU5TSmvPLx4i2lCXxvxyl_SU9.1zB7PMqEmObNoAggNAZ.TWly4S.n.HEGawOXPu9k6PTQlelpSL3sjdypoRCm2UWR4DAr27rsnnF7fROQf7FDmwlGtAOvmxdf46Woa8G30lg2KTKhdCSniU3cQ0omE6kheUrwMu_48Y.1WnS_3MuLIYs1.HXSdkD53k_NGGC_405I9BAt5LmoRQHlC_RsoyKvuWQKc0rD67Jl.Fjx3pEx.tLm6Ck8HWabAVfURQBDeYNWPAKvrGsczwvhVfYgDZunUqbfSXMb_ospuUujD0ruyygE5fiGZcqEoSSOJHi2K5yzHtB_x7Ldh6WClhAVdmx8tn2Uy.veWk11UJEMrgfhtRm6jAo0.02sUl0ar6iJS1N181UiO_AWhnGy_bZp.xVNyc.HH39aJnNDnnWOfljPFJJurWdk6kH9xUWoozKdkQyWdtkVB6z.hgb1FNXyr9Q8._YLeGtULB5GR_XWzD.iGiEVXIYwU8UGWxBDJWkfAwUv2sKekB3GehmKfQoHaXVmYKplyWazGnxERtcJIACxCcKKCHhSlMU_2SeJ6wlB9rXQydTzWrUwL2dVCUn1gwlW7T2mD3cTYS2FhqFRwsV9GBc4x0lgzBe35t2n2FX_OAw9gDH12xmCnK.vj4x_abHByNBndOuWRVb57GCWmeGe03Lsgc9Q9ZCW_quyKXebpi4OnuU8PttL7nJQjoTaMAs_OQ6w0pZbS6hgnQc73T0SgE7RepbMBzQ8RMq1pxcg.NZ1KvYAsYf9ZUUE8B.C5LV8NEgNx639Zq3rvQhdSojlE7en063cO0Hubs6uUundS3DpZpMjj1T9Tm1aBWWoMPdkvmDG9dCVFXV5QdwqU98CFXpJHFf91rDRy8L2XUO.OUQKRyO_Ludx49HWE.hGxYBM6WBkdJRf7.AzhtAIbeYCLS5kSq5t16DI2jubHppU3LJT2pqCpm.7SLKy_T76UvsyR7U9NJKz.wvDxGlu2fq_T5_XwuUAvwrv2Mr8gyRD9mqULl82b1b4ehdSMhRZRx7sFQ0xbcjXsYUdCMm95dIxQt_MjIZugnh_8MiqwASVBtBKSIoD3D3IWgrqYlyQTBBrU51Vf7XcPqH755EOCXqVueqaldKZOKLUTn57lIVkK2fC5SzLRulkTs93KIgThu4rQ_6ovnoju8IuLGVJj.dPmMj8dVtdKkFHkwtq0pLuaSRTNM.z7RTb9oUzifFOD3hoeALyX8FjxW5mwLLk0AWC1Cy97YGp9Z6f6aOqbCDd1zGwMW9JphW34HBy4PxYfFOcnCIYxAT4DeONOpYIYuo6I.ne3T5Nrvx64MW7bs2DeDfrsL2uJFt9tMqCxzy84s1UxbVncBsvLsjtFMoTu4MXdF97KVxIrzhf5YVoXMio158Tf5nnroy9UL84oV5ojQSqo8pf3G_DNdbY012bN.oCYhfw1QeNoohkfqqPdda7nMWNQpkejv6T8lLIZn7N5iTrMXFM6PXsczk671rO4dHNKIhFk076youlZQZ.zDr8RqNp52KSwLMVVeQi1kFmT59Zoh9vD.saBvs\",mdrd: \"kd2UD5DyD6V6w3TYBpBSerB9VwjIJHdjydRfZQdycwc-1736881470-1.2.1.1-M8OVxxAnn_QzuZDAVmKgGLE_zJPsFT1ILtN8uvsy_S1y505NLyRPGcwDOQCtZOijnImwd8GTMPpK_MTBpWwrRwFEJTwom373umvRjWj4eVsNuz4VIgx6O.hQQ3Gpq4mcIEdGoPODIwkOZZFg9.CXytVlJFZkmTSASQjLNf8VieUPxfensgfeKxRTsj89pq3DqYOQoLpd49Sld9SZ.QfrpRLjJKDvv59LSocY2cyrM14bMHpU4tomH.ClP5HURu7kHcqnNJ9m8e3V.kcekKUxAt0r8ztrOuL.Kq0j0W.vgIfujafSEFiA4ywHP2aTggFo.meGZSnulAeV7ba06gAh0iKSolBFN9w87.7hGRijadDyoRB22STXy7eNkBASQ380wxNo60X9OxB6rv0ffYZkmmaECpv62wjP1oq1kKeeMqDc0AsRILkohFd7jg9itIxRbY.3QYHQ0xoKZTH2sKtKZXlhTc.CwNsVEUnIN0LCwxmud8Sqfaymd_t3v3I2cRqm_vw07llbz2PYLWhBxHPZHLvBcBrqT_U9_b_almd4a3jK7BGybYBehfVZJ6MaUXW5nEkmZeEvmLlrsZljcUPcCP9VJfDx64V4WLNH0GP5RWmT8W77Ms1fGJ7HJJCPMqYEu3i07E0M4iBwgzPfa2pEeQB3uMOicp67k.auf0lCGau85KWdMpQo2yl4IdpKzd.IUBqPOvbPGv4LjhnCd4HahTW87jr0ic9zzF3ZqTtdxiUe2ET69QrA9mHFdoft8t8g1ejsG3eJWxq8o_9G_7XZiGUJrRIai5Ay0aiqKqYtP7bZxO5L.CsHQX.AjTEVZdvcOWu_1cuCGy6tRjWUFb0EhElj04niKAIZUbC9lb.9Y2Xhm5laU5TT_CiuDO8aHYAMNLSzvLk.NBp8HubhHAe6SwN6J.H3BP8FHa8y4wgMTvbnXqk8vvgHTGGq_k7.ZYOZstna6khKfxb1I046F_gb0oQyCyADoDDWC89wg4mNx4RiOy8vbnCRFGieRmrGd510peaOt6XnOl4lZfPrzCn9X9i.1jPY5ujhKUdqrEezOHBKAfK1uAQ7HvastQtxObppLeRiOq_nnQtAZ6UTmI8QFgaM9tR0Rm6a_DOgoM.09kiUYoeLBKhhfyTLIZ0hcu1zmTqghPAqfz2mKZ2E2JWZxZ6UlHNibNkHBz0ircupH80w6lTgOuZAitCXs3iAkTdKRCuQ4x7qOxty5_xj3YwPHCmNZ0wQcixM6qE06NVbb.Cd_LnBtsvUT.Oa6DR11mmUes3hJtwcx9RbKFwlAPTOjuVeoz3YDp_XpvZoqespxwgX7EkL8XWsWAb.UDbZKbEwwnXEwPIC.XaXFpbNxXxO2EL4KjKK2MNVVB0gESSV_yH1JsvlYdZZnaFyPaLPtMbUcAxeCzy._XyWCfouPns.d3aN2Us5W6qKGr89btTRRqWkHlitaqR0NQ4sZnAQw4n.MmnIcwtTrxtpAN9Z3CcZk9ahnZ7cZNTQzbnny5vkcEBvlzHzILxesg4LMUNlrfi1NlFd7oO9ubjCuq9nJL5mNdqHKdgEyDujHgPvjhyhYWSsqNSGfZbz8zuEVhSHPueRi3QnHUvE9fUkdJHKLFqhTBMhJyzH4uuMTxGrVuP9jSY.AYmXkA3R7lDRZK_JQU1EVDlNcuUAPzkx6JCU9B2qSqJxPNQbQ4mNEzaUZMcW2hGCFP6ppfnY2esrU7LqvG7ekozv2uWBQaHWriBMIpAV7nNrcHpSt5bySR85rPOu2ZOqeFDFBZJqj.qjLpVwGUwpr8rmrDpiGWLXdGVyTKBglTQvBak7ptP5M.jn_dfbfVoJi99R_NN9CXtGNauY8JoVXd9HVc.JBJnOxoextJQ6VYHOgZWhs_z.ULOi1SPMJLHHThkshgKKJcxY5p.jrWtmQ9DO7AGRShaD8Xs64hCtMTnrMP10XNOvea7p74jybEkWd4oahmPvVeRhqVdEB7_cuhCE6ANEPwCOZqrus8fbxq9CJgngAFTSuOzul.QC4AM3Ic3Ge38YXoAMds2dMJ4CDN7sB7N2EsyVjf5aJDGSDH.FIPxKGiZaxCCkrfU6NtcQBm9holX9e4AUY9fxPoRw2mngMw9p2DNS6e2TUklRsSv1JGUE3VpQTrjl3HxZRtY4UpiAOIj.QJQkqe0xfnoxm2Cs.QrfKja.LDvzGS1tnVMm3nYKnvQhcT6.06FYap4XG02St9vPHNDIvwr2huZzuxnqoM1XR8..lXqt8wTy7b2vwwlra9HVcFBNVJgE3No8bpCpPB1An3LDkag1QEI5qy_sjkXc5RqqIbE0QG.AETJlzIDGQlFwfMuLZuCTZ8jjZmyrge9SN9BEehkjVQHgZR3qsrIVzPMfI_ebYRv1NXocOXoJMmTE5N1BlgYTZTMapqVDuK_0oyx4FU8Kk4qf\"};var cpo = document.createElement('script');cpo.src = '/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=901fe4679a41e600';window._cf_chl_opt.cOgUHash = location.hash === '' && location.href.indexOf('#') !== -1 ? '#' : location.hash;window._cf_chl_opt.cOgUQuery = location.search === '' && location.href.slice(0, location.href.length - window._cf_chl_opt.cOgUHash.length).indexOf('?') !== -1 ? '?' : location.search;if (window.history && window.history.replaceState) {var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;history.replaceState(null, null, \"\\/p\\/in-the-belly-of-the-mrbeast?__cf_chl_rt_tk=.hI5vsGyd6nDt5dOdzpcqY34qOspSGki.uZyo_SBmiw-1736881470-1.0.1.1-qGGWE7p9jSD8IFYxfhfsoWb_Fd4jONsafaowRmwsNh8\" + window._cf_chl_opt.cOgUHash);cpo.onload = function() {history.replaceState(null, null, ogU);}}document.getElementsByTagName('head')[0].appendChild(cpo);}());", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "In the belly of the MrBeast (kevinmunger.substack.com)369 points by stafford_beer 5 hours agohidepastfavorite258 comments iambateman 4 hours agoFirst of all – the essay is phenomenal and his book is available online for free – https://www.cambridge.org/core/elements/youtube-apparatus/36... > “Communication within the YouTube Apparatus has no meaning.” The rapid feedback loop between creators and audiences (as constructed by platform metrics) means that the system more and more responds to itself. Rather than trying to go somewhere (as is the case with political ideology), the creator seeks simply intensification, to draw more and more of the world into his whirlpool of content. This idea – that meaning is replaced by intensification – helps me understand a lot about the world today. reply Salgat 3 hours agoparentFor people confused like me on what intensification means, it means maximizing the amount of attention and interaction that occurs. On Youtube this would be the metrics that drive engagement, including views, likes, comments, shares, and watch time. The issue is that the content focuses on driving engagement at the expense of communicating ideas with coherence and depth, for example by sensationalizing or oversimplifying a complex issue (especially for things like political discourse focused on sound bites and emotional appeals, or with virtue signaling and outrage culture). I think the above commentor is right, in my opinion, intensification shapes our world into being very reactionary, with only a superficial understanding of issues, and platforms like Youtube Shorts and Tiktok take this to its furthest possible level. reply llamaimperative 3 hours agorootparentFor an excellent, prescient, hilarious, and terrifying book on this topic, I highly recommend \"Amusing Ourselves to Death\" by Neil Postman. reply stafford_beer 1 hour agorootparentOP here -- excellent suggestion, I've been heavily influenced by this book and would also recommend Postman's \"Technopoly\" reply lalalandland 1 hour agorootparentprevThe creators publication frequency is also an important factor. If you don't put out content at least once per week you fall off the recommended and lose a lot of views. Once your content is shallow, simple and without reflection, you are trapped in a hamster wheel of click bait vapidness. reply cool_dude85 1 hour agorootparentIs this accurate in all cases? Isn't Jenny Nicholson one of the bigger YouTubers, with videos coming out maybe once or twice a year? reply radpanda 50 minutes agorootparentSeems like it might be the exception proving the rule. People say “every” restaurant these days needs to use something like Toast to provide online ordering and needs to play nice with DoorDash for delivery and needs to host ghost kitchens to increase income, etc. Of course there’s that one old-school place with the established reputation that does simple dine-in only and is thriving. But the new upstart can’t just not play the game - that privilege is reserved for those who have already won. reply gilleain 11 minutes agorootparentprevThere are a few 'long form' creators like Jenny Nicholson (I recommend the one about the failure of the Star Wars Hotel!). Contrapoints (eg the Twilight one), Big Joel's (recently made a 6hr one!), FoldingIdeas and so on. It's a very different model, and a number of these creators also make videos for Nebula. reply nemomarx 32 minutes agorootparentprevJenny Nicholson and similar accounts rely on other channels than YouTube notifications. basically their video releases become events big enough to get minor news attention, chatter on discord, xitter traffic, etc. if your channel doesn't have dedicated enough fans to do that it's not gonna work on you. and you almost certainly aren't getting news coverage of your review of a star wars hotel, you know? Jenny is rare for that. reply prpl 2 hours agorootparentprevYou see this a lot in strange ways these days. Rage bait, feigned ignorance, and things like that. It’s anti-quality and it’s just as effective (if not more) than quality content. reply _DeadFred_ 1 hour agorootparentWhat was the Twitter joke. 'If I want an answer to a programming question, I post the question, and then an incorrect response from a different account.' No ones posting to help, but a lot will post to smugly correct the wrong answer. reply brandall10 2 hours agorootparentprev\"at the expense of communicating ideas with coherence and depth\" To be fair, while shorts is clearly designed to generate high virality and compete w/ TikTok, YouTube does incentivize longer form content. For regular videos the platform appears to optimize for engagement at about the 10 minute mark. Political/social discourse is complex and I believe goes beyond a simple soundbite problem. One could argue this began with 24 hour news cycles with all the time in the world, and news had to become entertainment to fill the space. The movie \"Network\" presaged this sensationalized this culture situation well before it became a thing, and certainly well before social media was conceptualized. reply bilbo0s 3 hours agorootparentprevI think the above commentor is right, in my opinion, intensification shapes our world into being very reactionary, with only a superficial understanding of issues In fairness, this is how the world has always been. In the US for instance, back when there were only 3 networks and a channel for public tv, people were \"reactionary, with only a superficial understanding of issues\". reply Salgat 2 hours agorootparentTo some degree yes. Funny enough, llamaimperative's book suggestion goes into detail on how television is where this really started ramp up and how the Age of Reason was likely the peak of rational argument, where the focal point of transfer of information was through the written word. \"He repeatedly states that the eighteenth century, the \"Age of Reason\", was the pinnacle for rational argument. Only in the printed word, he states, could complicated truths be rationally conveyed. Postman gives a striking example: many of the first fifteen U.S. presidents could probably have walked down the street without being recognized by the average citizen, yet all these men would have been quickly known by their written words. However, the reverse is true today. The names of presidents or even famous preachers, lawyers, and scientists call up visual images, typically television images, but few, if any, of their words come to mind. The few that do almost exclusively consist of carefully chosen soundbites. Postman mentions Ronald Reagan, and comments upon Reagan's abilities as an entertainer.\" https://en.wikipedia.org/wiki/Amusing_Ourselves_to_Death reply lupusreal 1 hour agorootparentReagan apparently hated reading and would often skip written briefs given to him by, for instance, the CIA. Then somebody got the idea to put those briefs in the form of a television news style video made just for Reagan. Some of them are on youtube now. They have the tone of spoonfeeding a midwit. reply 1659447091 44 minutes agorootparentTrump was/is the same. At one point they tried powerpoint like presentations with graphics. I don't know about Reagan, but from my personal experience with dyslexia (though I love to read--and dislike videos--even as it takes forever), I think Trump may be dyslexic. I would not be surprised if Reagan were too. I only wish it was more public (if true). It would help eliminate the stigma and eliminate most of the cheap shots about how he can't read or spell and how his speech is \"simple\" (as he has trouble pronouncing more complex words). Things that those of us with dyslexia can have problems with also. *I did not vote for him reply _DeadFred_ 1 hour agorootparentprevThat's such a wrong take. Sunday TV was so boring because it was filled with panels of knowledgeable people calmly talking about subjects they were extremely knowledgeable about in calm, rational productive manners. Todays panels start with known battle lines already drawn populated with non-knowledgeable grifters. TV was also required to air a minimal amount of educational television for children under 16 during the day. I learn way more on days home sick (latchkey kid) than I'd learn at days in school. reply achierius 3 hours agoparentprevBaudrillard just gets more relevant every day. Honestly I find it hard to imagine how someone could have media literacy in the modern day without coming to an intuitive understanding of semiotics, whether they know it or not! reply thundergolfer 2 hours agorootparentHim and also Marshal McLuhan. McLuhan realized all the way back in the 60s that computer technology (like all technology) in some sense wants things and manipulates the user to get it. The 'electric' technologies have their own logic and are not neutral on questions of humanity, politics, nature, etc. reply Communitivity 3 hours agorootparentprevI called myself a Semiotics Engineer for 4 years, but the title didn't catch. I did domain analysis, logical model creation, concrete model creation in XML/OWL/KML, model review and improvement, semantic reasoning-based system design/implementation, and message system design/implementation. This was before the rise of ML. reply Xmd5a 2 hours agorootparentWhat's your take on LLMs ? I ask you to comment on any aspect, whatever you think is the most interesting from a semiotician's perspective. reply pjc50 2 hours agorootparentEveryone who is familiar with Baudrillard goes \"simulacrum!\" whenever they encounter LLM output. LLM output is after all a pure chain of symbols that is extremely far removed from a connection with ground truth reality. reply garte 2 hours agorootparentI'm not sure it's that direct of a connection. There's something to be said about the structuralist part of it: using large amounts of text as a rule set to return a semblance of truth seems to be a structuralist's wet dream. It's like drawing the map for the king: the real is being represented by reducing a huge number of data points to a mixture of randomness and hard rules that pretend to be real. At the very least it's a form of hyperreality as far as I understand it. reply Xmd5a 18 minutes agorootparentIndeed this is what I was aiming at, however the concern for (a semblance of) truth seems rooted in a view that locates meaning in what signs refer to. This view feels incomplete when faced with a dyadic model where the relationship between signifier and signified takes precedence over reference. The notion of simulacrum only emerges in a technical culture that has elevated 'reality' to a special status. After all, what is 'reality' in technical systems if not itself a simulacrum? Hilbert's program, symbolic AI, rule systems, ontologies, the semantic web - they all struggled to capture reality as a whole precisely because they tried to grasp it through formal objects claiming universal scope via the machinery of said formalisms. reply j45 3 hours agorootparentprevThat collection of skills is still valuable. reply jpm_sd 3 hours agorootparentprevYes, the 21st century is the age of simulacra and simulation. Post-truth society. reply coliveira 1 hour agorootparentI'm pretty sure this was set in motion in the 20th century. This century is only about refining and monetizing it to the nth power. reply stafford_beer 1 hour agorootparentprevOP here -- I like Baudrillard and McLuhan but the media theorist who best captures the present IMO is Flusser: https://kevinmunger.substack.com/p/the-discourse-is-the-cybe... reply aiono 3 hours agorootparentprevI find the ideas of Baudrillard really accurate in describing some parts of modern life, but to be honest I feel like he just saying random stuff when I tried to read one of his book. It's so metaphorical and abstract it's very difficult to understand what exactly he is saying. reply kelseyfrog 3 hours agorootparentMy best experience reading Baudrillard was out loud with a group. Some passages spoke to some but not others, but most generated discussion. Some are also obvious to us now in the TikTok age - uncannily so. reply aiono 1 hour agorootparentDefinitely when I read his works even though I didn't understand some of his writings it made me think about it. reply cess11 3 hours agorootparentprevHe's not \"just saying random stuff\", he was a very serious thinker. Unlike Derrida he wasn't much of a joker. Perhaps language is fundamentally metaphorical, and perhaps reality is actually abstract. reply aiono 1 hour agorootparentThat's just what I feel I didn't claim that it actually is just random stuff. But I value clarity and Baudrillard doesn't seem to try to be. However, as I said I do find his general points very valuable just his style is not my cup of tea. reply throwway120385 3 hours agoparentprevIt also explains why there's been an alarming trend over the last 10 years of people just getting more vehement about everything. reply dialup_sounds 1 hour agorootparentWe started attaching public comment boxes to everything and now everyone thinks their opinion on everything is important. reply dymk 3 hours agorootparentprev10? We’ve been getting steadily more polarized since at least the 80s. reply ffsm8 3 hours agorootparentPossibly true, but I'm sure you'd agree that it can't really be called steadily since around 2010-2014 reply kevin_thibedeau 3 hours agorootparentThere is a straight line through 70s Falwell, 90s Limbaugh, tea party, to MAGA. All fueled by a self-reinforcing rage machine. reply RajT88 3 hours agorootparentLeft leaning folks are swept up in rage machines too. Leaf through the BoingBoing BBS sometime to get a sense for it. reply dmurray 54 minutes agorootparentWait, in my media bubble the American left is the one consumed by rage. The right is stupid or craven or greedy or just evil, but true righteous fury is reserved for those who saw a woman's rights not getting respected one time. reply llamaimperative 3 hours agorootparentprevWhat an excellent example of the wild asymmetry of the \"both sides\" narrative: \"The right wing is off the rails, here is a list of various lunatics each with audiences in the tens of millions. There are actual theocratic and neo-Nazi elements just one or two hops away from the President.\" The left is crazy too, just look at the BoingBoing BBS!\" Good lord do you hear yourself? reply RajT88 2 hours agorootparentI wasn't suggesting an equivalence, just that the phenomena of the rage machine exists on both sides. As an exercise, try coming up with some metric to measure it. Could be inflammatory posts, or the comment count on inflammatory posts. Compare BB BBS with some rough equivalent right-leaning place. You'll find it's worse in the right-leaning forum, no doubt. But the phenomena exists on both sides of the political spectrum. Many trends among one side of the political spectrum are mirrored to a lesser extent on the other side as well, and that's interesting don't you think? reply llamaimperative 2 hours agorootparentI don’t find it that interesting because it’s obviously a consequence of our information environment. We have constructed algorithmic outrage machines and deferred thought and curation to them. It’s far more interesting to me how one side of the political spectrum was so totally swallowed by this system, to the extent that literally every single news story is received with outlandish conspiracy theorizing from rather mainstream right wing media. The null hypothesis is that actually both sides should be equally distorted, but it is very obviously the case they are not. That is what deserves inquiry. reply geodel 1 hour agorootparent> but it is very obviously the case they are not. It not obvious and also doesn't seem true at all. Still one may continue to investigate with this assumption but then result will neither be truth or much useful. reply RajT88 1 hour agorootparentI would agree it's not obvious - but also if you don't think it's true, I'd love to hear why you think that. If you have numbers, even better. reply llamaimperative 1 hour agorootparentprevYeah, it really is obvious. Here's one excellent example: the dominant right wing media apparatus knowingly engaging in a conspiratorial lie that fetched them a $787 million punishment. https://apnews.com/article/fox-news-dominion-lawsuit-trial-t... reply ahmeneeroe-v2 1 hour agorootparentHere is an excellent example that many people think you're wrong: https://en.wikipedia.org/wiki/2024_United_States_elections reply llamaimperative 1 hour agorootparentYou must've forgotten what the conversation is about. It's about the degree to which each side is wrapped up in an outrage machine. That would be reflected in the election results, and not in the way you're implying. reply ahmeneeroe-v2 1 hour agorootparentwhen my side wins it's good and true and when the other side wins it's the outrage machine reply llamaimperative 1 hour agorootparentThat's not my belief, which is why I didn't post the terrible evidence of election results. You did. I posted a court settlement for the crime of knowingly producing untrue, defamatory outrage at massive scale. Note how mine is evidence for my argument. Yours is evidence for nothing at all. reply davrosthedalek 1 hour agorootparentprevThe murder of the united healthcare CEO, or more specifically, the positive reaction towards it, seems rather associated with the left, doesn't it? People who want a certain party to be in power should hold that party to a higher standard. Independent of the party. Being \"better than the others\" is not good enough. reply llamaimperative 1 hour agorootparentNo, not really. Harris vs Trump voters who... Approve: 5-11% vs 2-8% Neither approve nor disapprove: 6-12% vs 7-13% Disapprove: 65-71% vs 72-78% Not sure: 6-12% vs 4-10% Not a super substantial difference. The outrage machine wins again! Source: https://d3nkl3psvxxpe9.cloudfront.net/documents/Reactions_to... reply ahmeneeroe-v2 1 hour agorootparentso the data shows that the left's approval of the murder is 37% higher on the low end up to a max of 5x higher (depending on how the confidence intervals map to reality). And that that the left is anywhere from 20% to 3x more likely to be undecided about the morality of an assassination. reply llamaimperative 1 hour agorootparentJust make sure you're able to get yourself out of this knot at some point, amigo. reply ahmeneeroe-v2 1 hour agorootparentit's your data, not mine. I just did the math on it. reply TimTheTinker 1 hour agorootparentprevThat data is super helpful. From browsing Reddit, my impression was that the left strongly approved. reply llamaimperative 1 hour agorootparentTerminally online not-rich people across the spectrum approved. Other not-rich people seem to land in the \"vaguely disapprove\" realm IMO. Obviously the plutocrats are all terrified and think it's the worst crime ever. reply flir 1 hour agorootparentprevBoingBoing is still very much made in Doctorow's image. Michael Moore is an earlier example. Not suggesting equivalence, in fact I would be really interested to hear theories as to why right-wing polemicists are so much more popular (and numerous) than left-wing polemicists. On the face of it, there are a lot of left-wing things to be justifiably outraged about (especially right now). So why isn't left-wing outrage reliably bankable? I don't think it's a pattern tied to the zeitgeist, because you see it in talk radio too, which predates social media's Skinner box algorithms by decades. Side-question: why are there more left-wing political comedians than right-wing ones? reply llamaimperative 1 hour agorootparentSee these are interesting questions. I don't have great answers. IQ gap between the sides? reply flir 59 minutes agorootparentMe either. I think that's possibly a self-serving guess, to be honest. But how would we test it? On the comedians question: some people think it's because it's easier to be funny when kicking up than kicking down. reply RajT88 45 minutes agorootparentprevThis is a just-so rationalization, which feels good, but people have looked into many of these, and they don't really hold up. The most common one is that poor white people are overwhelmingly voting for Trump. The average household income of a Trump voter is something like 75k - hardly poor (depending where you're at). Anecdata: I know plenty of Trump voters who are very smart. A friend's dad has multiple PhD's and accomplished career as a theoretical physicist. He's also pretty racist. My father is a retired engineer, and doesn't like Trump, but keeps voting for him, because the Democrats are on the wrong side of issues he cares about. (Gun control, namely) The reality is likely to be - they have used the mountains of publicly available data, and fine tuned their messages with the help of a highly partisan rage-baiting media ecosystem to capture more voters. It seems to me, the right wing is more organized, and manages to keep their voters and party members more aligned and on-message. They also have a much more voracious appetite for fighting dirty (rough talk, conspiracy theories, whisper campaigns, untraceable mailers giving wrong polling place info to black communities, etc.) - something the Democrats do not have the stomach for. reply llamaimperative 28 minutes agorootparentThis explains election results (agreed) but I'm more curious why outrage-generators and conspiracists seem to have culturally taken a stronger hold on the right over the course of decades. reply ahmeneeroe-v2 1 hour agorootparentprev>There are actual [people that I label with bad labels] just one or two hops away from the President! My latest understanding of the US political landscape is that 2008-2024 the left got very adept at defining things as bad and then attacking those things. In 2016 the right started to learn to counter that, and in 2024 that finally died. In other words, you'll need to try harder than just calling people nazis. You're getting downvoted because people don't buy that 1) tens of millions of their fellow Americans are lunatics and 2) that the left doesn't have their own moral failings. reply dragonwriter 1 hour agorootparent> My latest understanding of the US political landscape is that 2008-2024 the left got very adept at defining things as bad and then attacking those things. In 2016 the right started to learn to counter that, and in 2024 that finally died. Every piece of this understanding is wrong. For one thing, the far Right in American has been better and more effective at that than any part of the Democratic coalition, since at least the 1980s. reply llamaimperative 1 hour agorootparentprevTheocracy is bad and neo-Nazism is bad. Trump had dinner with Nick Fuentes, who 1) is an open anti-semite, 2) praises Adolf Hitler, and 3) calls for white ethnonationalism. I don't need to write a treatise to explain why this is bad. reply ahmeneeroe-v2 1 hour agorootparentYou don't need to write the treatise because the era of that kind of \"logic\" winning elections is over. (ie the left being able to label whole political movements as bad because certain bad people associate themselves with it) reply llamaimperative 33 minutes agorootparentI didn't label a whole movement as bad, ya goofball. Well except for neo-Nazism and theocracy, the latter of which is explicitly counter to the US Constitution and the former is... well... you can defend it if you'd like. I said extreme ideologies (including the two I mentioned) are bad, and there's an asymmetry in their representation and proximity to power on the different ends of the political spectrum. reply cruffle_duffle 2 hours agorootparentprevOne only needs to observe societies response to Covid to see how “left leaning folks get swept up into rage machines”. People were cheering on cars getting towed from popular hiking spots, skate parks getting filled with sand, crazy people “protesting” beachgoers, etc. if you dared to suggest schools should open you were a grandma killing MAGA hat wearing pariah. Don’t forget the level of censorship, vaccine passes, wishing death upon those who didn’t get vaccinated, etc. No sir, people of all tribes are fully capable of getting swept into rage machines. At the end of the day we are animals operating on animal instinct. No tribe gets to claim otherwise. reply harywilke 3 hours agorootparentprevReminds me of this quote: \"The system itself could not have intended this in the beginning, but in order to sustain itself it was compelled to go all the way.\" -They Thought They Were Free: The Germans, 1933-45[0] [0] https://press.uchicago.edu/Misc/Chicago/511928.htm reply liontwist 2 hours agorootparentprevI don’t think you understand these groups and their motivations very well. Fear and concern for the future are much more significant than “rage”. reply nemo44x 3 hours agorootparentprevSo basically since when cable TV came into mainstream existence. reply spokaneplumb 2 hours agorootparent- Huge shift in (near-total abandonment of) antitrust enforcement starting in the late 70s, driven by Chicago school assholes. Centralized economic power. - Fairness Doctrine killed in the 80s, resulting rise of partisan AM radio and, somewhat later, Fox News. - Media ownership concentration rules neutered in early ‘00s (iirc). More centralization, again in the hands of big capital. - None of those rules ever applied to the Web, so when its power as a propaganda and agitation tool skyrocketed with increased use by normal folks (rise of Facebook; usable smartphones with the iPhone) that immediately headed bad directions. Now we have LLMs, which are at their most-useful by far when you don’t care about accuracy or reputation—so, scams and propaganda getting a big boost in productivity. reply dylan604 3 hours agorootparentprevI think you're confusing the issue. Cable TV wasn't coming into mainstream that was the problem. The issue was the 1996 Telecommunications Act that was the starting gun. reply jazzyjackson 3 hours agorootparentprevTurning attention away from each other and toward images of each other reply n3storm 3 hours agorootparentprevand I think \"literally\" abuse is a sympton of that reply alt227 3 hours agorootparentThey changed the definition of 'literally' to fit the modern meaning. You can no longer call it abuse now as the misuse fits the new definition. See definition 2 here: https://www.collinsdictionary.com/dictionary/english/literal... reply feoren 3 hours agorootparentThat definition genuinely gives me cancer. I seriously, 100% am going to die now because dictionary editors don't seem to grasp that this is simply a \"tone\" of ironically over-emphasized speaking similar to sarcasm, and not a new definition of one word. I'm 250% honestly in chemotherapy now because they don't get that. Veritably, indubitably, unarguably cooked now. Thanks, dictionary editors. reply jhanschoo 1 hour agorootparentThe stronger player was handicapped when they gave their opponent a handicap, and yet they still won; they now held in their hands their prize that was the match's prize. reply dghlsakjg 3 hours agorootparentprevLiterally false: https://www.merriam-webster.com/grammar/misuse-of-literally Use of literally in, well, the non-literal sense dates back hundreds of years. reply alt227 3 hours agorootparentI literally had no idea. reply iainmerrick 3 hours agorootparentprevBut come on, that's been going on for literally centuries. reply bena 3 hours agorootparentprevDickens did it. And people have been doing it since the 1700s. Not to mention, if you're using the word \"literally\" to mean \"something that actually happened\", you are also using the word wrong. Because it means \"relating to or expressed in letters\". I also notice people complain about \"literally\", but they never complain about \"really\" which also gets used in the same ways even though it means the opposite. And I've noticed people do it as a substitute for intelligence. They complain about these things to seem intelligent. To seem knowledgeable. But when confronted with knowledge that contradicts the complaint, they try to dismiss the knowledge rather than adjust their point of view. Similar with fewer/less. These words mean the same thing. There are no rules as to when to use one or the other. There was the preference of one guy, who even said that he had no reason for it, he just liked it. And people took that as an ironclad rule. Or the gif debate. People try to invent all of these rules, but get pissy when you point out all the places where English does not follow those rules. reply stonogo 13 minutes agorootparentThere have been thousands of years of written language, and the worst thing that ever happened was the invention of the dictionary, which enabled generations of prescriptivists to pretend that word meanings can't change once they're written down, despite thousands of years of evidence to the contrary. Maybe look up 'hidebound' sometime. reply alt227 3 hours agorootparentprevWhat would you suggest using instead. Actually? reply jamincan 1 hour agorootparentTruly? reply bena 2 hours agorootparentprevPeople are generally good at context. Tone, expression, etc, all of these things are parts of communication that do matter. Assume your audience is at least as smart as you are. reply alt227 2 hours agorootparentWhen communicating through text only, tone and expression is all but lost which means we need to rely on the literal/actual/exact definition of words to convey our intended meaning. However it seems people dont agree on the exact meanings of words (using literally in this case), and so the intention often gets lost in translation and causes disagreements. I feel personally this is a big reason why communication across the internet is becoming much more intense and full of conflict. reply Applejinx 3 hours agorootparentprevI think human nature dictates that this opens up a literal market for the opposite. People aren't served by exhausting hysteria, it's just a cheap date, a way to grab low hanging fruit. The more that's focussed on, the more an opportunity arises to cover abandoned needs and wants. The question becomes, is YouTube's algorithm good enough to itself pick up on this new market and serve it? I see no reason it couldn't. It's possible human algorithm-minders might sabotage this instinct by going 'no, this is the big win' and coaxing it towards MrBeast stuff, but surely the algorithm will eventually win out? reply parsimo2010 3 hours agorootparent> is YouTube's algorithm good enough to itself pick up on this new market Something I find interesting is that there are good channels producing very high quality (non-extreme or non-intense) content for many interests on YouTube and they coexist with the hyperbolic large channels. I suppose that they make less money, but they do so without a large production crew. I think the algorithm is supporting both types of content (content for myriad mindless viewers, and content for the fewer discerning viewers) and accommodates both scales. reply cess11 3 hours agorootparentprevBy \"human nature\", what exactly are you referring to? The statistically most common amount of extremities? reply Applejinx 1 hour agorootparentPeople tire of being poked with an algorithmic stick, even though it ensures a reaction. reply oulipo 2 hours agoparentprevExactly, intensification or acceleration, this is exactly the root of most issues. Since we've mastered energy (and in particular oil&gas), the world has been on an acceleration binge, which is now causing a lot of friction and overheating in the relationships and environment. We need to slow down and to connect back to nature reply worldsayshi 1 hour agorootparentSlowing down is not a solution since we're heading for a wall in some dimensions and a cliff edge on others. We need to find ways to drastically change course. We need to build maps and steering wheels. reply pixl97 1 hour agorootparentAnd we need to convince everyone to do it, or we just end up in the Red Queen scenario. reply nvarsj 37 minutes agoparentprev> This idea – that meaning is replaced by intensification – helps me understand a lot about the world today. I don't see much difference to the \"old world\" either. Yellow journalism existed in the 1800s. We just do it in a more modern format. reply lbotos 2 hours agoparentprevYou might enjoy https://en.wikipedia.org/wiki/The_Society_of_the_Spectacle reply irrational 4 hours agoparentprevNow I understand why numberphile has videos about infinity. I jest, but it seems like only certain content creators can get on the intensification train. reply EA-3167 2 hours agorootparentSeriously though, this is true. My YouTube feed has none of this \"intensification\" stuff. Perun, Blancolirio, everything Brady Haran has made (he's the guy behind Numberphile, Sixty Symbols, etc), Applied Science, etc. I think the idea that media aimed at education or sharing a passionate hobby is different from media that exists in the first place to just make money. If you start out with a goal that involves communication, I think it's more likely to stick than if your goal was just to become the Death Star from the start! reply hahamrfunnyguy 2 hours agoprevI ran a YouTube channel seriously for a couple of years. Chasing the whims of the algorithm contributed to burnout and now I only release one or two videos a year. My reason for starting a channel was to have a discussion around some of the projects I was working on that I found interesting. This never materialized. I never had a ton of engagement, but if I did most questions asked by viewers that are answered in the video. I monetized my videos and started making beer-money amounts of revenue. I put more and more time into them but never gained traction. I had a few \"evergreen\" videos that would make maybe a thousand bucks a year, the rest of the videos hardly got any views at all. Eventually, I found myself making videos to feed the algorithm not because it was a project that I wanted to do. This is where I had to stop. I realized that I just don't like editing videos. My channel makes no revenue now because YouTube requires an upload schedule and shorts. Mr Beast's job sounds awful to me. The videos I make now only get dozens to hundreds of views when they're published. I mostly share them with friends and in online communities where the info contained might be helpful. reply AndrewStephens 1 hour agoparentThank you for your story. I have been running a low traffic blog for decades now and there was a time when I craved engagement. I never put too much effort in but I did change the things I wrote about to try to get noticed, a strategy that was unmarred by success. The creators that find success need to pump out content at a ridiculous rate. It is a faustian bargain that sucks in a lot of people. reply coliveira 1 hour agorootparentThese people are essentially competing against an algorithm, not against other humans. I consider this to be an extremely distasteful endeavor. reply eitally 4 hours agoprevAt the top of the heap (Mr Beast, Nastya, Ryan, etc), this is true: > The ideal creator has no distance between themselves and their persona. They have been interpellated by audience metrics; their subjective experience already takes audience reactions into account. > Or more simply, YouTubers are not “Creators” but Creations. Audiences, rationalized by the platform, and the vloggers who upload the videos those audiences consume are not separable either theoretically or empirically. It's pretty obvious, too, because these YouTubers have a distinct theme where their popularity is dependent on 1) the whims and algos of the platform on one side, and 2) the ability for their audience to care and relate to something pretty dang detached and irrelevant from their everyday lives (unboxing, aggressive acts of charity, etc). While you hear plenty (Most? All?) YouTubers complain about the ranking algorithms & capriciousness of their overlord, I don't believe most channels are quite as vapid as those at the top of the heap. Lots of deep subjective content, and lots of freaking annoying CapCut edits, but also a primary focus on meaningful content relevent to viewers. These people may not be getting rich from their vlogging, but it's also not fair to call what most of them are doing \"vlogging\", either. It's video-based short form content curation for a clearly identified audience. Not remotely the same as how the big guns like Mr Beast have to view their work [where they're much more similar to a cable TV network or a commercial production company than an independent producer]. reply dmonitor 1 hour agoparentWell put. As long as channels like Technology Connections can remain financially viable on the platform and not beaten down by the algorithm, I really don't care how many Mr Beasts are making \"slop content\". reply dom96 20 minutes agorootparentI do. Slop content is melting the brains of the people watching that content to the detriment of society as a whole. reply antasvara 3 hours agoparentprev>but also a primary focus on meaningful content relevent to viewers. These people may not be getting rich from their vlogging, but it's also not fair to call what most of them are doing \"vlogging\", either. It's video-based short form content curation for a clearly identified audience. There's a fine line between \"content created for X people interested in Y topic in Z form\" and \"content that's relevant to my viewers.\" The former is a channel that is avoiding the \"creator\" described by the author. The latter is on a path towards the author's \"creator.\" For a long time, the two can be very similar. The group you are tailoring your content for and your viewers won't necessarily diverge quickly, especially in niche areas or highly technical fields. But they will inevitably diverge. Worth noting that the form this takes will depend on the topic. It's rare to find a creator that can avoid this trap long-term. I see it even with small channels I follow. reply hylaride 3 hours agoparentprevYoutube is also killing a lot of history channels because if there's any violence (eg war) they get demonetized, the algorithm avoids them, or they can even have their channels disabled. Most now blur out pictures of the holocaust, which negates a lot of the otherwise serious impact on a serious subject. https://www.youtube.com/watch?v=24QgMpvX3mw reply lolinder 48 minutes agorootparentObligatory plug for Nebula, where a lot of educational YouTube has gone for refuge from demonetization. Many creators will have different versions that they upload to Nebula containing the content that YouTube wouldn't let them add in. reply okdood64 3 hours agoparentprev> YouTubers are not “Creators” but Creations This is such a broad and general statement for a platform that is unfathomably big. I don't any of the mass market Mr Beast, Nastya, Ryan videos on my feed. At all. I get smaller (but still large) creators with videos that actually engage the mind. Example: https://www.youtube.com/@blancolirio But I guess that's the distinction between a Youtuber and Creator. reply mhartz 4 hours agoprev> The ideal creator has no distance between themselves and their persona. They have been interpellated by audience metrics; their subjective experience already takes audience reactions into account. Isn't this sort of one of the themes from The Prestige(2006)? That certain magicians were so dedicated to their craft that they became inseparable from it. The performance never actually stopped reply ericmcer 2 hours agoparentThey were dedicated to the craft though, there have been countless people who dedicated themselves to pushing the boundaries of their profession and lost their personal lives in the process. Losing yourself to achieve something new in math, art, science, etc. can be seen as a worthwhile sacrifice. Content creators feels more perverse because they are sacrificing themselves to making metrics go up. The act of creation is in service to metrics that please an algorithm so views go up. If the magicians didn't care about magic at all but were obsessed with optimizing the show around ticket sales it would be a shitty movie. reply suyash 4 hours agoparentprevGreat analogy! As a performing magician and a big fan of the movie, I get how obsession with a craft can blur the line between reality and performance. But that line still exists. The best actors, creators, and magicians make us feel they’re being real, even when they’re not. reply HanClinto 3 hours agorootparentThis is why I struggle with enjoying Andy Kaufman's content -- I'm never entirely sure where that line is. I respect his dedication to the craft, but I have a difficult time enjoying it -- on a meta level, it's unsettling. reply kevinsync 2 hours agorootparentKaufman was Daniel Day Lewis-level dedicated to the character, but there are others, Tom Green for instance, who ostensibly was just as dedicated for the first arc of his fame and career, then loosened his grip on the persona with age. I often think about his trajectory compared to the average social media influencer -- he pioneered so many things and has worked in a bunch of mediums while they're basically imprisoned in their chosen persona, doomed to repeat the formula / gimmick / character day in and day out until the novelty wears off for everybody and they burn out entirely 12-24 months later. The ones with the most longevity seem to have been able to retain autonomy as a creator rather than a creation, as mentioned in the article, allowing them to grow and evolve rather than forever being a one-note wonder whose entire raison d'etre is eating shoe polish on camera. reply jprd 3 hours agorootparentprevAlso, exactly his aim reply kayvulpe 3 hours agoparentprevA couple times that theme appears (there are more) --- https://youtu.be/uckLb_8LEGQ?t=36s ANGIER (scorn) It's misdirection- he leaves those things lying around to make you think he's using a double. OLIVIA All the time? He doesn't know when I'm looking ANGIER All the time, Olivia- that's who he is, that's what it takes- he lives his act, don't you see?! --- Also the dialogue after the fishbowl performance https://youtu.be/J8ZXT2HTxqE?t=34s BORDEN (points) This is the trick. This is the performance, right here. This is why no one can detect his method. Total devotion to his art... reply michaelcampbell 3 hours agoparentprevThis isn't purely new, either. I'm perhaps dating myself a bit but I recall that over the years I have seen a few actors have this weird vibe where they're never \"human\", they always \"on\" and seem like their actor-thing has totally subsumed their humanity. David Cassidy and Shirley McClain come to mind for me on this. reply islanderfun 43 minutes agorootparentI grew up watching The Rock. As an adult, it's hard to look past the persona he shows when talking about anything on any medium. reply qskousen 3 hours agorootparentprevI realize I'm probably in the minority for this, but for me when people create a \"persona\" for their media, it turns me away. I prefer watching people who are more genuine, whose content is less entertainment and more just themselves, even if that isn't what the internet seems to be looking for. reply michaelcampbell 2 hours agorootparentI find it somewhere between \"very uncomfortable\" and \"creepy\". Even as a kid something felt very off in those interviews. reply mrguyorama 2 hours agorootparentprevThe people you consider \"more genuine\" are just cultivating a different persona. Don't ever believe you \"know\" someone you don't. Parasocial relationships are harmless at the low level but quickly become toxic. Always meet your heros so you can understand they are normal and flawed humans reply cjs_ac 3 hours agorootparentprevPeter Sellers also had this problem; in his case, it was a problem with his personality (or lack of one) rather than something acting did to him. reply esafak 2 hours agorootparentComedians seem to exhibit this trait more often than others. Norm Macdonald had a somewhat similar vibe. reply triyambakam 3 hours agorootparentprevJohnny Depp maybe? reply banannaise 3 hours agoparentprevOne of the problems with modern social media (and digital media in general) is that this is now happening, to some extent, to everyone. This is particularly a problem for children, who are exposed to this so early that they may never internalize the difference between existence and performance. Bo Burnham said it really well in an interview: \"I'm saying I feel very stressed because I feel like I'm on stage panicking in front of thousands of people... and I feel like I'm trapped within a performance and I'm freaking out because of it. And 13-year-olds were going 'yeah yeah, I feel like that every day'. And I go 'what are you talking about?' and I realize that the stresses of a C-list comedian were democratized and given to an entire generation.... Social media has made life a performance.\" I'm not sure where the original interview is, but I found the quote at 9:43 of this analysis of Inside: https://www.youtube.com/watch?v=iHat1OlMPeY reply criddell 3 hours agoparentprevVonnegut also uses this in Mother Night. We are what we pretend to be, so we must be careful about what we pretend to be. reply vishnugupta 3 hours agoparentprev> they became inseparable If one spends most of their waking hours in front of camera producing video after video it's bound to happen subconsciously whether they like it or not. reply jplrssn 4 hours agoparentprevArguably also true for some (many?) tech entrepreneurs. reply liontwist 2 hours agoparentprevAnd that those who most successful are able to appear magical because they are willing to do things so unreasonable that the possibility doesn’t even cross your mind. reply infecto 4 hours agoprevNot entirely related to MrBeast but related to YouTube. I genuinely miss the older algorithm where after watching a video you would go progressively further down a hole of videos somehow related to the one you just watched. It was quite entertaining and really uncovered fascinating videos. reply hn8726 3 hours agoparentI have no clue how to use YouTube. It seems like as soon as it latches on 3-4 interests of mine, the entire home page is exclusively filled with videos relating to that. I can mark videos as \"not interesting\" but it doesn't do much. I will see exactly the same videos on the home screen, ones that I'm not interested in and don't plan on watching, for weeks or months sometimes. I'm sure there's plenty of interesting content about topics I haven't searched for, but YouTube seems intent on not letting me out of whatever bubble it thought out for me. reply NAHWheatCracker 3 hours agorootparentI think what you describe is what infecto was saying. You can't use YouTube to find interesting content anymore. You can only use it to find more of what you've already seen. In the past, it was better at unearthing new things. Personally, I added uBlock filters so the home page is empty and recommended videos aren't shown. I only ever go to subscriptions now. reply rendaw 2 hours agorootparentIt doesn't even show me more of what I've already seen, half the sidebar is videos I've already watched (or watched halfway before dropping, with a helpful indicator of my lack of progress). Like, \"we see you like video X, why don't you watch video X today?\" Thanks, I already have bookmarks. reply xoxxala 2 hours agorootparentprevSimilarly, I use Unhook because it gives me fine control over what YT displays. I now find YT to be completely unusable without it. reply OJFord 2 hours agorootparentprev> I added uBlock filters so the home page is empty and recommended videos aren't shown. I only ever go to subscriptions now. There's a setting to turn it off, no need for uBlock filters for that reply NAHWheatCracker 1 hour agorootparentIt's the hammer I have and it works on those nails, hah. reply JasserInicide 34 minutes agorootparentprevI've come accustomed to deleting cookies on browser close. The first ~10 or so YouTube page requests, the sidebar of recommended videos is pretty good. After that, as you said, it gets way too muddled. I think a good plugin for YouTube would be to always delete cookies before opening a video so that you're getting as close to a pure vanilla recommended feed as possible. reply magicalhippo 3 hours agorootparentprevWhile I do agree it has a very strong focus on suggesting more of what you've recently watched, I feel it's also managing to suggest new and interesting unrelated stuff from time to time. Some habits I have is to subscribe to channels which I truly enjoy, instead of marking as \"not interested\" I select \"do not suggest channel\", and be cautious of click-bait titles. If I get lured in, I remove them from my history. So for me it's mostly great, though I get your frustration as well. For example I recently watched a couple of informative videos on the LA fires as I have some relatives living in the area, and suddenly my feed is tons of that and little else. reply hbn 3 hours agorootparentI've found sometime in the last year or so YouTube has been suggesting random videos from very small channels much more, which I like a lot. Most of the videos are garbage, but every once in a while I'll find a gem that entertains me and my friends. Recently I found a video of a young kid doing a taste test of a sour soda, and then demanding his dad come over from the other room to try it too. At one point the kid does a really loud burp that I found funny. Obviously not something that will do numbers, but it satisfies my people-watching itch. reply jonasced 2 hours agorootparentprevI too liked to prime my own algorithm but Yanis Varoufakis book Technofeudalism kind of ruined it for me. On a individual level it's nice to get good recommendations, but on a societal level I think it's starting to get a bit scary to the point of me wanting to opt out and instead curate my own feeds based on first hand sources. reply magicalhippo 2 hours agorootparentYeah I get your point, though I almost exclusively use YouTube as an alternative to TV entertainment. That is, rather than watching Mythbusters, I'm watching Numberphile, FarmCraft101 and such. I specifically do not normally view \"pure\" news or similar. I might make the rare exception, like in case of the LA fire where I saw a clip from PBS. That is a very conscious choice, for reasons similar to what you express. reply kccoder 2 hours agorootparentprevI made the mistake of clicking on a Jordan Peterson video several years back. I'd never heard of him before and the title seemed interesting, so I clicked. 15 seconds in my charlatan detector went off, so I exited the video. For the next couple weeks I was playing wack-a-mole with a never-ending supply of manoshpere and right wing nonsense. Easy to see how so many people get sucked into sphere of influence. reply Arkhaine_kupo 1 hour agorootparentprev> It seems like as soon as it latches on 3-4 interests of mine, Its worse than that. I thought that Youtube worked as you described, trying to find videos suited to your interests but it actually works the other way around. Youtube has a series of rabbit holes that it knows maximise engagement, so its trying to filter you the human down one of those rabbit holes. Do you fit the mr beast ssniperwolf hole, or the jordan peterson joe rogan rabbit hole? Howabout 3 hour video essay rabbit hole, is that one your shape? Its designing paths for engagment and filtering humans down not filtering videos for humans, its perverse and awful and it explains why the algorithm simply does not work for humans, because you are not the target audience, you are the data being sorted. reply mavhc 3 hours agorootparentprevDon't use the homepage, use the subscriptions page reply cheschire 3 hours agorootparentWhen you turn off search history, it makes the homepage useless and the subscriptions page becomes unavoidably the next step. Discovery of content happens in the sidebar from videos I enjoy now, and only when I'm in the mood to discover something. reply x187463 3 hours agoparentprevI obviously don't know your personal experience, but your description is still how YouTube works for me. For example, over the holidays I would occasionally put on a video from a channel that plays holiday music with various videos of this guy's model train setup in the background. I immediately started receiving model train videos, which, of course, I had to click on and now I know a little bit about trains and building realistic environment models. That being said, occasionally I do have to go into my Google data and clear/clean the watch history to reorient my recommendations. reply infecto 3 hours agorootparentI don't think thats the case. Don't confuse homepage recommendations with end of video queue recommendations. It used to be end of video recommendations were heavily weighted on the current video or chain of videos you just watched. Essentially you could keep going to the next video and go down a weird hole of obscure videos. Now the algorithm will quickly circle you back to your profile homepage of videos as opposed to the video you just watched. reply x187463 2 hours agorootparentOh, I see. I suppose I do recognize more of the 'general recommendations' in the post-video grid rather than basing those solely on the video itself. That being said, I don't use that mechanism generally and tend to rely on the homepage-refresh and side bar to discover additional videos. reply 98codes 1 hour agorootparentprevSame, and now I've spent the last two weeks trying to convince YouTube that I don't need several different videos of Christmas music playing over a fireplace. Feels a whole lot like the dumb emails I get from places like Home Depot, where because I bought a table saw they feel I should know about all these other table saws they have. reply okdood64 2 hours agorootparentprevAgreed. This is still how YouTube still works for me. It's great. > That being said, occasionally I do have to go into my Google data and clear/clean the watch history to reorient my recommendations. Can you elaborate on this? What effect does this produce for your specifically? reply x187463 2 hours agorootparentIf I find I am receiving recommendations in which I am uninterested and are clearly based on a handful of videos I watched previously, I can clear those from the history and the algorithm doesn't use them for future recommendations. The simplest example would be watching videos for a one-time use case such as repairing a specific home issue. I definitely don't need more recommendations to fix that/related issues, but YouTube is likely to spend a little time sending them my way. I can fix that quickly by removing the original videos from my history. reply okdood64 2 hours agoparentprevThis is exactly how YouTube still works for me... I'm still finding new interesting content and creators everyday. Do you subscribe to creators you enjoy, and like their videos? You still need to feed the algorithm. reply nimajneb 3 hours agoparentprevI miss YouTube where you could just browse topics, like right around when Google bought it is when I liked it the most I think. I much preferred categories/topics based UI over this spoon fed algorithm. I think there's also a sweet spot in production value that I prefer. I like Technology Connection, Adrians Basement, Cathode Ray Tube Guy (name?), etc level of production much more than LTTs high production value. reply ravenstine 3 hours agoparentprevI don't. My experience with their algorithm between 2014 and ~2020 was that autoplay would quickly turn into a form of video diarrhea composed largely of Jordan Peterson and Lex Fridman. Was pretty bizarre because I only watched a few Peterson videos in the beginning, mostly his \"Maps Of Meaning\" videos which I think are mostly poppycock, and ever since then YouTube would quickly bring me back to his content even though I was never navigating to it organically. I had to resort to clicking \"Not interested\" and \"Don't recommend channel\" on several videos, which sort of worked, but it wasn't fool proof. These days it happens way less often, though usually that loop contains a lot of \"gurus\" in general and less of Peterson. I hope I never have to hear the voices of Jordan Peterson or Lex Fridman again. I'm not a fan of either one, but YouTube insisted I was for many years. reply antoniojtorres 1 hour agorootparentThis was at the center of controversy many years ago, described as a sort of alt-right pipeline. I believe there are studies about that exact algorithm behavior on youtube. My understanding is that it was changed to loop back around to trusted content sooner. reply thinkingtoilet 3 hours agorootparentprevFunny, I have the opposite experience. I used to get relevant videos to what I was watching. If I'm watching a Phish video, it would recommend other Phish videos. These days, if I'm watching a Phish video I will literally, as in literally literally, get a Candace Owens video recommendation. I have literally never clicked on one of her videos ever. I don't watch political content on youtube at all, and if I did I am very left leaning. I can't fathom what has made the algorithm so terrible that if you're watching 90s Phish videos it recommends right-wing talking heads. reply ryandrake 2 hours agorootparentIt's so weird and obvious that shenanigans are going on in the recommendation algorithm. I'll watch a Video Game Streamer, and in the sidebar, the top ten recommended related videos are: - Same streamer, different video - Different streamer - Far right pundit blasts immigration - Video game streamer - Video game streamer - Video game review - Same streamer, similar content - Ben Shapiro OWNS Liberals with FACTS - Video game streamer - Video game streamer I've never watched one of these blowhards in my life, but man, YouTube thinks I'd love it. Because I watch video games? Is this the gamer-to-alt-right pipeline I keep reading about? reply mrguyorama 2 hours agorootparentThere is massive overlap between those who watch video game streamers and those who watch the right wing rage content. Youtube is recommending you the videos those other people who watch video game streams watched next. reply jamincan 1 hour agorootparentAren't a lot of video game streamers basically alt-right rage streamers now too? reply Applejinx 3 hours agorootparentprevI think they can be paid to do that, but I'm not sure quite how it was arranged. That, or the Peterson pipeline is a good representation of a local maximum: a fairly obvious way a set of videos can direct people to related videos and increase the appetite for them. That'd produce algorithmic reinforcement without anybody getting paid. Apart from Youtube, content-agnostically hungering for being paid in views on their platform. It could have sent a very strong signal that 'this content maximally sends a statistically significant number of viewers down MASSIVE youtube rabbitholes never to emerge, therefore take the gamble and try to show everyone the content, ???, profit!' reply matsemann 3 hours agoparentprevI don't miss watching a video about a dog herding sheep, and then getting nothing but dog herding sheep videos the next week, heh. But I also don't like the new algorithm, it is as if youtube has assigned me to a demographics and really wants me to watch what other techy males around 30 y.o. watch, constantly trying to give me some rage political content to test the waters. reply infecto 3 hours agorootparentWhat I am describing is not the home page recommendations but the hole you would go down on post video recommendations, essentially the queue that Youtube would create for you had for a long time a heavier weighting on the current video you were watching. The simple example being you watch the dog herding sheep, then you the next video was about sheep, then you got to some video from a different country with sheep in it, then finally you ended up with some person who pretended to be a sheep. Purely making that example up but it often even in weird obscure videos quite quickly. reply alecco 3 hours agoprevWatching YouTube anonymously with different browsers and cycling VPNs frequently, I see it quickly ends up suggesting the same videos during the same week. Not similar videos but the same ones. Many of those videos are below 1M and not particularly notable. This is after only watching a couple of videos and those videos are different every session. Either it has some magic fingerprinting I am not aware of (and I go to lengths to avoid this) or it quickly puts me in a bin of generic results. It feels like the YouTube algorithm is either way more manual than we think or it has rules that end up showing the same things. Or both. Or something more sinister. I've never, ever clicked on short videos with girls in skimpy clothing doing something \"based\" and yet it keeps trying to hook me up on those. Even after clicking around very different videos (infosec, low level code, workshop). It's like it refuses to learn what I want to watch. When watching with my account on YouTube mobile app it keeps trying to push dumber content. I wasted years giving it feedback with \"not interested\" and \"Don't recommend channel\". It only keeps pushing videos of channels I liked 1 video 1 time long ago. If I like a DefCon video the algo will pester me with garbage shock content for infosec. Recently, I liked a cppcon wait free programming presentation and then YouTube started pestering me (again) with the Indian programming 101 videos with terrible sound and rushed video. I had to give it like 10 \"not interested\" / \"Don't recommend channel\" for it to stop. Ironicaly, about a year ago, I started watching a really good ML channel by an Indian guy with great animations an in-depth explanations. Top level. And YouTube rarely suggested his content. I had to go to his channel to look for things or search the channel name and some keywords. It feels like YouTube punishes sophisticated content. I think there is no true algorithm. Or that it has rules to never suggest me the content I actually want to watch. And don't get me started with YouTube search. Sadly most of the content I want to watch is hidden deeply in the garbage pile of YouTube. reply xg15 2 hours agoparent> I've never, ever clicked on short videos with girls in skimpy clothing doing something \"based\" and yet it keeps trying to hook me up on those. There was another post on HN recently about \"multi-armed bandit\" problems and an algorithm which occasionally retries previously nonperforming choices on purpose to \"test\" if their performance has changed. I wonder if YouTube's algorithm works similarly, i.e. occasionally suggesting a video that has nothing to do with your preferences, to see if it can hook you. reply hnthrow90348765 1 hour agorootparentThis seems logical to me, there have been times when I wanted to hop off a deep dive after watching enough and wanted to move to something else. But I was probably immune to suggestion before getting to that point. That satisfaction threshold is probably understood for someone like me who doesn't browse anonymously reply CYR1X 44 minutes agoparentprev> I've never, ever clicked on short videos with girls in skimpy clothing doing something \"based\" and yet it keeps trying to hook me up on those. Even after clicking around very different videos (infosec, low level code, workshop). It's like it refuses to learn what I want to watch. This has made me realize that YouTube is like the leading platform for piracy and porn. If you have any interest in sports the frontpage will be littered with pirated livestreams from channels like ESPN, and while they may not be explicitly pornography, the skimpy girl content is basically that. reply derektank 3 hours agoparentprevI find that going into your history and removing offending videos that seem to be driving the algorithm is more effective than using the \"not interested\" option on newly recommended videos reply alecco 3 hours agorootparentYes. Forgot about it. I keep the history clean, too. But it's only fractionally better. reply geerlingguy 2 hours agoprevThere's a lot of drama around the MrBeast YouTube channel lately—some of it justified, a lot of it manufactured... I think the main thing is Jimmy Donaldson (MrBeast) has stated numerous times his goal in life (at least publicly) is to make the best YouTube videos possible. Realistically, a lot of the things that feed into drama are related to that goal: overwork, inadequate planning. They take 'move fast and break things' to the extreme to make the videos they make, and unfortunately the 'things' they break are often people. The tough thing is, at least until recently, it seemed like MrBeast and the 'Beastification' of YouTube (where all content is loud, shouty, super-quick cuts) was inevitable. And in many corners (especially kids-centric content) it kind-of is. But luckily I think some people have pulled back. I feel like we're currently in kind of the anti-thesis of the '2001 Space Odyssey' era of entertainment. Instead of long, thoughtful content for consumption, it's fast-paced, zero-thought content with splashy colors. reply cedws 2 hours agoprevI think MrBeast and other high end influencers like the Paul brothers are harmful to children. Kids see them flaunting their huge wealth and abandon all their other ambitions in favour of wanting to become a YouTuber. Which, now, is a very competitive platform few succeed on. Kids should be nudged towards working fruitful careers beneficial to society. Although MrBeast has done some good things with it, I find the way he flaunts his wealth perverse. reply andrewla 1 hour agoparentIn general I'm in agreement that they present a life where being an \"influencer\" is a goal in and of itself, but I think it's mostly harmless, like kids wanting to be a rock star or a professional athlete. These are unobtainable for most people but learning some music or sports or video production isn't a bad idea for anyone because you don't know where it will lead. The specific criticism of \"flaunting their huge wealth\" does not apply at least to MrBeast -- he specifically is not very wealthy (I mean, he may be, but he says that he is not and he does not flaunt any such wealth; on the few occasions where his personal life is highlighted it seems he lives rather humbly). He claims to put all of the money he earns back into his videos; so when he makes enough to buy a \"lambo\" or whatever he will buy one and give it away to whoever can swallow the most toothpicks or whatever. MrBeast does not push a life of luxury as his lifestyle, he presents a life of being a celebrity influencer whose life is making more spectacles. reply walthamstow 26 minutes agorootparentIn my opinion, giving away large sums of money, loudly and publicly, is very much flaunting wealth. It’s good too, it’s great, but it’s also flaunting wealth. reply andrewla 12 minutes agorootparentI guess what I mean is for a typical \"influencer\", you want to be that person to both be famous and also be rich and have cool stuff like they have. But if you want to grow up to be MrBeast, you want to just be famous. Maybe you want to be MrBeast-famous and also buy cool yachts and lambos and private islands for yourself, but that's not the \"lifestyle\" that he's selling. The lifestyle he's selling is \"be famous but still hang out with your loser friends but get to give away and/or destroy awesome things\". This is maybe not the thing we should aspire to, but for kids I think it's fine to imagine that for yourself the way that you imagine being an NFL quarterback or something. Not every kid imagines growing up and being a moderately successful CPA. reply munchler 2 hours agoparentprev> Kids should be nudged towards working fruitful careers beneficial to society. It’s all about incentives. I think we should nudge society towards rewarding kids who choose fruitful careers. reply andrewflnr 1 hour agorootparentYes, that too, but it might not help kids whose main perception/exposure of \"society\" is MrBeast et al. Kids can be quite oblivious to how \"society\" works in practice and what will be rewarded. reply ndileas 2 hours agoparentprevFranz Liszt is a Menace to Society and all those whose consider themselves Decent, Hardworking, Folk should warn their Children aginst[sic] him. Composition is of course a Good, but the competition is too steep, and if the Young seek to imitate the likes of him it will end in Tears. The Young should be guided, steered into more reliable, beneficial aspirations. reply tdb7893 2 hours agoprevSo firstly I think for understanding YouTube it's much longer but it's better to just read Mr Beasts onboarding guide (https://drive.google.com/file/d/1YaG9xpu-WQKBPUi8yQ4HaDYQLUS...). It gives a more complete picture straight from the horses mouth (and I always prefer primary documents if I can). That being said I think the author here is taking some things for granted. An example of this to me is \"As I wrote in the book, “If creators are speaking their authentic truths, how can they also be accountable to audience feedback? I am personally bemused to see 'authenticity' invoked as a criterion for what is ultimately and obviously a performance\". So firstly I don't view authenticity as some binary thing that is mutually exclusive with taking feedback and context. Just because I act differently with my boss, my parents, and my friends based on feedback from them I'm not being inherently inauthentic. To me authenticity and external pressures are at odds but from the few videos and interviews I've seen of Jimmy he seems to genuinely enjoy creating the spectacles he does so beneath all the artifice in the videos I think you're still seeing the core of Jimmy making content that he wants to make. Anyway, I think if you stop looking at stuff like authenticity as less rigid rules for how to act and more as a spectrum or very broad category what the creators say makes more sense (because it's not just Mr Beast saying similar things). reply lanternfish 2 hours agoparentYour conclusion is the exact same one the above essay comes to in the next paragraphs. It concludes that the \"alignment\" between MrBeast and his work is a result of the larger thesis: creators are ultimately created by the audience conditions of the platform. Or, authenticity doesn't mean much when the root of the creator isn't a ground truth, but a synthesis of demand. reply tdb7893 1 hour agorootparentWe do not come to the same conclusions. The last paragraph is this: “Luckily, I’d say I’m a pretty predictable guy.” Luck has nothing to do with it, Mr. MrBeast. Your predictability is the result of years of an information diet consisting of audience feedback metrics. You are the proudest creation of the YouTube Apparatus.\" Audience feedback metrics are only part of what a creator does. They are people with complex motivations and being sensitive to audience feedback metrics doesn't eliminate that. I could see saying the ecosystem being a synthesis of demand (I mean that's just trivially true, we don't need an essay on Mr Beast to say that) but from interviews Mr Beast is very much a product of the pressure of YouTube mixed with the very specific nature of who Jimmy is as a person (from interviews he seems like a pretty weird guy and his videos definitely reflect his particular quirks). Edit: I'm trying to see how the author and I agree but unless the author is saying that people who succeed on a platform are the people that do things that are successful on the platform (i.e. align with audience metrics) then I don't think we agree. And I don't think that's all they are saying because that's just trivially true everywhere and it would make all the talk about philosophy and authenticity useless cruft. I think that Mr Beast is the sorta platonic ideal of a \"content creator\" driven by metrics and even he cannot escape his own Jimmy Donaldson-ness in his videos. reply artur_makly 1 hour agoprevDhar Mann’s channel is another interesting cultural signal of what kind of content tweens are being groomed with: https://youtube.com/@dharmann?si=vsNv2M2S7LfbVvVt What is abhorrently revolting is the total amount of “Gold Digger” videos +100 and counting.. https://www.google.com/search?sca_esv=76583c995a4c1c88&rlz=1... reply snakeyjake 46 minutes agoparentDang. I wanted to see what \"the youths\" were watching so I scrubbed through a couple of those videos. The people in them make me feel like the world's most accomplished actor. reply roland35 3 hours agoprevIt's interesting how this is happening in software engineering YouTube content as well. It seems like things like \"go sucks rust is great! Now rust sucks and zig is great!!\" get way more views since it is basically clickbait for nerds. It's too bad that nuanced discussion doesn't do too well on social media. reply mcintyre1994 2 hours agoparentThe incentives with YouTube just seem bad. Whenever I research a product (recent examples: Garmin Watches, DJI drones) I'll find a few great videos with informative and useful content. I hope those channels are doing well! But then my YouTube recommendations related to those will have titles/thumbnails with things like \"don't buy until you WATCH this\" or \"I was wrong!\". reply kccoder 2 hours agoparentprevI've similar trends here in regards to new languages, technologies, ... People love to bandwagon. reply xyzzy4747 3 hours agoparentprevIt also reminds me how the most upvoted comments on Reddit often reflect the consensus opinion but not necessarily the truth. reply OJFord 2 hours agorootparentHow could a voting system anywhere be expected to represent truth rather than consensus? reply xyzzy4747 2 hours agorootparentIt probably depends if the audience is intelligent and open-minded, but I agree, it will always be biased towards their preconceptions. reply OJFord 1 hour agorootparentEven then that's consensus on what the participants believe to be true (whether it's what they believed beforehand or not) - not a method of determining what is actually true. reply okdood64 2 hours agorootparentprevThis is a great line, thanks. reply Klonoar 2 hours agoparentprevI noticed this as well and it’s been the first real moment where I feel “old” as a dev. I should acknowledge that our industry has always had some form of this - but it was contained predominantly to mailing lists/forums/blogs and eventually Twitter. It felt like all of these mediums (yes, even Twitter) required some form of proof that you’re an authority or experienced on what you’re writing about. I don’t feel like that’s what’s happening with YouTube/Twitch here; these creators may very well be skilled/experienced/authorities (and I am explicitly not saying they are or aren’t) but I don’t see anywhere near the level of healthy skepticism that I feel like we’ve always had in our industry. Maybe it’s a generational divide as the window of developers shifts. Maybe it’s just the sheer size of the distribution channels now. I’m open to being wrong. tl;dr: Something about these mediums turbo charges the information in a way that I’m not sure is healthy. reply SirHumphrey 2 hours agoparentprevNuanced discussion can only happen in good faith. It’s impossible to enforce that so to prevent being turned in to 4chan, social media turns to the most obvious proxy- likes upvote etc. The logic underpinning this is that if a person is a jerk they will be downvoted- therefore there is an incentive to not be a jerk. However, because the person on the other side is anonymous and therefore people can’t instinctively presume good faith, upvoting system turn in to a voting system - the goal is not to develop ideas, but to submit ones people will most agree with. When the main danger is apathy, there is no reason from self-moderation. Nerds are not immune. reply coliveira 1 hour agoprevConsider the following: my personal youtube feed has never shown a video of MrBeast. I never asked to remove it from my feed. I only know the he exists because I see it being debated in the media. So, this tells me more about what people in general are interested in and click to watch, than about the nature of youtube itself. reply wodenokoto 3 hours agoprev> in cybernetic terms, a long lag time in production is deadly. Does \"long lag time\" or \"deadly\" mean something else in cybernetic terms than in regular terms? I found the \"in cybernetics terms\" insert quite puzzling. reply drawkward 3 hours agoparentCybernetics has a lot (everything?) to do with feedback loops; the word itself comes from the Greek for \"steersman\". If you have a long feedback loop in a process that is supposed to self govern, it would be potentially deadly to the equilibrium. reply cyost 3 hours agorootparentSimilarly, in a positive feedback loop (as in the article), a long lag time would decrease its growth rate. reply bobbylarrybobby 3 hours agorootparentprevAlso the etymology of kubernetes reply Xmd5a 2 hours agoparentprevIn control theory, this is called dead-time: >Dead time is the delay from when a controller output (CO) signal is issued until when the measured process variable (PV) first begins to respond. https://controlguru.com/dead-time-is-the-how-much-delay-vari... reply criddell 3 hours agoparentprevI googled for a cybernetics definition and this came back: > Cybernetics is the scientific study and mathematical modeling of regulation and control in systems, focusing on the flow of information and how it is used by the system to control itself. So maybe a long lag time is deadly because they lose control of the system? That doesn't really make sense to me either though because what control do they have in the first place? The author says as much when they call it an ever-shifting target. reply Tryk 3 hours agoparentprevAn interpretation that made sense is \"cybernetics\" as the ancient Greek word for the one who steers the ship. reply nmeofthestate 3 hours agoprevI'm interested in how many people here on HN watch Mr Beast - I've never watched any of his videos ever, and I spend far too much time on YT. reply thedman9052 1 hour agoparentI watched one of his videos and quit pretty early because it was boring. Thinking back on what I remember, it seems very weird. It was the one where he \"gave away\" a chocolate factory, after he did the Willy Wonka thing with his chocolate bars where you could win a chance to be on the show. I clicked because I was curious what he was actually \"giving away\", if it was actual chocolate factory property, shares in his snack brand, or some disused industrial building. They had a \"candy room\" with plants supposedly made of real sweets but it looked like a cheap imitation of the Willy Wonka movie, the walls were mostly white and it seemed like it could have used more set dressing. The actual content was a game show (seems to be a lot of his videos) but it didn't make good use of the space they built, I think it was a basic scavenger hunt. Then the contestants had to throw a giant Mento into a giant Coke bottle, it was impressively large but the game wasn't exciting at all, they just threw the disc at the bottle over and over without any drama. MrBeast even said something like \"we're going to be here a while\" so he started their ad read, that's when I turned it off. Unlike a TV game show or reality show the contestants had no characterization, they didn't play up any rivalries or reactions or drama. It seemed like they were there doing the most basic challenges so MrBeast could talk about what they made and give away something expensive at the end. I found it all very odd and it reinforced that I am very far from the median viewer since I found none of it interesting. reply cvoss 3 hours agoparentprevI don't, on principle. A few years ago, if you opened up YouTube without being logged in, the algorithm would show you its default recommendations in the purest state, uninfluenced by your proclivities. MrBeast and similar dumpster clickbait videos were prominently featured. These days, I think you have to at least search for and watch some things before you are told what to watch. If MrBeast has ever shown up on my YT front page in the past, I slapped YT's hand until it stopped. Haven't had a problem since. reply queuebert 1 hour agoparentprevI have never watched one, but I consume a lot of YouTube content. My teenager calls MrBeast-type channels \"brain rot\". He says teenagers watch YouTube when they want to make time disappear. (I guess they are uncomfortable being bored.) I find it sad because YouTube is actually a great source of educational content. reply nemesis1637 1 hour agoparentprevI watch it all of the time but only because of my daughter. I definitely wouldn't watch them on my own but it's tolerable. reply OJFord 2 hours agoparentprevI'd never even heard of him/it until a previous submission here (and I also watch a lot). Still hadn't heard of any of the other apparently big ones mentioned in another thread. I assume most of us aren't using YouTube for that kind of doom-scrolling click bait scream face 'content' about nothing in particular, but I could be wrong. reply tim333 2 hours agoparentprevI've watched like three. They are quite entertaining but tend to follow a similar formula. reply ThrowawayTestr 46 minutes agoparentprevI've watched a few of his videos, they're pretty good. reply ajkjk 2 hours agoparentprevIt's a younger-people thing primarily. reply nonameiguess 1 hour agoparentprevWhat I feel gets missed in these kinds of discussions are that YouTube is a thousand things to a thousand people. I probably have it running more than any other streaming service, but I almost exclusively watch music videos and skateboarding videos, and there is nothing obviously algorithmically driven about their production. They're not made for YouTube at all. YouTube just happens to be one of many distribution channels they end up available on, but the basic style and production methods of these videos hasn't changed a whole lot since the late 1980s. I'd have never heard of Mr. Beast if not for HackerNews talking about him all the time. My wife is probably closer to a YouTube-native watcher, in the sense that what she's watching is created for YouTube specifically, but even then, it's informational deep-dives, lately on liminal spaces lore, Twin Peaks fan theories, and 3d printing. She raved glowingly lately about a 4-hour long Twin Peaks explainer. I'm sure that is many things, but it isn't flashy, short, there is no skimpy clothing, bright colors, or whatever it is that YouTube is supposed to be incentivizing. Whoever made it almost certainly made no money off of the effort and dumped decades of his life into the study of what ultimately came out there, and nobody is watching it because of the algorithm or a clickbaity thumbnail. The only people watching something like that are the most serious of serious nerds who deeply love Twin Peaks and probably have for most of a lifetime. reply JohnMakin 3 hours agoprevIt is indeed a fascinating topic, and it’s completely changed content (for the worse, in my opinion) in the last ten years. I always wonder though, does the dead-eyed creepy smile factor into his metrics analysis? it must, or he wouldn’t do it. something has always felt a little “off” about that guy, but if your entire adult waking life is devoted to the whims of the massive YT content space, I guess you’d probably seem a little kooky. reply yifanl 3 hours agoparentIt does at the moment. At some point in the future, it might not rank, at which point he and anyone else devoted to the rat race will get their teams to replace their thumbnails with whatever new thing gets more clicks. reply grahamj 1 hour agorootparentPlease god let it be something other than faux surprise and arrows reply grahamj 1 hour agoparentprevIf there’s no border between him and the Apparatus then his is literally the face of the Apparatus. reply mrkramer 3 hours agoprevSo formula for success on YouTube is to be constantly making crazy and then even more crazier videos and hope they become viral so more people discover you? I knew that even 15 years ago when I was watching crazy pranks pulled by French YouTuber Rémi Gaillard[0]....he was so popular back in the day on YouTube. [0] https://en.wikipedia.org/wiki/R%C3%A9mi_Gaillard reply Applejinx 3 hours agoparentThe formula for success is more basic than that. Make people watch more YouTube. Crazy videos might become passe or burn people out, at which point the 'formula' will change, but the underlying reality is the same. It's a paperclip maximizer. To succeed at YouTube make people watch more YouTube. reply coopykins 3 hours agoprevReally liked this sentence: \"YouTubers are not “Creators” but Creations. Audiences, rationalized by the platform, and the vloggers who upload the videos those audiences consume are not separable either theoretically or empirically.\" reply nemesis1637 4 hours agoprev\"They have been interpellated by audience metrics; their subjective experience already takes audience reactions into account.\" This is great. I think there's a body of research to be done regarding the creation of self in the age of social media. (Not just creators but everyone) reply summarity 3 hours agoparent> creation of self in the age of social media That's a large part of the field of Cyberpsychology, and of course there's quite a body of research already. reply adamc 4 hours agoparentprevExcept that it's \"interpolated\". reply gertrunde 3 hours agorootparentPerhaps not: https://en.wikipedia.org/wiki/Interpellation (Specifically the top item, \"the process by which we encounter a culture's or ideology's values and internalize them\"). Edit: Doh! On checking the article, that's even the same link the author embedded! reply rahimnathwani 4 hours agorootparentprevNo, it's \"interpellated\", i.e. 'brought into being'. reply nucleogenesis 3 hours agorootparentprevI suspect they’re using the second definition of the word (per Google): PHILOSOPHY (of an ideology or discourse) bring into being or give identity to (an individual or category). —- I read it as saying the audience and their reaction to the content is what gives the “creator” their identity. reply dmd 3 hours agorootparentprevNo, that's inserting a value. Interpellation is the international police organization popularized by Carmen Sandiego. reply thfuran 3 hours agorootparentprevNo, that's a different word that doesn't work in that context. reply add-sub-mul-div 4 hours agorootparentprevThat was my first instinct, too, but instead of reflexively posting about it I double checked and found I was wrong and learned something new. reply adamc 2 hours agorootparentI sit enlightened, although I don't like the word much. reply ionwake 3 hours agorootparentprevooof reply andrewflnr 1 hour agoprev> I am personally bemused to see “authenticity” invoked as a criterion for what is ultimately and obviously a performance Imagine someone is actually an actor. They might play two different roles, one in a character and show they find boring, and one in relatable character in a show whose message they think is important. Don't you think their performance in the second one might be more authentic, despite being a \"performance\" in both cases? This essay starts interesting, but I think it overreaches at the end. reply hartator 3 hours agoprev> and I confess that I feel vindicated by the analytic approach in the book I feel the opposite, everything seems reasonable, business-centric, and marketing-aware strategies. reply n4r9 3 hours agoparentIsn't that the point? By purely focussing on business-centric strategies, the videos no longer have meaning. reply senko 3 hours agorootparentThis presumes that MrBeast intended to create \"videos with meaning\" in the first place. In his defense (!?), most of what's churned out by the streaming platforms, hollywood, and the music industry, is also not very bothered by lack of meaning. reply lanternfish 2 hours agorootparentThis seems an insufficient analysis. The meaning expressed by contemporary music, film media, or streaming television isn't very profound, but they at least still make a passing effort to \"signify\" something. The highest grossing movie of 2024 - Inside Out 2 - is not a deep text, but it does have a thesis. The \"Pixar apparatus\" is definitely increasingly consumed by audience demand, but they're at a minimum in a transitional phase: something like Seeing Red would never get workshopped out of committees. Youtube and other social media (emphasis on media) is ground zero for the decay of meaning into intensity; the ultimate incestuous product of auto-simulacra. reply n4r9 2 hours agorootparentprevThere's no such assumption being made. If anything, the linked article is about how MrBeast is intentionally making vapid slop. reply liontwist 2 hours agorootparentprevYeah, what major piece of film of the last 20 years isn’t a carefully crafted business plan? I think YouTube was so exciting initially because it was so authentic, and now it’s back to big studios. reply hartator 3 hours agoprev> This beauty is an ever-shifting target. The platform architecture and viewer preferences can change overnight; in cybernetic terms, a long lag time in production is deadly. MrBeast needs to be able to adapt to trends, vindicating my audience-driven framework for understanding YouTube. That's actually not true. MrBest is saying the opposite in the leaked PDF, that fundamentals don't change much since he started. reply anal_reactor 3 hours agoprevThe more I learn about successful people, the more I realize that being an office drone with a satisfactory salary is where I want to stay. reply criddell 3 hours agoparentYou don't think of yourself as being successful? Do you think of success mostly in terms of what your job is? reply queuebert 1 hour agoparentprevYou should watch Severance. reply Invictus0 3 hours agoprevBreathless navel gazing. It's not that he's wrong, it's just that this article adds nothing new to the conversation other than excessively technical mumbo jumbo. Just read MrBeast's original document. reply lanternfish 1 hour agoparentThe actual work underlying the essay - the one published in Cambridge Core - is pretty strong and has a lot of pretty compelling analysis. It's just long. reply queuebert 1 hour agoparentprevIronically I think one huge contribution that YouTube has made for the good is elevating the quality of STEM didactics. Channels like 3blue1brown and Veritasium have shown what STEM instruction could look like when not relegated to tenured professors who DGAF about teaching. reply campbel 2 hours agoprevThe reciprocal relationship between speakers and audiences is well documented in rhetorical studies. The example of Hitler's development as a speaker is discussed in Ian Kershaw's biography \"Hitler: 1889-1936 Hubris.\" According to historical accounts, Hitler's early speeches in 1919-1920 for the German Workers' Party were rather technical, focusing on economic topics like inflation and the Versailles Treaty's economic impact. Through audience reactions, he learned which themes resonated most strongly and adapted his rhetoric accordingly. His latter speeches focused on topics like nationalism, anti-semitism, anti-marxism, etc... topics far more popular with his audience. reply stafford_beer 1 hour agoparenttotally agree--and I think this is key to Trump's success as well, that he used audience feedback on Twitter to figure out that there was unmet demand for harsh anti-immigration policy and then win the 2016 primary reply _blk 1 hour agoprevThanks op. This sums it up pretty well for me: In what sense is any of this authentic? reply lern_too_spel 1 hour agoprevI was thrown off by the use of the word, \"wordcel,\" which the author defines as almost the opposite of what I would expect it to mean. Just like \"incel\" is a portmanteau, I expect \"wordcel\" to mean \"word celibate.\" It didn't fit the context. The word is linked to a longer article that has the author's definition buried in it, which just distracted more from this article. reply andrewla 1 hour agoparentI'm perhaps too online, but this is not the author's coining. There was discourse ages ago about how some people are \"shape rotators\" -- that is, they could reason about complex stuff in their heads, and their counterparts, the \"wordcels\", that could express ideas through writing. The latter admittedly does not make sense as a portmanteau, likely because a shape rotator came up with it. reply jasonmarks_ 3 hours agoprevHis view counts seem cooked to me. I would be interested to see what countries his viewers are claiming to be from. This article even reads as a guerilla upsell that his numbers are legitimate. Surely the urge to cheat is unbearable with millions of dollars on the hook. (Alot of apps on the app stores also claim to have quarter million 5 star reviews. Uhhuh) reply kube-system 2 hours agoparentHis viewers skew younger. Kids have a lot of time on their hands. Given how ubiquitously well-known he is among younger people, I doubt there's much fraud necessary. reply jasonmarks_ 2 hours agorootparentI agree the kids will take it at face value all the more reason to not tolerate massive deception. What if his teaching them fraudulent representation pays. All pro athletes cheat a little bit at the highest levels but exceptional cheating is never tolerated. reply spiderice 21 minutes agorootparentWhat evidence do you have of him cheating other than your feelings? reply kube-system 1 hour agorootparentprevI don't understand what you're saying. Kids don't watch the channel because it has a high number of views. And what \"massive deception\" are you referring to? reply 01308106991 2 hours agoprevKhbib reply satisfice 3 hours agoprev [–] Interesting experience to read an essay of such insight regarding a subject that is the opposite of insight. Best thing I’ve read this week. I am happy to say I have never seen a Mr. Beast video, and now I will be sure never to see one in the future. reply WolfeReader 3 hours agoparent\"YouTubers\" are one of those things that a lot of people are interested in, yet everything I learn about them makes me not want to start. The world has so much good film, music, novels, even video games and TV - in a choice between any of those and watching a YouTuber, why would anyone choose the latter? reply OJFord 2 hours agorootparentThe 'Youtubers' I watch are those that do things that are also my hobbies or interests, for education/demonstration/inspiration. Woodworking, machining, 3D printing, electronics, that sort of thing. A modern alternative to magazines basically, or to regional/cable/'public access' (I don't really know how it works, not sure if we ever had that sort of thing here) TV shows like the fictional 'Tool Time' show within the sitcom Home Improvement if you ever saw that. I got started via 'how to do x' for a couple of DIY things, realised there's so much stuff like that, started watching for fun/interest (vs. actually having the job to do myself) and from there the more 'maker' (hate the term) side of doing it for a hobby to create a thing rather than household DIY/repair. reply jazzyjackson 3 hours agorootparentprevI mean, there certainly is a genre of \"YouTuber\", but there's lots of quality content. I just enjoyed a little 20 minute history of the Panasonic 3DO console that I managed to never hear about before. reply xyzzy4747 3 hours agoparentprevThere's not much you're missing. His videos try to appeal to the lowest common denominator and are relatively vapid. Sort of like the junk food of YouTube. reply drawkward 3 hours agorootparentIn analogy with the article: what is the junk food experience, but the craving for more junk food? It is literally engineered to make us want more. reply ajkjk 2 hours agoparentprev [–] By never seeing one you are sure to insulate yourself from... something? guilt by association? Makes no sense. See one or don't, it has no moral meaning. reply GuidelinesFAQListsAPISecurityLegalApply to YCContact Search:", + "originSummary": [], + "commentSummary": [ + "The essay examines how YouTube's algorithm influences content creation, using MrBeast as a case study, highlighting a shift towards engagement-driven rather than meaningful content. - It discusses the broader implications for media literacy and the cultural impact of platforms like YouTube and TikTok, suggesting a trend towards superficial and reactionary content. - Various perspectives are considered on the role of algorithms in shaping content and the influence of popular creators on cultural norms." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "GitHub Git Operations Are Down", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "Help Community Status GitHub.com Incident with Git Operations Incident Report for GitHub Resolved On January 13, 2025, between 23:35 UTC and 00:24 UTC all Git operations were unavailable due to a configuration change causing our internal load balancer to drop requests between services that Git relies upon. We mitigated the incident by rolling back the configuration change. We are improving our monitoring and deployment practices to reduce our time to detection and automated mitigation for issues like this in the future. Posted 19 hours ago. Jan 14, 2025 - 00:28 UTC Update We've identified a cause of degraded git operations, which may affect other GitHub services that rely upon git. We're working to remediate. Posted 19 hours ago. Jan 14, 2025 - 00:15 UTC Update Actions is experiencing degraded performance. We are continuing to investigate. Posted 19 hours ago. Jan 13, 2025 - 23:57 UTC Update Pages is experiencing degraded performance. We are continuing to investigate. Posted 19 hours ago. Jan 13, 2025 - 23:46 UTC Investigating We are investigating reports of degraded availability for Git Operations Posted 19 hours ago. Jan 13, 2025 - 23:44 UTC This incident affected: Git Operations, Actions, and Pages. ← Current Status Powered by Atlassian Statuspage Subscribe to our developer newsletter Get tips, technical guides, and best practices. Twice a month. Right in your inbox. Subscribe Product Features Enterprise Copilot Security Pricing Team Resources Roadmap Compare GitHub Platform Developer API Partners Education GitHub CLI GitHub Desktop GitHub Mobile Support Docs Community Forum Professional Services Skills Contact GitHub Company About Customer stories Blog The ReadME Project Careers Newsroom Inclusion Social Impact Shop © 2025 GitHub, Inc. Terms Privacy (Updated 08/2022)", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "GitHub Git Operations Are Down (githubstatus.com)324 points by hunkins 19 hours agohidepastfavorite250 comments jcims 18 hours agoTangential at best but I work in a regulated industry and we're starting to get some heavy scrutiny from external auditors and regulators on the way we plan to address extended outages and forced exits from third party vendors. This goes beyond basic DR/BCP and plans are reviewed with at least a high level scenario exercise. https://www.federalregister.gov/documents/2023/06/09/2023-12... On the surface a product like managed git repos would seem to be relatively straightforward to deal with, but these same regulated firms are also under tremendous scrutiny for access management, change management, SDLC, etc etc. They also have a huge software footprint which just increases the impact. Self-hosting is obviously the traditional answer, but that's not exactly a simple one either. Just an interesting problem. reply thayne 15 hours agoparentLet's say you self-host Github. Now you are responsible for maintaining uptime, and you have less expertise with the service and less resources to dedicate to keeping it up, so it's going to be hard to match, much less exceed the uptime of Github cloud. And it doesn't protect you from a \"forced exit\" either. Github could terminate your contract, and change the terms of the license in a way that you found unacceptable, or even go out of business, and being self hosted would leave you in no better position than if you had used cloud with external backups. You can somewhat mitigate this risk by self hosting an open source solution, so that in the worst case scenario, you can fork the project and maintain it yourself, but there is still risk that the project could be abandoned, or possibly have the license changed in future versions. To be clear, I'm not saying that you shouldn't self host and SaaS is always better. But it isn't a magic bullet that solves these problems. reply bgrainger 14 hours agorootparentWe self-host GitHub using GitHub Enterprise Server. It is a mature product that requires next-to-no maintenance and is remarkably stable. (We did have a period of downtime caused by running it on an underprovisioned VM for our needs, but since resolving that it hasn't had problems.) Of course we have a small and mostly unchanging number of users, don't have to deal with DDoS attacks, and can schedule the fairly-infrequent updates during maintenance windows that are convenient for us (since we don't need 100% availability outside of US working hours). I don't have the metrics in front of me, but I would say we've easily exceeded github.com's uptime in the last 12 months. reply anbotero 4 hours agorootparentI was the administrator of a GitHub Enterprise Server instance back in 2015-2016 (I think 2014 too). Rock-solid stability, for a company with 300+ microservices, 10+ big environments, 50+ microenvironments, who knows how many Jenkins pipelines (more than 900, I’ll tell you that). We deployed several times a day, each service on average had 3 weekly deployments. As a company, I think GitHub (public) should do better, much better, given this is happening more frequently as of late, but if big companies (even medium ones) don’t have their own package caches, they are all in for a ride. At a previous Startup we had GitHub + GitHub Actions, and we were on AWS. We setup some OCI images cache. Sure, if GitHub went down we could not deploy new stuff, but at least it wouldn’t take us down. If we really needed the pipelines, I suppose we could have setup some backup CLI or AWS CodePipeline (eww) workflows. reply jcims 14 hours agorootparentprevThings start to go sideways when you have tens of thousands of users. reply randmeerkat 14 hours agorootparent> Things start to go sideways when you have tens of thousands of users. If that’s really the case, run another GitHub instance then. Not all tens of thousands of users need access to the same codebases. In the kind of environment described someone would want identity boundaries established around each project anyway… reply lukevp 12 hours agorootparentIt’s fairly stable, but with a large codebase I’ve seen it take a day + to rebuild the search index, not to mention GHES relies on GitHub.com for the allowed actions list functionality which is a huge PITA. It should not rely on the cloud hosted version for any functionality. That having been said, I don’t think there’s much of an alternative and I quite like it. reply naikrovek 5 hours agorootparentyou don't have to manage access to Actions that way. on GHES you can use https://github.com/actions/actions-sync/ to pull the actions you want down to your local GHES instance, turn off the ability to automatically use actions from github.com via GitHub Connect, and use the list of actions you sync locally as your whitelist. My employer did this for years. It worked very well. Once a day, pull each action that we had whitelisted into GHES and the runners would use those instead of the actions on github.com. reply bigiain 12 hours agorootparentprevI would have thought if you had tens of thousands of developers all needing access to the same git repos, then you'd probably have a follow-the-sun team of maybe 50 or 100 engineers working on your git infra. reply paulddraper 11 hours agorootparentprevMost self hosted instances would not have tens of thousands of users. reply jcims 6 hours agorootparentAgreed, that’s why products of that nature start to break when you do. reply naikrovek 5 hours agorootparentprev> Things start to go sideways when you have tens of thousands of users. Hm not really. I manage the GHES instance at my employer and we have 15k active users. We haven't needed to scale horizontally, yet. GHES is amazingly reliable. Every outage we have ever had has been self-inflicted; either we were too cheap to give it the resources it needed to handle the amount of users who were using it, or we tried to outsmart the recommended and supported procedures by doing things in a non-supported way. Along the way we have learned to never deviate from the supported ways to do things, and to keep user API quota as small as possible (the team which managed this service prior to my team would increase quota per user anytime anyone asked, which was a capital-M Mistake.) reply shortrounddev2 13 hours agorootparentprevCould have a self hosted git or ci/cd pipeline for deployments and code access during outages. They don't need to be up constantly, just need to be able to keep a backup of the code somewhere and have some way to run critical deployment scripts if github actions are unavailable reply chrisandchris 13 hours agorootparentSounds like a backup one never tested, nobody verified and absolutely will not work if needed. Either you go full in, or you'll better don't do it. reply shortrounddev2 12 hours agorootparentWell these things should be tested and verified periodically, just like ANY backup. You shouldn't just tick the \"enable backups\" box in AWS and then never actually test them reply paulddraper 11 hours agorootparentprevWhat self hosted CI do you recommend? reply homebrewer 10 hours agorootparentWe've been using gitea since 2019 with no problems. Drone for CI, although these days you can just stick with the built-in \"actions\". It's always funny reading the news about yet another GitHub outage, when our gitea instance hasn't had a minute of unplanned downtime in 6 years. (And very little of planned downtime, always in non-working hours.) reply rurban 11 hours agorootparentprevWhatever the current gitea is named this year. See codeberg.org. I think currently it is called Forgejo https://forgejo.org/compare-to-gitea/ reply shortrounddev2 10 hours agorootparentprevWe use gitlab at my company. the k8s yaml files are a bit complicated but the simpler shell based ones (publishing npm packages, etc.) are pretty straight forward reply macintux 17 hours agoparentprevThe nice thing about git, from my perspective, is that if your entire hosted service vanishes, you can still reconstruct what you need from your users’ working directories. All of the important branches should be there. Somewhere. And any important integration branches that aren’t cached can be reconstructed. Of all the many dependencies on cloud services, git is by far the last I’d worry overly much about. reply deathanatos 16 hours agorootparentThe source code, perhaps, but a good many of the orgs I've worked at also use Github for PRs, Actions (CI), and for triggering deployments. Those things take time to setup, and across a whole org, I wouldn't want to have to have an unplanned change to another vendor. In particular, I've moved a CI for a large repository between different CI systems. It was anything but trivial: you want to believe \"it's just a YAML that runs commands, right? Translate the format, right?\" but it's really not; differences between how CI systems map commands to machines, external integrations (e.g., in this case, into Action's artifacts system, or output system) etc. all make it more complicated. reply notpushkin 14 hours agorootparentTotally agree (and also that’s the reason I think all CI ecosystems are a nightmare nowadays). But GitHub Actions are somewhat portable: there’s the standalone act [0] runner, and the Forgejo/Gitea Actions (e.g. on Codeberg [1]) that use act under the hood and are pretty much drop-in replacement – they even use GitHub-hosted actions transparently. It might not be a 100% compatible standard, but it’s pretty nice. It would be nice for others to follow lead! [0]: https://nektosact.com/ [1]: https://docs.codeberg.org/ci/actions/ reply physicsguy 12 hours agorootparentprevThis is a good reason for keeping your build steps in scripts or a Makefile rather than jumping head first into the ecosystem. I think unless you’ve been burned by having to move CI provider before it’s easy to lean in. I had to change from Travis many years ago because of pricing changes. reply jamesfinlayson 12 hours agorootparentprevUgh, agreed - I remember doing a GitHub+TeamCity to GitLab migration and I had specifically designed all of my jobs to just directly call out to a bash script. Artifacts and GitLab's infinite hooks made that much harder than it seemed like it would be. reply jcims 17 hours agorootparentprevI think my point is we are losing the option to worry about it or not. There needs to be an answer with a runbook to restore services within a given window of time should we lose that vendor. reply dangoldin 17 hours agorootparentprevProblem is that often you also end up relying on GitHub for CI/CD so not as easy of a change. Imagine GH being down and you need to deploy a hotfix. How do you handle that? Especially, if you followed best practices and set up a system where all PRs need to go through code review. reply hamandcheese 16 hours agorootparentSystems like these should have an escape hatch of some sort. The key part is that it needs to be auditable. Anything you do in CI should be possible outside of CI, at least by some subset of users. reply citizenpaul 16 hours agorootparentI've seen numerous \"escape hatches\" over the years that actually just turned out to be painted on the wall. If you actually tried to use them. No one ever does though. I don't think its malice. I just think its pretty uncommon for anyone to intentionally back out of a structural tech decision so it gets forgotten about and remains un-battle tested.. That or the timeline is longer than SaaS has been around. reply dangoldin 16 hours agorootparentprevYea - definitely. Just not ideal and something that needs to be built out, tested, etc. reply hamandcheese 15 hours agorootparentYes, it is easier said than done. At my company we use buildkite and many people wrote scripts that simply fail outside of buildkite. GitHub actions is even worse, it seems like it was designed from the ground up to create lock in. Nix helps a bit on the bootstrapping and dependency management problem, but won't save you from writing a script that is too tightly coupled to its runtime environment. reply supriyo-biswas 12 hours agorootparentprevThis is why I personally like to use none of the CI features, and mostly use it like a shell script executor. Images? Stick to OS images only so that you can easily spin them up with `docker run` locally. Artifacts? Read and write them into S3 buckets and avoid the native artifact features. This is obviously more difficult in the Github actions ecosystem, but I have mostly used Gitlab CI so far. My CI pipelines mostly look like this: image: ubuntu:24.04 before_script: - apt-get install ... script: - ./ci/build-project.sh after_script: - ./ci/upload-build-artifacts.sh reply nosefurhairdo 16 hours agorootparentprevI've run into a scenario where one of our rarely used environments needed a hotfix and the GitHub action we used to deploy there was broken. Was easy enough to translate GitHub action steps to shell scripting for a quick, manual deployment. reply theteapot 16 hours agorootparentprevGit is only a small part of Github these days. reply Over2Chars 17 hours agoparentprevI don't see how self-hosting solves the problem of 3rd party vendors unless you're standing up a self-hosting solution as a hot/cold backup to your 3rd party vendor \"in the event of an extended outage\". Kinda eliminates all those pennies saved (in theory) for outsourcing to \"the cloud\" if you have to duplicate your infra. Hybrid has always seemed the most optimal approach, but there's always someone in charge who thinks spending money on safety nets is just wasted money. reply hamandcheese 16 hours agorootparentSince git is distributed, I wonder if it's enough to demonstrate the capability to spin up an alternative, but not necessary keep it up as a live backup 24/7. reply Over2Chars 16 hours agorootparentIf all you care about is insurance, I think you can sometimes merely attest \"yeah, it will work\" and check a box. No demo necessary (sadly). If you actually care about uptime, then a real demo with usage is likely the better approach: switch over to your \"backup\" on a regular basis and make sure it works 100% as expected. reply hamandcheese 15 hours agorootparentMy hypothetical universe is \"I believe GitHub is too big to fail and want to spend as little resources to please the auditor as is reasonably possible without resorting to fraud\". So really what I'm asking is \"how strict are these audits really?\" reply Over2Chars 15 hours agorootparentGithub is owned by Microsoft so I'm assuming, maybe incorrectly, that they're well funded. Internal audits are always subject to gaps, but if the stated issue is correct \"a load balancer config change gone pear shaped\" an audit wouldn't have caught that necessarily. Unless the audit wants to test their change control, deployment methods, and redundancy. Are they changing all of their load balancers all at once? Seems non optimal. Maybe change only one at a time, or a small batch. Are they propagating load balancer changes from a canary to production without vetting it's good? Or did they vet it and they were wrong - some difference in their canary or analysis had a short coming? And even if all of that was A-OK why did a mistake (and we all make mistakes) not get reverted quickly? Were there insufficient internal controls to revert small mistakes and keep them from becoming site wide outages? And so on. I suspect these kinds of discussions are happening. Or, maybe not. Who knows? It's a 3rd party, and even if your whole organization's life depends on it you only know what they tell you. Welcome to \"the cloud\". reply theteapot 16 hours agorootparentprevDoesn't it exactly solve \"extended outages and forced exits from third party vendors.\"? reply Over2Chars 16 hours agorootparentSelf hosting as an alternative (excluding the 3rd party) or self-hosting as a method of redundancy (in addition to the third party)? If you self host as an ALTERNATIVE to the 3rd party you have all of the same problems - more because you know about them, and the 3rd party can make all these claims you can't verify until they fall over with a \"load balancer misconfig\" story you also can't verify. If you self-host redundantly to a 3rd party you have no special benefit (it does the same thing) AND the additional cost of a redundant infrastructure. Why not just have redundant 3rd parties (so-called \"multi-cloud\") if you can't or won't trust your 3rd party. reply theteapot 16 hours agorootparentI believe the point was protecting against risk of 3rd party falling over. If you self host that reduces the risk. At least you have visibility into the falling over process. reply Over2Chars 15 hours agorootparentIt reduces the risk only if your self-hosted solution also doesn't fall over. It's like saying \"I can reduce the risk of my rental car failure by owning my own car\", assuming your own car you keep undriven in your garage, doesn't have a dead battery, no gas, flat tires, and proves to be unusable for hauling. The \"cloud\" was touted as the fix for all that nuisance in self-hosting. Magically Jeff's bit barn would work to five 9s of uptime, and you could sit back and write your code, unshackled to infra. Until Jeff's bit barn went tits up. I say the \"cloud\" is just another guys data center behind an API. You wanna cloud experience? Put an API in front of your own servers and burn a $100 bill. reply parpfish 17 hours agoparentprevbut if you self host, how do you anticipate power outages and natural disasters? you shift it from a problem of software reliability to a problem of physical infrastructure. at some point in the chain somebody has to do that, but i'd prefer the person doing that was somebody with DEEP experience in it that could give you some nice confident assurances. reply jcims 17 hours agorootparentMost of the companies exposed to this are already going to be running a number of geographically diverse datacenters and have been exposed to regulations around basic DR/BCP for decades. >at some point in the chain somebody has to do that, but i'd prefer the person doing that was somebody with DEEP experience in it that could give you some nice confident assurances. Yes. This is part of the reason why services like git are being moved outside the datacenter. Most of the product offerings on the market don't scale well, have terrible reliability and are still very expensive to run. reply 0xbadcafebee 17 hours agorootparentprevBasically you rent space and machines in datacenters that are geographically distributed and designed to resist natural disasters reply Gigachad 15 hours agorootparentThat's exactly what Github does already. I wouldn't bet on my own org being better at hosting github than github. reply 0xbadcafebee 4 hours agorootparentAgreed. I have worked for several companies who tried to self-host their VCS etc, and their uptime was way worse, the overall cost was higher, and there were less features. Having a backup is always a good idea though, and an emergency plan for how to onboard to a competitor. reply mrweasel 10 hours agorootparentprevPerhaps not better at hosting Github, but some sort of code repository. We've been running on-prem Bitbucket for years and our uptime is easily better than Githubs. The feature set is small, and the CI/CD pipelines are a separate issue, but I still think we come out on top. Depending on your size your requirements may be much lower and easier to manage. Github has to be all things to all people and that comes with complexity and that can make things more fragile. reply Over2Chars 16 hours agorootparentprevYou're just using your own data center instead of Jeff's bit barn. I mean seriously people, a \"cloud\" is just someone elses' data center. Am I missing something? reply parpfish 16 hours agorootparentYes, but if it’s somebody else’s data center it’s on them to figure out how to earthquake proof or whatever. The cloud isnt just renting a computer, it’s renting a computer with a guarantee of uptime that somebody else can be financially liable for reply Over2Chars 16 hours agorootparentIf Jeff is using DataCenter XYZ, and then letting me use his API to manage my VMs on his \"cloud\", and I decide to rent a cage at the exact same DataCenter XYZ on my own servers, I'm now \"self-hosting\". Same Datacenter. Same reliability infrastructure wise - power, earthquakes, tsunami, typhoons, black plague, monkey pox, etc. reply ikiris 14 hours agorootparentYou seem to equate the some straw man version of the cloud to simple rack hosting in a single location. They are nothing alike. A cloud service is almost always geographically diverse and highly available in a way that is beyond most people to build out. reply Over2Chars 13 hours agorootparentAm I? Cloud providers usually quote price estimates for their least redundant single region services to give the impression of cost competitiveness. But their virtual offerings are much less reliable than a standalone system by a lot (they guarantee to refund you the 25cents for your instance if it goes down, not the value of the service interruption or its cost. lol! Read that TOS) What's the solution to their inherent unreliability? Redundancy at more cost. Well, hey, you can rent two colocation facilities if you really need redundancy across geographic regions. And maybe you can just use your colo as a source for a CDN that is geographically diverse (for latency, not hurricanes). Geographic diversity and HA is beyond most people? If you're the kind of business that needs that, you can hire the exact same people that Amazon Pip'd and fired because they didn't hit some arbitrary ticket metrics, to scale your business. e.g. https://www.forbes.com/sites/lucianapaulise/2022/10/27/amazo... reply globnomulous 15 hours agoparentprevI work on one part of a huge suite of interconneted services that have extremely strict SLAs for up-time. It really is an interesting problem, and the quantity of engineering resources devoted to ensuring availability and avoiding downtime -- basically fighting to make inherently unstable, complex systems stable and reliable -- is dumbfounding. When I'm trying to explain to people what it's like to work on this kind of software, I like to use an analogy: it's as though I have my own personal brick, or group of bricks, in the great pyramids of Egypt, just a a tiny piece of a stupefyingly, inconceivably larger whole -- and when I twist my chisel and strike my block just so, at exactly the right (or rather the wrong) angle, I can shake the very foundations of Egypt. reply dangero 17 hours agoparentprevThat's a lot of overhead. Do you know how they are calculating the possible risk of these events? It feels like there are a million rabbit holes like this you could go down when modern infrastructure is so cloud connected. Is the risk of your git repos higher than a chip shortage causing you to lose access to the infrastructure you need? So many factors to consider. A chip shortage doesn't seem that unlikely with geopolitics. The list of scenarios you mitigate for seem like they could very easily be an arbitrary list of the of scenarios a single person came up with. reply jcims 17 hours agorootparentIt's an astonishing amount of overhead that slows everything to a veritable crawl. It also creates downstream issues because you need to build in contingencies for your service consumers until you are able to fully abstract the dependency to a point where rehoming doesn't impact them. The risk calculations are very primitive at the moment, I'm guessing they will be refined over time as industry feedback starts to resonate. reply 0xbadcafebee 17 hours agoparentprevFirst pay a consultancy a fortune to tell you which SaaS you are able to use based on compliance requirements. Then run your own IdP, use service providers that have a data takeout mechanism, take regular backups, and use standards-based technology. Line up a self-hosted fallback for each non-self-hosted option for if you're forced to exit them. Basically you line up the exit strategy for the auditors but hope you never have to use it. reply outworlder 15 hours agoparentprevMy company is replacing the entire system we built with Github actions. Our previous DR plan involved running our automation scripts to reprovision the infrastructure that manages the rest of the infrastructure (runs jenkins jobs, etc). They are replacing everything with Github actions. I wonder what they are going to do when Github is down. reply st3fan 17 hours agoparentprevGitHub not being available for 45 minutes is not an \"extended outage\". reply jcims 16 hours agorootparentAgreed, that's why i said 'tangential at best'. reply cheeze 17 hours agoparentprevAnd the ultimate problem that you don't need a solution for, until you _need_ it. Which often leads to \"yeah we have backups\" but without regular testing, can you trust them? reply crest 19 hours agoprevIt's almost as if only Git is distributed, but people sold out to Github for convenience. Too bad Git lacks a distributed bug tracker and wiki system like Fossil. Guess Github has to fail a lot more for things to change. reply sixo 18 hours agoparentpeople could not be more clear that their preference is for reliable and easy-to-use centralized services maintained by professionals, and not decentralized systems that require a great deal of user expertise reply eru 18 hours agorootparentI actually don't care whether it's centralised or decentralised, or who's managing it. But you are right that I want reliable and easy-to-use services. And centralisation is often one way to go there. As an interesting counterpoint: Git itself is decentralised and replaced centralised services like Subversion. And that made git easier to use, especially easier to get started with: no need for a server, no need to be online, just do `git init` in any old directory. A GitHub-clone could be more decentralised, but they'd need to use that decentralisation to drive those other features that people actually care about day to day. reply rad_gruchalski 17 hours agorootparent> no need for a server, no need to be online, just do `git init` in any old directory svn doesn’t require a server and there is no need to be online. It works perfectly fine over the file:// protocol. reply eru 15 hours agorootparentInteresting. Was that always the case? I remember it being quite a hassle to set up (following tutorials online), but that was about 15 to 20 years ago or so. reply ascar 17 hours agorootparentprevAnd a `git remote add name url` and you are setup to use another remote server. reply umvi 16 hours agorootparentOnly if your repo doesn't have any other critical integrations like CI/CD, jira, etc reply eru 15 hours agorootparentWhy? We use github and its CI/CD system, but locally I still only need to add the git remote to work with it. reply ajb 17 hours agorootparentprevThere is not actually a need to choose between a single centralised monopoly and going full-on techno-prepper and running all your own services in your garage as an individual . We could have intermediate points, such as having services run by professionals but based on portable open standards. reply alkonaut 11 hours agorootparentgit is a great portable standard. But if I were GitHub, I'd make damn sure I didn't have issues, actions, and the rest of it be based on something users could just yank out in a portable format and take elsewhere though. Portable VCS is simple. Portable anything with the integration everyone expects (issues connects to source which connects to builds which connects to releases) is hard. Git being so open and portable means it isn't a moat. reply __MatrixMan__ 17 hours agorootparentprevAnd I'm sure they'll continue to feel that way right up until the first time they experience \"the\" internet from a minority partition for more than a few days. I just hope that the distributed stuff is easy enough to limp along with if/when that happens. reply umanwizard 17 hours agorootparentNo, they'll continue to feel like that even after that. GitHub being down once in a blue moon is more acceptable to the vast majority of users than having to cobble together your own nerdy distributed version of everything. reply __MatrixMan__ 17 hours agorootparentI was imagining something a bit more disastrous than that. A big enough solar flare could take parts of the planet offline for months. Years if they can't source enough replacement transformers. There are also political reasons that countries go offline. Then it'll be up to the nerds who manage to cobble together their own distributed version of everything--even if it's a significantly reduced definition of everything. reply arrowsmith 17 hours agorootparentIf large parts of the planet lose their digital infrastructure for months, I really don’t think that “finding a good platform to host my code” is going to be one of my biggest problems. reply __MatrixMan__ 12 hours agorootparentI think that how big those problems get is going to depend on how much critical infrastructure we can hack back into a working state despite the fact that it can't phone home, which is going to be a problem if nobody knows how to work offline anymore. Or, if it's a political scenario, it may depend on how well we can coordinate en masse without the cut connection. If we can exceed a certain threshold then we'll have removed the incentive to cut it in the first place. reply thfuran 16 hours agorootparentprevEspecially if the problem was due to a lack of electric grid as they're suggesting. reply ascar 17 hours agorootparentprevEven if that's a concern in a doomsday scenario, self-hosting gitlab is super easy and a good (some would argue better) alternative. reply homebrewer 10 hours agorootparentSelf-hosting gitlab is not and has never been easy if you do it right, it's very heavy on resources and take lots of time and effort to upgrade. It's also extremely complex and has many moving parts. Stick to gitea or forgejo, they upgrade just by restarting the daemon. MySQL for the database if you want comparable ease of maintenance (same thing: upgrading between major versions requires replacing the binaries and restarting the daemon). reply vikramkr 16 hours agorootparentprevAt that point the enormously powerful central players like big tech and militaries and tax collectors will be more than incentivezed to use every remaining resource they have to bring everything back online and re-centralize power. And if they can't - society and power wasn't exactly more distributed in the distant past lol. Your local warlord/military dictator/whatever will probably not be supportive of nerds acting independently. reply Idneedagun 17 hours agorootparentprevYou've described a scenario disastrous enough that my primary concern would be drinkable water. reply lol_me 17 hours agorootparentprevok fine, ill thank the nerds in that case. reply __MatrixMan__ 6 hours agorootparentI doubt it, I don't think the distributed stuff is anywhere near ready. Instead it'll be time to kiss the ring of whoever manages to grab control during the gap. reply ajross 18 hours agorootparentprevIronically github is sort of the exception that proves the rule: decentralized in the one way that really matters (decoupled development on individual systems), but centralized for easy interaction in the way the market demands. reply nine_k 17 hours agorootparentBut it demands both. The ability to develop in a parallel, decentralized way, and the ability to integrate things at a central point, an authoritative source and a blessed official destination. It's similar to how databases allow to begin parallel, concurrent, even contradictory transactions, and also guarantee serialized, consistent database state, and rejection of invalid updates, at commit time. Both aspects are utterly important. reply TZubiri 18 hours agorootparentprevSimilar thing that happens with crypto exchanges, also swift transfers and federal states for that matter. reply eru 18 hours agorootparentYes, subsidiarity is a great principle.. in-principle, but in practice it often gets the curb. See https://en.wikipedia.org/wiki/Subsidiarity So far, having individual small countries seems to keep the centralisation at bay for longer than just having states in a federation. (Look at Germany, Austria, Australia, the USA for examples of the latter. Interestingly, the UK is legally not made of federal states, but in practice they have granted more autonomy to eg Scotland over the years. And everyone knows that Scotland would secede and get away with it, if there was a power grab by London. In that sense, they are more federal than the US, where secession is very much verboten.) reply flats 15 hours agorootparentprevthis should be on a wall somewhere reply dangoodmanUT 18 hours agorootparentprevthis, especially if it's a business reply cyanydeez 18 hours agorootparentprevThats mostly because of herdmentality not because of a considered approach. Decentralization assumes the majority are anti social. reply theultdev 18 hours agorootparentHow so? Decentralization can be hidden from the user, it's an implementation detail. There's literally a popular decentralized social network. It's less about the tech, and more about the execution. Historically we can look at LimeWire or PopcornTime as an example. Both decentralized, both popular due to the ease-of-use. reply p-e-w 14 hours agorootparent> There's literally a popular decentralized social network. No there isn't. Not a single one. There are a few federated social networks, which is a fancy way of saying that they are centralized networks that have (or can have, in principle) more than one \"center\". In practice, the overwhelming majority of users of such networks gravitate towards one or a handful of large providers. And many of those providers actually refuse to federate with other providers unless they follow an ever-growing list of politically-charged rules. This is just centralization with extra steps. reply theultdev 9 hours agorootparentbluesky has over 27 million users reply p-e-w 8 hours agorootparentBluesky is federated, not decentralized. reply sixo 15 hours agorootparentprevNo, it's because complexity comes with a cognitive cost, and delegating responsibility to other entities minimizes this If you don't account for the benefit, it looks irrational, but this is true of absolutely anything reply zuppy 18 hours agorootparentprevwhat a convoluted way to say you do not agree with this. when you are dealing with people of all skill levels, every step that you put on the development process costs real money. over that, not everything is and has to be open source. we all have source code that is proprietary and has a value for us as it is. making that decentralized and private is not something easy to achieve (and I don't really see a benefit). the problem from my point of view is that we have a single player (github) that managed to attract a huge percent of the market and the competition, while it exists, it's minor. reply cyanydeez 3 hours agorootparent...ironic reply nine_k 18 hours agoparentprevYes, conveniences like: - A canonical name and place on the web; - Access policy enforcement (who can commit and when); - The whole pull request thing, with tags, issues, review, discussion, etc linked to it; - Code review, linked to said policy enforcement; - Issue tracking, even as basic as what GitHub offers; - A trusted store for signing keys, so commits are verified; - CI/CD triggers and runners; - A page with releases, including binary releases, and a CDN allowing to use the download links without fear. This is way more than distrusted version tracking. Actually the above is not even married to Git; it could be as valuable with Mercurial, or even Perforce. This is a large product, actually a combination of many potentially self-contained products. It should not be compared to Git, but rather to Gitea or BitBucket. Not all of this can be reasonably decentralized, though quite a bit can. reply bluGill 18 hours agorootparentThe above is why my company left mercurial years ago for git. Mercurial of 10 years ago was better version control than git (git still can't track a branch and how it changes) - but the rest of github is much better. reply manwe150 17 hours agorootparentThe git reflog tracks branches and how they changed. Is that roughly what mercurial has? (It’s been more than a decade since I switched from hg to git as well, so my remaining memory is minimal). GitHub also has an API for querying historical branch info, which is more permanent than reflog, though quite annoying to parse for that info if I recall right. reply bluGill 17 hours agorootparentHg names the branches and keeps the name. The other day I was looking at a sequence of commits trying to figure out where they came from and knowing the branch would have helped. mg always kept history though. Git has always encougaged squashes and rebase to keep a linear history so that information was lost. reply smrq 16 hours agorootparentWe all want history information to be lost. (Unless you are running a version control system that timestamps every keystroke.) Reasonable people may disagree on what information should be kept. reply ncruces 8 hours agorootparentprev- CI/CD triggers and runners; I've used up 17h of CI time these two (slow) January weeks, for free, testing stuff across ~20 different OS/CPU combinations. That's on just one \"personal\" project; a bigger dependency of that, of which I'm a maintainer, spends an order of magnitude more. Can you (GP post, people complaining, not parent) blame us? Should we instead self host everything and beg for donations just to cover the costs? reply eru 18 hours agorootparentprev> - Access policy enforcement (who can commit and when); Interestingly, what GitHub mostly enforces is where your branches point to. Not who can make commits. That's mostly because of how git works, not because of any grand design on GitHub's part. reply nine_k 17 hours agorootparentIt controls who can push commits to the main branch hosted by GitHub (and other branches if you want to configure that). You can have OWNERS files to control who can push commits touching particular parts of the tree, or who must approve such a push / merge (see \"pull request\"). Out of the box, git does not offer that, and this does require a single point of enforcement. reply eru 15 hours agorootparentMy point is that in git branches are just mutable pointers to commits. Tags are internally nearly the same, but socially they are meant to be immutable. Anyone can make any commit they want in git. That includes merge commits, too. GitHub mostly lets anyone push any commits they feel like, too. (What restrictions are there on pushing commits is mostly to deal with denial of service and people being a nuisance.) Where the policing comes in is in giving rules for how these pointers (aka branches) can be mutated. OWNERS files, PR reviews, CI automation etc is all about controlling that mutation. See also the new-ish merge queues[0], which really bring out that difference: the merge queue machinery makes the merge commit of your approved PR branch with 'main', runs the CI against that, and iff that passes, moves the pointer that is 'main' to point to the newly created commit. It's exactly the same commit (with exactly the same hash), whether it passes the CI or not. The only difference is in whether it gets the official blessing of being pointed to by the official 'main'. It really speaks to the design of git, that conceptually the only thing they need to lock down is who can mutate this very small amount of data, these handfuls of pointers. Everything else is (conceptually) immutable, and thus you don't need to care about who can eg make commits. [0] Really a re-implementation of bors-ng. reply adamtaylor_13 18 hours agoparentprevI don’t know anyone beyond hobbyist hackers who want to set up and maintain this stuff for themselves. As a professional software developer, I want tools that just work that I can rely on. GitHub 99.99% uptime is something I can rely on. reply Over2Chars 16 hours agorootparentfour 9's uptime https://uptime.is/99.99 Daily: 8.6s Weekly: 1m 0.48s Monthly: 4m 21s Quarterly: 13m 2.4s Yearly: 52m 9.8s If you assume that \"uptime\" means all tools are available https://statusgator.com/services/github this appears to be 45 minutes in just one day Incident with Git Operations 30m Jan 14, 2025 9:01 AM Down Incident with Git Operations 10m Jan 14, 2025 8:51 AM Down Incident with Git Operations 5m Jan 14, 2025 8:46 AM Down Not much margin to hit four 9's left for the rest of the year. reply gerdesj 18 hours agorootparentprevA bloke called Linus Thorvalds created git for Linux development when the commercial service used for that ceased to be useful, for one non technical reason or another. github basically shoves a webby frontend and workflows on top of someone else's work. That's all fine and good but github is not git. As a professional IT consultant, I want tools, I use lots of other's and I also create my own and I also generally insist on hosting my own. I'm also a fair carpenter and several other trades. I have tools for all my trades and I look after all of them. That way I can guarantee quality - or at least reproducible and documented quality. I'm sure you are fine with abrogating responsibility for stuff that you are not able to deal with - that's all good: Your choice. EDIT: Sorry, forgot to say: \"Yay cloud\" reply jrockway 17 hours agorootparentLinux development is also centralized. Instead of Github they use an email list that has patches sent to it. If that goes down, your change isn't going into Linux today. reply confooseddd 16 hours agorootparentYou do know what's a mailing list right? You seem to be confusing it with GitHub. A mailing list can go down and nothing would happen. The main point is to post patches to the maintainer. The mailing list is for a public record of things. The only centralised thing is repo hosting on kernel.org. And that isn't the only official place, you can get the repo published on googlesource or GitHub, so it isn't exactly central enough. reply Tmpod 16 hours agorootparentprevI suppose that's true. In any case, though, getting a backup mailing list going is much much easier than something like GitHub, and you can always mail patches directly if maintainers allow it. reply LPisGood 17 hours agorootparentprevI contend that if you submit a patch under any circumstances your change isn’t going into linux today. reply Over2Chars 16 hours agorootparentprevI believe he found the open source tools being used (CVS?) weren't good enough, and he started using a commercial closed source tool called \"bitkeeper\", which rankled the ire of the FOSS community who wanted to eat their own dogfood. So Torvald's opted to \"clone\" the features of bitkeeper into an open source version he named 'git'. That's the story I heard, no idea if it's true. reply wongogue 13 hours agorootparentThey were using BitKeeper for years but git was created when BitKeeper pulled the rug licensing-wise. Source: A Git Story from https://blog.brachiosoft.com/en/posts/git/ reply IshKebab 11 hours agorootparentBitkeeper pulled the rug because they agreed not to reverse engineer it and then someone did. reply Dylan16807 14 hours agorootparentprev> GitHub 99.99% uptime is something I can rely on. Their enterprise level SLA is only 99.9% (measured quarterly) and the remedy is a 10% credit, increasing to a 25% credit if they drop below 99%. reply TZubiri 18 hours agorootparentprevAs a professional software developer, you rely on software written by those hobbyist hackers. Whenever you do a clone or an npm install or apt get or pip install, etc... You choose github because your dependencies chose git reply eru 18 hours agorootparentSure, but as you say those hobbyist developers aren't responsible for keeping a specific server up. They are 'just' writing some software. (And even among professionals, there's a big difference between Site Reliability Engineering and Software Engineering.) reply fragmede 18 hours agorootparentprevIt was down for ~45 mins according to the linked page page, which would put it at 99.897% uptime for the month, assuming no other downtime. reply eru 18 hours agorootparentThey had some more downtime a few days ago, too. And that's just the one I happened to notice. reply ikiris 14 hours agorootparentprevAnd if your central hub for your distributed vcs needs more than 2-3 9s of uptime for your service to be reliable, honestly you’ve done something really wrong in the design phase like using version control as a database. reply xelxebar 18 hours agoparentprev> Too bad Git lacks a distributed bug tracker Not your point, really, but fortunately, git is easily extensible. This in-repo issue tracker is surprisingly feature complete: https://github.com/git-bug/git-bug. Anyone else given it a whirl? reply never_inline 1 hour agoparentprevIf you have a local development setup, few hours of not being able to push should be a not problem most devs. Except if you have a release planned but most don't at that time, statistically. Problem is that people get comfortable with pushing to branch -> deploying in dev and testing from there. reply kspacewalk2 18 hours agoparentprevCounterpoint: it's a 45 minute outage once in a blue moon. Very small price to pay for the convenience of a centralized VCS with many features that aren't easy to reliably set up in standalone installations. reply vrosas 17 hours agorootparentOnce in a blue moon? It’s like, monthly at best. reply Idneedagun 16 hours agorootparentWell, despite our intents, we may have established the moon might be blue then. reply kspacewalk2 14 hours agorootparentprevWhen was the last time you noticed? Not saw a HN post, but it actually stopped you from pushing commits or commenting on an issue or whatever? reply saagarjha 12 hours agorootparentToday ;) reply doublepg23 13 hours agorootparentprevOnce a full moon maybe? There's one tonight. reply koito17 18 hours agoparentprevI've been keeping an eye on radicle[1] but the documentation for setting up a peer and web frontend is a bit complex. It seems to offer what you're describing: a \"decentralized\" Git frontend with issue tracking. Seems to be missing wiki functionality, however. [1] https://radicle.xyz/ reply tomnicholas1 18 hours agoparentprevIs there a world in which GitHub used an open protocol for the social network part of their product like BlueSky's AT protocol[0]? [0] https://docs.bsky.app/docs/advanced-guides/atproto reply theultdev 18 hours agorootparentnot p2p, but federated: https://forgefed.org (ActivityPub extension) I believe Gitea has support for it, not sure to what extent. reply bramhaag 18 hours agorootparentForgejo (Gitea fork) has been working for multiple years to add support for this. It will still take a lot of effort to finish, I doubt we will see anything usable this year. Originally the plan was to PR the federation support to Gitea as well. I'm not sure if this is still the case, considering the rising tensions between the two projects and the fact that Forgejo is now a hard fork. reply codetrotter 18 hours agorootparentprevForgejo, a Gitea fork that I use, has support for it according to the page you linked. But the FAQ for Forgejo mentions it's on the roadmap so not sure how complete ActivityPub support is in Forgejo either. https://forgejo.org/faq/#is-there-a-roadmap-for-forgejo I only use my Forgejo instance for myself currently so I haven't looked at the ActivityPub features of it before. reply NetOpWibby 18 hours agorootparentprev...this is an interesting thought exercise, thank you. reply freewizard 18 hours agoparentprevGit is distributed. Distributed system does not guarantee 100% uptime or real time consistency. You can take the whole history with you and push to a different remote. reply TZubiri 18 hours agoparentprevContrary to popular belief, sarcasm makes you harder to understand and is no longer cool reply tokioyoyo 18 hours agoparentprevPeople said that when GitHub got bought out, and only more people ended up moving there. It's really not fun to manage your own Git servers, and when things go down, they get fixed much slower than in-house hosted version of it. reply bastardoperator 18 hours agoparentprevIt's this type of negativity ruining the internet. Nothing thoughtful to say, nothing to add, and hoping for failure. I hope everything is okay over there... reply liontwist 17 hours agorootparentThey are advocating for decentralized tools. That’s actionable and hoping to prevent failure. reply vv_ 11 hours agorootparentThere is no reason to host 'decentralized' tools besides regulation. It's considerably cheaper to use GitHub (or other alternatives like GitLab) than hosting your own and hiring people to maintain and support the solution. Their issue tracking system is very convenient for small teams too. reply liontwist 2 hours agorootparent> It's considerably cheaper to us This is not true. The cheapest option is to not have services that require servers to maintain. Git continues to work if GitHub is down. So do shell scripts when CI is down. So why can’t we have an issue system where the underlying data is text files in a git branch? I understand at scale you can pay people to optimize a process for the larger team, but there is a ton of unnecessary fragility before getting to that scale. reply bastardoperator 2 hours agorootparentprevExactly, hire a team of 3 and pay 500K in compensation, or spend 100K on a system that works and you get a support person to call in the event of an issue. The math is so simple. reply liontwist 2 hours agorootparentExcept you’re not considering the cost of when you can’t deliver something on time for a customer because infrastructure you don’t control is down. You don’t outsource things that prevent you from doing your core competency. reply bastardoperator 1 hour agorootparentAnd for most companies, building and managing an SCM is absolutely not their core competency. Your point is valid, but not in the way you're trying to convey it. reply Dylan16807 14 hours agorootparentprevThey want people motivated to design systems that can handle github going down. That doesn't strike me as negativity, and especially not negativity ruining the internet. It's not the most thoughtful thing in the world but it's a reasonable opinion, and most comments are also not the most thoughtful things in the world. reply Over2Chars 16 hours agorootparentprevYou're quite a Mary Poppins for someone with the heavy handle of @bastardoperator. AFAICT the internet was built on negativity. Here's the 2nd post from a random USENET group I found: https://www.usenetarchives.com/view.php?id=comp&mid=PDQ5ajZp... reply nextaccountic 17 hours agoparentprev> Too bad Git lacks a distributed bug tracker Well there is https://github.com/git-bug/git-bug reply joecool1029 18 hours agoparentprev> Too bad Git lacks a distributed bug tracker Email and mailing lists? reply Groxx 18 hours agorootparentThat's the same as not having one. Otherwise you can claim Facebook is distributed because you can email people links to Facebook pages. reply lucasoshiro 18 hours agorootparent> That's the same as not having one. That's the way the Linux kernel (the first Git repository) and Git [2] itself manage their codes. There's even a git send-email command, that prepare the commits as patches and send them following the using the correct template. [1] Linux kernel, IIO subsystem: https://lore.kernel.org/linux-iio/ [2] Git mailing list: https://lore.kernel.org/git/ reply Groxx 16 hours agorootparentI agree that Git has more of a claim to this than Facebook, but that's kinda like saying a turtle is more of a car than a banana is a car. Like, yes, it's true. Unlike a banana, turtles have 4 movement-enabling things, they use them to move mostly forward and backwards and not sideways, and other things can ride on them. It's probably more of a car. But it's not a car. Git has no issue tracker. It's really not a controversial statement. The git community has common practices using something else to work around that, but if that's all you need to say \"therefore git has X\" then you can claim git has a CI framework because everyone and their dog uses GitHub. Which also has email integrations. reply confooseddd 16 hours agorootparentA CI infra just needs to communicate. It can communicate over email, like it does for the kernel. A bug tracker is just assorted communication. One can easily build it over email. You're just indulging in hyperbole for the sake of it. Nobody said git has an issue tracker in it. reply Dylan16807 14 hours agorootparent> You're just indulging in hyperbole for the sake of it. Nobody said git has an issue tracker in it. Yes they did. That's what this comment thread is about. https://news.ycombinator.com/item?id=42691624 (Unless you're splitting some really fine hairs about what \"in it\" means?) reply confooseddd 1 hour agorootparentThey just mentioned the most common communication tool used with Git? You're the one splitting hairs here. reply TZubiri 18 hours agorootparentprevBut git has built in email features And it was developed itself by email. reply whalesalad 18 hours agoparentprevThe GitHub wikis are actually git repos. reply remram 17 hours agorootparentI forgot about that, I wonder if they were broken too. reply tracerbulletx 17 hours agoparentprevI mean I could very easily still push to another remote until it comes back? I do not feel locked in at all. reply paulddraper 16 hours agoparentprevConvenience is nice. reply evbogue 17 hours agoparentprevMakes me wish for the good old days of git-ssb reply XorNot 10 hours agoparentprevgit was never really decentralized though. The whole system is aggressively a funnel towards central repositories, it's just that because it deals in whole repos, every git repo has the potential to be promoted to that role. Nothing is built into git to let it actually run decentralized: there's no server or protocol where someone can register say, an identifying public key and then just have a network of peers all communicate updates to each other. It's even pretty damn unsafe to just run a repo through basic file-sync (I do this for myself with syncthing with bare repos in a special folder, which seems to work fine but I'm hardly loading it up to chase down why it doesn't). reply freewizard 18 hours agoprevIt was down for ~2 hours. The status website claims \"degraded performance\", but in reality we get git@github.com: Permission denied (publickey). Either GitHub didn't know how to communicate, or they were not sure about the real impact. This is bad. reply manfre 17 hours agoparentStatus pages are rarely honest. The company will lie to salvage their SLA. \"Degraded performance\" or \"some customers are experiencing an elevated error rate\" should be interpreted as \"service unavailable / outage\" reply croemer 17 hours agorootparentSomeone else lamenting the delayed status page updates almost 2 years ago: https://news.ycombinator.com/item?id=35887213 reply croemer 17 hours agorootparentprevI'd be curious by how much they downplay downtime. Wouldn't be too hard to put together an honest status page that pulls & pushes something new to main every 5 minutes, creates an issue, comments on it etc. Very basic high level checks. reply vrosas 17 hours agorootparentPMs would never let an automated system make the company look bad, nor would they let engineers have time to build such a system. reply enasterosophes 16 hours agorootparentprevI'm not convinced it's deliberate dishonesty. Just a communication disconnect. Firstly, it can take time from the first yellow flags to the full realization that there really is an incident underway, secondly it needs someone to decide how to communicate that incident, and thirdly the engineers who are actually working on the incident need to be able to get on with it instead of being pestered for an update every 10 minutes. reply deathanatos 16 hours agorootparentprevThey used to be. Github's is a prime example of how \"useful info\" has turned into \"PR mouthpiece\" — it used to display graphs of a few choice Github system metrics, and those spiking could often usefully indicate \"yeah, they're having a problem\" well before a human could update the page. But yeah, also status pages seem to be under the domain of non-engineers who are too concerned with how things look, vs. conveying useful information in a timely manner, and ultimately, fail at both. reply spacedcowboy 16 hours agoparentprevYeah, I've been trying to check out the SDL3 suite for the last hour or so, and it's still failing on SDL_ttf... fatal: clone of 'https://github.com/libsdl-org/freetype.git' into submodule path '~/src/SDL/SDL_ttf/external/freetype' failed ... fetch-pack: unexpected disconnect while reading sideband packet fatal: early EOF fatal: fetch-pack: invalid index-pack output ... fatal: clone of 'https://github.com/libsdl-org/harfbuzz.git' into submodule path '~/src/SDL/SDL_ttf/external/harfbuzz' failed Failed to clone 'external/harfbuzz'. Retry scheduled ... Failed to clone 'external/freetype' a second time, aborting For a problem that's supposedly \"fixed\" that's a whole lot of errors... reply itsjustjordan 18 hours agoprevI was going insane doubting my SSH knowledge, stopped short of creating new keys thankfully! reply Layvier 18 hours agoparentwell on my side I'm the proud owner of a new ed25519 key.. The status page didn't update quick enough reply smus 16 hours agorootparentas am I! reply sashank_1509 13 hours agoparentprevI for a second thought was I getting fired reply shaftway 10 hours agorootparentAs someone who found out that way twice in the last two years, I also thought I had been let go. Anxiety is a hell of a drug. reply sashank_1509 2 hours agorootparentSorry for you, it should be illegal for companies to fire with no notice! reply atonse 18 hours agoparentprevI thought my account was hacked and ssh keys removed. Panicked a little bit and then double checked that my keys were still there. Then went to github status and calmed down. reply eru 18 hours agorootparentI briefly entertained the notion that I was fired and my ssh keys revoked. But I still had access to slack and email etc, so I banished that thought. reply NautilusWave 16 hours agoparentprevI had just upgraded to Windows 11 last week, and for some godforsaken reason earlier today, I could SSH via WSL but not from the host OS even though they were both using keys served from the Windows OpenSSH agent! I'm just going to blame this service outage and hope for the best tomorrow. reply G1N 17 hours agoparentprevWas trying to install homebrew on a device and kept wtfing because the clone step kept failing… thought I was crazy reply donohoe 18 hours agoparentprevSame - but created new keys :) ... which also didn't work, and then I went to check... oh well. reply vinayan3 19 hours agoprevExperiencing this as well. I was a bit concerned something was wrong with my key but alas it is not my key but an outage. Developer \"snow day\". reply TheRizzler 18 hours agoparentGIT is down today, Code rests in snowy silence, Developers play. reply itissid 18 hours agoparentprevSpent like 30 mins tryig to figure out why ssh auth was not working. Compared sha256 signatures, doubted my reading abilities and pulled my hair. reply jcgrillo 18 hours agorootparentthis coincided with an os upgrade for me.. made for a very confusing 15min until i checked gh status reply guluarte 18 hours agorootparentprevsame.. reply sc68cal 18 hours agoparentprevsame here I was scratching my head trying to figure out if something had corrupted my system or what reply parpfish 18 hours agoparentprevdamn, why couldnt it happen during east coast business hours? reply tom1337 18 hours agoprevNot sure if I am just noticing GitHub's issues more often as I am using their tools pretty much every day but their availability is kinda not great. Be it Actions failing or something \"not core business\" (read: git operations) but I can't remember a month in the past where I was not annoyed by any outage on GitHub reply croemer 18 hours agoparentAgreed, I wonder what their downtime percentage is. If guess it's down on the order of one hour per month, so 1/1000. Update: They promise >99.9% on a quarterly basis for enterprise customers - https://github.com/github/docs/blob/main/content%2Fsite-poli... reply mcdeltat 6 hours agorootparent99.9% uptime corresponds to about 2 hours downtime per quarter, if my maths is correct. If that is indeed the guarantee, based on the experience at my company, GitHub has failed its promise recently (or is getting damn close). I recall 2 decent outages in the past few weeks alone. It's making me begin to doubt if GitHub's reliability is appropriate for an enterprise service. reply FridgeSeal 17 hours agoparentprevThe whole product feels like it’s getting g progressively jankier. The front-end is glacial nowadays and frequently has issues actually loading the page, actions frequently has some kind of panic attack and breaks or just grinds along a glacial speeds. The UX has gotten worse (why no merge-queue button?). reply tom1337 10 hours agorootparentAgree with the second part. Github actually has merge queues, but only for the enterprise tier… reply IshKebab 10 hours agorootparentprevI wouldn't say glacial. If you want glacial try Jira. Mind-bogglingly slow. reply FridgeSeal 5 hours agorootparentOh I know, I have to use both at work. God forbid you mis-click in Jira. Navigating around takes so much time, it should probably have its own timesheet code. reply burgerrito 10 hours agoparentprevI'm not sure if it's just me but I swear GitHub UI is one of the slowest web app I've used. reply cdme 18 hours agoprevIt's just a hub at the moment. reply jxi 19 hours agoprevGitHub Actions are also failing with 500 (gateway timeout) errors when trying to fetch the repository. reply hunkins 18 hours agoprevUpdate: looks like the problem has been identified. \"We've identified a cause of degraded git operations, which may affect other GitHub services that rely upon git. We're working to remediate.\" reply clintonb 18 hours agoprevUnclear if related, but the Terraform Registry is also having issues serving data: https://status.hashicorp.com/incidents/jypswvyh0h3z. In a wonderful twist, we are relying on a couple modules served from GitHub! reply remram 19 hours agoprevI hope you didn't wait until now to push your day's work! reply l33t_d0nut 18 hours agoparentI did :( reply localghost3000 19 hours agoprevCan't pull anything from my repos which is not great. reply normie3000 16 hours agoparentIs it possible to download a zip of a repo through the GUI? reply hunkins 19 hours agoparentprevYeah, this is not good. I've experienced other outages on their other products (e.g. GitHub Actions), but not even being able to do a basic git pull is an entirely different level. reply localghost3000 19 hours agorootparentI'm effectively dead in the water here. I guess I'll go touch some grass. Thank you to the SRE's who are looking at this. reply tonetegeatinst 18 hours agorootparentLooking forward to a blogpost or writeup from github on this. reply james33 18 hours agoprevAll checkmarks just turned green and my push went through. Snow day over. reply arnath 18 hours agoprevIt's odd to me that there's nothing indicating an issue is ongoing on the github.com homepage reply eru 18 hours agoprevThey were also down a few days ago, but HN flagged my submission as a dupe. :) reply lukeh 19 hours agoprevYup, SSH rejecting my key, thought it was something at my end but no. Can't run any Yocto builds... I guess a good opportunity to take a walk or do some life admin. reply lukeh 18 hours agoparentBack up now for me. reply impure 18 hours agoprevI thought it was my internet. Oh well, time to finish that game of Civ 6. Edit: and it literally came back up the moment I posted this. reply JSTrading 18 hours agoprevPanic for a minute SSH rejected a key! reply burgerrito 18 hours agoprevThankfully I use Forgejo! No reason to stick with GitHub when Git itself is distributed by nature reply simondotau 18 hours agoparentTrue. Also there's no reason not to stick with GitHub when Git itself is distributed by nature. That's the beauty of distribution. reply the_svd_doctor 18 hours agoprevHa so that's why my git pull were so slow. I should have checked HN faster. reply parpfish 17 hours agoparentit'd be great if they set up their CLI tools such that if there's an error/timeout, they'll do a check of their status page so you don't get the standard 'error' but rather a 'dont worry, youre not doing anything wrong. its borked, our bad' message. reply Aperocky 17 hours agorootparentThat's just an indirect manual dependency on the human that gets to decide to update their status page. reply croemer 17 hours agorootparentprev*great not break :) Make an issue in gh CLI repo, I like the idea reply __turbobrew__ 19 hours agoprevYep, 100% of git operations are failing. CI/CD and dev operations are at a halt. reply 486sx33 18 hours agoprevDamn you azure! Or is Microsoft not even running their precious GitHub in azure reply bobnamob 10 hours agoparentWho said it was an infrastructure failure? There's innumerable causes of this kind of failure that aren't rooted cloud service provider shenanigans (Admittedly the duration of the outage does \"feel\" like an infra outage) reply hunkins 19 hours agoprevGitHub git operations are down. Any git operation returns a 500 error response. reply j45 18 hours agoprevI guess it's a good time as any to setup a backup or check out alternatives that could mirror or standalone. Gitlab, Gitea, any others worth checking out? reply homebrewer 9 hours agoparentJFYI, the next version of gitea (which should come out in April) will have full GitHub mirroring functionality (which will let you set up a mirror and have it pull code/issues/wiki/PRs/etc. every few minutes). The current version can either migrate the full repo once, or mirror the code and nothing else. reply kivikakk 18 hours agoparentprevConsider Forgejo: https://forgejo.org/. reply vv_ 10 hours agoparentprevWhat's the point of having a mirror? It'll only lead to conflicts that'll be difficult to resolve once the main service you use is back up again. For example, I doubt you would be able to easily merge any pull-requests or use the same CI/CD code for the same services without hacky solutions. reply dboreham 18 hours agoparentprevGitea works for us. reply codetrotter 18 hours agorootparentI use a fork of Gitea called Forgejo. It works nicely as well. https://forgejo.org/ reply acidburnNSA 17 hours agorootparentWhat drove you to the fork? reply codetrotter 5 hours agorootparentFirst I was using Gogs. Someone forked Gogs and made Gitea, because Gogs was under control of a single person and some other people found that frustrating. https://blog.gitea.com/welcome-to-gitea/ I was using Gitea for a long time, and then someone forked Gitea to create Forgejo. At this time, my installation of Gitea was already out of date a bit because I had previously been manually building and installing Gitea from source. Soon after Forgejo was created, it landed in FreeBSD ports and then it became available in the FreeBSD package manager. So at this point, and having read a bit about Forgejo and seeing that Forgejo was maintained by people with connection to Codeberg, I thought “hey I need to migrate my current Gitea setup anyway. Either to Gitea installed from FreeBSD packages, or to something else. I might as well try Forgejo.” And that’s how I ended up installing Forgejo and I’ve stuck with it since. reply acidburnNSA 5 hours agorootparentAha, makes sense. Thanks for explaining. I see that Forgejo was created at least partially due to concerns that Gitea was trending towards freemium as well. Good to know. reply ashishb 18 hours agoprevWhy does GitHub go down almost once a month? reply 1propionyl 13 hours agoparentAcquisition. ducks reply __d 19 hours agoprevSSH access appears to be rejecting my key too. reply noplacelikehome 18 hours agoprevI've just ended my Pro plan; enough is enough. I've been debating moving my repositories to a self-hosted forge for a while; it'll be an interesting opportunity to move more CI operations out of Actions and into Nix. reply qqqult 18 hours agoprevlol I changed my ssh key 2 times until I figured out pubkey permission denied was an issue on their side reply souenzzo 14 hours agoprevwindows window operations are down reply rasengan 18 hours agoprevJust the info I was expecting to see on HN. Unfortunately (or Fortunately?), a better source for these kinds of things than anywhere else. reply 0xbadcafebee 18 hours agoprev> all Git operations were unavailable due to a configuration change eats popcorn waiting for explanation of why they didn't catch it in non-prod reply pnw_throwaway 17 hours agoparentHave you never fixed a prod-specific bug before? They’re common enough, and it sounds like they patched this one within a reasonable amount of time. reply 0xbadcafebee 4 hours agorootparentI expect more from billion-dollar companies. If you have that much money, you can pay somebody to ensure the changes are properly tested. (I've worked in billion dollar companies, and usually they are too cheap to do this, despite their massive wealth. They just leave it up to ICs and hope they are testing right, rather than making sure) reply atulvi 18 hours agoprevI just reset my ssh key lol. reply JSTrading 18 hours agoparentThey are going to get DDoS's by people trying to do this haha. reply Rexogamer 18 hours agoprevthe incident has been marked as resolved; I am now able to push reply xyst 16 hours agoprevYet another reason to self host your VCS. Only thing hosted to “the cloud” these days are my backups - split between S3 and GCS. ~$25/mo reply orf 7 hours agoparentThat’s expensive, I get it for free with GitHub. And a loooot more functionality. reply unwoven 19 hours agoprev [–] lmao i deleted and readded a new key thinking my key was fucked reply GuidelinesFAQListsAPISecurityLegalApply to YCContact Search:", + "originSummary": [ + "GitHub faced a Git operations outage on January 13, 2025, due to a configuration change affecting the internal load balancer, lasting from 23:35 to 00:24 UTC. - The issue was resolved by reverting the configuration change, and GitHub is working on improving monitoring and deployment processes to prevent similar incidents. - The outage also affected GitHub's Actions and Pages services, highlighting the interconnected nature of their platform services." + ], + "commentSummary": [ + "GitHub faced a major outage impacting git operations, leading to confusion among developers who initially suspected issues with their SSH keys or local configurations. - The incident underscored the challenges of relying on centralized services, prompting discussions on the advantages of self-hosting and decentralized systems. - Although the issue was resolved, it highlighted concerns about GitHub's reliability and the risks of depending on third-party platforms for essential tasks." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 released with ZFS raidz expansion", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "openzfs / zfs Public Notifications Fork 1.8k Star 10.9k Code Issues 1.4k Pull requests 138 Discussions Actions Projects Wiki Security Insights Releases zfs-2.3.0 zfs-2.3.0 Latest Latest Compare behlendorf released this · 161 commits to master since this release zfs-2.3.0 bc06d81 We are excited to announce the release of OpenZFS 2.3.0. Key Features in OpenZFS 2.3.0: RAIDZ Expansion (#15022): Add new devices to an existing RAIDZ pool, increasing storage capacity without downtime. Fast Dedup (#15896): A major performance upgrade to the original OpenZFS deduplication functionality. Direct IO (#10018): Allows bypassing the ARC for reads/writes, improving performance in scenarios like NVMe devices where caching may hinder efficiency. JSON (#16217): Optional JSON output for the most used commands. Long names (#15921): Support for file and directory names up to 1023 characters. Bug Fixes: A series of critical bug fixes addressing issues reported in previous versions. Numerous performance improvements throughout the code base. Supported Platforms: Linux kernels 4.18 - 6.12, FreeBSD releases 13.3, 14.0 - 14.2. Additional Information: Documentation - OpenZFS documentation for Linux and FreeBSD. Change log - Complete v2.2.0 - v2.3.0 change log Thank you to all 134 contributors who participated in this release cycle Module option changes - See the module parameters documentation for the complete list of the options and what they control. New module options Removed module options Modified module options Assets 5 Loading 37 11 97 42 23 5 133 people reacted", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "ZFS 2.3 released with ZFS raidz expansion (github.com/openzfs)302 points by scrp 11 hours agohidepastfavorite215 comments scrp 11 hours agoAfter years in the making ZFS raidz expansaion is finally here. Major features added in release: - RAIDZ Expansion: Add new devices to an existing RAIDZ pool, increasing storage capacity without downtime. - Fast Dedup: A major performance upgrade to the original OpenZFS deduplication functionality. - Direct IO: Allows bypassing the ARC for reads/writes, improving performance in scenarios like NVMe devices where caching may hinder efficiency. - JSON: Optional JSON output for the most used commands. - Long names: Support for file and directory names up to 1023 characters. reply jdboyd 11 hours agoparentThe first 4 seem like really big deals. reply snvzz 10 hours agorootparentThe fifth is also, once you consider non-ascii names. reply cm2187 11 hours agoparentprevBut I presume it is still not possible to remove a vdev. reply ryao 10 hours agorootparentThat was added a while ago: https://openzfs.github.io/openzfs-docs/man/master/8/zpool-re... It works by making a readonly copy of the vdev being removed inside the remaining space. The existing vdev is then removed. Data can still be accessed from the copy, but new writes will go to an actual vdev while data no longer needed on the copy is gradually reclaimed as free space as the old data is no longer needed. reply lutorm 10 hours agorootparentAlthough \"Top-level vdevs can only be removed if the primary pool storage does not contain a top-level raidz vdev, all top-level vdevs have the same sector size, and the keys for all encrypted datasets are loaded.\" reply ryao 10 hours agorootparentI forgot we still did not have that last bit implemented. However, it is less important now that we have expansion. reply cm2187 7 hours agorootparentprevAnd in my case all the vdevs are raidz reply mustache_kimono 11 hours agorootparentprevIs this possible elsewhere (re: other filesystems)? reply cm2187 11 hours agorootparentIt is possible with windows storage space (remove drive from a pool) and mdadm/lvm (remove disk from a RAID array, remove volume from lvm), which to me are the two major alternatives. Don't know about unraid. reply lloeki 11 hours agorootparentIIUC the ask (I have a hard time wrapping my head around zfs vernacular), btrfs allows this at least in some cases. If you can convince btrfs balance to not use the dev to remove it will simply rebalance data to the other devs and then you can btrfs device remove. reply mustache_kimono 11 hours agorootparentprev> It is possible with windows storage space (remove drive from a pool) and mdadm/lvm (remove disk from a RAID array, remove volume from lvm), which to me are the two major alternatives. Don't know about unraid. Perhaps I am misunderstanding you, but you can offline and remove drives from a ZFS pool. Do you mean WSS and mdadm/lvm will allow an automatic live rebalance and then reconfigure the drive topology? reply cm2187 11 hours agorootparentSo for instance I have a ZFS pool with 3 HDD data vdevs, and 2 SSD special vdevs. I want to convert the two SSD vdevs into a single one (or possibly remove one of them). From what I read the only way to do that is to destroy the entire pool and recreate it (it's in a server in a datacentre, don't want to reupload that much data). In windows, you can set a disk for removal, and as long as the other disks have enough space and are compatible with the virtual disks (eg you need at least 5 disks if you have parity with number of columns=5), it will rebalance the blocks onto the other disks until you can safely remove the disk. If you use thin provisioning, you can also change your mind about the settings of a virtual disk, create a new one on the same pool, and move the data from one to the other. Mdadm/lvm will do the same albeit with more of a pain in the arse as RAID requires to resilver not just the occupied space but also the free space so takes a lot more time and IO than it should. It's one of my beef with ZFS, there are lots of no return decisions. That and I ran into some race conditions with loading a ZFS array on boot with nvme drives on ubuntu. They seem to not be ready, resulting in randomly degraded arrays. Fixed by loading the pool with a delay. reply ryao 8 hours agorootparentThe man page says that your example is doable with zpool remove: https://openzfs.github.io/openzfs-docs/man/master/8/zpool-re... reply formerly_proven 6 hours agorootparentprevMy understanding is that ZFS does virtualphysical translation in the vdev layer, i.e. all block references in ZFS contain a (vdev, vblock) tuple, and the vdev knows how to translate that virtual block offset into actual on-disk block offset(s). This kinda implies that you can't actually remove data vdevs, because in practice you can't rewrite all references. You also can't do offline deduplication without rewriting references (i.e. actually touching the files in the filesystem). And that's why ZFS can't deduplicate snapshots after the fact. On the other hand, reshaping a vdev is possible, because that \"just\" requires shuffling the vblock -> physical block associations inside the vdev. reply ryao 5 hours agorootparentThere is a clever trick that is used to make top level removal work. The code will make the vdev readonly. Then it will copy its contents into free space on other vdevs (essentially, the contents will be stored behind the scenes in a file). Finally, it will redirect reads on that vdev into the stored vdev. This indirection allows you to remove the vdev. It is not implemented for raid-z at present though. reply formerly_proven 4 hours agorootparentThough the vdev itself still exists after doing that? It just happens to be backed by, essentially, a \"file\" in the pool, instead of the original physical block devices, right? reply ryao 4 hours agorootparentYes. reply Sesse__ 10 hours agorootparentprev> Do you mean WSS and mdadm/lvm will allow an automatic live rebalance and then reconfigure of the drive topo? mdadm can convert RAID-5 to a larger or smaller RAID-5, RAID-6 to a larger or smaller RAID-6, RAID-5 to RAID-6 or the other way around, RAID-0 to a degraded RAID-5, and many other fairly reasonable operations, while the array is online, resistant to power loss and the likes. I wrote the first version of this md code in 2005 (against kernel 2.6.13), and Neil Brown rewrote and mainlined it at some point in 2006. ZFS is… a bit late to the party. reply ryao 10 hours agorootparentDoing this with the on disk data in a merkle tree is much harder than doing it on more conventional forms of storage. By the way, what does MD do when there is corrupt data on disk that makes it impossible to know what the correct reconstruction is during a reshape operation? ZFS will know what file was damaged and proceed with the undamaged parts. ZFS might even be able to repair the damaged data from ditto blocks. I don’t know what the MD behavior is, but its options for handling this are likely far more limited. reply Sesse__ 9 hours agorootparentWell, then they made a design choice in their RAID implementation that made fairly reasonable things hard. I don't know what md does if the parity doesn't match up, no. (I've never ever had that happen, in more than 25 years of pretty heavy md use on various disks.) reply ryao 9 hours agorootparentI am not sure if reshaping is a reasonable thing. It is not so reasonable in other fields. In architecture, if you build a bridge and then want more lanes, you usually build a new bridge, rather than reshape the bridge. The idea of reshaping a bridge while cars are using it would sound insane there, yet that is what people want from storage stacks. Reshaping traditional storage stacks does not consider all of the ways things can go wrong. Handling all of them well is hard, if not impossible to do in traditional RAID. There is a long history of hardware analogs to MD RAID killing parity arrays when they encounter silent corruption that makes it impossible to know what is supposed to be stored there. There is also the case where things are corrupted such that there is a valid reconstruction, but the reconstruction produces something wrong silently. Reshaping certainly is easier to do with MD RAID, but the feature has the trade off that edge cases are not handled well. For most people, I imagine that risk is fine until it bites them. Then it is not fine anymore. ZFS made an effort to handle all of the edge cases so that they do not bite people and doing that took time. reply Sesse__ 9 hours agorootparent> I am not sure if reshaping is a reasonable thing. Yet people are celebrating when ZFS adds it. Was it all for nothing? reply ryao 8 hours agorootparentPeople wanted it, but it was very hard to do safely. While ZFS now can do it safely, many other storage solutions cannot. Those corruption issues I mentioned, where the RAID controller has no idea what to do, affect far more than just reshaping. They affect traditional RAID arrays when disks die and when patrol scrubs are done. I have not tested MD RAID on edge cases lately, but the last time I did, I found MD RAID ignored corruption whenever possible. It would not detect corruption in normal operation because it assumed all data blocks are good unless SMART said otherwise. Thus, it would randomly serve bad data from corrupted mirror members and always serve bad data from RAID 5/6 members whenever the data blocks were corrupted. This was particularly tragic on RAID 6, where MD RAID is hypothetically able to detect and correct the corruption if it tried. Doing that would come with such a huge performance overhead that it is clear why it was not done. Getting back to reshaping, while I did not explicitly test it, I would expect that unless a disk is missing or disappears during a reshape, MD RAID would ignore any corruption that can be detected using parity and assume all data blocks are good just like it does in normal operation. It does not make sense for MD RAID to look for corruption during a reshape operation, since not only would it be slower, but even if it finds corruption, it has no clue how to correct the corruption unless RAID 6 is used, there are no missing/failed members and the affected stripe does not have any read errors from SMART detecting a bad sector that would effectively make it as if there was a missing disk. You could do your own tests. You should find that ZFS handles edge cases where the wrong thing is in a spot where something important should be gracefully while MD RAID does not. MD RAID is a reimplementation of a technology from the 1960s. If 1960s storage technology handled these edge cases well, Sun Microsystems would not have made ZFS to get away from older technologies. reply amluto 2 hours agorootparentprevI’ve experienced bit rot on md. It was not fun, and the tooling was of approximately no help recovering. reply TiredOfLife 10 hours agorootparentprevStorage Spaces doesn't dedicate drive to single purpose. It operates in chunks (256MB i think). So one drive can, at the same time, be part of a mirror and raid-5 and raid-0. This allows fully using drives with various sizes. And choosing to remove drive will cause it to redistribute the chunks to other available drives, without going offline. reply cm2187 4 hours agorootparentAnd as a user it seems to me to be the most elegant design. The quality of the implementation (parity write performance in particular) is another matter. reply c45y 11 hours agorootparentprevBcachefs allows it reply eptcyka 11 hours agorootparentCool, just have to wait before it is stable enough for daily use of mission critical data. I am personally optimistic about bcachefs, but incredibly pessimistic about changing filesystems. reply ryao 8 hours agorootparentIt seems easier to copy data to a new ZFS pool if you need to remove RAID-Z top level vdevs. Another possibility is to just wait for someone to implement it in ZFS. ZFS already has top level vdev removal for other types of vdevs. Support for top level raid-z vdev removal just needs to be implemented on top of that. reply unixhero 9 hours agorootparentprevBtrfs reply tw04 9 hours agorootparentExcept you shouldn’t use btrfs for any parity based raid if you value your data at all. In fact, I’m not aware if any vendor that has implemented btrfs with parity based raid, they all resort to btrfs on md. reply poisonborz 8 hours agoprevI just don't get it how the Windows world - by far the largest PC platform per userbase - still doesn't have any answer to ZFS. Microsoft had WinFS and then ReFS but it's on the backburner and while there is active development (Win11 ships some bits time to time) release is nowhere in sight. There are some lone warriors trying the giant task of creating a ZFS compatibility layer with some projects, but they are far from being mature/usable. How come that Windows still uses a 32 year old file system? reply bayindirh 6 hours agoparent> How come that Windows still uses a 32 year old file system? Simple. Because most of the burden is taken by the (enterprise) storage hardware hosting the FS. Snapshots, block level deduplication, object storage technologies, RAID/Resiliency, size changes, you name it. Modern storage appliances are black magic, and you don't need much more features from NTFS. You either transparently access via NAS/SAN or store your NTFS volumes on capable disk boxes. On the Linux world, at the higher end, there's Lustre and GPFS. ZFS is mostly for resilient, but not performance critical needs. reply poisonborz 4 hours agorootparentSo private consumers should just pay cloud subscription if they want safer/modern data storage for their PC? (without NAS) reply shrubble 4 hours agorootparentNo, private consumers have a choice, since Linux and FreeBSD runs well on their hardware. Microsoft is too busy shoveling their crappy AI and convincing OEMs to put a second Windows button (the CoPilot button) on their keyboards. reply bluGill 4 hours agorootparentprevProbably. There are levels of backups, and a cloud subscription SHOULD give you copies in geographical separate locations with someone to help you (who probably isn't into computers and doesn't want to learn the complex details) restore when (NOT IF!) needed. I have all my backups on a NAS in the next room. This covers the vast majority of use cases for backups, but if my house burns down everything is lost. I know I'm taking that risk, but really I should have better. Just paying someone to do it all in the cloud should be better for me as well and I keep thinking I should do this. Of course paying someone assumes they will do their job. There are always incompetent companies out there to take your money. reply pdimitar 3 hours agorootparentMy setup is similar to yours, but I also distribute my most important data in compressed ( I trust my own backups much more than any subscription, not from a technical standpoint but from an access one (for example, losing access to your google account). I personally use cloud storage extensively, but I keep a local version with periodic rclone/borg. It allows me access from everywhere and sleep well at night. reply qwertox 4 hours agorootparentprevNTFS has Volume Shadow Copy, which is \"good enough\" for private users if they want to create image backups while their system is running. reply BSDobelix 4 hours agorootparentFirst of all, that's not a backup, that's a snapshot, and NO, that's not \"good enough\", tell your grandma that all her digitised pictures are gone because her hard drive exploded, or that one most important jpeg is now unwatchable because of bitrot. Just because someone is a private user doesn't mean that the data is less important, often it's quite the opposite, for example a family album vs your cloned git repository. reply tjoff 3 hours agorootparent... VSS is used to create backups. Re-read parent. reply BSDobelix 2 hours agorootparentNot good enough, you can make 10000 backups of bitrotten data, if you don't have check-sums on your block (zfs) or files (restic) nothing can help you. That's the same integrity as to copy stuff on your thump-drive. reply BSDobelix 5 hours agorootparentprev>ZFS is mostly for resilient, but not performance critical needs. Los Alamos disagrees ;) https://www.lanl.gov/media/news/0321-computational-storage But yes, in general you are right, Cern for example uses Ceph: https://indico.cern.ch/event/1457076/attachments/2934445/515... reply bayindirh 5 hours agorootparentI think what LLNL did predates GPUDirect and other new technologies came after 2022, but that's a good start. CERN's Ceph also for their \"General IT\" needs. Their clusters are independent from that. Also CERN's most processing is distributed across Europe. We are part of that network. Many, if not all of the HPC centers we talk with uses Lustre as their \"immediate\" storage. Also, there's Weka now, a closed source storage system supporting insane speeds and tons of protocols at the same time. Mostly used for and by GPU clusters around the world. You connect terabits to that cluster casually. It's all flash, and flat out fast. reply GuB-42 8 hours agoparentprevTo be honest, the situation with Linux is barely better. ZFS has license issues with Linux, preventing full integration, and Btrfs is 15 years in the making and still doesn't match ZFS in features and stability. Most Linux distros still use ext4 by default, which is 19 years old, but ext4 is little more than a series of extensions on top of ext2, which is the same age as NTFS. In all fairness, there are few OS components that are as critical as the filesystem, and many wouldn't touch filesystems that have less than a decade of proven track record in production. reply mogoh 7 hours agorootparentZFS might be better then any other FS on Linux (I don't judge that). But you must admit that the situation on Linux is quite better then on Windows. Linux has so many FS in main branch. There is a lot of development. BTRFS had a rocky start, but it got better. reply stephen_g 6 hours agorootparentprevI’m interested to know what ‘full integration’ does look like, I use ZFS in Proxmox (Debian-based) and it’s really great and super solid, but I haven’t used ZFS in more vanilla Linux distros. Does Proxmox have things that regular Linux is missing out on, or are there shortcomings and things I just don’t realise about Proxmox? reply whataguy 6 hours agorootparentThe difference is that the ZFS kernel module is included by default with Proxmox, whereas with e.g. Debian, you would need to install it manually. reply pimeys 6 hours agorootparentAnd you can't follow the latest kernel before the ZFS module supports it. reply BSDobelix 6 hours agorootparentTry CachyOS https://cachyos.org/ , you can even swap from an existing Arch installation: https://wiki-dev.cachyos.org/sk/cachyos_repositories/how_to_... reply blibble 6 hours agorootparentprevfor Debian that's not exactly a problem reply oarsinsync 5 hours agorootparentUnless you’re using Debian backports, and they backport a new kernel a week before the zfs backport package update happens. Happened to me more than once. I ended up manually changing the kernel version limitations the second time just to get me back online, but I don’t recall if that ended up hurting me in the long run or not. reply lousken 8 hours agorootparentprevas far as stability goes, btrfs is used by meta, synology and many others, so I wouldn't say it's not stable, but some features are lacking reply azalemeth 7 hours agorootparentMy understanding is that single-disk btrfs is good, but raid is decidedly dodgy; https://btrfs.readthedocs.io/en/latest/btrfs-man5.html#raid5... states that: > The RAID56 feature provides striping and parity over several devices, same as the traditional RAID5/6. > There are some implementation and design deficiencies that make it unreliable for some corner cases and *the feature should not be used in production, only for evaluation or testing*. > The power failure safety for metadata with RAID56 is not 100%. I have personally been bitten once (about 10 years ago) by btrfs just failing horribly on a single desktop drive. I've used either mdadm + ext4 (for /) or zfs (for large /data mounts) ever since. Zfs is fantastic and I genuinely don't understand why it's not used more widely. reply crest 5 hours agorootparentOne problem with your setup is that ZFS by design can't use a traditional *nix filesystem buffer cache. Instead it has to use its own ARC (adaptive replacement cache) with end-to-end checksumming, transparent compression, and copy-on-write semantics. This can lead to annoying performance problems when the two types of file system caches contest for available memory. There is a back pressure mechanism, but it effectively pauses other writes while evicting dirty cache entries to release memory. reply ryao 4 hours agorootparentTraditionally, you have the page cache on top of the FS and the buffer cache below the FS, with the two being unified such that double caching is avoided in traditional UNIX filesystems. ZFS goes out of its way to avoid the buffer cache, although Linux does not give it the option to fully opt out of it since the block layer will buffer reads done by userland to disks underneath ZFS. That is why ZFS began to purge the buffer cache on every flush 11 years ago: https://github.com/openzfs/zfs/commit/cecb7487fc8eea3508c3b6... That is how it still works today: https://github.com/openzfs/zfs/blob/fe44c5ae27993a8ff53f4cef... If I recall correctly, the page cache is also still above ZFS when mmap() is used. There was talk about fixing it by having mmap() work out of ARC instead, but I don’t believe it was ever done, so there is technically double caching done there. reply taskforcegemini 21 minutes agorootparentwhat's the best way to deal with this then? disable filecache of linux? I've tried disabling/minimizing arc in the past to avoid the oom reaper, but the arc was stubborn and its RAM usage remained as is reply lousken 6 hours agorootparentprevI was assuming OP wants to highlight filesystem use on a workstation/desktop, not for a file server/NAS. I had similar experience decade ago, but these days single drives just work, same with mirroring. For such setups btrfs should be stable. I've never seen a workstation with raid5/6 setup. Secondly, filesystems and volume managers are something else, even if e.g. btrfs and ZFS are essentialy both. For a NAS setup I would still prefer ZFS with truenas scale (or proxmox if virtualization is needed), just because all these scenarios are supported as well. And as far as ZFS goes, encryption is still something I am not sure about especially since I want to use snapshots sending those as a backup to remote machine. reply hooli_gan 6 hours agorootparentprevRAID5/6 is not needed with btrfs. One should use RAID1, which supports striping the same data onto multiple drives in a redundant way. reply brian_cunnie 4 hours agorootparentprev> I have personally been bitten once (about 10 years ago) by btrfs just failing horribly on a single desktop drive. Me, too. The drive was unrecoverable. I had to reinstall from scratch. reply worthless-trash 2 hours agorootparentprevLicensing incompatibilities. reply _joel 6 hours agorootparentprevI'm similar to some other people here, I guess once they've been bitten by data loss due to btrfs, it's difficult to advocate for it. reply lousken 6 hours agorootparentI am assuming almost everybody at some point experienced data loss because they pulled out a flash drive too early. Is it safe to assume that we stopped using flash drives because of it? reply _joel 5 hours agorootparentI'm not sure we have stopped using flash, judging by the pile of USB sticks on my desk :) In relation to the fs analogy if you used a flash drive that you know corrupted your data, you'd throw it away for one you know works. reply fourfour3 7 hours agorootparentprevDo Synology actually use the multi-device options of btrfs, or are they using linux softraid + lvm underneath? I know Synology Hybrid RAID is a clever use of LVM + MD raid, for example. reply bayindirh 6 hours agorootparentprev> Most Linux distros still use ext4 by default, which is 19 years old, but ext4 is little more than a series of extensions on top of ext2, which is the same age as NTFS. However, ext4 and XFS are much more simpler and performant than BTRFS & ZFS as root drives on personal systems and small servers. I personally won't use either on a single disk system as root FS, regardless of how fast my storage subsystem is. reply BSDobelix 6 hours agorootparentprev>ZFS has license issues with Linux, preventing full integration No one wants that, openZFS is much healthier without Linux and it's \"Foundation/Politics\". reply bhaney 5 hours agorootparent> No one wants that I want that reply BSDobelix 5 hours agorootparentThen let me tell you that FreeBSD or OmniOS is what you really want ;) reply bhaney 5 hours agorootparentYou're now 0 for 2 at telling me what I want reply BSDobelix 5 hours agorootparentThe customer is not always right, however a good/modern Filesystem really would be something for Linux ;) reply ruthmarx 14 minutes agorootparent> The customer is not always right, An uninvited door-to-door salesman is rarely, if ever right. reply cesarb 4 hours agorootparentprev> Btrfs [...] still doesn't match ZFS in features [...] Isn't the feature in question (array expansion) precisely one which btrfs already had for a long time? Does ZFS have the opposite feature (shrinking the array), which AFAIK btrfs also already had for a long time? (And there's one feature which is important to many, \"being in the upstream Linux kernel\", that ZFS most likely will never have.) reply wkat4242 4 hours agorootparentZFS also had expansion for a long time but it was offline expansion. I don't know if btrfs has also had online for a long time? And shrinking no, that is a big missing feature in ZFS IMO. Understandable considering its heritage (large scale datacenters) but nevertheless an issue for home use. But raidz is rock-solid. Btrfs' raid is not. reply unsnap_biceps 2 hours agorootparentRaidz wasn't able to be expanded in place before this. You were able to add to a pool that included a raidz vdev, but that raidz vdev was immutable. reply wkat4242 1 hour agorootparentOh ok, I've never done this, but I thought it was already there. Maybe this was the original ZFS from Sun? But maybe I just remember it incorrectly, sorry. I've used it on multi-drive arrays but I never had the need for expansion. reply xattt 8 hours agorootparentprevZFS on OS X was killed because of Oracle licensing drama. I don’t expect anything better on Windows either. reply ryao 7 hours agorootparentThere is a third party port here: https://openzfsonosx.org/wiki/Main_Page It was actually the NetApp lawsuit that caused problems for Apple’s adoption of ZFS. Apple wanted indemnification from Sun because of the lawsuit, Sun’s CEO did not sign the agreement before Oracle’s acquisition of Sun happened and Oracle had no interest in granting that, so the official Apple port was cancelled. I heard this second hand years later from people who were insiders at Sun. reply xattt 6 hours agorootparentThat’s a shame re: NetApp/ZFS. While third-party ports are great, they lack deep integration that first-party support would have brought (non-kludgy Time Machine which is technically fixed with APFS). reply throw0101a 6 hours agorootparentprev> ZFS on OS X was killed because of Oracle licensing drama. It was killed because Apple and Sun couldn't agree on a 'support contract'. From Jeff Bonwick, one of the co-creators ZFS: >> Apple can currently just take the ZFS CDDL code and incorporate it (like they did with DTrace), but it may be that they wanted a \"private license\" from Sun (with appropriate technical support and indemnification), and the two entities couldn't come to mutually agreeable terms. > I cannot disclose details, but that is the essence of it. * https://archive.is/http://mail.opensolaris.org/pipermail/zfs... Sun took DTrace, licensed via CDDL—just like ZFS—and put it into the kernel without issue. Of course a file system is much more central to an operating system, so they wanted much more of a CYA for that. reply BSDobelix 6 hours agorootparentprev>ZFS on OS X was killed because of Oracle licensing drama. Naa it was Jobs ego not the license: >>Only one person at Steve Jobs' company announces new products: Steve Jobs. https://arstechnica.com/gadgets/2016/06/zfs-the-other-new-ap... reply bolognafairy 6 hours agorootparentIt’s a cute story that plays into the same old assertions about Steve Jobs, but the conclusion is mostly baseless. There are many other, more credible, less conspiratorial, possible explanations. reply wkat4242 4 hours agorootparentIt could have played into it though, but I agree the support contract that couldn't be worked out mentioned elsewhere in the thread is more likely. But I think these things are usually a combination. When a business relationship sours, agreements are suddenly much harder to work out. The negotiators are still people and they have feelings that will affect their decisionmaking. reply nabla9 6 hours agorootparentprevLicense is not a real issue. It must be just distributed in separate module. No big hurdle. reply Jnr 5 hours agorootparentFrom my point of view it is a real usability issue. zfs modules are not in the official repos. You either have to compile it on each machine or use unofficial repos, which is not exactly ideal and can break things if those repos are not up to date. And I guess it also needs some additional steps for secureboot setup on some distros? I really want to try zfs because btrfs has some issues with RAID5 and RAID6 (it is not recommended so I don't use it) but I am not sure I want to risk the overall system stability, I would not want to end up in a situation where my machines don't boot and I have to fix it manually. reply harshreality 4 hours agorootparentWhy are you considering raid5/6? Are you considering building a large storage array? If the data will fit comfortably (50-60% utilization) on one drive, all you need is raid1. Btrfs is fine for raid1 (raid1c3 for extra redundancy); it might have hidden bugs, but no filesystem is immune from those; zfs had a data loss bug (it was rare, but it happened) a year ago. Why use zfs for a boot partition? Unless you're using every disk mounting point and nvme slot for a single large raid array, you can use a cheap 512GB nvme drive or old spare 2.5\" ssd for the boot volume. Or two, in btrfs raid1 if you absolutely must... but do you even need redundancy or datasum (which can hurt performance) to protect OS files? Do you really care if static package files get corrupted? Those are easily reinstalled, and modern quality brand SSDs are quite reliable. reply chillfox 5 hours agorootparentprevI have been using ZFS on Mint and Alpine Linux for years for all drives (including root) and have never had an issue. It's been fantastic and is super fast. My linux/zfs laptop loads games much faster than an identical machine running Windows. I have never had data corruption issues with ZFS, but I have had both xfs and ext4 destroy entire discs. reply crest 5 hours agorootparentprevThe main hurdle is hostile Linux kernel developers who aren't held accountable intentionally breaking ZFS for their own petty ideological reasons e.g. removing the in-kernel FPU/SIMD register save/restore API and replacing it with a \"new\" API to do the the same. What's \"new\" about the \"new\" API? Its symbols are GPL2 only to deny it's use to non-GPL2 modules (like ZFS). Guess that's an easy way to make sure that BTRFS is faster than ZFS or set yourself up as the (to be) injured party. Of course a reimplementation of the old API in terms of the new is an evil \"GPL condom\" violating the kernel license right? Why can't you see ZFS's CDDL2 license is the real problem here for being the wrong flavour of copyleft license. Way to claim the moral high ground you short-sighted, bigoted pricks. sigh reply GuB-42 5 hours agorootparentprevIt is a problem because most of the internal kernel APIs are GPL-only, which limit the abilities of the ZFS module. It is a common source of argument between the Linux guys and the ZFS on Linux guys. The reason for this is not just to piss off non-GPL module developers. GPL-only internal APIs are subject to change without notice, even more so than the rest of the kernel. And because the licence may not allow the Linux kernel developers to make the necessary changes to the module when it happens, there is a good chance it breaks without warning. And even with that, all internal APIs may change, it is just a bit less likely than for the GPL-only ones, and because ZFS on Linux is a separate module, there is no guarantee for it to not break with successive Linux versions, in fact, it is more like a guarantee that it will break. Linux is proudly monolithic, and as constantly evolving a monolithic kernel, developers need to have control over the entire project. It is also community-driven. Combined, you need rules to have the community work together, or everything will break down, and that's what the GPL is for. reply mustache_kimono 8 hours agoparentprev> I just don't get it how the Windows world - by far the largest PC platform per userbase - still doesn't have any answer to ZFS. The mainline Linux kernel doesn't either, and I think the answer is because it's hard and high risk with a return mostly measured in technical respect? reply ffsm8 8 hours agorootparentTechnically speaking, bcachefs has been merged into the Linux Kernel - that makes your initial assertion wrong. But considering it's had two drama events within 1 year of getting merged... I think we can safely confirm your conclusion of it being really hard reply mustache_kimono 8 hours agorootparent> Technically speaking, bcachefs has been merged into the Linux Kernel - that makes your initial assertion wrong. bcachefs doesn't implement its erasure coding/RAID yet? Doesn't implement send/receive. Doesn't implement scrub/fsck. See: https://bcachefs.org/Roadmap, https://bcachefs.org/Wishlist/ btrfs is still more of a legit competitor to ZFS these days and it isn't close to touching ZFS where it matters. If the perpetually half-finished bcachefs and btrfs are the \"answer\" to ZFS that seems like too little, too late to me. reply koverstreet 7 hours agorootparentErasure coding is almost done; all that's missing is some of the device evacuate and reconstruct paths, and people have been testing it and giving positive feedback (especially w.r.t. performance). It most definitely does have fsck and has since the beginning, and it's a much more robust and dependable fsck than btrfs's. Scrub isn't quite done - I actually was going to have it ready for this upcoming merge window except for a nasty bout of salmonella :) Send/recv is a long ways off, there might be some low level database improvements needed before that lands. Short term (next year or two) priorities are finishing off online fsck, more scalability work (upcoming version for this merge window will do 50PB, but now we need to up the limit on number of drives), and quashing bugs. reply ryao 7 hours agorootparentHearing that it is missing some code for reconstruction makes it sound like it is missing something fairly important. The original purpose of parity RAID is to support reconstruction. reply koverstreet 3 hours agorootparentWe can do reconstruct reads, what's missing is the code to rewrite missing blocks in a stripe after a drive dies. In general, due to the scope of the project, I've been prioritizing the functionality that's needed to validate the design and the parts that are needed for getting the relationships between different components correct. e.g. recently I've been doing a bunch of work on backpointers scalability, and that plus scrub are leading to more back and forth iteration on minor interactions with erasure coding. So: erasure coding is complete enough to know that it works and for people to torture test it, but yes you shouldn't be running it in production yet (and it's explicitly marked as such). What's remaining is trivial but slightly tedious stuff that's outside the critical path of the rest of the design. Some of the code I've been writing for scrub is turning out to also be what we want for reconstruct, so maybe we'll get there sooner rather than later... reply BSDobelix 6 hours agorootparentprev>except for a nasty bout of salmonella Did the Linux Foundation send you some \"free\" sushi? ;) However keep the good work rolling, super happy about a good, usable and modern Filesystem native to Linux. reply pdimitar 5 hours agorootparentprevFYI: the main reason I gave up on bcachefs is that I can't use devices with native 16K blocks. Hope that's coming this year. I have a bunch of old HDDs and SSDs and I could very easily assemble a spare storage server with about 4TB capacity. Already tested bcachefs with most of the drives and it performed very well. Also lack of ability to reconstruct seems like another worrying omission. reply koverstreet 3 hours agorootparentI wasn't aware there were actual users needing bs > ps yet. Cool :) That should be a completely trivial for bcachefs to support, it'll mostly just be a matter of finding or writing the tests. reply pdimitar 1 hour agorootparentSeriously? But... NVMe drives! I stopped testing because I only have one spare NVMe and couldn't use it with bcachefs. If you or others can get it done I'm absolutely starting to use bcachefs the month after. I do need fast storage servers in my home office. reply mafuy 5 hours agorootparentprevThank you, looking forward to it! reply kwanbix 8 hours agoparentprevHonest question. As an end user that uses Windows and Linux and does not uses ZFS, what I am missing? reply johannes1234321 3 hours agorootparentFor a while I ran Open Solaris with ZFS as root filesystem. The key feature for me, which I miss, is the snapshotting integrated into the package manager. ZFS allows snapshots more or less for free (due to copy on weite) including cron based snapshotting every 15 minutes. So if I did a mistake anywhere there was a way to recover. And that integrated with the update manager and boot manager means that on an update a snapshot is created and during boot one can switch between states. Never had a broken update, but gave a good feeling. On my home server I like the raid features and on Solaris it was nicely integrated with NFS etc so that one can easily create volumes and export them and set restrictions (max size etc.) on it. reply poisonborz 8 hours agorootparentprevWay better data security, resilience against file rotting. This goes for both HDDs or SSDs. Copy-on-write, snapshots, end to end integrity. Also easier to extend the storage for safety/drive failure (and SSDs corrupt in a more sneaky way) with pools. reply wil421 8 hours agorootparentHow many of us are using single disks on our laptops? I have a NAS and use all of the above but that doesn’t help people with single drive systems. Or help me understand why I would want it on my laptop. reply ryao 8 hours agorootparentMy thinkpad from college uses ZFS as its rootfs. The benefits are: * If the hard drive / SSD corrupted blocks, the corruption would be identified. * Ditto blocks allow for self healing. Usually, this only applies to metadata, but if you set copies=2, you can get this on data too. It is a poor man’s RAID. * ARC made the desktop environment very responsive since unlike the LRU cache, ARC resists cold cache effects from transient IO workloads. * Transparent compression allowed me to store more on the laptop than otherwise possible. * Snapshots and rollback allowed me to do risky experiments and undo them as if nothing happened. * Backups were easy via send/receive of snapshots. * If the battery dies while you are doing things, you can boot without any damage to the filesystem. That said, I use a MacBook these days when I need to go outside. While I miss ZFS on it, I have not felt motivated to try to get a ZFS rootfs on it since the last I checked, Apple hardcoded the assumption that the rootfs is one of its own filesystems into the XNU kernel and other parts of the system. reply rabf 4 hours agorootparentNot ever having to deal with partitions and instead using data sets each of which can have their own properties such as compression, size quota, encryption etc is another benefit. Also using zfsbootmenu instead of grub enables booting from different datasets or snapshots as well as mounting and fixing data sets all from the bootloader! reply CoolCold 7 hours agorootparentprevNTFS had compression since mot even sure when. For other stuff, let that nerdy CorpIT handle your system. reply ryao 6 hours agorootparentNTFS compression is slow and has a low compression ratio. ZFS has both zstd and lz4. reply adgjlsfhk1 3 hours agorootparentprevyes but NTFS is bad enough that no one needs to be told how bad it is. reply yjftsjthsd-h 4 hours agorootparentprevIf the single drive in your laptop corrupts data, you won't know. ZFS can't fix corruption without extra copies, but it's still useful to catch the problem and notify the user. Also snapshots are great regardless. reply Polizeiposaune 2 hours agorootparentIn some circumstances it can. Every ZFS block pointer has room for 3 disk addresses; by default, the extras are used only for redundant metadata, but they can also be used for user data. When you turn on ditto blocks for data (zfs set copies=2 rpool/foo), zfs can fix corruption even on single-drive systems at the cost of using double or triple the space. Note that (like compression), this only affects blocks written after the setting is in place, but (if you can pause writes to the filesystem) you can use zfs send|zfs recv to rewrite all blocks to ensure all blocks are redundant. reply ekianjo 8 hours agorootparentprevIt provides encryption by default without having to deal with LUKS. And no need to ever do fsck again. reply Twey 6 hours agorootparentExcept that swap on OpenZFS still deadlocks 7 years later (https://github.com/openzfs/zfs/issues/7734) so you're still going to need LUKS for your swap anyway. reply ryao 5 hours agorootparentAnother option is to go without swap. I avoid swap on my machines unless I want hibernation support. reply jeroenhd 7 hours agorootparentprevThe data security and rot resilience only goes for systems with ECC memory. Correct data with a faulty checksum will be treated the same as incorrect data with a correct checksum. Windows has its own extended filesystem through Storage Spaces, with many ZFS features added as lesser used Storage Spaces options, especially when combined with ReFS. reply _factor 6 hours agorootparentThis has nothing to do with ZFS as a filesystem. It has integrity verification on duplicated raid configurations. If the system memory flips a bit, it will get written to disk like all filesystems. If a bit flips on a disk, however, it can be detected and repaired. Without ECC, your source of truth can corrupt, but this true of any system. reply abrookewood 7 hours agorootparentprevPlease stop repeating this, it is incorrect. ECC helps with any system, but it isn't necessary for ZFS checksums to work. reply BSDobelix 6 hours agorootparentprevOn zfs there is the ARC (adaptive read cache), on non-zfs systems this \"read cache\" is called buffer, both reside in memory, so ECC is equally important for both systems. Rot means changing bits without accessing those bits, and that's ~not possible with zfs, additionally you can enable check-summing IN the ARC (disabled by default), and with that you can say that ECC and \"enterprise\" quality hardware is even more important for non-ZFS systems. >Correct data with a faulty checksum will be treated the same as incorrect data with a correct checksum. There is no such thing as \"correct\" data, only a block with a correct checksum, if the checksum is not correct, the block is not ok. reply mrb 5 hours agorootparentprev\"data security and rot resilience only goes for systems with ECC memory.\" No. Bad HDDs/SSDs or bad SATA cables/ports cause a lot more data corruption than bad RAM. And ZFS will correct these cases even without ECC memory. It's a myth that the data healing properties of ZFS are useless without ECC memory. reply elseless 1 hour agorootparentPrecisely this. And don’t forget about bugs in virtualization layers/drivers — ZFS can very often save your data in those cases, too. reply ryao 10 minutes agorootparentI once managed to use ZFS to detect a bit flip on a machine that did not have ECC RAM. All python programs started crashing in libpython.so on my old desktop one day. I thought it was a bug in ZFS, so I started debugging. I compared the in-memory buffer from ARC with the on-disk buffer for libpython.so and found a bit flip. At the time, accessing a snapshot through .zfs would duplicate the buffer in ARC, which made it really easy to compare the in-memory buffer against the on-disk buffer. I was in shock as I did not expect to ever see one in person. Since then, I always insist on my computers having ECC. reply chillfox 4 hours agorootparentprevMuch faster launch of applications/files you use regularly. Ability to always rollback updates in seconds if they cause issues thanks to snapshots. Fast backups with snapshots + zfs send/receive to a remote machine. Compressed disks, this both let's you store more on a drive and makes accessing files faster. Easy encryption. ability to mirror 2 large usb disks so you never have your data corrupted or lose it from drive failures. Can move your data or entire os install to a new computer easily by using a live disk and just doing a send/receive to the new pc. (I have never used dedup, but it's there if you want I guess) reply e12e 7 hours agorootparentprevCross platform native encryption with sane fs for removable media. reply lazide 7 hours agorootparentWho would that help? MacOS also defaults to a non-portable FS for likely similar reasons, if one was being cynical. reply madeofpalk 8 hours agorootparentprevI'm missing file clones/copy-on-write. reply wkat4242 4 hours agorootparentprevSnapshots (Note: NTFS does have this in the way of Volume Shadow Copy but it's not as easily accessible as a feature to the end user as it is in ZFS). Copy on Write for reliability under crashes. Block checksumming for data protection (bitrot) reply nickdothutton 1 hour agoparentprevOS development pretty much stopped around 2000. ZFS is from 2001. I don't count a new way to organise my photos or integrate with a search engine as \"OS\" though. reply zamadatix 3 hours agoparentprevNTFS was able to be extended in various way over the years to the point what you could do with an NTFS drive 32 years ago will feel like talking about a completely different filesystem than what you can do with it on current Windows. Honestly I really like ReFS, particularly in context of storage spaces, but I don't think it's relevant to Microsoft's consumer desktop OS where users don't have 6 drives they need to pool together. Don't get me wrong, I use ZFS because that's what I can get running on a Linux server and I'm not going to go run Windows Server just for the storage pooling... but ReFS + Storage Spaces wins my heart with the 256 MB slab approach. This means you can add+remove mixed sized drives and get the maximum space utilization for the parity settings of the pool. Here ZFS is still getting to online adds of same or larger drives 10 years later. reply ryao 8 hours agoparentprevWhat do you mean by a ZFS compatibility layer? There is a Windows port: https://github.com/openzfsonwindows/openzfs Note that it is a beta. reply MauritsVB 7 hours agoparentprevThere is occasional talk of moving the Windows implementation of OpenZFS (https://github.com/openzfsonwindows/openzfs/releases) into an officially supported tier, though that will probably come after the MacOS version (https://github.com/openzfsonosx) is officially supported. reply badgersnake 8 hours agoparentprevNTFS is good enough for most people, who have a laptop with one SSD in it. reply wkat4242 4 hours agorootparentThe benefits of ZFS don't need multiple drives to be useful. I'm running ZFS on root for years now and snapshots have saved my bacon several times. Also with block checksums you can at least detect bitrot. And COW is always useful. reply zamadatix 3 hours agorootparentWindows manages volume snapshots on NTFS through VSS. I think ZFS snapshots are a bit \"cleaner\" of a design, and the tooling is a bit friendlier IMO, but the functionality to snapshot, rollback, and save your bacon is there regardless. Outside of the automatically enabled \"System Restore\" (which only uses VSS to snapshot specific system files during updates) I don't think anyone bothers to use it though. CoW, advanced parity, and checksumming are the big ones NTFS lacks. CoW is just inherently not how NTFS is designed and checksumming isn't there. Anything else (encryption, compression, snapshots, ACLs, large scale, virtual devices, basic parity) is done through NTFS on Windows. reply wkat4242 1 hour agorootparentYes I know that NTFS has snapshots, I mentioned that in another comment. I don't think NTFS is as relevant in comparison though. People who choose windows will have no interest in ZFS and vice versa (someone considering ZFS will not pick Windows). And I don't think anyone bothers to use it due to the lack of user-facing tooling around it. If it would be as easy to create snapshots as it is on ZFS, more people would use it, I'm sure. It's just so amazing to try something out, screw up my system and just revert :P But VSS is more of a system API than a user-facing geature. VSS is also used by backup software to quiet the filesystem by the way. But yeah the others are great features. My main point was though that almost all the features of ZFS are very beneficial even on a single drive. You don't need an array to take advantage of Snapshots, the crash reliability that CoW offers, and checksumming (though you will lack the repair option obviously) reply EvanAnderson 54 minutes agorootparent> I don't think NTFS is as relevant in comparison though. People who choose windows will have no interest in ZFS and vice versa (someone considering ZFS will not pick Windows). ZFS on Windows, as a first-class supported-by-Microsoft option would be killer. It won't ever happen, but it would be great. (NTFS / VSS with filesystem/snapshot send/receive would \"scratch\" a lot of that \"itch\", too.) > And I don't think anyone bothers to use it due to the lack of user-facing tooling around it. If it would be as easy to create snapshots as it is on ZFS, more people would use it, I'm sure. It's just so amazing to try something out, screw up my system and just revert :P But VSS is more of a system API than a user-facing geature. VSS on NTFS is handy and useful but in my experience brittle compared to ZFS snapshots. Sometimes VSS just doesn't work. I've had repeated cases over the years where accessing a snapshot failed (with traditional unhelpful Microsoft error messages) until the host machine was rebooted. Losing VSS snapshots on a volume is much easier than trashing a ZFS volume. VSS straddles the filesystem and application layers in a way that ZFS doesn't. I think that contributes to some of the jank (VSS writers becoming \"unstable\", for example). It also straddles hardware interfaces in a novel way that ZFS doesn't (using hardware snapshot functionality-- somewhat like using a GPU versus \"software rendering\"). I think that also opens up a lot of opportunity for jank, as compared to ZFS treating storage as dumb blocks. reply uniqueuid 11 hours agoprevIt's good to see that they were pretty conservative about the expansion. Not only is expansion completely transparent and resumable, it also maintains redundancy throughout the process. That said, there is one tiny caveat people should be aware of: > After the expansion completes, old blocks remain with their old data-to-parity ratio (e.g. 5-wide RAIDZ2, has 3 data to 2 parity), but distributed among the larger set of disks. New blocks will be written with the new data-to-parity ratio (e.g. a 5-wide RAIDZ2 which has been expanded once to 6-wide, has 4 data to 2 parity). reply chungy 9 hours agoparentI'm not sure that's really a caveat, it just means old data might be in an inoptimal layout. Even with that, you still get the full benefits of raidzN, where up to N disks can completely fail and the pool will remain functional. reply crote 5 hours agorootparentI think it's a huge caveat, because it makes upgrades a lot less efficient than you'd expect. For example, home users generally don't want to buy all of their storage up front. They want to add additional disks as the array fills up. Being able to start with a 2-disk raidz1 and later upgrade that to a 3-disk and eventually 4-disk array is amazing. It's a lot less amazing if you end up with a 55% storage efficiency rather than 66% you'd ideally get from a 2-disk to 3-disk upgrade. That's 11% of your total disk capacity wasted, without any benefit whatsoever. reply ryao 4 hours agorootparentYou have a couple options: 1. Delete the snapshots and rewrite the files in place like how people do when they want to rebalance a pool. 2. Use send/receive inside the pool. Either one will make the data use the new layout. They both carry the caveat that reflinks will not survive the operation, such that if you used reflinks to deduplicate storage, you will find the deduplication effect is gone afterward. reply bmicraft 4 hours agorootparentprevWell, when you start a raidz with 2 devices you've already done goofed. Start with a mirror or at least 3 devices. Also, if you don't wait to upgrade until the disks are at 100% utilization (which you should never do! you're creating massive fragmentation upwards of ~85%) efficiency in the real world will be better. reply chungy 4 hours agorootparentprevIt still seems pretty minor. If you want extreme optimization, feel free to destroy the pool and create it new, or create it with the ideal layout from the beginning. Old data still works fine, the same guarantees RAID-Z provides still hold. New data will be written with the new data layout. reply stavros 8 hours agorootparentprevIs that the case? What if I expand a 3-1 array to 3-2? Won't the old blocks remain 3-1? reply Timshel 8 hours agorootparentI don't believe it supports adding parity drives only data drives. reply stavros 8 hours agorootparentAhh interesting, thanks. reply bmicraft 4 hours agorootparentSince preexisting blocks are kept at their current parity ratio and not modified (only redistributed among all devices), increasing the parity level of new blocks won't really be useful in practice anyway. reply wjdp 4 hours agoparentprevCaveat is very much expected, you should expect ZFS features to not rewrite blocks. Changes to settings only apply to new data for example. reply rekoil 5 hours agoparentprevYaeh it's a pretty huge caveat to be honest. Da1 Db1 Dc1 Pa1 Pb1 Da2 Db2 Dc2 Pa2 Pb2 Da3 Db3 Dc3 Pa3 Pb3 ___ ___ ___ Pa4 Pb4 ___ represents free space. After expansion by one disk you would logically expect something like: Da1 Db1 Dc1 Da2 Pa1 Pb1 Db2 Dc2 Da3 Db3 Pa2 Pb2 Dc3 ___ ___ ___ Pa3 Pb3 ___ ___ ___ ___ Pa4 Pb4 But as I understand it it would actually expand to: Da1 Db1 Dc1 Dd1 Pa1 Pb1 Da2 Db2 Dc2 Dd2 Pa2 Pb2 Da3 Db3 Dc3 Dd3 Pa3 Pb3 ___ ___ ___ ___ Pa4 Pb4 Where the Dd1-3 blocks are just wasted. Meaning by adding a new disk to the array you're only expanding free storage by 25%... So say you have 8TB disks for a total of 24TB of storage free originally, and you have 4TB free before expansion, you would have 5TB free after expansion. Please tell me I've misunderstood this, because to me it is a pretty useless implementation if I haven't. reply ryao 4 hours agorootparentZFS RAID-Z does not have parity disks. The parity and data is interleaved to allow data reads to be done from all disks rather than just the data disks. The slides here explain how it works: https://openzfs.org/w/images/5/5e/RAIDZ_Expansion_2023.pdf Anyway, you are not entirely wrong. The old data will have the old parity:data ratio while new data will have the new parity:data ratio. As old data is freed from the vdev, new writes will use the new parity:data ratio. You can speed this up by doing send/receive, or by deleting all snapshots and then rewriting the files in place. This has the caveat that reflinks will not survive the operation, such that if you used reflinks to deduplicate storage, you will find the deduplication effect is gone afterward. reply chungy 1 hour agorootparentTo be fair, RAID5/6 don't have parity disks either. RAID2, RAID3, and RAID4 do, but they're all effectively dead technology for good reason. I think it's easy for a lot of people to conceptualize RAID5/6 and RAID-Zn as having \"data disks\" and \"parity disks\" to wrap around the complicated topic of how it works, but all of them truly interleave and compute parity data across all disks, allowing any single disk to die. I've been of two minds on the persistent myth of \"parity disks\" but I usually ignore it, because it's a convenient lie to understand your data is safe, at least. It's also a little bit the same way that raidz1 and raidz2 are sometimes talked about as \"RAID5\" and \"RAID6\"; the effective benefits are the same, but the implementation is totally different. reply magicalhippo 3 hours agorootparentprevUnless I misunderstood you, you're describing more how classical RAID would work. The RAID-Z expansion works like you note you would logically expect. You added a drive with four blocks of free space, and you end up with four blocks more of free space afterwards. You can see this in the presentation[1] slides[2]. The reason this is sub-optimal post-expansion is because, in your example, the old maximal stripe width is lower than the post-expansion maximal stripe width. Your example is a bit unfortunate in terms of allocated blocks vs layout, but if we tweak it slightly, then Da1 Db1 Dc1 Pa1 Pb1 Da2 Db2 Dc2 Pa2 Pb2 Da3 Db3 Pa3 Pb3 ___ would after RAID-Z expansion would become Da1 Db1 Dc1 Pa1 Pb1 Da2 Db2 Dc2 Pa2 Pb2 Da3 Db3 Pa3 Pb3 ___ ___ ___ ___ Ie you added a disk with 3 new blocks, and so total free space after is 1+3 = 4 blocks. However if the same data was written in the post-expanded vdev configuration, it would have become Da1 Db1 Dc1 Dd1 Pa1 Pb1 Da2 Db2 Dc2 Dd2 Pa2 Pb2 ___ ___ ___ ___ ___ ___ Ie, you'd have 6 free blocks not just 4 blocks. Of course this doesn't count for writes which end up taking less than the maximal stripe width. [1]: https://www.youtube.com/watch?v=tqyNHyq0LYM [2]: https://openzfs.org/w/images/5/5e/RAIDZ_Expansion_2023.pdf reply ryao 3 hours agorootparentYour diagrams have some flaws too. ZFS has a variable stripe size. Let’s say you have a 10 disk raid-z2 vdev that is ashift=12 for 4K columns. If you have a 4K file, 1 data block and 2 parity blocks will be written. Even if you expand the raid-z vdev, there is no savings to be had from the new data:parity ratio. Now, let’s assume that you have a 72K file. Here, you have 18 data blocks and 6 parity blocks. You would benefit from rewriting this to use the new data:parity ratio. In this case, you would only need 4 parity blocks. ZFS does not rewrite it as part of the expansion, however. There are already good diagrams in your links, so I will refrain from drawing my own with ASCII. Also, ZFS will vary which columns get parity, which is why the slides you linked have the parity at pseudo-random locations. It was not a quirk of the slide’s author. The data is really laid out that way. reply magicalhippo 3 hours agorootparentWhat are the errors? I tried to show exactly what you talk about. edit: ok, I didn't consider the exact locations of the parity, I was only concerned with space usage. The 8 data blocks need three stripes on a 3+2 RAID-Z2 setup both pre and post expansion, the last being a partial stripe, but when written in the 4+2 setup only needs 2 full stripes, leading to more total free space. reply cgeier 11 hours agoprevThis is huge news for ZFS users (probably mostly those in the hobbyist/home use space, but still). raidz expansion has been one of the most requested features for years. reply jfreax 10 hours agoparentI'm not yet familiar with zfs and couldn't find it in the release note: Does expansion only works with disk of the same size? Or is adding are bigger/smaller disks possible or do all disk need to have the same size? reply ryao 8 hours agorootparentYou can use different sized disks, but RAID-Z will truncate the space it uses to the lowest common denominator. If you increase the lowest common denominator, RAID-Z should auto-expand to use the additional space. All parity RAID technologies truncate members to the lowest common denominator, rather than just ZFS. reply chasil 10 hours agorootparentprevIIRC, you could always replace drives in a raidset with larger devices. When the last drive is replaced, then the new space is recognized. This new operation seems somewhat more sophisticated. reply shiroiushi 10 hours agorootparentprevAs far as I understand, ZFS doesn't work at all with disks of differing sizes (in the same array). So if you try it, it just finds the size of the smallest disk, and uses that for all disks. So if you put an 8TB drive in an array with a bunch of 10TB drives, they'll all be treated as 8TB drives, and the extra 2TB will be ignored on those disks. However, if you replace the smallest disk with a new, larger drive, and resilver, then it'll now use the new smallest disk as the baseline, and use that extra space on the other drives. (Someone please correct me if I'm wrong.) reply mustache_kimono 10 hours agorootparent> As far as I understand, ZFS doesn't work at all with disks of differing sizes (in the same array). This might be misleading, however, it may only be my understanding of word \"array\". You can use 2x10TB mirrors as vdev0, and 6x12TB in RAIDZ2 as vdev1 in the same pool/array. You can also stack as many unevenly sized disks as you want in a pool. The actual problem is when you want a different drive topology within a pool or vdev, or you want to mismatch, say, 3 oddly sized drives to create some synthetic redundancy level (2x4TB and 1x8TB to achieve two copies on two disks) like btrfs does/tries to do. reply tw04 9 hours agorootparentprevThis is the case with any parity based raid, they just hide it or lie to you in various ways. If you have two 6TB dives and two 12TB drives in a single raid-6 array, it is physically impossible to have two drive parity once you exceed 12TB of written capacity. BTRFS and bcachefs can’t magically create more space where none exists on your 6TB drives. They resort to dropping to mirror protection for the excess capacity which you could also do manually with ZFS by giving it partitions instead of the whole drive. reply zelcon 10 hours agorootparentprevYou need to buy the same exact drive with the same capacity and speed. Your raidz vdev be as small and as slow as your smallest and slowest drive. btrfs and the new bcachefs can do RAID with mixed drives, but I can’t trust either of them with my data yet. reply hda111 9 hours agorootparentIt doesn't have to be the same exact drive. Mixing drives from different manufacturers (with the same capacity) is often used to prevent correlated failure. ZFS is not using the whole disk, so different disks can be mixed, because the disk often have varying capacity. reply tw04 9 hours agorootparentprevYou can run raid-z across partitions to utilize the full drive just like synology does with their “hybrid raid” - you just shouldn’t. reply Mashimo 10 hours agorootparentprev> You need to buy the same exact drive AFAIK you can add larger and faster drives, you will just not get any benefits from it. reply bpye 10 hours agorootparentYou can get read speed benefits with faster drives, but your writes will be limited by your slowest. reply unixhero 9 hours agorootparentprevJust have backups. I used btrfs and zfs for different purposes. Never had any lost data or downtime with btrfs since 2016. I only use raid 0 and raid 1 and compression. Btrfs does not havr a hungry ram requirement. reply tw04 9 hours agorootparentNeither does zfs, that’s a widely repeated red herring from people trying to do dedup in the very early days, and people who misunderstood how it used ram to do caching. reply FrostKiwi 10 hours agoprevFINALLY! You can do borderline insane single-vdev setups like RAID-Z3 with 4 disks (3 Disks worth of redundancy) of the most expensive and highest density hard drives money can buy right now, for an initial effective space usage of 25% and then keep buying and expanding Disk by Disk, with the space demand growing, up to something like 12ish disks. Disk prices dropping as time goes on and a spread out failure chance with disks being added at different times. reply uniqueuid 9 hours agoparentYes but see my sibling comment. When you expand your array, your existing data will not be stored any more efficiently. To get the new parity/data ratios, you would have to force copies of the data and delete the old, inefficient versions, e.g. with something like this [1] My personal take is that it's a much better idea to buy individual complete raid-z configurations and add new ones / replace old ones (disk by disk!) as you go. [1] https://github.com/markusressel/zfs-inplace-rebalancing reply Mashimo 9 hours agorootparentI wish something like this would be build into ZFS, so snapshots and current access would not be broken. reply uniqueuid 9 hours agorootparentTrue, but I have a gut feeling that a lot of these thorny issues would come up again: https://github.com/openzfs/zfs/issues/3582 reply jakedata 7 hours agoprevHappy to see the ARC bypass for NVMe performance. ZFS really fails to exploit NVMe's potential. Online expansion might be interesting. I tried to use ZFS for some very busy databases and ended up getting bitten badly by the fragmentation bug. The only way to restore performance appears to be copying the data off the volume, nuking it and then copying it back. Now -perhaps- if I expand the zpool then I might be able to reduce fragmentation by copying the tablespace on the same volume. reply wkat4242 4 hours agoprevNote: This is online expansion. Expansion was always possible but you did need to take the array down to do it. You could also move to bigger drives but you also had to do that one at a time (and only gain the new capacity once all drives were upgraded of course) As far as I know shrinking a pool is still not possible though. So if you have a pool with 5 drives and add a 6th, you can't go back to 5 drives even if there is very little data in it. reply shepherdjerred 2 hours agoprevHow does ZFS compare to btrfs? I'm currently using btrfs for my home server, but I've had some strange troubles with it. I'm thinking about switching to ZFS, but I don't want to end up in the same situation. reply ryao 2 hours agoparentI first tried btrfs 15 years ago with Linux 2.6.33-rc4 if I recall. It developed an unlinkable file within 3 days, so I stopped using it. Later, I found ZFS. It had a few less significant problems, but I was a CS student at the time and I thought I could fix them since they seemed minor in comparison to the issue I had with btrfs, so over the next 18 months, I solved all of the problems that it had that bothered me and sent the patches to be included in the then ZFSOnLinux repository. My effort helped make it production ready on Linux. I have used ZFS ever since and it has worked well for me. If btrfs had been in better shape, I would have been a btrfs contributor. Unfortunately for btrfs, it not only was in bad shape back then, but other btrfs issues continued to bite me every time I tried it over the years for anything serious (e.g. frequent ENOSPC errors when there is still space). ZFS on the other hand just works. Myself and many others did a great deal of work to ensure it works well. The main reason for the difference is that ZFS had a very solid foundation, which was achieved by having some fantastic regression testing facilities. It has a userland version that randomly exercises the code to find bugs before they occur in production and a test suite that is run on every proposed change to help shake out bugs. ZFS also has more people reviewing proposed changes than other filesystems. The Btrfs developers will often state that there is a significant man power difference between the two file systems. I vaguely recall them claiming the difference was a factor of 6. Anyway, few people who use ZFS regret it, so I think you will find you like it too. reply averageRoyalty 9 hours agoprevWorth noting that TrueNAS already supports this[0] (I assuming using 2.3.0rc3?). Not sure about the stability, but very exciting. https://www.truenas.com/blog/electric-eel-openzfs-23/ reply endorphine 10 hours agoprevCan someone describe why they would use ZFS (or similar) for home usage? reply mrighele 8 hours agoparentGood reasons for me: Checksums: this is even more important in home usage as the hardware is usually of lower quality. Faulty controllers, crappy cables, hard disks stored in a higher than advised temperature... many reasons for bogus data to be saved, and zfs handles that well and automatically (if you have redundancy) Snapshots: very useful to make backups and quickly go back to an older version of a file when mistakes are made Ease of mind: compared to the alternatives, I find that zfs is easier to use and makes it harder to make a mistake that could bring data loss (e.g. remove by mistake the wrong drive when replacing a faulty one, pool becomes unusable, \"ops!\", put the disk back, pool goes back to work as nothing happened). Maybe it is different now with mdadm, ma when I used it years ago I was always worried to make a destructive mistake. reply EvanAnderson 51 minutes agorootparent> Snapshots: very useful to make backups and quickly go back to an older version of a file when mistakes are made Piling on here: Sending snapshots to remote machines (or removable drives) is very easy. That makes snapshots viable as a backup mechanism (because they can exist off-site and offline). reply ryao 8 hours agoparentprevTo give an answer that nobody else has given, ZFS is great for storing Steam games. Set recordsize=1M and compression=zstd and you can often store about 33% more games in the same space. A friend uses ZFS to store his Steam games on a couple of hard drives. He gave ZFS a SSD to use as L2ARC. ZFS automatically caches the games he likes to run on the SSD so that they load quickly. If he changes which games he likes to run, ZFS will automatically adapt to cache those on the SSD instead. reply chillfox 4 hours agorootparentThe compression and ARC will make games load much master than they would on NTFS even without having a separate drive for the ARC. reply chromakode 9 hours agoparentprevI replicate my entire filesystem to a local NAS every 10 minutes using zrepl. This has already saved my bacon once when a WD_BLACK SN850 suddenly died on me [1]. It's also recovered code from some classic git blunders. It shouldn't be possible any more to lose data to user error or single device failure. We have the technology. [1]: https://chromakode.com/post/zfs-recovery-with-zrepl/ reply vedranm 10 hours agoparentprevSeveral reasons, but major ones (for me) are reliability (checksums and self-healing) and portability (no other modern filesystem can be read and written on Linux, FreeBSD, Windows, and macOS). Snapshots (\"boot environments\") are also supported by Btrfs (my Linux installations use that so I don't have to worry about having the 3rd party kernel module to read my rootfs). Performance isn't that great either and, assuming Linux, XFS is a better choice if that is your main concern. reply Mashimo 9 hours agoparentprevIt's relatively easy, and yet powerful. Before that I had MDADM + LVM + dm-crypt + ext4, which also worked but all the layers got me into a headache. Automated snapshots are super easy and fast. Also easy to access if you deleted a file, you don't have to restore the whole snapshot, you can just cp from the hidden .zfs/ folder. I run it on 6x 8TB disk for a couple of years now. I run it in a raidz2, which means up to 2 disk can die. Would I use it on a single disk on a Desktop? Probably not. reply redundantly 9 hours agorootparent> Would I use it on a single disk on a Desktop? Probably not. I do. Snapshots and replication and checksumming are awesome. reply klauserc 4 hours agoparentprevI use it on my work laptop. Reasons: - a single solution that covers the entire storage domain (I don't have to learn multiple layers, like logical volume manager vs. ext4 vs. physical partitions) - cheap/free snapshots. I have been glad to have been able to revert individual files or entire file systems to an earlier state. E.g., create a snapshot before doing a major distro update. - easy to configure/well documented Like others have said, at this point I would need a good reason, NOT to use ZFS on a system. reply lutorm 10 hours agoparentprevApart from just peace of mind from bitrot, I use it for the snapshotting capability which makes it super easy to do backups. You can snapshot and send the snapshots to other storage with e.g zfs-autobackup and it's trivial and you can't screw it up. If the snapshots exist on the other drive, you know you have a backup. reply PaulKeeble 6 hours agoparentprevI have a home built NAS that uses ZFS for the storage array and the checksumming has been really quite useful in detecting and correcting bit rot. In the past I used MDADM and EXT over the top and that worked but it didn't defend against bit rot. I have considered BTRFS since it would get me the same checksumming without the rest of ZFS but its not considered reliable for systems with parity yet (although now I think it likely is more than reliable enough now). I do occasionally use snapshots and the compression feature is handy on quite a lot of my data set but I don't use the user and group limitations or remote send and receive etc. ZFS does a lot more than I need but it also works really well and I wouldn't move away from a checksumming filesystem now. reply mshroyer 5 hours agoparentprevI use it on a NAS for: - Confidence in my long-term storage of some data I care about, as zpool scrub protects against bit rot - Cheap snapshots that provide both easy checkpoints for work saved to my network share, and resilience against ransomware attacks against my other computers' backups to my NAS - Easy and efficient (zfs send) replication to external hard drives for storage pool backup - Built-in and ergonomic encryption And it's really pretty easy to use. I started with FreeNAS (now TrueNAS), but eventually switched to just running FreeBSD + ZFS + Samba on my file server because it's not that complicated. reply tbrownaw 5 hours agoparentprev> describe why they would use ZFS (or similar) for home usage Mostly because it's there, but also the snapshots have a `diff` feature that's occasionally useful. reply NamTaf 7 hours agoparentprevI used it on my home NAS (4x3TB drives, holding all of my family's backups, etc.) for the data security / checksumming features. IMO it's performant, robust and well-designed in ways that give me reassurance regarding data integrity and help prevent me shooting myself in the foot. reply nesarkvechnep 9 hours agoparentprevI'm trying to find a reason not to use ZFS at home. reply dizhn 8 hours agorootparentRequirement for enterprise quality disks, huge RAM (1 gig per TB), ECC, at least x5 disks of redundancy. None of these are things, but people will try to educate you anyway. So use it but keep it to yourself. :) reply craftkiller 6 hours agorootparentNo need to keep it to yourself. As you've mentioned, all of these requirements are misinformation so you can ignore people who repeat them (or even better, tell them to stop spreading misinformation). For those not in the know: You don't need to use enterprise quality disks. There is nothing in the ZFS design that requires enterprise quality disks any more than any other file system. In fact, ZFS has saved my data through multiple consumer-grade HDD failures over the years thanks to raidz. The 1 gig per TB figure is ONLY for when using the ZFS dedup feature, which the ZFS dedup feature is widely regarded as a bad idea except in VERY specific use cases. 99.9% of ZFS users should not and will not use dedup and therefore they do not need ridiculous piles of ram. There is nothing in the design of ZFS any more dangerous to run without ECC than any other filesystem. ECC is a good idea regardless of filesystem but its certainly not a requirement. And you don't need x5 disks of redundancy. It runs great and has benefits even on single-disk systems like laptops. Naturally, having parity drives is better in case a drive fails but on single disk systems you still benefit from the checksumming, snapshotting, boot environments, transparent compression, incremental zfs send/recv, and cross-platform native encryption. reply bbatha 1 hour agorootparent> The 1 gig per TB figure is ONLY for when using the ZFS dedup feature, which the ZFS dedup feature is widely regarded as a bad idea except in VERY specific use cases. 99.9% of ZFS users should not and will not use dedup and therefore they do not need ridiculous piles of ram. You also really don't need a 1GB for RAM unless you have a very high write volume. YMMV but my experience is that its closer to 1GB for 10TB. reply tpetry 3 hours agorootparentprevThe interesting part about the enterprise quality disk misinformation is how so wrong it is. The core idea of ZFS was to detect issues when those drives or their drivers are faulty. And this was more happening with cheap non-enterprise disks at that time. reply zbentley 5 hours agoparentprevI use ZFS for boot and storage volumes on my main workstation, which is primarily that--a workstation, not a server or NAS. Some benefits: - Excellent filesystem level backup facility. I can transfer snapshots to a spare drive, or send/receive to a remote (at present a spare computer, but rsync.net looks better every year I have to fix up the spare). - Unlike other fs-level backup solutions, the flexibility of zvols means I can easily expand or shrink the scope of what's backed up. - It's incredibly easy to test (and restore) backups. Pointing my to-be-backed-up volume, or my backup volume, to a previous backup snapshot is instant, and provides a complete view of the filesystem at that point in time. No \"which files do you want to restore\" hassles or any of that, and then I can re-point back to latest and keep stacking backups. Only Time Machine has even approached that level of simplicity in my experience, and I have tried a lot of backup tools. In general, backup tools/workflows that uphold \"the test process is the restoration process, so we made the restoration process as easy and reversible as possible\" are the best ones. - Dedup occasionally comes in useful (if e.g. I'm messing around with copies of really large AI training datasets or many terabytes of media file organization work). It's RAM-expensive, yes, but what's often not mentioned is that you can turn it on and off for a volume--if you rewrite data. So if I'm looking ahead to a week of high-volume file wrangling, I can turn dedup on where I need it, start a snapshot-and-immediately-restore of my data (or if it's not that many files, just cp them back and forth), and by the next day or so it'll be ready. Turning it off when I'm done is even simpler. I imagine that the copy cost and unpredictable memory usage mean that this kind of \"toggled\" approach to dedup isn't that useful for folks driving servers with ZFS, but it's outstanding on a workstation. - Using ZFSBootMenu outside of my OS means I can be extremely cavalier with my boot volume. Not sure if an experimental kernel upgrade is going to wreck my graphics driver? Take a snapshot and try it! Not sure if a curlbash invocation from the internet is going to rm -rf /? Take a snapshot and try it! If my boot volume gets ruined, I can roll it back to a snapshot in the bootloader from outside of the OS. For extra paranoia I have a ZFSBootMenu EFI partition on a USB drive if I ever wreck the bootloader as well, but the odds are that if I ever break the system that bad the boot volume is damaged at the block level and can't restore local snapshots. In that case, I'd plug in the USB drive and restore a snapshot from the adjacent data volume, or my backup volume ... all without installing an OS or leaving the bootloader. The benefits of this to mental health are huge; I can tend towards a more \"college me\" approach to trying random shit from StackOverflow for tweaking my system without having to worry about \"adult professional me\" being concerned that I don't know what running some random garbage will do to my system. Being able to experiment first, and then learn what's really going on once I find what works, is very relieving and makes tinkering a much less fraught endeavor. - Being able to per-dataset enable/disable ARC and ZIL means that I can selectively make some actions really fast. My Steam games, for example, are in a high-ARC-bias dataset that starts prewarming (with throttled IO) in the background on boot. Game load times are extremely fast--sometimes at better than single-ext4-SSD levels--and I'm storing all my game installs on spinning rust for $35 (4x 500GB + 2x 32GB cheap SSD for cache)! reply zelcon 10 hours agoprevBeen running it since rc2. It’s insane how long this took to finally ship. reply abrookewood 7 hours agoprevCan someone provide details on this bit please? \"Direct IO: Allows bypassing the ARC for reads/writes, improving performance in scenarios like NVMe devices where caching may hinder efficiency\". ARC is based in RAM, so how could it reduce performance when used with NVMe devices? They are fast, but they aren't RAM-fast ... reply nolist_policy 7 hours agoparentBecause with a (ARC) cache you have to copy from the app to the cache and then dma to disk. With direct io you can dma directly from the app ram to the disk. reply philjohn 7 hours agoparentprevYes - interested in this too. Is this for both ARC and L2ARC, or just L2ARC? reply happosai 8 hours agoprevThe annual reminder that if Oracle wanted to contribute positively to the Linux ecosystem, they would update the CDDL license ZFS uses to GPL compatible. reply ryao 8 hours agoparentThis is the annual reply that Oracle cannot change the OpenZFS license because OpenZFS contributors removed the “or any later version” part of the license from their contributions. By the way, comments such as yours seem to assume that Oracle is somehow involved with OpenZFS. Oracle has no connection with OpenZFS outside of owning copyright on the original OpenSolaris sources and a few tiny commits their employees contributed before Oracle purchased Sun. Oracle has its own internal ZFS fork and they have zero interest in bringing it to Linux. They want people to either go on their cloud or buy this: https://www.oracle.com/storage/nas/ reply jeroenhd 7 hours agorootparentIs there a reason the OpenZFS contributors don't want to dual-license their code? I'm not too familiar with the CDDL but I'm not sure what advantage it brings to an open source project compared to something like GPL? Having to deal with DKMS is one of the reasons why I'm sticking with BTRFS for doing ZFS-like stuff. reply ryao 7 hours agorootparentThe OpenZFS code is based on the original OpenSolaris code, and the license used is the CDDL because that is what OpenSolaris used. Dual licensing that requires the current OpenSolaris copyright holder to agree. That is unlikely without writing a very big check. Further speculation is not a productive thing to do, but since I know a number of people assume that OpenSolaris copyright holder is the only one preventing this, let me preemptively say that it is not so simple. Different groups have different preferred licenses. Some groups cannot stand certain licenses. Other groups might detest the idea of dual licensing in general since it causes community fragmentation whenever contributors decide to publish changes only under 1 of the 2 licenses. The CDDL was designed to ensure that if Sun Microsystems were acquired by a company hostile to OSS, people could still use Sun’s open source software. In particular, the CDDL has an explicit software patent grant. Some consider that to have been invaluable in preempting lawsuits from a certain company that would rather have ZFS be closed source software. reply MauritsVB 7 hours agoparentprevOracle changing the license would not make a huge difference to OpenZFS. Oracle only owns the copyright to the original Sun Microsystems code. It doesn’t apply to all ZFS implementations (probably not OracleZFS, perhaps not IllumosZFS) but in the specific case of OpenZFS the majority of the code is no longer Sun code. Don’t forget that SunZFS was open sourced in 2005 before Oracle bought Sun Microsystems in 2009. Oracle have created their own closed source version of ZFS but outside some Oracle shops nobody uses it (some people say Oracle has stopped working on OracleZFS all together some time ago). Considering the forks (first from Sun to the various open source implementations and later the fork from open source into Oracle's closed source version) were such a long time ago, there is not that much original code left. A lot of storage tech, or even entire storage concepts, did not exist when Sun open sourced ZFS. Various ZFS implementations developed their own support for TRIM, or Sequential Resilvering, or Zstd compression, or Persistent L2ARC, or Native ZFS Encryption, or Fusion Pools, or Allocation Classes, or dRAID, or RAIDZ expansion long after 2005. That's is why the majority of the code in OpenZFS 2 is from long after the fork from Sun code twenty years ago. Modern OpenZFS contains new code contributions from Nexenta Systems, Delphix, Intel, iXsystems, Datto, Klara Systems and a whole bunch of other companies that have voluntarily offered their code when most of the non-Oracle ZFS implementations merged to become OpenZFS 2.0. If you'd want to relicense OpenZFS you could get Oracle to agree for the bit under Sun copyright but for the majority of the code you'd have to get a dozen or so companies to agree to relicensing their contributions (probably not that hard) and many hundreds of individual contributors over two decades (a big task and probably not worth it). reply abrookewood 7 hours agoparentprevThe only thing Oracle wants to \"contribute positively to\" is Larry's next yacht. reply senectus1 10 hours agoprevWould love to use ZFS, but unfortunately Fedora just cant keep up with it... reply kawsper 9 hours agoparentNot sure if it helps you at all, but I have a simple Ruby script that I use to build kernels on Fedora with a specified ZFS version. https://github.com/kaspergrubbe/fedora-kernel-compilation/bl... It builds on top of the exploded fedora kernel tree, adds zfs and spits out a .rpm that you can install with rpm -ivh. It doesn't play well with dkms because it tries to interfere, so I disable it on my system. reply _factor 6 hours agorootparentI could never getting working on rpm-ostree distros. reply klauserc 4 hours agoparentprevI've been running Fedora on top of the excellent ZFSBootMenu[1] for about a year. You need to pay attention to the kernel versions supported by OpenZFS and might have to wait for support for a couple of weeks. The setup works fine otherwise. [1] https://docs.zfsbootmenu.org reply vedranm 10 hours agoparentprevIf you delay upgrading the kernel on occasions, it is more or less fine. reply bitmagier 5 hours agoprev [–] Marvelous! reply GuidelinesFAQListsAPISecurityLegalApply to YCContact Search:", + "originSummary": [ + "OpenZFS 2.3.0 has been released, introducing significant features such as RAIDZ Expansion, Fast Deduplication, Direct Input/Output, JSON output, and support for long file names. - The release includes essential bug fixes and performance enhancements, compatible with Linux kernels 4.18 - 6.12 and FreeBSD versions 13.3, 14.0 - 14.2. - The update is a collaborative effort from 134 contributors, with comprehensive documentation and a change log available for review." + ], + "commentSummary": [ + "ZFS 2.3 has been released, introducing features like RAIDZ expansion, fast deduplication, direct IO, JSON output, and support for long file names. - RAIDZ expansion is particularly notable as it allows users to add new devices to an existing RAIDZ pool without downtime, enhancing storage capacity. - The release is considered a significant advancement for ZFS users, drawing comparisons with other filesystems like Btrfs and Windows Storage Spaces, despite some limitations like the inability to shrink pools." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Alpine,Ubuntu,Fedora,and Arch containers containing full desktop envs", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "linuxserver/webtop¶ Webtop - Alpine, Ubuntu, Fedora, and Arch based containers containing full desktop environments in officially supported flavors accessible via any modern web browser. Supported Architectures¶ We utilise the docker manifest for multi-platform awareness. More information is available from docker here and our announcement here. Simply pulling lscr.io/linuxserver/webtop:latest should retrieve the correct image for your arch, but you can also pull specific arch images via tags. The architectures supported by this image are: Architecture Available Tag x86-64 ✅ amd64- arm64 ✅ arm64v8- armhf ❌Version Tags¶ This image provides various versions that are available via tags. Please read the descriptions carefully and exercise caution when using unstable or development tags. Tag Available Description latest ✅ XFCE Alpine ubuntu-xfce ✅ XFCE Ubuntu fedora-xfce ✅ XFCE Fedora arch-xfce ✅ XFCE Arch debian-xfce ✅ XFCE Debian alpine-kde ✅ KDE Alpine ubuntu-kde ✅ KDE Ubuntu fedora-kde ✅ KDE Fedora arch-kde ✅ KDE Arch debian-kde ✅ KDE Debian alpine-mate ✅ MATE Alpine ubuntu-mate ✅ MATE Ubuntu fedora-mate ✅ MATE Fedora arch-mate ✅ MATE Arch debian-mate ✅ MATE Debian alpine-i3 ✅ i3 Alpine ubuntu-i3 ✅ i3 Ubuntu fedora-i3 ✅ i3 Fedora arch-i3 ✅ i3 Arch debian-i3 ✅ i3 Debian alpine-openbox ✅ Openbox Alpine ubuntu-openbox ✅ Openbox Ubuntu fedora-openbox ✅ Openbox Fedora arch-openbox ✅ Openbox Arch debian-openbox ✅ Openbox Debian alpine-icewm ✅ IceWM Alpine ubuntu-icewm ✅ IceWM Ubuntu fedora-icewm ✅ IceWM Fedora arch-icewm ✅ IceWM Arch debian-icewm ✅ IceWM Debian Application Setup¶ The Webtop can be accessed at: http://yourhost:3000/ https://yourhost:3001/ Modern GUI desktop apps have issues with the latest Docker and syscall compatibility, you can use Docker with the --security-opt seccomp=unconfined setting to allow these syscalls on hosts with older Kernels or libseccomp Security¶ Warning Do not put this on the Internet if you do not know what you are doing. By default this container has no authentication and the optional environment variables CUSTOM_USER and PASSWORD to enable basic http auth via the embedded NGINX server should only be used to locally secure the container from unwanted access on a local network. If exposing this to the Internet we recommend putting it behind a reverse proxy, such as SWAG, and ensuring a secure authentication solution is in place. From the web interface a terminal can be launched and it is configured for passwordless sudo, so anyone with access to it can install and run whatever they want along with probing your local network. Options in all KasmVNC based GUI containers¶ This container is based on Docker Baseimage KasmVNC which means there are additional environment variables and run configurations to enable or disable specific functionality. Optional environment variables¶ Variable Description CUSTOM_PORT Internal port the container listens on for http if it needs to be swapped from the default 3000. CUSTOM_HTTPS_PORT Internal port the container listens on for https if it needs to be swapped from the default 3001. CUSTOM_USER HTTP Basic auth username, abc is default. PASSWORD HTTP Basic auth password, abc is default. If unset there will be no auth SUBFOLDER Subfolder for the application if running a subfolder reverse proxy, need both slashes IE /subfolder/ TITLE The page title displayed on the web browser, default \"KasmVNC Client\". FM_HOME This is the home directory (landing) for the file manager, default \"/config\". START_DOCKER If set to false a container with privilege will not automatically start the DinD Docker setup. DRINODE If mounting in /dev/dri for DRI3 GPU Acceleration allows you to specify the device to use IE /dev/dri/renderD128 DISABLE_IPV6 If set to true or any value this will disable IPv6 LC_ALL Set the Language for the container to run as IE fr_FR.UTF-8 ar_AE.UTF-8 NO_DECOR If set the application will run without window borders in openbox for use as a PWA. NO_FULL Do not autmatically fullscreen applications when using openbox. Optional run configurations¶ Variable Description --privileged Will start a Docker in Docker (DinD) setup inside the container to use docker in an isolated environment. For increased performance mount the Docker directory inside the container to the host IE -v /home/user/docker-data:/var/lib/docker. -v /var/run/docker.sock:/var/run/docker.sock Mount in the host level Docker socket to either interact with it via CLI or use Docker enabled applications. --device /dev/dri:/dev/dri Mount a GPU into the container, this can be used in conjunction with the DRINODE environment variable to leverage a host video card for GPU accelerated applications. Only Open Source drivers are supported IE (Intel,AMDGPU,Radeon,ATI,Nouveau) Language Support - Internationalization¶ The environment variable LC_ALL can be used to start this container in a different language than English simply pass for example to launch the Desktop session in French LC_ALL=fr_FR.UTF-8. Some languages like Chinese, Japanese, or Korean will be missing fonts needed to render properly known as cjk fonts, but others may exist and not be installed inside the container depending on what underlying distribution you are running. We only ensure fonts for Latin characters are present. Fonts can be installed with a mod on startup. To install cjk fonts on startup as an example pass the environment variables (Alpine base): -e DOCKER_MODS=linuxserver/mods:universal-package-install -e INSTALL_PACKAGES=font-noto-cjk -e LC_ALL=zh_CN.UTF-8 The web interface has the option for \"IME Input Mode\" in Settings which will allow non english characters to be used from a non en_US keyboard on the client. Once enabled it will perform the same as a local Linux installation set to your locale. DRI3 GPU Acceleration (KasmVNC interface)¶ For accelerated apps or games, render devices can be mounted into the container and leveraged by applications using: --device /dev/dri:/dev/dri This feature only supports Open Source GPU drivers: Driver Description Intel i965 and i915 drivers for Intel iGPU chipsets AMD AMDGPU, Radeon, and ATI drivers for AMD dedicated or APU chipsets NVIDIA nouveau2 drivers only, closed source NVIDIA drivers lack DRI3 support The DRINODE environment variable can be used to point to a specific GPU. Up to date information can be found here Nvidia GPU Support (KasmVNC interface)¶ Nvidia support is not compatible with Alpine based images as Alpine lacks Nvidia drivers Nvidia support is available by leveraging Zink for OpenGL support. This can be enabled with the following run flags: Variable Description --gpus all This can be filtered down but for most setups this will pass the one Nvidia GPU on the system --runtime nvidia Specify the Nvidia runtime which mounts drivers and tools in from the host The compose syntax is slightly different for this as you will need to set nvidia as the default runtime: sudo nvidia-ctk runtime configure --runtime=docker --set-as-default sudo service docker restart And to assign the GPU in compose: services: webtop: image: lscr.io/linuxserver/webtop:latest deploy: resources: reservations: devices: - driver: nvidia count: 1 capabilities: [compute,video,graphics,utility] Application management¶ PRoot Apps¶ If you run system native installations of software IE sudo apt-get install filezilla and then upgrade or destroy/re-create the container that software will be removed and the container will be at a clean state. For some users that will be acceptable and they can update their system packages as well using system native commands like apt-get upgrade. If you want Docker to handle upgrading the container and retain your applications and settings we have created proot-apps which allow portable applications to be installed to persistent storage in the user's $HOME directory and they will work in a confined Docker environment out of the box. These applications and their settings will persist upgrades of the base container and can be mounted into different flavors of KasmVNC based containers on the fly. This can be achieved from the command line with: proot-apps install filezilla PRoot Apps is included in all KasmVNC based containers, a list of linuxserver.io supported applications is located HERE. Native Apps¶ It is possible to install extra packages during container start using universal-package-install. It might increase starting time significantly. PRoot is preferred. environment: - DOCKER_MODS=linuxserver/mods:universal-package-install - INSTALL_PACKAGES=libfuse2|git|gdb Usage¶ To help you get started creating a container from this image you can either use docker-compose or the docker cli. Info Unless a parameter is flaged as 'optional', it is mandatory and a value must be provided. docker-compose (recommended, click here for more info)¶ --- services: webtop: image: lscr.io/linuxserver/webtop:latest container_name: webtop security_opt: - seccomp:unconfined #optional environment: - PUID=1000 - PGID=1000 - TZ=Etc/UTC - SUBFOLDER=/ #optional - TITLE=Webtop #optional volumes: - /path/to/data:/config - /var/run/docker.sock:/var/run/docker.sock #optional ports: - 3000:3000 - 3001:3001 devices: - /dev/dri:/dev/dri #optional shm_size: \"1gb\" #optional restart: unless-stopped docker cli (click here for more info)¶ docker run -d \\ --name=webtop \\ --security-opt seccomp=unconfined `#optional` \\ -e PUID=1000 \\ -e PGID=1000 \\ -e TZ=Etc/UTC \\ -e SUBFOLDER=/ `#optional` \\ -e TITLE=Webtop `#optional` \\ -p 3000:3000 \\ -p 3001:3001 \\ -v /path/to/data:/config \\ -v /var/run/docker.sock:/var/run/docker.sock `#optional` \\ --device /dev/dri:/dev/dri `#optional` \\ --shm-size=\"1gb\" `#optional` \\ --restart unless-stopped \\ lscr.io/linuxserver/webtop:latest Parameters¶ Containers are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate : respectively. For example, -p 8080:80 would expose port 80 from inside the container to be accessible from the host's IP on port 8080 outside the container. Ports (-p)¶ Parameter Function 3000:3000 Web Desktop GUI 3001:3001 Web Desktop GUI HTTPS Environment Variables (-e)¶ Env Function PUID=1000 for UserID - see below for explanation PGID=1000 for GroupID - see below for explanation TZ=Etc/UTC specify a timezone to use, see this list. SUBFOLDER=/ Specify a subfolder to use with reverse proxies, IE /subfolder/ TITLE=Webtop String which will be used as page/tab title in the web browser. Volume Mappings (-v)¶ Volume Function /config abc users home directory /var/run/docker.sock Docker Socket on the system, if you want to use Docker in the container Device Mappings (--device)¶ Parameter Function /dev/dri Add this for GL support (Linux hosts only) Miscellaneous Options¶ Parameter Function --shm-size= We set this to 1 gig to prevent modern web browsers from crashing --security-opt seccomp=unconfined For Docker Engine only, many modern gui apps need this to function on older hosts as syscalls are unknown to Docker. Environment variables from files (Docker secrets)¶ You can set any environment variable from a file by using a special prepend FILE__. As an example: -e FILE__MYVAR=/run/secrets/mysecretvariable Will set the environment variable MYVAR based on the contents of the /run/secrets/mysecretvariable file. Umask for running applications¶ For all of our images we provide the ability to override the default umask settings for services started within the containers using the optional -e UMASK=022 setting. Keep in mind umask is not chmod it subtracts from permissions based on it's value it does not add. Please read up here before asking for support. User / Group Identifiers¶ When using volumes (-v flags), permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user PUID and group PGID. Ensure any volume directories on the host are owned by the same user you specify and any permissions issues will vanish like magic. In this instance PUID=1000 and PGID=1000, to find yours use id your_user as below: id your_user Example output: uid=1000(your_user) gid=1000(your_user) groups=1000(your_user) Docker Mods¶ We publish various Docker Mods to enable additional functionality within the containers. The list of Mods available for this image (if any) as well as universal mods that can be applied to any one of our images can be accessed via the dynamic badges above. Support Info¶ Shell access whilst the container is running: docker exec -it webtop /bin/bash To monitor the logs of the container in realtime: docker logs -f webtop Container version number: docker inspect -f '{{ index .Config.Labels \"build_version\" }}' webtop Image version number: docker inspect -f '{{ index .Config.Labels \"build_version\" }}' lscr.io/linuxserver/webtop:latest Updating Info¶ Most of our images are static, versioned, and require an image update and container recreation to update the app inside. With some exceptions (noted in the relevant readme.md), we do not recommend or support updating apps inside the container. Please consult the Application Setup section above to see if it is recommended for the image. Below are the instructions for updating containers: Via Docker Compose¶ Update images: All images: docker-compose pull Single image: docker-compose pull webtop Update containers: All containers: docker-compose up -d Single container: docker-compose up -d webtop You can also remove the old dangling images: docker image prune Via Docker Run¶ Update the image: docker pull lscr.io/linuxserver/webtop:latest Stop the running container: docker stop webtop Delete the container: docker rm webtop Recreate a new container with the same docker run parameters as instructed above (if mapped correctly to a host folder, your /config folder and settings will be preserved) You can also remove the old dangling images: docker image prune Image Update Notifications - Diun (Docker Image Update Notifier)¶ Tip We recommend Diun for update notifications. Other tools that automatically update containers unattended are not recommended or supported. Building locally¶ If you want to make local modifications to these images for development purposes or just to customize the logic: git clone https://github.com/linuxserver/docker-webtop.git cd docker-webtop docker build \\ --no-cache \\ --pull \\ -t lscr.io/linuxserver/webtop:latest . The ARM variants can be built on x86_64 hardware and vice versa using lscr.io/linuxserver/qemu-static docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset Once registered you can define the dockerfile to use with -f Dockerfile.aarch64. To help with development, we generate this dependency graph. Init dependency graph Versions¶ 10.01.25: - Rebase Fedora to 41. 06.12.24: - Rebase Alpine to 3.21. 26.09.24: - Swap from firefox to chromium on Alpine images. 23.05.24: - Rebase Alpine to 3.20, document Nvidia support. 22.04.24: - Rebase Ubuntu to Noble. 16.04.24: - Add docs on PRoot Apps. 14.04.24: - Rebase Fedora to 40. 11.02.24: - Add PWA icons and title variants properly. 06.02.24: - Update Readme about native language support. 29.12.23: - Rebase Alpine to 3.19 and swap back to Firefox. 07.11.23: - Rebase Fedora to 39. 14.06.23: - Rebase to Debian Bookworm. 13.05.23: - Rebase to Alpine 3.18 and Fedora 38. 23.03.23: - Rebase all Webtops to KasmVNC base image. 21.10.22: - Rebase xfce to Alpine 3.16, migrate to s6v3. 12.03.22: - Add documentation for mounting in a GPU. 05.02.22: - Rebase KDE Ubuntu to Jammy, add new documentation for updated gclient, stop recommending priv mode. 21.09.21: - Add Fedora and Arch images, show seccomp settings in readme. 26.09.21: - Rebase to Alpine versions to 3.14. 20.04.21: - Initial release. January 10, 2025 February 7, 2019", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "Webtop – Alpine,Ubuntu,Fedora,and Arch containers containing full desktop envs (linuxserver.io)297 points by weitzj 19 hours agohidepastfavorite57 comments windexh8er 15 hours agoI've been using the LSIO Webtop images for a few years. They're awesome for composable desktops that I run behind a VPN for a quick and easy dirty connection at home. Combine the Webtop images by forcing it's traffic through the Gluetun [0] container and you're up and running. These Webtop containers are nice and snappy as well thanks to Kasm. Awesome OSS. [0] https://github.com/qdm12/gluetun reply Havoc 8 hours agoparentThis is me being rather lazy admittedly, but do you have a compose/similar for connecting them by chance? reply windexh8er 4 hours agorootparentBasically the same, but a bit more complete in terms of the exposed config: https://pastebin.com/hPvs08qh reply usagisushi 5 hours agorootparentprevHere it is https://pastebin.com/64825QxC reply yonatan8070 13 hours agoparentprevCould one build off this to run the desktops on the local host's display? I.e. as an IoT device with a display and some custom UI? reply chrisweekly 17 hours agoprev> \"Warning Do not put this on the Internet if you do not know what you are doing. By default this container has no authentication and the optional environment variables CUSTOM_USER and PASSWORD to enable basic http auth via the embedded NGINX server should only be used to locally secure the container from unwanted access on a local network. If exposing this to the Internet we recommend putting it behind a reverse proxy, such as SWAG, and ensuring a secure authentication solution is in place. From the web interface a terminal can be launched and it is configured for passwordless sudo, so anyone with access to it can install and run whatever they want along with probing your local network.\" I hope everyone intrigued by this interesting and potentially very useful project takes heed of this warning. reply satertek 17 hours agoparentThat warning applies to anything you run locally. And going further, in this day and age, I would never put up any home service without it being behind Cloudflare Access or some form of wireguard tunnel. reply Timber-6539 12 hours agorootparentJust put up basic auth infront of your services and be done with it. reply KronisLV 10 hours agorootparentI've done that in the past, even for securing the admin pages of some software (there was once an issue where the admin page auth could be bypassed, this essentially adds another layer). With TLS it's okay for getting something up and running quickly. Of course, for the things that matter a bit more, you can also run your own CA and do mTLS, even without any of the other fancy cloud services. reply jazzyjackson 5 hours agorootparentAfter coming across a brief tutorial of mTLS in this tool for locking down access to my family photo sharing [0] I have bounced around the internet following various guides but haven't ended up with a pfx file that I can install in a browser. Can you recommend any resource to understand which keys sign what, and what a client certificate is verified against? The guides I find often contain the openssl incantations with little explanation so I feel a bit like stumbling through the dark. I realize how much I've taken stacktraces for granted when this auth stuff is very \"do or do not, there is no error\" [0] https://github.com/alangrainger/immich-public-proxy/blob/mai... reply baq 8 hours agorootparentprevthe fact that we have to keep reinventing kerberos all the time because it doesn't speak http is starting to legitimately annoy me. reply rlkf 7 hours agorootparentFirefox can be configured to use Kerberos for authentication (search for \"Configuring Firefox to use Kerberos for SSO\"); on Windows, Chrome is supposed to do so too by adding the domain as an intranet zone. reply j16sdiz 6 hours agorootparentprevHTTP auth can work with kerberos. Chrome, Firefox, Internet Explorer -- all support some form of kerberos auth in HTTP/HTTPS. reply baq 6 hours agorootparentI mean, I'm aware of SPNEGO etc. It's just that it was... ignored(?) by the startups/the community/google? Whatever little support there is is comparatively a worse experience than what we've got now for no really good reason. reply mschuster91 2 hours agorootparentKerberos is old neckbeard tech, highly complex to set up, with layers upon layers of legacy garbage. Trying to get it working is ... a nightmare, I prefer even the garbagefest that is Keycloak over dealing with Kerberos. At least that just requires somewhat working DNS and doesn't barf when encountering VPNs, split horizon DNS or split tunnels. The only places I've seen a working Kerberos setup outside of homelabs is universities (who can just throw endless amounts of free student labor power onto solving any IT problem) and large governments and international megacorps. reply mschuster91 3 hours agorootparentprevGood luck when the TCP or SSL stack has an issue. These bugs are rare but they do exist and you're getting fucked royally if your entire perimeter defense was a basic auth prompt. Windows and Linux have both had their fair share of network stack bugs, OpenSSL had Heartbleed and a few other bugs, and hell you might even run into bugs in Apache or whatever other webserver you are using. reply gbraad 2 hours agoparentprevI created personalized image with tailscale and kasmvnc for this particular reason, ... not on a public VPS. you can find images on my github as inspiration; do not directly copy unless you understand what you are doing. reply hifikuno 17 hours agoparentprevYeah, I made a mistake with my config. I had setup SWAG, with Authelia (i think?). Got password login working with 2fa. But my dumbass didn't realize I had left ports open. Logged in one day to find a terminal open with a message from someone who found my instance and got in. Called me stupid (I mean they're not wrong) and all kinds of things and deleted everything from my home drive to \"teach me a lesson\". Lesson painfully learnt. But before that happened Webtop was amazing! I had Obsidian setup so I could have access on any computer. It felt great having \"my\" computer anywhere I went. The only reason I don't have it set up is because I made the mistake of closing my free teir oracle cloud thinking I could spin up a fresh new instance and since then I haven't been able to get the free teir again. reply elashri 15 hours agorootparent> The only reason I don't have it set up is because I made the mistake of closing my free teir oracle cloud thinking I could spin up a fresh new instance and since then I haven't been able to get the free teir again. People are automating the process of requesting new arm instances on free tier [1]. You would find it near impossible to compete without playing same game [1] https://github.com/mohankumarpaluru/oracle-freetier-instance... reply 7thpower 14 hours agorootparentWell, I know what I’m doing tomorrow when I get up. reply Maakuth 12 hours agorootparentprevThere are operations that put cryptominers into any unauthenticated remote desktops they can find. Ask me how I know... Way friendlier than wiping your data though. reply unixhero 9 hours agorootparentThere are groups of people who hunt for writeable ftp servers to be used for random filesharing. At least this used to be a thing reply dspillett 8 hours agorootparentprev> Lesson painfully learnt. There are actually two lessons there: 1. Be careful what you open to the public internet, including testing to make sure you aren't accidentally leaving open defaults as they are. 2. Backups. Set them up, test them, make sure someone successfully gaining access to the source box(es) can't from there wipe all the backups. reply doubled112 4 hours agorootparentAn offline backup is incredibly inconvenient, but also very effective against shenanigans like these. Also agree that backups should be \"pulled\" with no way to access them from the machine being backed up. reply dspillett 42 minutes agorootparentI use a soft-offline backup for most things: sources push to an intermediate, backups pull from the intermediate, neither source not backup can touch each other directly. Automated testing for older snapshots is done by verifying checksums made at backup time, and for the latest by pushing fresh checksums from both ends to the middle for comparison (anything with a timestamp older than last backup that differs in checksum indicates an error on one side or the other, or perhaps the intermediate, that needs investigating, as does any file with a timestamp that differs more than the inter-backup gap, or something that unexpectedly doesn't exist in the backup). I have a real offline backups for a few key bits of data (my main keepass file, encryption & auth details for the backup hosts & process as they don't want to exist in the main backup (that would create a potential hole in the source/backup separation), etc.). reply nsteel 10 hours agorootparentprevBut you can have Obsidian access from any device already if you easily setup syncing using the official method (and support the project by doing so) or one of the community plugins. Doing it this normal way avoids opening up a massive security hole too. reply jazzyjackson 5 hours agorootparent* any device you have admin rights to install software on, they are talking about being able to log in from any computer, not just their own It surprises and annoys me that obsidian, logseq, etc don't have self hosted web front ends available. I think logseq will once they wrap up the db fork, and maybe someday we'll have nuclear fusion powerplants too. reply 7bit 17 hours agorootparentprev> deleted everything from my home drive to \"teach me a lesson\". Lesson painfully learnt. I had a mentor in my teenage year that was the same kind of person. To this day the only meaningful memory I have of him is that he was an asshole. You can teach a lesson and be empathetic towards people that make mistakes. You don't have to be an asshole. reply Dalewyn 16 hours agorootparentThe lessons we learn best are those which we are emotionally invested in and sometimes that emotion can be negative, but a lesson will be learned regardless. reply ano-ther 7 hours agorootparentSure. But you don’t have to deliberately destroy all data and be mean about it as in GP‘s case to get an emotional reaction. reply jillyboel 3 hours agorootparentprevNo backups? reply fulafel 14 hours agoparentprevAlso note that their example docker config will allow anyone from the internet to connect, and even add a incoming rule in your host firewall to allow it. This is because they don't specify the port like -p 127.0.0.1:hostport:containerport (or the analog in the docker-compose config). reply asyx 5 hours agoparentprevNo they won’t. Octoprint (3d printing server) had a similar warning but they had to introduce actual user accounts to secure the system because people ignored it. reply macinjosh 4 hours agoparentprevIf a good password is used HTTP basic auth is plenty secure over HTTPS so that everything is encrypted. reply bo0tzz 7 hours agoprevMy pipedream is to have a containerized desktop environment like this that outputs directly to a physical monitor over HDMI/DP without needing an X server on the host machine. So far I haven't found any clear answers on whether that's possible at all. reply jazzyjackson 4 hours agoparentI feel I've been nerdsniped or, some other term for your quest being contagious, I also now need to know if this is possible I found a thread from someone who seems to know what they're talking about saying it's not going to happen \"on your hardware\", but doesn't mention what hardware might be required https://forum.level1techs.com/t/can-intel-integrated-gpu-out... Edit actually reading that link again it sounds like a USB adapter worked right away as a monitor for the VM and the OP is asking how to prevent this ! So seems you just need to enable GPU passthrough, and a USB HDMI will appear to your VM ? Will have to try this later today reply chromakode 10 hours agoprevSelkies[1] is another interesting project in this space. It uses webrtc for low latency streaming and remote desktop suitable for gaming in the browser. [1]: https://selkies-project.github.io/selkies-gstreamer/ reply mch82 11 hours agoprevSince the website doesn’t have pictures or videos… Is “webtop” a way to package GUI desktop apps in a Docker container so that the only dependencies to run the app are Docker Desktop and a web browser? reply weitzj 11 hours agoparentYes. From the documentation there are some Screenshots and this is possible. Like starting a standalone Firefox browser inside docker desktop and accessing it via a browser vnc session. But you get to control the keyboard/clipboard and it can add apparently watermarks to the vnc session for DLP functionality and you have a web http to take screenshots of your vnc sessions. reply ctm92 11 hours agoprevKasm [1] also has ready-to-use images that work similar. They are also customizable to contain own applications or configuration. Intended to be used with their Kasm Workspaces solution, but they also work standalone just fine. [1] https://hub.docker.com/u/kasmweb reply NKosmatos 11 hours agoparentThanks for this, they have many images with an online working demo for 3 minutes to try it out. For sure I'm going to have another look at Kasm. reply ctm92 10 hours agorootparentTheir GitHub repo [1] has also skeleton dockerfiles that are annotated with comments on where you have to put your customizations, quite cool [1] https://github.com/kasmtech/workspaces-images reply mopoke 8 hours agoprevAnd, of course, I decided to see what happened if I fired up firefox in webtop and loaded webtop in it. Oops. reply Dansvidania 7 hours agoparentseems only natural, I sympathize reply iddan 9 hours agoprevBack when I was in middle school in Israel the system used for communication between teachers students and parents was called Webtop. They actually went all the way to implement OS desktop experience in the browser (this is long long ago) it was very silly but cute reply euph0ria 7 hours agoprevWhat are some use cases for this? reply hugs 3 hours agoparentsoftware testing. it's always software testing. reply dymk 13 hours agoprevWe had an application that had quite the complex build process, and targeted only macOS and Linux. The mechanical engineers all used Windows, and needed to use the application. Rather than buying them macbooks or having them manage a Linux box, I wound up building something like Webtop with webvnc, and deployed containers to google cloud. Engineers could go to a URL and access the application, no need to download or install anything. It worked pretty well, all things considered. reply mhitza 17 hours agoprevAnyone have more info on this? Does it run systemd in those containers (I didn't see any systemd specific mounts). This would be interesting to try out, as docker (via compose) is a bit easier to manage than - for example - VMs with virt-manager/cockpit-machines. reply r3c0nc1l3r 15 hours agoparentNo systemd, these just start a shell script on init that launches the WM. They're based around the open-source component of this product: https://www.kasmweb.com/docs/latest/index.html I find that they are slightly more sluggish than Moonlight/Sunshine for remote streaming, but generally faster/better than x11vnc. Not quite good enough for gaming yet, but plenty for web browsing, Blender, etc. reply Jnr 5 hours agoprevHow come Gnome is not there? reply doubled112 11 minutes agoparentWhile I've never used GNOME inside a KasmVNC session, it used to feel slow on reasonably powerful machines in an Xrdp session. That'd be my first guess. reply fosron 17 hours agoprevWhy did i have to find this at 3AM. Thanks though. reply ranger_danger 14 hours agoprevLooks very similar to neko: https://neko.m1k1o.net reply imran9m 16 hours agoprevNice. Finally easy way to test them!! reply bitsandbooks 5 hours agoprevSee also: the RDP version. https://docs.linuxserver.io/images/docker-rdesktop/ reply deelowe 16 hours agoprev [–] I was just looking for something like this. Awesome! reply GuidelinesFAQListsAPISecurityLegalApply to YCContact Search:", + "originSummary": [ + "Linuxserver/webtop provides containers based on Alpine, Ubuntu, Fedora, and Arch with full desktop environments accessible through web browsers, supporting both x86-64 and arm64 architectures.", + "Users can select from various desktop environments such as XFCE, KDE, MATE, i3, Openbox, and IceWM by using specific image tags, and access the Webtop via designated URLs.", + "Security features include Docker's seccomp option and authentication setup, with customization options available through environment variables, and support for GPU acceleration with open-source drivers." + ], + "commentSummary": [ + "Webtop provides containers with full desktop environments for Alpine, Ubuntu, Fedora, and Arch, suitable for quick setups behind a VPN.", + "Users commend Webtop for its speed and ease of use, particularly when used with the Gluetun container for secure connections, but caution against exposing containers to the internet without security measures due to lack of default authentication.", + "The project is valued for being open-source and flexible, with users sharing configurations, and alternatives like Kasm and Selkies are noted for similar purposes." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 in 5 online job postings are either fake or never filled, study finds", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "1 in 5 Online Job Postings Are Either Fake or Never Filled, Study Finds A plague of \"ghost jobs\" is haunting the modern job-seeker. By Lucas Ropek Published January 14, 2025Comments (38)𝕏 Copied! © Thomas Barwick/Getty Images The job hunt can be a slog. Confusing job portals, dense competition, and time-consuming application processes all conspire to make job hunting one of the most annoying experiences on the planet. After all the work that goes into an application, 99.9 percent of the time you hear nothing back. It’s enough to make you feel like you’re firing applications into the abyss—as if the jobs you’ve applied to never existed in the first place. Well, according to a recent study, that may actually be the case. The Wall Street Journal cites internal data from the hiring platform Greenhouse that shows one in five online job postings—or between 18% and 22% of jobs advertised—are either fake or never filled. That data was culled from Greenhouse’s proprietary information, which the company can access because it sells automated software that helps employers fill out job postings. The “ghost job” phenomenon has been growing for some time—much to the vexation of job-seekers. The Journal story cites the experiences of one unfortunate job-seeker, Serena Dao, who searched for a job for over a year. Dao says that, before landing her current position, she applied to some 260 jobs and frequently wondered whether the positions she was applying to were real or not. Some onlookers have speculated that the practice of posting such advertisements is actually a corporate strategy designed to make the businesses posting them seem like they’re growing when, in fact, they’re not. Fast Company writes that this practice may help companies “feign active hiring and growth” and helps the “C-suite hit quarterly goals without the negative perception of removing jobs from their career sites.” Another commentator for Forbes notes that ghost jobs can inflate “the true number of jobs in the market and elongates the job search, much to the frustration of many job seekers.” The plague of such phantom positions has led some platforms to treat job postings in very much the same way that other online content gets treated: as either A) verified or B) potential misinformation. Both Greenhouse and LinkedIn now supply a job verification service, the Journal writes, which allows users to know whether a position is legit or not. “It’s kind of a horror show,” Jon Stross, Greenhouse’s president and co-founder, told the Journal. “The job market has become more soul-crushing than ever.” Greenhousejob listingsLinkedIn Daily Newsletter Get the best tech, science, and culture news in your inbox daily. Select News from the future, delivered to your present. Select Please select your desired newsletters and submit your email to upgrade your inbox. Sign me up You May Also Like Tech NewsArtificial Intelligence AI Was Born to Blog on LinkedIn A study found that most of the posts on LinkedIn are written by generative AI. Is anyone surprised? By Matthew Gault Published November 27, 2024 Tech News Former FTX Executive Is Locked-In on LinkedIn and Federal Prison One of FTX's executives begins a seven year prison sentence with a humorous update to his LinkedIn profile. By Matthew Gault Published October 11, 2024 Tech NewsPrivacy and Security New Open Source Bugs Leave Thousands of iOS Apps Vulnerable to Hijacking The Cocoapods vulnerabilities could threaten TikTok, Snapchat, LinkedIn, Netflix, Microsoft Teams, Facebook Messenger, and many others. By Lucas Ropek Published July 2, 2024 Tech NewsNews AT&T Users Report Major Problems Making Calls in U.S. The issue appears confined to voice calls this time, unlike the complete outage in February. By Matt Novak Published June 4, 2024 Tech NewsNews Big Name TikTok Accounts Reportedly Hacked Via DMs Accounts for CNN, Sony, and Paris Hilton have reportedly been compromised. By Matt Novak Published June 4, 2024 Tech NewsGaming Nintendo’s Bowser Gets Into LinkedIn Brawl Over Plane Seats The President of Nintendo America hopped into the comments to call out an oddly agressive post about deboarding planes Zack Zwiezen, Kotaku Published May 10, 2024 Latest news AR Glasses Still Suck at AR, but They’re Solid Secondary Screens LEGO or Board Games? Enjoy Both With This Brick-Building Monkey Palace Game, Now at Its Lowest Price One of Comics’ Biggest Distributors Has Filed for Bankruptcy Amazon’s Choice Crucial BX500 Internal SSD Slashes Price to a Record Low A New Diabetes Treatment Is on the Horizon—But It Involves Poop Texas Sues Allstate for Collecting Driver Data to Raise Premiums It Takes 36 Days of Nonstop Motion to Move this Log in Super Mario 64. There Is No Reason to Do It. The Latest 17-Inch Touchscreen HP Laptop Is Now $1,800 Cheaper Than a 16-Inch MacBook Pro Best of CES 2025 Awards Best of CES 2025 Awards ➜ Latest news AR Glasses Still Suck at AR, but They’re Solid Secondary Screens 1/14/2025, 12:36 pm LEGO or Board Games? Enjoy Both With This Brick-Building Monkey Palace Game, Now at Its Lowest Price 1/14/2025, 12:01 pm One of Comics’ Biggest Distributors Has Filed for Bankruptcy 1/14/2025, 12:00 pm Amazon’s Choice Crucial BX500 Internal SSD Slashes Price to a Record Low 1/14/2025, 11:30 am Latest Reviews OnePlus 13 Review: A Better Android Phone, but It’s Not the Best 1/14/2025, 10:00 am The Onyx Boox Go 6 Did Not Free Me From the Kindle Store’s Grip 1/5/2025, 7:00 am The Best Laptops in 2025 1/4/2025, 4:10 pm Oppo Find 8X Pro Review: A Great iPhone for Android Lovers 1/4/2025, 8:00 am", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "1 in 5 online job postings are either fake or never filled, study finds (gizmodo.com)273 points by belter 4 hours agohidepastfavorite224 comments dzdt 4 minutes agoI have been required to create fake job postings because of US immigration policy. From the line manager perspective, how it looks is you have a colleague who has been working with you for several years who is on a H1B visa. They want to get a green card and become a permanent resident. To support this, we are required to post a fake job ad for their position, and invent a reason to reject any US citizens who apply for the position. (Non-US applications are ignored.) Our legal advice was that the job posting had to be contain only legitimate requirements for the role, so it could not be highly tailored to only match the resume of the employee seeking PERM status. The result was phone screen interviews were required to reject 8-10 on-paper-potentially-qualified US applicants for the fake position. This is for a highly specialized area within finance, where in real hiring there is an immense effort to find the strongest candidates regardless of nationality. In hindsight I am confident that earlier in my career I had applied to at least one such fake role. One not-well-known advantage of working with a recruiter as a job seeker in such a field is the recruiter will have back-channel information to know to ignore such fake job postings. reply Glyptodon 3 hours agoprevI think the rate of non-fill is higher. But the reasons for it are all over the map. Everything from \"we always leave a posting up even when we're not really looking just in case the perfect candidate happens to walk through the door\" but in the mean time nobody really pays attention to applicants, to \"we weren't getting the applicants we wanted with this posting, so we took it down and are trying a new posting,\" to \"we're legally obligated to post this, but we already have a plan about hiring\" whether it's someone connected, someone internal, or a preference for H1B workers, to all kinds of other scenarios. Anybody who has ever applied for a dozen jobs, sent literate applications and outreach, and has heard from most of them never to months later regardless of actual fit for the job knows this. reply Miserlou57 1 hour agoparentI was a contractor at a FAANG for a few years, and they handed me a job. In the few weeks of transition between the two (some paperwork, etc.) a job posting and req ID was created and posted on their jobs site. I freaked out for a bit, but everything worked out so I can only presume (in California) that was a requirement. What amazed me was it said (maybe on LinkedIN?) how many poor souls actually took the time to apply to the position. It was in the hundreds. I can't help but feel bad knowing they never had a chance. reply Scoundreller 4 minutes agorootparentHappens in public/gov sector regularly. PT role turning into FT… it’s going to the PTer. Temporary budget allocation became permanent and determinate spot becoming indeterminate? Same. reply freedomben 10 minutes agoparentprevI think you're right. Speaking from current personal experience, it's not unusual to get 500 applications for a job, especially higher-level jobs like Principal engineer (where people are chasing the title and salary). I would guess 90% of them are clearly underqualified. Of the other 10%, nearly half will never respond to a follow-up email to schedule interviews. Of those that do, 3/4 of them will reject the offer for various reasons. Given I have a lot of other duties beyond hiring, spending the hours upon hours it takes to sort through that only to have it yield no fruit is ... demoralizing at best. It seems to me that if somebody can actually solve the problem of increasing signal-to-noise ratio, they could do very well. reply duxup 2 hours agoparentprevI always wonder about the gathering resumes \"just in case the perfect person applies\" kind of idea. 1. Would anyone notice if the perfect candidate applied? 2. Does anyone even know what the perfect candidate's resume would look like / are those qualities on a resume / captured by a resume system? 3. Is the perfect candidate actually cold submitting resume to you? It feels like almost certainly these are all \"no\". reply drillsteps5 2 hours agorootparentFrom my experience this is one of the ways it might work. Recruiting (company's internal function, which is part of HR) is tasked with soliciting profiles to see what's available on the market. There's no real position but the recruiter(s) invent one according to what the business told them they would eventually need. There's no hiring manager behind it (as there's no position to be be filled). Recruiter either periodically meets with the business group that requested the research or prepares a report on the results (number of resumes that came in, salary requirements, etc) and presents to the business group that requested it. So there's a reason these resumes are being solicited, it's just the reason is not to hire somebody. Sometimes it is done to justify business decision (ie to move to a different technology, or to expand to a new geographical area). Sometimes the business group _might_ be willing to open a new req if \"the right candidate\" comes up, but it's not guaranteed. It also allows HR and recruiting to justify their presence (they are busy despite the fact that the company might not be hiring at all currently). So there's reasons why these positions are posted and virtually none to prevent the company from doing that. reply johnnyanmac 2 hours agorootparentprev1. With the current AI bots, likely not. And that basically shows how inefficient these systems currently are. 2. The hiring manager does. The bot certainly does not. The odds of someone able to please the latter while meeting the former is low odds, for a candidate that's already low odds to begin with. 3. Not impossible. And that's all the justification they need as long as they aren't penalized for what basically a ghost job. reply Glyptodon 1 hour agorootparentprevI think the answers to these is usually no, but there's one (questionable) person in leadership who's like \"what if somebody from Google applies?\" (or whatever equivalent). Never seen it work. Encountered it a few times. It tends to be magical thinking embellished by narratives around 10x engineers. reply SoftTalker 12 minutes agorootparent\"what if somebody from Google applies\" I'd be immediately suspicious. Why are they leaving Google to come here? reply epolanski 3 hours agoparentprevI feel so lucky I haven't had to apply anywhere in my entire career through postings, the good thing of having a solid network is that you get to know who knows a consultant/freelancer before any position is created. I did post my availability few times on HN \"who wants to be hired\" but with poor results and lots of wasted time (as again, the person on the other end does not know me or has worked with me everything gets bureaucratic again). Also, all of the people I had hired for my clients came again from my network, there was never a public posting. There's also other benefits, in general, you don't get to do silly technical interviews, as you're bringing former coworkers you can vouch for. Not saying this can scale anywhere, but in smaller companies with good teams and professionals they always know someone from their previous jobs or their online communities (common in open source related githubs/discords/slacks) and I like it. reply eulers_secret 2 hours agorootparentIME it's not that bad. My entire network failed when I was looking for work: either everyone was still at my old employer whom I didn't want to return to or they were also out of work. I don't have much online presence, because that's my preference. I did ~11 applications (on company websites, tailored resume), of which like 9 were moonshots (NVDA, Valve, etc). I heard back from everyone, and then interviewed and accepted an offer with a smaller international company located locally. This was during the 2023/4 downturn (Dec '23 to be exact). Caveat: I have 15YoE and work in embedded (especially embedded Linux); it seems this specialization has suffered less than others. I also don't have a degree. I had to accept a slight paycut and hybrid - but I was in office before... and hardware generally just requires you to be present sometimes. Don't be afraid if you don't have a network, the advice is good, but it doesn't apply to everyone. reply qq66 1 hour agorootparentI think that's relevant if you have a highly specialized skillset like embedded Linux. People don't make embedded Linux job postings to \"test the waters\" or \"see if the perfect candidate applies.\" If the listing is up, they're probably hiring an embedded Linux developer, and while there will be a lot of resume frauds applying, they actually need to make the hire. If you're applying for a B2B SaaS product manager job there are 50,000 jobs and 200,000 applicants and it's a completely different situation. reply dennis_jeeves2 1 hour agorootparentprevCurious, what do you earn? reply johnnyanmac 2 hours agorootparentprev11 apps to one job last year, huh? With a 100% response rate. Wish I could have had even a tenth of that luck. Heck even during the best booms my response rate was hovering around 30%. I'm just exhausted with the search. I finished yet another programming take home only for the company to stop hiring at the turn of the quarter. But yea, my network also failed me. Mostly becsuse 80%+ of them were laid off themselves. reply selimthegrim 1 hour agorootparentPaid off? reply johnnyanmac 1 hour agorootparentWhat an unfortunate typo. Luckily I had time to fix that one. But sure, I think almost all of them got severance. reply keb_ 1 hour agorootparentprevHow would I recommend I get into embedded Linux as a total newbie with only Node/Ruby experience? :^) reply TheGlav 1 hour agorootparentNo joke: just start! Learn C and C++. Find a cheap micro pc board, pick one of the embedded linux distros that run on it, and make something with it. Repeat until you get bored, exhausted, or a job. :) reply roland35 1 hour agorootparentprevTry getting a single board computer such as a raspberry pi, and see if you can get it to do stuff! Hook it up to some SPI or I2C peripheral boards to read temperature or light. Stream data to a cloud. Another big part of embedded Linux is managing the OS itself and updates. Things like Yocto handle building an OS image reply selimthegrim 2 hours agorootparentprevI would say the extended parts of my network are still getting the interviews, but I have people I directly literally went to school with, and lived in the same dorm with turn me flat down for work, which was a real slap in the face. I’ve been applying since April 2020 (with about 7 interviews so far and 2-3 upcoming interviews total) and I’m getting kind of discouraged at this point. reply Aurornis 32 minutes agorootparent> but I have people I directly literally went to school with, and lived in the same dorm with turn me flat down for work, which was a real slap in the face. Since referrals became the meta-game, companies have adapted their referral process to be more selective. Most companies I've worked for have required people to enter some basic information about how and where you worked with the referral, why you're referring them, and a statement that your referral means you are vouching for that person's work performance. It cuts down on the number of people referring people they know by happenstance, which defeats the purpose of a referral program. I doubt your friends meant it as a personal attack. They probably just had referral programs that were more rigorous than putting names into a queue. reply selimthegrim 26 minutes agorootparentThey said they hadn’t been happy with the last three months of candidates, and that I was probably going to be it and then rejected me with no feedback and hired some ex-SpaceX person as a contractor. It may have been the investor playing a role. reply epolanski 15 minutes agorootparentprevMaybe you didn't impress them? Network is important as long as people see you as a reliable professional that can help them. There's lots of skills involved, last but not least soft ones. reply cruffle_duffle 2 hours agorootparentprevHonestly in this market there is really only so much your network can do—at least at a “submit my resume for me” level. I’m starting to think I might get a bit more aggressive and bold with my network and have them deliver paper copies to the hiring manager or something. Because even referral submitted applications are black holes at this point. Hang in there and take what you can get. The market is super shitty and you are absolutely not alone. It ain’t you. The market will pick back up again… it always does. reply dennis_jeeves2 58 minutes agorootparent>The market will pick back up again… it always does. It will, but this time it's probably going to be several years. It's the covid lock down train wreck. Most people underestimate the cascading damage done by the lock downs. reply cruffle_duffle 48 minutes agorootparentYup. The damage caused by that nonsense will haunt us for decades to come. “It’s what everybody wanted” is something I often say. “Everybody was cheering this on”. reply dennis_jeeves2 23 minutes agorootparent>“It’s what everybody wanted” is something I often say. “Everybody was cheering this on”. Spot on. I read that somewhere that during WWII when people were sent to the gas chambers, crowds would be cheering on. Common people terrify me. reply selimthegrim 1 hour agorootparentprevIf they won’t pay for traveling for on-site interview or relocation is that a good sign; when they’re demanding three days a week in the office hybrid? reply bearjaws 2 hours agorootparentprevThis is really the best career advice. I was fortunately able to leave a terrible job 2 years ago and immediately had contract work, now I run my own business and get constant referrals from my network. I make more than ever, have incredible work-life balance, and for the most part love what I do. If you don't have a network, the moment you quit/lose a job you are dead to the world. Even now I have people approaching me for FTE roles, I haven't even worked with them for 2 years. Am I some god tier programmer? Not really, but I have a good track record and people always want to go to someone they already trusted. reply recursive 1 hour agorootparentIt's not advice really. If it were advice, it would be something you could do. reply TheGlav 1 hour agorootparentBuilding a network is something anyone can do. Join meetups. Find local user groups. Find online groups and get active in them. Give talks. Write and publish your thoughts locally and/or online. Talk with people. Ask (good) questions. Let people get to know you and the way you think. Many more ways exist than just these. Connecting with other professionals in various ways is all there is to building a network and anyone can do it. They just have to do it. reply hylaride 41 minutes agorootparentThis. I'm still benefiting from being in a BSD users group that I went to between 2000-2008 because it was filled with passionate/talented tech people, most of whom have gone onto other things. Find places to get into discussions and show your opinions and have discussions. If you are in a group where your mind is never changed, then find something else. reply recursive 38 minutes agorootparentprevOk, now that's advice. reply epolanski 13 minutes agorootparentprevYou definitely can. I always built my network mostly at local meetups and online communities. It helps if, like in my case, are into functional programming, as people into that niche prefer working with other functional programmers. reply netruk44 2 hours agorootparentprev> If you don't have a network, the moment you quit/lose a job you are dead to the world. As someone without a network and left their FAANG-adjacent (or whatever the current acronym is) job in 2022, this is mostly true. Amazon still hits up my inbox every month or so, though. reply Caius-Cosades 2 hours agorootparentprevYeah if you're not a social butterfly in the modern world you're just effed. Or about as good as dead, unless you happen to be extremely lucky. reply rwyinuse 2 hours agorootparentIn academic / white collar work for sure. But if you're something like a skilled craftsman whose services are in demand, you can probably do fine with less social networking. reply SoftTalker 9 minutes agorootparentCarpenters, electricians, and plumbers will be able to name their price in the Los Angeles area for the next few years. reply catwhatcat 2 hours agorootparentprevWhat sort of business are you running now, if you don't mind elaborating? reply xeromal 2 hours agorootparentprevI decided I wanted a better job in 2025 after being at my company for 6ish years. I started applying to 2-3 jobs a day starting in december and reaching out to old contacts. Complete ghost silence and bullshit. Managed to get 2 leetcode screens that went nowhere even after doing alright on them. Hit up an old college buddy on linked in, got a referral, went through a ton of interviews (6) and got a job in two weeks. It's nuts how far a referral will get you. reply Foobar8568 2 hours agorootparentprevI posted once with a seconds account on who is hiring, the amount of spam and fishing attempts received is crazy, 10-50 DocuSign and the like a day since then. reply ben_w 1 hour agoparentprev> we always leave a posting up even when we're not really looking just in case the perfect candidate happens to walk through the door I've seen one that remained up after the company itself was closed down… which I knew about by having been in it when it closed; even before that, it was so out of date the salary offered was about 60% of what they'd paid me when I joined. reply fifilura 3 hours agoparentprevI think \"looking for the perfect candidate\" is the most common reason by far. Great developers with domain knowledge are always possible to fit in, simply because they are money generators rather than a cost. reply hn_throwaway_99 3 hours agorootparent100% agree. A big issue with tech is there are so many options and domains that for any particular job it can easily take even an amazing developer 6-9 months to get up to speed if they're unfamiliar with your particular tech stack or business area. That's not the case with most other professions - if I'm, for example, a professional violin player, I can play in basically any orchestra in the world and be proficient from day 1. So if you happen to find that unicorn who is not only a great developer but is also expert in the major areas of your tech stack and your business domain, you hire them in a heartbeat. reply johnnyanmac 2 hours agorootparentSounds like something many technical professions have to deal with. Even with all the licenses and certs in the world, very few lawyers or doctors are just walking in and learning the process in a week. Other types of engineering need to understand the pipeline in another firm compared to their old one. A firefighter needs time to mesh with the team and figure out what equipment and tools are available here. But then again, I bet most of those also aren't trying to rely on AI to find talent. reply hn_throwaway_99 21 minutes agorootparentI can't speak about lawyers, but you're definitely wrong about doctors (have a couple in my family). They can and do travel to completely new hospital systems and are expected to do their normal job immediately (and they do). Even within tech, I think the ramp-up time is faster for literally everyone else besides software engineers, just because the underlying technology can vary so much more (and its more important to be understood at an intimate level of detail) than for other roles. reply rors 11 minutes agorootparentMy girlfriend is an Orthopaedic Surgeon. Great when I've got a broken arm, or need shelves putting up. I wouldn't let her anywhere near my heart or brain. Medicine is super specialised. I hear you on geography though. Luckily the human body doesn't change too much between locations. reply dcdc123 2 hours agoparentprevI think another very common scenario is just eliminating the headcount. Companies cut headcount at a small scale all the time and the first one to go is usually the unhired. reply devmor 11 minutes agoparentprevI once got a developer position through a professional group on Facebook. My soon-to-be manager had to have HR create a job posting on a public facing portal so I could apply through it, despite already essentially giving me the position. I wonder how many people applied for that job before it was taken down. reply kube-system 3 hours agoparentprevHaving interviewed candidates for full-stack positions, and actually asked them about the entire stack (instead of just the backend), I'm surprised the number isn't higher. reply ARandomerDude 3 hours agorootparentI've been amazed by how many times I've had this conversation: Applicant: \"I love ${LANGUAGE} so much! It's amazing! I'm super passionate about it!\" Me: \"Oh that's great! What are some things you like about ${LANGUAGE}, and one or two things you wish the language designers had done differently?\" Silence. (Replace language with database, framework, etc. as needed). reply kube-system 2 hours agorootparentToo often I find \"full-stack\" developers who only know how frameworks operate, but have no idea about how the computer actually works. \"How do you do [x] in SQL?\" > \"I've always had the ORM handle that\" \"How do you do [x] in CSS\" > \"I use this CSS framework and it will do it for me\" \"How does a packet get between the front end and back end of your solution\" > \"I update the object state using [x] in the [y] framework\" reply LeftHandPath 56 minutes agorootparentPerhaps there's a reason why. The market generally doesn't need people who can do it all. In the same way it doesn't need people writing C++ or Rust to know how to write machine code or assembly. Sure, the ones that can are probably more knowledgable, but their experience with the high level language is more important. I've done full-stack with no frameworks or non-std libraries (aside from PDO and OpenSSL, the limitations set by CEO decree) for about 8 years now. I write my own schemas in IBM Db2. Hell, I wrote small application databases in IBM DDS in the AS400's SEU while I was still under the legal drinking age. I've always written our stylesheets from scratch, using SCSS. I've written C++ APIs that run in PASE, talk to the database with ODBC, then send back to a front end through sockets. I do graphic design and photography -- something I started back in middle school and took some formal classes on -- and have led the creation of marketing materials for multiple subsidiaries. I've spent 40 hour weeks working on sysadmin tasks in vim, 40 hour weeks writing libraries in JetBrains and VSCode, and 40 hour weeks working running around with my DSLR or working in Photoshop, Illustrator, and InDesign. But when I look for full-stack jobs, most of them actually want somebody who is well versed in a framework. There's not much point in doing all of this from scratch. It's more tedious, more error prone, and it takes longer to get to market. Some interviewers have given the impression that I'm a little \"less than\" because I haven't used any major frameworks. I think that's actually a valid take, and it's something I've started doing side projects to address. Frameworks improve velocity. Frameworks improve reliability. They reduce the risk of a developer coming up with an out-in-the-weeds solution to a problem they didn't properly understand. They make it easier to maintain the code. They make it easier to onboard new developers who are familiar with that tech. reply tmpz22 19 minutes agorootparentI once did a take-home project for a full stack role that proclaimed any language/framework could be used to build a browser-based application that satisfied a particular task. I opted to use golang and its standard library to produce an application with no external dependencies and no javascript. In the rejection email they stated the use of outdated development methods was a point of disqualification. I'm sure other reasons for disqualification were present, I wasn't a great candidate in retrospect, but I'll never forget the naivety and hubris of their framing. They were of course a NextJS shop. Ultimately disregard role titles. It's a people problem that you have to pull teeth to find out what they really want, and what they really want they often won't say out loud. That's fine, it's their money (and usually a lot of it!) and they should be able to dictate the services that they want. Really sucks for people new to the industry trying to learn the song and dance. reply bostik 33 minutes agorootparentprevThis is an exceptionally good question to identify people who have actually used a technology for real. I've used merely the second part (\"what gripes do you have about X\") in interviews successfully for nearly two decades. If you've used a tool long enough, you've identified warts and misfeatures. And you will have opinions about them. reply duxup 2 hours agorootparentprevI always wonder how much that is influenced by the blog / social media world where a few (or even one) neat features in a product or language produces \"I love this\". So yeah they love it ... in so far as the social media expression goes. reply supriyo-biswas 32 minutes agorootparentI feel that’s more of an artifact of American culture. I remember discussions where the stakeholder declined to use a technology, and said something like “we love X, but are concerned about Y.” reply tombert 2 hours agoprevI've posted this story before, but it's relevant. About two years ago, I was looking for a job, and a recruiter reached out about a software engineering position at a prominent newspaper [1]. I told the recruiter to apply me, they did, and they made me sit through a two hour video course on ethics and sexual harassment, which was weird considering that I hadn't even done an interview yet. About a week later, the recruiter gets back to me, and they declined me because my resume \"reads too much like a manager, no hands-on coding experience\". I was extremely confused, because most of the time people say the opposite, that my resume is too in the weeds, and I need to focus on high-level stuff. Moreover, I don't have any managerial experience on my resume...every role says something like \"software engineer\". And then it hit me: the hiring manager never read my resume. He already knew who he wanted to hire for the role, and for either legal or compliance or bureaucratic reasons, he had to make it look like he was looking for other candidates, and in the process, he wasted my time and the recruiter's. [1] Not going to say which one but you've definitely heard of it. reply hylaride 31 minutes agoparentOne adtech company I applied to ~10 years ago (Chango - doesn't exist anymore) also put me through the strangest interview I ever had. It was for an SRE role. There was a fairly standard phone screening interview, but then when I went in-person the CTO, VP of engineering, and somebody else I can't recall made the whole interview about torrents and USENET feeds for TV shows. Not a single serious discussion was had about the business or technology, despite my attempts to bring it up. I left scratching my head and a follow-up email that said \"they were going to go in a different direction\". I can only guess that the role was going to somebody else they really wanted, but they needed a \"competitive\" alternative. I was annoyed that they wasted my time, though. reply stronglikedan 1 hour agoparentprev> Not going to say which one Nothing will change until online naming and shaming is not considered taboo. reply tombert 1 hour agorootparentI just don't want my name ASSOCIATED with that kind of PRESS, ok?? reply the-chitmonger 1 hour agorootparentI'm glad you clarified - I was expecting NYT! reply tombert 1 hour agorootparentI don't know what you're talking about :) reply dennis_jeeves2 47 minutes agorootparentprevmake an anon account. reply _DeadFred_ 1 hour agorootparentprevAre there laws against companies committing fraud and false advertising? Job sites are directly evolved from classified ads in which ads stands for Advertisement. reply joelfried 1 hour agorootparentYou think there's law on the books that forces companies to speak honestly? And that someone is going to enforce it? reply nitwit005 4 minutes agoparentprevIt's fairly likely they just confused about which candidate was which. Happens all the time. reply hilux 1 hour agoparentprevThis is extremely common. In fact, it is the rule at universities and government agencies and government contractors, who are required to post every job even when they have a preferred candidate, and many big tech companies do the same thing. It wouldn't matter if you named the company – literally every large organization has done this dozens or hundreds of times. reply tombert 1 hour agorootparentIf they had just blanket-declined me then I don't think I would have cared all that much, it's far from the first (or thousandth) job I've been declined for; what annoyed me is that they made me go through a stupid video seminar thing before they had even read my resume. They're going to waste two hours of my time and not even give me the courtesy of reading my resume? Pretty douchey, IMO. reply f1shy 38 minutes agorootparentMy policy is: no tests, no seminars, no long interviews. Max 2hs before there is a clear sign of real interest. I’ve seen enough people doing 2hs tests+ 3 2hs interviews + 2hs disertation showing what you can… at the end seems the probability of being hired is inversely proportional to the effort required. reply hilux 52 minutes agorootparentprevOh, I hear you. In some cases, they may be required to document how many candidates went through the entire process, to \"prove\" that it was genuinely competitive. reply mixmastamyk 54 minutes agorootparentprevSend a bill. reply pragma_x 1 hour agoparentprevWait, which newspaper did you say you work for again? > A major one. reply CretinDesAlpes 3 hours agoprevI've been on a career break / job search for about a year. I used to work in \"AI\" before it became fashionable, here are some observations of the tech job market: 1) There are so much BS jobs in BS companies it's hard to understand if those are even companies doing real thing (cf. David Graeber) 2) 80% of jobs in my field are about LLMs and technology no one understand or in companies that don't even know if they need it but are just following the trend 3) I've seen big and small companies posting over and over the same job ad. For example a big consulting group has been posting the exact same job for more than a year (really) on linkedin and elsewhere - each time there are more than 100+ applicants on linkedin. 4) Recruiters from 'serious' agencies told me it was the worst job market they know of 5) There is also a rise of fake recruitement agencies, it's very easy and quick to set up a page on Linkedin now with fake workers, fake images, fake jobs, etc. 6) The supply demand imbalance allows some small companies (startups) to ask for insane technical assignement that takes hours, which at the end looked like free consultancy. I had one that did not even provide feedback after a rejection, and when asked said \"because we don't\" 7) The increase of centralised platform such as Linkedin has increased competition. Everyone is applying to the same jobs, and many candidates uses AI to beat the HR platform. [This has been reported by FT - https://www.ft.com/content/1429fcb2-e0ef-4e47-b2b8-8bd225ac2... ]. Same problem as in the online dating market. 8) There is so much ghosting, that can happen at any stage of the process. Again, same problem as in the online dating market. reply azinman2 2 hours agoparent> 3) I've seen big and small companies posting over and over the same job ad. For example a big consulting group has been posting the exact same job for more than a year (really) on linkedin and elsewhere - each time there are more than 100+ applicants on linkedin. At the same time I’ve seen on the other end just endless unqualified applicants. Dozens and dozens of people who don’t pass a phone screening. Some jobs are tough to find the right applicant, or you’re looking in an area of high competition for a specific talent. reply CM30 1 hour agorootparentThe question then becomes \"how are applicants getting to the phone screening to begin with?\" Because from what I can tell, it seems like a complete toss up whether a qualified/unqualified applicant will even get that far, let alone how much further in the progress they'll get. I get the distinct feeling that most filtering systems are just dropping a lot of great candidates at the first hurdle, and then letting a bunch of unqualified ones through to the later rounds. reply _DeadFred_ 1 hour agorootparentprevThe issue with that response is that a random posting on LinkedIn isn't how you fill those positions though. Cookie cutter jobs sites are for cookie cutter jobs. reply nine_k 2 hours agoparentprev> did not even provide feedback after a rejection Years ago, when I was heavily involved in hiring, I asked our CTO whether we can provide feedback to rejected candidates, because it could benefit them. The CTO answered that it may become a legal quagmire if a candidate decides to sue due to perceived discrimination, or something, based on the feedback, even without any merit. The probability is very low but the downside is very bad. So we had to abstain from giving feedback :( reply CretinDesAlpes 1 hour agorootparentHow can you be discriminated on a technical level? Is there even a case of a candidate who sued a company at a technical stage we are aware of? This seems like a weak argument considering the hassle of time and potential legal fees, especially for someone who is looking for a job? Although I could understand why a candidate would try to bring a case like this in the US. Anyhow, it's not even the feedback the problem, it is that I have enough work experience to understand some of those startups seem to operate on a thin line between what is a technical assignment related directly to their core tech and getting free consultancy. The least they could provide to candidates who have involved time is what was expected. reply SoftTalker 5 minutes agorootparentprevYeah it's a variant on \"anything you say can be used against you.\" Any feedback you give can potentially be twisted to support some argument of unfair treatment. Even if it's frivolous, employers don't want to spend time dealing with that. So they just say nothing. reply y-curious 2 hours agoparentprevWhat is the point of a fake recruiting agency? I've heard claim of this but I wonder what the endgame is. Is it to harvest contacts? Scam people? Waste people's time? reply nitwit005 0 minutes agorootparentYou got the job, but you'll need to pay a $50 fee for a background check! And voila, they have stolen $50. reply hansvm 2 hours agorootparentprevOne of the endgames is scamming. One that's been around for a few years, seemingly getting bigger as time goes on, goes something like: 1. Slurp up contact information, focusing on people trying to break into a cushier lifestyle (data entry, entry level analysts, LLM evaluation in some specialized domain, ...). 2. Cold-contact them about being eligible for one of many possible remote jobs, with high hourly rates listed (something specify, like a \"salary\" of $38.51/hr). They'll either have a legitimate-at-first-glance looking website (usually the ownership has been transferred a few days prior, sometimes a few months, but one of the operators seemed to have a pool of domains they'd been letting age for years to throw you off a bit more), or they'll spoof the spelling of a real company when they text/email you. 3. Go through some form of hiring process. It's as little effort as they can put in on their end to keep the semblance of them being a real company. 4. Then this turns into normal check fraud. Your cushy remote job requires expensive office supplies, so they \"provide\" those. A local member of the gang delivers fake equipment in real boxes. You pay $5k or something out of the $7k fake check they previously sent, the rest supposedly being a signing bonus. AFAICT, many tens of thousands of people have gotten as far as step 4, and a decent fraction have fallen for the whole charade. If you're struggling to get a real job out of college and haven't seen what the normal interview process looks like, the confirmation bias (and desperation) combined with lack of real-world experience can cloud your judgement. There are tons of other endgames. Not all are quite that nefarious, but none are good. reply CretinDesAlpes 2 hours agorootparentprevMy bet is the collection and reselling of personal information, legally or illegally. Many (most?) people do put their real name, real address, real phone number and real email on their resume. You automate this on linkedin and can get a lot of CVs, I don't think this is a crazy idea. reply mywittyname 1 hour agorootparentThe same vendors that sell Linkedin data in bulk include this level of personal information (phones, personal/work emails, addresses). Perhaps this is how they mine the data they sell, but I think it's more likely they take use the information scraped from Linkedin and send it to other vendors to enrich it with personal information. reply rndmwlk 1 hour agoparentprev>1) There are so much BS jobs in BS companies it's hard to understand if those are even companies doing real thing (cf. David Graeber) This time last year I was searching for a new job, something I've done a few times at this point in my career, and this was such a pronounced thing that I had not experienced in any of my previous searches. It felt so strange, like walking through some funhouse where I had to be skeptical of every turn and decision lest I walk face first into a mirror. I eventually found a great job with a great team at a smaller company that I had some initial reservations about and even held back on applying from at first. Maybe it's just an additional symptom of (4), but if this is the future of finding employment it is a bleak one. reply OsrsNeedsf2P 3 hours agoprevAt one of my previous companies, I recall suggesting to my CEO that we open some job postings \"just in case\" the right person comes along. He candidly noted that we already have open job postings, and gave me access to the email they all went to. I saw over 3,000 applications made over the last 2-3 years. Tailored resumes. Cover letters. This wasn't some LinkedIn \"quick apply\", these were direct \"Fill out the form\" on our website. Not a single one of these applications got read. reply PittleyDunkin 2 hours agoparent> This wasn't some LinkedIn \"quick apply\", these were direct \"Fill out the form\" on our website. Not a single one of these applications got read. Surely this would basically immediately backfire as people would presume a rejection and not apply when you actually wanted to hire. Why would you do this? reply johnnyanmac 1 hour agorootparentIt's so common place that few are going to remember they applied to a specific company years ago to begin with. reply sangnoir 57 minutes agorootparentWith BS postings, low response rates, and the effect of having to apply to many jobs at once, how else can applicants manage their many applications but write things down? The last time I did ran the job search, I needed a spreadsheet to keep track of things. When a recruiter reaches out to me, I'm going to see if their company is in there, and what my notes say about my last experience with them. reply daseiner1 3 hours agoparentprevUnless I have an “in” and can directly send/hand a cover letter to the opening’s hiring manager, I can’t imagine ever writing a cover letter again. reply Glyptodon 50 minutes agorootparentI like writing them when I think there are aspects to why I'd be a good fit for the role that don't get revealed sufficiently by listing skills on a resume or I have questions that can save everyone a ton of time. It seems like people do at least read them before interviews most of the time so I think there's some value. reply jjice 2 hours agorootparentprevWhen I was in uni, I found that just having a boring cover letter drastically increased the odds of an interview (for internships and post grad work). I bet a lot of places just have a filter that adds you as a higher priority purely on the existence of a cover letter. I've never read a cover letter that I found valuable for hiring anyone, though. And I'm sure mine were never of any actual value either. reply daseiner1 2 hours agorootparentI like that insight and should I ever be back in the kafkaesque nightmare of blind online job applications, I will take your advice. As you point out, barring typographical mistakes a cover letter being too generic isn’t likely to result in a rejection, but not “checking the box” very well might. cheers reply sctb 1 hour agorootparentMay you never have to write one again, but if you do, it might be helpful to think of the cover letter as a reflective writing exercise. You might be able to gauge your level of interest in a particular role by how easy it is to write about, for example. Or it could just be some practice at communicating your strengths and abilities (this would definitely apply to me). IMO it's too disheartening to put effort into such personal writing without the awareness of some kind of direct value or benefit, since chances are it's going straight into the void. reply daseiner1 1 hour agorootparentNicely put. reply vlod 11 minutes agoparentprevI remember a post here where some recruitment manager (at a company) said \"Always write a cover letter, which is not generated by AI, otherwise you're an automatically trashed\". I rolled my eyes. Although this might be sound advice, it's not the reality of a lot of people looking for work. Yes, they might do this for the few months, but after what 6 months+ of no or canned responses (even though you have ALL the skills they want) it gets tiresome and you just say F-it, copy-paste a canned cover letter. reply f1shy 3 hours agoparentprevThis is making that company not look very good, is it?! reply chgs 2 hours agorootparentAwful company. They could post “here are our standard job roles, we aren’t actively hiring but if you’re the perfect match please tell us why”, which warns the prospective applicant. reply duxup 2 hours agorootparentprevDoesn't hurt them either I don't think. Nobody knows. It sucks because the whole job hunting system is borked. reply PittleyDunkin 2 hours agorootparent> Doesn't hurt them either I don't think. Well those are 3000 resumes that won't be resubmitted when you actually want to hire. Many of those resumes will belong to people who since found work. Weeding through that would be a nightmare, so you'd have to toss it and write it off as a loss. Or you could just post jobs when you're actually interested in hiring and turn it off when you have enough applications to process. Super interested candidates can always cold email. reply duxup 1 hour agorootparentThey don't care about those 3k and they could reach out. And maybe next round they do apply again. I sure don't remember when I last was applying who I applied for except some big names that ... yeah I'd submit it again if I was looking. I don't like the system, but I don't think they're hurt by it. reply chgs 2 hours agorootparentprevIf 500 people apply for a fake job and don’t get to an interview or personal response stage, then when they need a real job filling they’ve already wiped out a lot of applicants who won’t bother applying next time. reply duxup 2 hours agorootparentI doubt that's how it works out. Last time I was looking I applied so many places I can't remember most of them. reply grajaganDev 3 hours agorootparentprevIt is not making that company look very good. Enticing job seekers to waste their very precious time is not ethical. Edit: fix double negative. reply bbarnett 2 hours agorootparentJust an FYI.. the double negative means you said it makes the company look good. (I don't think you intended that) reply grajaganDev 1 hour agorootparentThank you - fixed it. reply fullshark 2 hours agorootparentprevWhat do you mean? They have open roles so they must be growing? Seems like a good investment. reply extr 2 hours agoprevI've found almost all my career positions through recruiters. I find it's about 100x more productive of an experience. You know the job exists because they're paying someone to fill it. You get to talk to someone on the phone about the job before you have to lift a finger. If you sound good on the phone, they just put you right through to the hiring manager/interview process, and also are materially invested in your success. Getting the formatting right on your resume is an afterthought. They'll give you an entire gameplan and tips on this company's specific process. People hate on LinkedIn but having a presentable profile and using the right keywords is worth it's weight in gold IMO. Even if it doesn't work out, they'll keep you in their rolodex and hit you up for jobs long into the future. reply johnnyanmac 1 hour agoparentMain issue is that recruiters can get every bit as bougy as applicants can get when the market sways in their favor. So in a market like this, you may have less than a 10% response rare from messaging recruiters. Whereas 2021-2022 you'd almost always at least get a reply when you messaged a human. reply extr 20 minutes agorootparentI never message recruiters cold. Only wait for them to message me, or hit up recruiters I have existing relationship with. reply mywittyname 1 hour agoparentprevSame here, but have you looked for a position in the past 2 years? It's dramatically worse than I've experienced in my 20 years as a dev. I only ever apply to jobs that I know I'm qualified for and know that I can demonstrate it, so my application -> offer ratio was historically pretty high. In my last job search, I sent out 99% of the applications I've ever sent out in my career. The tech job market enshitified rather quickly. reply ChrisMarshallNY 2 hours agoprev> The job market has become more soul-crushing than ever. I have often stated that the fact that I was basically evicted from the job market was one of the best things that ever happened to me (I didn't think so, at the time it was happening), and every time I read something like this, it reinforces that. But I was one of the fairly rare (it seems) people that could afford to have that happen. My heart goes out to the folks that have to endure this stuff. One of the saddest things, is that really good workers, that would take their job seriously, and be excellent employees, are being knocked out of the game, and the unproductive, disloyal, rapacious sharks that have learned to game the system, are taking all the fish food. reply WarOnPrivacy 17 minutes agoprevThe headline could also apply to the 1990s. I was an employment counselor for a non-profit for a few years. I collected employment listings from multiple sources (Bureau of Labor was a big one) and printed+sorted them to help job seekers. I found a high percentage of distinct jobs that were endlessly listed. If I sent qualified applicants after them, they invariably never got a response. That was just the ghost listings. Another large chunk were problematic for reasons that had nothing to do with applicant qualifications. Maybe 2 listings in 5 were reasonable and competent efforts to find workers. reply robcohen 3 hours agoprevThis is a spam problem. Spam problems are easily solved by simply charging for attention. Job postings should pay me to view them, and I should pay job postings to apply to them. The only reason why ghost postings exist is because the marginal cost to the company is so incredibly low to do it. In demand people should get paid for their attention. What I don't understand is why are there no systems that actually implement this? Most likely because the user education problem of cryptocurrency wallets and the various UI/UX issues it presents, but there's no mainstream apps that I can think of that actually try this. Seems like it would work in dating apps, in advertising, in CRMs, in social networks of all types. Why hasn't it been done? My guess is because we've only solved half of the problem with crypto. We have the cheap value exchange, but we don't have identity figured out quite yet. reply ryanianian 3 hours agoparentRecruiters and agents have been solving this problem for years. Firms hire a recruiter for jobs that they actively want to fill. Applicants hire a job agent. Those two meet. Very little incentive for spam in this relationship. The problem, of course, is mismatched incentives for the middlemen versus the clients, particularly at the margins. Similar to real-estate brokers. They may be effective in many ways, but they are looking for pareto-efficiency, where they get you 80% of the match (or 80% of the pay) or whatever for 20% of their effort. It's hard to imagine any incentive scheme between buyers (hiring managers) and sellers (applicants) that wouldn' be subject to the same market mechanics, even if at lesser scales when done through more automated means. I don't think crypto really has anything to do this. reply airstrike 2 hours agorootparentThe power dynamics between employee and employer are such that the employer ought to foot the bill for that on their own. Candidates really shouldn't have to go to an agent to find a job. The employer doesn't need to hire an external recruiter either. They just need an HR team that actually does anything other than protecting against liabilities and aggressively managing labor costs down. Most of HR is a practical joke of questionable taste. reply robcohen 2 hours agorootparentprevYes, you can absolutely add a middle man to sort through the spam for you, and that \"solves\" the problem in the sense that you are trading money for time. It's no different than paying for a personal assistant to collect your mail for you and pass along the valuable stuff. That said, it's incredibly inefficient and most people, for most interactions, cannot hire a third party to handle those interactions for them. So no, I don't think adding layers of middle men really solves the problem for most people. reply hansvm 2 hours agorootparent> \"solves\" ... money for time The proposal was two middlemen. It's just an inefficient way to, as you (or somebody up the chain) said, charge for attention to reduce spam. Since the middlemen are being paid, most spammers won't hire them. > incredibly inefficient In practice, yes. In theory, it could be fantastic. Imagine, as a simple example, you have two early-career backend developers. They could each do the same search, or a middleman could do one search and share the highlights with each developer. The fact that you have overlapping demands and information opens up the potential for the work to be amortized, even if you're not adding any value as a middleman other than trading time for money. reply numpad0 1 hour agorootparentprevI've heard that one of tricks recruiting agents use is to maximize mismatch without breaking the illusion of a perfect match, so that victim companies has to come back as often as possible, each time rewarding them with commissions. Value alignment is definitely going to be a problem. reply pjc50 2 hours agorootparentprevUnfortunately there are good and bad agents out there, and the bad ones absolutely do have an incentive to spam. I remember one place I worked at maintained a blacklist of bad recruitment firms. reply lazide 3 hours agorootparentprevI’ve never heard of, or met, a job agent. More info? reply airstrike 2 hours agorootparentYou ask someone to land you interviews and, if you get hired, you pay them a fee. Usually some (fat) percentage of your first couple paychecks. reply lazide 29 minutes agorootparentI was asking for specific people. reply NAHWheatCracker 2 hours agoparentprevMicropayment systems don't work well because there are free options. Convincing people to pay any amount of money is incredibly hard. Would micropayments result higher quality? Maybe, but until you have a critical mass no one can really tell. Free options are more likely reach critical mass and dominate. Paid options thus die off, starved of attention. reply johnnyanmac 1 hour agorootparentAlso, free applications systems are so common that I'd simply see any system that I, the applicant, needs to pay for as a scam. Much more different than a paid forum or news site. I pay $10 for those and I get exactly what on the site, even if the news updates slowly or the forum is empty. If I had to pay $100 for 10 applications and still get ghosted or auto rejected, I don't know what I'd do. That's just theft at that point.And the incentives for recruitment are just perverse at that point. Don't hire, just make a good job app. reply ceroxylon 1 hour agorootparentprevIt would be worth it to build a highly refined and moderated \"free tier\", with a paid option that is even better. From what I noticed during my last job hunt, all the big platforms could vet their submissions better. reply numpad0 1 hour agoparentprevI thought Indeed charge companies for posting and per applicant clicks? That combined with near 100% university graduate capture is what Japanese job market is like, where their current owner's corporate HQ resides. In that environment, the agency maximizes clicks and matches because that earns them most. Applicants are lured to maximize numbers of applications and qualifications(and failed matches), hiring companies go FOMO mode, hype up themselves and tighten up requirements. Everyone's paperclipping everything and producing clinically depressed graduates in big batches. It's a huge resource sink. Then of course fake posting problem isn't even remotely gets solved because the power structure builds up in the background in uncaptured dimensions, parallel to the system. You wouldn't want that. reply dennis_jeeves2 33 minutes agoparentprev>but we don't have identity figured out quite yet Can you explain further? ( btw, your overall analysis is spot on) reply shultays 3 hours agoparentprev(paypal me 0.1$ to see this reply) reply airstrike 2 hours agorootparentI really wish that's how (a subset of) the internet worked. Not for replies, but for quality website access. Think newspapers and other primary sources of information. Fill up your browser tank and go visit these websites. The site then gets paid per view, or per duration of stay. Details are tricky though. reply seabass-labrax 1 hour agorootparentIn my opinion a big barrier to the success of such systems is that newspapers often aren't primary sources. Most outsource the reporting to press agencies and (increasingly) to social media. Press agencies usually do sell individual stories with primary reporting, but not at the prices you and I can afford. For mainstream press though, is it worth the pennies of a microtransaction to read someone's re-hashing of public records and social media posts? That is very much dependent on both the reader's personal expertise and the author's, and if they are mismatched the article becomes worthless to the reader. An article explaining what HN is would be illuminating to many, but entirely unworthy even of pennies to you and I. reply johnnyanmac 1 hour agorootparentprevMorality aside, the logistics of this means you cannot literally PayPal someone 10 cents. The processing cost isn't worth transferring such a small amount. So the answer to this is to pay $5 and be able to see 50 replies. But what if you're unsure you want to even see that many replies? It's now a steep cost to consider. reply immibis 2 hours agorootparentprevOther way around. You should paypal them $0.01 if your reply is worth viewing. But Hacker News already has a cost to posting replies: you can only post a few (I think 5 replies every 4 hours) and although you can make more accounts, there's a limit to that too. So I know this was one of your top 5 in this 4-hour period. reply scarface_74 2 hours agorootparentYour account is being rate limited because your replies were repeatedly against the “rules”. Been there done that reply esafak 2 hours agorootparentprevWho would say their reply is not worth viewing? reply danaris 2 hours agoparentprevIf we assume that a posting costs $1 in either direction, the $100 cost to a company of any significant size of posting a single job to 100 sites is pretty negligible. On the other hand, to someone who has no job, paying $100 to apply to 100 jobs might be pretty harsh—and there isn't the remotest guarantee that this would actually result in getting contacted, let alone getting a job. Going one step further, paying that kind of money to apply also means you'd be expected to have a credit card or something similar. At the very least a bank account. And someone who's got excellent qualifications, but had a medical disaster cost them their previous job and home, and has been spending time on the streets, is going to have a very hard time maintaining a bank account or obtaining a credit card without an income. Basically, any time you make a proposal to \"solve\" the problems with hiring/job searching, you need to ask yourself, \"Is this going to nontrivially exacerbate existing class divides?\" If the answer is \"yes\", that's a) probably why it hasn't been done already, and b) why anyone with any compassion (or understanding of the long-term consequences of inequality in society) should reject such a solution. reply seabass-labrax 1 hour agorootparent> someone who... has been spending time on the streets, is going to have a very hard time maintaining a bank account or obtaining a credit card without an income. Slightly tangential to your main point, but in this day and age electronic transfers are money; cash is in effect just a fallback option for situations where there's no connection to the Internet. I believe that, in the absence of central bank digital currency, banks should be required to have a process for issuing current accounts to homeless people (albeit not necessarily with credit, just like customers who do have fixed homes). That measure alone would immediately fix a range of issues that homeless people face, wouldn't it? reply danaris 48 minutes agorootparentIt absolutely would, as would Postal Banking, which there's already a movement afoot to bring back(? I think it was around before? I'm not super up on it). reply kthejoker2 2 hours agorootparentprevI sympathize but totally disagree, if the $1 I paid guarantees: A) it is an actual job, with intent to hire now B) I will get an actual response, from a human, within a few days Then $100 is completely worth the time saved vs applying to ghost jobs. reply johnnyanmac 1 hour agorootparentThe issue is thst we both know those won't happen. Even if it's just scam shops that abuse it and everyone else plays the honor code. Rotten apples and all that. reply danaris 2 hours agorootparentprevThe problem is, as I noted, spending $100 to post a completely bogus job 100 times is basically nothing to even a medium-sized company. The asymmetry in power & wealth means that if you want the $1 spent by a job-seeker to even come close to the guarantees you describe, you'll probably need to make the company pay $100 per posting or more. And that would effectively require some pretty widespread and strictly-enforced regulation/legislation. If you're going to have to get that just for this middleman solution, why not go all the way and have the regulation mandate that any job that a company posts has to be real, with full intent to hire, and every single applicant must get a timely, non-canned response? reply Aurornis 55 minutes agoprevThis headline was carefully written to trigger confirmation bias, but the phrase “or never filled” is doing a lot of heavy lifting. Most mid-sized companies where I’ve been a hiring manager haven’t had a 1:1 relationship between job postings and hires. Some times we’d post 1 job posting but hire 2-3 people out of it. Other times we’d post 2 or 3 job listings at different levels for 1 headcount because we were open to candidates of wide skill range but a single wide-range posting tends to turn off more experienced candidates. We’ve had situations where an internal candidate expresses interest in a public job posting, so we take it down without filling it and replace it with a different posting for their backfill. So looking back, several of my job postings would be considered “fake or never filled” despite the fact that we were honestly hiring and filling roles. This article and the WSJ article it sources from feel like journalists picking up on a social media trend and working backward to provide fodder for it. There is no 1:1 relationship between a job posting and a hire at many companies, so using job posting data to draw conclusions like this isn’t good logic. It probably feels like vindication to people who are tired of applying to jobs, though. reply hunglee2 3 hours agoprevThe outrage from job seekers is justified but Gizmodo doesn't help matters by categorising fraud (fake jobs) with failure (never filled). Hiring is hard, as anyone who has ever done it will attest, and very many vacancies opened in good faith are not filled for a variety of reasons - budget pulled, hiring manager won't make a decision, internal candidate appears at late stage etc. We also need to draw a distinction between employers posting jobs directly vs 3rd party agencies posting jobs for the company's they represent, or purport to represent. There is a disincentive for the former to post 'fake jobs' - who wants to deal with the applicant flow, but an incentive for the latter to do so - harvest resume's, build a database. Anyways. My point is, there _is_ a problem but mainstream magazine treatment like this from Gizmodo serves to add smoke when there's already a fire reply NVHacker 3 hours agoparentThe way I read it, Gizmodo cannot tell whether those jobs are fake or just never filled. How could anyone tell from outside ? The visible fact is that no-one is hired for those jobs. reply spandrew 3 hours agoparentprevDisagree. If you post a job then reneg on it that still leaves folks out in the cold who are, in earnest, looking for work. Mistakes happen, and I don't blame hiring managers for the shifting financial landscapes they often have to face. But that job wasn't solid enough to count as a real position. Lump them together. reply bdcravens 3 hours agorootparentThere are job postings out there that are solid, but where the company is unwilling to pay the recruiter markup, and hiring organically just doesn't result in solid candidates. Not every company hiring is a Fortune 500 or Big Tech company looking to get over on the world. Many are smaller companies looking to fill roles but may be lacking in the bandwidth or resources to lower expectations and either pay well over market or hire downmarket and train extensively. To say these companies are hiring fraudulently is unfair. reply johnnyanmac 1 hour agorootparent>hiring organically just doesn't result in solid candidates. If you get one bad hire, it's probably on them If you get 20 bad hires, it's probably on the company. At some point, no matter the size, people really need to look at themselves and say if they are really trying to enhance their shop and let talent succeed, or if they are a churn shop and don't deserve solid candidates to begin with. reply bdcravens 1 hour agorootparentI'm not talking about hires, but candidates. Not all markets are awash in talent in every stack. reply johnnyanmac 56 minutes agorootparentIt's the same concept. Even with niche tech. If you can't hire a good candidate in a buyers market, and repeatedly get bad hires, what's your interview pipeline doing? Paying too low, getting reqs wrong in a game of telephone? Hiring through nepotism instead of merit? I'm just a bit tired of the \"but we need to avoid bad hires\" narrative. Especially since a certain blundermouth more or less said the quiet part out loud for the intentions many have with that. It made sense in 2022, but is that really an issue in 2025? If you can't \"find solid candidates\" now, how did you Faire in non-bust markets? reply lazide 3 hours agorootparentprevA posting which was never intended to be filled is still different than one that was intended to be filled, but never actually happened. Good luck telling them apart however. If you make it so every posting has to be filled or it’s ‘fraud’, it will be an even bigger mess. reply ryandrake 2 hours agorootparentIt's even harder to tell them apart in a bear market where the job market is stacked in favor of employers (for the moment). With the current glut of laid off engineering talent in the hiring pool, if an employer cannot find a candidate, they are not really serious about hiring. Yes, there's more filtering involved now, but you can't say that the candidates don't exist. reply johnnyanmac 1 hour agorootparentprevEvery posting needs to have an honest attempt to fill it. I don't know the exact numbers, but if there 1000 applicants per posting and you end up reposting your job 4 times, there's clearly something amiss.this overlap of 1-4000 applications and not one of them are worth a call? Even if we accept 90% is spam, that's still hundreds of candidates in a \"recruiters market\" being passed over. reply kylebenzle 3 hours agorootparentprevMaybe, but it's too hard to distinguish between the jobs that were posted with intention to not be filled and jobs that were posted with intention to be filled but through other circumstances weren't. So the distinction is moot. It's a lot like this website. It used to be pretty obvious which comments were trolls and which are real people but more and more the people have gotten dumber and the trolls gotten smarter so it's almost impossible to tell the difference between maliciousness and stupidity and for the rest of us it doesn't really matter one way or the other. A person wasting our time is a person wasting our time, the intentions aren't important. reply Bjartr 3 hours agorootparent> So the distinction is moot. From the perspective of an applicant's emotional response, sure, but it's absolutely relevant in order to have a conversation about how to solve it since the different causes may need different approaches, or may occur in sufficiently differing rates to influence which should be addressed first. reply grajaganDev 2 hours agorootparentThe distinction is also moot from perspective of an individuals's time being cavalierly wasted by a large corporation. reply lazide 2 hours agorootparentJust wait until you start thinking about dating. But if we’re claiming fraud, either way the intent is actually the deciding factor. You can’t commit fraud without a guilty mind (mens rea)- at least in any jurisdiction I’m aware of. reply johnnyanmac 1 hour agorootparentModern dating sucks, but at least half the time there's a real human on the other side that isn't a corporation trying to sell me something. And yes, that's what audits are for. To deduce intent by investigating from within, something we could never do. reply lazide 30 minutes agorootparentnah, fake profiles are a huge problem. depending on the site, it could easily be 1 to 5 real:fake or more. reply s1artibartfast 3 hours agorootparentprevdifferent is a matter of use case. The difference doesn't matter to the applicant. It probably does if you propose the death penalty for posting fake listings. reply johnnyanmac 1 hour agorootparentA fine large enough to make bad job postings (genuine or not) unprofitable is fine. We don't need reducto ad absurdum here. Just make businesses put thought into their postings and not let someone who has no idea of the qualifications right them up themselves. reply s1artibartfast 52 minutes agorootparentThere is nothing wrong with reductor ad absurdum to make a point about dependency and categories. It is the primary use case. I think there are a million practical challenges to implementing a fine. I wonder if there is enough incentives to draw employers to a verified list service. reply johnnyanmac 1 hour agoparentprevIf you get hundreds of apps and you can't get a single qualified candidate, you either have a horribly inefficient recruiting system or your job needs are so specific that general job boards won't help you anyway. If you have years of inefficiencies happening without being addressed, at what point to we just call it fraud instead? Or possibly you highly overestimate your job needs vs. The requirements posted. Which is endemic of the above reasons anyway. reply reptation 3 hours agoparentprevSure, hiring is hard but the factors you mention are rare, and teams are extremely motivated to fill vacancies. reply derektank 3 hours agorootparentTeams are also strongly motivated to not hire a bad team member that drags down morale and wastes resources. I want to say this is more true in government hiring, where it's difficult to fire people, but I've seen private companies hold out for a long time until they find someone with the right combination of cultural fit and technical skills. reply spratzt 2 hours agorootparentIt’s extraordinary how frequently companies discuss the cost of a bad hire and never consider the opportunity cost of a no-hire. Companies that keep waiting for Mr. Right are really saying that the opportunity cost of not completing their project is very low. In other words it’s not really that important at all. reply danaris 2 hours agorootparentOn the contrary. \"Not completing the project\" is not an option—if they don't hire someone to fill a vacancy on the team, the rest of the team will just be expected to work extra hours to keep up. Oh, not with overtime—you're salaried, remember? (Alternate version: Oh, no, you can't actually log the extra hours; we don't have the budget for overtime, and I, the manager, can't be seen asking for more money, or it would affect my bonus!) And you'd better step up and work those hours. You want to be seen as a team player, right? reply johnnyanmac 1 hour agorootparent>Not completing the project\" is not an option—if they don't hire someone to fill a vacancy on the team, the rest of the team will just be expected to work extra hours to keep up. And that's the opportunity cost we don't talk about. The cost isn't \"we slow down on a project from a bad hire\". It's \"demoralize/burned out engineers quit to a point where the deadline is impossible to reach\". You can't force overtime to engineers that leave and take their institutional knowledge with them There's also a lot of fake job postings as a sort of carrot to overworked engineers that \"promise more help is coming\". Which is just as ingenuous to existing employees as it is to applicants. reply jstummbillig 43 minutes agoprevCompanies dirty secret: Job postings are an invaluable signal generator for companies. Knowing how much demand there is for various positions in your company is super helpful to drive business decisions. And unfortunately the company loses most of the signal when they are candid about just gathering potential applicants (because people will not apply and you know a lot less about their interest and potential) Not defending being uncandid, just a heads-up to be realistic about what's going on here. Unless it's made outright illegal, just assume it's happening all the time, because of how fantastic the upside is and how cheap it is to do. The amount of work the company has to invests in screening incoming requests is entirely variable and scales to 0 if they really don't want to hire right now. reply beezlebroxxxxxx 33 minutes agoparentMost companies, if not nearly all of them, are just really bad at hiring above \"entry-level\" in general. The practice of pushing hiring through HR teams and recruiters often leads to the job posting being weird catch-all abstractions because a huge funnel brings in lots of resumes, which makes the HR teams look busy. Really, postings should be astoundingly specific --- literally, \"This is exactly what we are looking for and the problem we want to solve. Prove to us you can solve that problem.\" Generalist hiring teams are usually unable to get that specific, which is why personal references and recommendations are very valuable. The number of applicants you get should be a good sign that your posting is too general or just right. Positions above the junior level should have significantly less applicants. If not, then you can probably simply hire a junior level. reply nextworddev 12 minutes agorootparentCan confirm. 90% of L7, L8 hires at AWS between 2021 and 2022 flopped. reply juujian 3 hours agoprevThat would actually be a surprisingly low figure as far as I'm concerned. reply pelagicAustral 3 hours agoparentI'm thinking exactly the same. Feel like it's more like 3 in 5, if not 4 in 5. I recently commented on another thread about how I managed 2 interviews and 1 offer out of ~500 applications. Which is kind of telling, since it only took 2 actual interviews to get another job (alas for less money that I make right now anyway)... If the jobs were real, it should be far easier to get them. reply ryandrake 2 hours agorootparentI remember a few years ago I posted that throughout my career, during market ups and downs, my average application:interview:offer ratio was around 100:10:1 and half of HN thought I was exaggerating, or there was something wrong with my interviewing, or that I was shotgunning my resume, and so on. We've got an industry full of young employees who are seeing the first bear market of their lives. 500:x:1 doesn't seem outrageous at all in a down market. The 2:1 interview:offer ratio is actually outstanding, especially where the industry is today. reply johnnyanmac 1 hour agorootparentI guess as a \"newer employee\" (8 years now) I see that and say \"yeah, that was pretty much my first job search. Maybe a bit better reply rate\". I may not have been applying for jobs in 2008, but I feel this bust isn't just about low hiring. And that's what makes it all the worse. For reference, these 8 years and 3 jobs later, I'm probably around 300-20-0. Or 1 if you the count the part time freelancing that just showed up out of the blue. But I didn't even apply for that. reply Cerium 3 hours agorootparentprevIf you get an interview you are already on a short list. The process I usually see is 100's of applications -> screening by recruiter and hiring manager -> phone screen 10-20 -> coding challenge 3-7 -> onsite 2-3 -> hire 1. reply convolvatron 3 hours agorootparentprevThe part I don’t get is that 6 months later I get responses to applications. I’ve talked to recruiters and the picture they paint is hundreds or thousands of resumes in the inbox. They keep shuffling their search criteria and sometimes someone interesting pops out. That doesn’t entirely make sense to me, but something is clearly quite broken, and it seems to be as much due to incompetence as fraud reply daseiner1 3 hours agorootparentI’ll never forget getting a boilerplate rejection email from Lockheed Martin 13 months after I applied for an internship for the upcoming summer. reply bbarnett 2 hours agorootparentI'll try to upstage that! 20+ years ago I applied, and interviewed for a Federal Gov of Canada job. 18 months later they called me to tell me I got the job. I'd been at another job for 16 months! Glad I didn't take it. Government and traditional big corp are very stodgy, slow to change. reply ryandrake 2 hours agorootparentThis one's not as bad but still amusing: I applied to a well-known telecom company that rhymes with \"May Pee and Pee\" and got to the final onsite interview, after which they ghosted me. Afterwards, I did the whole round of interviews at a different company, got hired, moved my family across the country, and got established in that new job. A few months later, I got an E-mail from the telecom company saying \"We would like to interview you one last time. Please let us know when you are free.\" LOL reply Clubber 3 hours agorootparentprev>out of ~500 applications Yea, the process is eating itself. Recruiters automate screening and applications automate submitting, so there is so much noise, it's difficult. I'm not saying there aren't ghost jobs, I'm just saying an already arduous process is even more so with automation being leveraged on both sides. reply ajmurmann 2 hours agoparentprevIt seems like these numbers are purely based on Greenhouse. I bet that many companies use less sophisticated approaches like just sending resumes to a mailbox and those have higher fake rates. reply Scoundreller 7 minutes agoprevAnother 2 in 5 are real, but they’re hoping to replace an existing employee at a lower rate. No net new job but net lower income. reply ethin 1 hour agoprevIt wouldn't surprise me if this was a significant under-count. I've been applying for jobs for, what, 3-4 years now, both when I was in Uni and after. I don't even know how many job applications I've submitted but I think I've gotten maybe 10-15 interviews at most? I have of course gotten the typical advice: \"Build your network\", \"Submit a cover letter\", blah blah blah, but the first bit is completely useless to me (I don't have the finances to go to conferences for example) and I've tried the second bit and haven't gotten anywhere. I've been told to tailor my resume but... Yeah, I'm not doing that when I'm supposed to be submitting hundreds of applications per day or something. Honestly it's hard to muster up the motivation now to apply for jobs instead of working on open-source projects and (maybe) posting something freelance-ish on fiver or something because at least with open-source projects I'll get somewhere and it's something I enjoy; with job hunting and all the automation at play, and with even more things getting automated, it's a lot harder to answer the question of \"why should I even bother\" when companies are slashing headcount like crazy and aren't fined heavily by these platforms for posting ghost jobs and wasting my time (or some equally as harsh punishment that makes them actually pay attention). I still apply occasionally, but given how horrible the market is I know my job application count has significantly fallen. I just hope the market turns around and we see some huge crackdowns on all this automation because it's massively disincentivizing applicants (after all, why apply when you can only submit an application every 10-30 seconds while a bunch of people can submit 10000 applications per minute?). reply Glyptodon 47 minutes agoparentIf you're submitting a hundred applications a day, you're doing it wrong. You should get better results aiming for just a few a day, but each tailored. (Though obviously it's just not a great time right now, I'd argue not being bot-fodder and obvious chaff is extra worth it if any human ever does actually look.) reply grajaganDev 4 hours agoprevThis is clearly fraud and needs to stop. Companies behaving like this demand regulation. Instead of whining about regulation, read the room and don't bring it on yourselves. reply ricciardo 1 hour agoprevSeriously contemplating if it is even worth applying in this type of job market. Being young, would it not be more beneficial to just contribute to Open Source projects in which my actual passion for the field comes from and additionally find outside work to just get by? I guess it all comes down to an individual's ambitions and goals in life, but seeing some of my colleagues and friends do nothing but apply to jobs for a straight year seems extremely unfulfilling (mind you this is a perspective of a new-grad in CS). reply InkCanon 1 hour agoparentI have similar thoughts. I'd say one big upshot of working in tech was they formed very high talent densities during their peak in the 2010s, so you could learn a lot. But now I'm not so sure. Plus it's a circus getting hired as a fresh grad. I'm largely thinking of masters or PhD - in the right place you get that talent density too. reply fsndz 8 minutes agoprevThe ratio is probably 4/5 for YC Startups reply taeric 2 hours agoprevThere is a big gulf between \"fake\" and \"never filled\" that I don't like being washed here. Specifically, there are plenty of reasons you might have a position not get filled that are not nefarious. Could be an aspirational. Could be a company that is so under water that they can't manage a hiring pipeline. Could be one that isn't under water, but doesn't know how to manage a hiring pipeline. Could have been overcome by other events. Plenty of options. Yes, I'm sure there is some fraud. I'd love to see data that went into that detail. I'm assuming it is rather lower than 1 in 5. reply johnnyanmac 1 hour agoparentIf companies were as honest about \"low priority\" evergreen work over the constant need help immediately, that may be acceptable. But I've never see anyone say that in a job posting. If you're indistinguishable from the behavior of a fraudster, that still reflects poorly and has the same results on applicants. (well, okay. Actually honest. How many of those \"urgent\" postings eve felt urgent?) reply Joel_Mckay 44 minutes agoparentprevIn general, some people want ghost-workers for working visa scams. i.e. some desperate individuals pay to not even work in a country to get around immigration rules. This scam was outed by some undercover East Indian journalists. Its gross because cons exploit people, and suppress domestic economic reality by bidding down wage rates. Nothing was done about this by the way... nothing... =3 reply matchagaucho 2 hours agoprevI've noticed sites like Indeed are still showing job listings scraped from our website 5 years ago. I've not chased down every scraper and submitted a remove request. But I can easily see how 20%+ of job listings are dead-ends. reply rdtsc 1 hour agoprev> actually a corporate strategy designed to make the businesses posting them seem like they’re growing Assume these companies don't have morals (that should be the default, btw) and ask yourself why wouldn't they generate 1000s of open job postings? Especially if many steps in the initial process can be automated. This makes them look like they are growing, and maybe their filter might find some rare great candidate and they'll find an opening for them. All upsides and almost no downsides. One downside is having to manage applications. But that can be outsourced or automated. It's immoral, disheartening to potential job seekers and skews job number stats, but that means nothing unless it's illegal. Once they start fearing of getting in legal trouble, they'll keep doing the same. reply lambdaone 3 hours agoprevOne in five seems to be an under-estimate. Based on my experience of Upwork, at least 50% would be a better estimate. reply iknownthing 2 hours agoprevI worked at a company that created fake job postings for H1B reasons. reply aprilthird2021 2 hours agoparentThis is for PERM, not H1B. Many companies did and still do this. Imo, the concept of PERM is flawed, which causes companies to do this stuff. Some have had to settle with the gov't and can no longer do this (Meta). Also, the jobs are not fake, they are labor market test jobs, designed to show that no citizen meets the job requirements thus validating a green card for the H1B visa holder. They are \"fake\" in that they are designed so no one applies for or gets the job. Imo, labor market test should be part of the visa granting process, not the naturalization. reply dzdt 10 minutes agorootparentI have been required to create such fake job postings. From the line manager perspective, how it looks is you have a colleague who has been working with you for several years who is on a H1B visa. They want to get a green card and become a permanent resident. To support this, we are required to post a fake job ad for their position, and invent a reason to reject any US citizens who apply for the position. (Non-US applications are ignored.) Our legal advice was that the job posting had to be contain only legitimate requirements for the role, so it could not be highly tailored to only match the resume of the employee seeking PERM status. The result was phone screen interviews were required to reject 8-10 on-paper-potentially-qualified US applicants for the fake position. This is for a highly specialized area within finance, where in real hiring there is an immense effort to find the strongest candidates regardless of nationality. In hindsight I am confident that earlier in my career I had applied to at least one such fake role. One not-well-known advantage of working with a recruiter as a job seeker in such a field is the recruiter will have back-channel information to know to ignore such fake job postings. reply RainyDayTmrw 2 hours agoprevIn trading, spoofing[1] is placing insincere orders to generate a signal, and presumably influence other participants' behavior, without an intention of actually having those orders filled. Bad actors spoof trades because it works. Spoofing is illegal, and rightly so, although enforcement may be a bit lax. I guess, we're now seeing the rise of spoofing in job postings. I, for one, find it quite tiring. I think there's a parallel. Bad actors spoof job postings because it works. What can we do to make it less effective or less worthwhile? [1]: https://en.wikipedia.org/wiki/Spoofing_(finance) reply esafak 2 hours agoparentJob posting boards can punish them if they detect them as being spoofed through response rates. reply johnnyanmac 1 hour agorootparentCan. Won't. If trading has lax enforcement where this can cost people millions, why would a job board getting paid to post fake jobs care? reply neom 1 hour agoprevI'm starting to wonder if this is something that could/should be regulated...? I can't think of a great reason for allowing this from industry. It seems least reasonable you could be required to go back and remove postings when the position is filled or no longer available?? reply johnnyanmac 1 hour agoparentIt absolutely should be regulated. Especially since there's so many ways companies exploit this for a variety of factors. I can't think of one benefit to applicants. Wastes their time, the increasingly AI-submitted rejections are useless noise instead of feedback on how to improve, and the rise of \"video interviews\" just give more data than necessary to a company without ever needing to send a human to talk to them. The application market needs an entire overhaul. reply CM30 1 hour agoprevMakes sense. Seen an awful lot of jobs on these sites come up time and time again, and it always felt rather suspicious how often that happened. If a job can't be filled within a year or three, that's a pretty good sign that the company isn't particularly interested in filling it. As you may expect, they also tend to be the jobs that don't even respond with a rejection or anything when people apply to them, and where anything submitted seemingly just vanishes into the ether. reply goredsox 57 minutes agoprevThere are companies that scrape linkedin job postings for skills based workforce analytics. These jobs reports are then sent to higher ed institutions to inform classes. So manipulating these markets can signal to higher ed what skills they would like to devalue in the future reply tiffanyh 30 minutes agoprevDoes cross posted job listing mess up this data? Because it's common for the same job to be listed on multiple job sites. reply woofcat 56 minutes agoprevYou mean Aha! isn't hiring 100 people in 100 locations world wide at all times? reply Glyptodon 46 minutes agoparentThe one person I know who worked there was very disillusioned. reply eterm 1 hour agoprevI got an email from LinkedIn prompting me to \"unsubscribe from job alertbecause you haven't viewed it in 3 months\". Indeed I haven't, because every week they email me the same list of the same jobs that have been listed since the first week I signed up. And also because setting \"remote\" effectively turns off the radius, even though I ideally want a job that is remote but also local if possible. reply indiantinker 1 hour agoprevI have been applying to this job at major brick making toy company for the past 3-4 years that is super dope. But i never get it and neither does anyone else. reply ge96 3 hours agoprevI forgot to make a meme about it but I still get these \"We're sorry we went with someone else\" months later from jobs I applied to but it's alright I have a job now. The joke of the meme is I feel ashamed/disappointed but I forget I'm fine. reply siliconc0w 39 minutes agoprevGood opportunity for a fakejobs.fyi site that names and shames companies that do this. Send in perfect resumes that 100% match the job req with 10+ years of experience and see which get a response. This of course leads to a tragedy of the commons but that is what unregulated capitalism demands. reply redleggedfrog 2 hours agoprevMakes me want to use an LLM to apply for a gajillion jobs. See how they like their own medicine. reply smel 2 hours agoprevI would say 4 out of 5 to be honest reply f1shy 3 hours agoprevI have seen that happening inside a company (big one). There is an internal job market, and I would say the ratio is about 20% or more fake. From every 20 applications to postings that seem like a copy of my resume, I get 5 replies (the rest is black hole, or come a reply 10 months later) from the replies, eventually 2 interviews. reply johnnyanmac 1 hour agoparentWeird, I really don't see the reason an internal job board does this. They know all the people and their experiences. Is this just some hr compliance so they can search outwards? reply maybeculdbeyeah 1 hour agoprevMaybe they are there to fake a good faith effort to justify their H1B hires. reply selimthegrim 2 hours agoprevI applied to some New York City series B start up with a Director literally looking over my shoulder after she assured me the job postings weren’t fake. Plot twist: they were fake they just weren’t in her department so she didn’t know and the only job they were really hiring for according to LinkedIn was an Azure contractor for $60 an hour reply Havoc 3 hours agoprevThat’s better than I would have guessed frankly. Internet is making it sound like 4 out of 5 reply nsagent 3 hours agoparentWell, my recruiter callback ratio is likely 1 out of 5, despite having a very VERY niche profile: a PhD focused on NLP for creative text generation, especially in video games, and a prior career as a game developer. Needless to say, I've only focused on roles that fit that narrow profile. One of the recruiters that contacted me didn't even know I worked in games, despite it making up the bulk of my work experience (including as a lead developer). Considering how closely I match this narrow profile, and the number of people that likely do, it's weird how low my callback ratio has been. reply sumtechguy 2 hours agorootparent> One of the recruiters that contacted me didn't even know I worked in games I get that all the time with my setup. \"you look like a good fit and have lots of experience for XYZ tech\". Nowhere on my resume does it even mention it. Sometimes I have to look it up and see what they are talking about. One of them even went on and on about my current job. Despite it only having the start date in that spot and no exp on what I do here. It is blindingly obvious they did not read my resume. They are keyword scumming and hoping for the best. reply dyauspitr 3 hours agoprevYou also have companies like mine (very large) where we don’t even post job descriptions online but just hire through internal referrals. reply ulfw 2 hours agoprev [–] Way way way way more than 1 in 5. Honestly. reply GuidelinesFAQListsAPISecurityLegalApply to YCContact Search:", + "originSummary": [ + "A recent study indicates that 20% of online job postings are either fake or remain unfilled, adding to job seekers' frustration. - This \"ghost job\" trend might be a tactic for companies to project an image of growth. - Job platforms such as Greenhouse and LinkedIn have introduced job verification services to assist users in identifying genuine job opportunities." + ], + "commentSummary": [ + "A study reveals that 20% of online job postings are either fake or remain unfilled, often due to companies needing to comply with US immigration policies. - Companies may also leave job postings up to find ideal candidates, change requirements, or have pre-selected internal candidates. - The job market is difficult for applicants, who frequently encounter ghosting and automated rejections, prompting calls for regulatory intervention." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Making an intersection unsafe for pedestrians to save seconds for drivers", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "Just a moment...*{box-sizing:border-box;margin:0;padding:0}html{line-height:1.15;-webkit-text-size-adjust:100%;color:#313131;font-family:system-ui,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji}body{display:flex;flex-direction:column;height:100vh;min-height:100vh}.main-content{margin:8rem auto;max-width:60rem;padding-left:1.5rem}@media (width Enable JavaScript and cookies to continue(function(){window._cf_chl_opt={cvId: '3',cZone: \"collegetowns.substack.com\",cType: 'non-interactive',cRay: '901fe4882f59c944',cH: 'CtnofUBRmUe16bVEC8K7r_opMvtb5FgDjR8xr6dLmSQ-1736881475-1.2.1.1-qKMCnFUj8ODUoehw7RyP1GD5AKU0m8YQeCqPcwsfyGUGZ9bNl9g5uEZxXwbKyvBt',cUPMDTk: \"\\/p\\/making-an-intersection-unsafe-for?__cf_chl_tk=46J4YBnm6xlPPqNW_p_kQrE0K8DEWJcsWFuv1UWJDpc-1736881475-1.0.1.1-3LYLgljRJqHgmyO3gDaFN2QF3_h3A_Lv1uJTuaOKg6Q\",cFPWv: 'b',cITimeS: '1736881475',cTTimeMs: '1000',cMTimeMs: '120000',cTplC: 0,cTplV: 5,cTplB: 'cf',cK: \"\",fa: \"\\/p\\/making-an-intersection-unsafe-for?__cf_chl_f_tk=46J4YBnm6xlPPqNW_p_kQrE0K8DEWJcsWFuv1UWJDpc-1736881475-1.0.1.1-3LYLgljRJqHgmyO3gDaFN2QF3_h3A_Lv1uJTuaOKg6Q\",md: \"yMKo.sg3mO8VneuHZS3W6ACgDFJ2f4SjNozp.BlreUY-1736881475-1.2.1.1-ShQUZ28bKXcq6FbGEmlesmRDMf.1r8qP31JBs4WNAbM8fXh2VLcyYMeLMxjgpYR3mXjSvSy.nb6igN9dmMmXKbNgjEJse.R156Nk8Po7yKMzh3G0yctEUOU0pvEwoO0M1Y.1c60kxWa.AcuKIVAbIhYjGF.kJUTmn4dPnEfd3dVD9cx85theY.y.S4ox6zaTYfM1JgLHz_bvjFNRskpIiAg2Ucnp80u7g6ZFIoyP0A6HFyOh8dlE7SBbyonP5keG1PgKNyMyvmnXE72sk53Lo_WGM5n2RX2PGib9MvdVHQFRV0N30R1OcrAeO1tSCXyRfg16yp9Q20NXrgb2REk2sc63zF5i0Dtyoci8OES7LO0l6ktzhWOBpJtLUusnINH65egG63on1hFGTyDwuhlM7Cr5VAyzvGMKj_40kWwF9mSzbzL6KTK4SqEWK5yhfXRHxd1TDYpgJGKPyjpFDvFU0UmJIPiCzlvO0NbxcawEYOmE2mG6XR6eqaozkPjRnWrM0JcAmZGyT8R_TzpD3yLsYd95d6VXitHkiv_qmmAhnHpZ0Az8IUNH8tKj0yb8qF88W92.BuCR66u0lWel3ENQfcOhvKqyv3rgu.BDSR2OeuuDw3rcfodWG3COOpusTLDNUSEYdKVWNA2PpUscBg.pDz0VESp_CPRBb2iP7_hSD7fPNOcgmr9GMBooqIoitsOQS1i2kmWug.hAj5yqQcGtoPIE7Idcm4.YpeQxKdsvfUAQ_D3GSOb.uHf_7aXSITta00i8cBZq_QsuUVBmuWtU6kVBDEqvSXGv52KILtU5.SefR.E_40uyL7xUeMYnbRsc4l4WmbJs1ohPYmNw2JKdqd0LvZkZq7pT1dNnrjQqAAsJY.1eYH1v_P2MdVE5hc.oEYwQtdxupLIUDTC2HckjIcNW3yDY36VrVleYk76yZCUDZ7nfAhxFDg_vLLYAFnhk49Mf0JOJnVQrd._gh9IHi7YdSFuWFS8NEZelsym90fEbk1zTFcCX.OJOEQgdNPrH7jWLl8Koib_IP6bvzLvq.OTSbvb45eSRxt3Ssn6q708mL4JjMZKyUUNpJvXrlExzK13esob8hDGHOhdtYaZyTXWonq847cRiWtx51xtQiHJxj3B2wLz9EZyh3jpKYf99XvFctRzfYmOaxNcICEdnOsVgf1VgDlUGNsTMHs7gU8h8j2ZFkL.xeeCo3CDqd1Uo5lT2zo_hgXTNMY7I1vjDYQzhCSej2FtjWmLZWipEHDS5jKrfce3FEYSSPMgcmlqVPgGyXFioknQXLJO2iNeniYIEE04Atf2fljgKKhjVHL4Hsd4fGgYNEtqfEovmfEkd1.7e9tWlpzKcS5uLzbLGIpDq26oROwTD9hUoxCU_.7genQ2MUqyKMJiEiANmPBKm9ydpVSkN4mAh0Sv6K9uJqvUqzfQFOfyAzX1K7KB5CTtzgCsEfS8B0VdbfTS_wKsQCPXTniua5IrWne86JuzTiJxsUFWjj1PPLVBGyqZXRRoBv1QW4N8wlutahy6AwMvZIPTdYGvr0E1583sPw1Y_I8fSY5sowvd3m0b1TdF9HI7BJwVh0ks7.WM6_bvmrX.08akua.u8KyJBIwUtllF19LvgdEgGRMjRg.kO0bWOvAoLBk34m7og.SC2Z4jE09db2V9_aWegrZGwRekCVtj0YGt_QWq4I200vauQktn2KGB2fx.s1IbSRgBTKcvBCmvSOFS27wejPlR73kVJpi62oTMZM_awdjIE3.lYKUVFrQi7om4nXsXEjrIU8CrU5EtMjCmS94zmBodHogfbEGLav60KYcqjIPIrp3V82BEz4J1FRnqseFHhqWL_M8WG9EwF\",mdrd: \"xgGxWbGbzM7wVDEDOFlsviGc2ifylSOxln_CeKP3zpc-1736881475-1.2.1.1-LilYxHcyudCd6IyKNto1CrK8TcSkKsNkjZMyXRHp7AtO.4kP7gHn4KyPRgcdERQAIXX5stS6SD4kUTfCFAAuxxEbdhEn10241g41G1y3rVJWVk3kK.4BS9a14wNoG40svX9OAriKYQD8qonSkYhMgB6iInseMsZN_nb0Rl000MkoTaxWu5wJJ.O1CZ6FkQnOC1wCDf0JAlWalRB9CcVs.9fSrZBZqJuuG3cF0powSqDBkaPAs5CmlxmSqbGEI0XcHamtDhdXwtazBPMUBXuy9M9ldhHVNjY1qA01AJjkSwoNff4MEfFXXa7rC4zYfLGMzi6BAAxBvJ0w51lqwWaAkJ79FevseD9sO.x_0omHZYfjTxTNXiCs0AAWNAGNVzr3ALdeHBlQgW.ChrfpTCO0f44spOvLXM0umyUkwFanST1smdkSh7z02MYtOM1Ing4TlmjONNUwFgTtxJ3ToRINQbCF9cKfypf1mhtyAKFmKO8PAyJnZIwsppwLIQxjO62OURxEWjp9tkBDACWTx9xpirmv5g5_rd4srjIXHlhMf_4UoJ7ajB6ZJyScQKMansM7hlEWj3tiZatm1ABYY9pC3nnRLvmCNZ2ww4r0vlj2mqlyXzkInwRoWGSBz7VjbCljHwioSUEaHs37gMx7NnE3YyYO6VExm_jMBKTERKVBi_qDVHRxoyshkMzXMIWDkfFJYogevzVaH6K3HeBQSdAJujwoYo._V2fFVZttplf5hmejdnl0FterFF0krXVt7t6yiRI0FDespR9TCj5FKvGwfumobSnqwgh5LLOQp6jvOcyrJK0gNrxs3Z3cfHQp72XLdsEnX28bbr_TKUhspsRyrlpsfMr6qkaogLb2lTEE7wS9A2oyNb9x24dXM5qomwBSD5K295plGyIFGgoqHnTMgejl18PWic5NlT_Q75666no9j1FyUiQrFjtfErHgOgGIHEPmkYqQ1xx6in1d_8nIUFbGAPnHIOzi88zNJQ8o7GJAbHQoK96vl4Vg4y96t9HIlFvwGxfArXnrPw7wO3lBvYF8fU0H9wZMPcknOWx6vpQlcCsir1G03P3tiyToCFGzoJSnRBRl8wfOp4EOFqjx3aVJHthA2NFL3mzAtI74mah9oSoGD2NU_Mjj8.tWkv9v68WNUcr.e5dHrJ4jPfhfGrnM7O8qLOBU2g04SejHI5e6waZ0XKu2ODrzDkKJ9WUOW_X7.B6NjagyVCJ5yRunidEMelzRC_yPN8ZgHS5C8EsQf7LzioUCK6cNzlyi5ONBM5vQqoTw_7LaMNY5c7k2j.NcX0p.kMIfBzk9_VAZR39dYg8FdIyfZusDem8oVXX412mwwwkd_d960gyq72fxxqbM3e56TQqtrs0B5INRPcmnYhdISZwa8UiNFUfLe_ihEyk3T7TmJJSRpBdqWbnEB8zxTP2nGgiHsjIZWRt1WOK5OGK2eUcGL5kTgsGCyY6jF0V0hRtQwuv5TIBa1nIQN3QWONhQ0Q7uhw9kh7fEfdp9Q3LclxJi2V6iS2OzgMwuTMn6e2ldW_RS.eou3Wm4gLu1J6EdkLHwz12h7tzpc7qBf5mQ9UsdclPh79KHkedhZ35u7FFnry5dIG08uZaZtpg2k.ANCNrNyRWnPfTDEn3w9lM_zL0GMuHnjxN_P0BMuvTMztDs96nT35sMEE8yv0GgNODIANRrntfI4zbQU.p5OnJarr1Q8um2TmbQXeYsyf8jWNhpVH2ELgn3jixu7cOkHSgnfA7qmnSFLyGkNXRNwORXZq3coRxlWT_ZNMCXCVEYM0qKCR.GTfmRCBH1LdVaC7Qx.ERS3Zt3geHDGKuzKmkcZzhZQd71lm9Mykh.8TBpXnIU3ouh7RQ1M3WgpigB4y3MgmOI51QNjxZydRrPOnCqkm2xIBoUlRj7EAKhS842QghMiG54yQOso4wnGpYULPFPG4qe7GPBByeXZF1A6Aznf23OM2I3wQBmj5BBiAX5YloK.x_9HAgDaMJnKxN82tgFyw.Ic7.OqgDlzSYfE1fIO0nQ8gRJgBu.oUuCPPlyYkG7Vx_TLQX1Ldi6jRyC9i2IUi5oydOoBDhrumeKYT6Osk_z5OBYyq5UsdMe0DoA0zH6TSMlTxkHWOIMVYLk3igYwFUMuCsEG8ZePjt289BiF6iz2YUXYljh10RW.rzcGYz2vTD6kxhCXip97LCLUY.7A.jzjJ76D2meGl7fHFPyMe0E7j4PqBLdlL.A7H0M4ef6qIf1ajhrvFlG2l9ti_0yV0BF2XrdoZm.LsmXJKoXy2SwYDcEVA9HwNQaG1jbyGSPxIGrSNrxqcbFW9gALMbQ87gIvrgVkX09NtQN_H9ZW..rp0fV8qNonNcphwJacaVu_YTBOZvuR6P5pQUzd5Jai2EP0wzN6_Lqn8YdWrLp4wOIg1AgIrVUe1Hw\"};var cpo = document.createElement('script');cpo.src = '/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=901fe4882f59c944';window._cf_chl_opt.cOgUHash = location.hash === '' && location.href.indexOf('#') !== -1 ? '#' : location.hash;window._cf_chl_opt.cOgUQuery = location.search === '' && location.href.slice(0, location.href.length - window._cf_chl_opt.cOgUHash.length).indexOf('?') !== -1 ? '?' : location.search;if (window.history && window.history.replaceState) {var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;history.replaceState(null, null, \"\\/p\\/making-an-intersection-unsafe-for?__cf_chl_rt_tk=46J4YBnm6xlPPqNW_p_kQrE0K8DEWJcsWFuv1UWJDpc-1736881475-1.0.1.1-3LYLgljRJqHgmyO3gDaFN2QF3_h3A_Lv1uJTuaOKg6Q\" + window._cf_chl_opt.cOgUHash);cpo.onload = function() {history.replaceState(null, null, ogU);}}document.getElementsByTagName('head')[0].appendChild(cpo);}());", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "Making an intersection unsafe for pedestrians to save seconds for drivers (collegetowns.substack.com)267 points by raybb 3 hours agohidepastfavorite362 comments potato3732842 2 hours agoAs a pedestrian I will take a busy light controlled intersection with a pedestrian scramble type walk signal over a busy 4-way stop where every single time. With the 4-way stop there is never a time in the cycle when all traffic is stopped. The drivers who are present are continuously paying attention to what other drivers are doing which robs them of situational awareness to note pedestrians. You can try and time it but that's risky. With the walk signal there is a brief moment in time when the drivers are doing nothing but waiting for you and are all stopped so you as a pedestrian can account for them in preparation just before you get your signal and make your move. The author can get lost with this sort of textbook correct but questionable in reality take. Legally having the right of way doesn't make you any less dead when the driver who's got three other drivers to pay attention to doesn't see you. reply dylan-m 1 hour agoparentThis is why it's often safer to \"jaywalk\". If you're in the middle of a block, you only have to look two ways. Even if you screw up, a driver going at a reasonable speed is more likely to see you anyway because you're directly in front of them. I'm not exactly advocating for crossing in the middle of a street in North America since it's depends a lot on the situation, but there's a reason why people sometimes just do it intuitively, and it's unfortunate our infrastructure doesn't know how to address it. reply pclmulqdq 1 hour agorootparentJaywalking is very common in the Northeastern US, and I believe it is generally safer when done well. I have a rule that if you don't feel like you can calmly saunter across the street, you shouldn't jaywalk by running across, but many people do not follow such a rule, and just take the soonest opportunity they can find to run across the street. Be careful, though - I once jaywalked when I was with some friends from the Midwest and they were very offended. reply jerlam 1 hour agorootparentprevCalifornia just made jaywalking legal in 2023 too. reply hoherd 9 minutes agorootparentNYC legalized jaywalking in 2024, and the change will take effect next month, Feb 2025. https://www.cbsnews.com/newyork/news/jaywalking-legalized-in... reply throwway120385 2 hours agoparentprev> With the walk signal there is a brief moment in time when the drivers are doing nothing but waiting for you and are all stopped so you as a pedestrian can account for them in preparation just before you get your signal and make your move. Having almost been hit a few times by drivers making a right turn on red, I can tell you the drivers never wait even if you have the right of way. You'll be lucky if they even look for you. > Legally having the right of way doesn't make you any less dead when the driver who's got three other drivers to pay attention to doesn't see you. Also, and I know this is unpopular, but maybe you shouldn't dress like that if you don't want the attention. reply SoftTalker 2 hours agorootparentHere's how I handle right on red: When I have the walk signal, I look to my left for cars that might be turning right. If there are any, I look at whether the driver sees me. Try to make eye contact. If they are moving and apparently don't see me or are going to turn anyway, I wait. I may have the right of way, but I'm not going to win that battle. reply kspacewalk2 2 hours agorootparentI make it clear with body language and eye contact that yes I see them and no I'm not meekly yielding my right of way. However, I leave just enough space to avoid being hit, for those situations when the True Assholes knowingly cut me off anyway. Or maybe they're not assholes by intent, but instead in the 90th percentile for inattentiveness and bad driving habits, which may even be the same thing. I don't know, I'm not a driver psychologist. reply danenania 1 hour agorootparentI think a pretty large percentage of drivers don’t actually know that they’re supposed to yield to pedestrians when turning at lights. I’ve had multiple close calls where the driver looks at me angrily, I point at the white ‘walk’ symbol, and then their anger turns to confusion. They had no idea that they’re supposed to wait. reply grogenaut 1 hour agorootparentI live in seattle where people are pretty good about yielding. It's confusing as eff which lights and what times the peds are going to get a walk signal when I'm taking a right and when they're not. Some also go walk at the same time they go green for right turns. Some slightly delayed. It's hard to watch both lights as a driver and the oncomming traffic. reply danenania 58 minutes agorootparentI agree that it's confusing, which is why I think pedestrians should be given their own exclusive time to cross the intersection, just like cars. It would be easier and safer for everyone. reply kspacewalk2 58 minutes agorootparentprevRights on red are an inherently dangerous design flaw of North American traffic laws. It's not allowed in NYC and soon won't be allowed in DC and Atlanta. reply undersuit 42 minutes agorootparentAny time you grant vehicles a shared path with pedestrians is dangerous. I was in the middle of a long line of cars taking a left from a left turn lane. The green arrow light turned to a yellow arrow light for a brief second before turning full green. I was at the front of the line at the time so I slowed down and waited for the car in front of me to clear the intersection before I turned so that I could see that there if was oncoming traffic who light just turned green. No oncoming traffic, start turning, notice when I'm way to far into the intersection that a pedestrian is trying to cross the 90 feet of crosswalk as well. I violate their right of way and get myself out of oncoming traffic lanes. In the rear view mirror I see the pedestrian waiting in the middle of the crosswalk for the rest of the line of traffic behind me to finish their left turns. The corner is a 120 degree turn, definitely my fault for not being aware of my surroundings but also... 120 degree turn on two 4 lane 40mph roads... the pedestrian needs a dedicated time to cross free of vehicles. reply pnutjam 31 minutes agorootparentprevIf they get that close to me, the car is getting kicked or slapped to elicit a reaction from the driver. reply HnUser12 2 hours agorootparentprevThis is what was taught to me in drivers ed as a driver. Make eye contact with the pedestrian. So I do the same as a pedestrian as well. reply throwawayffffas 2 hours agorootparentprev> Having almost been hit a few times by drivers making a right turn on red, I can tell you the drivers never wait even if you have the right of way. You'll be lucky if they even look for you. Right on red should not really be allowed. It's a real hazard. reply mtalantikite 1 hour agorootparentIt's not allowed here in NYC. I've nearly gotten mowed down by people from the suburbs driving into the city not knowing it's illegal here on a few occasions. They also seem to get pissed and honk at me, as if walking around NYC isn't the default mode of transportation. reply cloverich 1 hour agorootparentTo be fair I've seen NYC _pedestrians_ yell at other pedestrians for walking wrong, NYC isn't exactly an outwardly friendly place in that respect. reply SoftTalker 2 hours agorootparentprevIt isn't in much of Europe. reply smaudet 1 hour agorootparentprevThe real issue are the road rage drivers who can't wait a minute and start honking behind you. We all get it, we are all late now and then, but unless you are literally trying to catch a plane or a boat, in all likelihood you can sit your candy ass down and wait a minute. reply mindslight 2 hours agorootparentprevIMO the problem isn't right on red itself, but rather that vehicles have to be in (and often completely over) the pedestrian crossing area to see oncoming vehicle traffic they have to yield to (at the distance required due to higher oncoming vehicle speeds). This encourages the behavior where drivers plan to have a single stop in that area, where they wait for an opening in vehicles to go - completely failing to take into account the possibility of having to stop before that area due to pedestrians actually using it. The situation is more like two separate stop and yields, and when drivers don't expect pedestrians they skip the first one. reply _DeadFred_ 1 hour agorootparentNot stopping before the pedestrian area is an instant ticket in my small town. They really promote walkability here. All of the issue listed seem to stem from lack of law enforcement. Our town also has bins at intersections with bright orange flags to increase your visibility as well as flashing 'pedestrian crossing' strobes initiated by button at problem location. reply cloverich 1 hour agorootparent> All of the issue listed seem to stem from lack of law enforcement When its a few bad apples its an enforcement issue. When its many bad apples its a design issue. reply mindslight 1 hour agorootparentprevDo you mean bins where people like, take an orange flag out, cross the street holding the flag, and then put the orange flag back in the bin on the other side? This is the first I'm ever hearing of that, and it sounds immediately ridiculous. But with further consideration I could see this being quite interesting for significantly changing the dynamic. reply grogenaut 16 minutes agorootparentIt is completely rediculous and I take every opportunity to ham it the eff up when I use them. They're in in several of the nicer places on the east side of seattle but are being replaced by aggressive pedestrian flashers. I'm 6'2 but I take the opportunity to re-enact my favorite olympics floor ribbion routine. reply manwe150 57 minutes agorootparentprevYes, the flashing lights are more common in my area, but either are a nice signal that someone wants to cross (and isn't merely waiting for their uber or to get in their own car) reply estebank 1 hour agorootparentprevIf there is no way of configuring the intersection so that right on red is safe for pedestrians, then the problem is the right on red. reply mindslight 1 hour agorootparentThe point of looking deeper at the actual dynamics is to brainstorm ways intersections could be made safer, without overshooting and then getting a campaign to undo it all in 20 years. For example: Less visual obstructions so that oncoming traffic can be seen sooner? maybe, but probably not going to change learned behavior Advance the crosswalk even more, with two separate lights? perhaps on a per-intersection basis Hard square corner kerb instead of a round bevel? Might help in general. reply estebank 1 hour agorootparent> Less visual obstructions so that oncoming traffic can be seen sooner? This is called daylighting and California passed a law for it https://www.sfmta.com/getting-around/walk/daylighting > Advance the crosswalk even more, with two separate lights? Pedestrians already have a \"leading signal\" in intersections with lots of people, which makes the wall signal change before the green for cars. Right on red defeats their purpose, which is to ensure pedestrians are on the middle of the street by the time a car wants to turn, putting them where they are easiest to be seen. > Hard square corner kerb instead of a round bevel? Yes. I would go further and have bulb outs https://www.sfmta.com/getting-around/walk/pedestrian-improve... and at grade crossings (the zebra crossing is at the same height as the sidewalk). All of these have been proven to work. > overshooting I don't think there is any risk of \"overshooting\" in making cities nicer and safer for pedestrians and all other road users in the US. If anything it will be an uphill battle to accomplish any change. reply mindslight 1 hour agorootparentI don't know why it feels like you're jumping on me here. Is it just CivE attracting people who overly focus on nouns? What you're calling an \"at grade crossing\" is indeed a good one I missed. I would call them something like crosswalk on a speed bump, which might be \"car centric\" or whatever, but at least isn't overloading a term that generally refers to using different levels for actual traffic separation. Everything we're talking about here is actually an at grade crossing. > I don't think there is any risk of \"overshooting\" in making cities nicer and safer for pedestrians and all other road users in the US. If anything it will be an uphill battle to accomplish any change. You really don't see the possibility of backlash to \"no turn on red\" everywhere creating a campaign of drivers getting frustrated while waiting for timed red lights to change at completely quiet intersections? And also FWIW, \"no turn on red\" doesn't actually prevent drivers from driving into the pedestrian crossing area - it just removes the benefit. It would still take a generation or two to change learned behavior. reply tantalor 2 hours agorootparentprevRight on red is (or should be) never allowed during a pedestrian scramble. That's just asking for trouble. The box must be entirely clear of cars during the walk signal. reply danenania 52 minutes agorootparentLeft turns on green (with no green arrow) are also pretty bad imo, as are right turns on green with no arrow. In both cases pedestrians are supposed to have right-of-way, but cars often don't respect it. reply tantalor 30 minutes agorootparentThat's part of what pedestrian scrambles so great: you always wait for the pedestrian phase before crossing. There is no pedestrian crossing in the car phase. The other great benefit is you can cross the diagonal (kitty corner). reply MrOwen 1 hour agorootparentprevI'm nearby this intersection and there are 2 scrambles- this one and one about 2 blocks down closer to the university. There is very clear signage for cars that there are no turns allowed on red. I've crossed both intersections many times and rarely have I seen cars violating that rule. Perhaps they do but in my experience, they generally respect it. reply afhsrtjwrtj 2 hours agorootparentprevWhy is right-on-red always cited as the biggest problem with turns? My anecdotal experience is that drivers turning on green are way more likely to hit me when I have a walk signal on the cross-street than drivers who turn right on red. reply mitthrowaway2 2 hours agorootparentIt's usually because a driver turning (right) on green doesn't have to worry about merging into traffic, so they only need to focus on pedestrians. Hopefully they will. A driver turning right on red has traffic coming from their left and pedestrians walking in front, and they're usually more concerned about the cars, so they tend to look left while turning right. Ouch. It's a growing issue as well because of the growing size of cars. Littler people can be completely concealed behind a front grille. A car turning left on green is also an issue because while they should be able to see and wait for pedestrians, they're often occluded by other cars and trucks, and those left turners can be in a hurry to proceed through a gap in traffic. reply bobthepanda 1 hour agorootparentAlso, while technically a right on red should require one to come to a full stop, then start their turn, in practice many people are doing rights on red at rolling stops at significantly higher speeds. reply dylan604 1 hour agorootparentprevThe number of people that make right-on-reds that not once during the approach or during the turn look to their right is what makes it a problem. I have often been tempted to do one of those YT videos of people spending their day videoing people at intersections to show how prevalent bad behavior really is. I just have no presence there for it to make it worth my time. I know how bad it is, and adjust my personal behavior accordingly reply tanewishly 2 hours agorootparentprevAre you saying that a right-turn can be green simultaneous with the pedestrian's crossing light being green? Because where I'm from, traffic lights are not allowed to be set up like that. No simultaneous green for crossing traffic flows, unless otherwise indicated (eg, an extra warning light+sign under the turn's traffic light flashing when it's green and off otherwise). reply vikingerik 1 hour agorootparentA car turning on a green light can be simultaneous with the pedestrian's crossing light being green. The driver is obligated to see the pedestrian and wait. What's not simultaneous is a green turn arrow with a green ped crossing. Intersections in the US are designed so that a green arrow will mean the driver has no conflicts and can proceed. Not everyone (both drivers and peds) understands that distinction. reply manwe150 51 minutes agorootparentI feel like I see a lot of fairly crazy intersections in my US city, where it feels like they break at least one expectation of the simple red/yellow/green patterns from drivers ed. I wouldn’t want to trust anyone’s life to assuming that a green arrow should mean I have the unconflicted right of way, let alone that others are even paying attention to their own signal reply toast0 1 hour agorootparentprevYes. This pattern is normal in the US. While vehicles are traveling north and south, the walk sign for crossing north and south is available. But vehicles are typically allowed to turn in the same cycle, protected lefts with their own cycle are common. Some intersections have a dedicated arrow for right turns and those will signal no rights while a walk sign is on, but otherwise pedestrians and right turns conflict. reply davidcbc 1 hour agorootparentprev> Are you saying that a right-turn can be green simultaneous with the pedestrian's crossing light being green? I can't think of many places that I drive where this isn't the case. The pedestrian crossing lights are in sync with the traffic lights, if traffic going N/S is green then the pedestrian lights going N/S will also be green even if cars are turning E/W reply manwe150 47 minutes agorootparentI know at least one intersection that crosses a bike path and walking path near me that changed recents so now oncoming traffic goes with the walk signal while turns are forbidden, then only right turns are allowed, then only left turns. It takes slightly longer to go through the cycle (particularly on busy days where pedestrians don’t yield the street for people to turn), but otherwise makes it much less stressful to go through that intersection regardless of my mode of transit around it reply gowld 1 hour agorootparentprevYes: https://ibb.co/86tqnBM Direct link: https://i.ibb.co/Hn36L27/Green-crossing.png solid green (right turn allowed) + pedestrian green (for crossing). car and ped both have access to ped crossing. (Car should yield to any ped in crossing.) Also, I drew a picture before I realized that this wasn't what you were asking about. But I like the picture. C A R 2v --------- -------- CAR1 -> ---------|ped -> -------||| C A R 2 --------- -------- C ---------| pAed -------R| 1|reply scotty79 31 minutes agorootparentThere is a way to mitigate the danger somewhat by giving pedestrians green light first, so when the car turns they are already in the middle of the road. reply RC_ITR 2 hours agorootparentprevOn a green arrow turn, drivers are looking to where they are going. Legally crossing pedestrians are in that cross walk where the driver is looking. With right on red, the driver is also looking to where they are going, but legally crossing pedestrians are not there, they are directly in front of the car. The riskiest thing for a pedestrian is approaching a right on red car from the left, because the driver is simply not looking at you. reply potato3732842 2 hours agorootparentThe big problem with right on red is that it perfectly synchronizes them to hit each other. Say a driver and pedestrian are at the same corner facing the same way and the pedestrian wants to cross into the area the driver wants to turn. The street is busy so the driver can't turn right on the red and the pedestrian isn't gonna just walk against the signal into the traffic. Cross traffic lets up, either because of a big gap or because the light has cycled to red for the cross traffic. The conditions that both parties require before making their move have just been satisfied at the same time. The pedestrian walks and the driver turns, leading to inevitable conflict. If both the driver and the pedestrian are in a hurry and trying to shoot a gap in traffic and go quickly there can be no time for either party to avoid the accident. Edit: The above example is crosswalks only, no dedicated pedestrian signals. reply tsimionescu 59 minutes agorootparent> Say a driver and pedestrian are at the same corner facing the same way and the pedestrian wants to cross into the area the driver wants to turn. That's not a thing that normally happens though. In a regular four-way intersection, if a driver is at a red light, the pedestrians that are allowed to cross are the ones that are crossing the street the car is on. If the car wants to turn right on red, then the pedestrians it has a risk of hitting don't care about the traffic that the car needs to wait for. reply gowld 1 hour agorootparentprevThis seems to not actually be the case in my experience, because right-turn drivers love to look to the left while turning right, because they are afraid of a fast-moving car appearing from the left, but they think they already verified that no slow-moving peds are crossing on the right. reply dfxm12 1 hour agorootparentprevDrivers have to worry about the traffic which has the green light vs. just looking where they're going. My anecdotal evidence is that everyone is looking out for themselves and people in bigger vehicles will always take advantage of that. reply RandomBacon 2 hours agorootparentprev> maybe you shouldn't dress like that if you don't want the attention. Have you ever taken the selective attention test? https://youtube.com/watch?v=vJG698U2Mvo (short 1:22 video) reply chasd00 35 minutes agorootparentprev>> Legally having the right of way doesn't make you any less dead when the driver who's got three other drivers to pay attention to doesn't see you. >Also, and I know this is unpopular, but maybe you shouldn't dress like that if you don't want the attention. in driver's ed you're taught to \"drive defensively\" i think the same applies to pedestrians. Don't just step into the road when the walk sign comes on, have some situational awareness and protect yourself. reply accelbred 1 hour agorootparentprevWorse yet, at least in Seattle, are right arrow lights that go green at the same time as the walk light. You get a green light to go and pedestrians start crossing at the same time. Having a green light and a walking sign on should be mutually exclusive. reply ensignavenger 1 hour agorootparentprevA pedestrian scramble means that no vehicles should be moving through the intersection period. It is a time in the cycle where ALL vehicles stop, and pedestrians can use the intersection freely in any direction, including diagonally. reply s1artibartfast 2 hours agorootparentprevYou have never had a driver wait? reply memsom 1 hour agorootparentIn the UK, it is very rare for a pedestrian crossing that is controlled by a button press to not completely stop traffic. The first time I was in North America as an adult, I realised that when on a crosswalk drivers will come sailing at you and will cross behind you as you cross over. That is illegal here. The drivers need to wait for the pedestrians to cross, even on \"Zebra\" crossings (which are the ones with no buttons and striped lines across the road.) The only exception to this is if there is a traffic island in the middle of the road, and then they are treated as 2 different crossings. But quite often those are staggered, so the pedestrian can't just walk out directly from one side to the other. The trade off is that the pedestrian has pretty much no right of way anywhere but a crossing, and cars will drive at you (or at least not stop for you) if you try to cross somewhere that is not a crossing. Though \"Jaywalking\" is not a thing and you can actually cross where ever you like. reply OJFord 1 hour agorootparent> The trade off is that the pedestrian has pretty much no right of way anywhere but a crossing, and cars will drive at you (or at least not stop for you) if you try to cross somewhere that is not a crossing. That's not true, or at least it's bad/illegal driving if they do so, a pedestrian who is 'established in the road' as the right of way anywhere. As you said: > Though \"Jaywalking\" is not a thing and you can actually cross where ever you like. Otherwise it would be a contradiction wouldn't it? If the pedestrians allowed to be there, the motorist obviously isn't allowed to run them over, ... I suppose you could say the pedestrian can continue crossing but only after first giving way to the motorist? There'd be more time with pedestrians in the road though. Not that I recommend using that fact to cross when you don't have time, because you will anger motorists. Or they could not see you/be paying attention. They'd be wrong, but it's just not worth it, obviously. reply gowld 1 hour agorootparentprev> I realised that when on a crosswalk drivers will come sailing at you and will cross behind you as you cross over. That is illegal here. It's illegal in most if not all of USA too, but no one cares in practice. Legally, even when a car driver and a pedestrian both have access to a lane separately, if both are present, then a car driver must give a full lane-width of space to a pedestrian crossing or at the corner. Also, even when a pedestrian is committing the auto-industry-invented crime of \"jaywalking\", the pedestrian still has the right of way in traffic, unless it is physically impossible for the car driver to avoid the collision. Car drivers are not judge/jury/executioner. (Nit: \"Cars\" don't \"drive\" (yet, in most places). \"Car drivers\" drive cars.) reply Ensorceled 2 hours agoparentprevThis is just not true. In Toronto for instance, the majority of pedestrian deaths are caused by impaired/distracted drivers with a significant portion of failure to yield by left turning drivers at major, light controlled intersections. There isn't even a category for \"four way stop\" pedestrian fatalities. reply jonpurdy 2 hours agorootparentSpeed is nearly everything and controlling (ie. reducing) speed should be the primary way to influence fatality rates. Having lived in both Toronto and SF, both cities with 4-way stop and controlled lights intersections. I'll take 4-way stop any day since speeds are lower. Much better to get hit by a car at near zero speed than a right or left turning car at higher speed. Which is probably why Toronto doesn't have a category for four way stop fatalities. (The worst are SF's 2-way stops at intersections between equally-sized roads that show up randomly throughout Sunset. Worst of both worlds.) reply Ensorceled 1 hour agorootparent> I'll take 4-way stop any day since speeds are lower. Exactly. People are, at worst, doing a \"rolling stop\" so they are still only going a few kph when they \"didn't see\" you. reply gowld 1 hour agorootparentA municipality could (and should) add speed bumps or other traffic-calming measures even at the approach the light-controlled crossing where pedestrians are often present. reply michaelleslie 1 hour agorootparentprev> (The worst are SF's 2-way stops at intersections between equally-sized roads that show up randomly throughout Sunset. Worst of both worlds.) As a cyclist, I've been yelled at by drivers for not stopping at that type of intersection, where they have a stop sign and I don't. People are working off of their personal version of the rules of the road, where they are always right. reply lolinder 33 minutes agorootparentprevWhat you are describing has a major sampling bias: most pedestrian fatalities will be at large intersections with many lanes crossing each other. Those intersections are on busy streets where drivers are going fast and where there are an insane number of conflict points. Yes, they're invariably controlled by a signal, but that's because a four-way stop is totally out of the question. The signal didn't cause the fatalities, it was necessary to install it because of the same factors that lead to fatalities. Using that data doesn't remotely begin to predict what happens when you take a small four-way stop and add a signal to control it. Adding a signal does not create new conflict points, it does not increase the speed limit on the road, all it does is control the intersection in a more aggressive way. reply Ensorceled 0 minutes agorootparent> What you are describing has a major sampling bias: most pedestrian fatalities will be at large intersections with many lanes crossing each other. Those intersections are on busy streets where drivers are going fast and where there are an insane number of conflict points. That's not what the point plot of the Toronto data shows. Many of our fatalities are on city streets with 40 or 50 km/h speed limits. Anyway, I was responding to the OP who was claiming that they would rather deal with stop lights than 4 way stops. There is nothing that shows that 4 way stops are dangerous at all, let alone more dangerous than light controlled stops in similar situations. itishappy 2 hours agoparentprev> With the 4-way stop there is never a time when all traffic is stopped and the drivers are always paying attention to what other drivers are doing. With the walk signal there is a brief moment in time when the drivers are doing nothing but waiting for you and are all stopped so you as a pedestrian can account for them in preparation just before you get your signal and make your move. That's... not true? With light traffic a 4 way stop should have no cars at all at it most of the time, leaving pedestrians with the right of way, whereas with a traffic light there will always be a road with priority until a pedestrian hits the button. Requiring cars to pay attention to the condition of the intersection is the explicit design goal. This was laid out very clearly in the article we just read. reply PittleyDunkin 2 hours agorootparent> With light traffic a 4 way stop should have no cars at all at it most of the time Unless there's protected right turns, of course. reply itishappy 2 hours agorootparentAgreed, but I would not call an intersection with a dedicated turning lane a 4 way stop, or at least not a low traffic one. reply potato3732842 2 hours agorootparentprev>That's... not true? With light traffic a 4 way stop should have no cars at all at it most of the time, leaving pedestrians with the right of way, whereas with a traffic light there will always be a road with priority until a pedestrian hits the button. Requiring cars to pay attention to the condition of the intersection is the explicit design goal. >This was laid out very clearly in the article we just read.This is what I mean about theory vs reality. 4-way stops don't look like the animation they show you in driver's ed. In practice what happens is that non conflicting traffic tends to parallelize so someone taking a left might start their left while the person across from them is finishing theirs (or one of any other bunch of combinations) so there's a car in motion basically all the time the situational awareness of every driver who's about to get their turn is mostly absorbed in monitoring who's turn it is and who's going where. So when you're a pedestrian and you don't time it right you could find yourself starting to cross right before someone wants to drive where you're crossing. Usually this is because you started walking before it was their turn and they didn't notice you until it was their turn and they started moving (because they were accounting for the other traffic) until it was their turn at which point they started looking where they were going as well. Normally this results in absolutely nothing, you speed up a little, they don't gas it as hard, everyone goes on their merry way. But the potential for things to go badly if the conflicting driver is inattentive or further distracted is very much there. Sure, theoretically the rules say they shouldn't do that but that's not how reality works. There's just so much less potential for conflict if there is a scheduled time when all the cars stop and then the walking happens. Even without a dedicated walk time it's just so much easier to time it when there's a light because you can start walking when all the cars have red and only have to look out for right on red or potential red light runners, it's a much easier problem than the degree of swiveling your head around you need to do to at a busy 4-way. reply vt240 1 hour agorootparentI tend to agree with you. I regularly walk, sometimes up to 40 miles per month, in the suburban hellscape that is South Hill in Puyallup, WA. This is the land of major 4 lane arterials w/ turn-lanes and hundreds of unprotected two-way and four-way intersections. There’s almost no pedestrians, I’ll rarely meet other people on my way to work, and sometimes go the whole two miles without making eye contact with a single driver. This article didn’t touch on it, but there’s another even scarier monster lurking out there. They’ve started to replace some of our larger intersections with these “Smart” traffic lights. Most drivers have a pretty well developed feel for the pattern traffic signals follow. These are pretty much random, adjusting the traffic flow based on some metrics. They use yield left turns with single direction flow and other tricks to try and control traffic. Since the light cycle doesn’t really follow any standard pattern, they’re also pretty much random when they’ll insert the protected pedestrian crossing into the cycle. It’s a death trap. There can be people waiting at a yield left turn which will be going to red, it will click on the pedestrian walk, and the opposing traffic will still be in full green, with drivers never coming to a stop. Add to that, if volume is heavy, you can stand there for 5 minutes or more waiting for a protected pedestrian crossing. reply magicalist 2 hours agorootparentprev> This is what I mean about theory vs reality > Sure, theoretically the rules say they shouldn't do that but that's not how reality works. Do you have any evidence for this or are you just making this up as you type? Because it's a bit rich to be harping about \"reality\" otherwise. A large body of research supports traffic calming measures for pedestrian safety and to increase driver awareness. A four-way stop intersection surrounded by intersections that also have stop signs (as indicated by the article) would fit that bill. reply itishappy 2 hours agorootparentprev> ... the situational awareness of every driver who's about to get their turn is mostly absorbed in monitoring who's turn it is and who's going where. Right, that's the intent. Drivers paying attention to their surroundings is the goal. > So if you're a pedestrian and you don't time it right you could find yourself starting to cross right before someone wants to drive where you're crossing. Usually this is because you started walking before it was their turn... You have the right of way! > There's just so much less potential for conflict if there is a scheduled time when all the cars stop and then the walking happens. How about a system where all cars are expected to stop all the time? reply davidcbc 1 hour agorootparent> Right, that's the intent. Drivers paying attention to their surroundings is the goal. The drivers are paying attention to the cars, not the pedestrians > You have the right of way! Graveyards are full of people who had the right of way. reply pwg 1 hour agorootparentprev> You have the right of way! Which, while true, in no way guarantees the driver sees you. If they miss seeing you for some reason, you very well may end up on the losing end of the physics of a collision between a 150lb object and a 3000lb object. reply david-gpu 1 hour agorootparentprev> Drivers paying attention to their surroundings is the goal. In the real world, drivers don't pay attention to their surroundings; instead, they look for other cars to avoid being hit. Further down the list is avoiding static obstacles like street lights or bollards. Lastly, they may think of looking for pedestrians. In other words, they care about their safety, not their neighbor's. Cyclists, if even noticed in the first place, are seen as nothing but a nuisance that should be overtaken at all cost, even when they are about to reach a stop light and there's no room to pass safely. > You have the right of way! A non insignificant number of drivers believe that \"might is right\" and will knowingly play chicken with you if they perceive that they are safer in the event of a collision. As a vulnerable road user, you don't know whether the driver you are interacting with will be one of the 95% of reasonable people or one of the 5% of insecure bullies. reply enragedcacti 1 hour agorootparentprevare you so engrossed in the driver's POV that you can't imagine an intersection without cars in it? reply enragedcacti 1 hour agoparentprev> The author can get lost with this sort of textbook correct but questionable in reality take I find this perspective very weird when (1) the \"textbook\" take (i.e. the one traffic engineers follow) is to almost always prioritize vehicle speed and driver safety over everything else, and (2) in what world is it questionable in reality when it existed in reality for decades, seemingly without incident? reply standardUser 22 minutes agoparentprevA 4-way stop is the best intersection for pedestrians in terms of speed. Just keep walking and don't yield your right of way. You may need to put up a hand to make yourself seen by the occasional distracted motorist. But because all vehicles need to stop, the average speed you are dealing with is 0-5mph, so the risk is low and everyone has time to react. Compare that with any lighted intersection where some cars are going full speed, making it a far more dangerous scenario. reply rob74 2 hours agoparentprevI get your point, but still, while the \"pedestrian scramble\" is maybe good for pedestrian safety, it's probably the worst solution for pedestrian speed. If the pedestrian lights were at least green at the same time with the car light in the same direction, you would at least have a chance of crossing the street without having to wait. This way, the lights never turn green on their own (as seen in the video), so you always have to press a button and wait. reply throwawayffffas 2 hours agoparentprevIt's not even a textbook correct take. Its less risky to run a stop sign in a clear intersection than to run a red light. There are more people likely to run a stop sign on an empty intersection than a red light. reply JB_Dev 2 hours agoparentprevMake it a roundabout with protected pedestrian crossings. That forces drivers to be looking at the conflict point with pedestrians as they manoeuvre the roundabout. reply roguecoder 40 minutes agorootparentI was very impressed in Denmark, where that roundabout approach worked very well. Every car slowed down & stopped for me at the crosswalks. It turned out that that was because they installed a cobblestone speed bump in front of every crosswalk. Cars slowed down even if no pedestrians were around, because otherwise they were going to pop a tire. It made walking so much safer than anywhere else I've been. reply gs17 2 hours agorootparentprevThose don't fix it in my experience. There's one about a quarter mile from where I'm sitting right now and I avoid it when walking because of how dangerous it is. Yes, they will see you crossing... as they almost hit you. They recently redid it to be a bit safer for driving on (before people were unclear on how many lanes it had and which lanes could turn where) but it doesn't seem to have improved the pedestrian experience much. reply whimsicalism 1 hour agorootparentprevin practice i find this does not work well at all… for some reason in roundabouts is when cars most feel justified in running down a pedestrian in a crosswalk. sometimes i think they’re just afraid to slow bc of the cars behind them reply rhplus 2 hours agorootparentprevThis. Roundabouts with medians. The answer is (almost) always roundabouts. reply unethical_ban 2 hours agoparentprevA stat of how many injuries occurred at this intersection would help settle your point. You're talking a lot of theory, where this person seems to have lived and traversed this intersection many times without incident. Was the upgrade worth $600,000 in this town, this street? And why, if it is a small town with heavy pedestrian traffic, does it default to vehicular movement instead of pedestrian movement? reply whimsicalism 1 hour agoparentprevi hate pedestrian scramble systems they make it so slow to walk anywhere reply dylan604 1 hour agoparentprev> With the walk signal there is a brief moment in time when the drivers are doing nothing but waiting for you In my area, there are plenty of stop lights with pedestrian signals where both are active at the same time. This allows the traffic to flow if there are no pedestrians on the assumption the drivers will recognize the pedestrians have right of way. To me, this is bat shit crazy level of assumptions. Either protect the pedestrians, or you might as well remove the pedestrian signal. reply munchler 3 hours agoprev> I captured two drivers ripping through red lights in that short span Video actually shows two cars entering the intersection on yellow lights, which is legal. The rest of the article seems similarly exaggerated. ---- Edit: For those who disagree, please be aware that the stop lines are out of frame, so both cars are already in the intersection before they're visible on the video. You can get a better picture of what the intersection actually looks like here: https://maps.app.goo.gl/L37hZyvXs8BeWmFE8 reply addicted 2 hours agoparentExcept the article doesn’t claim what the drivers are doing is illegal. The article says that the street design causes drivers to speed up and makes the intersections unsafe. Instead of drivers always stopping, or at the very least slowing down, when approaching the intersection, the new street design leads to drivers speeding up when approaching the intersection. This is bad design for pedestrians irrespective of whether the driver jumps a light, the pedestrians cross when they shouldn’t be, or neither of them are doing anything wrong. It will increase the odds of collisions, injuries and possibly fatalities. reply nirvdrum 2 hours agorootparent> Except the article doesn’t claim what the drivers are doing is illegal. The article states “… and I captured two drivers ripping through red lights in that short span.” I suppose “ripping through” can be left up to interpretation. However, in the video the author says “that person just ran a stop… a red light right in the middle of me filming.” Then the other he says: “I bet this guy runs the light. Yup, see, this person ran the light, too.” “Running” a red light is an illegal act. I think in both cases the cars should have slowed down and had plenty of time to stop before entering the intersection. But, evidently that’s legal in California, while the author indicates otherwise. reply cptskippy 18 minutes agorootparent> The article states “… and I captured two drivers ripping through red lights in that short span.” I suppose “ripping through” can be left up to interpretation. There really isn't enough information given to make a determination. It looks like two of the vehicles traveling on Lemon \"jump\" due to a ridge in the middle of the intersection but that itself isn't an indication of speeding. reply horsawlarway 2 hours agorootparentprevI don't know if California has a different law, but at least in my state it is very much illegal to accelerate into a yellow light. Enforcement is basically non-existent, but it's absolutely \"running the light\" and \"breaking the law\" to accelerate into yellow lights. reply toast0 1 hour agorootparentCalifornia law does not address accelerating on a yellow. The driver's handbook (which is not the law) says > A yellow traffic signal light means CAUTION. The light is about to turn red. When you see a yellow traffic signal light, stop, if you can do so safely. If you cannot stop safely, cautiously cross the intersection. The bright line rule is not to enter the intersection on a red light, defined as crossing the stop line if present, crossing the first line of a pedestrian crossing if present, or actually entering the intersection if there are no lines. reply xiphias2 1 hour agorootparentprevI don't know USA, but in other parts of the world yellow and red are different colors. Just because 2 things are illegal they aren't the same, and it takes away all seriousness from the article for me. reply horsawlarway 1 hour agorootparentGenuinely - why do you care? His point is absolutely correct - the cars used to stop, and now instead they're accelerating to beat a light change. I genuinely don't know if that's actually illegal in cali - but it definitely is in several states, and you'll get ticketed for failing to stop for a red light. --- > but in other parts of the world yellow and red are different colors. Yellow is the light that means \"start stopping\" and red is the one that means \"absolutely stop\". Neither damn color is the \"go faster\" color. reply cortesoft 2 hours agorootparentprevThe video and article specifically said these cars “ran the red light”, which they absolutely did not do. reply micromacrofoot 1 hour agorootparentyou're supposed to slow down at a yellow to prepare to stop, not speed up to get through it, increasing speed through an intersection is inherently dangerous the author's point is valid and we're falling into pedantry reply UseofWeapons1 2 hours agoparentprevI had to look this up. In California in particular, this is true, which surprised me. Per a random law firm: California’s yellow light law permits drivers to enter an intersection during a yellow light. No violation exists unless any part of the car is over the stopping line when the light turns red. However, the law encourages drivers to slow down before reaching the intersection. Whereas in, for example, Massachusetts, this would be considered running a red light. https://www.wccbc.com/red-and-yellow-light-accidents/#:~:tex.... reply the__alchemist 2 hours agorootparentIf this surprises you, consider the alternative: Driving through a yellow being illegal or unexpected doesn't make sense, given the finite stopping distance of cars, and reaction time of humans. This is because the yellow light is the first explicit indicator you must stop. If this doesn't make sense still, picture this scenario: You are driving at the speed limit. You are 500ms from crossing the stop line threshold. The light turns yellow. Your interpretation would make sense only if there were a (paler yellow?) light warning of the yellow light! reply chaoskanzlerin 2 hours agorootparentAustria does that: 4 seconds of the green light flashing in order to announce the yellow light. reply cortesoft 2 hours agorootparentSo a pre-yellow light? This seems like you just changed what we call a yellow light to the 4 flashing greens, and made the yellow the new red. If yellow means “don’t enter the intersection”, how is that different than a red? reply the__alchemist 2 hours agorootparentprevWith this change to the scenario, being required to stop before yellow makes sense. And blowing through red means you extra screwed up! (?) On this note: In the UK, there is a yellow light prior to green; love it. reply gowld 1 hour agorootparentThe US sometimes has something similar: visibile countdown timers for the pedestrian crossing turning form stop to go, which coincides with the car light turning from red/stop to green/go. This encourages people to run the light by trying to turn exactly as the countdown timer hits 0, trying to race against pedestrians trying to cross crossing pedestrians. reply manwe150 36 minutes agorootparentYou could always do that before in most instances just by watching for the yellow on the cross street too. Though I think the green is often slightly delayed relative to the pedestrian light, precisely to ensure the car cannot win that race legally reply tbrownaw 1 hour agorootparentprevHow long until we can get a proper countdown like some pedestrian signals have? reply GuB-42 1 hour agorootparentprevIn France, it is illegal to drive through a yellow light unless it would be dangerous to stop, for example if it required you to break hard. That part is up to the officer judgment. In practice, I have never seen it applied, and it is only a small fine anyways, much less serious than running a red light. I guess it can be used as an excuse if the police really wants to pull you over. reply rlue 1 hour agorootparentprevOn the contrary, I think it could make perfect sense: What's written in the law is one thing, and how it's enforced is another; I would argue that the former should be done with consideration to the latter. Based on my own experience, I'd estimate that well over 99% of traffic infractions go entirely ignored by the law: minor speed violations, unsignaled lane changes, rolling stops at stop signs, expired tags, cell phone usage, and yes, running red lights. When the letter of the law is broader in scope or errs on the side of caution, that enables the police to exercise their judgment in enforcing it (with the obvious caveat that some police will abuse any power you give them). You could imagine a scenario where someone technically runs a red light but it's totally justifiable and safe (heavy load + moderate speed + short yellow + no other traffic) and another where someone technically makes it into the intersection on a yellow light but senselessly severely endangers public safety (busy intersection + rapid acceleration + traffic backed up on the other side of the light). I would be okay with someone evading a ticket in the first case and getting one in the latter. reply Spivak 2 hours agorootparentprevYep, something something Chesterton's fence. If you couldn't drive through a yellow then you effectively have two lights go/stop which makes drivers choose between the safe but illegal thing of running the light or the dangerous but legal thing of slamming on their brakes. You can't have an instant switch between go/stop which yellow— effectively meaning unsafe stopping distance go, safe stopping distance stop— solves very neatly. reply scotty79 41 minutes agorootparent> effectively meaning unsafe stopping distance go, safe stopping distance stop— solves very neatly. That's how it works in Poland and it works reasonably well. On the other hand when light is about to turn green, yellow lights up. So red and yellow at the same time means prepare to go. reply andrewaylett 2 hours agorootparentprevIn the UK, if you're at all over the line when the lights change, you're considered \"in the junction\" and are expected to leave the junction -- the next phase should give you priority to do so. The only way to run a red light is to start crossing the line while the light is red -- although plenty of drivers will start to inch across while they're supposed to be waiting :P. The most annoying scenario is where a driver has either stopped or inched forwards far enough that they can't actually see the lights any more and don't know when they've changed. reply bunderbunder 2 hours agorootparentprevThis is the law in Illinois, too. It, in combination with the way the lights are timed, makes some intersections particularly challenging for pedestrians. The basic way the timing goes is: traffic light changes, pedestrian crossing signal illuminates, traffic going straight that squeezed in on the yellow finally clears the intersection, cars turning left finally get a chance to go, pedestrian can finally safely enter the intersection with approximately 10 seconds left to cross a four lane street, lights change again, cars start honking at the older person with mobility issues who could only get halfway across the intersection in the time they had available to safely do it, impatient driver from further back in the line who doesn't care to figure out why the person in front hasn't started moving even though the light has been green for five full seconds swerves into the right turn lane and guns it, narrowly missing the aforementioned older person with mobility issues as they blast through the intersection. reply kurthr 2 hours agorootparentprevI'm wondering how you would know when the yellow light was going to come on. Do you have some sort of countdown, or innate knowledge? Because, otherwise do you just randomly stop at green lights guessing that a yellow light might come on? Or do you drive so slowly that you can stop in the width of the white line before a pedestrian crossing? Really, I'm trying to figure out how you don't ever enter just as a light turns yellow. Once you do, do you stop in the intersection or try to clear it before it turns red? I hope the latter. For me yellow lights are a warning that a red light is coming. It should be long enough for cars to clear the intersection (in many states without gridlock rules even this is not the case for left hand turns). My experience in Boston is that drivers try to beat the green light change and accelerate while it's still red. reply lofenfew 2 hours agorootparent> Do you have some sort of countdown, or innate knowledge? often, in the form of the pedestrian signal. > try to clear it before it turns red? This is the rule in much of the world, yes. reply kurthr 1 hour agorootparentI assume you mean the perpendicular direction crossing lights? Most pedestrian lights have delays longer than that in California for safety so you might stop at a green light. Also, if nobody presses a button ped-lights don't even turn on, just like left turn signals don't turn on without a vehicle triggering it. reply ImPostingOnHN 2 hours agorootparentprev> For me yellow lights are a warning that a red light is coming Correct, yellow means \"start slowing and stop before the intersection if you can do so safely, otherwise proceed\". Red means \"do not proceed if you aren't already in the intersection\". This is why the opposing traffic signal and walk signal will wait for a second or two after red: to allow people who entered on yellow to finish their transit across the intersection. Indeed, in the author's own video where they incorrectly claim someone ran a red light, the author had no legal right to cross anyways, so there was no chance of the author getting injured unless they ran a red light at the crosswalk. In short, the author seems most frustrated that the situation changed from everyone waiting on him, to him waiting a few seconds for others. reply kaonwarb 2 hours agoparentprevJust rewatched and agree they both entered on orange, which is legal. This clear misinterpretation makes me question the author's take as a whole. Did they consider that cars also regularly run stop signs? Is it possible that this is, in fact, safer for pedestrians, albeit more frustrating while waiting? reply jagged-chisel 2 hours agorootparentOT, but it fired me up a bit - people that enter the intersection on green or orange awaiting a break to turn left. And then don’t clear the intersection on red. Now they’re in everyone’s way. How do you get them to understand they’ve already “run the light” and just need to move? reply cge 2 hours agorootparentAs far as I know, that is both legal and standard practice in California, and at many intersections with traffic and no protected turn, is in practice the only possible way to turn left: there will simply never be a break in traffic, from the moment the light turns green until it turns red, and so without entering the intersection and then turning on red, it is simply not possible to turn left at all. reply Spivak 1 hour agorootparentThey even teach you to do this in driver's ed. I know HN skews \"rules are rigid\" but this one should be known by everyone. reply cge 43 minutes agorootparentIn parts of Europe the practice itself is even rigid, with markings for where in the intersection your car is supposed to be while waiting to turn. reply s1artibartfast 2 hours agorootparentprevIn some jurisdictions, this is literally how it works. You claim the intersection, wait for oncoming traffic to stop, then perform your turn. It's legal in jurisdictions where red means you cannot enter, like California. The major problem is that on very congested streets, the driver won't know if the exit will be free of traffic when the light turns red. Blocking the intersection is illegal. To a certain degree, it is a failing of Civic design and the ruleset. The solution is generally no left turns during peak hours, which is a duct tape fix reply toxik 2 hours agorootparentprevThis is literally everyone where I live, and if you tried to wait before the intersection, people would be (rightly) incredibly angry at you. It just wouldn’t work. Nobody lingers in the intersection after oncoming traffic clears either. reply potato3732842 2 hours agorootparentprevWould you rather they floor it and beat the straight through traffic when the light turns green? 1-2 cars entering the intersection and then getting through when traffic clears on the red is less worse than the alternative. reply jagged-chisel 2 hours agorootparentOne of us has misunderstood the other. Maybe I’m misreading you. Let me clarify my position. If you’ve entered the intersection on green or orange, and must await oncoming traffic before you can safely turn left, then the light turns red before oncoming traffic clears, once that traffic has indeed stopped for the red, you need to complete your left turn to clear the intersection, even on red. This situation is clearly spelled out in the driving manuals for my state. If you are not willing to continue on if the light turns red while you are in the intersection, then don’t enter the intersection until it’s clear - wait behind the line. reply s1artibartfast 1 hour agorootparentFor the last sentence, do you mean continue on straight if the desired left turn is not available? reply pta2002 2 hours agorootparentprevThis is why I always find it weird that in the US (and a lot of other countries) the stoplights are on the end of the intersection, instead of at the entrance. If they're at the entrance, there's no dillema - you can't cross the light if it's red. If it's yellow, you brake if you have time, but if not, it's fine to keep going - the opposing light is going to wait a few seconds before turning green specifically to avoid this. This also encourages drivers to actually stop in the right place (since they can't see the light otherwise), and it's friendlier for pedestrians since it avoids drivers stopping on top of the crosswalk. (I've also never heard of the turn-right-on-red rule anywhere other than the US. Over here in Portugal if it's fine to turn right while the light is red, there's just going to be a separate green/flashing light to turn right. A lot clearer!) reply ars 1 hour agorootparentThe location of the traffic light has no legal meaning, there's a white painted line on the ground, which is the stop line. reply DHPersonal 2 hours agorootparentprevI remember my father telling me that was how it was supposed to be done, as the yellow light for oncoming traffic would convince them to stop and give you the time to complete the left turn. It only worked when they weren't also running the yellow light! These days I prefer waiting to turn so that I'm not stuck out in the middle of the intersection when the traffic light changes. reply avgDev 2 hours agorootparentIf you are stuck in the middle when turning crossing traffic needs to wait until you clear the intersection. reply DHPersonal 2 hours agorootparentI find it's better for me to just miss the turn while I wait behind the line. I've seen too many instances where that doesn't work out the way it's intended to want to make it a habit for me anymore. reply mook 2 hours agorootparentWouldn't you have the same issue at the next light, and still be stuck waiting to turn, making no forward progress at all? Note that I'm assuming an unprotected left turn (with right hand traffic as in the US) at a busy intersection with incoming cars running yellow lights; please let me know if any part of my assumption mismatches yours. reply avgDev 2 hours agorootparentprevThis is really odd and would be extremely frustrating for people behind you. You are supposed to enter the intersection. Keep your wheels straight and then turn whenever there is a gap in the oncoming traffic or when the light turns red and the oncoming traffic stops. reply mitthrowaway2 1 hour agorootparentprevI don't know where you live, but where live, you are allowed to complete the left turn even after the light turns red. Hopefully the red light will convince oncoming cars to stop even if the yellow did not. Cross traffic has to yield to you as you exit the intersection. I hope this gives you more confidence in making left turns safely! reply JB_Dev 2 hours agorootparentprevIf you do not wait in the intersection itself then you would never get a chance to turn in many intersections. The only solution is to always wait in the intersection itself. reply kspacewalk2 2 hours agorootparentprevWhat difference does it make? The main point is that this design induces drivers to speed up even more than they're already speeding (and, this being North America, they're already speeding), at a dangerous point in time when pedestrians are starting to cross. It literally makes no practical difference whether they're entering on a very late yellow or a red. reply Spivak 1 hour agorootparentTraffic engineers aren't blind to the fact that it's NA custom to (roughly) +5 on residential, +8 on state highways, and +5-15 depending on on the lane on interstates. People get up in arms about it on the internet for some reason while IRL the roads are just designed with this in mind. reply kspacewalk2 1 hour agorootparentI have more of an issue with the idea that you can make a previously dangerously fast street/road safer by mere virtue of reducing the speed limit, but leaving it physically designed as before. You lower the limit by -5, the +5 speeding turns to +10 speeding and absolutely nothing changes save for wasted paint. I wish North American traffic engineers (and municipal politicians) were better educated on the idea that the only reliable way to slow down drivers is to force them to slow down by making it physically intensely uncomfortable to speed, and that sending drivers to body shops after fender-benders with traffic calming features is preferable to sending vulnerable street users to the morgue. Alas, both occupations are still stuck in an outdated car-centric view of urban transportation. This competency shortfall is present in other transportation- and infrastructure-related fields. See for example how badly North American construction companies and government bureaucracies handle big transit projects. Third-world levels of mediocrity compared to the cost-effective, competent management in, say, Spain or Japan. reply rascul 28 minutes agorootparent> You lower the limit by -5, the +5 speeding turns to +10 speeding and absolutely nothing changes save for wasted paint. A couple weeks ago, a 55mph limit near me was lowered to 50mph. A cop watched during the busy times for a few days. Now everyone is generally going 5mph slower than they were. Seems successful so far. reply SoftTalker 2 hours agoparentprevYellow generally means do not enter the intersection unless you are so close that you cannot reasonably stop. It is not legal to enter the intersection if you cannot clear it before the signal turns red. Exact rules and enforcement vary by state. reply cge 2 hours agorootparent> It is not legal to enter the intersection if you cannot clear it before the signal turns red. That does not appear to be the case in California, which this article is written about. It seems to be a bit confusing, because there are suggestions that the driver handbook suggests that you should follow the rule you note, but that the law itself has no such requirement. In practice, in many areas of coastal California almost no one would stop at a yellow unless they felt they could not enter the intersection before it turned red, and doing otherwise would likely be seen as impeding traffic by many other drivers. reply jbritton 2 hours agorootparentprevIn CA we have many intersections where one wants to turn left, but there is not a dedicated left turn signal. When the light turns green, you pull out into the intersection. Ideally you pull out enough that the car behind you can also get into the intersection. On busy roads you may not be able to complete the left turn until the signal goes red. If you chose not to pull out, then nobody would ever be able to turn left. I believe CA passed a law some 20 plus years ago that you must be able to clear the intersection before the red light, which is in conflict with what is sometimes necessary. There are situations though where the direction you are headed is backed up, such that if you pulled out you could end up stuck in the middle of the intersection long after the red light. I believe the law was intended for this situation. So don’t pull out if your direction of travel is blocked. reply hevang 2 hours agoparentprevLegality aside, is that not kind of the issue here? Lights in a high foot traffic area could incentivize people to speed up to make it before the red, which is less predictable and has cars traveling at faster speeds compared to a stop sign, which requires all cars to stop. Embellished yes, but point of the article showing that this intersection is now more dangerous to pedestrians stands imo. reply munchler 2 hours agorootparentUsing stop lights to control this sort of high-traffic intersection is totally normal in the US. Stop signs are typically used for lower-traffic intersections. Subjectively speaking, I think drivers are more likely to obey a red light than a stop sign. Perhaps the author of this article is upset that the neighborhood now has more traffic than it used to, but that's a different issue. reply hevang 2 hours agorootparentI'm not sure I've seen evidence that running stop signs is more likely, but even if that is the case which one is higher risk? I'd subjectively say running red lights is more dangerous as you have a higher chance of several pedestrians entering the cross walk all at once, or several cars going at once, since it causes people/cars to move in waves. I think its pretty clear that the author is upset that a stop light that increases risk for pedestrians, cost the school and city money, and provides minimal time advantage for cars was implemented. Also, I'd like to point out that normal does not mean good, or best. reply prmoustache 2 hours agorootparentprevNo, drivers in that neighborhood were used to stop at every stop while now a lot are passing through that intersection much faster to avoid the red light. reply BugsJustFindMe 2 hours agoparentprevBoth may be legal, but the first one is unclear and is definitely unsafe. Safety requirements dictate a slightly different understanding of yellow light than is commonly used by drivers. For safety, yellow must mean \"begin controlled deceleration immediately\". The first driver had plenty of time on yellow to not be just barely entering the intersection on red. They clearly were not decelerating and had very likely sped up to beat the light. This unquestionably is a thing that drivers do all the time, and it's dangerous. reply simiones 2 hours agorootparentThis is very much wrong. When a driver sees a yellow light, they must make a call: do I have time to safely slow down and stop before reaching the stop location, or not? If I do, then I must start slowing down right away - that much we agree o. But if I don't, then I mustn't slow down, as that is more likely to leave me in the middle of the intersection while the lights turn green for through-traffic. reply Ajedi32 2 hours agorootparentprevWhy is it dangerous? (Unless they're breaking the speed limit to make the light, obviously.) Just the risk that they might misjudge the timing and enter the intersection after the light turns red? But lights have a built in delay before turning green to account for that. reply cptskippy 31 minutes agorootparentBecause vehicles are often already traveling at or above the speed limit. Just as the yellow light is intended as a \"start slowing down\" but is interpreted as \"speed up to beat the light\", the speed limit sign is intended as a \"do not exceed this speed\" but is interpreted as \"you must be traveling this speed\". If we assumed that most vehicles are traveling the speed limit or faster, which is the case in my experience, then accelerating further is like pouring gasoline on a fire. reply the__alchemist 2 hours agorootparentprev> yellow must mean \"begin controlled deceleration immediately\" This is not true in the strong form you used. There is a regime where there is no possibility you will be able to stop the vehicle in time using reasonable deceleration. Slowing does no good. There is also a regime where slowing will cause you to enter the intersection during the red light, and not decelerating will not. reply BugsJustFindMe 2 hours agorootparentThat's ok. We can hammer out the details together, but the principle is true if the light turns yellow before you reach the intersection. Note that I didn't say how rapidly you need to be decelerating, and if the light has turned red before the car even clears the crosswalk, as is the case for the first car, then the driver sped up instead of slowing down. reply munchler 2 hours agorootparentprevAgain, please be aware that the video does not show the entire intersection. reply BugsJustFindMe 2 hours agorootparentIt seems like you're stuck on whether someone broke a red light law, but this isn't an article about the legality of dangerous behaviors. It's an article about making intersections more dangerous. The first car isn't even through the crosswalk when the light turns red. Racing through a crosswalk to beat a light is the definition of dangerous driving. reply runako 2 hours agoparentprevThe way I learned this was \"in legal, out legal,\" meaning that you are not allowed to be driving in the intersection while the light is red (aka you have to be finished transiting by the time the light changes). Is this not the law in California? reply toast0 2 hours agorootparentMy understanding is that California has two relevant laws for this discussion: 21453 (a) which prohibits crossing the stop line when the light is red [1]. And 22526 (a) which prohibits entering an intersection when the exit isn't clear. [2] You have to be able to clear the intersection if you enter it, and you have to enter it on green or yellow (except for turn on red after a stop), but you don't have to clear the intersection before it goes red. Common practice (which might not be 100% legal) for unprotected lefts on green (where space permits) is for the first car to fully enter the intersection and the second car to roll over the line a bit, then for both vehicles to clear the intersection when opposing traffic stops which may be in yellow or red. The driver that's only a bit in the intersection can make a judgement call and stay slightly encroaching rather than clear the intersection if clearing seems inadvisable because opposing traffic was slow to stop. [1] https://leginfo.legislature.ca.gov/faces/codes_displaySectio.... [2] https://leginfo.legislature.ca.gov/faces/codes_displaySectio.... reply mrWiz 2 hours agorootparentprevIn my state you are allowed to exit the intersection while the light is red but may only enter while it's green or yellow. In driver's ed they taught us to enter the intersection while waiting to make a left turn so that we could complete the turn after the light turned yellow/red and opposing traffic stopped. reply avgDev 2 hours agorootparentIt is the same in most US states. reply avgDev 2 hours agorootparentprevI believe most states it is LEGAL to enter the intersection(normally marked by a white line) before the light turns red. Cross traffic MUST wait for cars to clear the intersection. reply cosmotic 2 hours agoparentprevNot only legal, but safer than slamming on one's breaks. reply CalRobert 2 hours agorootparentGenerally speaking if you're going the speed limit you don't need to \"slam on your breaks (sic)\" to stop before a light turns red unless you didn't have enough time to clear the intersection anyway. reply HPsquared 2 hours agorootparentSurely it depends how close you are to the line when the light turns yellow. reply cosmotic 1 hour agorootparentprevMy partner slams on his breaks even though he goes below the speed limit and has plenty of time to clear the intersection. It's not just the speed. reply ajmurmann 2 hours agorootparentprevDepends how far you are away from the light when it turns. reply CalRobert 2 hours agorootparentAnd, of course, your speed. reply ajmurmann 2 hours agorootparentClearly both are a factor but you don't need both. Even if I go 20mph I have to slam on the breaks hard if the light turns when I'm just three ft away. The only way around this is to treat every light like a stop sign where you do a California roll Edit: As a related pet peeve I've never understood why we don't have countdowns for car traffic lights like we do for pedestrians. These IMO would not only increase safety but also fuel savings (especially if we had them for each signal change) as I could time my arrival at the traffic light to minimize braking and acceleration. reply AlfeG 1 hour agoparentprevIts only me, who think that 12 seconds of green light is just too small window. That's why every car try its best to pass through. reply DHPersonal 2 hours agoparentprevI disagree. The first car doesn't even cross their side of the pedestrian crossing before the red light blinks on, so they have had ample time to prepare to stop and are running a red light. The second car is more debatable but also had enough time to stop, as the light turns red while they are still in the middle of the intersection. reply crackercrews 2 hours agorootparentThe second car definitely entered on yellow. It doesn't matter if they could have stopped. They have the right to enter on yellow. The first car passed the first line when the light was yellow, but not the second line. The area in between is the crosswalk. I can't tell if \"enter the intersection\" means \"enter any part of the area past the line where you're supposed to stop\" or \"enter the part past the crosswalk, where the roads actually intersect\". Does anyone know what the rule is? reply toast0 2 hours agorootparentIt's well spelled out in vehicle code 21453 (a) > A driver facing a steady circular red signal alone shall stop at a marked limit line, but if none, before entering the crosswalk on the near side of the intersection or, if none, then before entering the intersection, and shall remain stopped until an indication to proceed is shown, except as provided in subdivision (b). [subdivision b allows for turns on red] https://leginfo.legislature.ca.gov/faces/codes_displaySectio.... reply prmoustache 2 hours agorootparentprevThe fact people can't figure what the rules are is a problem in itself vs a stop sign where everybody knows you should stop. reply crackercrews 1 hour agorootparentI know where to stop. I stop before the crosswalk What is less clear is what the word intersection means in a technical sense. Complicated or ambiguous rules are a part of life. If the idea is to get rid of anything that requires lots of rules, then we'd all still be on foot. No cars, no horses, no bikes. Would that be a net improvement? reply bloak 2 hours agoparentprevI've sometimes wondered what the exact rule is with red lights. Presumably you're allowed to continue moving forwards if the front of your vehicle passed the stop line before the light turned red. But if you stopped with the stop line passing through your vehicle are you allowed to start moving forwards again while the light is red? (Whether that would be a sensible thing to do would depend on whether you're driving a long vehicle with just a tiny part of it behind the stop line, or a motorbike with just a tiny part of it in front of the stop line, but does the law distinguish those two cases?) reply simiones 2 hours agorootparentI don't think the law is so specific, but I suspect the right interpretation would be that you should pass through the intersection if the car is in a position where it would block other traffic the moment the light turns red; in any other circumstance, you should stop if the light is red, even if you passed the location where you'd normally wait. For example, say you're entering the intersection on green/yellow, but the car in front suddenly stops while you're on the crosswalk, possibly not even seeing the light on the side of the road, but no part of your car is impeding the cross traffic. Well, even if the car in front now clears the intersection, if the light has turned red, you should almost certainly stop and wait for the next green light, rather than trying to clear the crosswalk: doing anything else is much more dangerous. reply np- 2 hours agorootparentprevIf your vehicle is ever fully stopped past the line, and the light is red, that would be considered a “blocking the box” traffic violation in most jurisdictions. You technically should not have entered the intersection at all without the ability to fully clear it. reply bloak 1 hour agorootparentIn England, I thought it was only the \"crossed out\" intersections that you shouldn't enter unless the exit is clear. Rule 174 here: https://www.gov.uk/guidance/the-highway-code/using-the-road-... reply oangemangut 2 hours agoparentprevI don't see why a re-design like this wouldn't have included both pedestrian and car infrastructure improvements. Tighten all the turn radii, add bump-outs to each corner, and you could have a signalized intersection that is better than it was before for both. reply runako 2 hours agoparentprevFreeze frame: https://imgur.com/a/ASSeakh > the stop lines are out of frame Is the car in the freeze frame in a legal position given the red light? It would appear not. reply toast0 2 hours agorootparentThere's no way to know from a single frame. We would need to know the sequence of events. It's not against California vehicle code to be in an intersection when the light is red. It's not even necessarily against vehicle code to be in an intersection when the light is red for you and green for perpindicular traffic (although it's an imminent hazard, so you better have a good reason). To show a red light violation, you need a datestamped image showing the vehicle behind the stop line with a red light showing, and a near in time image of it in the intersection on red, and probably another one to show that it didn't make an allowed right on red. Really, you also need evidence that the red light was steady, and not a flashing red light which would indicate four way stop and the driver could proceed after stopping. Typically, you wouldn't see red showing on both directions at the same time in a flashing red situation, but cameras are fickle. reply avgDev 2 hours agorootparentprevThere is another line before. We don't really see the entire intersection. reply runako 2 hours agorootparentYes, you are correct. That's why I specifically did not address the car's entry into the intersection. Given the red light, is the car in a legal position in the freeze frame? reply avgDev 2 hours agorootparentYes. I do not understand why this is so misunderstood in the comments. This picture is LEGAL in most US states as long as the car entered the intersection ON A GREEN OR YELLOW light. reply runako 2 hours agorootparentAt least one California law firm disagrees, hence my question: https://www.wccbc.com/red-and-yellow-light-accidents/#:~:tex.... Some quick Googling shows that \"it depends on where\" appears to be the right answer. New Jersey appears to be a populated jurisdiction where this might not be legal. reply avgDev 2 hours agorootparentAs I said MOST US states. I looked at the link and NO, they DO NOT DISAGREE. Read the language, drivers SPEEDING through a yellow light MAY be found negligent if they cause an injury to someone. \"California’s yellow light law permits drivers to enter an intersection during a yellow light. No violation exists unless any part of the car is over the stopping line when the light turns red. However, the law encourages drivers to slow down before reaching the intersection. In California, the yellow light law provides that drivers are automatically “warned” by the light turning yellow that the traffic light is about to change to red. This means that a faulty driver cannot avoid responsibility for an accident simply by claiming that they didn’t see the yellow light. It doesn’t matter if they saw it or not. Drivers speeding through a yellow light may be found negligent for not slowing down if their driving caused an accident or injured others.\" reply runako 1 hour agorootparentI'm reading this differently than you are: \"No violation exists unless any part of the car is over the stopping line when the light turns red.\" But I'm not a lawyer and this is interpreting an interpretation. reply doctorpangloss 2 hours agorootparentprevThe author is pissed off about the design of the intersection. If you have to litigate bullshit like this, surely you see, well, the intersection is poorly designed. You are also litigating whether or not it's legal. A lot of traditions of California driving are legal and really dangerous. My dude, CVC doesn't even apply in a private parking lot for example, so you can accidentally kill somebody in one and legally face no moving violations. \"Legal\" is not an interesting criteria at all, it's misleading. reply simiones 2 hours agorootparentOn the other hand, whether the driver was legally or illegally passing through the intersection is also irrelevant for safety: the fact is that the video clearly shows that the driver didn't put anyone's lives at risk this time, neither themself, any pedestrians, nor any incoming cars. reply avgDev 1 hour agorootparentprevMy problem is that author doesn't seem to understand the traffic laws and wrongly says cars ran a red light. I'm not interested in his opinion after that. If you are going to put something on the internet about bad design you should make sure you understand it first. reply getpost 1 hour agoparentprevAs a nearby Los Angeles resident, I can confirm that a significant percentage, say 30-40%, of drivers 1) don't stop at stop signs, and 2) routinely run red lights at intersections when few or no other vehicles are present. It's true that it's legal to enter an intersection when a light is yellow, but don't let this statement distract from the general traffic-lawlessness that prevails. Law enforcement is even less likely to follow the law (ignoring cases where lights and sirens are activated). I think the defacto rule that many drivers follow is, 'if the intersection appears clear, I don't have to stop.' (I'm not advocating this rule, just saying what I think the rule is.) Cell phones and screens in cars have made this rule especially problematic because drivers aren't paying close enough attention to the road to ascertain whether intersections are clear. This isn't a recent phenomenon in LA, but it seems to have increased during and since Covid. I'd love to find reliable data on traffic enforcement. The problem is cultural, but the apparent lack of enforcement seems to have expanded the population of scofflaw drivers. reply pclmulqdq 1 hour agorootparentThere is local traffic culture in a lot of places. LA residents in particular don't like stopping at stop signs. Boston drivers turn left immediately when the light turns green even if other cars going the opposite direction have right of way. Texas drivers speed like madmen on freeways. New York drivers change lanes with reckless abandon. Law enforcement officers in all these places never pull people over for this stuff. reply xutopia 2 hours agoparentprevOne car enters the intersection on red. reply munchler 2 hours agorootparentThat's false. The stop line for cars is out of frame in the video, and the driver has already passed it by the time the light turns red. You can get a better view of what the intersection actually looks like here: https://maps.app.goo.gl/L37hZyvXs8BeWmFE8 reply DHPersonal 2 hours agorootparentI think it depends on what one uses as the definition of intersection. Is it the actual point where the two roads collide, or is it at the stop line? reply avgDev 2 hours agorootparentYou can't be serious. The stop line is where the intersection begins. If you cross the stop line on yellow you won't get a ticket and it is perfectly legal in most US states. reply ColdTakes 2 hours agoparentprevYou can not say this without the caveat that it is location dependent. This is an illegal action in some cities and states. Like in California, where that video was taken, yellow means STOP if you can safely do so. Both of these cars had ample time to stop and chose to accelerate to make the light. reply avgDev 2 hours agorootparentHow can you tell both cars had ample time to stop? We didn't see how close they were to entering the intersection in the video. They entered the intersection on a yellow light, which is perfectly legal if they could not stop. reply bedobi 3 hours agoprevThis is a solved problem and it's astonishing the world hasn't just adopted the Dutch traffic engineering standards outright. It's FASTER for cars and safer for people. reply ajmurmann 3 hours agoparentThe lack of adoption of best practices from other countries is generally baffling to me. When I first visited China grim Europe and saw traffic lights with countdowns (like in the US) I thought we did immediately adopt this in Europe. Cultural inertia and lack of looking outwards is really frustrating. reply Tarq0n 1 hour agorootparentResearch on countdown traffic lights is inconclusive with regards to their safety [0]. They can not realistically be described as best practice. [0] https://www.maxapress.com/data/article/dts/preview/pdf/DTS-2... reply CalRobert 2 hours agorootparentprevA countdown on a traffic signal seems like a fun way to encourage drag racing. Though it's nice on pedestrian signals. reply amalcon 2 hours agorootparentThe driver can usually see the countdown on the pedestrian signal anyway. It's not obvious that this would be worse. reply RandomBacon 2 hours agorootparentprevIs it a countdown until it turns green, or a countdown until it turns red? I think it's unlikely the latter would encourage drag racing. reply gpm 2 hours agorootparentprevCrazy idea that would be next to politically impossible in North America: Have every traffic light with a countdown also be a speed camera. It'd eliminate the incentive to drag race, would give drivers more information earlier allowing better driving, and would generally make speeds limits actually a limit on roads with traffic lights. reply s1artibartfast 1 hour agorootparentFirst you have to deal with the issue of cities selling camera data to third parties and using it for license plate tracking and face ID reply HPsquared 2 hours agorootparentprevAnother example of \"this is why we can't have nice things\". reply Kuinox 2 hours agorootparentprevHow are countdown signal better ? reply sjg1729 3 hours agoparentprevWhich standards are you referring to? reply masklinn 2 hours agorootparenthttps://swov.nl/en/fact-sheet/principles-safe-road-network (national institute for road safety research) https://crowplatform.com/product/design-manual-for-bicycle-t... (non-profit advisor to the ministry of transport) reply Ensorceled 2 hours agorootparentprevThey are literally referring to the \"Dutch traffic engineering standards\" when they say \"Dutch traffic engineering standards\" reply numerobis 2 hours agorootparentWhat standards specifically? What is the solution to the problem that Dutch standards provide? Duh reply bb86754 2 hours agorootparentIt’s an entire book length of material, but in short, for built up areas drivers are forced through street to design to be higher alert to their surroundings. EX: chicanes in the road, speed tables, brick roads, narrow streets, small/tight turn radius, no turn on red, etc. These all work together to make a system that is amongst the safest in the world for pedestrians, and by happenstance has the happiest drivers. Also, bike traffic and vehicle through traffic are separated on different networks, so a conflicts are minimized. reply Ensorceled 2 hours agorootparentprevWhich requires a long and detailed answer that can be found by simply googling \"Dutch traffic engineering standards\" which leads you to an entire wealth of information. reply Salgat 2 hours agoparentprevTo clarify, aren't these standards mostly relevant where heavy bicycle traffic exists? Do they still apply in areas with little to no bicycle traffic? I'm assuming you're mostly referring to this famous manual: https://en.wikipedia.org/wiki/CROW_Design_Manual_for_Bicycle... reply andrepd 1 hour agorootparentThere is no bicycle traffic because there are no bicycle roads. It's incorrect to claim that we shouldn't build bicycle roads because there's no bicycle traffic :) reply ndsipa_pomu 8 minutes agorootparentA similar concept would be to only build airports where there's lots of planes landing. reply kjkjadksj 1 hour agoparentprevThe hard problem isn’t figuring out what to do. Its to get people on board with shifting from a like for like infrastructure development model where the roads and built environment look more or less the same for decades, to a potential status quo changing model of infrastructure development. If you can solve that fundamental issue, traffic is just a footnote of the long list of problems you also solve on our planet. reply sethammons 2 hours agoprevHA! I was about to tell my story and checked the article. My story is ONE block away from this intersection. I used to work a few blocks from this intersection and would walk daily to the train. Crossing the street was daunting, especially when we time changed and it was dark. I started carrying reflective labels on my backback and I wore a strobe light when crossing. I _still_ had people flipping me off, swerving around me, honking, etc for my audacity to use a crosswalk. Going to remote work probably saved my life. reply parshimers 1 hour agoprevIt's too bad they didn't put a roundabout here, there's one in the middle of old town Orange and it works pretty well. Terrible waste of money to make the intersection worse like they did. It also says something that the behavior of the cars here isn't even illegal in California. Entering an intersection on yellow and exiting on red is fine. Right turn on red is also allowed, and many people combine that with a California stop (though that last part isn't legal). All of the above are extremely hazardous for pedestrians and encourage speeding. reply dleslie 3 hours agoprev> Why don’t lights ever sit idle with the pedestrian crossing on and the cars must wait? The author knows the answer as well as most readers do: because the intersection is being designed with cars in mind, not human beings. reply nmeofthestate 2 hours agoparentUsually a crossing will instantly switch when the pedestrian button is pressed, if enough time has passed since the last \"walk\" cycle. Having a stage where walk is enabled when there's no pedestrians around wouldn't much help pedestrians, and would introduce inefficiency in throughput. And obviously, drivers can't press a button, so it makes more sense for controls to be accessible to the pedestrians. reply dr_kretyn 1 hour agorootparentInstantly? You're definitely not in North America. Many intersections around me, if you missed pressing the crossing button before parallel street had a green light, you missed your opportunity to walk for the next minute. reply dleslie 2 hours agorootparentprev> Having a stage where walk is enabled when there's no pedestrians around wouldn't much help pedestrians, and would introduce inefficiency in throughput It forces drivers to reduce speed and come to a full stop; dramatically decreasing the likelihood of collisions with pedestrians they did not notice. reply crackercrews 2 hours agoparentprev> designed with cars in mind, not human beings This is a bad faith framing. The cars are driven by humans. Or in the case of autonomous driving, are driving humans around. I've come up to plenty of lights that had the pedestrian signal lit even though there were no pedestrians. This happens during the day and at night, and is frustrating. Just happened the other day when I was driving around midnight. Not a pedestrian in sight! reply dleslie 2 hours agorootparentIf the designers were truly considering the well-being of the occupants of the vehicles then they would be designing cities to minimize the time spent in vehicles; which means more than saving a few seconds at a stop light, it means getting them out of their cars entirely. reply crackercrews 1 hour agorootparentThat might fly in temperate parts of California, but it sure doesn't work in places with less pedestrian-friendly weather. reply jplrssn 1 hour agorootparentThere are plenty of examples of walkable neighbourhoods in places with cold and/or wet weather. reply crackercrews 13 minutes agorootparentYes, there are some places that people can walk, nearly everywhere. But GP suggested \"getting them out of their cars entirely\". That is not a nuanced proposal that acknowledges tradeoffs and seeks to find a balanced approach. It's saying that people should not be in cars. Tell that to a parent with 4 bags of groceries and 3 kids and see what the reaction is. If we want better cities and towns, zealotry won't get us very far. It will get us laughed at. And I say this as someone who walks all the time and is about to do so right now. reply asmor 2 hours agoparentprevI'm about 99% sure that was a rhetorical question so you can ask yourself why we put cars before people. reply criddell 2 hours agorootparentPeople are in cars too. reply leonheld 2 hours agorootparentI think we should give priority to the people who are no inside multi-ton metal boxes, pollute less, can get on average healthier due to walking etc etc... At least inside our cities. reply simiones 2 hours agoprevIt's very strange to complain that cars run red lights, but somehow not stop signs. I expect that if the intersection were as empty as it was when he was filming, you'd easily find people driving at a similar speed regardless of the stop signs too. reply itishappy 1 hour agoparentMy experience has been that cars will happily roll through stop signs, but at nowhere near full speed like they're doing here. reply the_sleaze_ 2 hours agoparentprevI know it as the \"California Roll\" - to slow down but continue to cruise through stop signs. reply simiones 1 hour agorootparentIn my own country, where stop signs are relatively rare anyway, this behavior is so common that it doesn't even have a name. I think it's much more unexpected here to see anyone truly stop at a stop sign on an empty street than it is to see them slow down and then continue on. And I would bet police would not bat an eye 99% of the time if they saw someone do it. reply floren 2 hours agorootparentprevThat's old fashioned, the current \"California roll\" is to just continue at full speed through stop signs or red lights. reply benjijay 2 hours agorootparentI am more familiar with (and more partial to) a California Roll consisting of 'crab' sticks, avocado, and cucumber, wrapped in seaweed and then rice. reply mungoman2 3 hours agoprevThis is an annoying change, but the cars in the video weren't actually running any red lights. Doesn't help the case to exaggerate. reply soperj 2 hours agoparentIt's a 34 second video. One enters the intersection after the light has turned red (pause the video, you can see it). The other is half way through the intersection before the light turns red, definitely speeds up to make the light, which is what they're talking about. reply AlfeG 1 hour agorootparentGreen state is very short. 15 seconds is barely enough for 2-3 cars. My guess this force drivers to speedup. reply DHPersonal 2 hours agoparentprevPedestrian \"annoyed\" by driver, funeral details to follow reply runako 2 hours agoparentprevhttps://imgur.com/a/ASSeakh reply mungoman2 48 minutes agorootparentThat triangle doesn't mark the stop line though, it's further back. If cars stopped at the triangle they would block pedestrians crossing the street. reply whimsicalism 2 hours agorootparentprevthink it’s just on the margin - they’re in the intersection in this shot and it’s not illegal (at least where i’m from) to be in the intersection when the light turns red reply Ithildin 2 hours agoprevAside from the debate, 600k seems insanely high for this intersection. No wonder this country's infrastructure is crumbling when it takes over half a million dollars to put in a few lights. reply prasadjoglekar 2 hours agoparentThis sort of work usually costs 3x what is should, because the firm doing the work has to pay state minimum wage and/or hire union labor. reply simiones 1 hour agorootparentMinimum wage in California seems to be $16 an hour. I doubt this intersection took 37 500 man-hours to finish, so I don't think the cost is explained by wages. Also, $200K would still seem like a gigantic amount of money for adding stop lights to a single intersection. reply kjkjadksj 1 hour agorootparentYou probably need an engineer. A couple. They might have to run traffic studies beforehand to estimate the design requirements and light timing. They might have to consider other network nodes beyond this in their modeling. They might have to also run studies afterward to retime the lights to meet realized demand. I’m surprised its not a $6m project honestly. reply danenania 36 minutes agorootparentThere's a proposal to redo a playground in San Mateo's central park—bids have come in around $16M. https://www.cityofsanmateo.org/4142/Central-Park-Playground-... It's a nice playground design for sure, but it's kind of amazing to consider what could be built privately for the same amount. You could literally build a palace on a giant estate with fancy landscaping, a swimming pool, tennis courts, movie theater, etc. Of course there are reasons why public projects are more expensive, but it does seem pretty crazy on the surface. reply whimsicalism 1 hour agorootparentprevthe issue is the prevailing wage requirement (3x+ minimum wage). it would be easy to complete this cheaply with just minimum wage labor reply rafram 2 hours agorootparentprevWould it be better if they hired non-union labor at $5/hour (1/3 the minimum wage)? Would you apply for that job? reply ars 1 hour agorootparentObviously that would be better. If no one applied for the job you raise rates until someone does. You don't artificially start unnecessarily high. If you do you are basically stealing from taxpayers to give gifts to unions. reply alkonaut 3 hours agoprevKnew before I clicked: it's a flat 4-way intersection of two large-ish streets where the", + "originSummary": [], + "commentSummary": [ + "The debate centers around whether intersections should prioritize pedestrian safety or driver efficiency, with some favoring light-controlled intersections and pedestrian scrambles over 4-way stops.", + "Opinions vary on traffic laws and infrastructure design, with discussions on the safety of jaywalking and the risks associated with right turns on red.", + "Some advocate for alternative solutions like roundabouts or adopting Dutch traffic engineering standards to enhance both safety and efficiency." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL is the Database Management System of the Year 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "English Deutsch Knowledge Base of Relational and NoSQL Database Management Systems provided by Redgate Software HomeDB-Engines RankingSystemsEncyclopediaBlogSponsorsSearchVendor Login Featured Products: Milvus Datastax AstraRaimaDB Neo4jSingleStore RSS Feed Tags Want to publish an article here? Blog > Post PostgreSQL is the Database Management System of the Year 2024 by Tom Russell, 13 January 2025 DB-Engines is today announcing that PostgreSQL is our DBMS of the Year for the second year in a row, winning for the fifth time overall. DB-Engines is today announcing that PostgreSQL is our DBMS of the Year for the second year in a row, winning for the fifth time overall after also being top-ranked in 2017, 2018, 2019, and 2023. Second in the rankings was Snowflake, followed by Microsoft in third place. PostgreSQL has emerged as the most popular database management system over the past year, outpacing all other 423 monitored systems. Nearly 35 years ago, the database system known as Postgres made its debut. Since then, PostgreSQL has undergone significant transformations, driven by a continuous stream of enhancements that ensure it remains at the cutting edge of DBMS technology, while also offering a dependable and stable platform. PostgreSQL 17, launched in September 2024, introduced additional performance enhancements and expanded replication options, among other improvements. All of this continues to make PostgreSQL one of the most successful open-source projects ever. Snowflake is the runner up and is a cloud-based data warehousing company that has gained significant traction in recent years. Its unique architecture allows for the separation of storage and compute, providing flexibility and scalability. Snowflake's support for multi-cloud environments and its data sharing capabilities have made it a popular choice for businesses looking to leverage cloud data warehousing. Snowflake's rise in the rankings reflects its growing influence and adoption in the industry. Microsoft's Azure SQL Database and SQL Server continue to be strong contenders in the DBMS market. Azure SQL Database offers a fully managed relational database with AI-powered performance optimization and scalability. SQL Server, with its hybrid capabilities, allows for seamless integration between on-premises and cloud environments. Microsoft's commitment to innovation and its comprehensive suite of data services have solidified its position in the top ranks. For more information about navigating the complexities of managing multiple databases, read more here from Redgate, or visit red-gate.com Notes to editors Methodology We calculate the DBMS of the year by subtracting the January 2024 from the January 2025 scores. We use the difference between each DBMS’s score, rather than a percentage growth, which would favor systems with lower popularity at the beginning of the year. The DMBS of the year is an illustration of how much each system increased in popularity during the year. You can read more about our exact methodology here, but in short we are ranking popularity of DBMS based on how much people are discussing and communicating about each system, including job offers, professional profile entries and citations on the web. job offers, professional profile entries and citations on the web. About Redgate Software Redgate offers end-to-end database DevOps to help enterprises streamline software development and surface value from their data faster. Redgate's portfolio of solutions helps organizations reliably solve the complex challenges of database management across the DevOps lifecycle on any database, any platform, anywhere. We make life easier for IT leaders, development and operations teams, increasing efficiency, reducing errors and protecting business-critical data. More than 200,000 companies globally, including 92% of the Fortune 100, trust Redgate to deliver ingeniously simple software. Media Contacts Meghana Shendrikar Allison Worldwide for Redgate Software redgate@allisonworldwide.com Share this page About UsAdvertising and ServicesPrivacy PolicyContact Follow DB-Engines on:Copyright © 2025 Red Gate Software Ltd Featured Products The data platform to build your intelligent applications. Try it free. See for yourself how a graph database can make your life easier. Use Neo4j online for free. RaimaDB, embedded database for mission-critical applications. When performance, footprint and reliability matters. Try RaimaDB for free. Vector database designed for GenAI, fully equipped for enterprise implementation. Try Managed Milvus for Free Bring all your data to Generative AI applications with vector search enabled by the most scalable vector database available. Try for Free Present your product here", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "PostgreSQL is the Database Management System of the Year 2024 (db-engines.com)239 points by plaur782 7 hours agohidepastfavorite79 comments m_st 5 hours agoI so badly wish we could change a big Windows business application to use PostgreSQL rather than Microsoft SQL Server just because of the licensing costs. SQL Server is a fantastic product, but restricted to 128GB RAM and a few CPU cores or you have to start paying so much, that not even our biggest customers can justify it. Migration isn't easy, as this venerable application uses ADO.NET Datasets with TableAdapters and plenty of stored procedures. The syntax is almost compatible though. But not enough unfortunately. For our next product, we're sure to bet on PostgreSQL instead. reply chasil 3 hours agoparentAn enormous flaw of Sybase/Microsoft SQL Server is that it does not implement the SQL/PSM standard. https://en.wikipedia.org/wiki/SQL/PSM The syntax for this does come largely from Oracle. \"SQL/PSM is derived, seemingly directly, from Oracle's PL/SQL. Oracle developed PL/SQL and released it in 1991, basing the language on the US Department of Defense's Ada programming language.\" In any case, I have thousands of lines of PL/SQL written by many people which are currently useless for SQL Server applications. SQL Server should implement SQL/PSM. The sooner, the better. For those trying to escape the licensing costs of SQL Server, Babelfish may be an option. https://babelfishpg.org/ reply munchler 3 hours agorootparentSybase SQL Server hasn't been a thing for at least a decade. The Microsoft fork happened more than 30 years ago. reply sbuttgereit 1 hour agorootparentAnd yet.... it lives still.... https://www.sap.com/products/technology-platform/sybase-ase.... https://en.wikipedia.org/wiki/Adaptive_Server_Enterprise reply kylecordes 4 hours agoparentprevYes, this is such a big challenge for commercial database products. PG is so great that it often makes the most sense to reallocate the money to more CPU/RAM/SSD, rather than licenses. reply belter 4 hours agoparentprevTest this: \"Goodbye Microsoft SQL Server, Hello Babelfish\" - https://aws.amazon.com/blogs/aws/goodbye-microsoft-sql-serve... Or the Opensource project: https://babelfishpg.org/ reply bdcravens 3 hours agorootparentI evaluated this for our database and ran into many cases where it wasn't a 1:1 replacement, especially if you lean heavily on stored procedures. Additionally, our db library (it's a Rails app; the database was originally used with another language) needed features Babelfish didn't support. It may be worth another look for us, but I assume it still shouldn't be considered a 100% drop-in. reply masfoobar 2 hours agoparentprev> I so badly wish we could change a big Windows business application to use PostgreSQL This ^^^ A small businness I (no longer) work for was using Windows Servers, SQL Server, Classic ASP, .NET and other things. It was expensive! I tried sooo hard to migrate to get them to realise the savings moving over to Linux and Postgres, and get their DATED software over over afterwards! Well, it was Linux and MySQL/MariaDB but I have slowly grown fond of Postres over the last couple of years. I will always remember (and find funny) when we purchased a server a third-party no longer wanted to support for us anymore (linux+php) and my boss said \"they only pay £300 a year for that server\" -- yep. reply cheema33 1 hour agoparentprevWe are in the same boat. An older application with lots of dependencies on MS SQL Server. We are slowly chipping away at it with our migration effort. reply accra4rx 42 minutes agoparentprevGo Babelfish reply pmarreck 4 hours agoparentprevLLM's might be able to translate the stored procedure code without too much difficulty, and assuming you have test coverage. Might also do a good job of translating DDL code such as index definitions etc. I too was impressed with SQL Server last time I used it (big note: SQL Server is one of the few commercial DB's that does real nested transactions; PG does not), but I get it. reply dspillett 3 hours agorootparent> SQL Server is one of the few commercial DB's that does real nested transactions More or less. The default ROLLBACK behaviour is to roll back the whole nest. You have to use SAVE TRANSACTION instead of BEGIN TRANSACTION and specify the name in ROLLBACK. If doing this in a procedure that may or may not be part of a nested transaction (an explicit transaction wasn't started before it was called) you have to test to see if you need to BEGIN or SAVE¹ and what to do if a rollback is needed (you likely don't want to ROLLBACK everything if you used SAVE, but have no option if you used BEGIN). Not exactly intuitive. And saved transactions can cause excessive lock escalation, impacting concurrent performance. SQL Server is generally a damned fine product overall, both generally and compared to a lot of other things emitted by Microsoft, but it isn't even close to perfect in some areas. ---- [1] ref: https://learn.microsoft.com/en-us/sql/t-sql/language-element... reply pmarreck 13 minutes agorootparentThanks for the clarification. I'm not one to compliment Microsoft software products, but Analysis Services and SQL Server, at least when I used them at the time over 10 years ago, seemed like darn fine products (which they purchased from someone else, I believe...) reply werdnapk 4 hours agorootparentprevWhat's a real nested transaction? What's postgresql missing? https://www.postgresql.org/docs/current/subxacts.html reply pmarreck 17 minutes agorootparentSavepoints are not considered legitimately isolated nested transactions. To the best of my knowledge. Note: Am not a DBA, merely a full stack dev that has worked with various databases over the years. reply BrentOzar 4 hours agorootparentprev> SQL Server is one of the few commercial DB's that does real nested transactions Not sure where this myth keeps coming from, but no, it does not: https://www.sqlskills.com/blogs/paul/a-sql-server-dba-myth-a... reply pmarreck 15 minutes agorootparentInteresting. Is this still up-to-date? The link you posted is 15 years old reply cpursley 1 hour agorootparentprevYou're getting downvoted by gatekeepers but LLMs are amazing with SQL and this is a great use-case. reply hnthrow90348765 1 hour agorootparentAnecdata, but I agree. I went from a recursive CTE (that occasionally would take 1GB+ of memory for zero rows) to a loop and used AI to do it, and it did a pretty good job reply cpursley 4 hours agoprevTurns out Postgres Is Enough: https://gist.github.com/cpursley/c8fb81fe8a7e5df038158bdfe0f... (Gist contains a bunch of Postgres ecosystems things, if anything is missing, please let me know) reply emmanueloga_ 4 hours agoparentKind of, with caveats. For one \"extensions can interfere with each other and cause incorrect behavior\" [1], and the practicallity of implementations varies. Say, Cypher queries using AGE can be order of magnitude slower than using a dedicated graph DB [2]. Yes, you can drive a Ford Falcon coast-to-coast, but how much gas are you going to spend? Postgres is a solid database but has roots in the 80s. Optimizing for modern hardware would reduce hosting costs and improve efficiency. [3] This isn’t criticism of Postgres as a database but of the idea that it’s inherently sufficient for all use cases. -- 1: https://www.cs.cmu.edu/~pavlo/blog/2025/01/2024-databases-re... 2: https://blog.kuzudb.com/post/what-every-gdbms-should-do-and-... 3: https://cedardb.com/blog/ode_to_postgres/#why-is-everyone-st... reply SOLAR_FIELDS 3 hours agorootparentOf course there are better time series than Timescale. Better graph databases than AGE. Better GIS databases than PostGIS. The point made when it comes to Postgres is 9 times out of 10 you don’t need better thing. And unless you have that compelling optimization already ready to go with receipts to back it up, probably you should pick Postgres reply ants_a 2 hours agorootparentprevNot disagreeing, but for more context. These blog posts also have to be taken with a grain of salt as the authors obviously have their own project to promote, coloring their point of view. The algorithms detailed in the graph DB post can be run on top of PostgreSQL, though one has to do some of the work of the DBMS themselves (maintaining indexes, transforming query to correct form). It's extra work and requires some knowhow, but up to some extent it works \"well enough\". Similarly, the CedarDB comments, that could be boiled down to the lack of column major batched executor model, are mostly applicable to analytical queries. Point query and traversal type workloads are not as different. There are various projects that work around this to some extent by sticking DuckDB into PostgreSQL . This gets vectorized execution on mass data scans, which is usually enough to get into the right ballpark. The point being that the amount of use cases where Postgres is sufficient is highly dependent on the skill and time put into it. And at some point the extra organizational cost of going heterogeneous is going to be worth the payoff. The hard part is figuring that out ahead of time. Which is why my recommendations for starting developers is to just use Postgres until it starts to hurt, then optimize it to work well again and use the insight gained to see what functionality needs to be peeled off into a specialized system. reply caseyohara 2 hours agorootparentprev> Yes, you can drive a Ford Falcon coast-to-coast, but how much gas are you going to spend? Postgres is a solid database but has roots in the 80s. Optimizing for modern hardware would reduce hosting costs and improve efficiency. This is disingenuous. If you’re comparing Postgres to CedarDB, a more apt analogy would be Postgres is a late model Ford F-150. A utility vehicle with roots in the 80s but continuously improved since then. Not the most efficient vehicle or the fastest, but has lots of utility and great reliability. People have collectively driven F-150s for billions of miles. And CedarDB is a concept car that some guy built in his garage. It might be efficient but it certainly isn’t proven to be reliable like Postgres is. If I’m taking a coast-to-coast trip, I’m driving the F-150. I might not get there quickly or efficiently, but I’m sure I’ll get there. And if my F-150 breaks down, there are thousands of mechanics between the coasts that can help me get back on the road. If I take the CedarDB concept car, when it breaks down there are only one or two people that can help me, and they are thousands of miles away. reply pelagicAustral 4 hours agoparentprevReplication with Bucardo reply jasoncartwright 5 hours agoprevAfter coming back to coding after ~10-15 years away, databases are IMHO the most improved element of the dev/devops experience. Managed Postgres on Google Cloud is a fantastic product (I'm sure other cloud's offerings are also similarly good). Backups, replication, point-in-time recovery, managed updates, plus quick & easy system & query insight tooling. All for less than £1/day. reply eerikkivistik 4 hours agoparentWhile I do love Postgres and use it daily on AWS and Google Cloud, I will add that the managed Postgres on Google Cloud is a mess in some areas. For example they use some EOL extensions outdated for 10+ years (a specific example is GEOS) and refuse to update it and give no control for you to upgrade it either. reply refset 4 hours agorootparentI wonder where things will stand in 10 years from now. Will many orgs still be consuming vanilla Postgres, or will most workloads have shifted to ~proprietary implementations behind cloud services like \"Aurora PostgreSQL Limitless Database\" and \"Google AlloyDB for PostgreSQL\" due to unrivalled price-performance? In other words, can progress in OSS Postgres keep up with cloud economics or will things devolve into an even messier ecosystem centred purely around the wire protocol and SQL dialect? reply PittleyDunkin 4 hours agorootparentDatabases seem to grow much slower than other assets, so maybe this price advantage just won't be worth the vendor lockin. Hell my current extremely valuable postgres database worth literally millions of dollars is about thirteen gigs and could be hosted on my mac mini if I really wanted to. Still, the managed hosting is worth it—only without vendor lockin! reply ethbr1 4 hours agorootparentDBMS (and DBAs) tend to be more conservative, so extensions and implementations diverge much more slowly than, say, js. There's also the incoming business argument in favor of not diverging too far from baseline. If I'm AWS/Azure/GCP trying to attract a customer from a competitor service, 'completely rewrite your app to be able to use us' isn't a compelling pitch. MS SQL Server and Oracle have different incentives, but the cloud services would probably prefer portability and decreased maintenance / fork support load. reply cpursley 4 hours agoparentprevIf you think those are nice, check out neon.tech - set up was faster than any of the big cloud providers. reply jasoncartwright 4 hours agorootparentUnfortunately they don't have anything in a region where my code runs. Interesting though! reply nikita 2 hours agorootparent(neon ceo). What region are you in? reply jasoncartwright 2 hours agorootparentHi! London. reply nikita 5 minutes agorootparentOh, that's coming very very soon! London and San Paolo. Def in Q1. andruby 4 hours agoparentprevI love PG. PostgreSQL already had most of its great features 15 years ago. Anything new that you particularly enjoy? reply jasoncartwright 3 hours agorootparentI guess it's the zero-hassle managed service that's the improvement rather than the DBMS itself reply edoceo 4 hours agorootparentprevjsonb reply happymellon 4 hours agorootparentAt 10 years, it is newer than 15 but its not a new feature by a long shot. reply tmountain 1 hour agorootparentRLS (row level security) came out in 9.5, January 2016. It's a game changer when used in combination with JWT tokens for identity and something like PostgREST. Specifically because a client can talk directly to PostgREST and run queries directly against the DB while letting the RLS policies dictate access. Example, a mobile client is allowed to insert data on the auth'd user's behalf, but the same user can only access rows that are associated with their own identity. Supabase rolls this up into an out of the box solution, which basically eliminates a lot of work writing \"middleware APIs\". reply edoceo 3 hours agorootparentprevIt's been available for less than half the time I've been using PostgreSQL. I stil consider it new. reply ExoticPearTree 6 hours agoprevI wish someone that has resources to invest into making the replication in PostgreSQL seamless, easy to configure and easy to change masters without anything like pgbounce and friends. Otherwise, PostgreSQL is fantastic. reply sgarland 4 hours agoparentPgbouncer is a connection pooler; it has nothing to do with replication. That said, it’s not that hard to set up replication [0]. Properly tuning the various parameters, monitoring, and being able to fix issues is another story. RDBMS is hard. MySQL is IMO the easiest to maintain up to a certain point, but it can still bite you in surprising ways. Postgres appears to be as easy on the surface, buoyed by a million blog posts about it, but as your dataset grows, so does the maintenance burden. Worse, if you don’t know what you should be doing, it just eventually blows up (txid wraparound from vacuum failures probably being the most common). [0]: https://www.postgresql.org/docs/current/runtime-config-repli... reply orthoxerox 4 hours agorootparent> txid wraparound from vacuum failures probably being the most common Hopefully OrioleDB can upstream all the necessary changes soon. For those who don't know, it's a storage engine for Postgres that uses undo logs instead of vacuuming old records. reply oliverrice 2 hours agorootparentOrioleDB maintains a very small set of Postgres patches that are targeted for upstream. The storage engine that mitigates the need for vacuuming [1] is implemented in a standard Postgres extension, so that will still need to be installed by the Postgres host in order to take advantage of it. But yeah, looking forward to that day too! [1] https://www.orioledb.com/blog/no-more-vacuum-in-postgresql reply ExoticPearTree 3 hours agorootparentprevYes, you are right, but I was thinking of the ease of having a high-availability setup and pgbouncer was the first thing that came to mind. And yes, I read the documentation and it is still cumbersome to have an HA setup that is easy to maintain. This is what I mean and hope it is clearer now. reply qaq 5 hours agoparentprevProblem is primary devs of Postgres are consulting shops that make money in this space so making it seamless would affect their revenue reply throw0101c 4 hours agorootparentE.g., * https://www.enterprisedb.com/docs/pgd/4/bdr/ reply eatonphil 3 hours agorootparentI work on PGD but I'm pretty sure we actively support open-source options for HA: https://github.com/EnterpriseDB/repmgr reply homebrewer 5 hours agoparentprevI'm hoping for seamless upgrades at some point, like MySQL does it — you install the next major version and restart the daemon. It's completely unnecessary for major operators, but is a life-saver for small businesses, websites that don't need 99.99999% of uptime (i.e. almost all of them), in development, etc. reply rickette 5 hours agoparentprevOut of the box HA would make it complete. Apart from patroni, anyone experience with https://github.com/hapostgres/pg_auto_failover? reply jskrablin 2 hours agoparentprevTake a look at https://github.com/hapostgres/pg_auto_failover it's quite simple to use and manage. You can use libpq support for target_session_attrs (been there since Pg 10 - https://paquier.xyz/postgresql-2/postgres-10-libpq-read-writ... ) so you don't need active loadbalancer in front of your Pg cluster. You can however create your own health/status check service on top of pg_autoctl show state and use HAProxy if required. I don't think there's something easier to setup and manage than pg_auto_failover, Patroni always appeared very complicated to me. reply spprashant 2 hours agoparentprevWhat we really need is a de-facto open source tool to manage logical replication seamlessly. The devs have built all the pieces, and as of v17 there are very few limitations. But I am constantly tripping over the fact that I cannot observe how the replication is progressing, and a good way to mitigate failures. reply _joel 6 hours agoparentprevIsn't citus quite good at that? https://www.citusdata.com/ reply remram 3 hours agorootparentI think Citus only does sharding not replication. You can use it together with Patroni though. reply bblb 5 hours agoparentprevI would say Pgpool-II is still the best we got. This video covers pretty much all the practical stuff. I timestamped the parts in a comment. PgPool II Performance and best practices https://www.youtube.com/watch?v=bMnVS0slgU0 reply cpursley 4 hours agoparentprevTurning on replication in neon.tech is literally just a switch. And it plays well with a CDC library of mine: https://github.com/cpursley/walex reply cedws 3 hours agoparentprevI agree, Postgres is great but I think it's just a little crusty for cloud environments. Clustering should be built in and easy to configure. reply joduplessis 5 hours agoparentprevSomething pg native would be fantastic. reply himinlomax 6 hours agoparentprevPatroni is pretty good at this. reply eatonphil 5 hours agorootparentCan patroni replicate across mixed versions of Postgres? (i.e. can it do logical replication? [and handle DDL replication?]) I thought patroni only did physical replication (only replicates across the same version of Postgres). But maybe I'm mistaken. reply xiphias2 2 hours agoprevIt's a bit strange that SQLite went up only 1 place on the ranking (to the 10th). There's a lot of new articles of how to improve its performance and I love that I don't have to care about the n+1 problem so much. It is now the default production database for Rails for a good reason. reply jabwd 1 hour agoparentSQLite performance is kinda nutty. My design of the DB at the time was probably poor (but I was 15 so cut me some slack :D) but I made an app that had to run on iPod Touches at the time, so we could use the accelerometer for physics class in school. initially the performance was too poor, but after a bunch of reading and some changes in how I was using SQLite I got it to easily do more than 100k rows per second of insertions (the db wasn't very wide). On an old embedded device, mind you. Didn't need that much, but wowza! was my expression at the time. I've had a love for it in my heart every since. reply cpursley 1 hour agoparentprevDon't get me started on Rails and all the anti-patterns that Active Record introduces... reply nttdocomo 6 hours agoprevThe methodology and general concept of this is a bit silly IMO, but that being said I've never regretted going with postgres whenever I choose it. reply shin_lao 5 hours agoparentDB Engine rankings are not very reliable and are constantly gamed, they shouldn't be used for anything serious. reply pbronez 5 hours agoparentprevMethodology details available here [0]. They measure popularity by collecting at several flavors of online mentions, then normalizing and averaging them. Specific sources include: - Number of mentions of the system on websites, measured as number of results in search engines queries. […] - General interest in the system [via] Google Trends. - Frequency of technical discussions about the system [on] Stack Overflow and DBA Stack Exchange. - Number of job offers, in which the system is mentioned [on] Indeed and Simply Hired. - Number of profiles [mentioning] the system [on] LinkedIn. - Relevance in social networks [by counting] Twitter (X) tweets, in which the system is mentioned. Seems like a reasonable approach to me. They should add more social networks now that Twitter/X is hemorrhaging marketshare. Mastodon, Bluesky and Threads should be included. Honestly I see that all over… so many sites have Twitter integrations that haven’t even been update to X yet. Gonna take a while for the broader ecosystem to shift. [0] https://db-engines.com/en/ranking_definition reply paxys 4 hours agoprevFrom their methodology page (https://db-engines.com/en/ranking_definition), it seems they use: - Number of search results for each DB's name - Google Trends - Mentions in Stack Overflow etc. - Mentions in Tweets - Mentions in people's LinkedIn profile Probably gives a vague idea of popularity of the system, but the measure is otherwise pretty useless. reply INTPenis 1 hour agoprevI don't know anything about db-engines.com but I have literally been hearing nothing but good things in regards to postgres for 20 years now. My very first job the boss told me a story of how they helped a client who was throwing hardware at their mysql DB by migrating them to postgres. Ever since I've preferred postgres. Even though I couldn't tell you on a technical level what exactly makes it better. reply pjmlp 4 hours agoprevI wonder how they came to this conclusion given that the ranking page shows otherwise, with Oracle first, having a score of 1258.76 over PostreSQL at 4th place having a score of 663.41. https://db-engines.com/en/ranking reply pella 4 hours agoparentsee -> Methodology ( https://db-engines.com/en/blog_post/109 ) \"Methodology We calculate the DBMS of the year by subtracting the January 2024 from the January 2025 scores. We use the difference between each DBMS’s score, rather than a percentage growth, which would favor systems with lower popularity at the beginning of the year. The DMBS of the year is an illustration of how much each system increased in popularity during the year. You can read more about our exact methodology here ( https://db-engines.com/en/ranking_definition ), but in short we are ranking popularity of DBMS based on how much people are discussing and communicating about each system, including job offers, professional profile entries and citations on the web. job offers, professional profile entries and citations on the web. \" reply stonemetal12 3 hours agorootparentThe listed diff from Jan 2024 puts Snowflake at almost double Pg, and third place MSSQL server is next to last place. Even if they meant Azure when they said MS in third, it is still in negative territory while there are more than 20 dbs with positive ratings. Postgresql +15 Snowflake +28 MSSQL -78 So DB of the year seems to be based on feels rather than their numbers. reply paxys 4 hours agoparentprev> We calculate the DBMS of the year by subtracting the January 2024 from the January 2025 scores. Although by that measure Snowflake should be #1 not Postgres, so who knows. Seems like they are just subjectively picking what is more internet popular. reply mhartz 4 hours agoprevObviously there's some level of subjectiveness here, but how many years could they realistically have gotten his award? reply giovanni_or2 4 hours agoprevDeserved, Postgres is enough for 95% of normal use cases reply zild3d 5 hours agoprev [–] Confused why their ranking has postgres at 4 then? https://db-engines.com/en/ranking reply BrentOzar 5 hours agoparentBecause it's more about trends than current rankings. reply pbronez 5 hours agoparentprevThey specifically look at the absolute change from the score last January. Biggest delta = DB of the year. From the article: “We calculate the DBMS of the year by subtracting the January 2024 from the January 2025 scores. We use the difference between each DBMS’s score, rather than a percentage growth, which would favor systems with lower popularity at the beginning of the year. The DMBS of the year is an illustration of how much each system increased in popularity during the year” reply pseudocomposer 5 hours agoparentprev [–] From that site’s own info page: “The DB-Engines Ranking does not measure the number of installations of the systems, or their use within IT systems.” Their methodology, even as stated, seems to be pretty flawed. reply GuidelinesFAQListsAPISecurityLegalApply to YCContact Search:", + "originSummary": [ + "PostgreSQL has been awarded DBMS of the Year 2024 by DB-Engines, achieving this recognition for the fifth time, surpassing 423 other database management systems.", + "PostgreSQL, with a history spanning nearly 35 years, continues to innovate, as seen in the recent enhancements of PostgreSQL 17, released in September 2024.", + "Snowflake and Microsoft secured second and third places, respectively, with Snowflake noted for its cloud-based data warehousing and multi-cloud support, while Microsoft offers robust managed relational databases through Azure SQL Database and SQL Server." + ], + "commentSummary": [ + "PostgreSQL has been awarded Database Management System of the Year 2024 by db-engines.com, highlighting its growing popularity and recognition in the industry.", + "Users are considering switching from Microsoft SQL Server to PostgreSQL due to high licensing costs and resource limitations, despite potential migration challenges.", + "PostgreSQL is favored for its robust features and cost-effectiveness, making it a preferred choice for future projects, although some users explore alternatives like Babelfish to reduce costs." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Google’s OAuth login doesn’t protect against purchasing a failed startup domain", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "Attention Required!Cloudflare . trufflesecurity.comCloudflare 901fe49deb2dd638 • 172.200.180.240 •", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "Google’s OAuth login doesn’t protect against purchasing a failed startup domain (trufflesecurity.com)200 points by simiones 2 hours agohidepastfavorite112 comments stackghost 1 hour agoIt's not 100% clear to me, from reading TFA, what the actual vuln is. Suppose DankStartup folds and I, being a morally-dubious sort of fellow, purchase dankstartup.net which I then use to sign into DankStartup's O365, or DankStartup's ChatGPT as a DankStartup employee. Isn't that a failure on DankStartup's part, to not shut down their business accounts? And isn't it also a failure on e.g. Microsoft or OpenAI's parts, since they're providing service to a defunct business entity who can't pay its bills? To describe this as a vuln in oauth doesn't really make sense to me. reply danudey 1 hour agoparentWell, think about it this way: 1. I create DankStartup and my company uses Google workspaces and Google auth for a bunch of stuff, like payroll. 2. DankStartup goes under and we close our Google accounts/let our domain lapse. 3. Someone else buys DankStartup.com, sets up a Google workspace, and attempts Google auth to log into stuff, and it works. The problem is that the original DankStartup has a Google account that they create in #1, and Google goes around telling other sites (via Auth) \"this is user X from company Y\". Then, the impostors in step #3 create a different google account with the same domain, and Google says \"yeah, these are definitely the same guys as before\", even though Google is fully capable of discerning that that is not the case; these are different people with a different workspace account, different names, different payment information, and so on, but Google is saying that if you're holding the domain you are therefore the same people as far as they're concerned and is asserting that to other companies. They are (or were) refusing to provide any indication to those other companies that these are not, in fact, the same people, so those other companies aren't even capable of doing their due diligence of extra validation if they want to. It's similar to looking at a driver's license and just matching the name rather than the actual ID number; it's possible for someone else to have the same name as you, and identity documents have unique identifiers for specifically that reason. reply stackghost 27 minutes agorootparent>Then, the impostors in step #3 create a different google account with the same domain, and Google says \"yeah, these are definitely the same guys as before\", even though Google is fully capable of discerning that that is not the case; these are different people with a different workspace account, different names, different payment information, and so on, but Google is saying that if you're holding the domain you are therefore the same people as far as they're concerned and is asserting that to other companies. Yep I understand the mechanism by which this gets abused; I think we just disagree on the implications. I don't work for Google but it seems from the outside that they're treating the OIDC subject claim as referencing the domain attached to the workspace account, or something similar. I've seen implementations where the `sub` claim is more granular, so to me that indicates the field is underspecified. Given all that, I suppose TFAuthor's proposed solution is a good way forward. I still think classifying this as an OAuth vulnerability isn't correct. reply johnmaguire 14 minutes agorootparentTraditionally, SAML / OIDC trust is established using public/private keypairs. Each IdP/SP pair gets a unique combination. In this case, a domain changing hands would not allow the new owner to gain access to the old owner's accounts. In the case of Google OAuth, it's possible to forego this in order to allow any Google user from any Google workspace to login to your application. See the distinction between \"public and internal applications\" here: https://support.google.com/cloud/answer/6158849?hl=en#zippy=... Some applications (e.g. Tailscale) take advantage of the public Google OAuth API to provide private internal corporate accounts. A common misconfiguration here is to use the domain portion of the \"email\" attribute - this can be spoofed by Google Workspace admins. That's not what's happening here. Instead, Google instructs you to look at the \"hd\" parameter, specific to Google, to determine the Google Workspace a given user belongs to for security purposes. This field cannot be overridden by Google Workspace admins. The trust breaks down when the domain changes hands, a new Google Workspace account is opened, but the old \"hd\" value is reused. You can read more about \"hd\" here: https://developers.google.com/identity/openid-connect/openid... (find the table and read the descriptions for both \"email\" and \"hd\".) You can avoid this issue by using a custom Google OIDC IdP configured for internal access only in your applications, rather than using a pre-configured public Google OIDC IdP (be very careful you mark it internal!) A new domain owner would not be able to retrieve the secret key you previously generated. reply anon84873628 28 minutes agorootparentprevIt seems there are two possible problems. The first is whether taking over a lapsed domain allows you to takeover an existing Google Workspace (or Cloud Identity) organization. This it what houses the corporate email accounts and OAuth client registrations. If Google allows this scenario then the linked account takeover is simply one symptom / side effect among many. TFA is not clear on whether this step actually happened... I assume not, since if it were the case we'd be talking about direct access to the Google account data rather than only linked SP accounts. The second is when an SP doesn't properly use the `sub` claim as a unique identifier. It sounds like some products don't understand this requirement and why it \"seems to change 0.04%\" of the time. I do agree that a unique identifier for the org itself would be a good addition to the token. That said, I'm still not clear how the second problem manifests if the old OAuth client creds (housed in the old Workspace org id) are invalid. Presumably attacker can login to the SP admin account using just email based password recovery, then reconfigure the OAuth integration with new secrets. In that case the SP is failing to do MFA on the email login. Would love to hear if I'm missing something. reply arnarbi 33 minutes agorootparentprev> They are (or were) refusing to provide any indication to those other companies that these are not, in fact, the same people That is not quite true, the sub field will be different. reply Ninn 29 minutes agorootparentBut authors does imply that sub will also change in place for users in step #1, without the workspace beeing recreated. And as such the sub is not usable as a general identifier for the user resource differentiation. reply anon84873628 25 minutes agorootparentThe sub property appearing to change for the same email address is a valid scenario. SPs failing to respect that scenario because they don't understand it, or because it's not what some of their users want, is not a valid excuse. https://support.google.com/a/answer/33314?hl=en&co=DASHER._F... To me it is reasonable that orgs may want to eventually reuse an email address on a different user account. That's a feature decision made by the IdP so SPs need to respect it. I believe other IdPs like Okta and Entra have equivalent features too. reply PKop 58 minutes agorootparentprevYes but he's saying the data on 3rd-party websites should be deleted by the failed startup when they shutdown not just left to sit there. reply PeterFBell 48 minutes agorootparentHe's right, but having failed a number of times, after you've put all your savings into the business, fired all your team, notified and disappointed all of your investors and customers, helped your team find new gigs, filed all the dissolution paperwork, handled all the taxes, disposed responsibly of all of the assets and you now find yourself out of work and often out of cash, occasionally you'll forget to jump through all the hoops to close down all of the SaaS accounts before you stop paying the bill personally to host the email accounts. Of course perfect world you shut down earlier and in a more orderly fashion, but there are so many cases of companies almost failing and then not, it's hard to shutter a company when there is a chance you may go out of business - especially when you feel you're getting close to another raise or becoming default alive :( reply scarface_74 43 minutes agorootparentprevThere are some 3rd party accounts that can be accessed via your SSO or via your personal credentials once you leave. The main ones I can think of is your brokerage account containing your 401K and vested RSUs and your payroll provider like ADP and Paylocity. You still need to have access to past paystubs and end of year tax documents. reply anon84873628 18 minutes agorootparentSSO should stop working when the IdP org is disabled/deleted. IdPs should not allow the org to be resurrected based solely on domain ownership alone. And if a new org is created with the same domain, the SP will need to be reconfigured with new OAuth client creds, and should be relying only on the `sub` claim anyway. Any accounts you need after leaving a company should be tied to your personal email. reply scarface_74 13 minutes agorootparentMy brokerage account could be accessed by both. I agree that is how it should work. But my brokerage account provider is never told to disable access via my IdP. It’s up to my former IdP to not do something stupid like giving someone else my old email address. reply rahkiin 53 minutes agorootparentprevAny domain takeover allows email takeover which allows you to send password reset emails for former employees. Does not matter if it is with oauth or not reply mtkd 31 minutes agorootparentAnd many vendors will send \"restart your service today for $x\" for months afterwards so data not deleted Some SaaS ecommerce platforms and email marketing services will likely give a restarted domain entire customer databases ... reply rahkiin 18 minutes agorootparentThere should be some service for permanently destroying a domain with a single prepaid cost. Somehow preventing bankruptcy laws from getting the domain. Pay X$ up front, then Y$ per month to keep active. Once you cannot pay, it gets blocked forever (paid for by the up front cost). Owned by your service provider so not part of your firesale reply anon84873628 17 minutes agorootparentprevThose password resets should have some sort of MFA step. reply simiones 1 hour agoparentprevYes, why the Slack or HR or interview etc. data would still exist while being inaccessible to the original owner is very strange. The article seems to take it as a foregone conclusion that those accounts should all be expected to still exist with all the business data, and I don't know if this is based on the author's experience, or it's just a way to make the vuln sound far more serious than it really is. On the other hand, I don't think people normally expect that OAuth depends strictly on domain ownership like this. I think most would expect that it depends on some kind of secret being stored on the IdP account side, uniquely identifying the IdP account holder beyond the email addresses presented. With regular password-based authentication, with MFA, you would at least get an MFA prompt if someone had gotten access to your email address and was being sent a password reset code. But with this type of SSO, any MFA verification is done on the IdP side, so if the IdP recognizes anyone who controls example.com as the rightful owner of any claims, then there is nothing you can do as the former owner of example.com. reply chasemiller 1 hour agoparentprevYes, it's a failure on DankStartup's part. Not really much different than a user buying dankstartup.net, setting up a catch-all email, observing what comes in, and performing password resets for those accounts, allowing for account takeovers. Calling it a vuln in oauth may be a bit hyperbolic, but Google could help prevent it. reply OkGoDoIt 1 hour agorootparentI have catchall email accounts in every domain name I own (mostly so I can do differentiated emails for every service to track/combat leakage), and you would not believe the amount of emails I get that are intended for previous domain owners (and typos too). I haven’t actually done any reset password flows, but there are a bunch of social media and SaaS accounts I could easily take over if I wanted. I used to try to track down whoever the emails were intended to go to and forward it to them and let them know to change it, but that got to be too tedious so nowadays I just ignore them. Still, I wouldn’t call this a vulnerability on the service provider’s part, it’s just user negligence. reply LocalPCGuy 27 minutes agoparentprevThe scenario I was envisioning was a simple as a developer that worked at that startup added DankStartup email to their Github account, committed a bunch of code. Company shut down, but dev doesn't think to disassociate that domain/email. Malicious actor uses this technique to then sign into the Github account, gaining access to that developer's account, not just the DankStartup repos which were probably disabled after non-payment. Now, obviously some fault in that scenario lay with the person who 1) used the same account, and 2) didn't remove the old email once the startup failed. But I'm just using that as a kind of example - there may be other accounts as others have said that need to be accessible years down the line, like financial records and the like, regardless of whether the company is still around. reply placardloop 1 hour agoparentprev> Suppose DankStartup folds … Isn't that a failure on DankStartup's part, to not shut down their business accounts? Expecting an entity that has already failed* to not fail again isn’t an effective security control, unfortunately. * - not every startup that folds has “failed”, but the point still stands reply stackghost 1 hour agorootparent>Expecting an entity that has already failed* to not fail again isn’t an effective security control, unfortunately. Sure, I'm sympathetic to that, but again I don't see how that's within the scope of oauth. reply danudey 58 minutes agorootparentI register a Google Workspace and add CorpDomain.com to it. I then use that to OAuth to other companies (e.g. Slack, payroll companies, etc.). Then my company goes under or closes up and the domain lapses. Someone else comes along, registers a completely different Google Workspace but attaches that same domain to it. The e-mail address is the same, but it's obviously a new Google Workspace with new people, new payment info, new users, etc. Google knows that these are two different workspaces and that there is effectively no connection between the two other than the domain, but they are not presenting that information through OAuth (which is possible) so other companies are not able to do any sort of diligence in ensuring that the correct people are accessing that data. OAuth provides the capability to make this distinction, but Google is (or was?) refusing to provide data to other companies to allow them to make that distinction. This sounds hyperbolic, but Google is effectively lying to these other services that that someone else is in fact the original person that service expects, even though Google knows full well (or is capable of knowing) that that is almost definitely not the case. reply horsawlarway 33 minutes agorootparentI'm not entirely clear on what you expect in this case? You're registering with those 3rd parties using a property (the email address under corpdomain.com) that is now owned by the new party. This feels a lot like complaining that you hired a lawn service and told them to mow at your address, and then didn't update the address or cancel service after you moved. You've sold the domain. Assets associated with the domain are under the control of a new party. For all Google knows, you did this entirely above board and in a coordinated fashion. That new party controls the property. Email resets will also dump right into their hands (They control the MX records for corpdomain.com now...). Legally speaking, it's not even clear you're right - the new person might well be the person actually entitled and expressly supposed to be accessing that service as that account (if the domain was sold as part of an acquisition or sale). reply adamc 26 minutes agorootparentprevSeems like relying on domain alone is a design flaw of OAuth? reply placardloop 1 hour agorootparentprevIf a security mechanism doesn’t account for failure cases, it’s a failure of the security mechanism. It’s a hard problem to solve and I don’t have a solution, but it’s a core goal of every security tool to account for edge cases and failure cases like this. If you tell me that OAuth is completely insecure due to a security issue, it’s not going to make me feel any better if you say “but it’s totally not OAuths fault” - I don’t care who’s fault or scope it is, the end result of a security issue is the same, and to avoid it I’m just not going to use OAuth. reply horsawlarway 31 minutes agorootparentSo you use email/pass and the reset password email dumps right to the new party as well, because they control the MX records for the domain? reply lxgr 13 minutes agorootparentThat's why allowing account recovery using (exclusively) email is indeed a security problem. reply stonemetal12 6 minutes agoparentprevWhat if DankStartup doesn't fold and just forgot to renew their domain, or lost control of their domain for some reason. OAuth shouldn't let you Auth someone else's account just because you can hijack their domain. reply cosmotic 1 hour agoparentprevThird parties is google as single sign on. If such an org/domain is abandoned, a malicious person could 'resurrect' the accounts on those third party sites. It's kind of like a similar situation where a user deletes an email account and then someone else creates an new one in its place, and now they have access to all the third party password reset links. Except in the case linked above, the user never had the ability to delete their accounts before off boarding, and the abstraction isn't just an email, but the account itself. reply reginald78 1 hour agorootparentIn emails case all the larger providers I'm aware of retire addresses to prevent this sort of abuse, probably learned the hard way. Could Google OAuth do something similar here? It now occurs to me that large businesses might have the same issue with emails and former employees (easy to imagine John Smith departing and at a later date John Smith being hired) so I wonder how they typically handle this. reply scarface_74 37 minutes agorootparentCompanies generally don’t reuse emails. If you come back, you can sometimes get your old email and access to your old enabled services. I know when interns were at Amazon and left, their accounts were disabled. But when they came back, they got their old accounts back and the related Slack users reply stackghost 1 hour agorootparentprev>Third parties is google as single sign on. If such an org/domain is abandoned, a malicious person could 'resurrect' the accounts on those third party sites. Yes indeed, and that's exactly what I described in my hypothetical. But it's not clear to me why that constitutes an oauth vuln. reply YetAnotherNick 1 hour agoparentprevAnd not only that, almost every form of auth has the same vulnerability not just log in with Google. If you own the domain, you own the email IDs as well and you can very likely reset password. reply horsawlarway 19 minutes agorootparentYeah, this is the part I'm struggling with. This is absolutely not unique to google oauth, it genuinely seems like a misunderstanding of how the web manages trust. If you own the domain, you own all the property associated with the domain, including all the old email addresses. Magic links and password resets are all going to give the new owner access. Your best bet as a solution is to be using strict 2fa (ex - a yubikey might help here) but even that is likely just \"a conversation with support\" away from being circumvented. This is why winding down a company is supposed to have specific stages and policies associated with the dissolution. You don't just abandon the offices and leave all the filing cabinets behind either, for similar reasons... reply lxgr 12 minutes agorootparent> Magic links and password resets are all going to give the new owner access. Which is why you should never exclusively rely on either for sensitive services. reply ajross 1 hour agoparentprevThe contention isn't that you can impersonate DankStartup, that's obviously not a vulnerability since you are indeed the domain owner. It's that former entities with DankStartup accounts might have used OAuth to create relationships of their own. And when the startup folds, they don't magically disappear. Basically if Sally, the CTO of DankStartup, signed up for Taskrabbit or whatnot, it's possible for you as the owner of the domain to impersonate Sally in the context of that relationship. Obviously the root cause here is that someone misused an account to do something not related to the business. And the actual impact is probably low since high value services tend strongly not to take tiny email domains as identity roots (i.e. sally@dankstartup.com clearly doesn't have a Vanguard account to steal). So... like most security announcements it's oversold and spun. But it's real enough as I read it. reply OkGoDoIt 1 hour agorootparentWhy do you assume sally@dankstartup.com doesn’t have a vanguard account? I’ve absolutely had similar retirement account logins that became difficult to access once I left that employer. Had to contact HR and get them to help me log into my account. If the company had folded during that timeframe I would’ve been screwed. Of course for financial institutions you can probably recover your account through some identity proving process, and generally money transfers require a second factor sms auth, but a domain takeover would probably have been sufficient to at least get someone logged in and able to see my account balance. reply ajross 53 minutes agorootparent> I’ve absolutely had similar retirement account logins that became difficult to access once I left that employer. Yes, but your employer's email domain wasn't repurposed. It's still an operating business, and the account is still there, and still yours. And for accounting reasons they still remember who you are and can recover your important information for creditors, etc... The fact that it's difficult for you to access that account is a feature and not a bug, because it means it's difficult for others too. But you can, and people do all the time. The case here is failed businesses who have abandoned their domains and employee account history. Almost by definition that's a violation of financial regulation already. And this, btw, is the reason why DankStartup employees couldn't use their work emails to open Vanguard accounts. reply simiones 1 hour agorootparentprev> Basically if Sally, the CTO of DankStartup, signed up for Taskrabbit or whatnot, it's possible for you as the owner of the domain to impersonate Sally in the context of that relationship. I don't think this is the issue, unless someone went to some pretty extreme lengths. Configuring OAuth such that the company Google Workspaces account is recognized by Taskrabbit as a valid SSO option is not as simple as signing up to Taskrabbit with your company email instead of personal email. reply nijave 1 hour agorootparentEven then (in my experience) it's pretty common to setup an email based account and it will auto link to an oauth one that already exists. Even if Google revoked oauth, many platforms let you use the email directly to login reply ajross 22 minutes agorootparentYes, but that's not a bug with Google OAuth. If Taskrabbit (in the example) decides to trust dankstartup.com emails as a root of trust for identity even though the business failed, that's on them[1], and certainly nothing Google can have prevented. The contention in the article is that dankstartup.com's new owners can leverage their control of the domain to get access to existing OAuth-based sessions that will look to the service providers as if Google has authenticated the account holder. [1] And just to repeat: that risk is precisely why serious businesses (Vanguard in the example) don't allow obscure email domains as authentication anymore. reply ensignavenger 1 hour agorootparentprevThat sounds like a TaskRabbit vulnerability (in your example), not a Google vuln? It is also a vulnerability in any email based sign in, which relies on email alone without a password to demonstrate account ownership. (Including password resets that rely on email). reply riffic 1 hour agoparentprevit's vital to have extremely skilled and nuanced people managing bug and security report triage because it seems many can overlook the complexities being given. reply VILINBR 1 hour agoparentprevwhats is TFA ? reply 0xffff2 56 minutes agorootparent\"The F-ing article\" (derived from old internet slang \"RTFM\", for \"Read the F-ing manual\", a thing that new users were prone not to do before getting online and asking questions easily answered by RTFM.) reply VILINBR 52 minutes agorootparentthanks reply danudey 57 minutes agorootparentprev\"The f___ing article\" reply codetrotter 48 minutes agorootparentIn polite terms it can also mean “the featured article”. And IMO it makes more sense to read it that way in a top-level comment. Whereas reading it as the f’ing article makes more sense when the word “TFA” is used in a response to another comment like “well, you say that but TFA said such and such”. reply VILINBR 55 minutes agorootparentprevthanks reply ds 3 minutes agoprevNearly a decade ago, there was a website called thehunt.com that basically ran out of money and some employees were acqui-hired by pinterest. All of the assets were left to rot and at the time the company was a good match for another startup of mine. So I reached out to the investors I found on crunchbase and asked if I could acquire everything. We worked out a deal and I did. The issue was the complete lack of people from the old company willing to assist and the complete lack of data for alot of things. There was 1 or 2 people who we could ping from the old company to ping who were super helpful, but the big thing was many things were just lost to time- passwords, history, code repos, etc.. Simply creating a new google apps account allowed us to get full access back to everything - We could even read old slack messages (even DMs!) by resetting each accounts password. The whole thing was shocking to say the least, but with that access we got back into literally every service they used and managed to get it up and running again within a week, which was a good thing because nearly every service it was using was threatening to shut it down every day for lack of payment. I think the solution here is actually way simpler than most make it out to be and could easily be a startup for someone: Create a startup that lets customers simply enter in domains. If the domain EVER goes into the \"pendingDelete\" status, inform the customer. The customer would be random SAAS's that want to protect against this type of attack and could simply choose to disallow access to any account that has had their domain go into that status. reply loginatnine 1 hour agoprevI really don't understand here, the proper way to use Google's OpenID implementation to authenticate someone is to use the `sub` claim. Don't use the email, don't verify it yourself, use the `sub` claim. It's a known fact and is properly documented[1]. If the `sub` changes, it's because it's not necessarily the same person so have a flow ready for that. It could be an employee left and came back, a domain change, an IT error that lead to a reprovisioning of the user, etc. I also fail to see how the proposed solution of having a 'A unique user ID that doesn’t change over time' is different from the `sub` claim. However, the new ID associated to the domain could make sense to enforce a strong 'Everyone from the @domain.com has access' statement. [1] https://developers.google.com/identity/gsi/web/reference/js-... reply JohnMakin 1 hour agoparentI've implemented OAuth flow glue logic a bunch in my career and I agree that the logic doesn't seem to follow from what the documentation says. What's not clear to me though while reading this is, if I delete/lose a domain, and someone re-makes the domain and account with the same email address, does the sub value then change? The docs would seem to suggest yes, but then I am not clear what google actually ended up \"fixing\" in its bug bounty. Was that maybe the bug, and this is just not clearly explained in this post? reply Timshel 1 hour agoparentprevIt all depends on how true this statement is: > “The sub claim changes in about 0.04% of logins from Log in with Google. For us, that's hundreds of users last week”. reply loginatnine 1 hour agorootparentI've been working with an app that uses Google to login for the past 10 years, and I've had problems with sub changing when these situations happened : - Domain change - Company being bought by another one and being integrated in their Google Workspace - Employee leaving and coming back To us, it's very very far from the quoted 0.04% which is to me very high. I had to deal with it 5-6 times in the past 10 years but of course that number will vary depending on the usage of your app and I'm not gonna venture and put a percentage on it. reply herczegzsolt 55 minutes agorootparentIn my opponion, all of those cases very well justify a manual check, or some sort of extended identification before the user is let in. It indicates a deeper cultural issue of \"convenience/profit over security\" if those are sufficient reasons to not check the sub parameter. reply saguntum 1 hour agoparentprevYeah, I'm not really clear on the vuln. It sounds like clients don't validate sub claims because they are unstable? Google's docs say they should. When I first read the post, I thought that maybe Google was reusing sub claims when they shouldn't, but on a closer read, maybe it's the opposite problem - that the sub claim is changing when it should not change? From the article - “The sub claim changes in about 0.04% of logins from Log in with Google. For us, that's hundreds of users last week ... Because the sub claim is inconsistent, it cannot be used to uniquely identify users - leaving services reliant on the email and hd claims.\" So maybe clients aren't using the sub claim because validating \"email matches && sub matches\" breaks real users who are not actually changing accounts? AKA, Google is changing Google Account IDs unpredictably? That would be a bug on Google's part IMO. If those account IDs in the sub claim are changing, at the very least that's a bug in the doc you linked IMO. I'd have to read the full OIDC spec [0] to see if the sub must remain constant for the same end user, and if clients are required to validate the sub claim before processing a login. If so, and it's changing without the end user's identity changing, that is a bug in Google's implementation and client implementations for anyone using Google as an IDP. If it's allowed to change, though, and validating sub claim is not required in the spec, maybe clients are correct in not relying on it. [0] https://openid.net/specs/openid-connect-core-1_0.html#rfc.se... Edit: from reading the sign in with google overview, it's unclear if they claim to be OIDC compliant: https://developers.google.com/identity/gsi/web/guides/overvi... it says it's \"based on OAuth\" rather than \"implements OAuth+OIDC\" so I guess not being fully spec compliant wouldn't necessarily be a \"bug.\" reply andrewstuart2 1 hour agoprevThis is more of a fundamental issue with the way we rely on DNS to secure *gestures wildly* all the things. The fact that domains can expire and be registered by someone new allows the new owner to do almost anything the old owner could have done when it comes to anything trusting email addresses, or anything else relying on DNS (ACME certs) for authentication. It's great for \"do they own this right now\" validation and that's what we use it for, but beyond that links will be saved, email addresses will be added to databases and address books alike, and that's more or less a reality of most systems. For example, my snail mail (and occasionally packages) is still mistakenly delivered to my former addresses from time to time just because it's hard to track who has that address, and update it everywhere. The same goes for internet infrastructure. reply simondanerd 1 hour agoparentI was able to take over an Instagram account because I received a password reset email to a domain catch all address that I'd set up years ago. Turns out it was a whole brand, but they refuse to change the email address and don't understand that I'm going to shut it all down. It totally makes my site look bad (it was an adultish brand and I was working on a community project) and I now have the power (and ability to do whatever with the account and any other that I happen upon with an email at that domain. reply gmuslera 1 hour agoparentprevAt least it counts as a new category on the \"It's DNS fault\" list. reply Pxtl 27 minutes agoparentprevI disagree. DNS stores enough information in WHOIS to see if ownership has changed, it's not DNS' fault that nobody looks. Probably the least-wrong thing to do with current DNS is to have authentication servers keep track of the WHOIS UpdatedDate of email domains. If a WHOIS UpdatedDate is newer than the corresponding user's linked email address verification, that user's email address is no longer trusted. Next time they log in ask them to update or re-confirm their email address, and if they try to password reset they can't use an unconfirmed email address. Yes that's more tricky work. Authentication is hard. Nobody should be DIYing authentication anymore in this day and age, it's just too much. reply niij 25 minutes agorootparentWhat does this protect against? If the WHOIS changes because someone new buys the domain then they could simply receive this reset emails, no? reply paxys 8 minutes agoprevIt's crazy just how little effort it takes to get a \"Google = bad\" article to the top of HN. There is no vulnerability in Google OAuth. This is exactly how every OAuth server is supposed to work. If you take over a domain, you automatically own every email address in that domain, and thus whatever external account relies on that email for login. Heck the result would be the same even if that service didn't use Google OAuth, or any OAuth at all. Nothing in that write-up makes sense. reply Ronnie76er 19 minutes agoprevAs others have noted, this feels like an issue in the relying parties not relying on the `sub` field to validate the user. It feels the exact same as this issue here: https://bhavukjain.com/blog/2020/05/30/zeroday-signin-with-a.... In both, the details around the `sub` field, the field that should actually be used to identify the user, is poorly described. I would say that both of these feel a bit sensationalist, but then again, if relying parties are NOT using the sub field to validate users, they should be called out. It seems to be that a good way to make some money is find every such situation where RPs are not using sub, and submit vuln bugs. reply mcflubbins 1 hour agoprev> They also classified the issue as a “Fraud and abuse” issue, rather than an Oauth/login issue. I can _kinda_ see that, I agree they should mitigate it as best as possible too though, especially since they're Google after all. > I thought this would be the end of the story, but 3 months later, they re-opened my ticket (after my Shmoocon talk was accepted), paid a $1337 bounty, and said they were working on a fix. Sad how the only way to get Google's attention to make enough noise about something... reply dylan604 1 hour agoparent$1337 is a very curious amount. Surely, someone was being clever??? reply chasemiller 1 hour agorootparentyeah, google likes to have fun with the Bug Bounty program. See: https://bughunters.google.com/about/rules/google-friends/662... reply dylan604 23 minutes agorootparentit's funny that all of the soul has not been sucked out of the entire company reply mega_dingus 1 hour agorootparentprevIt's leetspeak It spells \"leet\" - see https://en.wikipedia.org/wiki/Leet You're too young to have used BBSes :) reply dylan604 1 hour agorootparentWhat are you on about? You clearly missed the sarcasm. reply richbell 1 hour agorootparentYour comment didn't seem obviously sarcastic. Intent is hard to convey over text. reply banger180 1 hour agoprev> “The sub claim changes in about 0.04% of logins from Log in with Google. For us, that's hundreds of users last week”. What I don't understand is why the `sub` claim is not consistent for those users at Google. To my understanding of the OIDC protocol the `sub` should be unique for a specific user. Additionally as far as I understand if you take over a defunct domain and create a new google workspace with new users those new user account should get assigned a new `sub`. reply caleblloyd 1 hour agoparentI agree, in my limited experience the sub remains consistent even when changing the Google Workspace domain. So the email changes but sub remains the same. The issue seems to be clients matching on email/hd claim instead. I wonder what action is causing the sub to change like the author suggests is happening. reply banger180 1 hour agorootparent> I wonder what action is causing the sub to change like the author suggests is happening. Indeed this would be very interesting. This issue is also very similar to CVE-2024-25618. What we did to mitigate this is the following: - Federated login with OIDC - Look for a user based on the sub claim - If they are found: authenticate that user and optionally update their profile (email, name, ...) based on then new id claims. - Else look for a user matching on the `email` claim and link the `sub` to that user - If no user is found create a new one reply loginatnine 1 hour agorootparentprevAt my current company, if an employee leave and come back, they'll keep the same OID in Entra but they'll get a new `sub` in Google workspace. We had to put in place a process to be able to use an internal tool that used the login with Google. That's most likely dependant on how the IT department handled the deprovisioning/provisioning of users in our Google Workspace, I unfortunately don't have the details for that. reply saguntum 54 minutes agoparentprevThat sub identifier changing without the underlying user changing may be the core of the bug. It's not fully clear from the post IMO. I posted a little breakdown here: https://news.ycombinator.com/item?id=42701030 I don't think the article clearly states one way or another whether those 0.04% of sub claims changing are legitimate end user changes or not. If those sub changes are legitimately the Google Account changing, I don't think that's a bug on Google's part, but rather is a problem on the clients' side for not validating the sub claim. If the sub is changing without the Google Account user actually changing, maybe something internally at Google is swapping out those IDs when it shouldn't be. It doesn't look like a UUID from the example I saw, so maybe there's some code somewhere to just change the user's ID if there's a collision or something? Interestingly, I don't think Google claims that Sign in with Google is fully OIDC-compliant. At least in the overview I linked in my comment, they compare the implementation to OAuth+OIDC, but I'm not sure they claim to be 100% spec compliant. reply robertlagrant 1 hour agoprevThe \"millions of accounts\" is highly speculative, is it not? It relies on the idea that failed startups keep their SAAS accounts enabled, rather than offboarding correctly. reply hangonhn 1 hour agoparentYou would think that because you're a reasonable person. However at my previous startup, which no longer exists, the new CEO failed to save the company and parachuted out so fast that the company who later acquired the startup couldn't get the domain name transferred to them because the CEO and CTO were both gone. They had to bring back the predecessor CEO because he was still able to log into the registrar to transfer the domain. In the case of a fire, some less than conscientious people will fend for themselves first and don't give a second thought to anyone else. reply robertlagrant 1 hour agorootparentI agree there will some number of companies doing this, between 1 and $number_of_companies. I'm just saying it's pretty unlikely it's all candidate companies, which the article seems to be saying. reply toss1 1 hour agoparentprev>> is highly speculative, is it not? I'd say NOT. Shutdown of a small company running out of funds is rarely fully orderly. Critical things may get taken care of, but everything is unlikely, as people have already left. Plus, with things like already-paid-in accounts, there's even an incentive to keep them open until the term expires, e.g., why not keep the prepaid ChatGPT API account live for execs and techs to use between jobs? Just like wiping hard drives on EOL computers — everyone should do it every time, but people are always finding full HDDs and SSDs on eBay and Craigslist... reply dylan604 1 hour agorootparentalso, there are lots of non-technical people running small businesses that use G services because that's all they know. They can barely operate them let alone be cognizant of things like this \"exploit\". reply bpodgursky 1 hour agorootparentprevNot just this, but execs and employees like to keep websites live for a while while they job-hunt (otherwise their resume has dead links). And ideally keep their name@startup.com email working. But to keep those running requires a long tail of \"live\" DNS and finance stuff you can't quite close out. reply dylan604 1 hour agorootparentWouldn't it be cheaper just to pay for the domain registration for an extended time like 10 years vs the 1 or 2 year options? reply dvydra2 37 minutes agoprevThis actually happened to me a few years ago when I closed my consulting company. My bad, I know. My domain was taken over by someone in Vietnam. Back then, he was actually able to see my old emails via the Google Apps. Grandfathered free Apps accounts was a big part of the value proposition. He demanded $500 to delete my emails and docs. I offered $50 for his trouble since I recognized that I was at least partially at fault but he refused. To his bad luck, one of my main clients was Google itself. I reported him via my internal connections and the next day got the following email: \"Oh my G-d, all forty of the domains I bought got Google Apps cancelled\". reply erincandescent 1 hour agoprev> To resolve this issue, Google could implement two immutable identifiers within > its OpenID Connect (OIDC) claims: > 1. A unique user ID that doesn’t change over time. > 2. A unique workspace ID tied to the domain. 1. is the OIDC `sub` claim! I strongly suspect that in those 0.04% of accounts where the anonymous quoted engineer reports that the `sub` claim changed, what actually happened was some provisioning/onboarding/offboarding system resulted in the account being deleted and recreated. 2. is sensible, and is just a versioned version of the `hd` claim. reply anon84873628 47 minutes agoparent1. Yep, your hypothesis seems likely. Consumer gmail addresses can't be used again after they are deleted, but it seems in Workspace orgs they can be reused/reassigned after 20 days: https://support.google.com/a/answer/33314?hl=en&co=DASHER._F... If services are not respecting the `sub` claim in this case, then they are giving the new Google account access to the old account's data. Companies probably wouldn't complain about this because they think it is the expected/reasonable behavior. Also it's likely that in many scenarios it is the same human behind the different accounts, e.g. if they leave a company then return. reply tom1337 1 hour agoprevIs this really an issue? Back when I implemented Google OAuth I used the \"sub\" that Google gave me as well as the email. I'd wager that Google does not re-use a sub for the same E-Mail so if the account is deleted and then somebody grabs the domain and re-created the account they'd have the same E-Mail but a different sub which would make the login fail. Seems to not be an issue in Google's OAuth Flow but rather the implementation on services like ChatGPT and so on?! EDIT: Just read that they claim that “The sub claim changes in about 0.04% of logins from Log in with Google” - never had this happen in the past years but if this is true then I guess thats a bad thing. reply throw0101c 23 minutes agoprevIn iSCSI, there are a few options for addressing the block storage devices, with one being the iSCSI Qualified Name (IQN) that uses the domain name. But it includes a timestamp: - A date code, in yyyy-mm format. This date MUST be a date during which the naming authority owned the domain name used in this format, and SHOULD be the first month in which the domain name was owned by this naming authority at 00:01 GMT of the first day of the month. This date code uses the Gregorian calendar. All four digits in the year must be present. Both digits of the month must be present, with January == \"01\" and December == \"12\". The dash must be included. * https://datatracker.ietf.org/doc/html/rfc3720#section-3.2.6.... * https://en.wikipedia.org/wiki/ISCSI#Addressing iqn.2001-04.com.example.storage:tape.sys1.xyz iqn.2000-02.edu.example.cs:users.oaks:proto.target4 * https://datatracker.ietf.org/doc/html/rfc3721 Clever idea to note change of ownership situations. reply swframe2 1 hour agoprevRelated maybe, I got a new phone number and I was able to use it to sign into the previous owner's account at a site that uses 2FA. I noticed it when I tried to setup a new account for myself. The website wouldn't allow it but it happily allowed to me access the previous owner's account. It was inconsistent, removing the phone from their account required their password but changing many other important fields didn't. reply maerF0x0 54 minutes agoprevSeems like we need a chain of custody for domains, not just current ownership. Kinda like real estate. And then accounts are tied not just to the ownership state, but also the ownership instance ID. Just don't tell the web 3.0 folks cause I don't necessarily mean a blockchain. reply verdverm 50 minutes agoparentWeb 3 already tried this, it was called Handshake. I think their downfall is they wanted to replace ICANN / DNS rather than work with and alongside the current system. reply seeknotfind 54 minutes agoprevDon't let domains you use lapse. Never get rid of a phone number. reply SillyUsername 50 minutes agoprevWell they have kind of known about this kind of problem for 14 years https://issuetracker.google.com/issues/35889152?pli=1 although this is not a domain issue it is one where people can't unlink from company project ownership. reply landryraccoon 7 minutes agoprevIf you think this is bad, wait until you move physical addresses and don’t notify all your creditors! Literally ANYONE who moves into your old house will have access to your bank statements, credit card bills, tax forms, auto registration and who knows what else. And it will all come plaintext and unencrypted! reply pfooti 35 minutes agoprevI think the problem is here in the doc: I have worked with a few of these downstream providers to look for a solution. There is a documented unique user identifier (the sub claim) that could theoretically prevent this issue, but in practice, it's unreliable ... According to a staff engineer at a major tech company: “The sub claim changes in about 0.04% of logins from Log in with Google. For us, that's hundreds of users last week”. The real solution is to use the sub claim, and not hd/email. If sub is unreliable, let's fix that. That said, I'm surprised sub is documented as unreliable here; I wonder if there is perhaps something else going on. I've done a lot of work with oauth and I haven't found sub to be so mutable, but then again, who knows maybe I just missed it? And yeah, lapsed domains => domain takeover => email takeover and impersonation will always be a baseline problem, independent of oauth. reply ciaovietnam 1 hour agoprevThe email returned by OAuth providers is not always verified and thus cannot be trusted, anyone relies on the email as the ID is open to compromise. The sub claim should always be used as the ID, if you can prove that \"the sub claim changes in about 0.04% of logins\" then it's Google flaw and they should fix it, otherwise it isn't and there is no need to add another ID to the claim. reply _pete_ 1 hour agoprevThankfully, apparently this only affects Americans. reply lysace 1 hour agoparent:-) reply r00tbeer 48 minutes agoprevAvoiding this scenario is why Google will renew all the domains for every startup it has ever acquired in perpetuity. reply simiones 2 hours agoprevI would be curious if any other Identity Providers that implement OAuth have mitigations for this issue. If you used sign in with Microsoft or Okta or PingFederate, would those provide different claims to the service? reply p_ing 1 hour agoparentIdeally the trust with the SP would be using a cert. This requires the SP to implement this portion of the standard and the IT department to follow through with implementing a cert. The cert can be self-generated, so there isn't a cost for the cert itself. reply ratg13 1 hour agoparentprevEvery provider has their own set of flaws. Microsoft had a flaw for awhile where you could just change a user’s email to anything with no verification.. and if the SSO implementer was only checking the email field, you could impersonate anyone. reply somanyphotons 41 minutes agoprevDomains are for life, you can never let them lapse reply richbell 1 hour agoprevI'm not sure I agree that it's a flaw in Google's OAuth implementation. Domain ownership is the source of truth for many systems and, as the article alludes to, expired domains can be abused in a variety of ways. reply verdverm 47 minutes agoparentWe've also seen this in the dependency management ecosystem. reply rdtsc 1 hour agoprev> Shmoocon talk accepted - Dec 9, 2024, Google re-opens issue - Dec 19, 2024 Wondering what the internal process there was at Google? Is someone's job to cruise around the various conferences and dev events to look for any Google mentions and report back. Did Google really consider it an issue or just wanted it avoid looking bad in public after the talk was accepted. reply dylan604 1 hour agoparentYes, there are roles where people do nothing but search their names/products/etc specifically to see what people are saying. Hell, some people do it on themselves to the point there are phrases like \"vanity search\" or \"egosurfing\" reply richbell 1 hour agoparentprev> Is someone's job to cruise around the various conferences and dev events to look for any Google mentions and report back. Someone in Google's security team likely saw the talk, or the original blog post, and pushed internally for them to award something. reply ongy 1 hour agorootparentYea. The leet amount of payout seems like this was someone saying that the classification was technically correct, but it's worth fixing either way and it'd be nice to pay an amount. reply riffic 1 hour agoprevGoogle may have quickly closed the original report because a company like that is soooo overwhelmed with garbage security reports and at first glance it is noise, not an actionable item to fix. there's a term for this that I can't quite recall off the top of my head. Bug Bounty Trolling? reply bananapub 1 hour agoprev [–] what a shitty headline and opening paragraph. anyway, if you use SSO on a domain and then let the domain drop, you're an idiot and there will be bad consequences for your data. reply GuidelinesFAQListsAPISecurityLegalApply to YCContact Search:", + "originSummary": [], + "commentSummary": [ + "The discussion highlights a vulnerability in Google’s OAuth login system when a failed startup's domain is acquired by a new owner, potentially allowing unauthorized access to services.", + "This issue arises because Google may not distinguish between the original and new domain owners, affecting any system that uses domain-based authentication.", + "A proposed solution is to use unique identifiers that remain constant over time, though the implementation of this solution varies among identity providers." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Using coding skills to make passive income", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "Using Coding Skills to Make Passive Income A decade of firsthand advice on going from an employed software developer to successful indie hacker running your own business(es). Jan 14, 2025 — 24 min read In 2017, I stepped down from my job as CTO of a 150-person software company to see if I could make money selling my own software on the Internet. Eight years later, I am now a full-time “solopreneur”—running a portfolio of revenue-generating software products as a full-time job. I now set my own hours, take vacation whenever I want, and, amazingly, earn more than I ever did as CTO. In the talk below, I’ll share how I did it and what I learned in the process. I’ll share the skills that programmers should pick up in order to start selling software on the web, including both technical and non-technical ones. I’ll discuss how to get started, evaluating your ideas, building your product, and getting your first users and customers. The talk will draw from years of work building and selling software myself, as well as the experience I’ve gained from helping hundreds of others launch their own businesses with SaaS Pegasus. If you’ve ever wanted to turn your coding skills into revenue-generating side-projects, I hope this talk both inspires and helps you to get started. TL;DR Someone on Reddit asked me to provide a TL;DR for the talk. This was my off-the-cuff response: First you have to make space in your life for it. You need long blocks of time for deep work. The first idea you pick is unlikely to work, so pick something and start moving. Many of the best products come out of working on something else. When building, optimize for speed. Try to get something out in the world as quickly as possible and iterate from there. Pick a tech stack you’re familiar with, that you’ll be fastest in. Try to spend half your time on marketing/sales, even if you hate it. The most important skill you can have is resiliance. Not giving up is the best path to success. This is hard because there is so much uncertainty in this career path. It’s worth it! The autonomy and freedom are unmatched by any other career. The talk This talk was the closing keynote of PyCon South Africa on October 4, 2024. It’s 30 minutes long, plus another 15 minutes of Q&A. Alternatively, read on for an annotated transcript which I made using a process very similar to Simon Willison’s. The transcript I’m going to talk today about using coding skills to make passive income. This email announcing the talk made me laugh, because the title does sound like clickbait. Hopefully this is the non-clickbait version of this topic. I’ll leave it to you to decide. First I have to explain my job. “So, what do you do?” Whenever I get this question I never really know how to answer it. The most boring answer that I give is I’m a software developer, but I also run my own business. If people know these words, I’ll say I’m a solopreneur or an indie hacker. If I’m feeling really specific, I’ll say I run a portfolio of revenue-generating technology products, which is a bit of a mouthful. If I’m feeling cheeky, I’ll say I make apps that make money while I sleep or… whatever I want? How I actually earn a living is through a portfolio of technology products that are monetized online. Basically that means I make stuff and I put it on the internet, and some of it makes money—either through a one-time payment, a subscription,ads, affiliates, etc. I have a bunch of different things that make varying amounts of money and every day I just kind of work on one of them, support it, build a new thing, and so on. Here’s how I got here: Sorry, this slide had a lot of transitions and so the image doesn’t translate very well. I started possibly like many of you in a normal corporate gig. I didn’t last very long and I joined a friend’s company called Dimagi. When I joined we were like three people and he was like ‘hey you want to be CTO’ and I was like ‘yeah I’ll be CTO’ and I basically larped as a CTO for a few years. But the company became quite successful, and then before I knew it I was the CTO of like a 200-person company and I had like a 35-person team under me. I was supposed to be a real CTO now, and I was, but I also kind of hated it. I was doing all these meetings and management and I hardly ever got to write code. And I eventually burnt out. So I told my friend I needed a break. I decided to take like a six-month unpaid sabbatical to figure out my life. On that sabbatical, I discovered this website called Indie Hackers which basically is a website that told stories of people doing what I do now—building these random apps and making a living off them. I thought “okay that sounds cool, maybe I’ll try that” and so I decided in those six months that I was going to try to earn one dollar doing this indie hacker thing. The first thing I did that succeeded was incredibly silly and I’m still kind of embarrassed about it, but it’s basically an app that lets you make place cards—those little cards that you find at weddings and other events. You upload a spreadsheet of your guests to this website, you download a PDF, you pay me like $5 (100 ZAR). And I was surprised that it actually worked! I made my first dollar and I was completely addicted. It was this most incredible feeling and so then I tried to do it over and over again. Eventually I thought “I bet other people want to do this over and over again too,” and so I got kind of meta and built this product to help other people launch their own apps. This is SaaS Pegasus—a configurable Django codebase that I now sell and how I make probably like 80% of my money now. Today, I’m blown away by how many people have built really cool products and really successful businesses on top of Pegasus code, including YCombinator companies and also just random people’s hobby project that they’re doing with their friends. It has over a thousand people using it, probably hundreds and hundreds of real products have been built with it, which is pretty fun. Let me now clarify some key attributes of this path. I’m talking about products, so the key thing is you’re not trading your time for money—this is something that someone just buys and you get paid without having to do an hour of work for it. I’m talking about monetized stuff. Passion projects are great, I love passion projects, but this is specifically for people who want to replace (or supplement) their income. I’m talking about bootstrapped, which basically means you’re not trying to raise money—you are trying to earn enough from your own profits so you never have to raise money and you can take the profits yourself. Finally, it’s a calm path—the goal is not to grow a 100-person company. You could, but my goal was never to grow a 100-person company, it was just to have this kind of calm, enjoyable life with lots of freedom. A relatively mainstream term for this is indie hacking. My goals for this talk are two: The first is just to kind of convince you that this is a possible career path that you can consider. I think a lot of people don’t think of this as a career path, but it is. And then if you decide that maybe you want to give it a shot, hopefully to give you some tips that help with your chances of success. Here’s my diagram for how this can be achieved: The first thing you have to do is create space in your life. For a lot of people I think this is probably the hardest part—just finding the space to pursue something like this. Then you enter this iteration cycle where you’re basically taking a shot at something, and if it doesn’t work out you apply the lessons learned and take a shot at something else. That doesn’t necessarily mean building a new product but could be trying a different approach to marketing, trying a different way of presenting the UX, and so on. Hopefully eventually something works and then you come out the other side and… profit! Let’s talk about making space first. So what do you need to get started? The kind of boring answer is, basically, nothing! Besides time. And you need a particular type of time where you can do deep focused work on a consistent basis. Which is not always easy to find. So how do you make time? I think the most common path is to fit it into your nights and weekends. This is my friend Wisani who created an app called Boardroom which is like Tinder for LinkedIn. It’s growing pretty popular in South Africa and he’s got like 10 other projects. He’s done all this while working a full-time job at Allan Gray and I think also getting an MBA. Doing this at nights and weekends is definitely the least disruptive way to pursue this career, but it’s really hard. For me, I have kids, I’m always tired at the end of a long day of work—this just wasn’t an option. So what if you can’t pull this off? Another option is to just kind of YOLO it. This is where you quit your job and you’re like “cool I’m going to quit my job and I’ve got twelve months of savings in my bank account and I’m just going to make this work.” I think this is usually not a great plan—it puts so much time pressure and financial pressure on you to succeed. And there’s just so much variance—it’s not like if you just work your butt off for a year you’re guaranteed to succeed in ways that some jobs are more like that. What I did, and the path that I recommend, is more of just a patient thing where basically you try to integrate this quest into your regular life in a slower and more sustainable way. Typically that means working less, and therefor either earning less—you ask your boss if you can have Fridays off and get paid 80% as much—or getting paid more per-hour by switching to contracting or freelancing. Then you build some products and basically whenever those products start earning, you can sort of re-adjust the hours until it works. This is my actual income for my first seven years on this journey: In 2016 I was a full-time employee. In 2017 I went on sabbatical and started doing this thing and I dropped down to halftime at my job and filled most of my income with consulting. I just tapped my network and said “I’m available, I’m going to charge a lot”. And thankfully, some people said yes. There’s this tiny little sliver of yellow there and that’s me selling those place cards. But basically what happened is that it was like a snowball that feeds off on itself and so year two I made a bit more, year three I made a bit more, and I eventually dropped down most of my consulting and then I finally quit my job. Obviously this took a long time, but the nice thing was that I was never stressed out. There was never any financial pressure on me. Now I’m going to jump into the main iteration cycle. I want to zoom in on what this looks like. It’s a simplification but basically you pick an idea, you build it, you sell it, and then you repeat. Going back to the “anyone can entrepreneur” thing—none of this is fundamentally hard; it isn’t rocket science. If you can teach yourself how to code you can teach yourself how to market, or how to validate ideas. This is all stuff you can learn. But it involves massive uncertainty. What that means is you want to go through the cycle as much as possible because on any given iteration you don’t know what the outcome is going to be. If you spend your first two years building a product and then come out the other side and realize nobody liked it, then you’ve wasted a lot of time. Whereas if you can figure out the product is flawed in two weeks or two months then you can go through the cycle a lot faster (and many more times). I like to think of myself as a one-person venture capital portfolio. A VC fund will typically invest in 100 companies and they will expect 90 of those companies to completely fail. But, if they find the next Facebook or the next Uber then everyone who invested in the fund makes tons of money. I think you should think of yourself in the same way where you want to take as many shots as you can on goal, hoping that one of them succeeds. Obviously you’re not going to be the next Uber, but you’ll start making $10, $100, and then eventually you can direct your energy into that project and grow it. Here are some examples from the indie hacking world about this: Sorry, this slide also got mangled by the transitions. Pieter Levels, who just sleeps in vats of money, says his hit rate on projects was about 5%. But that was still enough for him to have this incredible career doing a very similar thing to me. There’s this guy Rob Hope who is a South African—he’s got this project graveyard on his website where he documents all the things he’s tried that have failed. Another example from Twitter, this guy Pat Walls published his failures, and I stole his format and published my own version. Basically you can see I’ve done a lot of these things and only a small number of them have actually worked out. So a lot of things going to fail, and therefore you want to go through them as fast as possible. Let’s look at picking an idea. This is a diagram that I borrowed from a successful entrepreneur named Rob Walling. The key here is basically you want to walk up these steps of difficulty. You want to start on step one with the smallest, easiest possible thing that you can do. For me, that’s like someone can give me $5 to buy a PDF of placecards—that’s a very easy thing to build, and a very easy thing to sell. Once you do that, then you try to do it again, and again, and eventually if you are successful then you kind of own your own time. That’s step 2. Rob’s step three is to go do a big ambitious thing. I drew a dotted line there because you don’t have to go to step three—you can just have a bunch of step two projects and be having a nice life as a developer with a lot of freedom. Go take a moonshot if you want, but you can just do stuff in step two and I recommend that too. That’s kind of where I’ve landed. Start small is the key in terms of thinking about ideas. Your ideal first project should be easy to build, easy to support and easy to sell. And it’s actually good if it’s not a unicorn idea. Don’t try to build the next Facebook or Uber or OpenAI or whatever else—you want to find a really specific niche and go in there. So how do you come up with ideas? There’s lots of stuff you can read on the internet about this by people who know and see a lot more than me, so I’m not going to give specifics apart from saying just go do something! Using an example from my own life: I got married, we had this issue where we had to print these stupid place cards that led to me building this place card application and that was my first thing. Then I was building these applications and I was like “oh that’s another problem” so then I built SaaS Pegasus. Then I had this SaaS Pegasus community that I was trying to support and I kept answering the same questions over and over again so I thought “oh I’ll build a RAG chatbot.” Through building something I found a new problem and then I could go build something else. Don’t do something just because the first thing you’re going to pick is going to work, but do something because by doing something you’ll just get exposed to more stuff and then that will lead you somewhere interesting. Just keep following interesting problems until you find one that you want to solve. I want to quickly mention this book “The Mom Test” which is a great book about idea validation. The key point from this book is when you’re trying to pitch a startup idea to anybody, they’re going to talk to you like your mom would talk to you. You’re going to pitch your thing and they’ll say “sweetie that’s such a good idea, I love it, you’re going to be so successful.” People do this because they don’t want to burst your bubble. You’re coming to your friends, you’re coming to your co-workers saying “I got this cool idea for an app”—no one’s going to tell you that idea sucks, because they want you to not have your confidence destroyed. This is a really good book that hammers that concept home for you and then gives you a framework for trying to get around the fact that everybody’s kind of lying to you when you pitch your ideas. Now I’m going to talk about building and specifically building an MVP—a minimum viable product. Probably a lot of you have heard of MVPs. Basically it’s like you’re trying to build the smallest, useful version of your thing. In this example, a skateboard is useful—you can ride a skateboard and get from point A to point B, whereas if you have a wheel of a car or an axle of a car, that’s not useful. There’s also a concept called an SLC which stands for simple, lovable and complete, which I really like. Before we talk about MVPs, let’s talk about why indie products fail. Why do indie products fail? The main thing I want to emphasize here is indie products are different from most big company software that probably a lot of you have worked on. In traditional day jobs at places like Amazon, you’re probably dealing with legacy code and maybe the person who wrote it left and there’s no documentation and there’s all these scaling issues, performance issues—and none of this matters in the indie world. If you’re building independent projects, the reason that you’re going to fail is no one wanted what you were building, you didn’t market it, or you ran out of time, money and motivation. The takeaway is just when in doubt, optimize everything for speed. That optimizes for how fast you can get to market, how fast you can respond to feedback, how fast you iterate, and how fast you realize your idea was really dumb and you should go do something else. I’m not saying write a bunch of terrible code—I’m just saying be smart about it. Taking something like tests—you shouldn’t care about code coverage or anything like that. What you should care about “is if I write this test, am I going to be able to modify this code more confidently faster later?” If so, do it. If not, maybe don’t worry about it right now. In other words: “Don’t overthink it.” Now let’s talk about design. Design is often the weakest spot for developers and it certainly was for me. Thankfully, you don’t really have to be a designer to make good-looking things anymore. There are all these different open source and paid templates where you can just get these really beautiful designs that work on all screen sizes and they have component libraries you can just drop everything in. You really don’t have to do any design—you can just steal other people’s designs and I recommend doing that again just because it’s faster and because you can make it beautiful or unique later. Also, you don’t have to start from zero. This is a bit of a shameless plug but it’s also the case that I’ve seen a lot of people use products like SaaS Pegasus (mine) to launch their products way faster. They are called SaaS boilerplates, or SaaS Starter Kits. It’s a whole product category with both open source, free and paid options. These projects often have a ton of stuff built for you. Then, instead of your first two weeks just being “okay I’m going to build user accounts and I’m going to build billing and I’m going to build multi-tenancy” and all this stuff, you just have all that ready to go and can focus on the one thing that you need to do. Ok, big question: what tech stack should you use? There is a right answer to this. The answer is: the one you know. If you want to learn a new tech stack as a fun educational project that’s great, but if your goal is to get this revenue-generating product in the world, you want to be working in something you’re familiar with because you want to be as fast as possible. If you don’t know anything, just pick something popular. Popular things have the best communities, best documentation, the language models are the best at working in them and so on. I use Django, HTMX and Tailwind for most of my stuff—I like it but you should do what you know. And remember, if you’re not embarrassed by the first version of your product, you’ve launched too late. That’s a quote from the founder of LinkedIn. This was the landing page for Place Card Me that I used for the first year or something like that. Those are literally font awesome icons and just this giant stupid button. You have to get comfortable putting things out into the world that don’t meet your level of internal quality because you just have to try it. Starting the feedback loop is much more important than building a perfect thing. Let’s move on to selling. I think one of the biggest fallacies that I see in developers is this idea that if they build the best product in the world, they’re going to be successful. They think the reason that some software is successful is because it was the best product, when usually it is because that product had the best marketing team or some combination of a great product and great marketing. An uncomfortable truth is that you will need to spend a lot of time selling your product through marketing or sales. There’s this book “Traction” that I recommend, which is where I got the takeaway that I should be spending half of my time on marketing and sales. I think of it like eating my vegetables—I love coding, I hate marketing. It’s like “I have to do marketing today” and it’s like eating my vegetables before I can have my french fries. I also recommend selling your product before it’s ready. I’m sure we’ve all had this experience where you find some app that looks really cool and you want to sign up, and then you just get this popup asking for your email address. As a consumer, that’s super frustrating, but as an app builder this is really useful for two reasons. One reason is that if you can’t get someone to give you their email address, then it’s going to be very hard to get them to pay you. It’s a good proxy for whether you’re building something that anyone is even remotely interested in. You put this up, figure out a way to drive traffic to it, and get a bunch of emails - that’s a good sign. If you drive a thousand people to this website and don’t get any emails, that’s a bad sign. It’s also really important to have people to tell about your product when it’s actually ready. What often happens is someone will build in the darkness for a long time, they’ll launch their product, put it on Hacker News or something, nobody notices, and then they think that they failed. But they haven’t failed, they just had unrealistic expectations of success. If that person instead had a list of 200 people that they knew were interested in their product, then before launch they could email 20 of them and set up Zoom calls to walk through it and get feedback. You can iterate there, email the next 20, and so on. Then when you actually launch you email the whole list. Hopefully you have people jumping into your product from day one, and it’s better than it would have been otherwise. Let’s talk about getting your first traction. These are some strategies that worked for me. Communities are a really good place to find early users. The great thing about communities is they’re incredibly niche. If you’re building a product for plumbers who play Dungeons & Dragons, there’s probably a Reddit for that, probably 20 Facebook groups for that, and you can go immediately into those communities and talk to your ideal customer profile. One thing to know about communities is that all marketers use them this way, so communities hate marketers. They develop a pretty strong immune systems towards people doing marketing stuff. So go into communities tactfully, be nice in the community, add value, and mention your product when it’s relevant. This is a great way to find early users. Ads are another good way to find early users. Google sponsored links are very prominent, and you can use ads on tons of other platforms. Ads are great to try to answer that question of whether anybody wants what you’re building or if anyone can figure out how to use your product. You can just pay a bit of money for a hundred people to come play with your website and figure out what’s happening. I don’t recommend using ads as a way to make money—you will lose money on this exercise (at least in the beginning)—but you’re essentially trading early bits of money to do some user research. Cold outreach is another uncomfortable one that also works sometimes. When I was building Place Card Me, I spent an hour a day just reading wedding blogs and writing long personal emails to wedding bloggers. I would do this every day and most of them never responded to me, but one of them did. This person helped me tremendously in terms of teaching me about the industry, gave me backlinks on her site, and gave me some place cards designs. Cold outreach can be a good strategy, though it’s getting harder in the age of AI spam. It’s better to write one really good email or Twitter DM than to find some tool that uses an LLM to write a hundred terrible ones. Content is my main way that I market my stuff today. Basically, if you’re building a product for a specific industry you create content that’s useful for that industry. I target Django developers, so I write content about Django. Then people who are Googling how to deploy Django or how to connect Django to Stripe find my guides, and that’s a nice way to get exposure to my product. You get backlinks and so on. I do some of this stuff on YouTube now also. Video is huge—I don’t have really any YouTube following but it still drives a good amount of traffic. This is something that you can do as an individual, just writing these blog posts or recording little screencasts. I hesitated to put this slide on, but this was something that I did a lot which is called “building in public”—that’s just where you share what you’re working on publicly. I did this on my blog. You’ll see this on Twitter all the time; it’s gotten to be a very noisy channel. But the nice thing about this strategy is it requires no work. You just work on your project for two hours and then post a screenshot of what you did. Maybe a few people will find what you’re doing interesting, follow along your journey, and then they become little advocates that will try your products or connect you to other people. Now I want to talk a little bit about psychology. I lied with this diagram—this is not the only thing that happens. There’s another path which is not as good: giving up. Courtland Allen, who is the founder of Indie Hackers, interviewed hundreds of people who have gone down this path. When asked what his biggest takeaway from the success stories was, he said all you have to do is just not quit. There was no other generalizable advice he had—just don’t quit. So how do you prevent yourself from quitting? One way is by having infinite runway, which I talked about already. Setting things up so that money is not the reason you quit is a good way to eliminate that particular constraint. You still might run out of motivation, though. In order to stay motivated, I think one of the most important things to do is to just manage your own expectations. I like this quote from Bill Gates: “Most people overestimate what they can do in a year and underestimate what they can do in 10 years.” This really resonated with me. If you think “I’m gonna go down this path and take a shot and spend three months and launch my app” and then it didn’t work so you quit—that happens to a lot of people. Instead, if you think of it as more of a five-year journey or a ten-year journey, you’re just going to take these really small steps that don’t really look like they’re working, but they’re cumulative and eventually they add up. Embracing learning is another important one. This is kind of like a Dungeons and Dragon’s character skill chart—probably the average person in this room is a pretty good coder, maybe knows a bit about product and marketing and other skills. But in order to really succeed in this career, you have to look more well-rounded. The hard part is really just embracing the idea that you’re going to learn these skills that don’t feel comfortable. I’ve never enjoyed marketing or wanted to be a marketer, but it was something that I had to learn in order to sell stuff. If you’re not willing to get outside your comfort zone and learn things that are outside what feels comfortable, you will probably have trouble. Finally, be resilient. This is a funny graph showing how much money I was making every week on Place Card Me in the beginning of 2020. Things were going great—I was making up to $400 a week, and then all of a sudden there was a global pandemic and people weren’t having weddings anymore. My primary source of passive income just dropped to zero overnight. That’s just one example of things that happen to you because this is a very unpredictable career. The highs are really high, the lows are also really low, and you have to be resilient to these ups and downs. Going two weeks without earning any money and then one day a bunch of money appears in your bank account, it’s a very stressful thing. You have to get used to these big swings that you just don’t have in a salary job. But if you emerge on the other side, hopefully you can profit. This is from my very first blog post when I first started - I just wanted to get someone to pay me a dollar on the internet. That was my goal. Eight or nine years later, I am making more money than I ever made as CTO of my company. But more importantly, it’s a very nice lifestyle. I have time to hang out with my kids whenever I want, I can go on long vacations, nobody tells me what to do, I can take meetings whenever I feel like it (or never). So yeah, I recommend this career. And if it sounds interesting, I recommend you give it a shot, and see if you can make it happen. Thanks for getting this far! If you liked this you can comment below, share it, or subscribe to get email updates when I publish new stuff.", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "Using coding skills to make passive income (coryzue.com)167 points by czue 5 hours agohidepastfavorite90 comments _DeadFred_ 47 minutes agoWhen my life was falling apart and I was trying to fix my relationship with my ex she dictated that we spend 'quality' time together which meant watching horrible reality TV while she was on insta on her phone. Out of mind numbing boredom I made a system for SEO spam websites during this time. I would take expiring domain names (so names someone had gone to the trouble to research but been unable to make work) parse out keywords and lookup popularity for them, lookup ad rates for them, and spit out names to buy and make a SEO spam site for (goal was 300 websites making $1 a day or $100k a year), or good names to domain squat. If a domain turned out bunk I threw my link-spam-network software on it to provide linkbacks to my money/new sites. I made around 30k profit a year plus another $5k selling domain names doing this before life fell further apart and it rotted on the vine. I was really tempted to sell it as a package but could never bring myself that low even deep in addiction. Plus Google started cracking down on that trash. I still think the concept of 300 somethings (though please not SEO spam) that make a dollar a day is viable for us here though because we're in the unique position where the creation/maintenance is just a matter of our spare time since we can do the specs/design/coding/administration/maintenance/etc ourselves. It seems like there are still people doing this. Look at new car model forums. Everytime a new car models is released there's a rush to create discussion forums for that model with people hoping Google blesses theirs so they can add it to their portfolio of money maker car model forums. Maybe the secret sauce is forcing yourself to watch reality TV until your mind rebels and says 'fine, grab me the laptop and we'll make mind numbingly boring software products as that is at least better than watching this'. Edit: To clarify this wasn't my income source this was just what I did while being forced to watch 'The Kardashians' for bonding time. reply dmitrygr 30 minutes agoparentThe world does not need more spam. I do not think watching the Kardashians was punishment enough for you. I wish it was Barney theme in a loop at 100dB reply _DeadFred_ 2 minutes agorootparentYeah I was ashamed to share this anecdote. But decided maybe it can do a little good motivating someone to counter the bad. And I'm pretty sure SEO spam doesn't work anymore so it shouldn't encourage more evil. reply lngr 3 hours agoprevThis is what I call meta advice. He makes most of the money now from persuading others starting a passive income side gig, for which he coincidentally has a starter pack to sale. While this might be a reliable income, it is in no means a template for other people to start a successful passive income business with a working business idea. reply SketchySeaBeast 3 hours agoparentIt's been repeatedly shown that the best alternative source of income is selling to people looking for alternative sources of income. reply aatd86 3 hours agorootparentOne extra level of indirection always solves everything. reply ipython 1 hour agorootparentBusiness idea: I can sell you a list of people who you can then pay to tell you how to make money on the internet! reply el_memorioso 1 hour agorootparentprevExcept for too many levels of indirection. reply avgDev 2 hours agorootparentprevWhen there is a gold rush sell shovels. reply SketchySeaBeast 2 hours agorootparentThe modern version of that is GPUs. reply scarface_74 28 minutes agorootparentOr consulting… reply madcaptenor 3 hours agorootparentprevIt worked for Levi Strauss. reply czue 6 minutes agoparentprevThis is a fair general critique of a category of advice that I try hard not to fall into. It is true that I make a fair share of my income from a starter kit, but I tried quite hard to generalize my advice and only mentioned it in passing once or twice (and the only slide that really pushed it, I acknowledged it was a shameless plug). If you read my writing[1], it will be clear that I've been documenting my journey in a probably-too-transparent way long before I had a product that benefited from getting exposure to other developers. This talk is mostly just a distillation of that knowledge, because I have graduated from \"idiot figuring it out\" to \"experienced person who may be able to say something useful for beginners\". Also, for the record, I hate that starter kits became one of the trendy (and sleazy) products in this space, exactly because it generates reactions like this. I wrote about this last month[2], saying \"They make the whole industry look bad, and make me feel like a grifter selling Pegasus, even though I have worked my ass off on it for 5+ years and think it’s great. Maybe a corollary to this point is that I kind of don’t like marketing in my industry anymore?\" Again, I think it's a fair general critique and a correct reaction to this type of advice, and also I hope that I didn't really do what you said if you read or watch the contents of the talk. 1. https://www.coryzue.com/writing/ 2. https://www.coryzue.com/writing/dec-2024/ reply hn_throwaway_99 7 minutes agoparentprevDo you have more evidence of this? I'm genuinely curious. I read the whole post, and perhaps I missed it but I didn't see a breakdown of his income streams. I say this because, at first blush, I was glad that a bunch of the products he listed that he built seemed generally like real products that I could imagine people finding useful. I say this because it feels like, in contrast, so often in these solopreneur posts they're selling some kind of scammy SEO or ad-spam tool. So yeah, I'd be bummed if this guy turned out to be the tech equivalent of \"Buy my real estate investing course!\", and just curious if that's really what this is. Edit: Nevermind, I saw https://www.coryzue.com/open/. reply factorialboy 2 hours agoparentprevWell, I agree and disagree with this comment. For a minority % for whom Django is the tech-choice, there indeed is a product being offered. But for them, and the majority who might not choose Django, there is enough general-purpose advise in this essay. Everything is meta. Even a shower, a clean shave, and a well-tailored outfit can be classified as marketing / lead-gen / sales. As can brushing your teeth :) reply TheCapeGreek 1 hour agoparentprevCory built and grew SaaSPegasus to success long before the starter kit trend among indie hackers of the last year. reply scarface_74 26 minutes agorootparentEven that is selling a platform to other people trying to start a business that probably won’t be successful reply latexr 1 hour agoparentprev> This is what I call meta advice. That’s what I call a grift. Your description reminded me of Dan Olson’s fantastic video on that type of strategy—where you make money by selling the idea that anyone can make passive income by doing something the seller doesn’t themselves do (anymore)—using the Mikkelsen Twins as the example. In Dan’s words (emphasis mine), the Mikkelsen Twins aren’t special, grifters like them are a dime a dozen. He chose them as the example “because they are of a type. They are a representative sample of a category of grift. And also because they’re kind of incompetent and that makes them entertaining”. He’s not wrong. https://www.youtube.com/watch?v=biYciU1uiUw reply stronglikedan 1 hour agoparentprev> it is in no means a template for other people to start a successful passive income business with a working business idea. it is when the working idea is to sell a template for other people to start a successful passive income business reply bloomingkales 58 minutes agoparentprevhttps://youtu.be/Cv1RJTHf5fk The immortal grifter Tai Lopez lives on. I’m a lot more proud of bookshelf you see. reply sky2224 47 minutes agorootparentI can't believe that video is almost 10 years old now, wow. reply amelius 1 hour agoparentprevSounds like the main ingredient of a Ponzi scheme to me. reply ge96 3 hours agoparentprevsell the shovel reply czue 5 hours agoprevHere's an off-the-cuff summary: First you have to make space in your life for it. You need long blocks of time for deep work. The first idea you pick is unlikely to work, so pick something and start moving. Many of the best products come out of working on something else. When building, optimize for speed. Try to get something out in the world as quickly as possible and iterate from there. Pick a tech stack you're familiar with, that you'll be fastest in. Try to spend half your time on marketing/sales, even if you hate it. The most important skill you can have is resiliance. Not giving up is the best path to success. This is hard because there is so much uncertainty in this career path. It's worth it! The autonomy and freedom are unmatched by any other career. reply ryandrake 34 minutes agoparentThis is not really passive income. What he's describing is running your own one-person business. That's about as far from passive as you can get. Actual passive income is living off the returns and royalties from assets, doing nothing but managing those assets (or maybe not even doing that). reply grahamj 10 minutes agorootparentBut you have to work to get those assets, just like building a website reply martylamb 3 hours agoparentprevGood summary. I've landed on all of the above with my own projects, from a mix of experience, reading, and reason. Hardest for me has been making time between family, work, and other activities that are important for me. Unlike when I was younger I can't just stay up coding until 3AM anymore. In fact I find myself without the mental energy after work that I want to put into my projects, so evenings are out completely for me. So instead I wake up at 5AM and put myself into it before work. It was a big adjustment, but all I needed to do while acclimating to that schedule was ask myself each morning which I wanted more: warm blankets or a successful project? Now it's a pretty energizing way to start the day. reply scarface_74 21 minutes agorootparent> but all I needed to do while acclimating to that schedule was ask myself each morning which I wanted more: warm blankets or a successful project? I choose warm blankets lying next to my warm wife where my heat and shelter is paid by exchanging my labor for money 40 hours a week, paid time off, paid health care, etc reply gottagocode 1 hour agorootparentprevTake the warm blankets into the office with you reply latexr 1 hour agoparentprevIn other words, it’s the exact same bland, generic, worthless advice parroted by every grifter selling you the dream of financial independence via passive income. And if you fail, it’s your own fault, you just didn’t want it enough, you didn’t do the necessary sacrifices. reply flir 1 hour agorootparentThe advice (in the post you're replying to) isn't bad. But you can do it all, and still not have lightning strike. reply f1shy 58 minutes agorootparentI certainly do not think is good. I won’t say I’ve seen destroyed lives because of it, but pretty much miserable in comparison to what it had been if not followed the advice. It is just bot for anyone, and just too often fails. reply flir 53 minutes agorootparentAnd I've seen people succeed (admittedly by spending every spare minute devoting themselves to the pursuit of money). Can we agree that it is, at core, gambling? Like spending all your disposable income on lottery tickets? reply scarface_74 20 minutes agorootparent> And I've seen people succeed (admittedly by spending every spare minute devoting themselves to the pursuit of money). Is that what you call success? reply FrustratedMonky 4 hours agoparentprevWell, when you put it like that, it sounds pretty fluffy. reply sansseriff 46 minutes agoprevIf anyone has trouble focusing on personal projects at home, I've found Focusmate (www.focusmate.com) to be very handy. You hop on a scheduled google-meets style video call with someone random, and then just work. You talk very briefly at the beginning to tell each other what you're working on and then you both mute yourselves for 25 - 75 minutes. It's weird, I've found it really ticks my brain into productivity mode. reply supriyo-biswas 43 minutes agoparentDo pomodoro timers have the same effect for you? I assume it's the pressure of giving yourself fixed amounts of time and the knowledge of the fact that a break is coming up (so that you don't take one unintentionally) that really drives the productivity. reply coold 3 hours agoprevUsing your coding skills: 1) make hello-world-ish portfolio 2) sell courses how to make money using coding skills 3) PROFIT reply mettamage 3 hours agoprevOne part of me is itching to do it. Another part of me can't let it go that I can't beat leetcode interviews. I'm quite close, I think I can do it. I guess it's an ego thing. But not fully though is it? Earning a couple of years of FAANG money opens one up to then just travel the world. I'm from the EU but will make the switch to the US in about a year from now (marriage). So from that perspective, I just don't know if it's strategic. When you have $300K in the bank and you just go to SE asia, you also have \"no schedule\" etc. That should be doable with FAANG. I do feel this path delivers more impact though as life becomes a bit more like a game and you're creating your own quests. You're solving things that you are quick enough at to solve but also things that you find important or just simply fun. Man, I'm torn. Both take quite a bit of a time investment. I'm not sure how I can monetize a \"leetcode with me\" type of thing. If there was still a market for that, I might do that to start both things off at the same time. Maybe I should just become a Twitch streamer :') But I don't think that'd pay off. I guess it wouldn't hurt to try. reply jebarker 2 hours agoparent> Earning a couple of years of FAANG money opens one up to then just travel the world. If you can resist lifestyle inflation reply mettamage 2 hours agorootparentI could now but that'd be tough with kids. reply Mathnerd314 1 hour agoparentprev> you just go to SE asia I could see justifying a trip like that on a cost-of-living basis. If you go to a place like Thailand, you are going to be spending pennies on the dollar vs. the EU, even after paying incredible amounts (in local currency) for first-world conveniences like clean drinking water and internet. So in that sense if you are going to be coding and living life online, you might as well live someplace cheap IRL. But that's different from a tourist crawl where you are just spending money like water, which maybe was more your idea. reply Scubabear68 2 hours agoparentprevWith all the FAANG layoffs is this still a realistic goal for many people? reply mettamage 1 hour agorootparentFair question, maybe I'm a bit too starry eyed. What do you think? reply Scubabear68 1 hour agorootparentI think the question provided the answer. The market is being flooded with ex-FAANG developers and it is no longer a job seeker's market. In today's environment it is a LOT harder to get hired by anyone, let alone a FAANG company. I know really good people who have been out of a job for +6 months now. Based on past history, now is not the time to shoot for the stars, but to start consolidating your base and preparing for the next upturn. reply mettamage 25 minutes agorootparent> preparing for the next upturn. Prepare how? I fled to be a data analyst. For multiple reasons. One: the job interview was a cake walk (for me at least). I was unprepared and I aced it despite not really knowing what a data analyst was. It helps that I have a fairly good statistics background from back in the day. I'm also better paid since they don't pay software engineers that well in the Netherlands, so data analyst salaries seem more competitive locally. But yea, I'd be curious what you specifically mean by it. reply scarface_74 23 minutes agoprevHow is “spending my free time coding after I get off work instead of spending time exercising, spending time with friends and family, traveling, hobbies, etc”, “passive income”? reply czue 1 minute agoparentIf you read the post, that's explicitly a path I acknowledge I couldn't personally do, and I recommend instead creating time by doing things like going down to 80% time in your day job, or finding lucrative contract work. reply bsnnkv 1 hour agoprevGood timing with this submission as I started selling commercial use software licenses using a subscription model this year (Jan 2025) and I'm amazed that 6 people have already signed up and paid for a license. The text-based tech internet has become incredibly hostile to people sharing their work over the past decade, so a few years ago I decided to try and engage people through YouTube instead and I think this has been a decision that has really paid off. For people interested in pursuing something like this I'd definitely recommend trying out video format communication over blog posts and articles if the latter aren't doing well for you. I have done a lot of \"building in public\" on YouTube over the past few years and have built up a really solid product that people have been actively asking me to release a commercial license for so that they can use it at work. I feel pretty good about things right now! reply qoez 1 hour agoprevCool article. I feel like a lot of these 'passive income' things though are just 'X purchaces diffused over time until the market niche is saturated'; hence the need to keep making new sites/products reply daghamm 4 hours agoprevLooking at your portfolio, one could argue that to succeed you need to try a lot of different projects some of which you maybe have no personal interest in. I think some people would not be comfortable with this and rather take a steady paycheck from Big Corp while working on 1-2 darling projects at home. reply czue 3 hours agoparent...maybe? Although that doesn't quite ring true. Every project (even the dumb wedding cards one) arose from some need in my life that turned into a desire to make something exist in the world. That said, I totally agree that some people would rather keep the steady paycheck. The career is a large up-front investment with a variable outcome. But, it's not as hard as it can be made out to be, and the payoff, if successful, is immense. reply jamal-kumar 4 hours agoparentprevIt kind of mirrors my observations in what makes a successful individual in the world of ecommerce, you gotta have the capital to start like ten ideas at once then you whittle out which one don't profit more than 10k a month and come up with new ones to fill the place. Shit sounds like tedium or uncomfortable or whatever to some, but I know multiple millionaires on this tip. reply jbs789 1 hour agoprevKnowing how to code can have very useful local applications, which reduces your competition. Of course it may not immediately scale in the same way but leveraging connections and local know how is an angle that tends to go under-explored at least in the online narrative, is my observation. reply shireboy 1 hour agoprevThis is what I want to do ultimately, but I'm at a sort of crossroads. I have a good job, a consulting side gig, a good family, and 0 hours for my own ambitions. Several years ago I made about 20k on a solo project, so I know I'm capable. I just need to be able to focus on my dream instead of someone else's. Lately I've landed on 'it will happen when it needs to', but I also worry that I'm plateaued and will wish I'd risked it earlier. reply loxias 1 hour agoprevDimagi became successful?!? Awesome! I also worked there as a third person, though I don't think overlapping with you. :) Congrats on living the dream, I tried, failed at that 5 years ago (\"maybe i can just sell my coding directly...\") though I probably gave up too quickly. Nice article! reply roger_ 3 hours agoprevI’ve been wanting to do this for years but I’m still trying to figure out how to get started. My skills are more in algorithm development (statistical signal processing, machine learning) and electronics than web coding though, so it’s probably not as easy as just making a simple website that does something slightly useful. reply acuozzo 2 hours agoparentI'm in the same boat, but my domain is embedded programming. I recently ran across advice here to just copy an existing successful idea and compete on e.g., price, rather than wasting time trying to come up with something novel / innovative. The argument is that if the idea is successful, then most of the market legwork has been done for you already. I'm considering entertaining it. I last seriously did WWW-related work in 2001 or so, but Python with FastAPI + HTMX + Bulma CSS looks easy enough to spin-up on and maps pretty well to my now-ancient understanding of the web. reply roger_ 2 hours agorootparentI’ve done simple one off web stuff over the years and yeah it seems much more straightforward nowadays. Copying and undercutting someone else is certainly easier! reply avgDev 2 hours agoparentprevUnless you are trying to develop something ground breaking, web isn't terribly difficult if you have programming experience. Yes, there will be some new things to grasp. However, tooling is pretty great today and if you pick up a known framework most problems are already solved. You will just fit the pipes together to do what you want. reply TechDebtDevin 1 hour agorootparentCyber plumbing reply ge96 3 hours agoparentprevon the other hand I would venture to say there are less like you (demand) than generic web devs reply cootsnuck 3 hours agoprevGood post! I think the gradual transition you were able to do from salary -> consulting -> software products is very important and not the norm (mainly being able to keep part of your salary while doing some consulting on the side). The only people I've seen able to do that are VPs or C-suite. I'm below those rungs. So I'm quitting my job to go \"all in\" on the consulting. (But I've been prepping and will make sure things line up so I can hit the ground running.) All of this is to say, I think that transition either during or after salary work is the super important part that I see everyone gloss over. My goal is to make a fraction of my salary with consulting for the first couple years, focus just on that, and eventually shift my focus to software products. reply ge96 3 hours agoprevI still want to do this 9 years later I still haven't made something. Still working for someone else. Going to get out of debt first then work on it again, I want to be able to sleep/wake whenever. reply TrackerFF 2 hours agoprevI wonder how LLMs will impact this industry. 10 years ago, when I was chasing this - I'd look for proven business models. Find some small startup / company that sells some software or service, try to figure out what they did and how they did it, then spend time getting into the domain, tech, and what have you. It was a lot of work, and took time. If I do it now, I have the luxury of simply asking my LLM of choice to give me a run-down, and what I need to do. Hell, I've even experimented and gotten a LLM to dish up a working MVP in a single day, which I can iterate on. reply potatoman22 2 hours agoparentBut how do you make sure you're solving the right problem? LLM? reply TrackerFF 40 minutes agorootparentYou find existing solutions to a problem, and copy it. That's it. People spend time chasing novel problems, or coming up with solutions that are looking for problems - when in reality the vast majority of business and entrepreneurship comes down to looking for tested/validated business problems, looking at the existing solutions, and finding ways to enter that market, and win/siphon customers. reply ternnoburn 3 hours agoprevReading this, it feels much more like \"using coding skills to make income\". It's a great description of one person's journey, but \"work hard for a decade, continue to work at a healthy lighter pace after\" isn't really passive income in my mind. And I'm not sure it beats, e.g., work hard and save hard at tech company for a decade, then use the invested surplus as passive income to work lightly thereafter. At least, not in the general case. reply oldandboring 2 hours agoparent> work hard and save hard at tech company for a decade, then use the invested surplus as passive income to work lightly thereafter I used an LLM to help me do the math but it appears you would have to make $1.5 million/year at \"tech company\" if you were to save 20% of your income and have $4 million saved after 10 years. That $4mm saved would allow you to appreciate to $5mm to retire on after 20 years while simultaneously withdrawing $150,000/year in passive income to live on. Of course you can adjust this based on how aggressively you save, how much you need to withdraw each year, and how much runway you have until retirement and how much retirement you need to be comfortable. Regardless, what you're suggesting is available only to the privileged few who can get extremely high-paying jobs early in their careers and hold onto them while having low enough expenses and high enough discipline to save aggressively. OP's approach is a very doable path for folks who aren't so fortunate and/or young, but can code, have some life experience, and don't want to go get another job. reply potatoman22 1 hour agorootparentHow do you spend 80% of a 1.5 million (lets say 800,000 post-tax) salary each year? That'd be an incredibly lavish lifestyle. If you cut your spending down to a cool $200,000/year then you could retire in 5 years and have $150,000/year for the rest of your life. Let's run a different scenario: your post-tax income is $200k and you save half of that. In 11 years, you can retire and get $100k per year at a 4% withdrawal rate. People in either of these scenarios are obviously privileged, but the latter isn't unrealistic for a single FAANG dev. engaging-data.com has cool fire calculators. Highly recommend checking them out reply Jabbles 1 hour agorootparentprevYour choice of numbers is very odd - even though you mention that you can adjust them for your own circumstances, the starting point is unrealistic. - Very few people earn $1.5M/year - Saving 20% implies that you're spending ~$1M/year while working, so $150k/year in retirement would not be appealing Did the LLM pick the numbers for you? reply oldandboring 1 hour agorootparentWhoosh. You missed the point completely. Of course very few people earn $1.5M/year. That's my point -- the poster I was replying to was naively thinking they could just work hard for a tech company and save for 10 years and then live off the passive income of the saved investment, which is silly. The rest of the numbers were conservative figures I chose. $5mm to retire, 20% saved while working, $150k/year passive income. The whole point is that what he's describing is pretty unrealistic. reply FrustratedMonky 4 hours agoprevI want to believe. But is this really still possible in todays world? Isn't there competition from the thousands of software devs laid off in last couple years. They can all make apps. Just like the Flappy Bird guy. Sure, it was big hit, but so easy to have a hundred knock offs within a week. reply kflgkans 4 hours agoparentI think it's simply survivorship bias. Thousands of people try this and fail. And occasionally you read an article like this, which is like the one in a million who managed to get lucky with their ideas and manage to make it a success. And I think they underestimate how much luck they had. reply czue 3 hours agorootparentLuck is a huge factor for sure but I also think it's not as hard as you're making it out to be if you set yourself up for success. I have four products that make money, built over the course of seven years. None of them really benefit from each other. If it was pure luck and 1/1,000 chance of success I don't think my current portfolio would be possible. (I also have a lot of failures, so I agree there's luck and risk, just not as strong as you're making it out to be) reply factorialboy 3 hours agoparentprevBuilding a business is more than just building the app. And everything can be duplicated for cheap, especially with gen-ai. But small-businesses will transform, continue and dare-I-say thrive. reply czue 3 hours agorootparentYeah, one of the critical lessons I learned is that building is really the easy part, and most \"traditional\" developers who fail will do so as a result of not marketing enough, or well. That's an oversimplification, but directionally true. Being able to make apps isn't enough. You also have to develop a broad set of skills to complement that. reply qup 3 hours agoparentprevThe thousands of software devs that got laid off aren't starting businesses. They're also not a cross-domain expert at the same things you are. You might be in the top N coders in a niche, and you might be the only one with the motivation to work on the problem. You also might just do it better than them. And last, you might just split the pie with them. Really, it's okay to have many apps doing the same thing with different approaches. reply Scoundreller 4 hours agoparentprevPart of the goal might be to stay under the radar. In a pre-app world, I wrote some blogs with ads. Some of my favourite ones were dumb but fairly evergreen articles where I had domain knowledge like “best directions to the dmv offices in $mytown”. (Pro-tip: it’s upstairs at the XYZ shopping mall, but if you park by the pizza place, you’ll be at the doors that take you straight there) Reliable and consistent income. Not a ton, but more like a bond than a stock. reply poisonborz 3 hours agoparentprevThe world would require an x-th number of skilled developers existing for problems that could be solved by digital services. Ask in any forum about any niche/hobby/expert field and they tell you dozens of things they would gladly pay for but doesn't exist. It's one thing to be a good dev/coder, but another level entierly to be a one man team delivering a product. reply p_j_w 3 hours agoparentprev>Just like the Flappy Bird guy. Sure, it was big hit, but so easy to have a hundred knock offs within a week. I doubt the creator minds too much, I know I wouldn't: he still made millions off it. reply dirtybirdnj 3 hours agoprev> First you have to make space in your life for it. You need long blocks of time for deep work. This is the obstacle to EVERYTHING in my life. It's very chaotic, which causes a lot of stress and has led to decreasing performance. I try so hard to clean up, to improve things. To try to proactively get ahead of stuff. It never seems to be enough. Something happens I cannot prepare for, or in trying to save and be efficient something goes wrong I cannot afford. My whole plan, saving AND getting things done has now blown up. I no longer have one, I now have three problems and I have also lost/wasted a day. Tomorrow I have four problems, plus I am aware of this dynamic and unable to escape it so technically 5? This compounds over time. How do you escape this failure loop? tl;dr: the \"being poor is expensive\" trap, how escape when so burned out you are struggling to tread water? It's not just money, it's attention span. It's the ability to set my mind to something and accomplish what I set out. Having that muscle atrophy and tear has been traumatic and I am struggling to find emotional or medical interventions worth the effort. reply ndileas 3 hours agoparentIt really depends on the specifics of your life. I get a lot of mileage out of imagining what a more functional adult would do, then doing that (stupid example:doesn't buy the cheapest shoes available and try to make them last 5 years while enduring back pain). It's hard to change quickly; sometimes decisions I made years ago (or that someone in my family made decades ago) throw a wrench in the works. I also took a big step back from various forms of ambition, in favor of building a solid, enjoyable life. I hope it gets better for you too. reply dirtybirdnj 18 minutes agorootparent> I also took a big step back from various forms of ambition, in favor of building a solid, enjoyable life. I think you are onto something here, but there's no way to keep my current situation sustainable let alone live on less. The financial thing I can't do much about but the psychological maybe. It's hard when I feel like there is nobody to help me and I have to do everything alone. reply cudgy 3 hours agoparentprevOf course, I know nothing about your particular situation, but one strategy is to simplify life as much as you can. This could be lowering living costs by moving and getting rid of expensive habits. Lower overhead can be huge factor in reducing distraction and stress. Other strategies are reducing the number of activities, avoid using phones and other distractions during work periods, avoid social media and political discussion and encourage focus on your goals, setting boundaries with family and friends, saying “no” more often to requests, avoiding triggers that distract you or cause stress, create a dedicated and quiet workspace with few distractions, and generally focus on fewer goals at a time. reply dirtybirdnj 16 minutes agorootparent> focus on fewer goals at a time Beyond this very specific thing, I think its also a struggle with trusting myself. I don't trust myself to finish anything. I can try as hard as I want but my locus of control is completely external. I am tired of being lied to about agency and ability. If it was easy as putting effort in I'd be there already. So I work harder and harder in an effort to MAYBE be enough for society / work etc and I am STILL not enough. How can you believe in yourself when you are the source of all failure, lack of consistency, inability to change or adapt. It's me. I'm the problem. I try to be better but at some point I am just masking who I am, which is a WHOLE other problem that is not mutually exclusive. It's another one of those \"can't follow the issue because it's too complicated\" problems that's destroying my life. Nobody undertands, everyone tells me I'm not alone (they are wrong) and nobdody has any reasonable or actionable suggestions because nobody I have talked to yet even remotely grasps what I am going through. My therapist is really the only person who gets it. So many times I have tried to do the \"right\" thing only for it to backfire and make everything worse. It's textbook learned helplessness, but I also have a proverbial textbook of evidence to support my reasons why things won't work. Nobody will listen to me, and then when the thing I tell them won't work FAILS it's my fault for pointing out the laws of physics or nature. I am tired of being the scapegoat for sociopaths and Machiavellian cancer. I accept that I need to accept failure. I am trying, but it's demoralizing and only seems to cause pain not growth. I can usually maintain optimism for a week or more but inevitably the reality of life creeps back in and I can't lie to myself any longer. reply BurningFrog 2 hours agoparentprevSounds like you need to first make your life less chaotic. This could mean making some hard choices. reply oldandboring 2 hours agorootparentThis is usually possible to some degree but the life circumstances creating the chaos may not be things they can realistically get rid of. reply dirtybirdnj 20 minutes agorootparentNail on the head. Lost wife / family (cat) / house over the summer. Mom in and out of hospital starting in November. I'm a cat locked in the dryer and there are no door handles on the inside. reply zb3 3 hours agoprev [–] Unpopular opinion: truly \"passive\" income should be impossible, because this means someone is working hard but not receiving their compensation. EDIT: of course unless it's the robots that do all the work, but then it's not really passive... reply GuidelinesFAQListsAPISecurityLegalApply to YCContact Search:", + "originSummary": [ + "The author transitioned from a CTO role to a solopreneur, successfully earning more through a portfolio of software products.", + "Key strategies include focusing on deep work, starting with small projects, iterating quickly, and dedicating time to marketing efforts.", + "The journey emphasizes resilience due to uncertainties, but highlights the unmatched autonomy and freedom of this career path, encouraging those with coding skills to consider it for passive income." + ], + "commentSummary": [ + "A user described generating passive income through SEO spam websites using expiring domain names, earning approximately $30k annually, despite ethical concerns and Google's eventual crackdown.", + "The post sparked a debate on passive income, with some users arguing it's more akin to running a business than truly passive earnings.", + "Participants shared experiences and challenges in side projects, highlighting the importance of time, resilience, and strategic planning." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Spain proposes 100% tax on homes bought by non-EU residents", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "View image in fullscreen Cities such as Barcelona are a magnet for non-EU holiday home buyers. Photograph: Pol Albarrán/Getty Images Spain Spain proposes 100% tax on homes bought by non-EU residents Pedro Sánchez announces measure in response to anger over rising housing costs Ashifa Kassam in Madrid Mon 13 Jan 2025 16.39 EST Share Spain has announced plans to impose a tax of up to 100% on real estate bought by non-residents from countries outside the EU, such as the UK, in an aim to tackle the country’s housing crisis. The measure was one of a dozen unveiled on Monday by the country’s prime minister, Pedro Sánchez, as the government seeks to quell mounting anger over housing costs that have soared far beyond the reach of many in Spain. Sánchez sought to underline the global nature of the challenge, citing housing prices that had swelled 48% in the past decade across Europe, far outpacing household incomes. “The west faces a decisive challenge: to not become a society divided into two classes, the rich landlords and poor tenants,” he told an economic forum in Madrid. The proposed measures include expanding the supply of social housing, offering incentives to those who renovate and rent out empty properties at affordable prices and cracking down on seasonal rentals. In Spain just 2.5% of housing is set aside for social housing, a figure that lags drastically behind countries such as France and the Netherlands, said Sánchez. But it was the government’s plans to crackdown on foreign, non-EU buyers that grabbed headlines around the world. Spain has long been a popular destination for non-EU holiday home buyers, with residents of the UK, US and Morocco flocking to buy properties in places such as Ibiza, Marbella and Barcelona. Sánchez described the tax of up to 100% as “unprecedented” in Spanish history. “Just to give an idea, in 2023 alone non-European Union residents bought around 27,000 houses and flats in Spain. And they didn’t do it to live in them, they didn’t do it for their families to have a place to live, they did it to speculate, to make money from them, which we – in the context of shortage that we are in – obviously cannot allow.” He did not offer more details on how the plan would work or when it would be finalised and sent to parliament for approval. Given his government’s longstanding struggles to pass legislation, one analyst suggested to the Financial Times that the government’s aim was to deter foreign property investors by creating “uncertainty and noise” with a proposal that has slim chances of becoming law. The government’s slate of measures also took aim at tourist flats, which have long been blamed for shrinking the rental supply and leaving locals priced out of the market. Sánchez said regulations on these rentals would be tightened while the taxes they pay would be hiked. “It is not fair that those who own three, four, five apartments for short-term rental pay less tax than hotels,” said Sánchez. skip past newsletter promotion Sign up to This is Europe Free weekly newsletter The most pressing stories and debates for Europeans – from identity to economics to the environment Enter your email address Sign up Privacy Notice: Newsletters may contain info about charities, online ads, and content funded by outside parties. For more information see our Privacy Policy. We use Google reCaptcha to protect our website and the Google Privacy Policy and Terms of Service apply. after newsletter promotion He argued that the measures were necessary to tackle what he described as an “unbearable” mismatch between rising housing prices and household incomes. “We are facing a serious problem, with enormous social and economic implications, which requires a decisive response from society as a whole, with public institutions at the forefront,” he added. Explore more on these topics Spain Europe news Share Reuse this content", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "Spain proposes 100% tax on homes bought by non-EU residents (theguardian.com)162 points by vinni2 19 hours agohidepastfavorite254 comments louison11 18 hours agoBlaming foreigners for housing prices is misdirected. The real culprit is slow bureaucracy & zoning laws making it impossibly slow to get a permit to build anything in both Spain and Portugal. Both of these countries for example have so many abandoned houses needing to be renovated, and so many foreigners coming in with money to do it - but they can never do it because you can't get a permit in literally forever... I don't know about Spain, but another problem in PT is the building companies too, are unreliable, and typically don't deliver houses in less than 3-5 years if you decide to build new. Increase the supply, and the prices will go down. reply WorkerBee28474 18 hours agoparentNo, that argument assumes you can only blame 1 thing at a time. Even if the bureaucracy is the worst offender, every foreigner buying a house still results in 1 less house for Spaniards. Sure, fix bureaucracy, but don't pretend foreign purchases have zero effect. reply JumpCrisscross 17 hours agorootparent> every foreigner buying a house still results in 1 less house for Spaniards In a very limited scope, sure. What that foreign capital also does is lower risk and thus capital costs for development and improvement. (In the event of a limited crisis, for lenders as well.) Whether the net effect goes one way or another is more complicated than what you describe. Put another way, if foreigners could only buy unbuilt units, would you still say they're resulting in fewer houses for Spaniards? Do the countries shunned by foreign investors have affordable housing? reply motorest 11 hours agorootparent> Put another way, if foreigners could only buy unbuilt units, would you still say they're resulting in fewer houses for Spaniards? Do the countries shunned by foreign investors have affordable housing? Exactly, and to further drive the point home the real estate investments driven by foreign investment are targeting entirely different markets, such as luxury homes and tourism, whereas the complains about lack of access to housing come from those who already struggle to buy the cheapest units in working class suburbs, where the foreign investments are clearly not being made. So the question you should be asking is how come you're not seeing investments in affordable housing across the country at a time where you see foreign investment in luxury and tourist areas. Then you'd realize that you're discussing two entirely different things that bear no relationship. reply rgtank108 17 hours agorootparentprevWhat is this contrarian sophistry? In Europe foreigners often buy the most expensive historical real estate they can lay their hands on. If they do build something, it is office buildings for investment that take up space and often remain empty (Chinese are good at that). These investments still take up space and drive up real estate prices. Where do you even live? reply JumpCrisscross 17 hours agorootparent> In Europe foreigners often buy the most expensive historical real estate they can lay their hands on Source? (I'm generally hugely sceptical of uniform statements about how capital behaves across the EU, let alone Europe.) reply WorkerBee28474 12 hours agorootparentA source is not required for something to be true. An uncountable number of things that are true have no source to back them. reply motorest 12 hours agorootparent> A source is not required for something to be true. If it was really true then why would you have so much trouble providing anything at all that would back it up? reply ryan_lane 12 hours agorootparentprevWhere's the source for your assertion? You're making a claim that foreign investment is beneficial with no source, but then requiring one when someone disagrees with you? reply sadeshmukh 11 hours agorootparentA theoretical argument was countered with an assertion - it's plausible that investment -> lower risk, but there is no reasoning to get \"foreign investment is focused on X area\". reply ryan_lane 11 hours agorootparent\"What that foreign capital also does is lower risk and thus capital costs for development and improvement.\" Not a theoretical argument. An assertion. reply sadeshmukh 2 hours agorootparentI mean, I can see a reason provided. Isn't that the whole point of foreign direct investing? That's more than an assertion - that's why I call it a theoretical argument. There's no need to debate semantics. reply motorest 11 hours agorootparentprev> What is this contrarian sophistry? In Europe foreigners often buy the most expensive historical real estate they can lay their hands on. Yes, they make real estate investments in luxury and high-end sector, some of which boarded up for decades. It's not like your average working class citizen is on the house for a manor house in the city center. These are not the same markets. reply louison11 17 hours agorootparentprevI'm not saying it has zero effect. I'm saying it's a misdirected effort that would cause them more harm than good. Spain isn't exactly in the fittest economic position. It needs to attract foreigners to cultivate its growth - hence their Beckham law and other benefits for foreigners. You can deter people from coming and see the country stagnate/go down, or you can actually match the demand and foreign dynamism, and use that as an opportunity for the whole place to grow and modernize. reply throwaway4aday 17 hours agorootparentThis is a quick \"fix\" that has a lot of unintended consequences. I've seen it first hand and the only people it benefits are those who are already wealthy. Everyone else gets a lot poorer as their cost of living skyrockets. Homelessness explodes as rents and housing costs increase dramatically, people who were living a humble but decent life before are pushed into poverty, crime both non-violent and violent increases and so does drug use. As far as I can tell the only people that actually benefit from this scheme are landlords and housing developers who slow walk their projects so that they can charge the maximum price per unit. Compared to the previous fairly stable state (which you call stagnation) the locals are much worse off. It also tends to ruin the character of places that were previously seen as a vacation destination for a unique experience, all of that just gets paved over and turned into a bland tourist trap barely different from any other place. Count yourself lucky if you live somewhere that has been passed over by this horrid money making scheme. reply delroth 17 hours agorootparentprevHow does allowing *non-residents* to buy real estate help in attracting foreigners and cultivate growth? reply louison11 17 hours agorootparentMoney invested from abroad is money coming inside the economy - whether the person lives there or not. That money goes to the seller, who'll then get taxed on it, spend it somewhere else... Or that money could be used, as I said, to build new buildings and rehabilitate old ones, thus creating jobs in the process. If the system was well set up for it, foreigners investing in a country is usually a good thing. The US is super foreign-investment friendly for example, doesn't hurt them. Besides, if foreigners are investing solely to speculate - if they did fix the supply constraints, the opportunity for speculation would greatly decrease. It's only an attractive investment because the supply is so finite. reply whazor 12 hours agorootparentAlternatively, I got my current house because of KYC laws. The house bidding was originally won by someone abroad. They overbid the house by a lot. However, because of the KYC laws, that person needed to proof their income is legitimate, which they couldn’t. Therefore, we got the house. Building new houses costs 10 years in my country. So building new houses is not fast enough to create new affordable houses. reply throwaway4aday 17 hours agorootparentprevWorked great for Vancouver /s reply JumpCrisscross 17 hours agorootparentTo be fair, you're referring to one of the largest and fastest-growing economies in Canada [1]. (It also has a massive affordability crisis despite a ban on non-student foreigners buying expensive real estate.) [1] https://www.katrinaandtheteam.com/blog/vancouver-bc-economy/ reply vivekd 12 hours agorootparentHalf the people in Vancouver are thinking about leaving and 25% want to leave within the next 5 years. People are leaving in droves largely because of costs. That seems to make the parents point - that the ecnomic benefits from immigration accrue to the few and the wealthy while making life harder for average people https://vancouversun.com/news/survey-finds-half-of-metro-van... I can sympathize with it because I live in Toronto and am also thinking about leaving. Do I hate immigrants, no there aren't actually that many immigrants in the city core where I live. But certaintly there is an affordability crsis that has gripped the city and the country and wages seemed to be supressed and there seems to be less job opportunities (likely due to all that extra labour coming in) reply iforgot22 44 minutes agorootparentVancouver's population has been steadily increasing. Maybe it's catering to different people than before, but it's not fewer. reply iforgot22 17 hours agorootparentprevIn a hot real estate market, there will be more market pressure to fix the dilapidated properties in good areas. Say they instead keep values artificially low so an EU resident can buy a property for cheap, and it stays cheap. What's the benefit? reply fabrice_d 17 hours agorootparentThe benefit is that more people can afford to buy houses? Really surprising to see a country taking care of their people, and not just the wealthy ones! All the hypotheses claiming that \"the market pressure will improve things for all\" have been proven false at this point. We have decades of data, and this is only widening the inequality gap. reply motorest 12 hours agorootparent> The benefit is that more people can afford to buy houses? Can they? I mean, what is your plan to lower current housing prices? Cut off demand from foreigners with purchasing power and instead replace it with demand from people who cannot afford a home? They are not even the same housing market, are they? reply iforgot22 17 hours agorootparentprevI don't see why this is better than people renting and investing their savings elsewhere, which is how it works with apartments anyway. So you own a house, it makes basically no return, now what? reply JambalayaJimbo 14 hours agorootparentIs the only reason you see for home ownership price appreciation? This mentality is what’s wrong with speculative real estate! reply iforgot22 1 hour agorootparentYes. I don't know how you can buy something and hold it for decades without calling that \"speculation.\" reply bdangubic 17 hours agorootparentprevwhere exactly does a house make no return, especially in say last decade/15 years? I bought three houses in the last 20 years, one doubled, one up 70% and one 40% (still occupying it) reply x0xrx 14 hours agorootparentDo you not see how insane it is to at once 1) demand cheap housing and 2) demand it increases in price at breakneck pace? reply iforgot22 3 minutes agorootparentExactly, it's like complaining that gold is unfairly expensive. Those lucky Boomers got to purchase it at $40/oz, now it's $2600/oz. I should be offered some cheap gold so I can sell it for 65X. bdangubic 6 hours agorootparentprevI am not demanding cheap housing, I was only commenting on so you own a house, it makes basically no return, now what? reply iforgot22 1 hour agorootparentI'm saying that if they find a way to keep houses affordable to buy, they can't be viable investments. The US makes for a decent home investment market. You usually see a house price double every ~10 years once it's in a desirable area. Btw, was your 40% increased house purchased 20 years ago? If so, that's effectively a loss, and I'm not even sure about the one that doubled. 5-10 years would be different. reply iforgot22 16 hours agorootparentprevIn the US, not many places. But that's the complaint from some people. reply bdangubic 15 hours agorootparentgive me some places where it is not and we’ll look at zillow or whatever public data there is for a given region. unless we are talking like rural-no-is-around-for-miles perhaps but otherwise properties over the last 10-15 years have appreciated reply klipt 17 hours agorootparentprevYou could also argue that every Spaniard moving from the countryside to the cities takes away houses from Spaniards born in the cities. Seems like an argument for internal visas like China's household registration system to prevent excessive migration to the cities. The countryside is mostly emptying out so no need to prevent people moving or buying there. reply JumpCrisscross 17 hours agorootparent> Seems like an argument for internal visas like China's household registration system to prevent excessive migration to the cities With the big difference being the Chinese citizen being denied Beijing hukou is still a Chinese citizen. Madrid should properly first concern itself with Spaniards' wellbeing. (This isn't an argument for or against this policy. Just clarifying why restricting non-EU home purchases is different from hukou.) reply Gvaskas 17 hours agorootparentI can't believe I had to scroll so far to find sense. Westerners are so demoralised and broken that they see their own economic zones (I refuse to call them 'nations' any more) as little more than tax havens, investment vehicles, and colonies for foreigners rather than a homeland for themselves and their children. Voluntarily opting for displacement and dispossession over being called 'racist' by hateful strangers. Get a grip. reply JumpCrisscross 17 hours agorootparent> over being called 'racist' by hateful strangers Straw man [1]. You're the only one in this thread levelling this charge. [1] https://en.wikipedia.org/wiki/Straw_man reply Gvaskas 16 hours agorootparentWhat other motivation do they have for selling out their own family and people then? Either they are so demoralised that they truly feel no greater affinity toward their own kin than a random stranger from the other side of the world, or they are so fearful of the social consequences (and their own manipulated internal sense that this is \"bad\") that they consciously and very openly advance the interests of strangers over their own kind. I think many who tell themselves that they're in the first group are only doing so because they're actually in the second group. The \"I don't see colour\" types. It is trendy to participate in the destruction of your own descendants' homelands and future as an advertisement of one's \"anti-racism\". reply iforgot22 12 minutes agorootparentYou're asking what other motivation someone has for encouraging foreign investment, or selling property? JumpCrisscross 16 hours agorootparentprev> What other motivation do they have for selling out their own family and people then? Not wanting to be the next Venezuela, for one. Reflexive protectionism is emotionally satisfying. It rarely delivers the promised relief. I could absolutely see such a tax e.g. taking out a small Spanish bank or two, or, at best, knocking out develoopers' financing such that new-home construction contracts. More likely: it becomes the only thing this government can work on as Spain gets mired in years of EU litigation. > It is trendy to participate in the destruction of your own descendants' homelands and future To the extent anyone is trend following, it's the populists making these sort of black-and-white claims. Again, you're the only one arguing against this imagined anti-racist commenter. Policy written to annoy an imagined foe is going to be predictably bad. reply Teever 17 hours agorootparentprevThat comparison make sense in a world where the well being of a nation's citizens wasn't the priority of a nation. However we live in a world where that isn't the case so a nation deciding to restrict immigration or economic activity by foreigners for the benefit of the domestic population is an acceptable position to take -- provided it actually have that desired outcome. reply klipt 17 hours agorootparentSpoiler: it won't help much. Liberalizing zoning and taxing land would do more to improve housing affordability. reply creer 15 hours agorootparentprev> every foreigner buying a house still results in 1 less house for Spaniards Absolutely not. For example my impression is that foreign demand has been great for the construction industry, both small and large, both in Spain and Portugal. Paying lots of people directly and still more indirectly. The presence of all these buildings that needed renovation (or demolition) shows that the population previously could not afford to use them. Dumping money in the economy causes some inflation, yes, but it also pays many people and allows still more to enter the field. reply alecco 9 hours agorootparentprevBut the foreign investors are doing it because the housing market has an artificial supply shortage. They are buying into a cornered market. Of course, full deregulation is not a fix as seen with the condos built in ridiculous locations back in the sub-prime mania. It would be good to have a reasonable plan. Sadly the plans for making livable neighborhoods was hijacked by the \"15 minute city\" WEF-style politicians. The Netherlands had some very interesting projects that went pretty well. reply surgical_fire 16 hours agorootparentprev> Even if the bureaucracy is the worst offender, every foreigner buying a house still results in 1 less house for Spaniards. Just to be pedantic, it's not about foreigners buying property, it is about non-resident buying properties. A foreigner that actually resides in Spain would not be taxed, if I understand correctly. I don't think that limiting property ownership to residents is a bad thing. I do think, however, that it will not have that much impact in the properties the average people actually need and want. reply ptero 17 hours agorootparentprevForeigner purchase effects are complex. While a unit sold does immediately reduce the supply by 1 unit, new demand and foreign funds can also stimulate more building and, especially important, can prevent areas falling into disrepair and becoming ghost towns. It really depends on the specific area and situation. My 2c. reply AuthorizedCust 17 hours agorootparentprevIf you’re in oversupply, as the parent comment suggested, then is the effect of additional buyers meaningful? reply WorkerBee28474 17 hours agorootparentIf you have extra supply of houses needing renovation, as in the comment, and renovations require labor and/or materials to complete, having foreigners pay to renovate houses to be livable will decrease the ability of Spaniards to renovate houses to be livable. For example, let's assume renovations are 100% completed by local crews. Any crew working for a foreigner is working for them because A) the foreigner is paying more than a local for the work B) the foreigner is paying enough to make a profit and the local isn't (which is a subset of A). There is no situation in which adding foreign money results in more houses for locals. If you eliminate the ability for foreigners to renovate, the renovation crews will take the money that the locals can pay. There will be fewer renovation crews, because some crew will not be profitable at the lower rate, but more crews working to renovate houses for Spaniards. Similarly, for materials, given supply and demand curves (and assuming that the marginal units added won't cause economies of scale) eliminating the ability for foreigners to buy materials for renovations will move the curve intersection down to a lower price and volume. reply JumpCrisscross 17 hours agorootparent> There is no situation in which adding foreign money results in more houses for locals Assuming fixed supply, yes, it's (probably) a zero-sum game. > eliminating the ability for foreigners to buy materials for renovations will move the curve intersection down to a lower price and volume Assuming a frictionless market and no economies of scale, yes. In reality, you'll have a smaller set of options for locals at a slightly (but not dramatically) lower price. (Again, for an example look at all the markets foreign investors shun.) > will be fewer renovation crews, because some crew will not be profitable at the lower rate, but more crews working to renovate houses for Spaniards You absolutely cannot conclude this from first principles. You make valid points. They just need to be followed up with data. The systems you're talking about are too sensitive to generalise like this. reply Gibbon1 14 hours agorootparentprevI have various thoughts. The rough one is that investors driving up the cost of housing increases the countries labor costs. Which harms it's competitiveness. Reduces workers standard of living. Which also causes headaches for political leaders. Foreign investors rub salt in the wound by moving their gains outside the country. And the real risk that they will flee when there is any sort of downturn making it worse. My opinion giving those guys the middle finger isn't unreasonable. reply ETH_start 17 hours agorootparentprevEvery foreigner buying a house is supplying capital for one additional house to be built, and some portion of those additional houses will be unoccupied by the foreigner most of the year and available on the rental market for locals. Even if it's just short term rentals, that means more affordable vacations and temporary housing for the domestic population. reply mkoubaa 17 hours agorootparentThis is one of those arguments that at face value seems quantitatively sound but doesn't survive first contact with reality reply ETH_start 15 hours agorootparentAnd your claim that it doesn't survive first contact with reality is based on you correlating high volumes of foreign investment with lack of housing affordability and assuming that the former is causing the latter, when the correlation is really due to a confounding factor. reply mytailorisrich 9 hours agorootparentprevThe issue not mentioned because it is a very politically charged topic is that, as I understand, net migration to Spain is at an all time high. This is bound to push housing prices up. Hitting foreign investors is easier politically but may not have much effect. reply gruez 17 hours agorootparentprevSo would you say it's fair game to blame \"migrants\" for crimes? After all, you can't steal something if you're not in a country, so letting someone into a country strictly increases the crime rate. Even if migrants commit crimes at a lower rate than the local population, unless it's exactly zero, it'll still increase the crime rate. edit: downvoters, I'm not actually endorsing blaming migrants. It's only used as an example. reply d4704 17 hours agorootparent> Even if migrants commit crimes at a lower rate than the local population, unless it's exactly zero, it'll still increase the crime rate. But that assumes you do not count the person who commit the crime as part of the population count. In this example, “crime per capita” goes down if they commit crime below the average crime rate of population before they joined that population. reply gruez 17 hours agorootparent>But that assumes you do not count the person who commit the crime as part of the population count. Sorry, meant to say \"crime count\", or more precisely, \"native victimization count\". Natavists by definition prioritize the native population over immigrants, so if some native got victimized by a migrant, I doubt a natavist would be convinced by \"well actually, even though there was one extra crime committed by a migrant, there's also 10,000 (or whatever) more people, so the crime rate actually went down!\" reply llamaimperative 17 hours agorootparentprevDo crimes have a liquid market with supply and demand mechanics? If so, then sure, you can blame every criminal for x% of every crime, I guess. reply gruez 17 hours agorootparentThe comment was in reply to: >Even if the bureaucracy is the worst offender, every foreigner buying a house still results in 1 less house for Spaniards. It's pretty clear that supply and demand isn't a consideration here, and the commenter is strictly focusing on the aspect that one house is being removed from the housing supply. reply llamaimperative 17 hours agorootparentIf you remove a house from the supply, by any method, there is one fewer house in said supply. reply motorest 12 hours agoparentprev> Both of these countries for example have so many abandoned houses needing to be renovated, and so many foreigners coming in with money to do it - but they can never do it because you can't get a permit in literally forever... Are these hypothetical houses located in the places these hypothetical foreigners want to live or invest? Because getting a small apartment in Barcelona is a small feat, and Soria is not exactly an alternative. reply vivekd 17 hours agoparentprevI donno if it entirely wrong to blame foreigners. If you have a bunch of silicon valley digital nomads flying to Spain and buing and selling houses to each other I can see how that could easily leave locals out of the housing market. That seems like something that government should control against if locals can't affording housing. I imagine that if a bunch of rich people decided to treat Spanish homes like stocks (holding and flipping) it would be pretty easy to get high prices and bubbles. Doesn't it follow from suppy and demand? >Increase the supply, and the prices will go down. what's wrong with tackling both demand and supply. Why shouldn't spain do both - build more homes to tackle supply while also curbing foreign home ownership to tackle infalted demand reply honestSysAdmin 15 hours agoparentprevBloated/unnecessary bureaucracy is essential to the bribe collection process. reply rednafi 17 hours agoprevThe issue is that countries expect foreigners to bring in money, earn a lot, and pay taxes at the 90th percentile, but they’re (the locals) reluctant to share resources in return. A 100% taxation model turns it into a one-way street. Sure, if you don’t need foreign investment, you can afford to do that. But let’s be real—welcoming foreigners isn’t an act of charity. Governments usually do it because foreigners are often more productive, pay higher taxes, or fill jobs that locals don’t want. Turning it into a one-sided deal has consequences. Immigration policies are funny; every western country treats them like a magical cure-all, only to later blame immigration for any and every problem. reply ralsnop 17 hours agoparentIf India had 25% white EU members similar to Sweden having 25% migration background members (mostly from Africa or the Middle East), perhaps Indians would get a tiny bit protectionist. The accusation that locals are reluctant to share resources is offensive at this point. There is no space and people can barely afford to pay rents. Meanwhile there are \"golden visas\" to Portugal or Cyprus where rich Chinese can gain entry to the EU and buy up everything. For a token \"investment\" like buying stocks to the tune of EUR 1,000,000. They do not exactly build a semiconductor fab. Again the myth that \"foreigners are more productive\". Where does that come from? West Germany did just fine before 1990, everything deteriorated since then. reply rednafi 9 hours agorootparentI completely understand the need for protectionism. That said, Sweden's immigration policy ranks among the worst in Western countries. I'm not saying there shouldn't be any pushback; rather, my point is that these policies are exploitative on both ends. Why bring in refugees in the first place? And if you do, why bring them in en masse? The US handles a much larger number of migrants each year and consistently attracts the cream of the crop. I'm not saying the US doesn’t have issues with migrants, but during my time living there, I didn’t find the situation as severe as in Germany, Sweden, Spain, Portugal, or Italy. Europe's immigration policy is broken. Many immigrants end up draining the social welfare system, overcrowding service providers, and causing religious tensions. But let’s be honest: everyone knows which group is primarily responsible. It’s extremely difficult for that group to enter the US. At the same time, it’s much easier—though still not trivial—for skilled migrants to move there. In Germany, the situation is the opposite: it’s trivial to enter as a charity case but much harder as a skilled migrant. If you can afford to reject immigration, you're free to do so. America can’t, and they’re profiting from it. But why adopt such a self-sabotaging approach, bringing in the worst of the crop and then blaming them for the country’s woes? That’s the part I can’t understand. reply JambalayaJimbo 13 hours agorootparentprevWhat does whiteness have to do with anything?? Indians are protectionist, with regards to immigration from poorer countries like Bangladesh. reply rednafi 3 hours agorootparentUmm what? India has a lower per capita income and worse quality of life than Bangladesh. https://countryeconomy.com/countries/compare/bangladesh/indi... reply icar 12 hours agoprevHouses should not be an investment, but only used for what they are: a place to live. That's directly opposed to why someone not local would buy them. This fall short, it should be straight up forbidden, also for EU residents (who are a big issue as well, looking at you German and French people that buy houses, leave them empty all year but 1 month and/or don't even learn the language and traditions of that place) reply omnimus 9 hours agoparentI think EU is ok as many people actually live somewhere else thanks to EU laws. What should get hard taxed is owning multiple homes. There are people with 100s flats not even under a company but an individual. And companies that do own homes as business should be stevards of properties with max profit margins - it can be good business but not unhinged money printer it is in becoming everywhere. reply mhandley 18 hours agoprevAnything to stop a non-EU resident owning an EU company that owns a Spanish home? reply V__ 18 hours agoparentIt's not trivial to set up a business as a non-eu citizien. As far as I know every EU business has to have an eu citizen representative. Additionally, a company owned property can't just be used privately. reply gruez 18 hours agorootparent>As far as I know every EU business has to have an eu citizen representative You can't hire a nominee director? >Additionally, a company owned property can't just be used privately. They can't \"rent\" it back to the owner? reply ajb 18 hours agorootparentThat sort of thing is a bit risky. One company I followed was bought out by a US vehicle owned by a Chinese investor, and then everything ground to a halt because (it appears[1]) the local agent fraudulently changed the bank accounts into their own name and locked out the owner. Operating stuff in a foreign legal jurisdiction is hard. [1] this seems to have been the judgement of the court, but not all the fillings are free to access. reply JumpCrisscross 18 hours agorootparent> the local agent fraudulently changed the bank accounts into their own name and locked out the owner This sounds like a front more than a nominee. A front legally owns the company and has a side deal with someone conferring control. It's pretty much straight-up fraud. A nominee is similar to a Delaware registered agent; you pay a law firm or whatever a few hundred euro a year to be your glorified P.O. Box reply ajb 17 hours agorootparentI'm not really sure what the technical details were. This is the complaint, in case anyone is curious: https://trellis.law/doc/159246087/complaint-case-initiation-... Although obviously that's only from one side. If may be that it's less risky if there's a common service such as you describe, since the operator will prefer to keep their business going. But if significant assets are involved it may still be somewhat risky. (This was the company that supposedly ended up with the IP of the Kestrel aircraft, formerly owned by Alan Klapmeier and originated by Richard Noble as the Farnborough F1) reply JumpCrisscross 16 hours agorootparent> if significant assets are involved it may still be somewhat risky No more than any asset in the EU. A nominee can steal your property about as easily as any notary. reply ajb 14 hours agorootparentThee context here (and upthread) is about needing a nominee because you aren't in the country. IE if you were in country you'd control the asset directly. reply JumpCrisscross 14 hours agorootparent> needing a nominee because you aren't in the country. IE if you were in country you'd control the asset directly Yes. A nominee is just a local contact of record. If a nominee can steal your shit, any rando with a notary can, too. reply ajb 20 minutes agorootparentAre you positing a corrupt notary? JumpCrisscross 18 hours agorootparentprev> You can't hire a nominee director? Yes, you can, and it's very common. Couple hundred euros in Cyprus [1]. [1] https://blog.wamo.io/how-much-does-it-cost-to-open-a-company... reply defrost 17 hours agorootparentYep. I've a longterm \"internet friend\" and Cyprus resident/native who has been grumbling about this for two decades now, his principal complaint is the sheer number of Russians back dooring their way into becoming an EU company via Cyprus and screwing up the cost of living, housing, etc for the locals who suffer from the pressure of rich transients who do little for the community. A common enough templte compliant the world over, but it has grounds. He'll also admit it's not just the Russians but many others also. reply JumpCrisscross 17 hours agorootparent> He'll also admit it's not just the Russians but many others also Limassol is friendly to Russians. If you're American, the go-to is Ireland, though Luxembourg is trying to eat their lunch. (If you're Chinese, Hungary and Poland.) reply defrost 17 hours agorootparentIn short, there are significant business opportunities for EU citizens willing to front an EU company for other non EU parties. reply JumpCrisscross 17 hours agorootparent> significant business opportunities for EU citizens willing to front an EU company for other non EU parties I'm describing plain-vanilla incorporation or the buying of an incorporated business. No fronting. reply nradov 17 hours agorootparentprevAs a bloc, the EU should be encouraging Russians to move assets out of Russia because this reduces the tax base for the Putin regime. Do everything possible to destroy the Russian economy. Of course, this can have disruptive effects in some local areas like Cyprus. reply rad_gruchalski 18 hours agorootparentprevThe „owner” is the company. reply codetrotter 18 hours agorootparentHe's saying the company could rent the building to the owner of the company. reply rad_gruchalski 17 hours agorootparentIt’s not really clear what they mean. reply codetrotter 17 hours agorootparentPerson A sets up a company in foreign country. Company buys a building in the country. Company rents out the building to Person A. reply rad_gruchalski 17 hours agorootparentYes yes thanks reply gruez 18 hours agorootparentprevfine. \"actual\" owner, \"ultimate beneficial owner\", etc. reply Beijinger 18 hours agorootparentprev\"a company owned property can't just be used privately.\" Why not? reply matt-p 18 hours agorootparentprevI'm British and it's very easy to setup EU companies, many UK companies have HAD to due to Brexit. reply matt-p 18 hours agorootparentprev>As far as I know every EU business has to have an eu citizen representative. Not at all true, infact it's becoming the exception rather than the rule, look at; Estonia, Ireland, Netherlands, Cyprus, Bulgaria, Hungary. Even in Germany I think it's beginning to become possible. >Additionally, a company owned property can't just be used privately. Um yes, the company rents it out? reply zxspectrum1982 18 hours agoparentprevIt's illegal according to European Union law so this is just one more lie by Prime Minister Pedro Sanchez. https://www.vozpopuli.com/economia/el-castigo-fiscal-a-los-c... reply JumpCrisscross 17 hours agorootparent> It's illegal according to European Union law Is this firmly established or contended? Article 63 of the Treaty of Lisbon [1] bans \"all restrictions on the movement of capital between Member States and between Member States and third countries\" [2]. To define \"movement of capital,\" we must look to Annex I to Council Directive 88/361/EEC of 24 June 1988 [3]. It says \"purchases of buildings and land and the construction of buildings by private persons for gain or personal use,\" including explicitly \"investments in real estate on national territory by non-residents\" counts. Looks clear cut! That said, there appears to be a long history of challenging what constitutes a \"restriction,\" because EU. [1] https://en.wikipedia.org/wiki/Treaty_on_the_Functioning_of_t... [2] https://blogs.kcl.ac.uk/kslreuropeanlawblog/?tag=article-63-... [3] https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELE... reply zxspectrum1982 12 hours agorootparentIt is firmly established. Read the article I linked. reply rapatel0 18 hours agoparentprevOne of the more effective (but potentially over reaching) parts of EU law is that the governments usually give enforcement powers with discretion on how to enforce them. On the one hand it’s annoying because there are no clear rules for how to do business at times. On the other hand, it does typically do a better job of articulating the “spirit of the law” and not allowing people to hack around the letter of the law. I’m pretty sure if using a hack became a trend, then they would start suing people in a few years down the road and extract all the money. reply iforgot22 17 hours agoparentprevOr non-EU resident investing in an EU real estate fund? reply matt-p 18 hours agoparentprevOf course not! Such an insane plan. reply rbjorklin 18 hours agoprevThis will undoubtedly make some brexiteers very unhappy. reply floxy 18 hours agoparentIs that because: A.) There is significant overlap between Brexiteers and those with enough extra wealth to afford vacation / second homes in Spain. Is there any way to quantify this? I would have thought that those with a nationalistic bent wouldn't be keen to own homes in foreign lands. Plus I had the impression that the Remainers were more towards the urban, wealthy, citizen-of-the-world types who would at first blush seem more likely to buy houses elsewhere. B.) The Brexiteers were hoping that the Remainers would all move away, so they don't have to deal with them anymore? C.) The Brexiteers want to colonize Spain? D.) Brexiteers wish they would have thought of the idea punitive taxes on foreigners first? E.) Other? reply johannes1234321 17 hours agorootparentThere is a notable amount of \"expats\" who permanently moved to Spain under freedom of movement, then voted for Brexit and then were angry that Spain/EU started to treat them as foreigners. How many hundred that are I don't know, but they made \"fun\" news stories during those times. reply delroth 17 hours agorootparentThose expats are residents though, and thus wouldn't be impacted by the proposal being discussed in the linked article. reply floxy 17 hours agorootparentprev>How many hundred that are I don't know, but they made \"fun\" news stories during those times. Seems like every human story then. The few-and-far-between exceptions get magnified by 100-1000 times their actual significance by people on the other side. reply cmsj 18 hours agoparentprevGood. I love this for them. Source: totally not still bitter Remainer. reply spacedcowboy 18 hours agorootparentSeconded. Bastards. reply archsurface 18 hours agoparentprevDo you have figures? reply ipnon 18 hours agoparentprevIt's quite funny because Great Britain is the reason why the Spanish won their war of independence. reply affinepplan 19 hours agoprevso is there any actual evidence that foreign home ownership is causing meaningful housing price inflation in Spain? or is this just uninformed pandering like it is in the US reply rolothrow 18 hours agoparentTotally anecdotal, but I live in the largest city in Spain, and even in my residential area (as opposed to the touristy spots) every week I can see ads for \"we buy your house, paid upfront over market value, Chinese investors\". Posters in walls, flyers in windshields and so on. reply JumpCrisscross 18 hours agorootparent> every week I can see ads for \"we buy your house, paid upfront over market value, Chinese investors\" It specifically calls out that they're Chinese? Are you sure this isn't a political stunt? reply rolothrow 12 hours agorootparentYes, it literally says Chinese investor.I guess it's to make the idea of buying immediately a flat with cash sound less shady. I have no idea of the reasoning why specifically Chinese people invest in Spanish real state paying with cash, it's just what I see. >Are you sure this isn't a political stunt? It's our president's whole thing to take measures that sorta move the needle in a good direction but are focused on being good moves politically. My guess is he needs to act against rent prices, he can't go after the big guys (blackrock, etc) for fear of retribution and he can't go after the regular joe that buys a second house as investment. Foreign investors don't vote, so they're the next best option. reply CommanderData 18 hours agorootparentprevThis is excellent, assets like property don't grow on trees and needs to be protected from foreign investors. Absolutely need something like this in the UK. reply throwaway2037 14 hours agorootparentDo you think it is bad when foreign investment corporations buy commercial property? This is very common in London. Or only residential property? And, were you upset when foreign capital (Malaysian, mostly) helped to redevelop Battersea Power Station? reply archsurface 18 hours agorootparentprevThe UK first needs the will to do something. The UK is renowned for shell company purchases and laundering. What is wanted by the little home buyers is very different from what is wanted at the top of the pyramid. As the current uproar about the decades long grooming atrocity has shown the rot runs deep. reply matt-p 18 hours agorootparentprevI think the ship has sailed, but regardless isn't it all meaningless? Surely they can setup a company to get around it, or will be ban all foreign ownership of shares too? reply zdragnar 18 hours agorootparentLand is a public good, insofar as \"buying\" the land still comes with obligations to the state (paying taxes, conforming to building codes and zoning regulation, etc). Just because you \"own\" it doesn't actually mean you can do as you please. Given all of that, it is not unreasonable to limit or outright prohibit foreign ownership of land, or ownership of land by companies which are not majority-locally controlled. reply matt-p 10 hours agorootparentIt's interesting, I just think the second order effects might be a bit scary. Having said that I guess for FDI there's always the option of getting a local company to \"JV\" with like in China. reply Retric 19 hours agoparentprevMeaningful is a weasel word here. Even 0.1% price increase which would be impossible to measure directly still adds up across the entire housing sector. But, equally important is simply the number of natives prevented from buying the home they want because someone is getting a vacation property. reply kasey_junk 18 hours agorootparentBut you also need to measure the dampening impact on home building. If builders would have built N units knowing they could easily sell some % them to foreign buyers but now they can’t, then you might lose the whole supply. And all the knock on effects for contractors, suppliers, etc reply Retric 18 hours agorootparentCities are rarely constrained by the willingness of someone to build housing, it’s generally more an issue of being allowed to build housing. reply crooked-v 18 hours agorootparentFor the most extreme example just look at San Francisco here in the US, where the average number of legally-allowed new housing units is currently around 3.5 total per month (https://sfstandard.com/2024/04/08/san-francisco-new-housing-...) in a city of 873,000 people. reply kasey_junk 18 hours agorootparentprevCities typically don’t have draconian taxes on real estate. reply Retric 5 hours agorootparent~0.1% of real estate. If the major concern is these rules change nothing then that applies to both upsides and downsides. reply aaronblohowiak 18 hours agorootparentprevPedantic nit: dampening is to wet, damping is to subdue oscillations. reply egwor 19 hours agorootparentprevI think I read 20,000,000 need housing and this will impact 20,000 per year so broadly the numbers are inline. reply throwaway2037 14 hours agorootparentHow can 20M be even remotely correct? Spain has a total population of about 48M. reply renewiltord 18 hours agorootparentprevYeah, you have 0.1% of a house, sure. But do that across a thousand houses and you have 100% of the houses. It's that simple. reply Retric 18 hours agorootparent500$ on a 500k house might not seem like a big deal, but I’d still rather have the 500$. reply jopicornell 3 hours agoparentprevIn my hometown, Palma, in Mallorca, I live in a street where 50% of houses are owned by foreign people or investors/airbnb. The neighborhood is not 50% but not that low. The problem? Prices skyrocketed, like a 10x in 10 years (for big houses, small houses 4x). I hear more english/german/sweedish than spanish (or catalan) in my dog walks. Besides economic implications (a lot for local people trying to find places to live), there are cultural/social implications. The neighborhood used to be a community, where people were open to help and share. Now this is changing and evolving into an individualist neighborhood. Our oficial language is being minoritized even more. This doesn't seem like the neighborhood we used to live on. Not everything is economy. The intangible heritage is something we should take care more. reply yeknoda 18 hours agoparentprevDepending on the market, market prices can be decided by a very small number of transactions that set things. Probably true for houses in Spain (limited supply) and foreign wealthy buyers (very high potential demand) reply stavros 19 hours agoparentprevWhat's causing it in the US? reply qball 18 hours agorootparentNew development was made illegal in the places people want to live. It's that simple. Now, you may agree with the given reasons for making that development illegal (and/or very expensive), or you may not, but that is the undeniable end result of those policies. We made that bed, now we lay in it; we could theoretically un-make that bed overnight, but there's serious money (and political power) riding on making sure this problem never goes away. reply Passport4-Lurk 19 hours agorootparentprevIt’s always supply. It’s fair to criticize foreign ownership/hedge funds purchasing homes, but the overwhelming reason is that we are not building enough. reply stavros 19 hours agorootparentSure, but it's one thing to not be building enough for people to live in, and another thing to not be building enough for people to keep empty flats as speculation vehicles. reply gruez 19 hours agorootparentHow many % of flats are empty? At least in the US the hottest housing markets usually have the lowest vacancy rates. This makes sense, because the opportunity costs for leaving a property empty is higher, so owners are more tempted to rent them out. reply jedberg 18 hours agorootparentThe vacancy rates are deceiving though. If you have a place that is owned by someone and they are paying taxes on it, and it's not listed as a rental, it's not considered vacant. In big cities there are definitely homes that are empty and not listed being used as a store of wealth. In fact just within view of my own home are two houses like that. Both owned by foreign families who wanted a safer place to keep their wealth than their own country (China and India respectively). reply cscurmudgeon 18 hours agorootparentSo let the people build enough to make houses being stores of wealth useless rather than engage in more govt control. reply gruez 18 hours agorootparentprev>The vacancy rates are deceiving though. If you have a place that is owned by someone and they are paying taxes on it, and it's not listed as a rental, it's not considered vacant. Why would you lie like that? https://www.census.gov/housing/hvs/definitions.pdf Occupied Housing Units. A housing unit is occupied if a person or group of persons is living in it at the time of the interview or if the occupants are only temporarily absent, as for example, on vacation. The persons living in the unit must consider it their usual place of residence or have no usual place of residence elsewhere. The count of occupied housing units is the same as the count of households Vacant Housing Units. A housing unit is vacant if no one is living in it at the time of the interview, unless its occupants are only temporarily absent. In addition, a vacant unit may be one which is entirely occupied by persons who have a usual residence elsewhere. New units not yet occupied are classified as vacant housing units if construction has reached a point where all exterior windows and doors are installed and final usable floors are in place. Vacant units are excluded if they are exposed to the elements, that is, if the roof, walls, windows, or doors no longer protect the interior from the elements, or if there is positive evidence (such as a sign on the house or block) that the unit is to be demolished or is condemned. Also excluded are quarters being used entirely for nonresidential purposes, such as a store or an office, or quarters used for the storage of business supplies or inventory, machinery, or agricultural products. Vacant sleeping rooms in lodging houses, transient accommodations, barracks, and other quarters not defined as housing units are not included in the statistics in this report. (See section on \"Housing Unit.\") reply jedberg 18 hours agorootparentThat happens once every 10 years. They use tax records and other records to estimate it otherwise. Also people will just not return the form, and once again they have to estimate. And in places that impose a vacancy tax, they have incentive to lie or deceive the housing authority to avoid the tax. And in my neighbors case for example they come by once every few months to pick up mail and probably fill out those types of forms. In reality there are a lot of vacant homes that aren't counted as vacant. reply gruez 18 hours agorootparent>That happens once every 10 years. They use tax records and other records to estimate it otherwise. Good thing we did a census in 2020, and the housing crisis (and associated allegations about absentee owners) far predates that. >Also people will just not return the form, and once again they have to estimate. Apparently they're pretty persistent. If you don't fill out a form you'll eventually get an enumerator that shows up at your door. >And in places that impose a vacancy tax, they have incentive to lie or deceive the housing authority to avoid the tax. The housing authority is independent from the census bureau. Is there any evidence they share data? >And in my neighbors case for example they come by once every few months to pick up mail and probably fill out those types of forms. So they're willing to go out of their way and lie to the federal government in order to maybe move the lower the vacancy rate by 0.00001%, when many (most?) people (as evidenced by this thread) are going off vibes and likely won't care anyways? I didn't know that foreign vacant homeowners had such a tight knit cabal. reply 0_____0 18 hours agorootparentprevI think it's really important to press people on this point, because \"vacant homes as an investment vehicle\" gets trotted out as a thought-killing cliche. Surely there are some pied-a-terre and vacant investment properties, but vacant rental housing in NYC for example was 1.4% in 2023. I'm not sure how they measure this, but even if you doubled the amount of available rental housing, it would still be an insanely hot rental market. Places that have stable or decreasing housing prices (NoLa, Austin) have over 10% of rentals vacant. reply PaulDavisThe1st 18 hours agorootparentprevI still have seen no evidence that VC-backed purchases are having any noticeable impact on the US housing market except possibly in 2 or 3 specific locales (and quite restricted ones at that). So, whatcha got? reply epicureanideal 17 hours agorootparentprevIf they want to pay lots of property taxes and contribute to payments for local infrastructure without actually using it, that’s probably a net good thing, IF there were enough additional homes to go around for others. reply renewiltord 18 hours agorootparentprevWell, the US could build ten thousand Burj Khalifas and the property tax from that would sustain Medicare for All. reply golergka 19 hours agorootparentprevWhen too many flats are used as speculation vehicles, the bubble pops and the problem solves itself. reply epicureanideal 17 hours agorootparentExcept at that point the wealthy homeowners will ask for bailouts. reply CommanderData 18 hours agorootparentprevThe return on property is too good to pass up to an investor. This is a step in the right direction and need something like this in the UK. reply somewhereoutth 18 hours agorootparentprevhowever, like roads, it is entirely possible that building more in desirable neighborhoods simply leads to more wealthy people having more options for which (otherwise empty) residence they choose to spend the weekend at. reply thfuran 19 hours agorootparentprevDecades of public support for treating housing as an investment shaping zoning and other related policies, the relative profitability of constructing budget vs luxury housing, and more recently, inflationary monetary policy, reply seanmcdirmid 18 hours agorootparentprevA housing bust in 2008 washed a lot of capital and talent out of the house construction industry, and the current boom is hard to supply with construction capacity even when there is land to build on. And also, even if the land exists, there is already a SFH on it that needs to be torn down, so we are densifying at a slower rate than we need to. Couple that with an even increasing focus of good job opportunities into a few hot metros, the whole US housing market becomes one hot mess. reply epicureanideal 17 hours agorootparentThere are robotic construction companies like FBR, and plenty of open stretches of land along highway 101, 680, 880, etc. reply seanmcdirmid 11 hours agorootparentThere is a lot of cheap housing in the south and Midwest as well, but it isn’t very relevant since people are picky about where they want to live. reply rvnx 19 hours agorootparentprevIn Canada potentially Chinese immigrants in Vancouver/Toronto, in the US it's an over-generous monetary policy (through low interest rates, especially during COVID) reply ziofill 18 hours agorootparentOne should also add that (at least in Canada) newer buildings are not built for families but for investors. Who needs all of those 30 square meter studios? reply dowager_dan99 18 hours agorootparentprevthey've slashed immigration, so I guess we'll find out. BC is also going to tax any sales after less than 2 years of ownership; I'm doubtful this will increase affordability or supply, but it will essentially kill the economic model of renovation & flipping. reply tandr 17 hours agorootparentI don't think it will kill \"reno and flip\" market. It will become \"reno and rent-to-buy later\", or \"reno, hold and sell\". reply iforgot22 18 hours agorootparentprevSeems Canada has a similar money-printing MO as the US. CAD money supply doubled in the past decade. reply affinepplan 19 hours agorootparentprevin Canada, like in the US, it's a lack of supply mostly because of draconian zoning and land-use policies. Chinese immigrants are NOT the primary cause of housing cost inflation, and are likely not even in the top 10 causes. reply OJFord 19 hours agorootparentI don't know or claim that it's any truer, but I thought the oft-reported reason, for Vancouver/BC especially, was Chinese investment, and explicitly not immigration even, the chief complaint that the growth has been/is expected to be such that they're left unoccupied? reply qball 18 hours agorootparent>for Vancouver/BC especially The ALR bans any and all significant development in BC. Land is not scarce in BC; land that it's legal to build on is. reply OJFord 17 hours agorootparentOk - I'm not Canadian, idk what ALR is - I'm just saying what's disagreed with up-thread isn't what, in my experience, is the common claim (whether it's correct or not). reply qball 17 hours agorootparentThe Agricultural Land Reserve prohibits farmland from being sold for housing development. It's one of the oldest modern NIMBY policies. Most of the land in BC is classified in this way. reply OJFord 16 hours agorootparentWell that's not obviously bad I don't think? If Canadians want to be mad about pro-farm regulation, they should look to dairy; milk tokens, cheese availability, etc. reply _whiteCaps_ 18 hours agorootparentprevThis is my experience. The two houses that I share a backyard fence with are empty. A caretaker comes by once a month to have a look around one of the houses but otherwise they're unoccupied. reply hadlock 18 hours agorootparentprevAre you saying prices didn't go up because of Chinese investors, or Chinese immigrants? I haven't heard anyone discussing immigration as a root cause reply iforgot22 18 hours agorootparentprevSame reason gold increases in $ value just by existing or people passively invest in S&P500. New money is created and it has to settle somewhere. There's plenty of cheap land or land that barely moves in value, but the desirable spots in cities are limited, so that's a natural place to invest. reply epicureanideal 17 hours agorootparentLimited yes, but limited by regulation more than anything else. Within a 30 minute drive of SF there are hundreds of square miles to develop on. Pick a dozen at random and build residential skyscrapers. Problem solved. reply iforgot22 17 hours agorootparentThat's pretty much what they're doing. But the apartment that probably requires driving 30 minutes (or 1.5hr train) to work is worth a lot less than something in SF. Edit: SF itself does have strict zoning. But even if everyone there wanted max density, so they tore everything down and built skyscrapers instead (ignoring the soil problem there), it's a fixed supply of land. reply epicureanideal 17 hours agorootparentYeah I’m seeing some of the development but it’s mostly 5 story rather than 50, and very small total area compared to what would be possible. The apartments are still quite expensive even an hour’s train ride away. reply dataviz1000 18 hours agorootparentprevI wonder if it has something to do with advance economies growing at 1%-2% a year while the least developed countries are growing at 4% - 5%? This would cause the demand for building materials to skyrocket as billions of people can enter the market to purchase lumber, steel, and energy who 10 years ago couldn't. reply bee_rider 19 hours agorootparentprevToo much regulation or greedy landlords depending on your political persuasion. reply WalterBright 18 hours agorootparentThere's never been a time when people were not greedy. The \"suddenly, people started being greedy\" meme doesn't make much sense. reply bee_rider 3 hours agorootparentThe point of the comment was not to present a full description of either position. It was to point out that everybody here is just going to reflexively provide their partisan answers to this question. reply renewiltord 18 hours agorootparentprevNah. There was this time when egg farms got greedy and raised the price. Then they became not greedy again and it's fine. Similar situation with software engineers. They got greedy and salaries went up. When they become less greedy, like rights now, things go down a little. reply bakugo 18 hours agorootparentprevPeople have indeed always been greedy, but the greediest are becoming more wealthy and powerful by the day. reply affinepplan 19 hours agorootparentprevNIMBYism making it extremely difficult and expensive to build supply as is needed. in 1946 the US had a population of 141M and built 700k housing units in 2024 the US had a population of 336M and built 90k housing units reply imperfect_light 18 hours agorootparentWhere are these numbers from? How does 5 million housing units from 2020-2023 (this was published in 2024) translate into \"90K housing units\" >The United States has added almost 5 million housing units since 2020, most heavily in the South and most of them single-family homes, making a housing shortage look conquerable in much of the nation. https://washingtonstatestandard.com/2024/05/16/housing-boom-.... reply LeafItAlone 18 hours agorootparentParent used a single month’s count for the whole year reply glaucon 18 hours agorootparentprev> in 1946 the US had a population of 141M and built 700k housing units I think the year after the second world war ended at which point marriages, and therefore household formation, went to unprecedented levels introduces a lot of noise into that signal reply WalterBright 18 hours agorootparentprev1946 was a special case. It was the start of the baby boom, kicked off by the victorious soldiers returning home and wanting to get on with life. reply LeafItAlone 18 hours agorootparentprev> in 2024 the US had a population of 336M and built 90k housing units That was one month’s worth. There were ~1.5 million built in 2024 in the US. https://www.census.gov/construction/nrc/pdf/newresconst.pdf reply giantg2 18 hours agorootparentprev\"NIMBYism making it extremely difficult and expensive to build supply as is needed.\" Only in some areas. There are other factors affecting how expensive houses are across the country, such as materials/labor, preferences for larger/fancier houses, location preference, and increasingly complex/expensive code. reply MattGaiser 18 hours agorootparent> preferences for larger/fancier houses And more space per person, so older houses now house far fewer than they used to. US has more bedrooms without an occupant than ever. https://www.nytimes.com/2025/01/09/realestate/empty-bedrooms... reply LeafItAlone 18 hours agorootparentI wonder how empty-nesting attributes to this. My parents have 3 empty (really, repurposed) bedrooms in their house now. But downsizing in their area wouldn’t actually help financially, so they don’t. reply giantg2 18 hours agorootparentEmpty-nesting has been a thing for about 2-3 generations. Before that there were often multi-generation homes. But it seems like people didn't really up-size 2-3 generations ago. Many of the great generation were happy to build their 1000sqft Sears house and live there the rest of their lives. The last 1-2 generations seems to be more of a drive for trading up to bigger and better everything. Now we see empty-nesters in 2500sqft houses. I think it's natural to not not want to leave a long-time home, even if it is oversized and only filled on holidays for company or parties. But why do we really need that much space in the first place, seems to be more of the question. reply MattGaiser 18 hours agorootparentprevIn my case, most elderly relatives own their largest homes ever for when kids visit. So many bedrooms have never had a full time occupant. reply iforgot22 18 hours agorootparentprevIdk if the article says this (paywall), but: Home ownership is basically subsidized in the US. So to take full advantage of that, someone may want to buy the most expensive house they can afford in the place they want to live. If it has extra bedrooms, so be it. reply MattGaiser 18 hours agorootparentprevYour 90K number is a monthly number, not annual and only for single family units. https://fred.stlouisfed.org/series/HOUST1F reply iforgot22 18 hours agorootparentIt's also a delta being put alongside the absolute US population reply matt-p 18 hours agoparentprevOf course, it's just more demand, like immigration, aging population and so on. Of course those are a much more difficult target.. reply iforgot22 18 hours agoparentprevEven if it does, I don't see why it really matters. Cost of living has nothing to do with the value of the land you live on. Maybe the real problem is foreign investors leave the property vacant? reply scotty79 18 hours agoparentprevDo you need specific evidence that additional demand causes price increase when the supply is pretty much fixed? reply nsklab 18 hours agoparentprevFor the last years we’ve had 500K immigrants coming every year. That’s what’s causing inflation. reply hjgjhyuhy 18 hours agorootparentPrinting massive amounts of money is what caused the inflation. reply nsklab 18 hours agorootparentI was talking about housing inflation specifically. Housing has increased in price more than the rest of goods plus it’s been increasing in price for a long time, long before covid. Adding millions of people and not building anything makes housing prices skyrocket. One of the two needs to be dealt with and, since immigration also makes salaries plummet for the most vulnerable, why not kill two birds with one stone. reply nozzlegear 19 hours agoprevJust tax land value. reply jedberg 18 hours agoparentHow do you calculate the unimproved land value? This is an interesting question with the fires in LA right now. Is the land still as valuable as it was before the house burned down, minus the rebuild cost of the house? Or is the value intrinsically tied to the community that was there but no longer is? Or is the value actually higher now that a developer can come in and remake an entire neighborhood? reply fastball 18 hours agorootparentI definitely recommend reading Lars Doucet's treatment[1] of this subject. You can skip to section 5 if you want the most direct answer to your question, but the whole thing is worth reading. The short answer is that there are many ways you can assess unimproved land value. The \"Multiple Regression Analysis\" method I think is the most relevant here: you'll see from the linked article a table that includes all sorts of factors related to both aspects you mention: factors of neighborhood/community (some positive, some negative) and factors of potential (some positive, some negative). e.g. there is even a factor of \"Proximity to natural disaster areas\", which would definitely decrease the land value after this LA-area disaster. In this particular case, I would expect that Land Values would go down after the fires, as there are many more factors related to positive neighborhood features (which no longer exist if the neighborhood has burned down) than there are factors related to \"development potential\". Though of course it also matters how you weight these things. Anyway read the article, my summary does not do the subject justice! [1] https://www.gameofrent.com/content/can-land-be-accurately-as... reply x-complexity 18 hours agorootparentprev> How do you calculate the unimproved land value? The first thought that immediately came up for me: - Take the average property value per sqft for each given property - Multiply it by a fixed percentage - Take the (your favorite mean / average type) value per sqft and apply that to the empty lot If that undeveloped land and its surrounding developed areas are controlled by one entity: Recursively expand outwards to factor in the value of the surrounding areas as well. Compared to the methods outlined by fastball's link [0] later in the article, it's much more weighted towards public valuations & has fewer subjective areas, with the cost being that it can be gamed if certain properties were sold cheaply (but then that's an auditing issue). No solution would be a silver bullet, but it's 70% silver, and that's good enough to start from. [0] https://www.gameofrent.com/content/can-land-be-accurately-as... > This is an interesting question with the fires in LA right now. Is the land still as valuable as it was before the house burned down, minus the rebuild cost of the house? Or is the value intrinsically tied to the community that was there but no longer is? IMO, the land value is lowered because of the destruction of the properties built on top of it, on top of the rebuilding costs that will come later. > Or is the value actually higher now that a developer can come in and remake an entire neighborhood? Not until (a) the land is actually developed, or (b) the market reflects that decision back onto the land values for that area. reply adverbly 18 hours agorootparentprevIn situations like this, my assumption would be that it doesn't really get calculated so much as it gets measured... to be kind to victims, you might want to assume it drops for tax purposes temporarily, and then raise the valuation once bids go through and you get some post-fire data points. reply kbelder 18 hours agorootparentOne problem is that the calculated or measured land value will recursively affect the value of the land. reply behnamoh 18 hours agorootparentprevInteresting game theory situation: - if land value depends on the community that was there, then owners would all have incentive to rebuild their burnt down houses to regain the values. - but owners probably realize most owners will sell their property as soon as things are back to normal. that would reduce the value of surrounding houses. - so owners will rebuild as fast as possible, probably cutting lots of corners, just so they won't left behind to sell. - some people start selling their houses but the late comers realize it's not worth it for them to sell it because the value has dropped a lot. so they stay. - the new owners move in to the area and house prices go back up. reply kleinsch 17 hours agorootparentDisagree with logic that most will sell. Many people will incur high tax bills (if the property appreciated) or transaction costs to move. People who bought in the 2010s have mortgage rates that don’t exist anymore. Many had a reason to live in the area to begin with. - Many will rebuild to move back - Some will sell their lots to investors - Some will rebuild using insurance money to flip upon completion reply user_of_the_wek 3 hours agoparentprev- Let the owner pick a land value freely - Calculate land tax based on that - If someone offers the owner more than the value they picked, they have to sell :-P reply adverbly 18 hours agoparentprevThis is they way. This would fix so many things. reply inetknght 17 hours agoparentprev> Just tax land value. Another great way to kick out the undesirables^H^H^H^H^H^H^H^H^H^H^H^Hpoor! reply nozzlegear 16 hours agorootparentThat's valid criticism, it can certainly lead to that if implemented poorly. However, two of the goals of taxing land value are A) increasing the supply of housing and B) discouraging speculative land hoarding — one of the major drivers behind unaffordable housing. reply throaway2501 18 hours agoprevCanada should follow suit reply swat535 5 hours agoparentThey did but they left so many loopholes that was it was basically pointless. Foreigners simply started making an incorporation or using any of the quick \"PR\" schemes to be able to purchase a property. Many people will even pool money from the multiple families if need be to purchase residence and then renting it to Canadian citizens for profit or putting on AirBnb. reply switchbak 18 hours agoparentprevBC has already implemented actions to limit foreign ownership without them actively living in the residence. Probably more to be done though, but one needs to be careful about unintended consequences. reply duxup 17 hours agorootparent>without them actively living in the residence This seems like it would be a bit of a difficult thing to police as far as foreigners goes. reply throaway2501 17 hours agorootparentan “unintended” consequence reply throaway2501 18 hours agorootparentprevlike house prices falling to affordable levels? reply bluGill 17 hours agorootparentThat is the intended and predicted concequence. unintended is things you didn't think of and they can take a long time to appear. reply throaway2501 17 hours agorootparentas a canadian, i’m willing to take the chance (s) reply whatever1 16 hours agoprevEnforce taxes for non occupancy instead. Like €1000 per day that a property is not occupied. Currently the excepted cash flow of buying some property and locking it empty is positive. We need to make it VERY negative. reply philjw 8 hours agoprevGood - even as EU citizen from a \"wealthier\" country who also considered buying an apartment in Spain I felt put off by the sheer amount of non-EU citizens taking the easy and cheap route out, coming over to sunny, walkable and high quality of life Spain with good public health system and showing their excitement about the \"low prices\" - which aren't even that low by EU means, at least for locals working local jobs. A friend advised me last March to \"buy an apartment before the flood / US election\" - but no, I'm not buying into the hype. Fix your political issues overseas or be welcome by paying a fair premium adjusted to the higher income and earn respect by becoming part of the community / learning some Spanish. There needs to be some entry barrier / incentive / application process. In general I can understand why the Spaniards resist. Of course debatable whether it should be all non-EU or simply a list of significantly wealthier countries / countries with high wealth gap and oligarch investors that pay the higher entrance fee. reply nayuki 18 hours agoprevThat's essentially an export tariff. reply Terr_ 18 hours agoparentPerhaps if they were mobile homes. :p The comparison breaks down a little further with cases where the foreign owners just rent the home out. reply gruez 18 hours agorootparent>Perhaps if they were mobile homes. :p Tourism counts as an \"export\" even though everything stays within the country's borders. >The comparison breaks down a little further with cases where the foreign owners just rent the home out. So... an investment tax? reply Terr_ 14 hours agorootparentHmmmm, kinda? AFAIK usually an investment tax is on gains, so \"you must pay X% when purchasing an the capital\" tax seems pretty unusual, or perhaps it exists under some other term. It's not quite a usual sumptuary tax either... I'm assuming it's more about ownership than usage, since it doesn't hit local landlords, and there are already visa/immigration systems if it were a matter of people-movement. reply bborud 19 hours agoprevWould it work or would it just make things worse? reply ilya_m 18 hours agoparentEasy! It won't work and it would make things worse. reply bborud 9 hours agorootparentI was hoping for someone to share a bit of insight on why they think so. (I too suspect it will not achieve the desired outcome, but I had hoped someone could shed some light on the particular conditions in Spain rather some default answer) reply krupan 18 hours agoparentprevIt will make things worse reply saguntum 14 hours agoprevThe English language reporting on this reform proposal is not comprehensive. Here's an article on it by one of the national papers of record, El País: https://elpais.com/espana/2025-01-13/sanchez-anuncia-una-int... Some interesting tidbits from the article: - Some local governments, which are run by a party opposed to the governing national party, oppose the existing laws regarding price regulation and refuse to enforce price caps. This is possible because Spain has a lot of power devolved to local governments. The proposal attempts to side-step local governments by giving property owners a 100% income tax rebate if they abide by national price regulations for their properties. It essentially incentivizes individuals to enforce what regional governments are supposed to be implementing. - Spain's public housing inventory is low compared to other European counterparts - Spain's at 2.5%, France at 14%, Netherlands at 34%. - There are some comparisons to the construction rates during the 2000s housing bubble and how the inventory has shifted between single and multi family dwellings. - The measures include plans to promote prefabricated/modular housing as it is much cheaper to produce at scale. Sidestepping uncooperative local governments is an interesting technique given their devolved system of government. I would also be curious to see how prefab/modular housing measures develop. If they are combining some old school \"price cap / limit foreign investment\" strategy with a pro manufactured housing YIMBYism, that would be kind of unique. From my quick scan of the article, the 100% tax on non-EU residents isn't even reported on. The reform is much more comprehensive and, in my mind, likely to get passed in some form even if the 100% tax gets cut from the final bill. There are also some less than factual opinion statements like this dropped in the Guardian's article: > Given his government’s longstanding struggles to pass legislation, one analyst suggested to the Financial Times that the government’s aim was to deter foreign property investors by creating “uncertainty and noise” with a proposal that has slim chances of becoming law. IMO this is under-selling the current president's political survivability, regardless of what you think of him or his policies. He is currently in power because he convinced a separatist Catalonian party whose leader is exiled from the country to join his coalition. I'd rather not get into it on HN, but read about his tenure for yourself. The Guardian's article is not a good enough summary of what is being proposed and is not giving thorough enough context. reply alecco 9 hours agoparent> one of the national papers of record, El País El País has basically become the socialist government's PR department. reply kjsingh 19 hours agoprevwhat about corporate ownership? reply inetknght 17 hours agoparent> what about corporate ownership? Homes, and real estate in general, should not be an investment vehicle. Screw those corporations. reply WalterBright 18 hours agoparentprevIn order to justify a corporate purchase, there needs to be a return on investment. A vacant property is not that. reply jfghi 18 hours agorootparentI disagree. The large corporations in total own hundreds of thousands of homes in their portfolios. The value of renting or selling can be boosted significantly by introducing scarcity on the margins between supply and demand. A vacancy of a small percentage of the portfolio can ensure the rest of the portfolio is worth much more. To elaborate a little further, it’s not necessarily the act of having it sit empty but rather keeping the pricing high regardless of whether the property stays empty. That becoming industry standard becomes a recipe for prices spiraling out of control, at least for a bit of time. reply WalterBright 11 hours agorootparentPricing high just means opportunities for others to undercut it and snatch away the business. Check out those owners of vacant office buildings lately. Oops. reply WeylandYutani 18 hours agoprevAverage house price in Netherlands is 500k. If you offload your house to the next sucker you can still outbid most people when you move to Spain as a pensionado. reply somewhereoutth 19 hours agoprevAnother (better?) target should be homes used for short term let - i.e AirBnB etc. Homes have such extreme valuations because of the underlying cash flow (or 'rent' in its most abstract sense). Without tourists willing to pay many multiples of what they'd pay at home for accommodation, that cash flow wouldn't be there. reply icegreentea2 18 hours agoparentThe article says they are also targeting tourist rentals. reply switch007 18 hours agoprevAh yes the playbook to distract from immigration, and lack of house building, ie the policies designed to increase house prices reply desireco42 18 hours agoprevThis is equivalent from seizing the properties... I can't imagine this or something similar working well for Spain at all. It will just kill inflow of capital and they will alienate anyone willing to work with them. Advantage of Spain is that it has good climate, prices are not high and it is lawful country. As soon as you trip this last one, it is the same like some 3rd world country. reply golergka 19 hours agoprev [–] I want to make sure I understand this correctly. If you bought a house a few years ago, Spain will effectively rob you of it now? Or will it only apply to new purchases, so you'll have to pay x2 market value if you want to buy one? If it's the former, than even flaunting such a plan is a complete catastrophe for any foreign investment in Spain from now on. But if it's the latter, it'll just bring to life a whole industry of middle-men, which will use their EU residency to buy property in their name to be used by other people. Both ways, it's yet another attempt to force a market to do something that will lead to either disastrous, or just bad results. reply alexanderchr 18 hours agoparentWhat make you think it would apply retroactively? Taxes rarely do, I can’t even think of a single example (but would be happy to learn about one). Putting someone else’s name on the deed is a very bad idea for several reasons. I really can’t imagine anyone doing that, unless it’s a trusted family member or something like that. reply jandrewrogers 18 hours agorootparentCalifornia is notorious for implementing retroactive taxes, having done it multiple times. I can't think of an example from another jurisdiction though. reply gruez 18 hours agoparentprev>If it's the former, than even flaunting such a plan is a complete catastrophe for any foreign investment in Spain from now on. There's investments that don't involve real estate. Moreover, property isn't a productive asset, so discouraging investment into that is arguably a good thing. Investing money into a factory means you get more stuff produced. Investing money into property just... sits there. reply WalterBright 18 hours agorootparent> property isn't a productive asset It is when you rent it out. reply iforgot22 17 hours agorootparentIn theory, the market should push owners to rent when prices stabilize. Eventually. In the meantime, it's possible that some foreign investors don't care too much about the opportunity cost. I think some kind of vacancy tax is the only good way to fix this if it's a real problem. reply WalterBright 11 hours agorootparentVacant property is quite a drain on one's pocketbook. Try it some time. When I move and sell the old house, I underprice it to sell it as fast as possible. The other sellers do not seem to understand the time value of money, the maintenance cost, the taxes, the vandalism, and the squatter risk. Oh, and your insurance goes up if the house is vacant. And never mind having $800,000 or so tied up as a millstone around your neck when you could be investing it in stocks. reply iforgot22 1 hour agorootparentGenerally yeah, but idk what it's like in Spain. If the gains are huge or the renters' protections are nuts, it could theoretically make sense to keep vacant. If there isn't high vacancy in Spain, this is moot reply yoyohello13 18 hours agorootparentprevLiteral rent seeking behavior from foreign investors. reply PaulDavisThe1st 18 hours agoparentprev> a complete catastrophe for any foreign investment in Spain from now on No doubt because a) all foreign investment always comes with individuals from the investment source purchasing homes in the investment target country b) Germany is no longer foreign when it comes to Spain, so any money invested by Germany would not count as \"foreign investment\" Am I right? reply jterrys 18 hours agoparentprevHousing prices in spain and portugal are booming to astronomical degrees mainly because of china. This bill is specifically targeted to stop that without explicitly calling out china. Middlemen cost money, making it more expensive to buy houses, which serves the purpose to restrict the market outside of non-eu residents. What's going to realistically happen is foreign investors will claim quick citizenship in a relatively poor and more corrupt eu member state and then buy the property. reply egwor 18 hours agoparentprev [–] believe it is new purchases reply GuidelinesFAQListsAPISecurityLegalApply to YCContact Search:", + "originSummary": [ + "Spain is considering a 100% tax on real estate purchases by non-EU residents, aiming to address the housing crisis and curb speculative buying.", + "Prime Minister Pedro Sánchez's proposal includes expanding social housing and regulating tourist rentals to tackle the disparity between housing prices and incomes.", + "The proposal's future as law is uncertain, with some analysts viewing it as a deterrent to foreign investors rather than a guaranteed legislative change." + ], + "commentSummary": [ + "Spain is considering a 100% tax on homes purchased by non-EU residents to tackle housing affordability problems. - Critics suggest that foreign buyers are not the primary cause of high housing prices, citing slow bureaucracy and zoning laws as more significant factors. - The proposal has ignited a debate on the role of foreign ownership in housing markets and its effectiveness in resolving affordability issues." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple will soon receive 'made in America' chips from TSMC's Arizona fab", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "Tech Industry Apple will soon receive ‘made in America’ chips from TSMC's Arizona fab — company in final stages of quality verification News By Jowi Morales published 5 hours ago Mass production could begin as soon as Q1. Comments (5) When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. (Image credit: Getty Images) Apple is already testing the initial batch of processors produced for its devices by TSMC Arizona, reports Nikkei Asia. To begin with, the tests intend to compare the Arizona output to see if the quality is similar to chips produced in TSMC’s cutting-edge fabs in Taiwan. If the chip quality verification testing does not encounter any hiccups, the source says that the first batch of mass-produced chips from the Arizona fab is expected to arrive at iDevice makers as early as this quarter. If this is the case, Apple will likely be TSMC’s first American customer to use locally made chips. AMD and Nvidia will likely follow suit soon, as they’re also running wafer test production there. The entry of locally produced chips in the American market is a big win for the United States’ push for silicon independence, especially as it massively relies on Taiwan for the majority of its most advanced chips. Taiwan is located in a high-risk location, with the belligerent CCP-controlled China having the island in its sights. The island is also prone to natural disasters, which can disrupt semiconductor production and result in supply crunch situations. However, even if Apple gives the go signal to TSMC and the latter starts making chips in Arizona, the processors still need to be shipped back to Amkor in Taiwan for packaging until TSMC completes its facility in Peoria, Arizona. But whatever the case, this is a significant push in the right direction for the U.S., especially as the Arizona fab has been delayed for about a year due to various issues. Aside from TSMC and Amkor, other suppliers to these companies, like LCY Chemical, are also setting up in Arizona. That way, they could stay near their client and simplify logistics. Despite importing about half of its employees from Taiwan, it seems that the common American is also slowly benefitting from TSMC’s presence in Arizona, especially as it’s reported that the company has started aggressive recruitment from American universities. It has also partnered with the Arizona State University for workforce development and research, helping drive American innovation. After what seems to be its initial success with Apple, the Arizona fab is expected to output chips using more advanced technology. TSMC will produce 3nm chips in the U.S., and Taiwan has already given TSMC the go-signal to manufacture 2nm chips abroad. With the CHIPS and Science Act now bearing fruit, the U.S. could once again appear on the semiconductor production world map and give it more stability in its silicon supply chain. Stay On the Cutting Edge: Get the Tom's Hardware Newsletter Get Tom's Hardware's best news and in-depth reviews, straight to your inbox. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. SEE ALL COMMENTS (5) Jowi Morales Contributing Writer Jowi Morales is a tech enthusiast with years of experience working in the industry. He’s been writing with several tech publications since 2021, where he’s been interested in tech hardware and consumer electronics. MORE ABOUT TECH INDUSTRY Taiwanese govt clears TSMC to make 2nm chips abroad — country lowers its 'Silicon Shield' Lenovo led global PC shipment in 2024 with 61.8 million units — Apple is gaining PC market share with a 17.3% growth LATEST Doom ported to run directly from a PDF file — DoomPDF port runs at approximately 12.5 FPS SEE MORE LATEST ► 5 Comments Comment from the forums hotaru251 so can we expect the price of devices to go higher as iirc TSMC stated at start the price will be higher for the chips made at the factory and companies rarely foot that increase themself.. Reply helper800 These would not be \"Made in America\" chips, they are \"Assembled in America.\" Reply TheSecondPower Doesn't Apple still build their computers in the CCP-controlled West Taiwan? So the chips will ship from the US to Taiwan for packaging, then to China for installation in a device, then back to the US for sale. Reply Gururu This is awesome! Reply phead128 TheSecondPower said: Doesn't Apple still build their computers in the CCP-controlled West Taiwan? So the chips will ship from the US to Taiwan for packaging, then to China for installation in a device, then back to the US for sale. It's only a fraction of TSMC's capacity. The actual amount to meaningfully on-shore is in hundreds of billions of investment, so it's more of a symbolic on-shoring than any true resilience in supply chain. Reply VIEW ALL 5 COMMENTS Show more comments", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "Apple will soon receive 'made in America' chips from TSMC's Arizona fab (tomshardware.com)156 points by rbanffy 2 hours agohidepastfavorite68 comments digdigdag 32 minutes ago- Over 50% of the workers flew in from Taiwan to work on this plant and make these chips. - The chips still need to fly back to Taiwan to be packaged as there are no facilities here with such a capability. Made in america is a hard sell. But at least showing the glaring STEM field gap in the U.S. is a start to finally addressing the brain drain. reply Xeronate 25 minutes agoparentI read the main problem with hiring chip factory workers in Arizona was the factory just didnt pay enough for the long hours demanded. I looked up the median salary and its only 50k so I'm assuming it's not crazy skilled labor (e.g. brain drain). Taiwanese workers just seem more willing to do it. reply rkagerer 7 minutes agorootparent...just seem more willing to do it That's why manufacturing offshored in the first place, companies feel they're receiving better value for money on wages elsewhere for this kind of work (and these days not to mention more & larger facilities, proximity to component sources, and a strong ecosystem of supporting and complimentary facilities). reply epicureanideal 25 minutes agoparentprev> STEM field gap STEM salary gap I suspect the Taiwan workers have on average much lower salaries. reply lysace 23 minutes agorootparentYes, roughly speaking 1:4 compared to California. reply coliveira 8 minutes agorootparentSuch a great victory for American industry... the future is to bring workers from Taiwan with skills and willingness to receive a fraction of US salaries. reply Cumpiler69 2 minutes agorootparentWhat are your realistic options? Say TSMC pays supper competitive US salaries for US-only labor, labor cost which is making the end product more expensive which makes that fab uncompetitive globally and Apple buying from someone else and TSMC leaving the US. You can't compete with lower-wage countries in a globalized world with no trade barriers and no tariffs, when Apple wants higher profits and consumers lower prices. bee_rider 14 minutes agoparentprevAlso a lot of US STEM grads have their skills wasted in unproductive fields, like the ad business. reply alt227 0 minutes agoparentprevcan you really say the chip was made in America when it is only the die wafer which was made there and the rest was made and assembled in Taiwan? reply isodev 5 minutes agoparentprev> The chips still need to fly back to Taiwan The planet burned, but at least we made a few chips in America. reply fooblaster 1 minute agorootparentyou can fly a few hundred million dollars worth of chips in a single flight. You need not be concerned. The impact from temu shipments is several orders of magnitude higher. reply caycep 30 minutes agoparentprevisn't packaging tech mostly from american companies like applied mat/lam research? or am I missing something? reply ge96 26 minutes agoparentprevbrain drain from where? thought a problem is influx of workers into us although more for software not sure of chip tech reply duxup 24 minutes agoprevSeems like this is actually happening. I saw so many predictions of how this couldn't happen and \"yeah but\" ... but it seems to be happening for the most part. reply ashoeafoot 28 minutes agoprevTaiwan exodus in 3..2..1 reply bitsage 1 hour agoprevFunny enough, Fab 21 was announced in May 2020 and completed construction in July 2022, a month before the Chips Act was signed. reply mywittyname 25 minutes agoparentThe announcement of this plant coincided with the announcement of the Endless Frontier Act and CHIPS for America act, which is what eventually became the bill we call CHIPS and Science Act. This plant was the foundation that the CHIPS act was built upon. The Secretary of State had to secure an agreement with TSMC to build this fab before the bills could be drafted, as a lot of the recipients of the funding are suppliers for this plant. It is completely truthful to assert that this is the result of the CHIPS act. Congress agreed to introduce the bills as a result of TSMC's agreement to build the fab in Arizona. If you have to avoid giving Biden credit, then you can point out that it was Trump's SoS who negotiated this original agreement. reply j_walter 40 minutes agoparentprevWhat makes you think construction was completed in July 2022? The shell of Phase 1 may have been completed, but even now the construction continues in Phase 1B and Phase 2. reply lysace 55 minutes agoprevMade using which process? The article doesn't mention this. https://www.tsmc.com/english/dedicatedFoundry/technology/log... reply entropicdrifter 47 minutes agoparentThe smallest process they've got up and running right now is 4nm, last I checked reply drexlspivey 28 minutes agorootparentSo which device will these be for then? I thought Apple stuff are always on the cutting edge node. reply kcb 9 minutes agorootparentApple still produces older generation devices long after the latest ones are released. That's their whole strategy to address the lower end market. reply alt227 3 minutes agorootparentpreviPhone SE reply dietr1ch 43 minutes agorootparentprevAs an outsider that means somewhere in 2nm-10nm as everyone measures different things or have awfully off-standard rulers. reply ant6n 38 minutes agorootparentI’d say it means TSMC 4nm. reply choilive 47 minutes agoparentprev4nm reply lysace 45 minutes agorootparentI thought Taiwan prohibited export of this kind of know-how? What did I miss? reply j_walter 42 minutes agorootparentThey have adopted a n-2 type of rule for advanaced tech...but as of yesterday they seem to have relaxed this rule and approved transfer of 2nm from Taiwan fabs to the AZ fab at some point in the near future. https://www.extremetech.com/computing/tsmc-cleared-for-2nm-p... reply zanderwohl 33 minutes agorootparentAdvanced lithography is like if a mystery cult were real: Secret knowledge only understood by the most learned initiates, tightly-guarded process, etching symbols that do things... reply lysace 0 minutes agorootparentSadly true. Even more depressing: it's like a very complicated baking recipe arrived at by tweaking parameters over and over a again. There is no understanding... just a gian list of baking paramaters that seem to work, sometimes. lysace 29 minutes agorootparentprevI'd be extremely surprised if Apple is now able to source CPUs for current-gen high-end iPhones from a US fab. 2 gens ago, sure. reply andy_ppp 37 minutes agorootparentprevWow I did not know this and it is fantastic news, surprised Taiwan allowed this as they see chips as being the most important reason America would intervene if they were invaded. reply DennisP 26 minutes agorootparentIn case of invasion, it's not that unlikely that the fabs in Taiwan get destroyed, or at least lose the ability to keep making and selling chips while the conflict is hot. In that case TSMC and Taiwan might prefer having a backup. As long as the US doesn't confiscate the Arizona fab, effectively siding with China, Taiwan would arguably have more leverage by still having something of immense strategic value to trade. reply whimsicalism 34 minutes agorootparentprevI'm a China dove and I'd favor full-throated defense of Taiwan in any invasion (much more so than Ukraine) regardless of chips. reply d3ckard 23 minutes agorootparentI don’t disagree with the core premise, but why much more than Ukraine? reply mdavidn 41 minutes agorootparentprevASML, a Dutch firm, sells photolithography equipment to TSMC. reply xattt 24 minutes agoprevIs this the first “Made in USA” chip in Apple devices since the Fishkill PPC 970? reply triactual 11 minutes agoparentWeren’t the Intel CPUs made in the US? reply datadrivenangel 1 hour agoprevThese chips are still sent to Taiwan for packing, so it's a good step but not a complete step. reply dgfitz 1 hour agoparentUntil 2027, yes. https://www.tomshardware.com/pc-components/gpus/tsmc-is-repo... \"TSMC does not have an advanced packaging facility in the U.S., and its partner Amkor will only start packaging chips in Arizona in 2027. As a result, Blackwell AI silicon produced in Arizona will need to be shipped back to Taiwan for final assembly, as all of TSMC's CoWoS packaging capacity remains in Taiwan.\" reply ttul 36 minutes agorootparentGiven that there may be a 25% chance that China invades Taiwan by 2030, having the ability to package SOTA chips in the US by 2027 seems \"soon enough\". reply ponty_rick 1 minute agorootparentWould be interesting if China uses drones with technology from Taiwan to invade Taiwan. reply risho 12 minutes agorootparentprevwhere did you get that number from reply xeromal 7 minutes agorootparentThere's a window where China will have it max capability to invade for the next few years. After that their population is going to start shrinking and every year will be harder than the next to invade. reply hollow-moe 1 hour agoparentprevwhat is involved in the packaging process ? I believe they don't ship fully assembled chips to Taiwan only to be put in a pretty box ? reply mechagodzilla 51 minutes agorootparent\"Packaging\" in this context means taking the wafer of compute die (made in Arizona), dicing it up into individual die, mounting it onto a silicon interposer (an even bigger die, no idea where that's made, but probably taiwan) along with a bunch of HBM die, then mounting that Si interposer on a somewhat larger, very fine-pitched circuit board ('substrate') that is essentially a breakout for power and high-speed I/O from the compute die. That thing is the packaged 'CoWoS' system, where CoWoS==Chip-on-wafer-on-substrate, that eventually gets attached to a 'normal' PCB. reply eric-hu 17 minutes agorootparentThis sounds like a complex procedure. Are there currently alternative packaging facilities that could do this work, if Taiwan were locked into kinetic war? reply SSilver2k2 54 minutes agorootparentprevI'm making an educated guess but probably the cutting of chips from the wafers, placing them into the appropriate ceramic socket types (DIP, BFGA, SMD etc), soldering the line wires from chip to pin, encasing the chip, etc. reply a1o 37 minutes agorootparent> DIP I am happily imagining opening a recent Apple device and seeing 74 gates with through holes in green PCBs, with an Apple logo made in soldering lead marking in the corner of the board. reply jsheard 56 minutes agorootparentprevI believe packaging in this context means taking the raw silicon dies and assembling them into a package which can be soldered onto a PCB (or put in a socket, but Apple doesn't socket anything). reply virexene 51 minutes agorootparentprevI think \"packaging\" here refers to the process of putting the silicon die in its plastic casing and connecting the die's pad to the case's pins, see https://en.wikipedia.org/wiki/Integrated_circuit_packaging reply j_walter 38 minutes agorootparentprevhttps://www.youtube.com/watch?v=-egYoxajTz0 reply Detrytus 10 minutes agorootparentprevBelieve it or not, sending them overseas just to be put in a box actually can be cost-effective. Like with those pears: \"grown in Argentina, packaged in Thailand, sold in UK\" https://www.birminghamfoodcouncil.org/2022/01/16/part-i-pear... reply m348e912 1 hour agoparentprevHow does this make any financial sense? reply snakeyjake 55 minutes agorootparentThe machines and processes needed to package the individual integrated circuits are fantastically expensive but the margins are so low in that step that it's only profitable at massive scales. So you put the fantastically expensive machines near where most of the customers are and most of the customers are in Asia. Works the same way with fiber optic cables. Making the long skinny bits is hard and high-margin. Actually turning them into cables is easy and low-margin. So Corning makes huge spools of fiber optic cable in Arizona, North Carolina, and New York (I think) and ships it off to Taiwan and China where it is made into the cables that you plug into stuff. reply arcticbull 1 hour agorootparentprevMarine shipping is just about the most fuel efficient way of moving things between any two places, by a lot. A 100,000 dwt ship can get 1050 miles per gallon per ton of cargo. It takes about a teaspoon full of fuel to move an iPhone sized device across the pacific when I ran the numbers last. reply umanwizard 39 minutes agorootparentTo ship things to/from these fabs by sea you have to add the cost of shipping by truck between Phoenix and (presumably) LA. Not sure how big of a difference that makes. reply ponty_rick 0 minutes agorootparentTrains are pretty efficient as well. kstrauser 22 minutes agorootparentprevA semi truck carries +- 15 tons of cargo and gets an average of about 6 MPG, so about 90 MPG/ton. reply nine_k 27 minutes agorootparentprevChips are small, so one truck once a few days may suffice. reply Vt71fcAqt7 45 minutes agorootparentprevInteresting. Could you give a brief description of how you got that number? Eg. what factors were considered. reply eric-hu 21 minutes agorootparentThose numbers match what comes up with a quick search: https://www.extension.iastate.edu/grain/topics/EstimatesofTo... That study uses 1,043.4 mpg for the fuel economy of a 100,000 dwt ship. Videos of transportation ship engines are cool. Each cylinder is wide enough for a person to lay down inside it. https://youtu.be/G0eMyA388bE reply _aavaa_ 1 hour agorootparentprevThis is how most modern supply chains look like. Plus, chips are small in size and cost a lot so you can fit a lot in a container. Per unit shipping costs probably come out to be pretty low. Especially when compared to the political costs and risks associated with not onshoring. reply fblp 55 minutes agorootparentprevI'm suprised they can't ship (flat) packaging that could be used in Arizona with a simple assembly line. If they had that packaging design then for this to make financial sense the two way shipping (and loading, unloading, custom clearance etc) would have to be less than shipping the packaging, the setup cost per unit cost of putting the chip in a box reply krisoft 39 minutes agorootparentWait, wait. In the context of semiconductor manufacturing packaging does not mean what you think it means. It is not putting the product in a paper box. It is about cutting the wafer into individual chips, wire bonding the silicone to pins, and covering the whole thing with epoxy. Here is a video which explains it better: https://www.youtube.com/watch?v=7gg2eVVayA4 It would be indeed crazy if they would ship the ready chips to Taiwan just to be put in a paper box. basically the input of the process is a wafer which looks like this: https://waferpro.com/wp-content/uploads/2016/08/Patterned-Lo... And the output of the process is something which looks like this: https://res.cloudinary.com/rsc/image/upload/b_rgb:FFFFFF,c_p... reply zeusk 31 minutes agorootparentThe packaging in this context is not wire bonding but CoWoS - chip-wafer and wafer-wafer bonding. reply j_walter 38 minutes agorootparentprevYou seem to be confusing the term packaging...it is not the box, it is how the chips are assembled together to make the final product. https://www.youtube.com/watch?v=-egYoxajTz0 reply hettygreen 9 minutes agoprev [–] with required NSA backdoor of course. reply GuidelinesFAQListsAPISecurityLegalApply to YCContact Search:", + "originSummary": [ + "Apple is testing processors from TSMC's Arizona facility, with plans for mass production by the first quarter, potentially becoming TSMC's first U.S. customer for locally manufactured chips. - This initiative aims to bolster U.S. silicon independence, reducing dependency on Taiwan, which is vulnerable to geopolitical and natural risks. - TSMC's Arizona fab is set to produce advanced 3nm and 2nm chips, with ongoing efforts to enhance local recruitment and partnerships with U.S. universities, although packaging will initially occur in Taiwan until the Peoria facility is operational." + ], + "commentSummary": [ + "Apple will receive chips from TSMC's Arizona plant, but they need to be sent back to Taiwan for packaging due to insufficient U.S. facilities. - Over 50% of the workforce at the Arizona plant is from Taiwan, indicating a gap in the U.S. STEM (Science, Technology, Engineering, and Mathematics) field. - The CHIPS Act initiative, aimed at enhancing U.S. semiconductor manufacturing, faces challenges as the \"Made in America\" label is questioned due to the packaging process occurring in Taiwan, with plans for U.S. packaging capabilities by 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43K fewer drivers on Manhattan roads after congestion pricing turned on", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "A non-profit newsroom, powered by WNYC. Listen Live Donate NEWS 43K fewer drivers on Manhattan roads after congestion pricing turned on, MTA says Selcuk Acar/Anadolu via Getty Images By Ramsey Khalifeh Published Jan 13, 2025 Share We rely on your support to make local news available to all Make your contribution now and help Gothamist thrive in 2025. Donate today Gothamist is funded by sponsors and member donations The launch of congestion pricing led to some 43,000 fewer drivers on average entering Manhattan below 60th Street each weekday last week than would be typical for that time of January, according to data released by the MTA on Monday. The data comes just over a week after the tolls went live. The decline in traffic only amounts to a 7.5% reduction compared to projections based on Januarys from the last few years, before congestion pricing was activated. Under the projections, an average of 583,000 drivers would enter the toll zone each day. But such a reduction, many people in Manhattan have observed, can be the difference between flowing traffic and gridlock. “It has been a very good week here in New York,” MTA deputy chief Juliette Michaelson said at a news conference. She cautioned that congestion pricing had only been in effect for eight days and that traffic patterns could change. Traffic times on all inbound crossings — like the Williamsburg Bridge and the Holland Tunnel — have decreased between 30% to 40% on average, particularly during the morning commute, according to the MTA’s data. Bus speeds also increased after the tolls were turned on. The Manhattan-bound B39 bus, which crosses the Williamsburg Bridge, ran 28% faster compared to a similar January week last year. Other buses like the SIM24 and and the M50 saw increases in speeds, as well. As for ridership on the MTA’s buses, Michaelson said that some express buses including the BM1, QM16, BM4 and SIM9 saw higher than average ridership growth last week, but did not specify by how much. The same data shows that speeds traveling north and south on avenues in the toll zone south of 60th Street didn’t change significantly. The MTA turned on the toll cameras on Jan. 5, charging most drivers a daytime $9 fee to enter the zone. The MTA is using the revenue from the congestion pricing tolls to issue a $15 billion bond to buy new train cars, install accessible elevators at subway stations across the city and other transit infrastructure improvements. Michaelson said the MTA has not looked at the total revenue generated from the tolls in the first week of the program. The MTA estimates it can collect $500 million through congestion pricing every year. Congressional Republicans from New York have vowed to kill the tolls and said they have President-elect Donald Trump’s support. But transit advocates said the first week of data showed congestion pricing is working. \"Drivers are saving tons of time. Buses are finally speeding up, especially express buses full of long distance commuters from across New York and New Jersey,” Riders Alliance spokesperson Danny Pearlstein wrote in a statement. \"With such immediate success, politicians trying to end the program for personal gain must tell us why they want to lengthen millions of commutes, block tens of thousands of infrastructure jobs, and cut home values throughout the city and suburbs.\" Stephen Nessen contributed reporting. Tagged MANHATTAN TRANSPORTATION Ramsey Khalifeh Ramsey Khalifeh is a transportation reporter on the NYC Accountability desk covering the largest transit system in the country. He was previously a general assignment reporter at Gothamist and worked on the Boston Globe's metro and copy desk. Got a tip? Email rkhalifeh@nypublicradio.org Read more Gothamist is funded by sponsors and member donations MORE NEWS", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "43K fewer drivers on Manhattan roads after congestion pricing turned on (gothamist.com)154 points by pseudolus 16 hours agohidepastfavorite199 comments jmward01 16 hours agoRoads in cities are such a waste of space. A long time ago I did a quick survey of SF and found something like 20% of the land was dedicated to cars. Some articles from people here that talk about this [1] [2] [3]. That is the most subsidized land on the planet but people don't think of it that way. They think roads are free so any tax to use them is wrong. That space could be helping out the city in so many ways but instead it is just ugly pavement. Yes we need some roads, but cars driving in the heart of downtown as normal transit? It boggles my mind how dumb that is. Raise this tax until basically nobody is using the roads then rip most of them up except maintenance corridors and put that land to use. [1] https://www.sfmta.com/press-releases/sfmta-completes-citywid... [2]https://thehill.com/changing-america/resilience/smart-cities... [3] https://sf.streetsblog.org/2014/11/03/study-quantifies-how-u... reply vlovich123 15 hours agoparentYou’re not incorrect per se, but it’s important to note that deliveries into downtown would be important for it to be a thriving destination for shopping, residential or business. Not to mention space for heavy equipment to come in to do repairs and construction. Minimal maintenance corridors may not be enough. You also need public transit options into it as well as transportation solutions for “out of towners” who descend onto downtown for some event (eg public parking lots outside the city that has public transit to the event). It can be an easier and more politically popular idea to just use streets to solve this problem at the individual level even if less efficient rather than requiring efficient central management planning by the government. And just to be clear, I’m a fan of the changes SF is making, just highlighting some of the challenges, not to mention that SF isn’t going quite so far as to rip up existing streets with the exception of the latest vote where the entire city basically voted against the will of the outer sunset to convert the highway to a park and not just closed on the weekends as it’s been since COVID (increasing maintenance costs due to erosion are another huge reason it’s a good idea). reply wongarsu 15 hours agorootparentIn any city that isn't hopelessly car-dependent there is some kind of rail to bring in commuters. A subway, tram, light rail, passenger rail, often a combination of all of them. Once you have a stable system to bring in commuters, adding a couple parking lots to stops on the outskirts for \"out of towners\" is pretty easy. The rest is just about not removing all the streets. You also need enough roads for emergency vehicles. But simple two-lane roads for arteries and one-lane roads everywhere else are enough for deliveries, maintenance and (European-sized) emergency vehicles. All the other lanes are just there so everyone can travel downtown in their personal car instead of using more efficient transport options. reply pfg_ 11 hours agorootparentYou can also have fully closed streets open to emergency vehicles as long as a path is kept clear reply bufferoverflow 15 hours agorootparentprevOne-lane road in a city means any car can block the whole road. So if an ambulance needs this road to save you, you're out of luck. reply jacoblambda 14 hours agorootparentJust because a street is one way does not mean it is so narrow that only one vehicle can fit through. Streets may be one way because it discourages unnecessary automotive traffic and it allows the rest of the space to be dedicated to bicyclist or use for residential and commercial purposes (outdoor seating, space for games, etc). So even if the streets are one way, there will often be space for the ambulance to maneuver around blocked vehicles. And if there's not, the ambulance can take another street or road. If it's the only route that can access that location, then with any sane amount of urban planning then the ambulance will be within a short walking distance to the location (and more often than not within eyesight). reply wongarsu 14 hours agorootparentprevProhibit on-street parking on at least one side of the road, make the side walk on that side big enough that an ambulance can use it to pass other vehicles if the road is blocked (I'll skip the question of why the street is blocked in the first place). Actually enforce the parking restriction. You need space for pedestrians anyways, and with traffic restricted to the necessary minimum you don't need bollards everywhere This isn't some kind of rocket science that has never been tried before, it's the reality in many cities around the world. You need an entire concept instead of adding half-backed solutions to an existing system, but the solutions are all well-tried and for the most part very straight forward. reply vlovich123 13 hours agorootparentprevAre you sure that’s not a path dependency that’s difficult to undo? Retrofitting this into a place like the Bay Area seems impractical given how bad public transit is there chronically. reply Over2Chars 12 hours agorootparentThe public transit quality reflects the government quality. reply Qwertious 15 hours agorootparentprev>but it’s important to note that deliveries into downtown would be important for it to be a thriving destination for shopping, residential or business. Not to mention space for heavy equipment to come in to do repairs and construction. Minimal maintenance corridors may not be enough. I used to work at a warehouse, the whole street of warehouses had a street width of at most 10m (30ft) wall-to-wall. People vastly overestimate how much throughput is needed purely for shipping, due to all the passenger cars on the road. Heavy equipment is also less of an issue than you'd think, because it tends to expand to fit the space it's permitted - like all engineering projects. reply wat10000 15 hours agorootparentprevSome cities manage fine with very small roads. Sometimes there isn’t exactly a road at all, but rather a pedestrian area that can be used for deliveries and such when necessary. American city centers are overprovisioned on roads by probably a factor of 10 or more. Ironically, fixing that would be excellent for local businesses, and they’re usually the ones opposing it because they think there’s no way to get customers besides having them drive directly to the business and park on their property. reply Over2Chars 12 hours agorootparent@wat1000 perfectly said. And the small businesses are the most easily frightened by well financed campaigns that make them afraid their business will shutter if car based traffic is even slightly reduced. reply epistasis 15 hours agorootparentprevIn Ancient Rome, private vehicles were banned during the first ten hours of the day. Doing the same for nearly all commercial deliveries would make a lot of sense today too. A huge number of delivery trucks are massively oversized and inappropriate for their task. Charging for oversized vehicles might wake some business owners up to more carefully evaluating their costs and making more rational choices. Heavy equipment is easy to permit. Look at any car-free area and there are very reasonable exceptions to make them function. The important thing is to remove cars as the mandatory way to access locations, and to cease prioritizing cars over more efficient methods of transit. Forcing cars into our cities took a massive amount of changes to our legal and planning system, and huge huge subsidies. Just going back to thinking of cars as one of many ways to get around, rather than as the primary and prioritized method of getting around, would allow for much more efficient systems. New York City has more than adequate public transportation, except for the private vehicles slowing it down. SF has adequate public transit, but without all the cars in the way and with higher ridership it would be amazing. reply Over2Chars 12 hours agorootparentThe small difference between Ancient Rome and the governments of SF and NYC is that ancient Rome had good government. reply tacticus 14 hours agorootparentprev> It can be an easier and more politically popular idea to just use streets to solve this problem at the individual level even if less efficient rather than requiring efficient central management planning by the government. So how many 40 lane roads are you going to build instead of single train lines? reply smcin 15 hours agorootparentprevThis is kind of like an argument-by-consequences since SF funding for transit and roads has viability problems due to SF's comparatively low residential density, as the funding from Covid, federal and then CA state emergency funding that replaced those disappear in 2025. This will cause big service reductions in SF MUNI [0], BART and Caltrain, starting this year. And it wasn't about \"the will of the Outer Sunset\" [1], and some (local) people there rely on car or rideshare access, plus all the rest of us from everywhere that isn't the Outer Sunset also want to be able to drive there to visit. The existing post-Covid time-shared road/park setup on Highway 1 was already incredibly friendly to bikes, pedestrian, pets, children, surfers. And SF Measure K only passed 54.7:45.3% [2]. > \"increasing maintenance costs due to erosion are another huge reason it’s a good idea)\" You could argue the exact same that SF cablecars could be cut because they net lose money (federal subsidy), or about all of us constantly paying for the upkeep of Highway 1 down at Big Sur, which is regularly closed/subsided/storm-damaged, and costs $$$ to repair every winter, but the wishes of the (small population of) locals have to be balanced against the wishes of everyone else (CA + out-of-state residents, tourists) who use it. In any case re the viability of transit at such low neighborhood densities, Seamless Bay Area [3] have for years been pointing out the ongoing insanity, duplication, waste, lack of ticket interoperability etc. of bankrolling 27 different agencies for 9 counties in a metro area of onlyYes we need some roads, but cars driving in the heart of downtown as normal transit? reply fooker 15 hours agorootparentTokyo barely makes it into the top hundred by population density. Also yes, for most large cities you can find news articles about people dying in fires or because of an ambulance getting delayed. reply wat10000 14 hours agorootparentFunny how you don’t see articles about people dying in fires because they live on a suburb that’s 10% as dense as it should be and so the fire station is 3x farther away than it should be. No real surprise, though. People love stories where you can point to a few people and say, they’re the ones who did this. It’s much less fun when it’s systemic and no one person or group can be blamed. reply pclmulqdq 14 hours agorootparentPolice response times in my \"10% as dense as it should be\" suburb (a place that would be the poster child for everything urbanists hate) are 3x faster than they are in NYC. That is largely due to having high mobility through the town. In pure distance terms, I live about 20x further from the police station, though. The average door-to-door time between my house and the nearest level 1 trauma center is 10 minutes shorter than it would be when I lived in Manhattan. It turns out that having the paramedics wait for an elevator really cuts into their response time. A level 3 trauma center is 25 minutes closer (there are no level 3 trauma centers in Manhattan). https://patch.com/new-york/new-york-city/nypds-slow-response... Cities are built for average-case living, and that is fine until you need it not to be. reply fooker 14 hours agorootparentprevAs a rule of thumb, you can't design anything trying to account for black swan events. Optimizing for the regular, daily use case is hard enough. It would help to think of this as a smart but random person reading about a security issue like spectre and offering you software design advice. Common sense arguments are only useful to an extent, the devil is in the details. reply wat10000 14 hours agorootparentI’m not sure how to apply this here. What does optimizing for regular daily use and not black swan events look like when it comes to fire and ambulance services? It seems to me that black swans are a major purpose for them. That’s why the local fire station tends to have a lot of time where the firefighters are sitting around, and why simple calls often get 3x more response than they need. The services are greatly overprovisioned for daily needs because they also exist for the times when an entire apartment building burns down, or some maniac bombs the subway. reply dymk 13 hours agorootparentprevWho cares about news articles? If you're worried that dense cities are dangerous, then back it up with some statistics about deaths per capita due to EMS delays. reply wat10000 14 hours agorootparentprevA cool thing about hard surfaced pedestrian areas, you can build them strong enough for vehicles without allowing the whole world to drive on them. reply apothegm 3 hours agorootparentprevYou keep roads but aside from a few arteries, allow only bicycles, pedestrians, emergency vehicles, and things like dropping off/picking up passengers with disabilities. If the roads are closed to non-emergency traffic, fire trucks and ambulances get where they need to be faster than if the roads are clogged with personal vehicles. reply benhurmarcel 9 hours agorootparentprevhttps://www.youtube.com/watch?v=j2dHFC31VtQ reply tim333 7 hours agoparentprev>That is the most subsidized land on the planet but people don't think of it that way. That's because it generally isn't in terms of paying cash subsidies. What happens is that when the city is laid out areas are blocked out for access. Doing that doesn't really cost you anything. In places that get pedestrianised the road space is still there, just used for people rather than cars. reply modeless 15 hours agoparentprevRoads are useful, but what I really think we should get rid of is parking lots. When cars can drive themselves we should build over all the lots and knock down the garages. The cars can spend the day on the road and the night parked outside the city. There should be zero parked inside the city. reply Qwertious 15 hours agorootparentAbolish free parking, and raise prices on the parking meter until the parking spots are only ~80% occupied (if they're less than 80% occupied, lower the price). If there's not enough parking, let the market fix that problem - if private parking lots are profitable use of land, then people will build them. But people will never be satisfied with private parking lots if they could have used free public parking instead (if they'd just looked harder for a parking spot). In other words, giving out free shit discourages people from buying that shit. Which really shouldn't surprise anyone. reply steele 14 hours agorootparentAny other innovative ways to disproportionately tax the wage class? reply wat10000 14 hours agorootparentCharging money for services is “innovative”? I know the hacker set likes to reinvent other industries and call it new, but this is rather extreme. reply steele 14 hours agorootparentJust say you're a landlord reply wat10000 14 hours agorootparentGive me free stuff. If you say no you’re a landlord. reply steele 14 hours agorootparentFree? Tax-dodging sovereign citizen panhandler too, I see. reply digdugdirk 14 hours agorootparentprevSure - create urban and suburban environments where a car is a necessity for daily function. Financing, insurance, maintenance, repairs, fuel... Cars aren't cheap. Reducing the overall space devoted to them and utilizing that space for useful purposes would be a net benefit. Providing public transport services with that increased revenue would leave the vast majority better off financially, not to mention the quality of life improvements. reply steele 14 hours agorootparentI don't disagree with the objective you describe, but I disagree with the Jonathan Swift-esque idea of abolishing free parking and increasing meters. That would increase the burden on the already-burdened and only nominally affect cost of convenience to the wealthy. I suppose everyone can tip their wait staff by letting them use their residential parking spot-- because without that pre-existing transportation infrastructure, employer provided transport/parking, affordable cost of living, and a living wage for all, I'm not sure how people are getting to work in dense urban areas. Although I love the idea of abandoned luxury vehicles lining the streets with boots on their wheels-- like a broken window theory for late stage capitalism. reply occz 12 hours agorootparentprevThis might seem like a good idea at first, but it would essentially result in complete gridlock as the roads fill up with circulating self-driving cars. No, there's definitely a better solution for this - using self-driving trains to move people. reply jerlam 15 hours agorootparentprevIf the cars can't park, then they're clogging up the roads and preventing them from being used as intended for transportation. I am fine with parking lots as long as they're not publicly funded and are taxed just as every other parcel in the city. And on-street parking should be prohibited. reply gpm 14 hours agorootparentIn fact I'd say that self driving cars will mean that it's important that parking is not more expensive than simply driving in circles. You can bet that companies will drive self driving cars in circles to store them while not in use if it's cheaper than parking, and that takes up both more space, and higher value space. reply jakelazaroff 13 hours agorootparentPerhaps there should be some sort of vacancy tax where the operators of driverless cars are charged for every mile they drive without a human passenger. reply omnimus 10 hours agorootparentYouve just invented a new job which is dummy human who is cheaper than parking lot who drives all day around city in otherwise empty cars. reply Breza 14 hours agorootparentprevI'm not sure if people will want to deal with long wait times for their car to drive to them. Imagine watching the end credits roll at a movie theater only to be gripped by the sense of dread that you forgot to call your car during the climactic fight scene and now you'll be waiting half an hour for it to drive from the suburbs. Don't get me wrong, I'm a huge fan of reducing car dependency, I'm just not optimistic that self driving cars will help. reply geogod42 15 hours agorootparentprevroads are dirty tho, n really expensive reply dexwiz 15 hours agoparentprevHow do you propose we handle logistics or emergency vehicles? I’m all for more walkable cities but rip them all up and replace them with what? Rails which are more expensive and less flexible? Pneumatic tube? Even if you switched to single person cargo bikes you would still want dedicated areas for vehicles versus pedestrians. reply spaceguillotine 15 hours agorootparentThis problem has been solved by equipment designed for narrower roads. It is not a hard problem to solve and cities like this have been around a very long time. There are literally solutions to every issue you bring up that are already on the market. reply browningstreet 15 hours agorootparentprevSee pedestrian first roads in the NL. There are bigger and more complicated cities that have done these things and became the better for it. reply Ar-Curunir 15 hours agorootparentprevOther countries just use more space-efficient vehicles. reply pclmulqdq 15 hours agoparentprevCities have had roads long before there were cars. So many people like to pretend that before \"car culture\" there were no roads in cities or that before cars there were no big roads. There were huge roads in cities in the 1800s to accommodate carriages, streetcars, and all the extra people on the road because a 5 minute trip by car takes 20 minutes on foot. Cities in 1000 AD had roads, and a lot of them were pretty damn wide. Ancient Rome was famous for building roads. Roads are not a waste of space. Roads are infrastructure. reply Ar-Curunir 15 hours agorootparentCars need a disproportionate amount of space for the number of people that they serve compared to every other means of transport. Bicycles, e-scooters, buses, etc serve many more people per square foot compared to mostly empty cars. reply pclmulqdq 14 hours agorootparentYou can certainly pack more bicycles/e-scooters per square mile, but they also move a lot slower. Not to mention cargo capacity of trucks vs. things like e-scooters. Buses and trains also don't go everywhere. If you banned cars and expanded bus routes to compensate, you would get much less utilization of space for your buses. In other words, buses are dense because other modes of transport allow you to only put a bus route on very common paths. The point still stands, though. The roads that they are complaining about were largely planned and built before cars. Downtown SF had roads that were very similar in size in 1900 as they are in 2025. The roads didn't magically get wider when cars came in. If they weren't a waste of space with no cars, they aren't magically a waste of space now. Many other cities that were built up much later have huge parking lots in their city centers, which are a massive waste of space. Roads, on the other hand, are not. reply blackeyeblitzar 13 hours agoparentprevNah roads are great and cars are great. They let people get around in ways that are much faster than public transit, with your friends and cargo, protected from the weather, without the safety issues, directly to your destination. If you overbuild and create density of inhuman levels, and don’t build adequate road infrastructure, you will have problems. But otherwise, it’s fine and it works very well in cities of low-mid density. reply omnimus 10 hours agorootparentNah. reply ekianjo 15 hours agoparentprevDowntown only exists in the first place because roads go there. You know the old saying? All roads lead to Rome. Cities concentrate people and need a lot of resources to be sustainable, and roads are what bring these resources. reply wat10000 14 hours agorootparentGiant American roads mostly don’t bring those resources. They bring vehicles passing through, they bring vehicles filled to 20% or less of their capacity, and they bring street parking, one of the most inefficient uses of land imaginable in a downtown area. Look at what’s needed to bring those resources and people, only those, and you need far less than what American cities have. reply dymk 15 hours agorootparentprevYou know what those roads originally had on them? Small carriages (see etymology) and foot traffic, not modern cars. It blows my mind that people think cars are necessary for modern cities when the best ones to live have very few or no cars reply Ar-Curunir 15 hours agorootparentprevThat’s just pure nonsense. Have you been to, like, any major non-American city? People just take public transit, or walk, or, live in downtown reply shiroiushi 14 hours agorootparentThis entire comment section is simultaneously hilarious and sad to read, because it's obviously a bunch of myopic Americans who have never ventured outside of America and have no clue how other cities in the world work. Honestly I try to avoid commenting in forums like this because it's so fruitless: it's just like trying to have a rational discussion about vaccines (or anything really) with a bunch of Trump followers. reply wat10000 14 hours agorootparentWhat’s funny is that I’m sure most of them know other kinds of cities exist. And they know that people somehow manage to survive and thrive there, even if they don’t know how. But this all gets ignored once you start talking about trying to emulate some of that. For too many Americans, there’s no difference between “that can’t work,” “that can’t work here,” and “we don’t do that.” reply signatoremo 13 hours agorootparentprevDid you know that car ownership in the Netherlands has continued to rise? This is a blog post of a cycling advocate, from 2019 but still relevant - [0] Quote: In 1992, 42% of Dutch households were car-free. By 2016 this had dropped to about a quarter. Car ownership has continued to increase since then. Higher car ownership leads to higher car usage. Almost anyone who can easily afford a car has one and there aren't many people at all who choose to go without if they can afford one: Amongst people of average income, just 12% of households don't have a car and that drops further to just 6% for high income households. In other words, people choose to own a car if they can afford it, even if they cycle frequently at the same time. [0] -https://www.aviewfromthecyclepath.com/2019/08/the-car-free-m... reply SoftTalker 14 hours agorootparentprevAll large European cities have a lot of traffic, public transit notwithstanding. And in the small towns, most people have a car because public transit is not economical in sparsely populated areas. reply jonathan_landy 15 hours agoparentprevI like to drive. Edit: see also this pro-car, pro-toll note by Bryan Caplan. https://www.betonit.ai/p/cars-could-be-even-more-convenient reply starspangled 14 hours agorootparentEverybody likes to drive. It's far more private, personal, and free than even the best public transport, which is why a country like Japan with some of the best public transport on earth has a car ownership rate of 1 per household, and even in Tokyo it's 33% of households, with a large taxi industry. It astounds me that so many on the left seem to be converging on the opinion that it should be a goal to reduce, eliminate, tax private transportation for the common person. Public transport is great and should be improved or encouraged, and road area usage should be as efficient as possible. But private transportation should be made cheaper and more convenient and accessible to as many people as possible. That is a great way to improve quality of life and expand opportunities for people. reply undersuit 14 hours agorootparentI hate driving but every time I get on my bicycle I remember how fun it is... until a car starts driving behind me impatient to get somewhere a few seconds faster. I can bike to many places in my town faster than the drivers can drive if I put some effort into pedaling. reply starspangled 14 hours agorootparentI don't mean everybody likes the act of driving, I mean everybody likes what driving [a private vehicle] can do for them. I didn't mean even that in the absolute literal sense either, but anecdotes from people who don't have a car or get driven by friends and never take taxis or uber anywhere would be interesting and will probably help us to understand why virtually everybody likes driving. reply undersuit 13 hours agorootparentI don't think anyone literally likes driving. Some people like racing, some people like drifting. But who the heck likes getting in their car, waiting at stop signs and lights, staring down a road for hours, and wondering whether the oncoming vehicle veering left is going to turn on their turn signal or straighten their path. reply Daishiman 15 hours agorootparentprevThis is a non-informational take which is just ahistorical, as evidenced by the fact that just 30 years a lot of European cities were very much car-centric and were much more awful by pretty much every metric than they are today. reply starspangled 14 hours agorootparentAbout one in every two households in Amsterdam own a car. I would bet many that don't use taxi services themselves now and again, and almost everybody would indirectly rely on roads used for deliveries, workmen, emergency services. And that's about the best case for a European city. It's comparable to New York City. Paris, London, Prague -- higher. The reality is that these romantic notions people have of cities not relying on cars or roads is an unrealistic fantasy. Yes it's certainly nice if you have good public transport that many people can use for most of their transport. The reality is though that even in the very best cases of those like Amsterdam and Tokyo, personal car ownership rates are still enormous, and the cities would cease to function without small private vehicles for commercial operations, let alone removing the roads for garbage collections, busses, emergency vehicles, etc. reply MattPalmer1086 10 hours agorootparentAnd yet, if you walk around Amsterdam or Rotterdam you see a lot of bicycles and trams and pedestrians, and very few cars. Cars certainly exist, but they are clearly not used by default for everything. Contrast with my recent visit to New Jersey. The hotel was surrounded on all sides by parking lots and multi lane roads). There was no sidewalk. reply starspangled 9 hours agorootparentI haven't walked around those cities, I've walked around certain areas of London or Tokyo as a tourist mostly in central areas that are well serviced by public transport and are very dense, without any real understanding of what it actually takes to live, work, raise children, or anything else in those places. I certainly saw a lot of roads and cars, particularly when looking out the window of trains and busses into actual places people live. > Cars certainly exist, but they are clearly not used by default for everything. Sure, I've noticed a bunch of American cities I've been to are a more difficult to walk or get public transport than any big ones in Europe or Asia I've been to. They're all automobile-centric though. You'll never get rid of cars, taxis, trucks, busses, or roads. Not in any of them. Better walking, riding, and public transport is great, it's just never going to do away with the car, nor is doing away with cars and roads ever going to solve any problems that cities have. There should be more honesty and pragmatism around this. reply fooker 15 hours agoparentprevNo amount of reason will negate the fact that people like the convenience of cars. There is a reason cars, and paradoxically larger cars are being bought in increasing numbers. You can of course force people to give up conveniences they like, you just have to contend with the fact that the modern world makes it easy for people to move or vote with their wallet. reply etrautmann 15 hours agoprevIt's incredibly noticeable while biking. My commute through midtown is so much more pleasant now - it's insane. reply jefftk 16 hours agoprevWhen I see things like: > Bus speeds also increased after the tolls were turned on. The Manhattan-bound B39 bus, which crosses the Williamsburg Bridge, ran 28% faster compared to a similar January week last year. Other buses like the SIM24 and and the M50 saw increases in speeds, as well. I wonder how much cherry picking there is. Did they give the B39 because it's the most improved? Or for some other reason (especially busy?) (Generally strongly in favor of congestion pricing) reply nine_k 16 hours agoparentI think B39 is a good example of an improvement most affected by the congestion pricing. It's a very short route, with very few stops, and the principal part of the route being the Williamsburg bridge. The rest of both Brooklyn and Manhattan traffic affects it rather little. I think that \"cherry-picking\" is when you find outliers and show them off pretending they are typical examples. What I would call this is maybe a \"poster child\": a specially chosen example where the result is most dramatic and clearly seen. reply jon_richards 15 hours agorootparentI’d say a cherry picked example is backed by random chance (possibly counter to the trend) while a poster child example has an explanation (not necessarily correct) for being the most sensitive to the variable being changed. reply btheunissen 16 hours agoparentprevI wouldn’t be surprised if this was across the board for buses into lower Manhattan/around bridges into Manhattan. When living in cities I usually use both buses and trains but when living in NYC I tried to avoid buses when possible as you are at the behest of an insane amount of traffic usually; meaning you can’t reliably be places on time if you are using the bus. reply jon_richards 15 hours agorootparentI like the theory of traffic that basically says traffic will always make the best mode of transportation as bad as the second best. The problem with buses is that car traffic can never be bad enough to make cars worse than buses. Buses are doomed to always be worse than cars unless they have dedicated lanes or parking is unbearable. So cars slow down to equal the metro system, bikes, ferries, etc. A dedicated bus lane can speed up cars more than another car lane because it pulls traffic off the road until driving convenience equals bus convenience. reply post-it 16 hours agoparentprevI parse it as implying that B39 had the highest percentage improvement. reply epistasis 15 hours agoparentprevFor a lot of systems, what you want to \"cherry pick\" and focus on are those 90th-percentile outliers, because they cause the most pain. reply BenFranklin100 16 hours agoparentprevWe will get better stats as the data rolls in over the next several months, but is very unlikely this is cherry picked or unrepresentative of the broad benefits of less congestion. In fact, I anticipate the city to expand dedicated bus lanes and bus frequency to take advantage of the reduced car traffic. Bike lanes too. Mass transit should steadily improve over the next year as enhancements made possible by less cars are deployed. reply Twirrim 15 hours agoparentprevNot sure if NYC would do the same stunt, but London saw an amazing improvement in traffic flow after congestion charge was introduced. Turned out for several months prior to it they'd been slowly shifting the timing of lights to make things less optimal, and then reverted the day congestion charge went live. reply addicted 15 hours agorootparentThis wouldn’t work in NYC even if they did try because the congestion pricing start date has been moved around a lot, including days before it was supposed to start the last time. But even more relevant is the fact that people have seen Manhattan gridlock for decades. If they were planning a move like that they would have had to start it in the 1980s at least. reply teractiveodular 15 hours agorootparentprevWould you have a source for this? reply jeffbee 15 hours agorootparentVarious buttholes, presumably. Anyone who has ever tried to adjust the phase of a traffic signal can tell you that sneaking little changes, all over a large city, is fantasy. reply jonathan_landy 15 hours agorootparentYou’ve done this sort of work? There are a few in Berkeley I would like to try my hand at… reply occz 12 hours agorootparentprevWhat a weird thing to lie about. reply apothegm 16 hours agoprevHopefully this means improved response times for emergency vehicles, which have been pretty bad and getting worse due to traffic. I imagine we’ll start to see data in that in a couple months. reply Breza 14 hours agoparentI hadn't thought about this part. I work with healthcare data for a living. I'll have to keep an eye out for changes once the 2025 records come across my desk. reply meandave 14 hours agoprevI live at a _very_ loud and busy intersection in downtown manhattan, it's usually gridlocked every day from 4pm - 7pm at least. That hasn't happened once since congestion pricing kicked in (I'm enjoying the relative quiet, but I do sort of miss the chaos). The first two days, everything was covered in snow down here. I wonder how much this will hold up into summertime. As an unrelated aside a new bmw sedan driving the wrong way on mulberry street intentionally ran into me at a crosswalk today. So don't let your guard down lol reply Over2Chars 16 hours agoprevBrilliant for many reasons. I hope we see a lot more of this. reply ciabattabread 15 hours agoprevIt was also really cold in NYC last week. reply etrautmann 15 hours agoparentwouldn't that increase driving relative to other forms of transportation? reply ciabattabread 15 hours agorootparentCold encourages suburbanites to stay in their warm home instead of going on a night out. reply etrautmann 14 hours agorootparentI would imagine that’s a tiny portion of the total traffic in midtown? reply daft_pink 13 hours agoprevI’m curious what the real impact of this is as it only shows what the reduction in people entering the district is and not a reduction in traffic rates on any given street. I’m surprised that they are allowed to have these rules as it appears to give preferential treatment to non-residents who don’t live in a district vs residents who live in a district, which runs counter to general principles that roads in America that are funded by all of our tax dollars should treat drivers equally and not offer preferential treatment to residents. reply iambateman 16 hours agoprevSome numbers don’t make sense here… They’re saying a 7% reduction is 43k cars, which infers 550k daily trips into the city. But they think they can make $500M/year. At $9 per trip, that’s only 150k tolls daily. (500M / 365 / $9). In any case, I’m glad it seems to be working. Congestion pricing has the potential to do a lot of good in this country. reply nine_k 16 hours agoparentThere is a number of driver categories that pay somehow less to enter. Also I suppose they predict that the number of daily trips will keep going down, and so will the revenue with it. reply addicted 15 hours agoparentprev$9 is for personal vehicles. Cabs get charged per trip with no limit. Delivery trucks get charged a higher amount and I don’t believe (I’m not sure on this) they have a daily cap, so they can also be charged multiple times. reply Over2Chars 16 hours agoparentprevyou mean implies not infers. You infer, they imply. reply hackernewds 15 hours agoparentprevNot driving is gonna make the drivers happier? A lot of good, depends on who you are really reply pclmulqdq 15 hours agoparentprev$500M/year was the magical thinking that applies any time the NY government wants to create a tax. The revenue projected is always huge so they can spend big somewhere else while pretending to be revenue neutral. The soda tax had the same ridiculous overestimation. reply wk_end 15 hours agorootparentIf I’m reading OP’s math correctly, you’ve got it backwards. They’re saying NYC should be in practice making significantly more than $500M/yr. reply pclmulqdq 14 hours agorootparentOP's math doesn't account for the fact that a small fraction of trips into the city are personal vehicles, and many more are cabs/rideshare cars (which pay differently) and trucks making deliveries (which may be exempt). In any case, there is also going to be widespread toll fraud here just like with every other toll in NYC. reply dottjt 16 hours agoprevI think an issue with this kind of policy (not necessarily in Manhattan) but in other cities is that often there is no alternative other than to drive to the city. For example, my partner needs radiation for her cancer and the hospital is located in the city. There is no other option than to drive. I feel like this type of policy negatively affects people in this situation, with no other alternative. reply lostdog 14 hours agoparentA $9 congestion charge is probably a huge help to you. For just $9 per visit, you get much lower traffic and easier parking. Your very high priority trip is easier because lots of lower priority trips either didn't happen, or used transit instead. reply dottjt 14 hours agorootparentNot if you're poor. $9 daily would be quite a lot for poor people, especially since radiation is daily. Furthermore you often have no choice but to use paid hospital parking due to mobility issues, as opposed to cheaper parking near the hospital. reply OsrsNeedsf2P 15 hours agoparentprevI'm sorry to hear your partner needs cancer treatment. But also, you can still use the roads. reply dottjt 15 hours agorootparentYeah, but why should one have to pay more to use roads they have no options but to use? reply drawkward 4 hours agorootparentYou're right; gasoline should be untaxed. Nah fuckit, gasoline should be 100% government-subsidized. reply redserk 14 hours agoparentprevI think this policy is only feasible in cities with decent public transportation. I’d struggle to list any more than 1-2 other American cities where this could be done though. A lot of cities that do have public transportation seem to have extremely frustrating (i.e. multiple transfers) gaps if you aren’t using the system to-and-from work. reply dottjt 14 hours agorootparentAgain, public transport is usually not feasible if you have a severe medical condition. reply redserk 14 hours agorootparentAgreed. I think this is one area I’d hope to see exceptions for on any implementation. I can’t attest to how fair of a process this is, but MTA seems to be giving medical exceptions some lip service: https://new.mta.info/tolls/congestion-relief-zone/discounts-... reply blackeyeblitzar 13 hours agorootparentprevIt’s also only feasible if actions like this congestion charge are taken to tilt the scales. Most people would not use public transit if they could avoid it. When there is enough road infrastructure to match the density, private transit is preferred because you can drive directly to your destination, not have public safety issues like on the subway, haul cargo, and do it all quickly. The only way to make public transit attractive is to artificially and maliciously mismanage things to make driving cars slow and expensive. Which frankly is hostile towards people. reply ETH_start 15 hours agoprevFewer drivers and less traffic can actually lead to more people being on the roads, because high-capacity vehicles like busses — which can efficiently pay the congestion pricing charges — are more usable when there is less traffic and faster commute times, so more people are likely to utilize them. reply xyst 16 hours agoprevIn addition to the obvious improvements to pedestrian safety with less vehicles on the road. Air quality in these areas is going to improve vastly. This needs to be implemented in every major metropolitan area. reply Over2Chars 16 hours agoparentSan Francisco \"thought about it\" as far back as 2019 and couldn't get their act together to pull it off: https://www.sfcta.org/downtown I'm guessing that Uber and other car based services all threatened to stop funding their re-election campaigns if they did it. reply bpye 13 hours agorootparentVancouver, BC is another city that considered it - but the incumbent mayor lost the last election, partly due to the issue. reply Over2Chars 13 hours agorootparentThat's quite unfortunate. I'm sure the voters can contemplate their victory when they're sitting in a traffic jam. reply whatever1 16 hours agoprevThe poorest 43k to be more accurate reply affinepplan 15 hours agoparentthe people who most strongly value $9 over a drive into lower Manhattan, to be more accurate reply drawkward 16 hours agoparentprev[Citation pending] reply whatever1 15 hours agorootparentFor example: https://www.irp.wisc.edu/publications/dps/pdfs/dp137810.pdf reply drawkward 4 hours agorootparentApples and footballs; in NYC, I suspect the poor don't drive in the first place. reply BenFranklin100 16 hours agoparentprevThis comment is a good example of the type of narrow minded progressive thinking that has held back good public policy like congestion pricing and carbon taxes. Both of these programs are criticized as being regressive. The criticism neglects to take into consideration the society wide benefits like more efficient bus travel or cleaner air that preferentially help the less well off. reply dottjt 16 hours agorootparentI agree with your rebuttal in response to that other person's comment, but ultimately I do think those programs are regressive for the poor, at this very point in time. I guess the question becomes, should those poorest suffer for the betterment of all future generations? I would personally say no. reply nine_k 15 hours agorootparentGive the poorest a discount for parking outside the congestion pricing area, and a discount for mass transit (if they haven't already applied for it). The point of congestion pricing is to make the correct behavior also a better financial choice. Discounted transit ticket achieve the same goal. reply mensetmanusman 15 hours agorootparentprevThe poor will benefit from less lung cancer inducing smoke. reply BenFranklin100 15 hours agorootparentprevThank you for letting me clarify my point with two examples of how these seemingly regressive policies ultimately help the poorer among us: 1. carbon taxes will improve poor air quality which currently impacts the poor more than the wealthy who can afford to live in cleaner areas. The poor will enjoy significant health benefits that far outweighs the small regressive tax they pay know. 2. A Congestion pricing stands to dramatically improve mass transit options like buses, which the working class rely on far more than the wealthy to get to work on time and will even expand the job options they have available to them. reply whatever1 16 hours agorootparentprevWhy not lottery my dude (based on dob, license plate, whatever) ? Didn’t I equally pay for the infrastructure? I would argue that I paid even more than the millionaires, because I cannnot cheat on my taxes. reply bdzr 15 hours agorootparentOh god. Didn't they try to do something like this in Mexico City and it resulted in no change? Clever policy is always rife with unintended consequences; prices are good. reply whatever1 15 hours agorootparentThis is how China and most Europe does it for their big cities. Identical effectiveness minus the regressivity for the poor. If the city wants to buy more buses they can always send higher tax bills to their residents reply lokar 15 hours agorootparentNot true. The rich just get extra car with different plates. reply BenFranklin100 14 hours agorootparentprevYou paid far less. The top half of American pay almost 98% of federal taxes. The top 10% pay nearly three quarters. The American tax system is very progressive. https://www.cbsnews.com/news/tax-irs-income-taxes-who-pays-t... reply whatever1 12 hours agorootparentYou have it wrong. You are grouping in that top 10% the millionaires/billionaires who pay nothing with the 6-figure W2 workhorses who cannot hide anything. reply BenFranklin100 4 hours agorootparentStop equivocating. You said that ‘you’ (as in the lower income half) paid more. This is demonstrably false. The top half of Americans pay 97.7% of taxes. It may be you paid a higher percentage of your income despite the progressive nature of the American tax code which has a higher rate the more you make, via some tax breaks some wealthy people take advantage etc... It can also be that you paid a smaller percentage through an EITC. I don’t know without know your situation. It is definitely false that Americans making between $200-400K paid a smaller rate than you did. Your broad statement the poor are paying the bulk of support for public infrastructure is clearly wrong. Revise your priors. reply whatever1 1 hour agorootparentIt is definitely true the millionaires paid less than me. 0I always thought congestion pricing was always mis-priced, and it should be tied to income/wealth. NYC has a low-income discount system: https://new.mta.info/tolls/congestion-relief-zone/discounts-... But also, the money is going to fund public transit, which disproportionately benefits poorer people. reply breadwinner 16 hours agorootparentprevShould everything be tied to income/wealth? Taxes and college tuition are already tied to income/wealth. Why not food, housing, travel, clothes, healthcare, even drinking water? At that point wealth will stop to have any meaning. reply redandblack 14 hours agorootparentYes - if we financialize all public services, then it makes sense to use income/wealth to subsidize (re-distribute to be more precise) the poor. I remember reading a few weeks back that UK is getting the railroads back to public ownership - not sure if that is true, but would like to hear from UK readers on the impact of financialization (aka privatizing) of public utilities. I am not a fan of public ownership - but a supported of public subsidies for utilities - transport / electricity / heat / water and in this case roads reply mensetmanusman 15 hours agorootparentprevYes, e ink displays in the super market following you around with prices dependent on how many bitcoins in your cold wallet. reply gscott 15 hours agorootparentprevIt will help Amazon and other delivery companies. Less competition from people driving their own cars to get things. California is working to put on a per-mile tax onto drivers because roads wear out faster then gas taxes, sales tax on autos, sales tax on auto repairs/parts, and registration taxes can be collected... reply adgjlsfhk1 14 hours agorootparentprevPoor people in NYC don't have cars. reply manquer 15 hours agoparentprevOnly the rich get to drive too. Cars loans, insurance , fuel and maintenance all costs money. There are lot of people who cannot afford to pay for any of it, we subsidize them too[1] to buy cars or invest in public transit instead ? In a capitalist society , benefits are enjoyed by those with wealth, this what we signed up . I am not saying it is a good or bad we have this, just that congestion pricing is hardly the issue to discuss changing economic systems [1] absence of congestion pricing is a subsidy, costs of transport infrastructure is only partly paid by users of the infra at present . reply BenFranklin100 16 hours agoparentprevThe poor and working class never drove in Manhattan. It’s too expensive to maintain a car and pay for parking. With congestion pricing the poor (not to mention all of us) now get to enjoy more efficient and reliable bus travel. This is a net win for the working class. reply HDThoreaun 15 hours agoparentprevDriving in lower Manhattan should be a rich person only thing. The externalities are massive and they can pay it. reply breadwinner 16 hours agoparentprevonly the rich get to live in nice houses; drive Lamborghinis, fly private... welcome to capitalism! To paraphrase Churchill, capitalism is the worst economic system, except for all the others. reply shipscode 16 hours agoprevComparing to previous Januarys seems dishonest given the vast number of layoffs that have occurred over the past year. Doesn't appear as though they're controlling for this number at all.. reply necubi 15 hours agoparentWhat vast number of layoffs? The national layoff rate is currently 1.1%, which is lower than the the pre-pandemic average [0]. The NYS layoff rate is 0.5% which is one of the lowest in the country. [0] https://fred.stlouisfed.org/series/JTSLDR [1] https://www.bls.gov/charts/state-job-openings-and-labor-turn... reply jeffbee 15 hours agorootparent\"Private sector jobs in New York City rose by 79,800 over-the-year to 4,236,900 in November 2024.\" Amazing what people believe. reply bberenberg 15 hours agoparentprevNumber of employed people rose in NYC over the last year[0] if I’m reading the stats correctly. [0] - https://dol.ny.gov/system/files/documents/2024/12/nychist.xl... reply jeffbee 15 hours agorootparentYou are reading it correctly. There have never been more jobs in NY than there are right now. The unfortunately problem is that it appears all of the extra people are employed in making shit up and posting it on the Internet. \"Vice President in Charge of Charlie Brown's Hoes\" or similar roles. reply nwellinghoff 16 hours agoprevThis seems to be the goto method for most cities now. Got something that isn’t working anymore or the public needs more of it? Just start charging for it and make it a revenue source! reply cake_robot 15 hours agoparentInternalizing externalities is good, actually. reply xyst 16 hours agoparentprevWhat a joke. Urban areas have been gutted so suburbanites can travel by car, park their metal death box, and travel back to their shitty home for decades. Urban areas have also been subsidizing roads mostly used by suburban assholes. Then when those same roads need repair, guess who the burden falls on (it’s not the suburbanite living in shitville county) reply drawkward 16 hours agoparentprev[Citation Needed] reply gorgoiler 15 hours agoprev [–] As a thought experiment let’s take a technocratic moonshot: air traffic control but for 500k surface vehicles on 100k blocks. Pricing reduces congestion, but only indirectly, and only in aggregate over the area to which it applies. Where is your ambition, hackers?! NYC could take this whole idea to the next level — level of hell, I’m sure some would think — and require that every vehicle needs a real time permit to be in motion on a block-by-block basis. Permits are available only when the streets have capacity for another vehicle. When you park up, your permit gets released. When you want to get back on the road you join the back of the line for a new real-time permit to drive. Stop lights could hold back traffic from entering congested areas. If you want to enter an area and it is full up, you have to sit and wait for another car to leave that cell. The central system manages the queues fairly: if a car exits the West boundary then you can enter on the East boundary if you were next in line. It sounds like misery but honestly if the goal of any congestion policy is to ensure that traffic density never exceeds a given threshold, isn’t using globally coordinated block-level traffic control the ultimate way to achieve that goal? The whole thing also sounds like a dream — again, possibly a fever dream — to implement and fine tune. NetEng has some transferable skills in this domain which could come in handy. Slightly tongue-in-cheek, but also slightly hang on this is a great idea. reply GuidelinesFAQListsAPISecurityLegalApply to YCContact Search:", + "originSummary": [ + "After congestion pricing was implemented, there was a 7.5% reduction in drivers entering Manhattan below 60th Street, equating to 43,000 fewer drivers each weekday.", + "The reduction in traffic has improved traffic flow and increased bus speeds, with some express buses experiencing higher ridership.", + "The Metropolitan Transportation Authority (MTA) uses the toll revenue, estimated at $500 million annually, for transit improvements, despite some political opposition." + ], + "commentSummary": [ + "The implementation of congestion pricing in Manhattan has resulted in 43,000 fewer drivers, leading to increased bus speeds and potentially better emergency response times.", + "The policy is designed to reduce traffic congestion and improve air quality, though it has sparked debate over its impact on lower-income individuals.", + "Proponents argue that the benefits include more efficient public transit and cleaner air, while discussions continue on balancing these advantages with the needs of drivers." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.es.json b/records/2025-01-14/2025-01-14.es.json new file mode 100644 index 000000000..9932dac93 --- /dev/null +++ b/records/2025-01-14/2025-01-14.es.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "Snyk investigador de seguridad despliega paquetes NPM maliciosos dirigidos a cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "Un investigador de seguridad de Snyk lanzó paquetes NPM maliciosos dirigidos a Cursor.com, una empresa de codificación de IA, para recopilar datos del sistema y enviarlos a un servicio controlado por un atacante.", + "Los paquetes, identificados como \"cursor-retrieval\", \"cursor-always-local\" y \"cursor-shadow-workspace\", fueron señalados por el escáner de análisis de paquetes de OpenSSF, lo que resultó en las advertencias MAL-2025-27, MAL-2025-28 y MAL-2025-29.", + "Este incidente resalta la importancia de examinar los paquetes de NPM antes de la instalación para evitar posibles amenazas de seguridad." + ], + "commentSummary": [ + "Un investigador de seguridad de Snyk lanzó paquetes maliciosos de NPM (Node Package Manager) dirigidos a cursor.com, destacando vulnerabilidades de confusión de dependencias. - El incidente ha generado un debate sobre la ética de la investigación en seguridad, especialmente en lo que respecta a la exposición pública de variables de entorno. - Cursor.com aclaró que no autorizaron la acción, y Snyk se ha disculpado desde entonces, subrayando los desafíos de equilibrar la investigación de seguridad ofensiva con los estándares éticos." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "He cambiado a Firefox y nunca miré atrás", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox es elogiado por su superior gestión de pestañas, la función integrada de Pocket para guardar enlaces y un servicio de retransmisión de correo electrónico enfocado en la privacidad, lo que lo convierte en una fuerte alternativa a Chrome. - Características adicionales como una herramienta de captura de pantalla fácil de usar, un botón de ChatGPT, Picture-in-Picture, opciones de búsqueda personalizables y un desplazamiento suave mejoran la experiencia de navegación. - Aunque Firefox carece de la función de aplicaciones web de Chrome, su diseño cuidadoso y la reducción en el consumo de recursos lo hacen una opción preferida para algunos usuarios." + ], + "commentSummary": [ + "Los usuarios de Firefox enfrentan desafíos de plataformas como YouTube, que pueden degradar intencionalmente la experiencia para navegadores no pertenecientes a Google o usuarios que emplean bloqueadores de anuncios. - Esta tendencia genera preocupaciones sobre la autonomía del usuario, ya que penaliza a aquellos que optan por una experiencia web sin anuncios y sin vigilancia. - Firefox ofrece características únicas, como las pestañas de contenedores, que mejoran la privacidad y la usabilidad, convirtiéndolo en una opción preferida para los usuarios que buscan independencia de los navegadores controlados por grandes corporaciones." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "El CEO de Sonos renuncia tras el fiasco de la actualización de la aplicación", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "El CEO de Sonos ha renunciado tras una controvertida actualización de la aplicación que requería que los usuarios reemplazaran costosos sistemas de sonido, lo que causó insatisfacción entre los clientes. - La actualización introdujo un sistema basado en la nube, alejándose del confiable Universal Plug and Play (UPnP), lo que provocó problemas de conectividad y mayor complejidad. - Esta situación subraya el conflicto entre las estrategias empresariales y el mantenimiento de la confianza del cliente, mientras el CEO pasa a un rol asesor con un paquete de indemnización." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "En el vientre del MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "La redacción examina cómo el algoritmo de YouTube influye en la creación de contenido, utilizando a MrBeast como estudio de caso, destacando un cambio hacia contenido impulsado por el compromiso en lugar de contenido significativo. - Discute las implicaciones más amplias para la alfabetización mediática y el impacto cultural de plataformas como YouTube y TikTok, sugiriendo una tendencia hacia contenido superficial y reaccionario. - Se consideran diversas perspectivas sobre el papel de los algoritmos en la conformación del contenido y la influencia de los creadores populares en las normas culturales." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "Las operaciones de Git en GitHub están caídas", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub enfrentó una interrupción de operaciones de Git el 13 de enero de 2025, debido a un cambio de configuración que afectó al equilibrador de carga interno, que duró desde las 23:35 hasta las 00:24 UTC. - El problema se resolvió revirtiendo el cambio de configuración, y GitHub está trabajando en mejorar los procesos de monitoreo y despliegue para prevenir incidentes similares. - La interrupción también afectó a los servicios de Actions y Pages de GitHub, destacando la naturaleza interconectada de sus servicios de plataforma." + ], + "commentSummary": [ + "GitHub enfrentó una importante interrupción que afectó las operaciones de git, lo que llevó a la confusión entre los desarrolladores que inicialmente sospecharon problemas con sus claves SSH o configuraciones locales. - El incidente subrayó los desafíos de depender de servicios centralizados, lo que provocó discusiones sobre las ventajas de la auto-hospedaje y los sistemas descentralizados. - Aunque el problema se resolvió, destacó preocupaciones sobre la fiabilidad de GitHub y los riesgos de depender de plataformas de terceros para tareas esenciales." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 lanzado con expansión ZFS raidz", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 ha sido lanzado, introduciendo características significativas como la expansión RAIDZ, deduplicación rápida, entrada/salida directa, salida JSON y soporte para nombres de archivos largos. - La versión incluye correcciones de errores esenciales y mejoras de rendimiento, compatible con los núcleos de Linux 4.18 - 6.12 y las versiones de FreeBSD 13.3, 14.0 - 14.2. - La actualización es un esfuerzo colaborativo de 134 contribuyentes, con documentación completa y un registro de cambios disponible para revisión." + ], + "commentSummary": [ + "ZFS 2.3 ha sido lanzado, introduciendo características como la expansión de RAIDZ, deduplicación rápida, IO directo, salida JSON y soporte para nombres de archivos largos. - La expansión de RAIDZ es particularmente notable ya que permite a los usuarios agregar nuevos dispositivos a un pool RAIDZ existente sin tiempo de inactividad, mejorando la capacidad de almacenamiento. - El lanzamiento se considera un avance significativo para los usuarios de ZFS, estableciendo comparaciones con otros sistemas de archivos como Btrfs y Windows Storage Spaces, a pesar de algunas limitaciones como la imposibilidad de reducir el tamaño de los pools." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop: contenedores de Alpine, Ubuntu, Fedora y Arch que contienen entornos de escritorio completos", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop proporciona contenedores basados en Alpine, Ubuntu, Fedora y Arch con entornos de escritorio completos accesibles a través de navegadores web, compatibles con arquitecturas x86-64 y arm64.", + "Los usuarios pueden seleccionar entre varios entornos de escritorio como XFCE, KDE, MATE, i3, Openbox e IceWM utilizando etiquetas de imagen específicas, y acceder al Webtop a través de URL designadas.", + "Las características de seguridad incluyen la opción seccomp de Docker y la configuración de autenticación, con opciones de personalización disponibles a través de variables de entorno, y soporte para aceleración de GPU con controladores de código abierto." + ], + "commentSummary": [ + "Webtop proporciona contenedores con entornos de escritorio completos para Alpine, Ubuntu, Fedora y Arch, adecuados para configuraciones rápidas detrás de una VPN.", + "Los usuarios elogian a Webtop por su velocidad y facilidad de uso, especialmente cuando se utiliza con el contenedor Gluetun para conexiones seguras, pero advierten contra la exposición de contenedores a internet sin medidas de seguridad debido a la falta de autenticación predeterminada.", + "El proyecto es valorado por ser de código abierto y flexible, con usuarios compartiendo configuraciones, y se destacan alternativas como Kasm y Selkies para propósitos similares." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 de cada 5 ofertas de trabajo en línea son falsas o nunca se cubren, según un estudio.", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "Un estudio reciente indica que el 20% de las ofertas de trabajo en línea son falsas o permanecen sin cubrir, lo que aumenta la frustración de los buscadores de empleo. - Esta tendencia de \"trabajos fantasma\" podría ser una táctica de las empresas para proyectar una imagen de crecimiento. - Plataformas de empleo como Greenhouse y LinkedIn han introducido servicios de verificación de empleos para ayudar a los usuarios a identificar oportunidades laborales genuinas." + ], + "commentSummary": [ + "Un estudio revela que el 20% de las ofertas de trabajo en línea son falsas o permanecen sin cubrir, a menudo debido a que las empresas necesitan cumplir con las políticas de inmigración de EE. UU. - Las empresas también pueden dejar las ofertas de trabajo publicadas para encontrar candidatos ideales, cambiar los requisitos o tener candidatos internos preseleccionados. - El mercado laboral es difícil para los solicitantes, que frecuentemente enfrentan el fenómeno del ghosting y rechazos automatizados, lo que provoca llamados a una intervención regulatoria." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Hacer una intersección insegura para los peatones para ahorrar segundos a los conductores", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "La discusión se centra en si las intersecciones deben priorizar la seguridad de los peatones o la eficiencia de los conductores, con algunos que prefieren intersecciones controladas por semáforos y cruces peatonales sobre paradas de 4 vías.", + "Las opiniones varían sobre las leyes de tráfico y el diseño de infraestructuras, con debates sobre la seguridad de cruzar la calle fuera de los pasos peatonales y los riesgos asociados con girar a la derecha en rojo.", + "Algunos abogan por soluciones alternativas como las rotondas o la adopción de estándares de ingeniería de tráfico holandeses para mejorar tanto la seguridad como la eficiencia." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL es el Sistema de Gestión de Bases de Datos del Año 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL ha sido galardonado como el DBMS del Año 2024 por DB-Engines, logrando este reconocimiento por quinta vez, superando a otros 423 sistemas de gestión de bases de datos.", + "PostgreSQL, con una historia que abarca casi 35 años, sigue innovando, como se puede ver en las recientes mejoras de PostgreSQL 17, lanzado en septiembre de 2024.", + "Snowflake y Microsoft aseguraron el segundo y tercer lugar, respectivamente, con Snowflake destacado por su almacenamiento de datos en la nube y soporte multi-nube, mientras que Microsoft ofrece bases de datos relacionales administradas robustas a través de Azure SQL Database y SQL Server." + ], + "commentSummary": [ + "PostgreSQL ha sido galardonado como el Sistema de Gestión de Bases de Datos del Año 2024 por db-engines.com, destacando su creciente popularidad y reconocimiento en la industria.", + "Los usuarios están considerando cambiar de Microsoft SQL Server a PostgreSQL debido a los altos costos de licencias y las limitaciones de recursos, a pesar de los posibles desafíos de migración.", + "PostgreSQL es preferido por sus características robustas y rentabilidad, lo que lo convierte en una opción preferida para futuros proyectos, aunque algunos usuarios exploran alternativas como Babelfish para reducir costos." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "El inicio de sesión de OAuth de Google no protege contra la compra de un dominio de startup fallida", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "La discusión resalta una vulnerabilidad en el sistema de inicio de sesión OAuth de Google cuando el dominio de una startup fallida es adquirido por un nuevo propietario, lo que podría permitir el acceso no autorizado a servicios.", + "Este problema surge porque Google puede no distinguir entre los propietarios originales y nuevos del dominio, lo que afecta a cualquier sistema que utilice autenticación basada en dominios.", + "Una solución propuesta es utilizar identificadores únicos que permanezcan constantes a lo largo del tiempo, aunque la implementación de esta solución varía entre los proveedores de identidad." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Usar habilidades de codificación para generar ingresos pasivos", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "El autor pasó de un rol de CTO a un solopreneur, ganando exitosamente más a través de una cartera de productos de software.", + "Las estrategias clave incluyen centrarse en el trabajo profundo, comenzar con proyectos pequeños, iterar rápidamente y dedicar tiempo a los esfuerzos de marketing.", + "La travesía enfatiza la resiliencia debido a las incertidumbres, pero destaca la autonomía y libertad incomparables de este camino profesional, animando a aquellos con habilidades de codificación a considerarlo para obtener ingresos pasivos." + ], + "commentSummary": [ + "Un usuario describió cómo generar ingresos pasivos a través de sitios web de spam de SEO utilizando nombres de dominio que están por expirar, ganando aproximadamente $30,000 anualmente, a pesar de las preocupaciones éticas y la eventual represión de Google.", + "La publicación provocó un debate sobre los ingresos pasivos, con algunos usuarios argumentando que se asemeja más a dirigir un negocio que a ganancias verdaderamente pasivas.", + "Los participantes compartieron experiencias y desafíos en proyectos paralelos, destacando la importancia del tiempo, la resiliencia y la planificación estratégica." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "España propone un impuesto del 100% sobre las viviendas compradas por residentes no pertenecientes a la UE", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "España está considerando un impuesto del 100% sobre las compras de bienes raíces por parte de residentes no pertenecientes a la UE, con el objetivo de abordar la crisis de vivienda y frenar la compra especulativa.", + "La propuesta del Primer Ministro Pedro Sánchez incluye la expansión de la vivienda social y la regulación de los alquileres turísticos para abordar la disparidad entre los precios de la vivienda y los ingresos.", + "La futura aprobación de la propuesta como ley es incierta, ya que algunos analistas la ven más como un elemento disuasorio para los inversores extranjeros que como un cambio legislativo garantizado." + ], + "commentSummary": [ + "España está considerando un impuesto del 100% sobre las viviendas compradas por residentes no pertenecientes a la UE para abordar los problemas de asequibilidad de la vivienda. - Los críticos sugieren que los compradores extranjeros no son la causa principal de los altos precios de la vivienda, citando la burocracia lenta y las leyes de zonificación como factores más significativos. - La propuesta ha encendido un debate sobre el papel de la propiedad extranjera en los mercados de vivienda y su efectividad para resolver los problemas de asequibilidad." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple pronto recibirá chips 'hechos en América' de la fábrica de TSMC en Arizona", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple está probando procesadores de la planta de TSMC en Arizona, con planes para la producción en masa para el primer trimestre, lo que podría convertirla en el primer cliente estadounidense de TSMC para chips fabricados localmente. - Esta iniciativa tiene como objetivo fortalecer la independencia de silicio de EE. UU., reduciendo la dependencia de Taiwán, que es vulnerable a riesgos geopolíticos y naturales. - La fábrica de TSMC en Arizona está preparada para producir chips avanzados de 3nm y 2nm, con esfuerzos continuos para mejorar el reclutamiento local y las asociaciones con universidades estadounidenses, aunque el empaquetado se realizará inicialmente en Taiwán hasta que la instalación de Peoria esté operativa." + ], + "commentSummary": [ + "Apple recibirá chips de la planta de TSMC en Arizona, pero deben ser enviados de regreso a Taiwán para su empaquetado debido a la insuficiencia de instalaciones en EE. UU. - Más del 50% de la fuerza laboral en la planta de Arizona proviene de Taiwán, lo que indica una brecha en el campo STEM (Ciencia, Tecnología, Ingeniería y Matemáticas) de EE. UU. - La iniciativa de la Ley CHIPS, destinada a mejorar la fabricación de semiconductores en EE. UU., enfrenta desafíos ya que se cuestiona la etiqueta \"Hecho en América\" debido al proceso de empaquetado que ocurre en Taiwán, con planes para capacidades de empaquetado en EE. UU. para 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43,000 conductores menos en las carreteras de Manhattan después de que se activó el cobro por congestión", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Después de que se implementó el peaje por congestión, hubo una reducción del 7.5% en los conductores que ingresaban a Manhattan por debajo de la Calle 60, lo que equivale a 43,000 conductores menos cada día de la semana.", + "La reducción del tráfico ha mejorado el flujo vehicular y aumentado la velocidad de los autobuses, con algunos autobuses exprés experimentando un mayor número de pasajeros.", + "La Autoridad Metropolitana de Transporte (MTA) utiliza los ingresos por peajes, estimados en 500 millones de dólares anuales, para mejoras en el transporte, a pesar de cierta oposición política." + ], + "commentSummary": [ + "La implementación de la tarificación por congestión en Manhattan ha resultado en 43,000 conductores menos, lo que ha llevado a un aumento en la velocidad de los autobuses y potencialmente mejores tiempos de respuesta de emergencia.", + "La política está diseñada para reducir la congestión del tráfico y mejorar la calidad del aire, aunque ha generado debate sobre su impacto en las personas de bajos ingresos.", + "Los defensores argumentan que los beneficios incluyen un transporte público más eficiente y un aire más limpio, mientras continúan las discusiones sobre cómo equilibrar estas ventajas con las necesidades de los conductores." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.fi.json b/records/2025-01-14/2025-01-14.fi.json new file mode 100644 index 000000000..46106dd26 --- /dev/null +++ b/records/2025-01-14/2025-01-14.fi.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "Snyk-tietoturvatutkija ottaa käyttöön haitallisia NPM-paketteja, jotka kohdistuvat cursor.com-sivustoon.", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "Eräs Snykin tietoturvatutkija julkaisi haitallisia NPM-paketteja, jotka kohdistuivat Cursor.comiin, tekoälykoodausyritykseen, kerätäkseen järjestelmätietoja ja lähettääkseen ne hyökkääjän hallitsemaan palveluun.", + "Pakettien nimet ovat \"cursor-retrieval\", \"cursor-always-local\" ja \"cursor-shadow-workspace\", ja ne merkittiin OpenSSF-pakettianalyysiskannerin toimesta, mikä johti neuvonantoihin MAL-2025-27, MAL-2025-28 ja MAL-2025-29.", + "Tämä tapaus korostaa NPM-pakettien tarkastelun tärkeyttä ennen asennusta mahdollisten tietoturvauhkien välttämiseksi." + ], + "commentSummary": [ + "Eräs Snykin tietoturvatutkija julkaisi haitallisia NPM (Node Package Manager) -paketteja, jotka kohdistuivat cursor.comiin, tuoden esiin riippuvuuksien sekaantumiseen liittyviä haavoittuvuuksia. - Tapaus on herättänyt keskustelua tietoturvatutkimuksen etiikasta, erityisesti ympäristömuuttujien julkiseen paljastamiseen liittyen. - Cursor.com selvensi, etteivät he olleet valtuuttaneet toimintaa, ja Snyk on sittemmin pyytänyt anteeksi, korostaen hyökkäävän tietoturvatutkimuksen ja eettisten standardien tasapainottamisen haasteita." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "Vaihdoinkin Firefoxiin enkä ole katsonut taaksepäin", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefoxia kehutaan sen erinomaisesta välilehtien hallinnasta, sisäänrakennetusta Pocket-ominaisuudesta linkkien tallentamiseen ja yksityisyyteen keskittyvästä sähköpostin välityspalvelusta, mikä tekee siitä vahvan vaihtoehdon Chromelle. - Lisäominaisuudet, kuten käyttäjäystävällinen kuvakaappaustyökalu, ChatGPT-painike, Picture-in-Picture, muokattavat hakuvaihtoehdot ja sujuva vieritys parantavat selauskokemusta. - Vaikka Firefoxilta puuttuu Chromen verkkosovellusominaisuus, sen harkittu suunnittelu ja vähäisempi resurssien kulutus tekevät siitä joidenkin käyttäjien suosikin." + ], + "commentSummary": [ + "Firefox-käyttäjät kohtaavat haasteita alustoilta, kuten YouTube, jotka saattavat tahallisesti heikentää kokemusta ei-Google-selaimille tai käyttäjille, jotka käyttävät mainostenesto-ohjelmia. - Tämä suuntaus herättää huolta käyttäjien autonomiasta, sillä se rankaisee niitä, jotka valitsevat mainosvapaan ja valvonnasta vapaan verkkokokemuksen. - Firefox tarjoaa ainutlaatuisia ominaisuuksia, kuten konttivälilehtiä, jotka parantavat yksityisyyttä ja käytettävyyttä, tehden siitä suositun valinnan käyttäjille, jotka etsivät riippumattomuutta suurten yritysten hallitsemista selaimista." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Sonosin toimitusjohtaja eroaa sovelluspäivityksen epäonnistumisen jälkeen", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Sonosin toimitusjohtaja on eronnut kiistanalaisen sovelluspäivityksen jälkeen, joka vaati käyttäjiä korvaamaan kalliit äänijärjestelmät, aiheuttaen asiakastyytymättömyyttä. - Päivitys toi mukanaan pilvipohjaisen järjestelmän, joka siirtyi pois luotettavasta Universal Plug and Play (UPnP) -järjestelmästä, mikä johti yhteysongelmiin ja lisäsi monimutkaisuutta. - Tämä tilanne korostaa liiketoimintastrategioiden ja asiakassuhteiden ylläpitämisen välistä ristiriitaa, kun toimitusjohtaja siirtyy neuvonantajan rooliin erorahapaketin kanssa." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "MrBeastin vatsassa", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Essee tutkii, kuinka YouTuben algoritmi vaikuttaa sisällön luomiseen, käyttäen MrBeastia tapaustutkimuksena, ja korostaa siirtymää kohti sitoutumislähtöistä pikemminkin kuin merkityksellistä sisältöä. - Se käsittelee laajempia vaikutuksia medialukutaitoon ja kulttuurista vaikutusta alustoilla kuten YouTube ja TikTok, ehdottaen suuntausta pinnalliseen ja reaktiiviseen sisältöön. - Eri näkökulmia tarkastellaan algoritmien roolista sisällön muokkaamisessa ja suosittujen tekijöiden vaikutuksesta kulttuurisiin normeihin." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "Gitin GitHub-operaatiot ovat alhaalla", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub kohtasi Git-toimintojen katkoksen 13. tammikuuta 2025, johtuen kokoonpanomuutoksesta, joka vaikutti sisäiseen kuormantasaajaan, kestäen 23:35:stä 00:24:ään UTC-aikaa. - Ongelma ratkaistiin palauttamalla kokoonpanomuutos, ja GitHub työskentelee parantaakseen valvonta- ja käyttöönottoprosesseja estääkseen vastaavat tapaukset. - Katkos vaikutti myös GitHubin Actions- ja Pages-palveluihin, korostaen niiden alustapalveluiden keskinäistä yhteyttä." + ], + "commentSummary": [ + "GitHub kohtasi merkittävän katkoksen, joka vaikutti git-toimintoihin ja aiheutti hämmennystä kehittäjien keskuudessa, jotka aluksi epäilivät ongelmia SSH-avaimissaan tai paikallisissa kokoonpanoissaan. - Tapaus korosti keskitettyihin palveluihin luottamisen haasteita ja herätti keskusteluja itseisännöinnin ja hajautettujen järjestelmien eduista. - Vaikka ongelma ratkaistiin, se toi esiin huolenaiheita GitHubin luotettavuudesta ja kolmannen osapuolen alustojen varaan rakentamisen riskeistä olennaisissa tehtävissä." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 julkaistu ZFS raidz -laajennuksella", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 on julkaistu, ja se tuo mukanaan merkittäviä ominaisuuksia, kuten RAIDZ-laajennuksen, nopean deduplikoinnin, suoran syötteen/ulostulon, JSON-ulostulon ja tuen pitkille tiedostonimille. - Julkaisu sisältää olennaisia virheenkorjauksia ja suorituskyvyn parannuksia, ja se on yhteensopiva Linux-ytimien 4.18 - 6.12 ja FreeBSD-versioiden 13.3, 14.0 - 14.2 kanssa. - Päivitys on 134 avustajan yhteistyön tulos, ja siitä on saatavilla kattava dokumentaatio ja muutosloki tarkasteltavaksi." + ], + "commentSummary": [ + "ZFS 2.3 on julkaistu, ja se tuo mukanaan ominaisuuksia kuten RAIDZ-laajennus, nopea deduplikointi, suora IO, JSON-tuloste ja tuki pitkille tiedostonimille. - RAIDZ-laajennus on erityisen merkittävä, sillä se mahdollistaa käyttäjille uusien laitteiden lisäämisen olemassa olevaan RAIDZ-pooliin ilman käyttökatkoa, mikä parantaa tallennuskapasiteettia. - Julkaisua pidetään merkittävänä edistysaskeleena ZFS-käyttäjille, ja sitä verrataan muihin tiedostojärjestelmiin kuten Btrfs ja Windows Storage Spaces, vaikka sillä on joitakin rajoituksia, kuten kyvyttömyys pienentää pooleja." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Alpine-, Ubuntu-, Fedora- ja Arch-kontit, jotka sisältävät täydet työpöytäympäristöt", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop tarjoaa kontteja, jotka perustuvat Alpineen, Ubuntuun, Fedoraan ja Archiin, ja joissa on täydet työpöytäympäristöt, jotka ovat käytettävissä verkkoselaimien kautta, tukien sekä x86-64 että arm64-arkkitehtuureja.", + "Kayttäjät voivat valita erilaisista työpöytäympäristöistä, kuten XFCE, KDE, MATE, i3, Openbox ja IceWM, käyttämällä tiettyjä kuvamerkintöjä ja käyttää Webtopia määrättyjen URL-osoitteiden kautta.", + "Turvaominaisuuksiin kuuluvat Dockerin seccomp-vaihtoehto ja todennuksen asennus, mukautusmahdollisuudet ympäristömuuttujien kautta sekä tuki GPU-kiihdytykselle avoimen lähdekoodin ajureilla." + ], + "commentSummary": [ + "Webtop tarjoaa kontteja, joissa on täydet työpöytäympäristöt Alpine-, Ubuntu-, Fedora- ja Arch-järjestelmille, sopien nopeisiin asennuksiin VPN:n taakse.", + "Webtopin käyttäjät kehuvat sen nopeutta ja helppokäyttöisyyttä, erityisesti kun sitä käytetään Gluetun-kontin kanssa turvallisten yhteyksien luomiseksi, mutta varoittavat konttien altistamisesta internetille ilman turvatoimia oletusautentikoinnin puutteen vuoksi.", + "Projektia arvostetaan sen avoimen lähdekoodin ja joustavuuden vuoksi, ja käyttäjät jakavat kokoonpanoja. Vaihtoehdot kuten Kasm ja Selkies mainitaan samanlaisiin tarkoituksiin." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 viidestä verkossa julkaistusta työpaikkailmoituksesta on joko väärennös tai niitä ei koskaan täytetä, tutkimus paljastaa", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "Äskettäinen tutkimus osoittaa, että 20 % verkossa olevista työpaikkailmoituksista on joko väärennettyjä tai jää täyttämättä, mikä lisää työnhakijoiden turhautumista. - Tämä \"haamutyöpaikkojen\" trendi saattaa olla yritysten keino luoda kuvaa kasvusta. - Työpaikka-alustat, kuten Greenhouse ja LinkedIn, ovat ottaneet käyttöön työpaikkojen varmennuspalveluita auttaakseen käyttäjiä tunnistamaan aidot työmahdollisuudet." + ], + "commentSummary": [ + "Eräs tutkimus paljastaa, että 20 % verkossa olevista työpaikkailmoituksista on joko väärennettyjä tai jää täyttämättä, usein siksi, että yritysten on noudatettava Yhdysvaltojen maahanmuuttopolitiikkaa. - Yritykset voivat myös pitää työpaikkailmoituksia esillä löytääkseen ihanteellisia ehdokkaita, muuttaakseen vaatimuksia tai koska heillä on jo valmiiksi valittuja sisäisiä ehdokkaita. - Työmarkkinat ovat hakijoille vaikeat, ja he kohtaavat usein \"ghostingia\" ja automatisoituja hylkäyksiä, mikä on johtanut vaatimuksiin sääntelytoimista." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Tehdä risteyksestä turvaton jalankulkijoille säästääkseen sekunteja autoilijoille", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Keskustelu keskittyy siihen, tulisiko risteyksissä asettaa etusijalle jalankulkijoiden turvallisuus vai autoilijoiden tehokkuus, ja jotkut suosivat liikennevalo-ohjattuja risteyksiä ja jalankulkijoiden ylityksiä neljän suunnan pysähdysten sijaan.", + "Mielipiteet vaihtelevat liikennelakien ja infrastruktuurin suunnittelun suhteen, ja keskusteluja käydään muun muassa kadunylityksen turvallisuudesta ja oikealle kääntymisen riskeistä punaisissa valoissa.", + "Jotkut kannattavat vaihtoehtoisia ratkaisuja, kuten liikenneympyröitä tai hollantilaisten liikennesuunnittelustandardien omaksumista, parantaakseen sekä turvallisuutta että tehokkuutta." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL on vuoden 2024 tietokannan hallintajärjestelmä.", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL on saanut DB-Enginesin myöntämän Vuoden DBMS 2024 -palkinnon, saavuttaen tämän tunnustuksen viidennen kerran, ohittaen 423 muuta tietokannan hallintajärjestelmää.", + "PostgreSQL, jolla on lähes 35 vuoden historia, jatkaa innovointia, kuten nähdään syyskuussa 2024 julkaistun PostgreSQL 17:n viimeaikaisissa parannuksissa.", + "Snowflake ja Microsoft saavuttivat toisen ja kolmannen sijan, Snowflaken erottuessa pilvipohjaisesta tietovarastoinnistaan ja monipilvitukensa ansiosta, kun taas Microsoft tarjoaa vankkoja hallittuja relaatiotietokantoja Azure SQL Database- ja SQL Server -palveluiden kautta." + ], + "commentSummary": [ + "PostgreSQL on saanut vuoden 2024 tietokannan hallintajärjestelmän palkinnon db-engines.com-sivustolta, mikä korostaa sen kasvavaa suosiota ja tunnustusta alalla.", + "Käyttäjät harkitsevat siirtymistä Microsoft SQL Serveristä PostgreSQL:ään korkeiden lisensointikustannusten ja resurssirajoitusten vuoksi, huolimatta mahdollisista siirtymähaasteista.", + "PostgreSQL on suosittu sen vankkojen ominaisuuksien ja kustannustehokkuuden vuoksi, mikä tekee siitä suositun valinnan tuleviin projekteihin, vaikka jotkut käyttäjät tutkivat vaihtoehtoja, kuten Babelfish, kustannusten vähentämiseksi." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Googlen OAuth-kirjautuminen ei suojaa epäonnistuneen startup-yrityksen verkkotunnuksen ostamiselta", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Keskustelu tuo esiin haavoittuvuuden Googlen OAuth-kirjautumisjärjestelmässä, kun epäonnistuneen startup-yrityksen verkkotunnus hankitaan uuden omistajan toimesta, mikä voi mahdollisesti sallia luvattoman pääsyn palveluihin.", + "Tämä ongelma syntyy, koska Google ei välttämättä erota alkuperäisiä ja uusia verkkotunnuksen omistajia toisistaan, mikä vaikuttaa kaikkiin järjestelmiin, jotka käyttävät verkkotunnuspohjaista todennusta.", + "Yksi ehdotettu ratkaisu on käyttää yksilöllisiä tunnisteita, jotka pysyvät muuttumattomina ajan myötä, vaikka tämän ratkaisun toteutus vaihtelee eri identiteetin tarjoajien kesken." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Koodausosaamisen hyödyntäminen passiivisen tulon hankkimiseen", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "Kirjoittaja siirtyi teknologiajohtajan roolista yksinyrittäjäksi ja ansaitsi menestyksekkäästi enemmän ohjelmistotuotteiden portfoliollaan.", + "Keskeisiin strategioihin kuuluu keskittyminen syvälliseen työskentelyyn, aloittaminen pienistä projekteista, nopea iterointi ja ajan omistaminen markkinointiponnisteluille.", + "Matka korostaa epävarmuuksien vuoksi resilienssiä, mutta tuo esiin tämän urapolun vertaansa vailla olevan autonomian ja vapauden, kannustaen koodaustaitoisia harkitsemaan sitä passiivisen tulon lähteenä." + ], + "commentSummary": [ + "Eräs käyttäjä kuvaili passiivisen tulon hankkimista SEO-spam-sivustojen kautta käyttämällä vanhentuvia verkkotunnuksia, ansaiten noin 30 000 dollaria vuodessa, huolimatta eettisistä huolenaiheista ja Googlen lopulta tapahtuvasta tiukennuksesta.", + "Julkaisu herätti keskustelua passiivisista tuloista, ja jotkut käyttäjät väittivät, että se muistuttaa enemmän yrityksen pyörittämistä kuin todellisia passiivisia ansioita.", + "Osallistujat jakoivat kokemuksia ja haasteita sivuprojekteissa, korostaen ajan, sitkeyden ja strategisen suunnittelun merkitystä." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Espanja ehdottaa 100 % veroa EU:n ulkopuolisten asukkien ostamille asunnoille", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "Espanja harkitsee 100 % veroa kiinteistöhankinnoille, jotka tehdään EU:n ulkopuolisilta asukkailta, pyrkien ratkaisemaan asuntokriisiä ja hillitsemään spekulatiivista ostamista.", + "Pääministeri Pedro Sánchezin ehdotus sisältää sosiaalisen asuntotuotannon laajentamisen ja turistivuokrausten sääntelyn, jotta voitaisiin puuttua asuntohintojen ja tulojen väliseen epätasapainoon.", + "Ehdotuksen tulevaisuus lakina on epävarma, ja jotkut analyytikot pitävät sitä pikemminkin ulkomaisten sijoittajien pelotteena kuin taattuna lainsäädännöllisenä muutoksena." + ], + "commentSummary": [ + "Espanja harkitsee 100 % veroa EU:n ulkopuolisten asukkaiden ostamille asunnoille ratkaistakseen asuntojen kohtuuhintaisuuteen liittyviä ongelmia. - Kriitikot väittävät, että ulkomaiset ostajat eivät ole asuntojen korkeiden hintojen ensisijainen syy, vaan hitaat byrokratiaprosessit ja kaavoituslait ovat merkittävämpiä tekijöitä. - Ehdotus on herättänyt keskustelua ulkomaisen omistuksen roolista asuntomarkkinoilla ja sen tehokkuudesta kohtuuhintaisuuskysymysten ratkaisemisessa." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple saa pian 'made in America' -sirut TSMC:n Arizonan tehtaasta", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple testaa TSMC:n Arizonan laitoksen prosessoreita, suunnitellen massatuotantoa ensimmäiselle vuosineljännekselle, ja saattaa näin tulla TSMC:n ensimmäiseksi Yhdysvaltain asiakkaaksi paikallisesti valmistetuille siruille. - Tämä aloite pyrkii vahvistamaan Yhdysvaltojen piiriomavaraisuutta, vähentäen riippuvuutta Taiwanista, joka on altis geopoliittisille ja luonnonriskeille. - TSMC:n Arizonan tehdas aikoo tuottaa edistyneitä 3nm ja 2nm siruja, ja pyrkii parantamaan paikallista rekrytointia sekä yhteistyötä Yhdysvaltain yliopistojen kanssa, vaikka pakkaaminen tapahtuukin aluksi Taiwanissa, kunnes Peorian laitos on toiminnassa." + ], + "commentSummary": [ + "Apple saa siruja TSMC:n Arizonan tehtaalta, mutta ne on lähetettävä takaisin Taiwaniin pakkausta varten Yhdysvaltojen riittämättömien tilojen vuoksi. - Yli 50 % Arizonan tehtaan työvoimasta on Taiwanista, mikä osoittaa puutteen Yhdysvaltojen STEM (tiede, teknologia, insinööritiede ja matematiikka) alalla. - CHIPS Act -aloite, jonka tavoitteena on parantaa Yhdysvaltojen puolijohdevalmistusta, kohtaa haasteita, kun \"Made in America\" -merkintää kyseenalaistetaan pakkausprosessin tapahtuessa Taiwanissa, ja suunnitelmissa on Yhdysvaltojen pakkauskapasiteetin kehittäminen vuoteen 2027 mennessä." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43 000 kuljettajaa vähemmän Manhattanin teillä ruuhkamaksujen käyttöönoton jälkeen", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Ruuhkamaksujen käyttöönoton jälkeen Manhattanille 60. kadun alapuolelle ajavien kuljettajien määrä väheni 7,5 %, mikä tarkoittaa 43 000 vähemmän kuljettajaa joka arkipäivä.", + "Liikenteen väheneminen on parantanut liikenteen sujuvuutta ja lisännyt bussien nopeuksia, ja joillakin pikabusseilla on ollut enemmän matkustajia.", + "Metropolitan Transportation Authority (MTA) käyttää tietullituloja, joiden arvioidaan olevan 500 miljoonaa dollaria vuosittain, liikenteen parannuksiin, huolimatta joistakin poliittisista vastustuksista." + ], + "commentSummary": [ + "Ruuhkamaksujen käyttöönotto Manhattanilla on johtanut 43 000 kuljettajan vähenemiseen, mikä on lisännyt bussien nopeuksia ja mahdollisesti parantanut hätätilanteisiin vastaamisaikoja.", + "Politiikan tarkoituksena on vähentää liikenneruuhkia ja parantaa ilmanlaatua, vaikka se onkin herättänyt keskustelua sen vaikutuksista pienituloisiin henkilöihin.", + "Kannattajat väittävät, että hyödyt sisältävät tehokkaamman joukkoliikenteen ja puhtaamman ilman, kun taas keskustelut jatkuvat näiden etujen tasapainottamisesta autoilijoiden tarpeiden kanssa." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.fr.json b/records/2025-01-14/2025-01-14.fr.json new file mode 100644 index 000000000..0c4b758e3 --- /dev/null +++ b/records/2025-01-14/2025-01-14.fr.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "Un chercheur en sécurité de Snyk déploie des paquets NPM malveillants ciblant cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "Un chercheur en sécurité de Snyk a publié des paquets NPM malveillants ciblant Cursor.com, une entreprise de codage IA, pour collecter des données système et les envoyer à un service contrôlé par un attaquant.", + "Les paquets, identifiés comme \"cursor-retrieval\", \"cursor-always-local\" et \"cursor-shadow-workspace\", ont été signalés par le scanner d'analyse de paquets OpenSSF, entraînant les avis MAL-2025-27, MAL-2025-28 et MAL-2025-29.", + "Cet incident souligne l'importance de scruter les paquets NPM avant l'installation pour éviter les menaces potentielles à la sécurité." + ], + "commentSummary": [ + "Un chercheur en sécurité de Snyk a publié des paquets NPM (Node Package Manager) malveillants ciblant cursor.com, mettant en évidence des vulnérabilités de confusion de dépendance. - L'incident a déclenché un débat sur l'éthique de la recherche en sécurité, notamment en ce qui concerne l'exposition publique des variables d'environnement. - Cursor.com a précisé qu'ils n'avaient pas autorisé cette action, et Snyk s'est depuis excusé, soulignant les défis de l'équilibre entre la recherche en sécurité offensive et les normes éthiques." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "Je suis passé à Firefox et je n'ai jamais regretté.", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox est salué pour sa gestion supérieure des onglets, sa fonctionnalité Pocket intégrée pour enregistrer des liens, et son relais de messagerie axé sur la confidentialité, en faisant une alternative solide à Chrome. - Des fonctionnalités supplémentaires comme un outil de capture d'écran convivial, un bouton ChatGPT, le mode Picture-in-Picture, des options de recherche personnalisables, et un défilement fluide améliorent l'expérience de navigation. - Bien que Firefox manque de la fonctionnalité d'application web de Chrome, sa conception réfléchie et ses exigences réduites en ressources en font un choix préféré pour certains utilisateurs." + ], + "commentSummary": [ + "Les utilisateurs de Firefox sont confrontés à des défis de la part de plateformes comme YouTube, qui peuvent intentionnellement dégrader l'expérience pour les navigateurs non-Google ou les utilisateurs employant des bloqueurs de publicités. - Cette tendance soulève des préoccupations concernant l'autonomie des utilisateurs, car elle pénalise ceux qui optent pour une expérience web sans publicité et sans surveillance. - Firefox offre des fonctionnalités uniques, telles que les onglets conteneurs, qui améliorent la confidentialité et l'utilisabilité, en faisant un choix privilégié pour les utilisateurs cherchant à s'affranchir des navigateurs contrôlés par de grandes entreprises." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Le PDG de Sonos démissionne après le fiasco de la mise à jour de l'application", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Le PDG de Sonos a démissionné suite à une mise à jour controversée de l'application qui obligeait les utilisateurs à remplacer des systèmes audio coûteux, provoquant l'insatisfaction des clients. - La mise à jour a introduit un système basé sur le cloud, s'éloignant du fiable Universal Plug and Play (UPnP), ce qui a entraîné des problèmes de connectivité et une complexité accrue. - Cette situation souligne le conflit entre les stratégies commerciales et le maintien de la confiance des clients, alors que le PDG passe à un rôle de conseiller avec un package de départ." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "Dans le ventre de MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "L'essai examine comment l'algorithme de YouTube influence la création de contenu, en utilisant MrBeast comme étude de cas, soulignant un passage vers un contenu axé sur l'engagement plutôt que sur le sens. - Il discute des implications plus larges pour la littératie médiatique et l'impact culturel des plateformes comme YouTube et TikTok, suggérant une tendance vers un contenu superficiel et réactionnaire. - Diverses perspectives sont considérées sur le rôle des algorithmes dans la formation du contenu et l'influence des créateurs populaires sur les normes culturelles." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "Les opérations Git sur GitHub sont en panne", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub a connu une panne des opérations Git le 13 janvier 2025, en raison d'un changement de configuration affectant l'équilibreur de charge interne, qui a duré de 23h35 à 00h24 UTC. - Le problème a été résolu en annulant le changement de configuration, et GitHub travaille à améliorer les processus de surveillance et de déploiement pour éviter des incidents similaires. - La panne a également affecté les services Actions et Pages de GitHub, soulignant la nature interconnectée de leurs services de plateforme." + ], + "commentSummary": [ + "GitHub a connu une panne majeure affectant les opérations git, ce qui a conduit à la confusion parmi les développeurs qui ont d'abord suspecté des problèmes avec leurs clés SSH ou leurs configurations locales. - L'incident a souligné les défis liés à la dépendance aux services centralisés, suscitant des discussions sur les avantages de l'auto-hébergement et des systèmes décentralisés. - Bien que le problème ait été résolu, il a mis en lumière des préoccupations concernant la fiabilité de GitHub et les risques de dépendre de plateformes tierces pour des tâches essentielles." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 publié avec l'expansion ZFS raidz", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 a été publié, introduisant des fonctionnalités significatives telles que l'expansion RAIDZ, la déduplication rapide, l'entrée/sortie directe, la sortie JSON et la prise en charge des noms de fichiers longs. - La version inclut des corrections de bugs essentielles et des améliorations de performance, compatible avec les noyaux Linux 4.18 - 6.12 et les versions FreeBSD 13.3, 14.0 - 14.2. - La mise à jour est le fruit d'un effort collaboratif de 134 contributeurs, avec une documentation complète et un journal des modifications disponibles pour consultation." + ], + "commentSummary": [ + "ZFS 2.3 a été publié, introduisant des fonctionnalités telles que l'expansion RAIDZ, la déduplication rapide, l'IO direct, la sortie JSON et la prise en charge des noms de fichiers longs. - L'expansion RAIDZ est particulièrement remarquable car elle permet aux utilisateurs d'ajouter de nouveaux dispositifs à un pool RAIDZ existant sans temps d'arrêt, augmentant ainsi la capacité de stockage. - La version est considérée comme une avancée significative pour les utilisateurs de ZFS, établissant des comparaisons avec d'autres systèmes de fichiers comme Btrfs et Windows Storage Spaces, malgré certaines limitations comme l'incapacité de réduire les pools." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Conteneurs Alpine, Ubuntu, Fedora et Arch contenant des environnements de bureau complets", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop propose des conteneurs basés sur Alpine, Ubuntu, Fedora et Arch avec des environnements de bureau complets accessibles via des navigateurs web, prenant en charge les architectures x86-64 et arm64.", + "Les utilisateurs peuvent choisir parmi divers environnements de bureau tels que XFCE, KDE, MATE, i3, Openbox et IceWM en utilisant des balises d'image spécifiques, et accéder au Webtop via des URL désignées.", + "Les fonctionnalités de sécurité incluent l'option seccomp de Docker et la configuration d'authentification, avec des options de personnalisation disponibles via des variables d'environnement, ainsi que la prise en charge de l'accélération GPU avec des pilotes open-source." + ], + "commentSummary": [ + "Webtop fournit des conteneurs avec des environnements de bureau complets pour Alpine, Ubuntu, Fedora et Arch, adaptés pour des configurations rapides derrière un VPN.", + "Les utilisateurs louent Webtop pour sa rapidité et sa facilité d'utilisation, en particulier lorsqu'il est utilisé avec le conteneur Gluetun pour des connexions sécurisées, mais mettent en garde contre l'exposition des conteneurs à Internet sans mesures de sécurité en raison de l'absence d'authentification par défaut.", + "Le projet est apprécié pour être open-source et flexible, avec des utilisateurs partageant des configurations, et des alternatives comme Kasm et Selkies sont notées pour des objectifs similaires." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 offre d'emploi en ligne sur 5 est soit fausse, soit jamais pourvue, selon une étude", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "Une étude récente indique que 20 % des offres d'emploi en ligne sont soit fausses, soit restent non pourvues, ce qui ajoute à la frustration des chercheurs d'emploi. - Cette tendance des \"emplois fantômes\" pourrait être une tactique pour les entreprises de projeter une image de croissance. - Des plateformes d'emploi telles que Greenhouse et LinkedIn ont introduit des services de vérification des offres d'emploi pour aider les utilisateurs à identifier les opportunités d'emploi authentiques." + ], + "commentSummary": [ + "Une étude révèle que 20 % des offres d'emploi en ligne sont soit fausses, soit restent non pourvues, souvent parce que les entreprises doivent se conformer aux politiques d'immigration des États-Unis. - Les entreprises peuvent également laisser des offres d'emploi en ligne pour trouver des candidats idéaux, modifier les exigences ou avoir des candidats internes pré-sélectionnés. - Le marché du travail est difficile pour les candidats, qui rencontrent fréquemment des disparitions et des rejets automatisés, ce qui incite à demander une intervention réglementaire." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Rendre une intersection dangereuse pour les piétons afin de gagner quelques secondes pour les conducteurs", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Le débat porte sur la question de savoir si les intersections doivent privilégier la sécurité des piétons ou l'efficacité des conducteurs, certains préférant les intersections contrôlées par des feux et les carrefours piétons aux arrêts à 4 voies.", + "Les opinions divergent sur les lois de la circulation et la conception des infrastructures, avec des discussions sur la sécurité du passage piéton en dehors des clous et les risques associés aux virages à droite au feu rouge.", + "Certains préconisent des solutions alternatives comme les ronds-points ou l'adoption des normes d'ingénierie de la circulation néerlandaises pour améliorer à la fois la sécurité et l'efficacité." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL est le système de gestion de base de données de l'année 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL a été désigné SGBD de l'année 2024 par DB-Engines, obtenant cette reconnaissance pour la cinquième fois, surpassant 423 autres systèmes de gestion de bases de données.", + "PostgreSQL, avec une histoire s'étendant sur près de 35 ans, continue d'innover, comme en témoignent les récentes améliorations de PostgreSQL 17, sorti en septembre 2024.", + "Snowflake et Microsoft ont respectivement obtenu les deuxième et troisième places, Snowflake étant reconnu pour son entrepôt de données basé sur le cloud et son support multi-cloud, tandis que Microsoft propose des bases de données relationnelles gérées robustes via Azure SQL Database et SQL Server." + ], + "commentSummary": [ + "PostgreSQL a été désigné Système de Gestion de Base de Données de l'année 2024 par db-engines.com, soulignant sa popularité croissante et sa reconnaissance dans l'industrie.", + "Les utilisateurs envisagent de passer de Microsoft SQL Server à PostgreSQL en raison des coûts de licence élevés et des limitations de ressources, malgré les défis potentiels de migration.", + "PostgreSQL est prisé pour ses fonctionnalités robustes et son rapport coût-efficacité, ce qui en fait un choix privilégié pour les projets futurs, bien que certains utilisateurs explorent des alternatives comme Babelfish pour réduire les coûts." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Le système de connexion OAuth de Google ne protège pas contre l'achat d'un domaine d'une startup échouée.", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Le débat met en lumière une vulnérabilité dans le système de connexion OAuth de Google lorsqu'un domaine d'une startup échouée est acquis par un nouveau propriétaire, ce qui pourrait potentiellement permettre un accès non autorisé aux services.", + "Ce problème survient parce que Google peut ne pas faire la distinction entre les propriétaires de domaine d'origine et les nouveaux, ce qui affecte tout système utilisant l'authentification basée sur le domaine.", + "Une solution proposée consiste à utiliser des identifiants uniques qui restent constants dans le temps, bien que la mise en œuvre de cette solution varie selon les fournisseurs d'identité." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Utiliser des compétences en codage pour générer des revenus passifs", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "L'auteur est passé d'un rôle de CTO à celui de solopreneur, réussissant à gagner plus grâce à un portefeuille de produits logiciels.", + "Les stratégies clés incluent la concentration sur un travail en profondeur, le démarrage avec de petits projets, l'itération rapide et la dédication de temps aux efforts de marketing.", + "Le voyage met l'accent sur la résilience face aux incertitudes, mais souligne l'autonomie et la liberté inégalées de cette voie professionnelle, encourageant ceux qui possèdent des compétences en codage à la considérer pour un revenu passif." + ], + "commentSummary": [ + "Un utilisateur a décrit la génération de revenus passifs grâce à des sites web de spam SEO utilisant des noms de domaine expirants, gagnant environ 30 000 $ par an, malgré des préoccupations éthiques et la répression éventuelle de Google.", + "Le message a suscité un débat sur le revenu passif, certains utilisateurs soutenant qu'il s'apparente davantage à la gestion d'une entreprise qu'à des gains véritablement passifs.", + "Les participants ont partagé des expériences et des défis dans des projets parallèles, soulignant l'importance du temps, de la résilience et de la planification stratégique." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Espagne propose une taxe de 100 % sur les maisons achetées par des résidents non-UE", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "Espagne envisage une taxe de 100 % sur les achats immobiliers par des résidents non-UE, visant à résoudre la crise du logement et à freiner les achats spéculatifs.", + "Le projet du Premier ministre Pedro Sánchez comprend l'expansion du logement social et la régulation des locations touristiques pour s'attaquer à la disparité entre les prix du logement et les revenus.", + "Le futur de la proposition en tant que loi est incertain, certains analystes la considérant comme un frein pour les investisseurs étrangers plutôt qu'un changement législatif garanti." + ], + "commentSummary": [ + "Espagne envisage une taxe de 100 % sur les maisons achetées par des résidents non-UE pour résoudre les problèmes d'accessibilité au logement. - Les critiques suggèrent que les acheteurs étrangers ne sont pas la principale cause des prix élevés de l'immobilier, citant la lenteur de la bureaucratie et les lois de zonage comme des facteurs plus significatifs. - La proposition a déclenché un débat sur le rôle de la propriété étrangère dans les marchés immobiliers et son efficacité à résoudre les problèmes d'accessibilité." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple recevra bientôt des puces 'fabriquées en Amérique' de l'usine de TSMC en Arizona", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple teste des processeurs provenant de l'usine de TSMC en Arizona, avec des plans pour une production de masse d'ici le premier trimestre, devenant potentiellement le premier client américain de TSMC pour des puces fabriquées localement. - Cette initiative vise à renforcer l'indépendance en silicium des États-Unis, réduisant la dépendance vis-à-vis de Taïwan, qui est vulnérable aux risques géopolitiques et naturels. - L'usine de TSMC en Arizona est prête à produire des puces avancées de 3 nm et 2 nm, avec des efforts continus pour améliorer le recrutement local et les partenariats avec les universités américaines, bien que l'emballage se fasse initialement à Taïwan jusqu'à ce que l'installation de Peoria soit opérationnelle." + ], + "commentSummary": [ + "Apple recevra des puces de l'usine de TSMC en Arizona, mais elles doivent être renvoyées à Taïwan pour l'emballage en raison de l'insuffisance des installations aux États-Unis. - Plus de 50 % de la main-d'œuvre de l'usine de l'Arizona provient de Taïwan, ce qui indique un écart dans le domaine STEM (Science, Technologie, Ingénierie et Mathématiques) aux États-Unis. - L'initiative du CHIPS Act, visant à améliorer la fabrication de semi-conducteurs aux États-Unis, fait face à des défis alors que le label \"Made in America\" est remis en question en raison du processus d'emballage se déroulant à Taïwan, avec des plans pour des capacités d'emballage aux États-Unis d'ici 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43 000 conducteurs de moins sur les routes de Manhattan après l'activation du péage de congestion", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Après la mise en œuvre de la tarification de congestion, il y a eu une réduction de 7,5 % du nombre de conducteurs entrant à Manhattan au-dessous de la 60e rue, ce qui équivaut à 43 000 conducteurs de moins chaque jour de semaine.", + "La réduction du trafic a amélioré la fluidité de la circulation et augmenté la vitesse des bus, certains bus express connaissant une augmentation du nombre de passagers.", + "Le Metropolitan Transportation Authority (MTA) utilise les recettes des péages, estimées à 500 millions de dollars par an, pour des améliorations du transport en commun, malgré une certaine opposition politique." + ], + "commentSummary": [ + "La mise en œuvre de la tarification de la congestion à Manhattan a entraîné 43 000 conducteurs de moins, ce qui a conduit à une augmentation de la vitesse des bus et potentiellement à de meilleurs temps de réponse des services d'urgence.", + "Cette politique est conçue pour réduire la congestion du trafic et améliorer la qualité de l'air, bien qu'elle ait suscité un débat sur son impact sur les personnes à faible revenu.", + "Les partisans soutiennent que les avantages incluent un transport en commun plus efficace et un air plus pur, tandis que les discussions se poursuivent sur l'équilibre entre ces avantages et les besoins des conducteurs." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.he.json b/records/2025-01-14/2025-01-14.he.json new file mode 100644 index 000000000..6bc1f7bca --- /dev/null +++ b/records/2025-01-14/2025-01-14.he.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "חוקר אבטחה של Snyk מפרסם חבילות NPM זדוניות המכוונות ל-cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "חוקר אבטחה של Snyk שחרר חבילות NPM זדוניות המכוונות ל-Cursor.com, חברת קידוד מבוססת בינה מלאכותית, כדי לאסוף נתוני מערכת ולשלוח אותם לשירות בשליטת תוקף.", + "החבילות, שזוהו כ-\"cursor-retrieval\", \"cursor-always-local\", ו-\"cursor-shadow-workspace\", סומנו על ידי סורק ניתוח החבילות של OpenSSF, מה שהוביל להמלצות MAL-2025-27, MAL-2025-28, ו-MAL-2025-29.", + "תקלה זו מדגישה את החשיבות של בדיקת חבילות NPM לפני ההתקנה כדי להימנע מאיומי אבטחה פוטנציאליים." + ], + "commentSummary": [ + "חוקר אבטחה של Snyk שחרר חבילות NPM (מנהל חבילות Node) זדוניות המכוונות ל-cursor.com, והדגיש פגיעויות של בלבול תלות. - האירוע עורר דיון על האתיקה של מחקר אבטחה, במיוחד בנוגע לחשיפה ציבורית של משתני סביבה. - cursor.com הבהירו שהם לא אישרו את הפעולה, ו-Snyk התנצל מאז, מה שמדגיש את האתגרים באיזון בין מחקר אבטחה התקפי לסטנדרטים אתיים." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "עברתי לפיירפוקס ולעולם לא הבטתי לאחור", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "פיירפוקס זוכה לשבחים על ניהול הלשוניות המעולה שלו, תכונת Pocket המובנית לשמירת קישורים, ושירות דואר אלקטרוני ממוקד פרטיות, מה שהופך אותו לחלופה חזקה לכרום. - תכונות נוספות כמו כלי צילום מסך ידידותי למשתמש, כפתור ChatGPT, תמונה בתוך תמונה, אפשרויות חיפוש מותאמות אישית וגלילה חלקה משפרות את חוויית הגלישה. - למרות שפיירפוקס חסר את תכונת האפליקציות האינטרנטיות של כרום, העיצוב המחושב שלו והדרישות המופחתות למשאבים הופכים אותו לבחירה מועדפת עבור חלק מהמשתמשים." + ], + "commentSummary": [ + "משתמשי פיירפוקס מתמודדים עם אתגרים מפלטפורמות כמו יוטיוב, שעשויות להרע בכוונה את החוויה עבור דפדפנים שאינם של גוגל או משתמשים המשתמשים בחוסמי פרסומות. מגמה זו מעוררת דאגות לגבי האוטונומיה של המשתמש, שכן היא מענישה את אלו הבוחרים בחוויית אינטרנט ללא פרסומות וללא מעקב. פיירפוקס מציעה תכונות ייחודיות, כמו כרטיסיות מכולה, המשפרות את הפרטיות והשימושיות, מה שהופך אותה לבחירה מועדפת עבור משתמשים המחפשים עצמאות מדפדפנים הנשלטים על ידי תאגידים גדולים." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "מנכ\"ל סונוס מתפטר לאחר תקרית עדכון האפליקציה", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "המנכ\"ל של סונוס התפטר בעקבות עדכון אפליקציה שנוי במחלוקת שדרש מהמשתמשים להחליף מערכות קול יקרות, מה שגרם לאי שביעות רצון בקרב הלקוחות. - העדכון הציג מערכת מבוססת ענן, שהתרחקה מהמערכת האמינה Universal Plug and Play (UPnP), מה שהוביל לבעיות קישוריות והגברת המורכבות. - מצב זה מדגיש את הקונפליקט בין אסטרטגיות עסקיות לבין שמירה על אמון הלקוחות, כאשר המנכ\"ל עובר לתפקיד ייעוץ עם חבילת פיצויים." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "בבטנו של מרביסט", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "המאמר בוחן כיצד האלגוריתם של יוטיוב משפיע על יצירת תוכן, תוך שימוש במר ביסט כמקרה בוחן, ומדגיש מעבר לתוכן מונע מעורבות במקום תוכן משמעותי. - הוא דן בהשלכות הרחבות יותר על אוריינות מדיה וההשפעה התרבותית של פלטפורמות כמו יוטיוב וטיקטוק, ומציע מגמה לעבר תוכן שטחי ותגובתי. - נבחנות פרספקטיבות שונות על תפקידם של אלגוריתמים בעיצוב תוכן ועל השפעתם של יוצרים פופולריים על נורמות תרבותיות." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "פעולות Git ב-GitHub מושבתות", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub חוותה הפסקת פעילות של פעולות Git ב-13 בינואר 2025, עקב שינוי תצורה שהשפיע על מאזן העומסים הפנימי, שנמשך מ-23:35 עד 00:24 לפי זמן UTC. - הבעיה נפתרה על ידי החזרת שינוי התצורה, ו-GitHub עובדת על שיפור תהליכי הניטור והפריסה כדי למנוע תקריות דומות. - ההפסקה השפיעה גם על שירותי Actions ו-Pages של GitHub, מה שמדגיש את האופי המקושר של שירותי הפלטפורמה שלהם." + ], + "commentSummary": [ + "GitHub חוותה תקלה משמעותית שהשפיעה על פעולות git, מה שגרם לבלבול בקרב מפתחים שחשדו בתחילה בבעיות עם מפתחות ה-SSH שלהם או בהגדרות המקומיות. - האירוע הדגיש את האתגרים שבסמיכה על שירותים מרכזיים, והוביל לדיונים על היתרונות של אירוח עצמי ומערכות מבוזרות. - למרות שהבעיה נפתרה, היא הדגישה חששות לגבי האמינות של GitHub והסיכונים שבסמיכה על פלטפורמות צד שלישי למשימות חיוניות." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "זמן שחרור ZFS 2.3 עם הרחבת ZFS raidz", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 שוחרר, ומציג תכונות משמעותיות כמו הרחבת RAIDZ, דה-דופליקציה מהירה, קלט/פלט ישיר, פלט JSON ותמיכה בשמות קבצים ארוכים. - השחרור כולל תיקוני באגים חיוניים ושיפורי ביצועים, תואם לליבות לינוקס 4.18 - 6.12 וגרסאות FreeBSD 13.3, 14.0 - 14.2. - העדכון הוא מאמץ שיתופי של 134 תורמים, עם תיעוד מקיף ורשימת שינויים זמינים לעיון." + ], + "commentSummary": [ + "זי.אף.אס 2.3 שוחרר, ומציג תכונות כמו הרחבת RAIDZ, דה-דופליקציה מהירה, קלט/פלט ישיר, פלט JSON ותמיכה בשמות קבצים ארוכים. - הרחבת RAIDZ היא במיוחד בולטת מכיוון שהיא מאפשרת למשתמשים להוסיף התקנים חדשים לבריכת RAIDZ קיימת ללא זמן השבתה, מה שמגביר את קיבולת האחסון. - השחרור נחשב להתקדמות משמעותית עבור משתמשי זי.אף.אס, ומושווה למערכות קבצים אחרות כמו Btrfs ו-Windows Storage Spaces, למרות מגבלות מסוימות כמו חוסר היכולת להקטין בריכות." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – מכולות של Alpine, Ubuntu, Fedora ו-Arch המכילות סביבות שולחן עבודה מלאות", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop מספק מכולות המבוססות על Alpine, Ubuntu, Fedora ו-Arch עם סביבות שולחן עבודה מלאות הנגישות דרך דפדפני אינטרנט, ותומכות בארכיטקטורות x86-64 ו-arm64.", + "משתמשים יכולים לבחור מתוך סביבות שולחן עבודה שונות כמו XFCE, KDE, MATE, i3, Openbox, ו-IceWM על ידי שימוש בתגי תמונה ספציפיים, ולגשת ל-Webtop דרך כתובות URL ייעודיות.", + "מאפייני האבטחה כוללים את אפשרות ה-seccomp של Docker והגדרת אימות, עם אפשרויות התאמה אישית זמינות דרך משתני סביבה, ותמיכה בהאצת GPU עם מנהלי התקנים בקוד פתוח." + ], + "commentSummary": [ + "Webtop מספקת מכולות עם סביבות שולחן עבודה מלאות עבור Alpine, Ubuntu, Fedora ו-Arch, המתאימות להתקנות מהירות מאחורי VPN.", + "משתמשים משבחים את Webtop על מהירותו וקלות השימוש בו, במיוחד כאשר משתמשים בו עם מיכל Gluetun לחיבורים מאובטחים, אך מזהירים מפני חשיפת מיכלים לאינטרנט ללא אמצעי אבטחה בשל היעדר אימות ברירת מחדל.", + "הפרויקט מוערך על היותו קוד פתוח וגמיש, כאשר משתמשים משתפים תצורות, ואלטרנטיבות כמו Kasm ו-Selkies נחשבות למטרות דומות." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "מחקר מגלה כי 1 מתוך 5 מודעות דרושים באינטרנט הן מזויפות או שלא מתמלאות לעולם", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "מחקר עדכני מצביע על כך ש-20% מהמשרות המפורסמות באינטרנט הן או מזויפות או נשארות לא מאוישות, מה שמוסיף לתסכול של מחפשי העבודה. - מגמת \"משרות רפאים\" זו עשויה להיות טקטיקה של חברות להציג תדמית של צמיחה. - פלטפורמות עבודה כמו Greenhouse ו-LinkedIn הציגו שירותי אימות משרות כדי לסייע למשתמשים בזיהוי הזדמנויות עבודה אמיתיות." + ], + "commentSummary": [ + "מחקר מגלה כי 20% מהמשרות המפורסמות באינטרנט הן מזויפות או נשארות לא מאוישות, לעיתים קרובות בגלל שחברות צריכות לעמוד במדיניות ההגירה של ארה\"ב. - חברות עשויות גם להשאיר משרות פנויות כדי למצוא מועמדים אידיאליים, לשנות דרישות, או שיש להן מועמדים פנימיים שנבחרו מראש. - שוק העבודה קשה למועמדים, אשר נתקלים לעיתים קרובות בהיעלמות תקשורת ודחיות אוטומטיות, מה שמעורר קריאות להתערבות רגולטורית." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "להפוך צומת ללא בטוחה להולכי רגל כדי לחסוך שניות לנהגים", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "הדיון מתמקד בשאלה האם צמתים צריכים להעדיף את בטיחות הולכי הרגל או את יעילות הנהגים, כאשר יש המעדיפים צמתים עם רמזורים ומעברי חצייה מרובי כיוונים על פני צמתים עם עצירה בארבעה כיוונים.", + "יש דעות שונות לגבי חוקי התנועה ועיצוב התשתיות, עם דיונים על בטיחות חציית כביש שלא במעבר חציה והסיכונים הקשורים לפניות ימינה באור אדום.", + "ישנם כאלה שממליצים על פתרונות חלופיים כמו כיכרות או אימוץ תקני הנדסת תנועה הולנדיים כדי לשפר הן את הבטיחות והן את היעילות." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL היא מערכת ניהול מסדי הנתונים של השנה 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL זכתה בתואר מערכת ניהול בסיסי נתונים של השנה 2024 על ידי DB-Engines, וזוהי הפעם החמישית שהיא זוכה בהכרה זו, כשהיא עוקפת 423 מערכות ניהול בסיסי נתונים אחרות.", + "PostgreSQL, עם היסטוריה המשתרעת על פני כמעט 35 שנים, ממשיך לחדש, כפי שניתן לראות בשיפורים האחרונים של PostgreSQL 17, ששוחרר בספטמבר 2024.", + "סנופלייק ומיקרוסופט תפסו את המקומות השני והשלישי, בהתאמה, כאשר סנופלייק נודעה בזכות מחסני הנתונים מבוססי הענן שלה ותמיכה בריבוי עננים, בעוד שמיקרוסופט מציעה מסדי נתונים יחסיים מנוהלים חזקים דרך Azure SQL Database ו-SQL Server." + ], + "commentSummary": [ + "PostgreSQL זכתה בתואר מערכת ניהול מסדי הנתונים של השנה 2024 על ידי db-engines.com, מה שמדגיש את הפופולריות וההכרה הגוברת שלה בתעשייה.", + "משתמשים שוקלים לעבור מ-Microsoft SQL Server ל-PostgreSQL בשל עלויות רישוי גבוהות ומגבלות משאבים, למרות אתגרי ההגירה הפוטנציאליים.", + "PostgreSQL מועדף בשל התכונות החזקות והעלות-תועלת שלו, מה שהופך אותו לבחירה מועדפת לפרויקטים עתידיים, אם כי חלק מהמשתמשים בוחנים חלופות כמו Babelfish כדי להפחית עלויות." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "כניסת OAuth של גוגל לא מגנה מפני רכישת דומיין של סטארטאפ שנכשל", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "הדיון מדגיש פגיעות במערכת ההתחברות של OAuth של גוגל כאשר הדומיין של סטארטאפ שנכשל נרכש על ידי בעלים חדש, מה שעשוי לאפשר גישה לא מורשית לשירותים.", + "בעיה זו מתעוררת מכיוון שגוגל עשויה לא להבחין בין הבעלים המקוריים של הדומיין לבין הבעלים החדשים, מה שמשפיע על כל מערכת שמשתמשת באימות מבוסס דומיין.", + "פתרון מוצע הוא להשתמש במזהים ייחודיים שנשארים קבועים לאורך זמן, אם כי יישום הפתרון הזה משתנה בין ספקי הזהות." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "להשתמש בכישורי תכנות כדי להרוויח הכנסה פסיבית", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "המחבר עבר מתפקיד של CTO ליזם עצמאי, והצליח להרוויח יותר באמצעות פורטפוליו של מוצרי תוכנה.", + "אסטרטגיות מפתח כוללות התמקדות בעבודה מעמיקה, התחלה עם פרויקטים קטנים, חזרה מהירה והקדשת זמן למאמצי שיווק.", + "המסע מדגיש חוסן עקב אי ודאויות, אך מדגיש את האוטונומיה והחופש הבלתי משתווים של מסלול קריירה זה, ומעודד את אלו עם כישורי קידוד לשקול אותו כהכנסה פסיבית." + ], + "commentSummary": [ + "משתמש תיאר יצירת הכנסה פסיבית באמצעות אתרי ספאם של SEO תוך שימוש בשמות דומיין שפג תוקפם, והרוויח כ-30,000 דולר בשנה, למרות חששות אתיים והמאבק של גוגל בתופעה בסופו של דבר.", + "הפוסט עורר דיון על הכנסה פסיבית, כאשר חלק מהמשתמשים טוענים שזה דומה יותר לניהול עסק מאשר לרווחים פסיביים באמת.", + "משתתפים שיתפו חוויות ואתגרים בפרויקטים צדדיים, והדגישו את החשיבות של זמן, חוסן ותכנון אסטרטגי." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "ספרד מציעה מס של 100% על בתים שנרכשים על ידי תושבים שאינם מהאיחוד האירופי", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "ספרד שוקלת להטיל מס של 100% על רכישות נדל\"ן על ידי תושבים שאינם מהאיחוד האירופי, במטרה להתמודד עם משבר הדיור ולרסן רכישות ספקולטיביות.", + "ראש הממשלה פדרו סאנצ'ס מציע להרחיב את הדיור הציבורי ולווסת את השכרת הדירות לתיירים כדי להתמודד עם הפער בין מחירי הדיור להכנסות.", + "העתיד של ההצעה כחוק אינו ודאי, כאשר חלק מהאנליסטים רואים בה כהרתעה למשקיעים זרים ולא כשינוי חקיקתי מובטח." + ], + "commentSummary": [ + "ספרד שוקלת להטיל מס של 100% על בתים שנרכשים על ידי תושבים שאינם מהאיחוד האירופי כדי להתמודד עם בעיות נגישות לדיור. - מבקרים טוענים כי קונים זרים אינם הגורם העיקרי למחירי הדיור הגבוהים, ומציינים את הבירוקרטיה האיטית וחוקי התכנון כגורמים משמעותיים יותר. - ההצעה הציתה דיון על תפקיד הבעלות הזרה בשוקי הדיור ועל יעילותה בפתרון בעיות הנגישות." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "בהקדם אפל תקבל שבבים 'תוצרת אמריקה' ממפעל TSMC באריזונה", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple בוחנת מעבדים ממתקן אריזונה של TSMC, עם תוכניות לייצור המוני עד הרבעון הראשון, וייתכן שתהפוך ללקוח האמריקאי הראשון של TSMC לשבבים המיוצרים מקומית. - יוזמה זו נועדה לחזק את העצמאות הסיליקונית של ארה\"ב, ולהפחית את התלות בטייוואן, שהיא פגיעה לסיכונים גיאופוליטיים וטבעיים. - המפעל של TSMC באריזונה מתוכנן לייצר שבבים מתקדמים בגודל 3 ננומטר ו-2 ננומטר, עם מאמצים מתמשכים לשיפור הגיוס המקומי ושיתופי פעולה עם אוניברסיטאות בארה\"ב, אם כי האריזה תתבצע בתחילה בטייוואן עד שהמתקן בפאוריה יהיה פעיל." + ], + "commentSummary": [ + "Apple תקבל שבבים ממפעל TSMC באריזונה, אך יש לשלוח אותם בחזרה לטייוואן לאריזה בשל מחסור במתקנים בארה\"ב. - מעל 50% מכוח העבודה במפעל באריזונה מגיע מטייוואן, מה שמצביע על פער בתחום ה-STEM (מדע, טכנולוגיה, הנדסה ומתמטיקה) בארה\"ב. - יוזמת חוק השבבים, שמטרתה לשפר את ייצור השבבים בארה\"ב, מתמודדת עם אתגרים כאשר תווית \"תוצרת אמריקה\" מוטלת בספק בשל תהליך האריזה המתרחש בטייוואן, עם תוכניות ליכולות אריזה בארה\"ב עד 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43 אלף נהגים פחות בכבישי מנהטן לאחר הפעלת תמחור גודש", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "לאחר יישום תמחור העומס, חלה ירידה של 7.5% במספר הנהגים הנכנסים למנהטן מתחת לרחוב ה-60, מה שמתורגם ל-43,000 נהגים פחות בכל יום חול.", + "הירידה בתנועה שיפרה את זרימת התנועה והעלתה את מהירות האוטובוסים, כאשר חלק מהאוטובוסים המהירים חווים עלייה במספר הנוסעים.", + "הרשות המטרופולינית לתחבורה (MTA) משתמשת בהכנסות מאגרות, המוערכות בכ-500 מיליון דולר בשנה, לשיפור התחבורה, למרות התנגדות פוליטית מסוימת." + ], + "commentSummary": [ + "היישום של תמחור גודש במנהטן הביא ל-43,000 נהגים פחות, מה שהוביל להאצת מהירות האוטובוסים וייתכן שגם לשיפור בזמני התגובה של שירותי החירום.", + "המדיניות נועדה להפחית את עומסי התנועה ולשפר את איכות האוויר, אם כי היא עוררה ויכוח על השפעתה על אנשים בעלי הכנסה נמוכה יותר.", + "תומכים טוענים כי היתרונות כוללים תחבורה ציבורית יעילה יותר ואוויר נקי יותר, בעוד שהדיונים נמשכים על איזון יתרונות אלו עם צרכי הנהגים." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.hi.json b/records/2025-01-14/2025-01-14.hi.json new file mode 100644 index 000000000..a56643740 --- /dev/null +++ b/records/2025-01-14/2025-01-14.hi.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "स्नाइक सुरक्षा शोधकर्ता ने कर्सर.कॉम को लक्षित करते हुए दुर्भावनापूर्ण एनपीएम पैकेज तैनात किए।", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "एक Snyk सुरक्षा शोधकर्ता ने Cursor.com, एक AI कोडिंग कंपनी, को लक्षित करते हुए दुर्भावनापूर्ण NPM पैकेज जारी किए, ताकि सिस्टम डेटा एकत्र किया जा सके और इसे हमलावर-नियंत्रित सेवा पर भेजा जा सके।", + "पैकेजों को \"कर्सर-रिट्रीवल,\" \"कर्सर-ऑलवेज-लोकल,\" और \"कर्सर-शैडो-वर्कस्पेस\" के रूप में पहचाना गया, जिन्हें OpenSSF पैकेज विश्लेषण स्कैनर द्वारा चिह्नित किया गया, जिसके परिणामस्वरूप परामर्श MAL-2025-27, MAL-2025-28, और MAL-2025-29 जारी किए गए।", + "यह घटना संभावित सुरक्षा खतरों से बचने के लिए स्थापना से पहले NPM पैकेजों की जांच करने के महत्व को उजागर करती है।" + ], + "commentSummary": [ + "एक Snyk सुरक्षा शोधकर्ता ने cursor.com को लक्षित करते हुए हानिकारक NPM (नोड पैकेज मैनेजर) पैकेज जारी किए, जो निर्भरता भ्रम कमजोरियों को उजागर करते हैं। - इस घटना ने सुरक्षा अनुसंधान की नैतिकता पर बहस छेड़ दी है, विशेष रूप से पर्यावरण वेरिएबल्स के सार्वजनिक प्रदर्शन के संबंध में। - Cursor.com ने स्पष्ट किया कि उन्होंने इस कार्रवाई को अधिकृत नहीं किया था, और Snyk ने इसके बाद माफी मांगी है, जो आक्रामक सुरक्षा अनुसंधान को नैतिक मानकों के साथ संतुलित करने की चुनौतियों को रेखांकित करता है।" + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "मैंने फ़ायरफ़ॉक्स पर स्विच किया और फिर कभी पीछे मुड़कर नहीं देखा", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "फायरफॉक्स को इसके उत्कृष्ट टैब प्रबंधन, लिंक सहेजने के लिए अंतर्निहित पॉकेट फीचर, और गोपनीयता-केंद्रित ईमेल रिले के लिए सराहा जाता है, जो इसे क्रोम का एक मजबूत विकल्प बनाता है। - उपयोगकर्ता के अनुकूल स्क्रीनशॉट टूल, एक चैटजीपीटी बटन, पिक्चर-इन-पिक्चर, अनुकूलन योग्य खोज विकल्प, और स्मूथ स्क्रॉलिंग जैसी अतिरिक्त विशेषताएं ब्राउज़िंग अनुभव को बेहतर बनाती हैं। - हालांकि फायरफॉक्स में क्रोम की वेब ऐप सुविधा की कमी है, लेकिन इसका विचारशील डिज़ाइन और कम संसाधन मांग इसे कुछ उपयोगकर्ताओं के लिए पसंदीदा विकल्प बनाते हैं।" + ], + "commentSummary": [ + "फायरफॉक्स उपयोगकर्ताओं को यूट्यूब जैसे प्लेटफार्मों से चुनौतियों का सामना करना पड़ता है, जो गैर-गूगल ब्राउज़रों या विज्ञापन अवरोधकों का उपयोग करने वाले उपयोगकर्ताओं के लिए जानबूझकर अनुभव को खराब कर सकते हैं। - यह प्रवृत्ति उपयोगकर्ता स्वायत्तता के बारे में चिंताएं बढ़ाती है, क्योंकि यह उन लोगों को दंडित करती है जो विज्ञापन-मुक्त और निगरानी-मुक्त वेब अनुभव का विकल्प चुनते हैं। - फायरफॉक्स अद्वितीय विशेषताएं प्रदान करता है, जैसे कंटेनर टैब्स, जो गोपनीयता और उपयोगिता को बढ़ाते हैं, इसे प्रमुख कॉर्पोरेट-नियंत्रित ब्राउज़रों से स्वतंत्रता चाहने वाले उपयोगकर्ताओं के लिए एक पसंदीदा विकल्प बनाते हैं।" + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "सोनोस के सीईओ ने ऐप अपडेट विवाद के बाद इस्तीफा दिया", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "सोनोस के सीईओ ने इस्तीफा दे दिया है, एक विवादास्पद ऐप अपडेट के बाद जिसने उपयोगकर्ताओं को महंगे साउंड सिस्टम को बदलने के लिए मजबूर किया, जिससे ग्राहक असंतोष उत्पन्न हुआ। - इस अपडेट ने एक क्लाउड-आधारित सिस्टम पेश किया, जो विश्वसनीय यूनिवर्सल प्लग एंड प्ले (UPnP) से हटकर था, जिससे कनेक्टिविटी समस्याएं और जटिलता बढ़ गई। - यह स्थिति व्यापारिक रणनीतियों और ग्राहक विश्वास बनाए रखने के बीच के संघर्ष को उजागर करती है, क्योंकि सीईओ एक सलाहकार भूमिका में एक सेवरेंस पैकेज के साथ स्थानांतरित हो रहे हैं।" + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "MrBeast के पेट में", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "निबंध यह जांचता है कि YouTube का एल्गोरिदम सामग्री निर्माण को कैसे प्रभावित करता है, जिसमें MrBeast को एक केस स्टडी के रूप में उपयोग किया गया है, जो यह दर्शाता है कि सामग्री अब अर्थपूर्ण होने के बजाय सगाई-चालित हो रही है। - यह मीडिया साक्षरता के व्यापक प्रभावों और YouTube और TikTok जैसे प्लेटफार्मों के सांस्कृतिक प्रभाव पर चर्चा करता है, यह सुझाव देते हुए कि सामग्री सतही और प्रतिक्रियात्मक हो रही है। - सामग्री को आकार देने में एल्गोरिदम की भूमिका और सांस्कृतिक मानदंडों पर लोकप्रिय निर्माताओं के प्रभाव पर विभिन्न दृष्टिकोणों पर विचार किया गया है।" + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "GitHub गिट ऑपरेशन्स डाउन हैं", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "13 जनवरी, 2025 को GitHub को एक Git ऑपरेशन्स आउटेज का सामना करना पड़ा, जो आंतरिक लोड बैलेंसर को प्रभावित करने वाले एक कॉन्फ़िगरेशन परिवर्तन के कारण हुआ, और यह 23:35 से 00:24 UTC तक चला। - इस समस्या को कॉन्फ़िगरेशन परिवर्तन को वापस लेकर हल किया गया, और GitHub समान घटनाओं को रोकने के लिए निगरानी और परिनियोजन प्रक्रियाओं में सुधार करने पर काम कर रहा है। - इस आउटेज ने GitHub के Actions और Pages सेवाओं को भी प्रभावित किया, जो उनके प्लेटफ़ॉर्म सेवाओं की आपस में जुड़ी प्रकृति को उजागर करता है।" + ], + "commentSummary": [ + "GitHub को एक बड़ी रुकावट का सामना करना पड़ा, जिसने गिट ऑपरेशन्स को प्रभावित किया, जिससे डेवलपर्स के बीच भ्रम की स्थिति उत्पन्न हो गई, जिन्होंने शुरू में अपने SSH कुंजियों या स्थानीय कॉन्फ़िगरेशन्स में समस्याओं का संदेह किया। - इस घटना ने केंद्रीकृत सेवाओं पर निर्भरता की चुनौतियों को उजागर किया, जिससे स्व-होस्टिंग और विकेंद्रीकृत प्रणालियों के फायदों पर चर्चाएं शुरू हुईं। - हालांकि समस्या का समाधान हो गया, लेकिन इसने GitHub की विश्वसनीयता और आवश्यक कार्यों के लिए तृतीय-पक्ष प्लेटफार्मों पर निर्भरता के जोखिमों के बारे में चिंताओं को उजागर किया।" + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 ज़ेडएफएस रैडज़ विस्तार के साथ जारी किया गया", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 जारी किया गया है, जिसमें RAIDZ विस्तार, फास्ट डेडुप्लिकेशन, डायरेक्ट इनपुट/आउटपुट, JSON आउटपुट और लंबे फाइल नामों के लिए समर्थन जैसी महत्वपूर्ण विशेषताएं शामिल हैं। - इस रिलीज में आवश्यक बग फिक्स और प्रदर्शन सुधार शामिल हैं, जो Linux कर्नल 4.18 - 6.12 और FreeBSD संस्करण 13.3, 14.0 - 14.2 के साथ संगत हैं। - यह अपडेट 134 योगदानकर्ताओं के सहयोगात्मक प्रयास का परिणाम है, जिसमें व्यापक दस्तावेज़ीकरण और एक परिवर्तन लॉग समीक्षा के लिए उपलब्ध है।" + ], + "commentSummary": [ + "ZFS 2.3 जारी किया गया है, जिसमें RAIDZ विस्तार, तेज डुप्लीकेशन, डायरेक्ट IO, JSON आउटपुट, और लंबे फाइल नामों के लिए समर्थन जैसी विशेषताएं शामिल हैं। - RAIDZ विस्तार विशेष रूप से उल्लेखनीय है क्योंकि यह उपयोगकर्ताओं को मौजूदा RAIDZ पूल में नए उपकरण जोड़ने की अनुमति देता है बिना डाउनटाइम के, जिससे भंडारण क्षमता बढ़ती है। - यह रिलीज ZFS उपयोगकर्ताओं के लिए एक महत्वपूर्ण प्रगति मानी जाती है, और इसकी तुलना Btrfs और Windows Storage Spaces जैसे अन्य फाइल सिस्टम्स के साथ की जाती है, हालांकि कुछ सीमाओं जैसे पूल को छोटा करने में असमर्थता के बावजूद।" + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "वेबटॉप – अल्पाइन, उबंटू, फेडोरा, और आर्च कंटेनर जिनमें पूर्ण डेस्कटॉप वातावरण शामिल हैं", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop अल्पाइन, उबंटू, फेडोरा, और आर्च पर आधारित कंटेनर प्रदान करता है, जो वेब ब्राउज़रों के माध्यम से पूर्ण डेस्कटॉप वातावरण तक पहुंच प्रदान करते हैं, और यह x86-64 और arm64 आर्किटेक्चर दोनों का समर्थन करता है।", + "उपयोगकर्ता विशेष इमेज टैग का उपयोग करके XFCE, KDE, MATE, i3, Openbox, और IceWM जैसे विभिन्न डेस्कटॉप वातावरणों में से चयन कर सकते हैं, और निर्दिष्ट URL के माध्यम से वेबटॉप तक पहुंच सकते हैं।", + "सुरक्षा विशेषताओं में Docker का seccomp विकल्प और प्रमाणीकरण सेटअप शामिल हैं, जिसमें पर्यावरण वेरिएबल्स के माध्यम से अनुकूलन विकल्प उपलब्ध हैं, और ओपन-सोर्स ड्राइवर्स के साथ GPU त्वरण के लिए समर्थन शामिल है।" + ], + "commentSummary": [ + "वेबटॉप अल्पाइन, उबंटू, फेडोरा, और आर्च के लिए पूर्ण डेस्कटॉप वातावरण के साथ कंटेनर प्रदान करता है, जो वीपीएन के पीछे त्वरित सेटअप के लिए उपयुक्त हैं।", + "उपयोगकर्ता वेबटॉप की गति और उपयोग में आसानी के लिए इसकी प्रशंसा करते हैं, विशेष रूप से ग्लूटन कंटेनर के साथ सुरक्षित कनेक्शनों के लिए उपयोग किए जाने पर, लेकिन डिफ़ॉल्ट प्रमाणीकरण की कमी के कारण सुरक्षा उपायों के बिना कंटेनरों को इंटरनेट पर उजागर करने के खिलाफ चेतावनी देते हैं।", + "इस परियोजना को ओपन-सोर्स और लचीला होने के लिए महत्व दिया जाता है, जिसमें उपयोगकर्ता कॉन्फ़िगरेशन साझा करते हैं, और कास्म और सेल्की जैसे विकल्प समान उद्देश्यों के लिए उल्लेखनीय हैं।" + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "ऑनलाइन नौकरी पोस्टिंग में से 5 में से 1 या तो नकली होती है या कभी भरी नहीं जाती, अध्ययन में पाया गया।", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "हाल ही में एक अध्ययन से पता चलता है कि ऑनलाइन नौकरी पोस्टिंग में से 20% या तो नकली हैं या खाली रह जाती हैं, जिससे नौकरी खोजने वालों की निराशा बढ़ जाती है। - यह \"भूत नौकरी\" प्रवृत्ति कंपनियों के लिए विकास की छवि प्रस्तुत करने की एक रणनीति हो सकती है। - ग्रीनहाउस और लिंक्डइन जैसे नौकरी प्लेटफॉर्म ने उपयोगकर्ताओं को वास्तविक नौकरी के अवसरों की पहचान करने में मदद करने के लिए नौकरी सत्यापन सेवाएं शुरू की हैं।" + ], + "commentSummary": [ + "एक अध्ययन से पता चलता है कि 20% ऑनलाइन नौकरी पोस्टिंग या तो नकली होती हैं या भरी नहीं जाती हैं, अक्सर कंपनियों को अमेरिकी आव्रजन नीतियों का पालन करने की आवश्यकता के कारण। - कंपनियां आदर्श उम्मीदवारों को खोजने, आवश्यकताओं को बदलने, या पहले से चयनित आंतरिक उम्मीदवारों के लिए नौकरी पोस्टिंग को बनाए रख सकती हैं। - नौकरी बाजार आवेदकों के लिए कठिन है, जो अक्सर घोस्टिंग और स्वचालित अस्वीकृति का सामना करते हैं, जिससे नियामक हस्तक्षेप की मांग होती है।" + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "चालकों के लिए कुछ सेकंड बचाने के लिए पैदल यात्रियों के लिए चौराहे को असुरक्षित बनाना", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "बहस इस बात पर केंद्रित है कि चौराहों को पैदल यात्री सुरक्षा को प्राथमिकता देनी चाहिए या ड्राइवर की दक्षता को, जिसमें कुछ लोग लाइट-नियंत्रित चौराहों और पैदल यात्री स्क्रैम्बल को 4-वे स्टॉप्स पर प्राथमिकता देते हैं।", + "ट्रैफिक कानूनों और बुनियादी ढांचे के डिजाइन पर राय भिन्न होती है, जिसमें जेवॉकिंग की सुरक्षा और लाल बत्ती पर दाएं मुड़ने से जुड़े जोखिमों पर चर्चा शामिल है।", + "कुछ लोग सुरक्षा और दक्षता दोनों को बढ़ाने के लिए गोल चक्कर या डच यातायात इंजीनियरिंग मानकों को अपनाने जैसे वैकल्पिक समाधानों की वकालत करते हैं।" + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "पोस्टग्रेएसक्यूएल वर्ष 2024 का डेटाबेस प्रबंधन प्रणाली है।", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "पोस्टग्रेएसक्यूएल को DB-इंजिन्स द्वारा वर्ष 2024 का DBMS ऑफ द ईयर पुरस्कार दिया गया है, यह सम्मान पांचवीं बार प्राप्त करते हुए, 423 अन्य डेटाबेस प्रबंधन प्रणालियों को पीछे छोड़ दिया है।", + "पोस्टग्रेएसक्यूएल, जिसकी इतिहास लगभग 35 वर्षों का है, नवाचार करना जारी रखता है, जैसा कि सितंबर 2024 में जारी किए गए पोस्टग्रेएसक्यूएल 17 के हालिया सुधारों में देखा जा सकता है।", + "स्नोफ्लेक और माइक्रोसॉफ्ट ने क्रमशः दूसरे और तीसरे स्थान पर कब्जा किया, जिसमें स्नोफ्लेक को इसके क्लाउड-आधारित डेटा वेयरहाउसिंग और मल्टी-क्लाउड समर्थन के लिए जाना जाता है, जबकि माइक्रोसॉफ्ट Azure SQL डेटाबेस और SQL सर्वर के माध्यम से मजबूत प्रबंधित रिलेशनल डेटाबेस प्रदान करता है।" + ], + "commentSummary": [ + "पोस्टग्रेएसक्यूएल को db-engines.com द्वारा वर्ष 2024 का डेटाबेस प्रबंधन प्रणाली पुरस्कार दिया गया है, जो उद्योग में इसकी बढ़ती लोकप्रियता और मान्यता को दर्शाता है।", + "उपयोगकर्ता माइक्रोसॉफ्ट SQL सर्वर से PostgreSQL में स्विच करने पर विचार कर रहे हैं, उच्च लाइसेंसिंग लागत और संसाधन सीमाओं के कारण, हालांकि संभावित माइग्रेशन चुनौतियाँ हो सकती हैं।", + "PostgreSQL अपनी मजबूत विशेषताओं और लागत-प्रभावशीलता के लिए पसंद किया जाता है, जिससे यह भविष्य की परियोजनाओं के लिए एक पसंदीदा विकल्प बन जाता है, हालांकि कुछ उपयोगकर्ता लागत को कम करने के लिए Babelfish जैसे विकल्पों का पता लगाते हैं।" + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Google का OAuth लॉगिन एक असफल स्टार्टअप डोमेन की खरीद के खिलाफ सुरक्षा नहीं करता है।", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "चर्चा में यह उजागर किया गया है कि जब एक असफल स्टार्टअप के डोमेन को नया मालिक अधिग्रहित करता है, तो गूगल के OAuth लॉगिन सिस्टम में एक कमजोरी होती है, जो संभावित रूप से सेवाओं तक अनधिकृत पहुंच की अनुमति दे सकती है।", + "यह समस्या इसलिए उत्पन्न होती है क्योंकि Google मूल और नए डोमेन मालिकों के बीच अंतर नहीं कर सकता है, जिससे किसी भी प्रणाली पर प्रभाव पड़ता है जो डोमेन-आधारित प्रमाणीकरण का उपयोग करती है।", + "एक प्रस्तावित समाधान यह है कि अद्वितीय पहचानकर्ताओं का उपयोग किया जाए जो समय के साथ स्थिर रहें, हालांकि इस समाधान का कार्यान्वयन विभिन्न पहचान प्रदाताओं के बीच भिन्न होता है।" + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "कोडिंग कौशल का उपयोग करके निष्क्रिय आय अर्जित करना", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "लेखक ने एक सीटीओ की भूमिका से एकल उद्यमी के रूप में परिवर्तन किया, और सॉफ्टवेयर उत्पादों के पोर्टफोलियो के माध्यम से अधिक कमाई करने में सफल रहे।", + "मुख्य रणनीतियों में गहन कार्य पर ध्यान केंद्रित करना, छोटे प्रोजेक्ट्स से शुरुआत करना, तेजी से पुनरावृत्ति करना, और विपणन प्रयासों के लिए समय समर्पित करना शामिल है।", + "यात्रा अनिश्चितताओं के कारण सहनशीलता पर जोर देती है, लेकिन इस करियर पथ की बेजोड़ स्वायत्तता और स्वतंत्रता को उजागर करती है, जिससे कोडिंग कौशल वाले लोगों को इसे निष्क्रिय आय के लिए विचार करने के लिए प्रोत्साहित किया जाता है।" + ], + "commentSummary": [ + "एक उपयोगकर्ता ने बताया कि उन्होंने समाप्त हो रहे डोमेन नामों का उपयोग करके एसईओ स्पैम वेबसाइटों के माध्यम से निष्क्रिय आय उत्पन्न की, जिससे वे लगभग $30,000 वार्षिक कमा रहे थे, हालांकि नैतिक चिंताओं और गूगल की अंततः कार्रवाई के बावजूद।", + "इस पोस्ट ने निष्क्रिय आय पर बहस छेड़ दी, जिसमें कुछ उपयोगकर्ताओं का तर्क था कि यह वास्तव में निष्क्रिय कमाई की तुलना में एक व्यवसाय चलाने के अधिक समान है।", + "प्रतिभागियों ने साइड प्रोजेक्ट्स में अनुभवों और चुनौतियों को साझा किया, जिसमें समय, धैर्य और रणनीतिक योजना की महत्ता को उजागर किया गया।" + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "स्पेन ने गैर-ईयू निवासियों द्वारा खरीदे गए घरों पर 100% कर लगाने का प्रस्ताव दिया है", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "स्पेन गैर-ईयू निवासियों द्वारा रियल एस्टेट खरीद पर 100% कर लगाने पर विचार कर रहा है, जिसका उद्देश्य आवास संकट को संबोधित करना और सट्टा खरीद को रोकना है।", + "प्रधानमंत्री पेड्रो सांचेज़ का प्रस्ताव सामाजिक आवास का विस्तार करने और पर्यटक किराए को विनियमित करने को शामिल करता है ताकि आवास की कीमतों और आय के बीच असमानता को दूर किया जा सके।", + "प्रस्ताव का भविष्य कानून के रूप में अनिश्चित है, कुछ विश्लेषकों का मानना है कि यह विदेशी निवेशकों के लिए एक निवारक के रूप में कार्य कर सकता है बजाय इसके कि यह एक सुनिश्चित विधायी परिवर्तन हो।" + ], + "commentSummary": [ + "स्पेन गैर-ईयू निवासियों द्वारा खरीदे गए घरों पर 100% कर लगाने पर विचार कर रहा है ताकि आवास की वहनीयता की समस्याओं का समाधान किया जा सके। - आलोचकों का सुझाव है कि विदेशी खरीदार उच्च आवास कीमतों का मुख्य कारण नहीं हैं, बल्कि धीमी नौकरशाही और ज़ोनिंग कानून अधिक महत्वपूर्ण कारक हैं। - इस प्रस्ताव ने आवास बाजारों में विदेशी स्वामित्व की भूमिका और वहनीयता मुद्दों को हल करने में इसकी प्रभावशीलता पर बहस छेड़ दी है।" + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "एप्पल को जल्द ही टीएसएमसी के एरिज़ोना फैब से 'मेड इन अमेरिका' चिप्स प्राप्त होंगे", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "एप्पल TSMC की एरिज़ोना सुविधा से प्रोसेसर का परीक्षण कर रहा है, और पहले तिमाही तक बड़े पैमाने पर उत्पादन की योजना बना रहा है, जिससे यह TSMC का पहला अमेरिकी ग्राहक बन सकता है जो स्थानीय रूप से निर्मित चिप्स का उपयोग करेगा। - इस पहल का उद्देश्य अमेरिकी सिलिकॉन स्वतंत्रता को बढ़ावा देना है, जिससे ताइवान पर निर्भरता कम हो सके, जो भू-राजनीतिक और प्राकृतिक जोखिमों के प्रति संवेदनशील है। - TSMC की एरिज़ोना फैब उन्नत 3nm और 2nm चिप्स का उत्पादन करने के लिए तैयार है, स्थानीय भर्ती को बढ़ावा देने और अमेरिकी विश्वविद्यालयों के साथ साझेदारी के प्रयास जारी हैं, हालांकि पैकेजिंग शुरू में ताइवान में होगी जब तक कि पियोरिया सुविधा चालू नहीं हो जाती।" + ], + "commentSummary": [ + "एप्पल को TSMC के एरिज़ोना प्लांट से चिप्स मिलेंगे, लेकिन उन्हें पैकेजिंग के लिए ताइवान वापस भेजना होगा क्योंकि अमेरिका में पर्याप्त सुविधाएं नहीं हैं। - एरिज़ोना प्लांट में 50% से अधिक कार्यबल ताइवान से है, जो अमेरिका के STEM (विज्ञान, प्रौद्योगिकी, इंजीनियरिंग, और गणित) क्षेत्र में एक अंतर को दर्शाता है। - CHIPS एक्ट पहल, जिसका उद्देश्य अमेरिका में सेमीकंडक्टर निर्माण को बढ़ावा देना है, चुनौतियों का सामना कर रही है क्योंकि \"मेड इन अमेरिका\" लेबल पर सवाल उठाए जा रहे हैं, क्योंकि पैकेजिंग प्रक्रिया ताइवान में हो रही है, और 2027 तक अमेरिका में पैकेजिंग क्षमताओं की योजना है।" + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "भीड़भाड़ मूल्य निर्धारण चालू होने के बाद मैनहट्टन की सड़कों पर 43 हजार कम ड्राइवर हैं।", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "भीड़भाड़ मूल्य निर्धारण लागू होने के बाद, 60वीं स्ट्रीट के नीचे मैनहट्टन में प्रवेश करने वाले ड्राइवरों में 7.5% की कमी आई, जो प्रत्येक सप्ताह के दिन 43,000 कम ड्राइवरों के बराबर है।", + "यातायात में कमी ने यातायात प्रवाह में सुधार किया है और बसों की गति बढ़ाई है, जिससे कुछ एक्सप्रेस बसों में अधिक यात्री संख्या देखी गई है।", + "मेट्रोपॉलिटन ट्रांसपोर्टेशन अथॉरिटी (एमटीए) कुछ राजनीतिक विरोध के बावजूद, ट्रांजिट सुधारों के लिए टोल राजस्व का उपयोग करती है, जिसकी वार्षिक अनुमानित राशि $500 मिलियन है।" + ], + "commentSummary": [ + "मैनहट्टन में भीड़भाड़ मूल्य निर्धारण के कार्यान्वयन के परिणामस्वरूप 43,000 कम ड्राइवर हो गए हैं, जिससे बस की गति में वृद्धि हुई है और संभावित रूप से आपातकालीन प्रतिक्रिया समय में सुधार हुआ है।", + "यह नीति यातायात जाम को कम करने और वायु गुणवत्ता में सुधार करने के लिए बनाई गई है, हालांकि इसने निम्न-आय वाले व्यक्तियों पर इसके प्रभाव को लेकर बहस छेड़ दी है।", + "समर्थकों का तर्क है कि लाभों में अधिक कुशल सार्वजनिक परिवहन और स्वच्छ हवा शामिल हैं, जबकि इन फायदों को ड्राइवरों की आवश्यकताओं के साथ संतुलित करने पर चर्चाएं जारी हैं।" + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.hu.json b/records/2025-01-14/2025-01-14.hu.json new file mode 100644 index 000000000..3474e0cb9 --- /dev/null +++ b/records/2025-01-14/2025-01-14.hu.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "„A Snyk biztonsági kutató rosszindulatú NPM csomagokat telepít, amelyek a cursor.com-ot célozzák meg.”", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "„Egy Snyk biztonsági kutató rosszindulatú NPM csomagokat adott ki, amelyek a Cursor.com nevű AI kódoló céget célozták meg, hogy rendszert adatokat gyűjtsenek és azokat egy támadó által irányított szolgáltatásnak küldjék el.”", + "„A csomagokat, amelyeket \"cursor-retrieval\", \"cursor-always-local\" és \"cursor-shadow-workspace\" néven azonosítottak, az OpenSSF csomagelemző szkenner jelölte meg, ami a MAL-2025-27, MAL-2025-28 és MAL-2025-29 figyelmeztetésekhez vezetett.”", + "„Ez az eset rávilágít arra, hogy mennyire fontos alaposan megvizsgálni az NPM csomagokat a telepítés előtt, hogy elkerüljük a lehetséges biztonsági fenyegetéseket.”" + ], + "commentSummary": [ + "„Egy Snyk biztonsági kutató rosszindulatú NPM (Node Package Manager) csomagokat tett közzé, amelyek a cursor.com-ot célozták meg, kiemelve a függőségi zavarok sebezhetőségeit. - Az eset vitát váltott ki a biztonsági kutatások etikájáról, különösen a környezeti változók nyilvános kitettségével kapcsolatban. - A Cursor.com tisztázta, hogy nem engedélyezték a cselekvést, és a Snyk azóta bocsánatot kért, hangsúlyozva a támadó jellegű biztonsági kutatások és az etikai normák közötti egyensúly kihívásait.”" + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "„Átváltottam a Firefoxra, és soha nem néztem vissza”", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "„A Firefoxot dicsérik a kiváló lapkezeléséért, a beépített Pocket funkcióért, amely lehetővé teszi a linkek mentését, valamint a magánéletre összpontosító e-mail továbbításért, ami erős alternatívává teszi a Chrome-mal szemben. - További funkciók, mint a felhasználóbarát képernyőkép eszköz, a ChatGPT gomb, a kép a képben mód, testreszabható keresési lehetőségek és a sima görgetés javítják a böngészési élményt. - Bár a Firefox nem rendelkezik a Chrome webalkalmazás funkciójával, átgondolt kialakítása és csökkentett erőforrásigénye miatt néhány felhasználó számára előnyben részesített választás.”" + ], + "commentSummary": [ + "„A Firefox felhasználói kihívásokkal szembesülnek olyan platformok részéről, mint a YouTube, amely szándékosan ronthatja a nem Google böngészőket használók vagy hirdetésblokkolókat alkalmazók élményét. - Ez a tendencia aggodalmakat vet fel a felhasználói autonómiával kapcsolatban, mivel bünteti azokat, akik hirdetésmentes és megfigyelésmentes webes élményt választanak. - A Firefox egyedi funkciókat kínál, mint például a konténer lapok, amelyek növelik a magánélet védelmét és a használhatóságot, így kedvelt választás azok számára, akik függetlenedni szeretnének a nagyvállalati irányítás alatt álló böngészőktől.”" + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "„A Sonos vezérigazgatója lemond az alkalmazás frissítési fiaskója után”", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„A Sonos vezérigazgatója lemondott egy ellentmondásos alkalmazásfrissítést követően, amely arra kényszerítette a felhasználókat, hogy cseréljék le drága hangrendszereiket, ami ügyfél-elégedetlenséget okozott. - A frissítés egy felhőalapú rendszert vezetett be, eltávolodva a megbízható Universal Plug and Play (UPnP) rendszertől, ami csatlakozási problémákhoz és megnövekedett bonyolultsághoz vezetett. - Ez a helyzet rávilágít az üzleti stratégiák és az ügyfélbizalom fenntartása közötti konfliktusra, miközben a vezérigazgató tanácsadói szerepbe lép át egy végkielégítési csomaggal.”" + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "„A MrBeast gyomrában”", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Az esszé azt vizsgálja, hogyan befolyásolja a YouTube algoritmusa a tartalomkészítést, MrBeast-et használva esettanulmányként, kiemelve az elmozdulást az elköteleződés-vezérelt, nem pedig a tartalmas tartalom felé. - Tárgyalja a médiaértés szélesebb körű következményeit és a YouTube-hoz és TikTok-hoz hasonló platformok kulturális hatását, egy felszínes és reakciós tartalom felé mutató trendet javasolva. - Különböző nézőpontokat vesz figyelembe az algoritmusok szerepéről a tartalom formálásában és a népszerű alkotók kulturális normákra gyakorolt hatásáról.”" + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "„A GitHub Git műveletei nem működnek”", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "„A GitHub 2025. január 13-án Git műveletek kiesésével szembesült egy konfigurációs változtatás miatt, amely az belső terheléselosztót érintette, és 23:35-től 00:24 UTC-ig tartott. - A problémát a konfigurációs változtatás visszavonásával oldották meg, és a GitHub azon dolgozik, hogy javítsa a monitorozási és telepítési folyamatokat, hogy megelőzze a hasonló eseteket. - A kiesés a GitHub Actions és Pages szolgáltatásait is érintette, kiemelve a platformszolgáltatásaik összekapcsolt jellegét.”" + ], + "commentSummary": [ + "„A GitHub jelentős leállást tapasztalt, amely a git műveleteket érintette, zavart okozva a fejlesztők körében, akik kezdetben SSH kulcsaik vagy helyi konfigurációik problémáira gyanakodtak. - Az eset rávilágított a központosított szolgáltatásokra való támaszkodás kihívásaira, és ösztönözte a vitákat az önálló hosztolás és a decentralizált rendszerek előnyeiről. - Bár a problémát megoldották, felhívta a figyelmet a GitHub megbízhatóságával kapcsolatos aggodalmakra és az alapvető feladatok harmadik fél platformjaira való támaszkodásának kockázataira.”" + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "„Megjelent a ZFS 2.3 a ZFS raidz bővítéssel”", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "„Megjelent az OpenZFS 2.3.0, amely jelentős új funkciókat vezet be, mint például a RAIDZ bővítés, a gyors deduplikáció, a közvetlen bemenet/kimenet, a JSON kimenet és a hosszú fájlnevek támogatása. - A kiadás alapvető hibajavításokat és teljesítményjavításokat tartalmaz, kompatibilis a 4.18 - 6.12 Linux kernel verziókkal és a FreeBSD 13.3, 14.0 - 14.2 verzióival. - A frissítés 134 közreműködő közös munkájának eredménye, részletes dokumentációval és változásnaplóval, amely elérhető áttekintésre.”" + ], + "commentSummary": [ + "„A ZFS 2.3 megjelent, és olyan funkciókat vezet be, mint a RAIDZ bővítés, gyors deduplikáció, közvetlen IO, JSON kimenet és a hosszú fájlnevek támogatása. - A RAIDZ bővítés különösen figyelemre méltó, mivel lehetővé teszi a felhasználók számára, hogy új eszközöket adjanak hozzá egy meglévő RAIDZ poolhoz leállás nélkül, növelve a tárolókapacitást. - A kiadást jelentős előrelépésnek tekintik a ZFS felhasználók számára, összehasonlítva más fájlrendszerekkel, mint például a Btrfs és a Windows Storage Spaces, annak ellenére, hogy vannak korlátai, mint például a poolok zsugorításának képtelensége.”" + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "„Webtop – Alpine, Ubuntu, Fedora és Arch konténerek, amelyek teljes asztali környezeteket tartalmaznak”", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "„A Linuxserver/webtop konténereket biztosít Alpine, Ubuntu, Fedora és Arch alapokon, teljes asztali környezettel, amelyek web böngészőkön keresztül érhetők el, támogatva mind az x86-64, mind az arm64 architektúrákat.”", + "„A felhasználók különböző asztali környezetek közül választhatnak, mint például az XFCE, KDE, MATE, i3, Openbox és IceWM, speciális képcímkék használatával, és a Webtopot kijelölt URL-ek segítségével érhetik el.”", + "„A biztonsági funkciók közé tartozik a Docker seccomp opciója és a hitelesítési beállítás, testreszabási lehetőségekkel a környezeti változókon keresztül, valamint támogatás a GPU gyorsításhoz nyílt forráskódú illesztőprogramokkal.”" + ], + "commentSummary": [ + "„A Webtop konténereket biztosít teljes asztali környezettel Alpine, Ubuntu, Fedora és Arch rendszerekhez, amelyek alkalmasak gyors beállításokra VPN mögött.”", + "„A felhasználók dicsérik a Webtop sebességét és könnyű használatát, különösen a Gluetun konténerrel való biztonságos kapcsolatok esetén, de óva intenek a konténerek internetre való kitételétől biztonsági intézkedések nélkül, mivel alapértelmezett hitelesítés hiányzik.”", + "„A projektet azért értékelik, mert nyílt forráskódú és rugalmas, a felhasználók megosztják a konfigurációkat, és a Kasm és a Selkies alternatívákat hasonló célokra említik.”" + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "„Egy tanulmány szerint az online álláshirdetések közül 5-ből 1 vagy hamis, vagy soha nem töltik be.”", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "„Egy friss tanulmány szerint az online álláshirdetések 20%-a vagy hamis, vagy betöltetlen marad, ami növeli az álláskeresők frusztrációját. - Ez a „szellemállás” trend talán egy taktika a vállalatok részéről, hogy növekedési képet vetítsenek előre. - Az olyan állásplatformok, mint a Greenhouse és a LinkedIn, álláshirdetés-ellenőrzési szolgáltatásokat vezettek be, hogy segítsenek a felhasználóknak azonosítani a valódi álláslehetőségeket.”" + ], + "commentSummary": [ + "„Egy tanulmány kimutatta, hogy az online álláshirdetések 20%-a vagy hamis, vagy betöltetlen marad, gyakran azért, mert a vállalatoknak meg kell felelniük az amerikai bevándorlási politikáknak. - A vállalatok azért is fenntarthatják az álláshirdetéseket, hogy megtalálják az ideális jelölteket, megváltoztassák a követelményeket, vagy mert már előre kiválasztott belső jelöltekkel rendelkeznek. - Az álláspiac nehéz a pályázók számára, akik gyakran találkoznak eltűnéssel és automatizált elutasításokkal, ami szabályozási beavatkozásra való felhívásokat eredményez.”" + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "„Egy kereszteződést veszélyessé tenni a gyalogosok számára, hogy másodperceket spóroljanak az autósoknak”", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„A vita középpontjában az áll, hogy az útkereszteződéseknek a gyalogosok biztonságát vagy a járművezetők hatékonyságát kellene előtérbe helyezniük, egyesek a lámpával szabályozott kereszteződéseket és a gyalogos átkelőket részesítik előnyben a 4-utas megállókkal szemben.”", + "„A vélemények eltérnek a közlekedési törvényekről és az infrastruktúra tervezéséről, különös tekintettel a tilosban átkelés biztonságára és a piros lámpánál történő jobbra kanyarodás kockázataira.”", + "„Egyesek alternatív megoldásokat javasolnak, mint például körforgalmak vagy a holland közlekedéstechnikai szabványok átvétele a biztonság és a hatékonyság növelése érdekében.”" + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "„A PostgreSQL a 2024-es év adatbázis-kezelő rendszere”", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "„A PostgreSQL elnyerte a 2024-es Év DBMS-e díjat a DB-Engines-től, ezzel ötödik alkalommal kapta meg ezt az elismerést, megelőzve 423 másik adatbázis-kezelő rendszert.”", + "„A PostgreSQL, amelynek története közel 35 évre nyúlik vissza, továbbra is innovatív, amit a 2024 szeptemberében megjelent PostgreSQL 17 legújabb fejlesztései is bizonyítanak.”", + "„A Snowflake és a Microsoft a második és harmadik helyet szerezték meg, a Snowflake a felhőalapú adattárolásáról és a többfelhős támogatásáról ismert, míg a Microsoft az Azure SQL Database és az SQL Server révén erős, kezelt relációs adatbázisokat kínál.”" + ], + "commentSummary": [ + "„A PostgreSQL elnyerte a 2024-es Év Adatbázis-kezelő Rendszere díjat a db-engines.com-tól, ami kiemeli növekvő népszerűségét és elismerését az iparágban.”", + "„A felhasználók fontolgatják, hogy a magas licencdíjak és az erőforrás-korlátozások miatt áttérnek a Microsoft SQL Serverről a PostgreSQL-re, annak ellenére, hogy a migráció kihívásokkal járhat.”", + "„A PostgreSQL-t kedvelik robusztus funkciói és költséghatékonysága miatt, ami miatt előnyben részesítik a jövőbeli projektekhez, bár néhány felhasználó alternatívákat, például a Babelfish-t is felfedezi a költségek csökkentése érdekében.”" + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "„A Google OAuth bejelentkezése nem véd a sikertelen startup domainjének megvásárlása ellen”", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„A vita rávilágít egy sebezhetőségre a Google OAuth bejelentkezési rendszerében, amikor egy meghiúsult startup domainjét egy új tulajdonos szerzi meg, ami potenciálisan lehetővé teheti a jogosulatlan hozzáférést a szolgáltatásokhoz.”", + "„Ez a probléma azért merül fel, mert a Google nem biztos, hogy megkülönbözteti az eredeti és az új domain tulajdonosokat, ami hatással lehet bármely rendszerre, amely domain alapú hitelesítést használ.”", + "„Egy javasolt megoldás az, hogy egyedi azonosítókat használjunk, amelyek idővel állandóak maradnak, bár ennek a megoldásnak a megvalósítása az egyes identitásszolgáltatók között eltérő.”" + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "„Kódolási készségek használata passzív jövedelem szerzésére”", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "„A szerző a CTO szerepkörből solopreneurré vált, és sikeresen többet keresett egy szoftvertermék-portfólió révén.”", + "„A kulcsfontosságú stratégiák közé tartozik a mély munkára való összpontosítás, a kis projektekkel való kezdés, a gyors iteráció, valamint az idő szentelése a marketing tevékenységekre.”", + "„Az utazás a bizonytalanságok miatt a rugalmasságot hangsúlyozza, de kiemeli ennek a karrierútnak a páratlan autonómiáját és szabadságát, bátorítva azokat, akik kódolási készségekkel rendelkeznek, hogy fontolják meg passzív jövedelemforrásként.”" + ], + "commentSummary": [ + "„Egy felhasználó leírta, hogyan generál passzív jövedelmet SEO spam weboldalakon keresztül, amelyek lejáró domain neveket használnak, és évente körülbelül 30 ezer dollárt keres, annak ellenére, hogy etikai aggályok merülnek fel, és a Google végül fellép ellene.”", + "„A bejegyzés vitát váltott ki a passzív jövedelemről, mivel néhány felhasználó azt állította, hogy ez inkább hasonlít egy vállalkozás működtetésére, mint valóban passzív keresetre.”", + "„A résztvevők megosztották tapasztalataikat és kihívásaikat a mellékprojektekben, kiemelve az idő, a kitartás és a stratégiai tervezés fontosságát.”" + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "„Spanyolország 100%-os adót javasol az EU-n kívüli lakosok által vásárolt ingatlanokra”", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "„Spanyolország fontolóra veszi a 100%-os adó bevezetését az ingatlanvásárlásokra nem EU-s lakosok esetében, azzal a céllal, hogy kezelje a lakhatási válságot és visszaszorítsa a spekulatív vásárlásokat.”", + "„Pedro Sánchez miniszterelnök javaslata magában foglalja a szociális lakások bővítését és a turisztikai bérlések szabályozását, hogy kezelje a lakásárak és a jövedelmek közötti különbséget.”", + "„A javaslat jövője, mint törvény, bizonytalan, mivel egyes elemzők inkább elrettentésként tekintenek rá a külföldi befektetők számára, semmint garantált jogszabályi változásként.”" + ], + "commentSummary": [ + "„Spanyolország fontolóra veszi, hogy 100%-os adót vet ki az EU-n kívüli lakosok által vásárolt ingatlanokra, hogy kezelje a lakhatási megfizethetőségi problémákat. - A kritikusok azt állítják, hogy a külföldi vásárlók nem a magas lakásárak elsődleges okai, inkább a lassú bürokráciát és a területrendezési törvényeket említik jelentősebb tényezőkként. - A javaslat vitát váltott ki a külföldi tulajdon szerepéről a lakáspiacon és annak hatékonyságáról a megfizethetőségi problémák megoldásában.”" + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "„Az Apple hamarosan 'Amerikában készült' chipeket fog kapni a TSMC arizonai gyárából”", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "„Az Apple teszteli a TSMC arizonai létesítményéből származó processzorokat, és tervezi a tömeggyártást az első negyedévre, potenciálisan a TSMC első amerikai ügyfelévé válva a helyben gyártott chipek tekintetében. - Ez az kezdeményezés célja az amerikai szilícium függetlenség erősítése, csökkentve a Tajvantól való függőséget, amely geopolitikai és természeti kockázatoknak van kitéve. - A TSMC arizonai gyára fejlett 3nm és 2nm chipeket fog gyártani, folyamatos erőfeszítésekkel a helyi toborzás és az amerikai egyetemekkel való partnerségek javítására, bár a csomagolás kezdetben Tajvanon fog történni, amíg a Peoria létesítmény működőképessé nem válik.”" + ], + "commentSummary": [ + "„Az Apple a TSMC arizonai üzeméből kap chipeket, de azokat vissza kell küldeni Tajvanra csomagolásra az amerikai létesítmények elégtelensége miatt. - Az arizonai üzemben dolgozók több mint 50%-a Tajvanról származik, ami az amerikai STEM (tudomány, technológia, mérnöki tudományok és matematika) terület hiányosságaira utal. - A CHIPS Act kezdeményezés, amely az amerikai félvezetőgyártás fejlesztését célozza, kihívásokkal néz szembe, mivel a \"Made in America\" címke megkérdőjeleződik a csomagolási folyamat Tajvanon történő lebonyolítása miatt, bár 2027-re tervezik az amerikai csomagolási képességek kiépítését.”" + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "„43 ezerrel kevesebb sofőr van Manhattan útjain, miután bevezették a dugódíjat”", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "„Miután bevezették a dugódíjat, 7,5%-kal csökkent a Manhattanbe a 60. utca alá behajtó autósok száma, ami napi 43 000-rel kevesebb autóst jelentett hétköznaponként.”", + "„A forgalom csökkenése javította a közlekedés áramlását és növelte a buszok sebességét, néhány expressz busz esetében pedig megnövekedett az utasforgalom.”", + "„A Metropolitan Transportation Authority (MTA) az évi 500 millió dollárra becsült útdíjbevételt közlekedési fejlesztésekre használja fel, annak ellenére, hogy némi politikai ellenállás tapasztalható.”" + ], + "commentSummary": [ + "„A dugódíj bevezetése Manhattanben 43 000-rel kevesebb autóst eredményezett, ami a buszok sebességének növekedéséhez és potenciálisan jobb vészhelyzeti reagálási időkhez vezetett.”", + "„A politika célja a forgalmi torlódások csökkentése és a levegő minőségének javítása, bár vitát váltott ki az alacsonyabb jövedelmű egyénekre gyakorolt hatásáról.”", + "„A támogatók azzal érvelnek, hogy az előnyök közé tartozik a hatékonyabb tömegközlekedés és a tisztább levegő, miközben folytatódnak a viták ezen előnyök és a járművezetők igényeinek egyensúlyba hozásáról.”" + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.id.json b/records/2025-01-14/2025-01-14.id.json new file mode 100644 index 000000000..e3f558d85 --- /dev/null +++ b/records/2025-01-14/2025-01-14.id.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "Tidak ada teks yang diberikan untuk diterjemahkan.", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "Seorang peneliti keamanan dari Snyk merilis paket NPM berbahaya yang menargetkan Cursor.com, sebuah perusahaan pemrograman AI, untuk mengumpulkan data sistem dan mengirimkannya ke layanan yang dikendalikan oleh penyerang.", + "Tiga paket, yang diidentifikasi sebagai \"cursor-retrieval,\" \"cursor-always-local,\" dan \"cursor-shadow-workspace,\" ditandai oleh pemindai analisis paket OpenSSF, menghasilkan peringatan MAL-2025-27, MAL-2025-28, dan MAL-2025-29.", + "Insiden ini menyoroti pentingnya memeriksa paket NPM sebelum instalasi untuk menghindari potensi ancaman keamanan." + ], + "commentSummary": [ + "A Snyk security researcher merilis paket NPM (Node Package Manager) berbahaya yang ditujukan pada cursor.com, menyoroti kerentanan kebingungan ketergantungan. - Insiden ini telah memicu perdebatan tentang etika penelitian keamanan, terutama mengenai paparan publik variabel lingkungan. - Cursor.com menjelaskan bahwa mereka tidak mengizinkan tindakan tersebut, dan Snyk telah meminta maaf, menekankan tantangan dalam menyeimbangkan penelitian keamanan ofensif dengan standar etika." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "Saya Beralih ke Firefox dan Tidak Pernah Menyesal", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox dipuji karena manajemen tab yang superior, fitur Pocket bawaan untuk menyimpan tautan, dan relay email yang berfokus pada privasi, menjadikannya alternatif yang kuat untuk Chrome. - Fitur tambahan seperti alat tangkapan layar yang ramah pengguna, tombol ChatGPT, Picture-in-Picture, opsi pencarian yang dapat disesuaikan, dan pengguliran yang mulus meningkatkan pengalaman menjelajah. - Meskipun Firefox tidak memiliki fitur aplikasi web Chrome, desainnya yang bijaksana dan permintaan sumber daya yang lebih rendah membuatnya menjadi pilihan yang disukai bagi beberapa pengguna." + ], + "commentSummary": [ + "Pengguna Firefox menghadapi tantangan dari platform seperti YouTube, yang mungkin sengaja menurunkan kualitas pengalaman bagi pengguna browser non-Google atau yang menggunakan pemblokir iklan. - Tren ini menimbulkan kekhawatiran tentang otonomi pengguna, karena menghukum mereka yang memilih pengalaman web bebas iklan dan pengawasan. - Firefox menawarkan fitur unik, seperti tab kontainer, yang meningkatkan privasi dan kegunaan, menjadikannya pilihan favorit bagi pengguna yang mencari kebebasan dari browser yang dikendalikan oleh korporasi besar." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "CEO Sonos mengundurkan diri setelah kekacauan pembaruan aplikasi", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Tidak lama setelah pembaruan aplikasi yang kontroversial, CEO Sonos mengundurkan diri. Pembaruan tersebut mengharuskan pengguna mengganti sistem suara yang mahal, menyebabkan ketidakpuasan pelanggan. Pembaruan ini memperkenalkan sistem berbasis cloud, menjauh dari Universal Plug and Play (UPnP) yang andal, yang menyebabkan masalah konektivitas dan meningkatkan kompleksitas. Situasi ini menyoroti konflik antara strategi bisnis dan mempertahankan kepercayaan pelanggan, sementara CEO beralih ke peran penasihat dengan paket pesangon." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "Di dalam perut MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Tulisan ini meneliti bagaimana algoritma YouTube mempengaruhi pembuatan konten, dengan menggunakan MrBeast sebagai studi kasus, menyoroti pergeseran menuju konten yang didorong oleh keterlibatan daripada konten yang bermakna. - Ini membahas implikasi yang lebih luas untuk literasi media dan dampak budaya dari platform seperti YouTube dan TikTok, menunjukkan tren menuju konten yang dangkal dan reaktif. - Berbagai perspektif dipertimbangkan mengenai peran algoritma dalam membentuk konten dan pengaruh pencipta populer terhadap norma budaya." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "Operasi Git di GitHub Sedang Mengalami Gangguan", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub mengalami gangguan operasi Git pada 13 Januari 2025, akibat perubahan konfigurasi yang mempengaruhi penyeimbang beban internal, yang berlangsung dari pukul 23:35 hingga 00:24 UTC. - Masalah ini diselesaikan dengan mengembalikan perubahan konfigurasi, dan GitHub sedang berupaya meningkatkan pemantauan dan proses penerapan untuk mencegah insiden serupa. - Gangguan ini juga mempengaruhi layanan Actions dan Pages GitHub, menyoroti sifat saling terhubung dari layanan platform mereka." + ], + "commentSummary": [ + "GitHub mengalami gangguan besar yang mempengaruhi operasi git, menyebabkan kebingungan di kalangan pengembang yang awalnya menduga masalah dengan kunci SSH atau konfigurasi lokal mereka. - Insiden ini menyoroti tantangan mengandalkan layanan terpusat, mendorong diskusi tentang keuntungan dari self-hosting dan sistem terdesentralisasi. - Meskipun masalah tersebut telah diselesaikan, hal ini menyoroti kekhawatiran tentang keandalan GitHub dan risiko bergantung pada platform pihak ketiga untuk tugas-tugas penting." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 dirilis dengan ekspansi ZFS raidz", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 telah dirilis, memperkenalkan fitur-fitur signifikan seperti Ekspansi RAIDZ, Deduplication Cepat, Input/Output Langsung, keluaran JSON, dan dukungan untuk nama file panjang. - Rilis ini mencakup perbaikan bug penting dan peningkatan kinerja, kompatibel dengan kernel Linux 4.18 - 6.12 dan versi FreeBSD 13.3, 14.0 - 14.2. - Pembaruan ini merupakan upaya kolaboratif dari 134 kontributor, dengan dokumentasi lengkap dan log perubahan tersedia untuk ditinjau." + ], + "commentSummary": [ + "ZFS 2.3 telah dirilis, memperkenalkan fitur-fitur seperti ekspansi RAIDZ, deduplikasi cepat, IO langsung, output JSON, dan dukungan untuk nama file yang panjang. - Ekspansi RAIDZ sangat menonjol karena memungkinkan pengguna untuk menambahkan perangkat baru ke pool RAIDZ yang sudah ada tanpa waktu henti, meningkatkan kapasitas penyimpanan. - Rilis ini dianggap sebagai kemajuan signifikan bagi pengguna ZFS, menarik perbandingan dengan sistem file lain seperti Btrfs dan Windows Storage Spaces, meskipun ada beberapa keterbatasan seperti ketidakmampuan untuk mengecilkan pool." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Kontainer Alpine, Ubuntu, Fedora, dan Arch yang berisi lingkungan desktop lengkap", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop menyediakan kontainer berbasis Alpine, Ubuntu, Fedora, dan Arch dengan lingkungan desktop penuh yang dapat diakses melalui peramban web, mendukung arsitektur x86-64 dan arm64.", + "Pengguna dapat memilih dari berbagai lingkungan desktop seperti XFCE, KDE, MATE, i3, Openbox, dan IceWM dengan menggunakan tag gambar tertentu, dan mengakses Webtop melalui URL yang ditentukan.", + "Fitur keamanan mencakup opsi seccomp Docker dan pengaturan autentikasi, dengan opsi kustomisasi yang tersedia melalui variabel lingkungan, serta dukungan untuk akselerasi GPU dengan driver sumber terbuka." + ], + "commentSummary": [ + "Webtop menyediakan kontainer dengan lingkungan desktop penuh untuk Alpine, Ubuntu, Fedora, dan Arch, cocok untuk pengaturan cepat di belakang VPN.", + "Pengguna memuji Webtop karena kecepatannya dan kemudahan penggunaannya, terutama saat digunakan dengan kontainer Gluetun untuk koneksi yang aman, tetapi memperingatkan agar tidak mengekspos kontainer ke internet tanpa langkah-langkah keamanan karena tidak adanya otentikasi bawaan.", + "Teks ini menilai proyek tersebut karena bersifat open-source dan fleksibel, dengan pengguna yang berbagi konfigurasi, dan alternatif seperti Kasm dan Selkies dicatat untuk tujuan serupa." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 dari 5 lowongan pekerjaan online adalah palsu atau tidak pernah terisi, menurut sebuah studi.", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "Studi terbaru menunjukkan bahwa 20% dari lowongan pekerjaan online adalah palsu atau tetap tidak terisi, menambah frustrasi para pencari kerja. - Tren \"pekerjaan hantu\" ini mungkin merupakan taktik bagi perusahaan untuk memproyeksikan citra pertumbuhan. - Platform pekerjaan seperti Greenhouse dan LinkedIn telah memperkenalkan layanan verifikasi pekerjaan untuk membantu pengguna mengidentifikasi peluang kerja yang asli." + ], + "commentSummary": [ + "Sebuah studi mengungkapkan bahwa 20% dari lowongan pekerjaan online adalah palsu atau tetap tidak terisi, sering kali karena perusahaan perlu mematuhi kebijakan imigrasi AS. - Perusahaan juga mungkin membiarkan lowongan pekerjaan tetap terbuka untuk menemukan kandidat ideal, mengubah persyaratan, atau memiliki kandidat internal yang sudah dipilih sebelumnya. - Pasar kerja sulit bagi pelamar, yang sering kali menghadapi pengabaian dan penolakan otomatis, mendorong seruan untuk intervensi regulasi." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Membuat persimpangan tidak aman bagi pejalan kaki demi menghemat beberapa detik bagi pengemudi", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Teks tersebut membahas perdebatan mengenai apakah persimpangan seharusnya memprioritaskan keselamatan pejalan kaki atau efisiensi pengemudi, dengan beberapa pihak lebih menyukai persimpangan yang dikendalikan lampu dan penyeberangan pejalan kaki dibandingkan dengan pemberhentian 4 arah.", + "Opini bervariasi mengenai undang-undang lalu lintas dan desain infrastruktur, dengan diskusi tentang keselamatan menyeberang jalan sembarangan dan risiko yang terkait dengan belok kanan saat lampu merah.", + "Beberapa orang menganjurkan solusi alternatif seperti bundaran atau mengadopsi standar rekayasa lalu lintas Belanda untuk meningkatkan keselamatan dan efisiensi." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL adalah Sistem Manajemen Basis Data Tahun 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL telah dianugerahi DBMS of the Year 2024 oleh DB-Engines, meraih pengakuan ini untuk kelima kalinya, melampaui 423 sistem manajemen basis data lainnya.", + "PostgreSQL, dengan sejarah yang mencakup hampir 35 tahun, terus berinovasi, seperti yang terlihat dalam peningkatan terbaru PostgreSQL 17, yang dirilis pada September 2024.", + "Snowflake dan Microsoft masing-masing menempati posisi kedua dan ketiga, dengan Snowflake dikenal karena penyimpanan data berbasis cloud dan dukungan multi-cloud, sementara Microsoft menawarkan basis data relasional terkelola yang kuat melalui Azure SQL Database dan SQL Server." + ], + "commentSummary": [ + "PostgreSQL telah dianugerahi Database Management System of the Year 2024 oleh db-engines.com, menyoroti popularitasnya yang semakin meningkat dan pengakuan di industri.", + "Pengguna sedang mempertimbangkan untuk beralih dari Microsoft SQL Server ke PostgreSQL karena biaya lisensi yang tinggi dan keterbatasan sumber daya, meskipun ada tantangan migrasi yang potensial.", + "PostgreSQL disukai karena fitur-fiturnya yang kuat dan efektivitas biayanya, menjadikannya pilihan yang disukai untuk proyek-proyek mendatang, meskipun beberapa pengguna menjelajahi alternatif seperti Babelfish untuk mengurangi biaya." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Login OAuth Google tidak melindungi terhadap pembelian domain startup yang gagal.", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Teks tersebut menyoroti kerentanan dalam sistem login OAuth Google ketika domain dari sebuah startup yang gagal diakuisisi oleh pemilik baru, yang berpotensi memungkinkan akses tidak sah ke layanan.", + "Masalah ini muncul karena Google mungkin tidak dapat membedakan antara pemilik domain asli dan yang baru, yang mempengaruhi sistem apa pun yang menggunakan autentikasi berbasis domain.", + "Solusi yang diusulkan adalah menggunakan pengenal unik yang tetap konstan dari waktu ke waktu, meskipun penerapan solusi ini bervariasi di antara penyedia identitas." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Memanfaatkan keterampilan pemrograman untuk menghasilkan pendapatan pasif", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "Penulis beralih dari peran CTO menjadi solopreneur, berhasil mendapatkan lebih banyak melalui portofolio produk perangkat lunak.", + "Strategi utama meliputi fokus pada pekerjaan mendalam, memulai dengan proyek kecil, iterasi cepat, dan mendedikasikan waktu untuk upaya pemasaran.", + "Teks ini menekankan ketahanan menghadapi ketidakpastian, tetapi menyoroti otonomi dan kebebasan yang tak tertandingi dari jalur karier ini, mendorong mereka yang memiliki keterampilan pemrograman untuk mempertimbangkannya sebagai sumber pendapatan pasif." + ], + "commentSummary": [ + "Seorang pengguna menggambarkan cara menghasilkan pendapatan pasif melalui situs web spam SEO dengan menggunakan nama domain yang akan kedaluwarsa, menghasilkan sekitar $30 ribu per tahun, meskipun ada kekhawatiran etis dan tindakan tegas dari Google pada akhirnya.", + "Tulisan tersebut memicu perdebatan tentang pendapatan pasif, dengan beberapa pengguna berargumen bahwa itu lebih mirip menjalankan bisnis daripada benar-benar pendapatan pasif.", + "Para peserta berbagi pengalaman dan tantangan dalam proyek sampingan, menyoroti pentingnya waktu, ketahanan, dan perencanaan strategis." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Spanyol mengusulkan pajak 100% pada rumah yang dibeli oleh penduduk non-Uni Eropa.", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "Spanyol sedang mempertimbangkan pajak 100% pada pembelian real estat oleh penduduk non-Uni Eropa, dengan tujuan untuk mengatasi krisis perumahan dan mengekang pembelian spekulatif.", + "Proposal Perdana Menteri Pedro Sánchez mencakup perluasan perumahan sosial dan pengaturan penyewaan wisata untuk mengatasi kesenjangan antara harga rumah dan pendapatan.", + "Tidak pasti apakah proposal tersebut akan menjadi undang-undang, dengan beberapa analis melihatnya lebih sebagai penghalang bagi investor asing daripada perubahan legislatif yang dijamin." + ], + "commentSummary": [ + "Spanyol sedang mempertimbangkan pajak 100% pada rumah yang dibeli oleh penduduk non-Uni Eropa untuk mengatasi masalah keterjangkauan perumahan. - Para kritikus menyarankan bahwa pembeli asing bukanlah penyebab utama tingginya harga perumahan, dengan menyebut birokrasi yang lambat dan undang-undang zonasi sebagai faktor yang lebih signifikan. - Usulan ini telah memicu perdebatan tentang peran kepemilikan asing dalam pasar perumahan dan efektivitasnya dalam menyelesaikan masalah keterjangkauan." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple akan segera menerima chip 'buatan Amerika' dari pabrik TSMC di Arizona", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple sedang menguji prosesor dari fasilitas TSMC di Arizona, dengan rencana untuk produksi massal pada kuartal pertama, yang berpotensi menjadikan Apple sebagai pelanggan pertama TSMC di AS untuk chip yang diproduksi secara lokal. - Inisiatif ini bertujuan untuk memperkuat kemandirian silikon AS, mengurangi ketergantungan pada Taiwan, yang rentan terhadap risiko geopolitik dan alam. - Pabrik TSMC di Arizona akan memproduksi chip canggih 3nm dan 2nm, dengan upaya berkelanjutan untuk meningkatkan perekrutan lokal dan kemitraan dengan universitas di AS, meskipun pengemasan awalnya akan dilakukan di Taiwan hingga fasilitas di Peoria beroperasi." + ], + "commentSummary": [ + "Apple akan menerima chip dari pabrik TSMC di Arizona, tetapi chip tersebut perlu dikirim kembali ke Taiwan untuk pengemasan karena fasilitas di AS tidak mencukupi. - Lebih dari 50% tenaga kerja di pabrik Arizona berasal dari Taiwan, menunjukkan adanya kesenjangan di bidang STEM (Sains, Teknologi, Teknik, dan Matematika) di AS. - Inisiatif Undang-Undang CHIPS, yang bertujuan untuk meningkatkan manufaktur semikonduktor di AS, menghadapi tantangan karena label \"Made in America\" dipertanyakan akibat proses pengemasan yang terjadi di Taiwan, dengan rencana untuk kemampuan pengemasan di AS pada tahun 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43 ribu lebih sedikit pengemudi di jalan-jalan Manhattan setelah penetapan harga kemacetan diaktifkan", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Setelah penerapan harga kemacetan, terjadi pengurangan sebesar 7,5% pada pengemudi yang memasuki Manhattan di bawah 60th Street, yang setara dengan 43.000 pengemudi lebih sedikit setiap hari kerja.", + "Pengurangan lalu lintas telah memperbaiki aliran lalu lintas dan meningkatkan kecepatan bus, dengan beberapa bus ekspres mengalami peningkatan jumlah penumpang.", + "The Metropolitan Transportation Authority (MTA) menggunakan pendapatan tol, yang diperkirakan mencapai $500 juta per tahun, untuk perbaikan transportasi, meskipun ada beberapa oposisi politik." + ], + "commentSummary": [ + "Pelaksanaan penetapan harga kemacetan di Manhattan telah mengakibatkan 43.000 pengemudi lebih sedikit, yang mengarah pada peningkatan kecepatan bus dan kemungkinan waktu respons darurat yang lebih baik.", + "Aturan ini dirancang untuk mengurangi kemacetan lalu lintas dan meningkatkan kualitas udara, meskipun telah memicu perdebatan mengenai dampaknya terhadap individu berpenghasilan rendah.", + "Para pendukung berpendapat bahwa manfaatnya meliputi transportasi umum yang lebih efisien dan udara yang lebih bersih, sementara diskusi terus berlanjut tentang menyeimbangkan keuntungan ini dengan kebutuhan para pengemudi." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.it.json b/records/2025-01-14/2025-01-14.it.json new file mode 100644 index 000000000..eca08ce95 --- /dev/null +++ b/records/2025-01-14/2025-01-14.it.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "Un ricercatore di sicurezza di Snyk distribuisce pacchetti NPM dannosi prendendo di mira cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "Un ricercatore di sicurezza di Snyk ha rilasciato pacchetti NPM dannosi mirati a Cursor.com, un'azienda di codifica AI, per raccogliere dati di sistema e inviarli a un servizio controllato da un attaccante.", + "I pacchetti, identificati come \"cursor-retrieval\", \"cursor-always-local\" e \"cursor-shadow-workspace\", sono stati segnalati dallo scanner di analisi dei pacchetti OpenSSF, risultando negli avvisi MAL-2025-27, MAL-2025-28 e MAL-2025-29.", + "Questo incidente evidenzia l'importanza di esaminare attentamente i pacchetti NPM prima dell'installazione per evitare potenziali minacce alla sicurezza." + ], + "commentSummary": [ + "Un ricercatore di sicurezza di Snyk ha rilasciato pacchetti NPM (Node Package Manager) dannosi mirati a cursor.com, evidenziando vulnerabilità di confusione delle dipendenze. - L'incidente ha suscitato un dibattito sull'etica della ricerca sulla sicurezza, in particolare riguardo all'esposizione pubblica delle variabili d'ambiente. - Cursor.com ha chiarito di non aver autorizzato l'azione, e Snyk si è successivamente scusato, sottolineando le sfide nel bilanciare la ricerca sulla sicurezza offensiva con gli standard etici." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "Io sono passato a Firefox e non sono mai tornato indietro", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox è apprezzato per la sua gestione superiore delle schede, la funzione Pocket integrata per salvare i link e un servizio di inoltro email incentrato sulla privacy, rendendolo una valida alternativa a Chrome. - Funzionalità aggiuntive come uno strumento di screenshot facile da usare, un pulsante ChatGPT, la modalità Picture-in-Picture, opzioni di ricerca personalizzabili e uno scorrimento fluido migliorano l'esperienza di navigazione. - Sebbene Firefox manchi della funzione di app web di Chrome, il suo design attento e la ridotta richiesta di risorse lo rendono una scelta preferita per alcuni utenti." + ], + "commentSummary": [ + "Gli utenti di Firefox affrontano sfide da piattaforme come YouTube, che potrebbero intenzionalmente degradare l'esperienza per i browser non Google o per gli utenti che utilizzano adblocker. - Questa tendenza solleva preoccupazioni riguardo all'autonomia degli utenti, poiché penalizza coloro che optano per un'esperienza web senza pubblicità e sorveglianza. - Firefox offre funzionalità uniche, come le schede contenitore, che migliorano la privacy e l'usabilità, rendendolo una scelta preferita per gli utenti che cercano indipendenza dai browser controllati da grandi aziende." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Il CEO di Sonos si dimette dopo il fiasco dell'aggiornamento dell'app", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Il CEO di Sonos si è dimesso a seguito di un controverso aggiornamento dell'app che ha richiesto agli utenti di sostituire costosi sistemi audio, causando insoddisfazione tra i clienti. - L'aggiornamento ha introdotto un sistema basato su cloud, allontanandosi dal affidabile Universal Plug and Play (UPnP), il che ha portato a problemi di connettività e maggiore complessità. - Questa situazione sottolinea il conflitto tra strategie aziendali e mantenimento della fiducia dei clienti, mentre il CEO passa a un ruolo di consulenza con un pacchetto di buonuscita." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "Nella pancia di MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "L'articolo esamina come l'algoritmo di YouTube influenzi la creazione di contenuti, utilizzando MrBeast come caso di studio, evidenziando un passaggio verso contenuti guidati dall'engagement piuttosto che significativi. - Discute le implicazioni più ampie per l'alfabetizzazione mediatica e l'impatto culturale di piattaforme come YouTube e TikTok, suggerendo una tendenza verso contenuti superficiali e reazionari. - Vengono considerate varie prospettive sul ruolo degli algoritmi nel plasmare i contenuti e l'influenza dei creatori popolari sulle norme culturali." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "Le operazioni Git su GitHub sono inattive", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub ha affrontato un'interruzione delle operazioni Git il 13 gennaio 2025, a causa di una modifica di configurazione che ha influenzato il bilanciatore di carico interno, durata dalle 23:35 alle 00:24 UTC. - Il problema è stato risolto ripristinando la modifica di configurazione, e GitHub sta lavorando per migliorare i processi di monitoraggio e distribuzione per prevenire incidenti simili. - L'interruzione ha anche influenzato i servizi Actions e Pages di GitHub, evidenziando la natura interconnessa dei loro servizi di piattaforma." + ], + "commentSummary": [ + "GitHub ha affrontato un'importante interruzione che ha influenzato le operazioni git, causando confusione tra gli sviluppatori che inizialmente sospettavano problemi con le loro chiavi SSH o configurazioni locali. - L'incidente ha sottolineato le sfide di affidarsi a servizi centralizzati, stimolando discussioni sui vantaggi dell'auto-hosting e dei sistemi decentralizzati. - Sebbene il problema sia stato risolto, ha evidenziato preoccupazioni sulla affidabilità di GitHub e i rischi di dipendere da piattaforme di terze parti per compiti essenziali." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 rilasciato con espansione ZFS raidz", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 è stato rilasciato, introducendo funzionalità significative come l'espansione RAIDZ, la deduplicazione veloce, l'input/output diretto, l'output JSON e il supporto per nomi di file lunghi. - Il rilascio include correzioni di bug essenziali e miglioramenti delle prestazioni, compatibile con i kernel Linux 4.18 - 6.12 e le versioni FreeBSD 13.3, 14.0 - 14.2. - L'aggiornamento è uno sforzo collaborativo di 134 contributori, con documentazione completa e un registro delle modifiche disponibile per la revisione." + ], + "commentSummary": [ + "ZFS 2.3 è stato rilasciato, introducendo funzionalità come l'espansione RAIDZ, la deduplicazione veloce, l'IO diretto, l'output JSON e il supporto per nomi di file lunghi. - L'espansione RAIDZ è particolarmente degna di nota poiché consente agli utenti di aggiungere nuovi dispositivi a un pool RAIDZ esistente senza tempi di inattività, migliorando la capacità di archiviazione. - Il rilascio è considerato un avanzamento significativo per gli utenti ZFS, con confronti con altri filesystem come Btrfs e Windows Storage Spaces, nonostante alcune limitazioni come l'impossibilità di ridurre i pool." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Contenitori Alpine, Ubuntu, Fedora e Arch contenenti ambienti desktop completi", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop fornisce container basati su Alpine, Ubuntu, Fedora e Arch con ambienti desktop completi accessibili tramite browser web, supportando sia le architetture x86-64 che arm64.", + "Gli utenti possono scegliere tra vari ambienti desktop come XFCE, KDE, MATE, i3, Openbox e IceWM utilizzando tag di immagine specifici e accedere al Webtop tramite URL designati.", + "Le funzionalità di sicurezza includono l'opzione seccomp di Docker e la configurazione dell'autenticazione, con opzioni di personalizzazione disponibili tramite variabili d'ambiente, e supporto per l'accelerazione GPU con driver open-source." + ], + "commentSummary": [ + "Webtop fornisce container con ambienti desktop completi per Alpine, Ubuntu, Fedora e Arch, adatti per configurazioni rapide dietro una VPN.", + "Gli utenti elogiano Webtop per la sua velocità e facilità d'uso, in particolare quando viene utilizzato con il container Gluetun per connessioni sicure, ma avvertono di non esporre i container a internet senza misure di sicurezza a causa della mancanza di autenticazione predefinita.", + "Il progetto è apprezzato per essere open-source e flessibile, con gli utenti che condividono configurazioni, e alternative come Kasm e Selkies sono notate per scopi simili." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 su 5 annunci di lavoro online sono falsi o non vengono mai coperti, secondo uno studio", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "Un recente studio indica che il 20% delle offerte di lavoro online sono false o rimangono non occupate, aumentando la frustrazione dei cercatori di lavoro. - Questa tendenza dei \"lavori fantasma\" potrebbe essere una tattica delle aziende per proiettare un'immagine di crescita. - Piattaforme di lavoro come Greenhouse e LinkedIn hanno introdotto servizi di verifica delle offerte di lavoro per aiutare gli utenti a identificare opportunità di lavoro autentiche." + ], + "commentSummary": [ + "Uno studio rivela che il 20% delle offerte di lavoro online sono false o rimangono non occupate, spesso perché le aziende devono conformarsi alle politiche di immigrazione degli Stati Uniti. - Le aziende possono anche lasciare le offerte di lavoro aperte per trovare candidati ideali, cambiare i requisiti o avere candidati interni pre-selezionati. - Il mercato del lavoro è difficile per i candidati, che spesso incontrano ghosting e rifiuti automatizzati, spingendo a richiedere un intervento normativo." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Rendere un incrocio pericoloso per i pedoni per risparmiare secondi agli automobilisti", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Il dibattito si concentra sul fatto se le intersezioni debbano dare priorità alla sicurezza dei pedoni o all'efficienza dei conducenti, con alcuni che preferiscono le intersezioni controllate da semafori e gli attraversamenti pedonali a raso rispetto agli incroci a 4 vie.", + "Le opinioni variano sulle leggi del traffico e sul design delle infrastrutture, con discussioni sulla sicurezza dell'attraversamento pedonale non autorizzato e sui rischi associati alle svolte a destra con semaforo rosso.", + "Alcuni sostengono soluzioni alternative come le rotatorie o l'adozione degli standard di ingegneria del traffico olandesi per migliorare sia la sicurezza che l'efficienza." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL è il Sistema di Gestione di Database dell'Anno 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL è stato premiato come DBMS dell'anno 2024 da DB-Engines, ottenendo questo riconoscimento per la quinta volta, superando 423 altri sistemi di gestione di database.", + "PostgreSQL, con una storia che si estende per quasi 35 anni, continua a innovare, come si vede nei recenti miglioramenti di PostgreSQL 17, rilasciato a settembre 2024.", + "Snowflake e Microsoft si sono assicurati rispettivamente il secondo e il terzo posto, con Snowflake noto per il suo data warehousing basato su cloud e il supporto multi-cloud, mentre Microsoft offre robusti database relazionali gestiti tramite Azure SQL Database e SQL Server." + ], + "commentSummary": [ + "PostgreSQL è stato premiato come Database Management System dell'anno 2024 da db-engines.com, evidenziando la sua crescente popolarità e riconoscimento nel settore.", + "Gli utenti stanno considerando di passare da Microsoft SQL Server a PostgreSQL a causa degli elevati costi di licenza e delle limitazioni delle risorse, nonostante le potenziali sfide di migrazione.", + "PostgreSQL è apprezzato per le sue caratteristiche robuste e la convenienza economica, rendendolo una scelta preferita per i progetti futuri, sebbene alcuni utenti esplorino alternative come Babelfish per ridurre i costi." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Il login OAuth di Google non protegge dall'acquisto di un dominio di una startup fallita", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Il dibattito mette in evidenza una vulnerabilità nel sistema di login OAuth di Google quando il dominio di una startup fallita viene acquisito da un nuovo proprietario, potenzialmente consentendo l'accesso non autorizzato ai servizi.", + "Questo problema si verifica perché Google potrebbe non distinguere tra i proprietari originali e nuovi del dominio, influenzando qualsiasi sistema che utilizza l'autenticazione basata sul dominio.", + "Una soluzione proposta è quella di utilizzare identificatori unici che rimangono costanti nel tempo, sebbene l'implementazione di questa soluzione vari tra i fornitori di identità." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Utilizzare le competenze di programmazione per generare un reddito passivo", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "L'autore è passato da un ruolo di CTO a solopreneur, guadagnando con successo di più attraverso un portafoglio di prodotti software.", + "Le strategie chiave includono concentrarsi sul lavoro profondo, iniziare con piccoli progetti, iterare rapidamente e dedicare tempo agli sforzi di marketing.", + "Il viaggio sottolinea la resilienza a causa delle incertezze, ma mette in evidenza l'autonomia e la libertà impareggiabili di questo percorso professionale, incoraggiando coloro che possiedono competenze di programmazione a considerarlo per un reddito passivo." + ], + "commentSummary": [ + "Un utente ha descritto come generare reddito passivo attraverso siti web di spam SEO utilizzando nomi di dominio in scadenza, guadagnando circa $30k all'anno, nonostante le preoccupazioni etiche e la successiva repressione da parte di Google.", + "Il post ha suscitato un dibattito sul reddito passivo, con alcuni utenti che sostengono che sia più simile a gestire un'attività piuttosto che a guadagni veramente passivi.", + "I partecipanti hanno condiviso esperienze e sfide nei progetti paralleli, sottolineando l'importanza del tempo, della resilienza e della pianificazione strategica." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Spagna propone una tassa del 100% sulle case acquistate da residenti non UE", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "Spagna sta considerando un'imposta del 100% sugli acquisti immobiliari da parte di residenti non UE, con l'obiettivo di affrontare la crisi abitativa e frenare gli acquisti speculativi.", + "Il piano del Primo Ministro Pedro Sánchez prevede l'espansione degli alloggi sociali e la regolamentazione degli affitti turistici per affrontare la disparità tra i prezzi delle case e i redditi.", + "Il futuro della proposta come legge è incerto, con alcuni analisti che la vedono come un deterrente per gli investitori stranieri piuttosto che un cambiamento legislativo garantito." + ], + "commentSummary": [ + "Spagna sta considerando un'imposta del 100% sulle case acquistate da residenti non UE per affrontare i problemi di accessibilità abitativa. - I critici suggeriscono che gli acquirenti stranieri non sono la causa principale dei prezzi elevati delle case, citando la burocrazia lenta e le leggi urbanistiche come fattori più significativi. - La proposta ha acceso un dibattito sul ruolo della proprietà straniera nei mercati immobiliari e sulla sua efficacia nel risolvere i problemi di accessibilità." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple riceverà presto chip 'made in America' dalla fabbrica di TSMC in Arizona", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple sta testando i processori della struttura di TSMC in Arizona, con piani per la produzione di massa entro il primo trimestre, potenzialmente diventando il primo cliente statunitense di TSMC per i chip prodotti localmente. - Questa iniziativa mira a rafforzare l'indipendenza del silicio degli Stati Uniti, riducendo la dipendenza da Taiwan, che è vulnerabile a rischi geopolitici e naturali. - La fabbrica di TSMC in Arizona è destinata a produrre chip avanzati a 3nm e 2nm, con sforzi in corso per migliorare il reclutamento locale e le collaborazioni con le università statunitensi, anche se l'imballaggio inizialmente avverrà a Taiwan fino a quando la struttura di Peoria sarà operativa." + ], + "commentSummary": [ + "Apple riceverà chip dall'impianto di TSMC in Arizona, ma devono essere rispediti a Taiwan per l'imballaggio a causa dell'insufficienza delle strutture negli Stati Uniti. - Oltre il 50% della forza lavoro nell'impianto dell'Arizona proviene da Taiwan, indicando una lacuna nel campo STEM (Scienza, Tecnologia, Ingegneria e Matematica) degli Stati Uniti. - L'iniziativa del CHIPS Act, volta a migliorare la produzione di semiconduttori negli Stati Uniti, affronta sfide poiché l'etichetta \"Made in America\" è messa in discussione a causa del processo di imballaggio che avviene a Taiwan, con piani per capacità di imballaggio negli Stati Uniti entro il 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43.000 conducenti in meno sulle strade di Manhattan dopo l'attivazione della tariffazione della congestione", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Dopo l'implementazione della tariffazione della congestione, c'è stata una riduzione del 7,5% dei conducenti che entrano a Manhattan sotto la 60ª strada, pari a 43.000 conducenti in meno ogni giorno feriale.", + "La riduzione del traffico ha migliorato il flusso del traffico e aumentato la velocità degli autobus, con alcuni autobus espressi che registrano un aumento del numero di passeggeri.", + "Il Metropolitan Transportation Authority (MTA) utilizza i ricavi dei pedaggi, stimati a 500 milioni di dollari all'anno, per miglioramenti del trasporto pubblico, nonostante alcune opposizioni politiche." + ], + "commentSummary": [ + "Il sistema di tariffazione della congestione implementato a Manhattan ha portato a 43.000 conducenti in meno, con un conseguente aumento della velocità degli autobus e potenzialmente tempi di risposta migliori per le emergenze.", + "La politica è progettata per ridurre la congestione del traffico e migliorare la qualità dell'aria, anche se ha suscitato dibattiti sul suo impatto sulle persone a basso reddito.", + "Secondo i sostenitori, i vantaggi includono un trasporto pubblico più efficiente e un'aria più pulita, mentre continuano le discussioni su come bilanciare questi vantaggi con le esigenze degli automobilisti." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.ja.json b/records/2025-01-14/2025-01-14.ja.json new file mode 100644 index 000000000..3999ad541 --- /dev/null +++ b/records/2025-01-14/2025-01-14.ja.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "「Snykのセキュリティ研究者が、cursor.comを標的とする悪意のあるNPMパッケージを展開」", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "「Snykのセキュリティ研究者が、AIコーディング会社であるCursor.comを標的とした悪意のあるNPMパッケージを公開し、システムデータを収集して攻撃者が制御するサービスに送信しました。」", + "「パッケージ「cursor-retrieval」、「cursor-always-local」、「cursor-shadow-workspace」は、OpenSSFパッケージ分析スキャナーによってフラグが立てられ、勧告MAL-2025-27、MAL-2025-28、MAL-2025-29が発行されました。」", + "「この事件は、潜在的なセキュリティ脅威を避けるために、インストール前にNPMパッケージを精査することの重要性を強調しています。」" + ], + "commentSummary": [ + "「Snykのセキュリティ研究者がcursor.comを狙った悪意のあるNPM(Node Package Manager)パッケージを公開し、依存関係の混乱による脆弱性を浮き彫りにしました。この事件は、特に環境変数の公表に関するセキュリティ研究の倫理についての議論を引き起こしました。Cursor.comはこの行動を許可していないことを明らかにし、Snykはその後謝罪し、攻撃的なセキュリティ研究と倫理基準のバランスを取ることの難しさを強調しました。」" + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "「私はFirefoxに切り替えて、振り返ることはありませんでした」", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "「Firefoxは、優れたタブ管理、リンクを保存するための内蔵Pocket機能、プライバシーに配慮したメールリレーで称賛されており、Chromeの強力な代替手段となっています。- ユーザーフレンドリーなスクリーンショットツール、ChatGPTボタン、ピクチャーインピクチャー、カスタマイズ可能な検索オプション、スムーズなスクロールなどの追加機能がブラウジング体験を向上させます。- FirefoxはChromeのウェブアプリ機能を欠いているものの、その考え抜かれたデザインとリソースの少ない要求が、一部のユーザーにとって好ましい選択肢となっています。」" + ], + "commentSummary": [ + "「Firefoxのユーザーは、YouTubeのようなプラットフォームからの挑戦に直面しています。これらのプラットフォームは、非Googleブラウザや広告ブロッカーを使用するユーザーに対して意図的に体験を劣化させることがあります。この傾向は、広告なしで監視のないウェブ体験を選ぶユーザーを罰するものであり、ユーザーの自主性に関する懸念を引き起こしています。Firefoxは、コンテナタブのようなプライバシーと使いやすさを向上させる独自の機能を提供しており、大手企業が管理するブラウザからの独立を求めるユーザーにとって好まれる選択肢となっています。」" + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "「SonosのCEOがアプリの更新問題を受けて辞任」", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "「SonosのCEOは、ユーザーに高価なサウンドシステムの交換を要求する物議を醸したアプリのアップデートに続いて辞任しました。このアップデートはクラウドベースのシステムを導入し、信頼性のあるUniversal Plug and Play(UPnP)から移行したため、接続の問題や複雑さが増しました。この状況は、ビジネス戦略と顧客の信頼維持の間の対立を浮き彫りにしており、CEOは退職金を伴うアドバイザリー役に移行します。」" + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "MrBeastの腹の中で", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "「このエッセイは、YouTubeのアルゴリズムがコンテンツ制作にどのように影響を与えるかを、MrBeastを事例として検討し、意味のあるコンテンツよりもエンゲージメント重視の方向へのシフトを強調しています。 - メディアリテラシーへの広範な影響と、YouTubeやTikTokのようなプラットフォームの文化的影響について議論し、表面的で反応的なコンテンツへの傾向を示唆しています。 - アルゴリズムがコンテンツを形成する役割と、人気クリエイターが文化的規範に与える影響について、さまざまな視点が考慮されています。」" + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "GitHubのGit操作が停止しています", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "「GitHubは、2025年1月13日に内部ロードバランサーに影響を与える設定変更のため、23:35から00:24 UTCまでGit操作の障害に直面しました。この問題は設定変更を元に戻すことで解決され、GitHubは同様のインシデントを防ぐために監視と展開プロセスの改善に取り組んでいます。この障害はGitHubのActionsとPagesサービスにも影響を与え、プラットフォームサービスの相互接続性を浮き彫りにしました。」" + ], + "commentSummary": [ + "「GitHubはgit操作に影響を与える大規模な障害に直面し、開発者たちは最初、SSHキーやローカル設定に問題があると疑いました。このインシデントは、集中型サービスに依存することの課題を浮き彫りにし、セルフホスティングや分散型システムの利点についての議論を促しました。問題は解決されたものの、GitHubの信頼性や、重要な作業をサードパーティプラットフォームに依存することのリスクに対する懸念が浮き彫りになりました。」" + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "「ZFS 2.3がZFS raidz拡張機能と共にリリースされました」", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "「OpenZFS 2.3.0がリリースされ、RAIDZ拡張、迅速な重複排除、直接入出力、JSON出力、長いファイル名のサポートなどの重要な機能が導入されました。このリリースには、Linuxカーネル4.18 - 6.12およびFreeBSDバージョン13.3、14.0 - 14.2と互換性のある重要なバグ修正とパフォーマンスの向上が含まれています。このアップデートは134人の貢献者による共同作業の成果であり、包括的なドキュメントと変更ログがレビューのために利用可能です。」" + ], + "commentSummary": [ + "ZFS 2.3がリリースされ、RAIDZ拡張、迅速な重複排除、ダイレクトIO、JSON出力、長いファイル名のサポートなどの機能が導入されました。- 特にRAIDZ拡張は注目に値し、ユーザーが既存のRAIDZプールに新しいデバイスをダウンタイムなしで追加できるようにし、ストレージ容量を拡張します。- このリリースはZFSユーザーにとって重要な進歩と見なされており、BtrfsやWindows Storage Spacesなどの他のファイルシステムと比較されていますが、プールを縮小できないといったいくつかの制限もあります。" + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – フルデスクトップ環境を含むAlpine、Ubuntu、Fedora、およびArchコンテナ", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtopは、Alpine、Ubuntu、Fedora、Archに基づいたコンテナを提供し、ウェブブラウザを通じてアクセス可能なフルデスクトップ環境を備えており、x86-64とarm64の両方のアーキテクチャをサポートしています。", + "ユーザーは、特定のイメージタグを使用して、XFCE、KDE、MATE、i3、Openbox、IceWMなどのさまざまなデスクトップ環境を選択し、指定されたURLを介してWebtopにアクセスできます。", + "「セキュリティ機能には、Dockerのseccompオプションと認証設定が含まれ、環境変数を通じてカスタマイズオプションが利用可能であり、オープンソースドライバーによるGPUアクセラレーションのサポートもあります。」" + ], + "commentSummary": [ + "Webtopは、Alpine、Ubuntu、Fedora、Archのフルデスクトップ環境を備えたコンテナを提供しており、VPNの背後での迅速なセットアップに適しています。", + "「ユーザーは、Webtopがその速度と使いやすさで特にGluetunコンテナと組み合わせて安全な接続を行う際に称賛していますが、デフォルトの認証がないため、セキュリティ対策なしでコンテナをインターネットに公開することに対しては注意を促しています。」", + "「このプロジェクトはオープンソースで柔軟性があることが評価されており、ユーザーが設定を共有しています。また、KasmやSelkiesのような代替案も同様の目的で注目されています。」" + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "「オンライン求人の5件に1件は偽物であるか、または決して埋まらないことが研究で判明」", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "「最近の研究によると、オンライン求人の20%が偽物であるか、未充足のままであり、求職者の不満を増大させています。この「ゴーストジョブ」トレンドは、企業が成長のイメージを投影するための戦術である可能性があります。GreenhouseやLinkedInなどの求人プラットフォームは、ユーザーが本物の求人を見分けるのを助けるために求人確認サービスを導入しています。」" + ], + "commentSummary": [ + "「調査によると、オンライン求人の20%が偽造であるか、未充足のままであることが明らかになりました。これはしばしば、企業が米国の移民政策に従う必要があるためです。企業はまた、理想的な候補者を見つけるために求人を掲載し続けたり、要件を変更したり、内部で事前に選ばれた候補者を持っていることもあります。求職者にとっては、ゴースティングや自動拒否に頻繁に遭遇するため、規制の介入を求める声が上がっています。」" + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "「歩行者の安全を犠牲にして、運転者の数秒を節約する交差点を作ること」", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "「議論は、交差点が歩行者の安全を優先すべきか、運転者の効率を優先すべきかに焦点を当てており、一部の人々は4方向停止よりも信号制御の交差点や歩行者スクランブルを支持しています。」", + "「交通法やインフラ設計に関する意見はさまざまで、信号無視の安全性や赤信号での右折に伴うリスクについての議論が行われています。」", + "「一部の人々は、安全性と効率性を向上させるために、ラウンドアバウトやオランダの交通工学基準の採用などの代替解決策を提唱しています。」" + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "「PostgreSQLは2024年のデータベース管理システム・オブ・ザ・イヤーです」", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "「PostgreSQLは、DB-Enginesによって2024年のDBMSオブザイヤーに選ばれ、423の他のデータベース管理システムを上回り、5回目の受賞を果たしました。」", + "「PostgreSQLは、約35年にわたる歴史を持ち、2024年9月にリリースされたPostgreSQL 17の最近の強化に見られるように、革新を続けています。」", + "「スノーフレークとマイクロソフトはそれぞれ2位と3位を獲得しました。スノーフレークはクラウドベースのデータウェアハウジングとマルチクラウドサポートで注目され、マイクロソフトはAzure SQL DatabaseとSQL Serverを通じて強力なマネージドリレーショナルデータベースを提供しています。」" + ], + "commentSummary": [ + "「PostgreSQLは、db-engines.comによって2024年のデータベース管理システム・オブ・ザ・イヤーに選ばれ、その業界での人気と認知度の高まりが強調されています。」", + "「ユーザーは、移行の課題があるにもかかわらず、高いライセンスコストとリソースの制限のために、Microsoft SQL ServerからPostgreSQLへの切り替えを検討しています。」", + "「PostgreSQLは、その堅牢な機能とコスト効率の良さから、将来のプロジェクトにおいて好まれる選択肢となっていますが、一部のユーザーはコスト削減のためにBabelfishのような代替案を模索しています。」" + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "「GoogleのOAuthログインは、失敗したスタートアップのドメイン購入に対して保護しません」", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "「この議論は、失敗したスタートアップのドメインが新しい所有者に取得された際に、GoogleのOAuthログインシステムにおける脆弱性を強調しており、これがサービスへの不正アクセスを可能にする可能性があることを示しています。」", + "「この問題は、Googleが元のドメイン所有者と新しいドメイン所有者を区別できない可能性があるために発生し、ドメインベースの認証を使用するシステムに影響を与える可能性があります。」", + "「提案された解決策は、時間が経っても変わらない一意の識別子を使用することですが、この解決策の実施はアイデンティティプロバイダーによって異なります。」" + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "「コーディングスキルを活用して不労所得を得る」", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "「著者はCTOの役職からソロプレナーに転身し、ソフトウェア製品のポートフォリオを通じてより多くの収入を得ることに成功しました。」", + "「主な戦略には、深い作業に集中すること、小さなプロジェクトから始めること、迅速に反復すること、そしてマーケティング活動に時間を割くことが含まれます。」", + "この旅は不確実性によるレジリエンスを強調していますが、このキャリアパスの比類のない自律性と自由を強調し、コーディングスキルを持つ人々に受動的収入のためにそれを検討するよう促しています。" + ], + "commentSummary": [ + "「あるユーザーが、期限切れのドメイン名を使用したSEOスパムウェブサイトを通じて受動的収入を得ており、倫理的な懸念やGoogleの最終的な取り締まりにもかかわらず、年間約3万ドルを稼いでいると説明しました。」", + "「その投稿はパッシブインカムについての議論を引き起こし、一部のユーザーはそれが本当に受動的な収入というよりも、ビジネスを運営することに近いと主張しました。」", + "「参加者はサイドプロジェクトでの経験と課題を共有し、時間、レジリエンス、戦略的計画の重要性を強調しました。」" + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "「スペイン、非EU居住者による住宅購入に対して100%の税を提案」", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "「スペインは、住宅危機に対処し、投機的な購入を抑制することを目的として、非EU居住者による不動産購入に対して100%の税を検討しています。」", + "「首相ペドロ・サンチェスの提案には、住宅価格と収入の格差に対処するために、社会住宅の拡大と観光賃貸の規制が含まれています。」", + "「提案の法制化の将来は不確実であり、一部のアナリストはこれを確実な法改正というよりも、むしろ外国投資家への抑止力と見なしています。」" + ], + "commentSummary": [ + "「スペインは、住宅の手頃な価格の問題に対処するために、非EU居住者によって購入された住宅に対して100%の税を検討しています。批評家は、外国人購入者が高い住宅価格の主な原因ではないとし、遅い官僚主義やゾーニング法がより重要な要因であると指摘しています。この提案は、住宅市場における外国人所有の役割と、手頃な価格の問題を解決する効果についての議論を引き起こしています。」" + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "「アップルはまもなく、TSMCのアリゾナ工場から『メイド・イン・アメリカ』のチップを受け取る予定です」", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "「AppleはTSMCのアリゾナ施設からのプロセッサをテストしており、第一四半期までに量産を計画している。これにより、TSMCの米国で製造されたチップの最初の顧客になる可能性がある。この取り組みは、台湾に依存しがちなシリコンの独立性を強化し、地政学的および自然のリスクに対する脆弱性を減少させることを目的としている。TSMCのアリゾナ工場は、先進的な3nmおよび2nmチップを生産する予定であり、地元の採用と米国の大学との提携を強化する努力が続けられているが、パッケージングは当初、ピオリア施設が稼働するまで台湾で行われる予定である。」" + ], + "commentSummary": [ + "「アップルはTSMCのアリゾナ工場からチップを受け取りますが、米国の施設が不十分なため、パッケージングのために台湾に送り返す必要があります。- アリゾナ工場の労働力の50%以上が台湾から来ており、米国のSTEM(科学、技術、工学、数学)分野のギャップを示しています。- 米国の半導体製造を強化することを目的としたCHIPS法のイニシアチブは、パッケージングプロセスが台湾で行われるため、「メイド・イン・アメリカ」ラベルが疑問視され、2027年までに米国でのパッケージング能力を計画していることから、課題に直面しています。」" + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "「混雑料金が導入された後、マンハッタンの道路から43,000人のドライバーが減少」", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "「混雑料金制度が導入された後、60丁目より南のマンハッタンに入る運転手が7.5%減少し、平日ごとに43,000人の運転手が減少しました。」", + "「交通量の減少により交通の流れが改善され、バスの速度が向上し、一部の急行バスでは乗客数が増加しています。」", + "メトロポリタン交通局(MTA)は、年間約5億ドルと見積もられる通行料収入を、政治的な反対があるにもかかわらず、交通改善のために使用しています。" + ], + "commentSummary": [ + "「マンハッタンでの混雑料金の導入により、43,000人の運転手が減少し、バスの速度が向上し、緊急対応時間が改善される可能性があります。」", + "「この政策は交通渋滞を緩和し、空気の質を改善することを目的としていますが、低所得者層への影響について議論を引き起こしています。」", + "「支持者は、利点としてより効率的な公共交通機関と清潔な空気を挙げており、これらの利点と運転者のニーズをどのようにバランスさせるかについての議論が続いています。」" + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.ko.json b/records/2025-01-14/2025-01-14.ko.json new file mode 100644 index 000000000..9d3da519f --- /dev/null +++ b/records/2025-01-14/2025-01-14.ko.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "시닉 보안 연구원이 cursor.com을 대상으로 하는 악성 NPM 패키지를 배포하다", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "한 Snyk 보안 연구원이 AI 코딩 회사인 Cursor.com을 대상으로 시스템 데이터를 수집하고 이를 공격자가 제어하는 서비스로 전송하기 위해 악성 NPM 패키지를 배포했습니다.", + "이 패키지들은 \"cursor-retrieval,\" \"cursor-always-local,\" 및 \"cursor-shadow-workspace\"로 식별되었으며, OpenSSF 패키지 분석 스캐너에 의해 플래그가 지정되어 권고 사항 MAL-2025-27, MAL-2025-28, 및 MAL-2025-29가 발행되었습니다.", + "이 사건은 잠재적인 보안 위협을 피하기 위해 NPM 패키지를 설치하기 전에 면밀히 검토하는 것의 중요성을 강조합니다." + ], + "commentSummary": [ + "한 Snyk 보안 연구원이 cursor.com을 겨냥한 악성 NPM(Node Package Manager) 패키지를 공개하여 의존성 혼동 취약점을 강조했습니다. - 이 사건은 특히 환경 변수의 공개 노출과 관련하여 보안 연구의 윤리에 대한 논쟁을 촉발했습니다. - Cursor.com은 이 행동을 승인하지 않았다고 밝혔으며, Snyk는 이후 사과하면서 공격적 보안 연구와 윤리적 기준 간의 균형을 맞추는 데 있어 어려움을 강조했습니다." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "파이어폭스로 전환하고 다시는 돌아보지 않았다", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox는 우수한 탭 관리, 링크 저장을 위한 내장 Pocket 기능, 그리고 프라이버시 중심의 이메일 릴레이로 칭찬받으며 Chrome의 강력한 대안이 됩니다. - 사용자 친화적인 스크린샷 도구, ChatGPT 버튼, 화면 속 화면(Picture-in-Picture), 맞춤형 검색 옵션, 부드러운 스크롤링과 같은 추가 기능들이 브라우징 경험을 향상시킵니다. - Firefox는 Chrome의 웹 앱 기능이 부족하지만, 신중한 디자인과 감소된 자원 요구로 인해 일부 사용자들에게 선호되는 선택이 됩니다." + ], + "commentSummary": [ + "Firefox 사용자는 YouTube와 같은 플랫폼에서 비 Google 브라우저나 광고 차단기를 사용하는 사용자에게 의도적으로 경험을 저하시킬 수 있는 도전에 직면해 있습니다. - 이러한 경향은 광고 없는 감시 없는 웹 경험을 선택하는 사용자를 처벌하기 때문에 사용자 자율성에 대한 우려를 제기합니다. - Firefox는 컨테이너 탭과 같은 독특한 기능을 제공하여 프라이버시와 사용성을 향상시켜 주요 기업이 통제하는 브라우저로부터 독립을 추구하는 사용자에게 선호되는 선택이 되고 있습니다." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Sonos CEO, 앱 업데이트 문제로 사임", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Sonos의 CEO가 논란이 된 앱 업데이트 이후 사임했습니다. 이 업데이트는 사용자들이 비싼 사운드 시스템을 교체하도록 요구하여 고객 불만을 초래했습니다. - 업데이트는 클라우드 기반 시스템을 도입하여 신뢰할 수 있는 Universal Plug and Play (UPnP)에서 벗어나게 했고, 이로 인해 연결 문제와 복잡성이 증가했습니다. - 이 상황은 비즈니스 전략과 고객 신뢰 유지 간의 갈등을 강조하며, CEO는 퇴직 패키지를 받으며 자문 역할로 전환합니다." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "MrBeast의 배 속에서", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "이 에세이는 YouTube의 알고리즘이 콘텐츠 제작에 어떻게 영향을 미치는지를 MrBeast를 사례로 사용하여 검토하며, 의미 있는 콘텐츠보다는 참여 중심으로의 전환을 강조합니다. - 이는 미디어 리터러시와 YouTube 및 TikTok과 같은 플랫폼의 문화적 영향에 대한 더 넓은 함의를 논의하며, 피상적이고 반응적인 콘텐츠로의 경향을 제안합니다. - 알고리즘이 콘텐츠를 형성하는 역할과 인기 있는 창작자들이 문화적 규범에 미치는 영향에 대한 다양한 관점이 고려됩니다." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "GitHub Git 작업이 중단되었습니다", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub은 2025년 1월 13일에 내부 로드 밸런서에 영향을 미치는 구성 변경으로 인해 Git 작업 중단을 겪었으며, 이는 23:35부터 00:24 UTC까지 지속되었습니다. - 문제는 구성 변경을 되돌림으로써 해결되었으며, GitHub은 유사한 사건을 방지하기 위해 모니터링 및 배포 프로세스를 개선하고 있습니다. - 이번 중단은 GitHub의 Actions 및 Pages 서비스에도 영향을 미쳐, 플랫폼 서비스의 상호 연결된 특성을 부각시켰습니다." + ], + "commentSummary": [ + "GitHub는 git 작업에 영향을 미치는 주요 장애를 겪었고, 이로 인해 개발자들은 처음에 자신의 SSH 키나 로컬 설정에 문제가 있다고 의심하게 되었습니다. - 이 사건은 중앙 집중식 서비스에 의존하는 것의 어려움을 강조하며, 자체 호스팅 및 분산 시스템의 장점에 대한 논의를 촉발했습니다. - 문제는 해결되었지만, GitHub의 신뢰성과 필수 작업을 위해 타사 플랫폼에 의존하는 것의 위험성에 대한 우려를 부각시켰습니다." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3이 ZFS raidz 확장 기능과 함께 출시되었습니다.", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0이 출시되어 RAIDZ 확장, 빠른 중복 제거, 직접 입출력, JSON 출력, 긴 파일 이름 지원과 같은 중요한 기능이 도입되었습니다. - 이번 릴리스에는 필수적인 버그 수정과 성능 향상이 포함되어 있으며, Linux 커널 4.18 - 6.12 및 FreeBSD 버전 13.3, 14.0 - 14.2와 호환됩니다. - 이 업데이트는 134명의 기여자가 협력한 결과로, 포괄적인 문서와 변경 로그가 검토를 위해 제공됩니다." + ], + "commentSummary": [ + "ZFS 2.3이 출시되어 RAIDZ 확장, 빠른 중복 제거, 직접 IO, JSON 출력, 긴 파일 이름 지원과 같은 기능이 도입되었습니다. - 특히 RAIDZ 확장은 사용자가 기존 RAIDZ 풀에 새로운 장치를 추가하여 다운타임 없이 저장 용량을 확장할 수 있게 해주는 점에서 주목할 만합니다. - 이번 출시는 ZFS 사용자에게 중요한 발전으로 간주되며, Btrfs 및 Windows Storage Spaces와 같은 다른 파일 시스템과 비교되고 있지만, 풀을 축소할 수 없는 등의 몇 가지 제한 사항이 있습니다." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – 전체 데스크톱 환경을 포함한 Alpine, Ubuntu, Fedora 및 Arch 컨테이너", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop은 웹 브라우저를 통해 접근할 수 있는 전체 데스크톱 환경을 제공하는 컨테이너를 Alpine, Ubuntu, Fedora, Arch 기반으로 제공하며, x86-64 및 arm64 아키텍처를 모두 지원합니다.", + "사용자는 특정 이미지 태그를 사용하여 XFCE, KDE, MATE, i3, Openbox, IceWM과 같은 다양한 데스크톱 환경을 선택할 수 있으며, 지정된 URL을 통해 Webtop에 접속할 수 있습니다.", + "보안 기능에는 Docker의 seccomp 옵션과 인증 설정이 포함되며, 환경 변수를 통한 사용자 정의 옵션과 오픈 소스 드라이버를 통한 GPU 가속 지원이 포함됩니다." + ], + "commentSummary": [ + "Webtop은 Alpine, Ubuntu, Fedora 및 Arch에 대한 전체 데스크톱 환경을 갖춘 컨테이너를 제공하여 VPN 뒤에서 빠르게 설정할 수 있습니다.", + "사용자들은 Webtop이 속도와 사용의 용이성 면에서 특히 Gluetun 컨테이너와 함께 사용할 때 칭찬하지만, 기본 인증이 없기 때문에 보안 조치 없이 컨테이너를 인터넷에 노출하는 것에 대해 주의를 당부합니다.", + "이 프로젝트는 오픈 소스와 유연성으로 평가받고 있으며, 사용자들이 구성 설정을 공유하고 Kasm과 Selkies와 같은 대안들이 유사한 목적으로 주목받고 있습니다." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "연구에 따르면 온라인 구인 공고 중 5개 중 1개는 가짜이거나 채워지지 않는 것으로 나타났습니다.", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "최근 연구에 따르면 온라인 구인 공고의 20%가 가짜이거나 채워지지 않은 상태로 남아 있어 구직자들의 좌절감을 더하고 있습니다. - 이러한 '유령 일자리' 트렌드는 기업들이 성장 이미지를 투영하기 위한 전술일 수 있습니다. - Greenhouse와 LinkedIn과 같은 구인 플랫폼은 사용자들이 진정한 취업 기회를 식별할 수 있도록 돕기 위해 구인 검증 서비스를 도입했습니다." + ], + "commentSummary": [ + "한 연구에 따르면 온라인 구인 공고의 20%가 가짜이거나 채워지지 않은 상태로 남아 있으며, 이는 종종 기업이 미국 이민 정책을 준수해야 하기 때문입니다. - 기업은 이상적인 후보자를 찾거나, 요구 사항을 변경하거나, 내부 후보자를 미리 선정하기 위해 구인 공고를 계속 게시할 수도 있습니다. - 구직자들은 유령 구인이나 자동 거절을 자주 경험하여 규제 개입을 요구하는 목소리가 높아지고 있습니다." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "운전자의 몇 초를 절약하기 위해 보행자에게 교차로를 위험하게 만들기", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "논쟁은 교차로가 보행자 안전을 우선시해야 하는지 아니면 운전자 효율성을 우선시해야 하는지를 중심으로 진행되며, 일부는 4방향 정지보다 신호등이 있는 교차로와 보행자 전용 신호를 선호합니다.", + "교통 법규와 인프라 설계에 대한 의견은 다양하며, 무단횡단의 안전성과 적신호에서의 우회전에 관련된 위험에 대한 논의가 이루어지고 있습니다.", + "일부는 안전과 효율성을 모두 향상시키기 위해 회전 교차로나 네덜란드 교통 공학 기준을 채택하는 것과 같은 대안적 해결책을 지지합니다." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL은 2024년 올해의 데이터베이스 관리 시스템입니다.", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL는 DB-Engines에 의해 2024년 DBMS 올해의 상을 수상했으며, 423개의 다른 데이터베이스 관리 시스템을 제치고 다섯 번째로 이 인정을 받았습니다.", + "PostgreSQL은 거의 35년에 걸친 역사를 가지고 있으며, 2024년 9월에 출시된 PostgreSQL 17의 최근 개선에서 볼 수 있듯이 계속해서 혁신을 이어가고 있습니다.", + "스노우플레이크와 마이크로소프트는 각각 2위와 3위를 차지했으며, 스노우플레이크는 클라우드 기반 데이터 웨어하우징과 멀티 클라우드 지원으로 주목받았고, 마이크로소프트는 Azure SQL Database와 SQL Server를 통해 강력한 관리형 관계형 데이터베이스를 제공한다." + ], + "commentSummary": [ + "PostgreSQL은 db-engines.com에 의해 2024년 올해의 데이터베이스 관리 시스템으로 선정되었으며, 이는 업계에서의 인지도와 인기가 높아지고 있음을 강조합니다.", + "사용자들은 높은 라이선스 비용과 자원 제한 때문에 마이그레이션의 잠재적 어려움에도 불구하고 Microsoft SQL Server에서 PostgreSQL로 전환하는 것을 고려하고 있습니다.", + "PostgreSQL는 강력한 기능과 비용 효율성으로 인해 미래 프로젝트에서 선호되는 선택이며, 일부 사용자는 비용 절감을 위해 Babelfish와 같은 대안을 탐색하기도 합니다." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Google의 OAuth 로그인은 실패한 스타트업 도메인 구매를 방지하지 않습니다.", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "이 논의는 실패한 스타트업의 도메인이 새로운 소유자에게 인수될 때 Google의 OAuth 로그인 시스템에서 발생할 수 있는 취약점을 강조하며, 이는 잠재적으로 서비스에 대한 무단 접근을 허용할 수 있습니다.", + "이 문제는 Google이 원래 도메인 소유자와 새로운 도메인 소유자를 구별하지 못할 수 있기 때문에 발생하며, 도메인 기반 인증을 사용하는 모든 시스템에 영향을 미칩니다.", + "제안된 해결책은 시간이 지나도 변하지 않는 고유 식별자를 사용하는 것이지만, 이 해결책의 구현은 신원 제공자마다 다릅니다." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "코딩 기술을 사용하여 수동 소득 창출하기", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "저자는 CTO 역할에서 솔로프리뉴어로 전환하여 소프트웨어 제품 포트폴리오를 통해 더 많은 수익을 성공적으로 올렸습니다.", + "주요 전략에는 깊이 있는 작업에 집중하고, 작은 프로젝트로 시작하며, 빠르게 반복하고, 마케팅 노력에 시간을 할애하는 것이 포함됩니다.", + "이 여정은 불확실성으로 인한 회복력을 강조하지만, 이 경력 경로의 비할 데 없는 자율성과 자유를 강조하며 코딩 기술을 가진 사람들이 이를 수동적 수입을 위한 경로로 고려하도록 권장합니다." + ], + "commentSummary": [ + "한 사용자가 만료되는 도메인 이름을 사용하여 SEO 스팸 웹사이트를 통해 수동 소득을 창출하고, 윤리적 우려와 구글의 최종 단속에도 불구하고 연간 약 3만 달러를 벌어들였다고 설명했습니다.", + "그 게시물은 수동 소득에 대한 논쟁을 불러일으켰으며, 일부 사용자들은 그것이 진정한 수동 수익보다는 사업 운영에 더 가깝다고 주장했습니다.", + "참가자들은 사이드 프로젝트에서의 경험과 도전 과제를 공유하며, 시간, 회복력, 전략적 계획의 중요성을 강조했습니다." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "스페인, 비EU 거주자가 구매한 주택에 100% 세금 제안", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "스페인은 주택 위기 해결과 투기적 구매 억제를 목표로 비EU 거주자의 부동산 구매에 대해 100% 세금을 고려하고 있습니다.", + "페드로 산체스 총리의 제안에는 주택 가격과 소득 간의 격차를 해소하기 위해 사회 주택을 확장하고 관광 임대를 규제하는 것이 포함되어 있습니다.", + "그 제안의 법률로서의 미래는 불확실하며, 일부 분석가들은 이를 확실한 입법 변화라기보다는 외국인 투자자에 대한 억제책으로 보고 있습니다." + ], + "commentSummary": [ + "스페인은 주택 가격 문제를 해결하기 위해 비EU 거주자가 구매한 주택에 대해 100% 세금을 부과하는 방안을 고려하고 있습니다. - 비평가들은 외국인 구매자가 높은 주택 가격의 주요 원인이 아니며, 느린 관료주의와 구역법이 더 중요한 요인이라고 지적합니다. - 이 제안은 주택 시장에서 외국인 소유의 역할과 주택 가격 문제 해결의 효과에 대한 논쟁을 불러일으켰습니다." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "애플은 곧 TSMC의 애리조나 공장에서 '미국산' 칩을 받을 예정입니다.", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "애플은 TSMC의 애리조나 시설에서 프로세서를 테스트하고 있으며, 첫 분기까지 대량 생산을 계획하고 있어 TSMC의 미국 내 제조 칩의 첫 번째 고객이 될 가능성이 있습니다. - 이 이니셔티브는 미국의 실리콘 독립성을 강화하고, 지정학적 및 자연적 위험에 취약한 대만에 대한 의존도를 줄이는 것을 목표로 합니다. - TSMC의 애리조나 공장은 첨단 3nm 및 2nm 칩을 생산할 예정이며, 현지 채용 강화 및 미국 대학과의 파트너십을 추진하고 있지만, 포장 작업은 피오리아 시설이 가동될 때까지 초기에는 대만에서 이루어질 것입니다." + ], + "commentSummary": [ + "애플은 TSMC의 애리조나 공장에서 칩을 받을 예정이지만, 미국 내 시설이 부족하여 포장을 위해 대만으로 다시 보내야 합니다. - 애리조나 공장의 인력 중 50% 이상이 대만 출신으로, 미국의 STEM(과학, 기술, 공학, 수학) 분야의 격차를 나타냅니다. - 미국 반도체 제조를 강화하기 위한 CHIPS 법안 이니셔티브는 포장 과정이 대만에서 이루어짐에 따라 '미국산' 라벨이 의문시되면서 도전에 직면하고 있으며, 2027년까지 미국 내 포장 역량을 갖출 계획입니다." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "혼잡 통행료가 시행된 후 맨해튼 도로에서 운전자가 43,000명 감소", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "혼잡 통행료가 시행된 후 60번가 이하 맨해튼에 진입하는 운전자가 7.5% 감소하여 매주 평일마다 43,000명의 운전자가 줄어들었습니다.", + "교통량 감소로 인해 교통 흐름이 개선되고 버스 속도가 증가했으며, 일부 급행 버스는 승객 수가 증가했습니다.", + "메트로폴리탄 교통국(MTA)은 연간 약 5억 달러로 추산되는 통행료 수익을 교통 개선에 사용하고 있으며, 일부 정치적 반대에도 불구하고 이를 추진하고 있습니다." + ], + "commentSummary": [ + "맨해튼에서 혼잡 통행료 제도를 시행한 결과, 운전자가 43,000명 줄어들었으며, 이는 버스 속도 증가와 잠재적으로 더 나은 응급 대응 시간을 초래했습니다.", + "이 정책은 교통 혼잡을 줄이고 공기 질을 개선하기 위해 설계되었지만, 저소득층에 미치는 영향에 대한 논쟁을 불러일으켰습니다.", + "지지자들은 혜택으로 더 효율적인 대중교통과 더 깨끗한 공기를 포함한다고 주장하며, 이러한 장점을 운전자의 필요와 균형을 맞추는 논의가 계속되고 있다." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.nb.json b/records/2025-01-14/2025-01-14.nb.json new file mode 100644 index 000000000..3179c4aff --- /dev/null +++ b/records/2025-01-14/2025-01-14.nb.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "Een Snyk-beveiligingsonderzoeker implementeert kwaadaardige NPM-pakketten die gericht zijn op cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "Een Snyk-beveiligingsonderzoeker heeft kwaadaardige NPM-pakketten vrijgegeven die gericht zijn op Cursor.com, een AI-coderingsbedrijf, om systeemgegevens te verzamelen en deze naar een door een aanvaller gecontroleerde dienst te sturen.", + "De pakketten, geïdentificeerd als \"cursor-retrieval,\" \"cursor-always-local,\" en \"cursor-shadow-workspace,\" werden gemarkeerd door de OpenSSF-pakketanalysescanner, resulterend in adviezen MAL-2025-27, MAL-2025-28, en MAL-2025-29.", + "Dit voorval benadrukt het belang van het onderzoeken van NPM-pakketten voordat ze worden geïnstalleerd om mogelijke beveiligingsbedreigingen te vermijden." + ], + "commentSummary": [ + "Een Snyk-beveiligingsonderzoeker heeft kwaadaardige NPM (Node Package Manager) pakketten vrijgegeven die gericht zijn op cursor.com, waarmee afhankelijkheidsverwarringskwetsbaarheden worden benadrukt. - Het incident heeft een debat aangewakkerd over de ethiek van beveiligingsonderzoek, met name met betrekking tot de publieke blootstelling van omgevingsvariabelen. - Cursor.com verduidelijkte dat zij de actie niet hebben geautoriseerd, en Snyk heeft sindsdien zijn excuses aangeboden, waarmee de uitdagingen worden onderstreept in het balanceren van offensief beveiligingsonderzoek met ethische normen." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "Ik ben overgestapt naar Firefox en heb nooit meer achterom gekeken", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox wordt geprezen voor zijn superieure tabbladbeheer, ingebouwde Pocket-functie voor het opslaan van links en een privacygerichte e-mailrelay, waardoor het een sterk alternatief voor Chrome is. - Extra functies zoals een gebruiksvriendelijke screenshot-tool, een ChatGPT-knop, Picture-in-Picture, aanpasbare zoekopties en soepel scrollen verbeteren de browse-ervaring. - Hoewel Firefox de webapp-functie van Chrome mist, maken het doordachte ontwerp en de verminderde hulpbroneisen het voor sommige gebruikers een voorkeurskeuze." + ], + "commentSummary": [ + "Firefox-brukere møter utfordringer fra plattformer som YouTube, som kan med vilje forringe opplevelsen for ikke-Google-nettlesere eller brukere som benytter adblockere. - Denne trenden vekker bekymringer om brukernes autonomi, da den straffer de som velger en annonsefri og overvåkingsfri nettopplevelse. - Firefox tilbyr unike funksjoner, som container-faner, som forbedrer personvern og brukervennlighet, noe som gjør det til et foretrukket valg for brukere som søker uavhengighet fra store, bedriftskontrollerte nettlesere." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Sonos-CEO stapt op na debacle met app-update", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "De CEO van Sonos heeft ontslag genomen na een controversiële app-update die gebruikers dwong om dure geluidssystemen te vervangen, wat leidde tot ontevredenheid bij klanten. - De update introduceerde een cloud-gebaseerd systeem, waarmee werd afgestapt van het betrouwbare Universal Plug and Play (UPnP), wat leidde tot verbindingsproblemen en verhoogde complexiteit. - Deze situatie benadrukt het conflict tussen bedrijfsstrategieën en het behouden van klantvertrouwen, terwijl de CEO overgaat naar een adviserende rol met een ontslagvergoeding." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "De buik van de MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Het essay onderzoekt hoe het algoritme van YouTube invloed heeft op het maken van content, met MrBeast als casestudy, en benadrukt een verschuiving naar engagement-gedreven in plaats van betekenisvolle content. - Het bespreekt de bredere implicaties voor mediageletterdheid en de culturele impact van platforms zoals YouTube en TikTok, en suggereert een trend naar oppervlakkige en reactionaire content. - Verschillende perspectieven worden overwogen over de rol van algoritmen in het vormgeven van content en de invloed van populaire makers op culturele normen." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "GitHub Git-bewerkingen zijn niet beschikbaar", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub kreeg te maken met een storing in Git-operaties op 13 januari 2025, als gevolg van een configuratiewijziging die de interne load balancer beïnvloedde, en duurde van 23:35 tot 00:24 UTC. - Het probleem werd opgelost door de configuratiewijziging terug te draaien, en GitHub werkt aan het verbeteren van monitoring- en implementatieprocessen om soortgelijke incidenten te voorkomen. - De storing beïnvloedde ook de Actions- en Pages-diensten van GitHub, wat de onderling verbonden aard van hun platformdiensten benadrukt." + ], + "commentSummary": [ + "GitHub sto overfor et stort driftsavbrudd som påvirket git-operasjoner, noe som førte til forvirring blant utviklere som først mistenkte problemer med sine SSH-nøkler eller lokale konfigurasjoner. - Hendelsen understreket utfordringene ved å stole på sentraliserte tjenester, og førte til diskusjoner om fordelene ved selvhosting og desentraliserte systemer. - Selv om problemet ble løst, fremhevet det bekymringer om GitHubs pålitelighet og risikoene ved å være avhengig av tredjepartsplattformer for essensielle oppgaver." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 uitgebracht met ZFS raidz-uitbreiding", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 har blitt utgitt, og introduserer betydelige funksjoner som RAIDZ-utvidelse, rask deduplisering, direkte inn-/utdata, JSON-utdata og støtte for lange filnavn. - Utgivelsen inkluderer essensielle feilrettinger og ytelsesforbedringer, kompatibel med Linux-kjerner 4.18 - 6.12 og FreeBSD-versjoner 13.3, 14.0 - 14.2. - Oppdateringen er et samarbeid fra 134 bidragsytere, med omfattende dokumentasjon og en endringslogg tilgjengelig for gjennomgang." + ], + "commentSummary": [ + "ZFS 2.3 har blitt lansert, og introduserer funksjoner som RAIDZ-utvidelse, rask deduplisering, direkte IO, JSON-utdata og støtte for lange filnavn. - RAIDZ-utvidelse er spesielt bemerkelsesverdig da det lar brukere legge til nye enheter i en eksisterende RAIDZ-pool uten nedetid, noe som øker lagringskapasiteten. - Utgivelsen anses som et betydelig fremskritt for ZFS-brukere, og trekker sammenligninger med andre filsystemer som Btrfs og Windows Storage Spaces, til tross for noen begrensninger som manglende evne til å krympe pools." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Alpine, Ubuntu, Fedora og Arch containere som inneholder komplette skrivebordsmiljøer", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop biedt containers gebaseerd op Alpine, Ubuntu, Fedora en Arch met volledige desktopomgevingen die toegankelijk zijn via webbrowsers, en ondersteunt zowel x86-64 als arm64 architecturen.", + "Gebruikers kunnen kiezen uit verschillende desktopomgevingen zoals XFCE, KDE, MATE, i3, Openbox en IceWM door specifieke afbeeldingslabels te gebruiken en toegang te krijgen tot de Webtop via aangewezen URL's.", + "Beveiligingsfuncties omvatten Docker's seccomp-optie en authenticatie-instellingen, met aanpassingsmogelijkheden beschikbaar via omgevingsvariabelen, en ondersteuning voor GPU-versnelling met open-source stuurprogramma's." + ], + "commentSummary": [ + "Webtop biedt containers met volledige desktopomgevingen voor Alpine, Ubuntu, Fedora en Arch, geschikt voor snelle installaties achter een VPN.", + "Gebruikers prijzen Webtop voor zijn snelheid en gebruiksgemak, vooral wanneer het wordt gebruikt met de Gluetun-container voor veilige verbindingen, maar waarschuwen tegen het blootstellen van containers aan het internet zonder beveiligingsmaatregelen vanwege het ontbreken van standaardauthenticatie.", + "Het project wordt gewaardeerd omdat het open-source en flexibel is, waarbij gebruikers configuraties delen, en alternatieven zoals Kasm en Selkies worden opgemerkt voor soortgelijke doeleinden." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 op de 5 online vacatures is ofwel nep of wordt nooit ingevuld, blijkt uit onderzoek", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "Een recente studie wijst uit dat 20% van de online vacatures ofwel nep zijn of onvervuld blijven, wat bijdraagt aan de frustratie van werkzoekenden. - Deze trend van \"spookbanen\" kan een tactiek zijn voor bedrijven om een beeld van groei te projecteren. - Banenplatforms zoals Greenhouse en LinkedIn hebben diensten voor vacatureverificatie geïntroduceerd om gebruikers te helpen echte kansen te identificeren." + ], + "commentSummary": [ + "Een studie onthult dat 20% van de online vacatures ofwel nep zijn of onvervuld blijven, vaak omdat bedrijven moeten voldoen aan de Amerikaanse immigratiebeleid. - Bedrijven kunnen ook vacatures laten staan om ideale kandidaten te vinden, eisen te veranderen, of omdat ze al interne kandidaten hebben geselecteerd. - De arbeidsmarkt is moeilijk voor sollicitanten, die vaak te maken krijgen met ghosting en geautomatiseerde afwijzingen, wat oproept tot regelgevende interventie." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Een kruispunt onveilig maken voor voetgangers om seconden te besparen voor automobilisten", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Het debat draait om de vraag of kruispunten de veiligheid van voetgangers of de efficiëntie van bestuurders moeten prioriteren, waarbij sommigen de voorkeur geven aan lichtgeregelde kruispunten en voetgangersscrambles boven 4-wegstops.", + "De meningen over verkeerswetten en infrastructuurontwerp lopen uiteen, met discussies over de veiligheid van het oversteken buiten de oversteekplaats en de risico's die gepaard gaan met rechtsaf slaan bij rood licht.", + "Enkele pleiten voor alternatieve oplossingen zoals rotondes of het aannemen van Nederlandse verkeerskundige normen om zowel de veiligheid als de efficiëntie te verbeteren." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL is het Database Management Systeem van het Jaar 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL is bekroond met de titel DBMS van het Jaar 2024 door DB-Engines, en behaalt deze erkenning voor de vijfde keer, waarmee het 423 andere databasebeheersystemen overtreft.", + "PostgreSQL, med en historie som strekker seg over nesten 35 år, fortsetter å innovere, noe som ses i de nylige forbedringene av PostgreSQL 17, utgitt i september 2024.", + "Snowflake en Microsoft sikret seg henholdsvis andre- og tredjeplass, med Snowflake kjent for sin skybaserte datalagring og støtte for flere skyer, mens Microsoft tilbyr robuste administrerte relasjonsdatabaser gjennom Azure SQL Database og SQL Server." + ], + "commentSummary": [ + "PostgreSQL is bekroond met de titel Database Management System van het Jaar 2024 door db-engines.com, wat de groeiende populariteit en erkenning in de industrie benadrukt.", + "Gebruikers overwegen over te stappen van Microsoft SQL Server naar PostgreSQL vanwege de hoge licentiekosten en beperkingen in middelen, ondanks mogelijke migratie-uitdagingen.", + "PostgreSQL wordt geprefereerd vanwege zijn robuuste functies en kosteneffectiviteit, waardoor het een voorkeurskeuze is voor toekomstige projecten, hoewel sommige gebruikers alternatieven zoals Babelfish verkennen om kosten te verlagen." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "De OAuth-login van Google beschermt niet tegen het kopen van een mislukte startup-domein.", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "De discussie benadrukt een kwetsbaarheid in het OAuth-inlogsysteem van Google wanneer het domein van een mislukte startup wordt overgenomen door een nieuwe eigenaar, wat mogelijk ongeautoriseerde toegang tot diensten kan toestaan.", + "Dit probleem ontstaat omdat Google mogelijk geen onderscheid maakt tussen de oorspronkelijke en nieuwe domeineigenaren, wat van invloed is op elk systeem dat domeingebaseerde authenticatie gebruikt.", + "Een voorgestelde oplossing is om unieke identificatoren te gebruiken die constant blijven in de tijd, hoewel de implementatie van deze oplossing varieert tussen identiteitsaanbieders." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Codering gebruiken om passief inkomen te genereren", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "De auteur ging over van een CTO-rol naar een solopreneur en verdiende met succes meer door middel van een portfolio van softwareproducten.", + "Belangrijke strategieën omvatten het richten op diep werk, beginnen met kleine projecten, snel itereren en tijd besteden aan marketinginspanningen.", + "De reis benadrukt veerkracht vanwege onzekerheden, maar benadrukt de ongeëvenaarde autonomie en vrijheid van dit carrièrepad, en moedigt degenen met codeervaardigheden aan om het te overwegen voor passief inkomen." + ], + "commentSummary": [ + "Een gebruiker beschreef het genereren van passief inkomen via SEO-spamwebsites met behulp van verlopen domeinnamen, waarbij hij ongeveer $30.000 per jaar verdiende, ondanks ethische bezwaren en Google's uiteindelijke optreden.", + "De post veroorzaakte een debat over passief inkomen, waarbij sommige gebruikers betoogden dat het meer lijkt op het runnen van een bedrijf dan op echt passieve inkomsten.", + "Deelnemers deelden ervaringen en uitdagingen in nevenprojecten, waarbij ze het belang van tijd, veerkracht en strategische planning benadrukten." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Spanje stelt een belasting van 100% voor op woningen die door niet-EU-ingezetenen worden gekocht", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "Spanje overweegt een belasting van 100% op vastgoed aankopen door niet-EU ingezetenen, met als doel de woningcrisis aan te pakken en speculatieve aankopen te beperken.", + "Het voorstel van premier Pedro Sánchez omvat de uitbreiding van sociale huisvesting en het reguleren van toeristische verhuur om de kloof tussen woningprijzen en inkomens aan te pakken.", + "De fremtidige statusen til forslaget som lov er usikker, med noen analytikere som ser det som en avskrekkende faktor for utenlandske investorer snarere enn en garantert lovendring." + ], + "commentSummary": [ + "Spanje overweegt een belasting van 100% op woningen die door niet-EU-ingezetenen worden gekocht om problemen met betaalbaarheid van woningen aan te pakken. - Critici suggereren dat buitenlandse kopers niet de primaire oorzaak zijn van de hoge huizenprijzen, en wijzen op trage bureaucratie en bestemmingsplannen als belangrijkere factoren. - Het voorstel heeft een debat aangewakkerd over de rol van buitenlands eigendom in woningmarkten en de effectiviteit ervan bij het oplossen van betaalbaarheidsproblemen." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple zal binnenkort 'made in America'-chips ontvangen van TSMC's fabriek in Arizona", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple tester prosessorer fra TSMCs anlegg i Arizona, med planer om masseproduksjon innen første kvartal, og kan potensielt bli TSMCs første amerikanske kunde for lokalt produserte brikker. - Dette initiativet har som mål å styrke USAs silisiumuavhengighet, og redusere avhengigheten av Taiwan, som er sårbar for geopolitiske og naturlige risikoer. - TSMCs fabrikk i Arizona skal produsere avanserte 3nm og 2nm brikker, med pågående innsats for å forbedre lokal rekruttering og partnerskap med amerikanske universiteter, selv om pakking i utgangspunktet vil skje i Taiwan inntil anlegget i Peoria er operativt." + ], + "commentSummary": [ + "Apple vil motta brikker fra TSMCs fabrikk i Arizona, men de må sendes tilbake til Taiwan for pakking på grunn av utilstrekkelige fasiliteter i USA. - Over 50 % av arbeidsstyrken ved fabrikken i Arizona er fra Taiwan, noe som indikerer et gap i USAs STEM-felt (vitenskap, teknologi, ingeniørfag og matematikk). - CHIPS Act-initiativet, som har som mål å styrke USAs halvlederproduksjon, står overfor utfordringer ettersom \"Made in America\"-merket blir stilt spørsmål ved på grunn av pakkeprosessen som skjer i Taiwan, med planer om amerikanske pakkemuligheter innen 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43.000 færre sjåfører på veiene i Manhattan etter at veiprisene ble aktivert", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Na de invoering van tolheffing voor congestie was er een vermindering van 7,5% in het aantal bestuurders dat Manhattan onder 60th Street binnenreed, wat neerkomt op 43.000 minder bestuurders per weekdag.", + "De vermindering van het verkeer heeft de doorstroming verbeterd en de snelheid van bussen verhoogd, waarbij sommige snelbussen een hogere bezetting ervaren.", + "De Metropolitan Transportation Authority (MTA) gebruikt de tolinkomsten, geschat op $500 miljoen per jaar, voor verbeteringen in het openbaar vervoer, ondanks enige politieke tegenstand." + ], + "commentSummary": [ + "De implementatie van congestieheffing in Manhattan heeft geresulteerd in 43.000 minder automobilisten, wat heeft geleid tot hogere bussnelheden en mogelijk betere responstijden voor nooddiensten.", + "Het beleid is ontworpen om verkeersopstoppingen te verminderen en de luchtkwaliteit te verbeteren, hoewel het debat heeft aangewakkerd over de impact ervan op mensen met een lager inkomen.", + "Voorstanders beweren dat de voordelen efficiënter openbaar vervoer en schonere lucht omvatten, terwijl de discussies doorgaan over het balanceren van deze voordelen met de behoeften van automobilisten." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.nl.json b/records/2025-01-14/2025-01-14.nl.json new file mode 100644 index 000000000..57a0e8051 --- /dev/null +++ b/records/2025-01-14/2025-01-14.nl.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "En Snyk-sikkerhetsforsker distribuerer ondsinnede NPM-pakker rettet mot cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "En Snyk-sikkerhetsforsker ga ut ondsinnede NPM-pakker rettet mot Cursor.com, et AI-kodingsselskap, for å samle systemdata og sende dem til en angriperstyrt tjeneste.", + "Pakker, identifisert som \"cursor-retrieval,\" \"cursor-always-local,\" og \"cursor-shadow-workspace,\" ble flagget av OpenSSF-pakkeanalyseskanneren, noe som resulterte i rådgivninger MAL-2025-27, MAL-2025-28, og MAL-2025-29.", + "Denne hendelsen understreker viktigheten av å granske NPM-pakker før installasjon for å unngå potensielle sikkerhetstrusler." + ], + "commentSummary": [ + "En Snyk-sikkerhetsforsker ga ut ondsinnede NPM (Node Package Manager) pakker rettet mot cursor.com, og fremhevet sårbarheter knyttet til avhengighetsforvirring. - Hendelsen har utløst en debatt om etikken i sikkerhetsforskning, spesielt med hensyn til offentlig eksponering av miljøvariabler. - Cursor.com presiserte at de ikke autoriserte handlingen, og Snyk har siden beklaget, noe som understreker utfordringene med å balansere offensiv sikkerhetsforskning med etiske standarder." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "Jeg byttet til Firefox og har aldri sett meg tilbake", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox blir rost for sin overlegne fanebehandling, innebygde Pocket-funksjon for å lagre lenker, og en personvernfokusert e-postvideresending, noe som gjør det til et sterkt alternativ til Chrome. - Ytterligere funksjoner som et brukervennlig skjermbildeverktøy, en ChatGPT-knapp, bilde-i-bilde, tilpassbare søkealternativer og jevn rulling forbedrer nettleseropplevelsen. - Selv om Firefox mangler Chromes webapp-funksjon, gjør dens gjennomtenkte design og reduserte ressurskrav det til et foretrukket valg for noen brukere." + ], + "commentSummary": [ + "Firefox-brukere møter utfordringer fra plattformer som YouTube, som kan med vilje forringe opplevelsen for ikke-Google-nettlesere eller brukere som benytter annonseblokkere. - Denne trenden vekker bekymring for brukernes autonomi, da den straffer de som velger en annonsefri og overvåkingsfri nettopplevelse. - Firefox tilbyr unike funksjoner, som containerfaner, som forbedrer personvern og brukervennlighet, noe som gjør det til et foretrukket valg for brukere som søker uavhengighet fra store selskapskontrollerte nettlesere." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Sonos-sjef går av etter appoppdateringsfiasko", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Sonos-sjefen har trukket seg etter en kontroversiell appoppdatering som krevde at brukerne måtte erstatte kostbare lydsystemer, noe som førte til misnøye blant kundene. - Oppdateringen introduserte et skybasert system, som gikk bort fra det pålitelige Universal Plug and Play (UPnP), noe som førte til tilkoblingsproblemer og økt kompleksitet. - Denne situasjonen understreker konflikten mellom forretningsstrategier og opprettholdelse av kundetillit, ettersom administrerende direktør går over i en rådgivende rolle med en sluttpakke." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "i magen til MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Essayet undersøker hvordan YouTubes algoritme påvirker innholdsskaping, ved å bruke MrBeast som en case-studie, og fremhever et skifte mot engasjementsdrevet snarere enn meningsfullt innhold. - Det diskuterer de bredere implikasjonene for mediekunnskap og den kulturelle påvirkningen av plattformer som YouTube og TikTok, og antyder en trend mot overfladisk og reaksjonært innhold. - Ulike perspektiver vurderes på algoritmenes rolle i å forme innhold og innflytelsen av populære skapere på kulturelle normer." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "GitHub Git-operasjoner er nede", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub opplevde et driftsavbrudd for Git-operasjoner den 13. januar 2025, på grunn av en konfigurasjonsendring som påvirket den interne lastbalansereren, og varte fra 23:35 til 00:24 UTC. - Problemet ble løst ved å tilbakestille konfigurasjonsendringen, og GitHub jobber med å forbedre overvåkings- og distribusjonsprosessene for å forhindre lignende hendelser. - Avbruddet påvirket også GitHubs Actions- og Pages-tjenester, noe som fremhever den sammenkoblede naturen til deres plattformtjenester." + ], + "commentSummary": [ + "GitHub opplevde et stort driftsavbrudd som påvirket git-operasjoner, noe som førte til forvirring blant utviklere som først mistenkte problemer med sine SSH-nøkler eller lokale konfigurasjoner. - Hendelsen understreket utfordringene ved å stole på sentraliserte tjenester, og førte til diskusjoner om fordelene med selvhosting og desentraliserte systemer. - Selv om problemet ble løst, fremhevet det bekymringer om GitHubs pålitelighet og risikoene ved å være avhengig av tredjepartsplattformer for viktige oppgaver." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 utgitt med ZFS raidz-utvidelse", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 is uitgebracht en introduceert belangrijke functies zoals RAIDZ-uitbreiding, snelle deduplicatie, directe invoer/uitvoer, JSON-uitvoer en ondersteuning voor lange bestandsnamen. - De release bevat essentiële bugfixes en prestatieverbeteringen, compatibel met Linux-kernels 4.18 - 6.12 en FreeBSD-versies 13.3, 14.0 - 14.2. - De update is een gezamenlijke inspanning van 134 bijdragers, met uitgebreide documentatie en een wijzigingslogboek beschikbaar voor inzage." + ], + "commentSummary": [ + "ZFS 2.3 is uitgebracht en introduceert functies zoals RAIDZ-uitbreiding, snelle deduplicatie, directe IO, JSON-uitvoer en ondersteuning voor lange bestandsnamen. - RAIDZ-uitbreiding is bijzonder opmerkelijk omdat het gebruikers in staat stelt om nieuwe apparaten toe te voegen aan een bestaande RAIDZ-pool zonder downtime, waardoor de opslagcapaciteit wordt vergroot. - De release wordt beschouwd als een belangrijke vooruitgang voor ZFS-gebruikers, met vergelijkingen met andere bestandssystemen zoals Btrfs en Windows Storage Spaces, ondanks enkele beperkingen zoals het onvermogen om pools te verkleinen." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Alpine, Ubuntu, Fedora og Arch containere som inneholder komplette skrivebordsmiljøer", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop tilbyr containere basert på Alpine, Ubuntu, Fedora og Arch med komplette skrivebordsmiljøer som er tilgjengelige gjennom nettlesere, og støtter både x86-64 og arm64 arkitekturer.", + "Brukere kan velge mellom ulike skrivebordsmiljøer som XFCE, KDE, MATE, i3, Openbox og IceWM ved å bruke spesifikke bildetagger, og få tilgang til Webtop via angitte URL-er.", + "SIkkershetsfunksjoner inkluderer Dockers seccomp-alternativ og autentiseringsoppsett, med tilpasningsmuligheter tilgjengelig gjennom miljøvariabler, og støtte for GPU-akselerasjon med åpen kildekode-drivere." + ], + "commentSummary": [ + "Webtop tilbyr containere med komplette skrivebordsmiljøer for Alpine, Ubuntu, Fedora og Arch, egnet for raske oppsett bak en VPN.", + "Brukere roser Webtop for hastigheten og brukervennligheten, spesielt når det brukes med Gluetun-containeren for sikre tilkoblinger, men advarer mot å eksponere containere for internett uten sikkerhetstiltak på grunn av manglende standardautentisering.", + "Prosjektet er verdsatt for å være åpen kildekode og fleksibelt, med brukere som deler konfigurasjoner, og alternativer som Kasm og Selkies er kjent for lignende formål." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 av 5 nettbaserte stillingsannonser er enten falske eller aldri fylt, ifølge en studie", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "En nylig studie indikerer at 20 % av nettbaserte stillingsannonser enten er falske eller forblir ubesatte, noe som øker frustrasjonen blant jobbsøkere. - Denne \"spøkelsesjobb\"-trenden kan være en taktikk for selskaper for å projisere et bilde av vekst. - Jobbplattformer som Greenhouse og LinkedIn har introdusert jobbverifiseringstjenester for å hjelpe brukere med å identifisere ekte jobbmuligheter." + ], + "commentSummary": [ + "En studie avslører at 20 % av nettbaserte stillingsannonser enten er falske eller forblir ubesatte, ofte fordi selskaper må overholde amerikanske immigrasjonsregler. - Selskaper kan også la stillingsannonser stå for å finne ideelle kandidater, endre krav eller ha forhåndsvalgte interne kandidater. - Arbeidsmarkedet er vanskelig for søkere, som ofte opplever ghosting og automatiserte avslag, noe som fører til krav om regulerende inngrep." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Å gjøre et veikryss utrygt for fotgjengere for å spare sekunder for bilister", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Debatten dreier seg om hvorvidt kryss skal prioritere fotgjengersikkerhet eller sjåføreffektivitet, med noen som foretrekker lysregulerte kryss og fotgjengerfelt fremfor 4-veis stopp.", + "Meningen varierer om trafikklover og infrastrukturdesign, med diskusjoner om sikkerheten ved å krysse gaten utenfor gangfelt og risikoene forbundet med å svinge til høyre på rødt lys.", + "Enkelte taler for alternative løsninger som rundkjøringer eller å ta i bruk nederlandske trafikkingeniørstandarder for å forbedre både sikkerhet og effektivitet." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL er Database Management System of the Year 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL har blitt tildelt prisen DBMS of the Year 2024 av DB-Engines, og oppnår denne anerkjennelsen for femte gang, og overgår 423 andre databasehåndteringssystemer.", + "PostgreSQL, med en historie som strekker seg over nesten 35 år, fortsetter å innovere, som sett i de nylige forbedringene av PostgreSQL 17, utgitt i september 2024.", + "Snowflake og Microsoft sikret seg henholdsvis andre og tredje plass, med Snowflake kjent for sin skybaserte datalagring og støtte for flere skyer, mens Microsoft tilbyr robuste administrerte relasjonsdatabaser gjennom Azure SQL Database og SQL Server." + ], + "commentSummary": [ + "PostgreSQL har blitt tildelt prisen for Database Management System of the Year 2024 av db-engines.com, noe som fremhever dens økende popularitet og anerkjennelse i bransjen.", + "Brukere vurderer å bytte fra Microsoft SQL Server til PostgreSQL på grunn av høye lisenskostnader og ressursbegrensninger, til tross for potensielle migrasjonsutfordringer.", + "PostgreSQL er foretrukket for sine robuste funksjoner og kostnadseffektivitet, noe som gjør det til et foretrukket valg for fremtidige prosjekter, selv om noen brukere utforsker alternativer som Babelfish for å redusere kostnader." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Googles OAuth-pålogging beskytter ikke mot kjøp av et mislykket oppstartsdomenenavn", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Diskusjonen fremhever en sårbarhet i Googles OAuth-påloggingssystem når et mislykket oppstartsdomene blir kjøpt opp av en ny eier, noe som potensielt kan tillate uautorisert tilgang til tjenester.", + "Dette problemet oppstår fordi Google kanskje ikke skiller mellom de opprinnelige og nye domeneeierne, noe som påvirker ethvert system som bruker domenebasert autentisering.", + "En foreslått løsning er å bruke unike identifikatorer som forblir konstante over tid, selv om implementeringen av denne løsningen varierer blant identitetsleverandører." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Bruke kodingsevner for å tjene passiv inntekt", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "Forfatteren gikk fra en CTO-rolle til å bli en soloprenør, og tjente suksessfullt mer gjennom en portefølje av programvareprodukter.", + "Viktige strategier inkluderer å fokusere på dypt arbeid, starte med små prosjekter, iterere raskt og dedikere tid til markedsføringsinnsats.", + "Reisen understreker motstandskraft på grunn av usikkerheter, men fremhever den uovertrufne autonomien og friheten i denne karriereveien, og oppmuntrer de med kodingferdigheter til å vurdere den for passiv inntekt." + ], + "commentSummary": [ + "En bruker beskrev hvordan de genererte passiv inntekt gjennom SEO-spam-nettsteder ved å bruke utløpende domenenavn, og tjente omtrent $30 000 årlig, til tross for etiske bekymringer og Googles eventuelle nedslag.", + "Innlegget utløste en debatt om passiv inntekt, der noen brukere hevdet at det ligner mer på å drive en virksomhet enn virkelig passive inntekter.", + "Deltakerne delte erfaringer og utfordringer i sideprosjekter, og fremhevet viktigheten av tid, motstandskraft og strategisk planlegging." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Spania foreslår 100 % skatt på boliger kjøpt av ikke-EU-bosatte", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "Spania vurderer en 100 % skatt på eiendomskjøp av ikke-EU-bosatte, med mål om å løse boligkrisen og dempe spekulative kjøp.", + "Statsminister Pedro Sánchez sitt forslag inkluderer å utvide sosial boligbygging og regulere turistutleie for å takle forskjellen mellom boligpriser og inntekter.", + "Forslagets fremtid som lov er usikker, med noen analytikere som ser det som en avskrekkende faktor for utenlandske investorer snarere enn en garantert lovendring." + ], + "commentSummary": [ + "Spania vurderer en 100 % skatt på boliger kjøpt av ikke-EU-borgere for å takle problemer med boligoverkommelighet. - Kritikere antyder at utenlandske kjøpere ikke er den primære årsaken til høye boligpriser, og peker på treg byråkrati og reguleringslover som mer betydelige faktorer. - Forslaget har utløst en debatt om rollen til utenlandsk eierskap i boligmarkedene og dets effektivitet i å løse overkommelighetsproblemer." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple vil snart motta 'laget i Amerika'-brikker fra TSMCs fabrikk i Arizona", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple tester prosessorer fra TSMCs anlegg i Arizona, med planer om masseproduksjon innen første kvartal, og kan potensielt bli TSMCs første amerikanske kunde for lokalt produserte brikker. - Dette initiativet har som mål å styrke USAs silisiumuavhengighet, og redusere avhengigheten av Taiwan, som er sårbar for geopolitiske og naturlige risikoer. - TSMCs fabrikk i Arizona skal produsere avanserte 3nm og 2nm brikker, med pågående innsats for å forbedre lokal rekruttering og partnerskap med amerikanske universiteter, selv om pakking i utgangspunktet vil skje i Taiwan inntil anlegget i Peoria er operativt." + ], + "commentSummary": [ + "Apple vil motta brikker fra TSMCs anlegg i Arizona, men de må sendes tilbake til Taiwan for pakking på grunn av utilstrekkelige fasiliteter i USA. - Over 50 % av arbeidsstyrken ved anlegget i Arizona er fra Taiwan, noe som indikerer et gap i USAs STEM-felt (vitenskap, teknologi, ingeniørfag og matematikk). - CHIPS Act-initiativet, som har som mål å styrke USAs halvlederproduksjon, står overfor utfordringer ettersom \"Made in America\"-merket blir stilt spørsmål ved på grunn av pakkeprosessen som skjer i Taiwan, med planer om amerikanske pakkemuligheter innen 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43 000 færre sjåfører på veiene i Manhattan etter at veiprisene ble aktivert", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Etter at veiprising ble implementert, var det en reduksjon på 7,5 % i antall sjåfører som kjørte inn i Manhattan sør for 60th Street, noe som tilsvarer 43 000 færre sjåfører hver ukedag.", + "Reduksjonen i trafikken har forbedret trafikkflyten og økt bussfartene, med noen ekspressbusser som opplever høyere passasjertall.", + "Metropolitan Transportation Authority (MTA) bruker inntektene fra bompenger, anslått til 500 millioner dollar årlig, til forbedringer av kollektivtransport, til tross for en viss politisk motstand." + ], + "commentSummary": [ + "Implementeringen av køprising i Manhattan har resultert i 43 000 færre sjåfører, noe som har ført til økte busshastigheter og potensielt bedre responstider for nødetatene.", + "Politikken er utformet for å redusere trafikkbelastning og forbedre luftkvaliteten, selv om den har utløst debatt om dens innvirkning på personer med lavere inntekt.", + "Forkjempere hevder at fordelene inkluderer mer effektiv kollektivtransport og renere luft, mens diskusjonene fortsetter om å balansere disse fordelene med behovene til sjåfører." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.pl.json b/records/2025-01-14/2025-01-14.pl.json new file mode 100644 index 000000000..e825b6738 --- /dev/null +++ b/records/2025-01-14/2025-01-14.pl.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "„Badacz ds. bezpieczeństwa z firmy Snyk wdraża złośliwe pakiety NPM, które są wymierzone w cursor.com”", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "„Badacz ds. bezpieczeństwa z firmy Snyk opublikował złośliwe pakiety NPM, które były wymierzone w Cursor.com, firmę zajmującą się kodowaniem AI, w celu zbierania danych systemowych i wysyłania ich do usługi kontrolowanej przez atakującego.”", + "„Pakiety, zidentyfikowane jako „cursor-retrieval”, „cursor-always-local” i „cursor-shadow-workspace”, zostały oznaczone przez skaner analizy pakietów OpenSSF, co skutkowało wydaniem ostrzeżeń MAL-2025-27, MAL-2025-28 i MAL-2025-29.”", + "„Ten incydent podkreśla znaczenie dokładnego sprawdzania pakietów NPM przed instalacją, aby uniknąć potencjalnych zagrożeń bezpieczeństwa.”" + ], + "commentSummary": [ + "„Badacz bezpieczeństwa z firmy Snyk opublikował złośliwe pakiety NPM (Node Package Manager) skierowane na cursor.com, podkreślając podatności związane z zamieszaniem w zależnościach. - Incydent wywołał debatę na temat etyki badań bezpieczeństwa, szczególnie w kontekście publicznego ujawniania zmiennych środowiskowych. - Cursor.com wyjaśniło, że nie autoryzowali tego działania, a Snyk przeprosił, podkreślając wyzwania związane z równoważeniem ofensywnych badań bezpieczeństwa z normami etycznymi.”" + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "„Przeszedłem na Firefox i nigdy nie oglądałem się za siebie”", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "„Firefox jest chwalony za doskonałe zarządzanie kartami, wbudowaną funkcję Pocket do zapisywania linków oraz skoncentrowany na prywatności przekaźnik e-mail, co czyni go silną alternatywą dla Chrome. - Dodatkowe funkcje, takie jak przyjazne dla użytkownika narzędzie do zrzutów ekranu, przycisk ChatGPT, tryb Picture-in-Picture, konfigurowalne opcje wyszukiwania i płynne przewijanie, poprawiają wrażenia z przeglądania. - Chociaż Firefox nie ma funkcji aplikacji internetowych Chrome, jego przemyślany design i zmniejszone zapotrzebowanie na zasoby sprawiają, że jest preferowanym wyborem dla niektórych użytkowników.”" + ], + "commentSummary": [ + "„Użytkownicy Firefoksa napotykają trudności ze strony platform takich jak YouTube, które mogą celowo pogarszać doświadczenie dla przeglądarek innych niż Google lub użytkowników korzystających z blokad reklam. - Ten trend budzi obawy dotyczące autonomii użytkowników, ponieważ karze tych, którzy wybierają internet bez reklam i nadzoru. - Firefox oferuje unikalne funkcje, takie jak karty kontenerowe, które zwiększają prywatność i użyteczność, czyniąc go ulubionym wyborem dla użytkowników poszukujących niezależności od przeglądarek kontrolowanych przez duże korporacje.”" + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "„Dyrektor generalny Sonos rezygnuje po fiasku aktualizacji aplikacji”", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„CEO firmy Sonos zrezygnował po kontrowersyjnej aktualizacji aplikacji, która wymagała od użytkowników wymiany kosztownych systemów dźwiękowych, co spowodowało niezadowolenie klientów. - Aktualizacja wprowadziła system oparty na chmurze, odchodząc od niezawodnego Universal Plug and Play (UPnP), co doprowadziło do problemów z łącznością i zwiększonej złożoności. - Ta sytuacja podkreśla konflikt między strategiami biznesowymi a utrzymaniem zaufania klientów, gdy CEO przechodzi do roli doradczej z pakietem odprawowym.”" + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "„W brzuchu MrBeast”", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Esej bada, w jaki sposób algorytm YouTube wpływa na tworzenie treści, używając MrBeast jako studium przypadku, podkreślając przesunięcie w kierunku treści napędzanych zaangażowaniem, a nie znaczących. - Omawia szersze implikacje dla edukacji medialnej i wpływ kulturowy platform takich jak YouTube i TikTok, sugerując trend w kierunku powierzchownych i reakcyjnych treści. - Rozważane są różne perspektywy na temat roli algorytmów w kształtowaniu treści oraz wpływu popularnych twórców na normy kulturowe.”" + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "„Operacje Git na GitHubie są niedostępne”", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "„GitHub doświadczył awarii operacji Git 13 stycznia 2025 roku z powodu zmiany konfiguracji wpływającej na wewnętrzny load balancer, trwającej od 23:35 do 00:24 UTC. - Problem został rozwiązany poprzez cofnięcie zmiany konfiguracji, a GitHub pracuje nad poprawą procesów monitorowania i wdrażania, aby zapobiec podobnym incydentom. - Awaria wpłynęła również na usługi GitHub Actions i Pages, co podkreśla wzajemne powiązania ich usług platformowych.”" + ], + "commentSummary": [ + "„GitHub doświadczył poważnej awarii wpływającej na operacje git, co spowodowało zamieszanie wśród deweloperów, którzy początkowo podejrzewali problemy z kluczami SSH lub lokalnymi konfiguracjami. - Incydent ten podkreślił wyzwania związane z poleganiem na scentralizowanych usługach, wywołując dyskusje na temat zalet hostingu własnego i systemów zdecentralizowanych. - Chociaż problem został rozwiązany, uwydatnił obawy dotyczące niezawodności GitHub i ryzyka związanego z poleganiem na platformach zewnętrznych do wykonywania kluczowych zadań.”" + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "„ZFS 2.3 wydany z rozszerzeniem ZFS raidz”", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "„OpenZFS 2.3.0 został wydany, wprowadzając znaczące funkcje, takie jak rozszerzenie RAIDZ, szybka deduplikacja, bezpośrednie wejście/wyjście, wyjście w formacie JSON oraz obsługa długich nazw plików. - Wydanie zawiera istotne poprawki błędów i ulepszenia wydajności, kompatybilne z jądrami Linuxa 4.18 - 6.12 oraz wersjami FreeBSD 13.3, 14.0 - 14.2. - Aktualizacja jest wynikiem współpracy 134 współtwórców, z dostępną obszerną dokumentacją i dziennikiem zmian do wglądu.”" + ], + "commentSummary": [ + "„ZFS 2.3 został wydany, wprowadzając funkcje takie jak rozszerzenie RAIDZ, szybka deduplikacja, bezpośrednie IO, wyjście JSON i obsługa długich nazw plików. - Rozszerzenie RAIDZ jest szczególnie godne uwagi, ponieważ pozwala użytkownikom na dodawanie nowych urządzeń do istniejącej puli RAIDZ bez przestojów, zwiększając pojemność magazynową. - Wydanie to jest uważane za znaczący postęp dla użytkowników ZFS, porównywane z innymi systemami plików, takimi jak Btrfs i Windows Storage Spaces, pomimo pewnych ograniczeń, takich jak niemożność zmniejszenia puli.”" + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "„Webtop – kontenery Alpine, Ubuntu, Fedora i Arch zawierające pełne środowiska desktopowe”", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "„Linuxserver/webtop dostarcza kontenery oparte na Alpine, Ubuntu, Fedora i Arch z pełnymi środowiskami graficznymi dostępnymi przez przeglądarki internetowe, obsługującymi zarówno architektury x86-64, jak i arm64.”", + "„Użytkownicy mogą wybierać spośród różnych środowisk pulpitu, takich jak XFCE, KDE, MATE, i3, Openbox i IceWM, używając określonych tagów obrazów, oraz uzyskiwać dostęp do Webtop za pośrednictwem wyznaczonych adresów URL.”", + "„Funkcje zabezpieczeń obejmują opcję seccomp Dockera i konfigurację uwierzytelniania, z możliwością dostosowania poprzez zmienne środowiskowe oraz wsparcie dla akceleracji GPU z użyciem sterowników open-source.”" + ], + "commentSummary": [ + "„Webtop dostarcza kontenery z pełnymi środowiskami desktopowymi dla Alpine, Ubuntu, Fedora i Arch, odpowiednie do szybkich konfiguracji za VPN.”", + "„Użytkownicy chwalą Webtop za jego szybkość i łatwość obsługi, szczególnie w połączeniu z kontenerem Gluetun dla bezpiecznych połączeń, ale ostrzegają przed wystawianiem kontenerów na internet bez środków bezpieczeństwa z powodu braku domyślnego uwierzytelniania.”", + "„Projekt jest ceniony za to, że jest open-source i elastyczny, a użytkownicy dzielą się konfiguracjami, a alternatywy takie jak Kasm i Selkies są zauważane w podobnych celach.”" + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "„1 na 5 ofert pracy online jest albo fałszywa, albo nigdy nie zostaje obsadzona, jak wynika z badania”", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "„Niedawne badanie wskazuje, że 20% ofert pracy online jest albo fałszywych, albo pozostaje nieobsadzonych, co zwiększa frustrację osób poszukujących pracy. - Ten trend „widmowych ofert pracy” może być taktyką firm mającą na celu kreowanie wizerunku wzrostu. - Platformy pracy, takie jak Greenhouse i LinkedIn, wprowadziły usługi weryfikacji ofert pracy, aby pomóc użytkownikom w identyfikacji prawdziwych możliwości zatrudnienia.”" + ], + "commentSummary": [ + "„Badanie ujawnia, że 20% ofert pracy online jest albo fałszywych, albo pozostaje nieobsadzonych, często z powodu konieczności spełnienia przez firmy amerykańskich przepisów imigracyjnych. - Firmy mogą również pozostawiać oferty pracy, aby znaleźć idealnych kandydatów, zmieniać wymagania lub mieć wcześniej wybranych wewnętrznych kandydatów. - Rynek pracy jest trudny dla aplikantów, którzy często napotykają na brak odpowiedzi i automatyczne odrzucenia, co skłania do wezwania do interwencji regulacyjnej.”" + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "„Uczynienie skrzyżowania niebezpiecznym dla pieszych, aby zaoszczędzić sekundy dla kierowców”", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Debata koncentruje się wokół tego, czy skrzyżowania powinny priorytetowo traktować bezpieczeństwo pieszych czy efektywność kierowców, przy czym niektórzy preferują skrzyżowania z sygnalizacją świetlną i przejścia dla pieszych nad skrzyżowaniami z czterema znakami stopu.”", + "„Opinie na temat przepisów drogowych i projektowania infrastruktury są różne, a dyskusje dotyczą bezpieczeństwa przechodzenia na czerwonym świetle oraz ryzyka związanego z prawoskrętami na czerwonym świetle.”", + "„Niektórzy opowiadają się za alternatywnymi rozwiązaniami, takimi jak ronda lub przyjęcie holenderskich standardów inżynierii ruchu drogowego, aby zwiększyć zarówno bezpieczeństwo, jak i efektywność.”" + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "„PostgreSQL jest Systemem Zarządzania Bazą Danych Roku 2024”", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "„PostgreSQL został nagrodzony tytułem DBMS Roku 2024 przez DB-Engines, zdobywając to wyróżnienie po raz piąty, przewyższając 423 inne systemy zarządzania bazami danych.”", + "„PostgreSQL, z historią sięgającą niemal 35 lat, nadal wprowadza innowacje, co widać w ostatnich usprawnieniach PostgreSQL 17, wydanych we wrześniu 2024 roku.”", + "„Snowflake i Microsoft zajęły odpowiednio drugie i trzecie miejsce, przy czym Snowflake wyróżnia się magazynowaniem danych w chmurze i wsparciem dla wielu chmur, podczas gdy Microsoft oferuje solidne zarządzane relacyjne bazy danych za pośrednictwem Azure SQL Database i SQL Server.”" + ], + "commentSummary": [ + "„PostgreSQL został nagrodzony tytułem Systemu Zarządzania Bazą Danych Roku 2024 przez db-engines.com, co podkreśla jego rosnącą popularność i uznanie w branży.”", + "„Użytkownicy rozważają przejście z Microsoft SQL Server na PostgreSQL z powodu wysokich kosztów licencji i ograniczeń zasobów, pomimo potencjalnych wyzwań związanych z migracją.”", + "„PostgreSQL jest ceniony za swoje solidne funkcje i opłacalność, co czyni go preferowanym wyborem dla przyszłych projektów, chociaż niektórzy użytkownicy rozważają alternatywy, takie jak Babelfish, aby obniżyć koszty.”" + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "„Logowanie OAuth Google nie chroni przed zakupem domeny upadłego startupu”", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Dyskusja podkreśla lukę w systemie logowania OAuth Google, gdy domena nieudanej firmy startupowej zostaje przejęta przez nowego właściciela, co potencjalnie umożliwia nieautoryzowany dostęp do usług.”", + "„Ten problem pojawia się, ponieważ Google może nie rozróżniać między oryginalnymi a nowymi właścicielami domen, co wpływa na każdy system korzystający z uwierzytelniania opartego na domenie.”", + "„Proponowanym rozwiązaniem jest użycie unikalnych identyfikatorów, które pozostają niezmienne w czasie, chociaż wdrożenie tego rozwiązania różni się w zależności od dostawców tożsamości.”" + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "„Wykorzystywanie umiejętności kodowania do generowania pasywnego dochodu”", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "„Autor przeszedł z roli CTO do solopreneur, z powodzeniem zarabiając więcej dzięki portfolio produktów software'owych.”", + "„Kluczowe strategie obejmują skupienie się na głębokiej pracy, rozpoczynanie od małych projektów, szybkie iterowanie oraz poświęcanie czasu na działania marketingowe.”", + "„Podróż podkreśla odporność w obliczu niepewności, ale uwydatnia niezrównaną autonomię i wolność tej ścieżki kariery, zachęcając osoby z umiejętnościami kodowania do rozważenia jej jako źródła pasywnego dochodu.”" + ], + "commentSummary": [ + "„Użytkownik opisał generowanie pasywnego dochodu poprzez strony spamowe SEO, wykorzystując wygasające nazwy domen, zarabiając około 30 tys. dolarów rocznie, pomimo obaw etycznych i ostatecznego rozprawienia się Google.”", + "„Post wywołał debatę na temat dochodu pasywnego, z niektórymi użytkownikami argumentującymi, że jest to bardziej zbliżone do prowadzenia biznesu niż do prawdziwie pasywnych zarobków.”", + "„Uczestnicy dzielili się doświadczeniami i wyzwaniami związanymi z projektami pobocznymi, podkreślając znaczenie czasu, odporności i strategicznego planowania.”" + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "„Hiszpania proponuje 100% podatek od domów kupowanych przez mieszkańców spoza UE”", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "„Hiszpania rozważa wprowadzenie 100% podatku od zakupu nieruchomości przez mieszkańców spoza UE, mając na celu rozwiązanie kryzysu mieszkaniowego i ograniczenie spekulacyjnych zakupów.”", + "„Propozycja premiera Pedro Sáncheza obejmuje rozszerzenie zasobów mieszkań socjalnych oraz regulację wynajmu turystycznego w celu rozwiązania problemu dysproporcji między cenami mieszkań a dochodami.”", + "„Przyszłość propozycji jako prawa jest niepewna, a niektórzy analitycy postrzegają ją jako czynnik odstraszający zagranicznych inwestorów, a nie jako gwarantowaną zmianę legislacyjną.”" + ], + "commentSummary": [ + "„Hiszpania rozważa wprowadzenie 100% podatku na domy kupowane przez mieszkańców spoza UE, aby rozwiązać problemy z dostępnością mieszkań. - Krytycy sugerują, że zagraniczni nabywcy nie są główną przyczyną wysokich cen mieszkań, wskazując na powolną biurokrację i przepisy dotyczące zagospodarowania przestrzennego jako bardziej znaczące czynniki. - Propozycja wywołała debatę na temat roli zagranicznej własności na rynkach mieszkaniowych i jej skuteczności w rozwiązywaniu problemów z dostępnością.”" + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "„Apple wkrótce otrzyma 'wyprodukowane w Ameryce' chipy z fabryki TSMC w Arizonie”", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "„Apple testuje procesory z zakładu TSMC w Arizonie, planując masową produkcję do pierwszego kwartału, co może uczynić Apple pierwszym amerykańskim klientem TSMC dla lokalnie produkowanych chipów. - Inicjatywa ta ma na celu wzmocnienie niezależności USA w zakresie produkcji krzemu, zmniejszając zależność od Tajwanu, który jest narażony na ryzyko geopolityczne i naturalne. - Fabryka TSMC w Arizonie ma produkować zaawansowane chipy 3nm i 2nm, z trwającymi wysiłkami na rzecz zwiększenia lokalnej rekrutacji i współpracy z amerykańskimi uniwersytetami, chociaż pakowanie początkowo będzie odbywać się na Tajwanie, dopóki zakład w Peorii nie będzie operacyjny.”" + ], + "commentSummary": [ + "„Apple będzie otrzymywać chipy z fabryki TSMC w Arizonie, ale muszą one zostać odesłane do Tajwanu w celu pakowania z powodu niewystarczających amerykańskich obiektów. - Ponad 50% siły roboczej w fabryce w Arizonie pochodzi z Tajwanu, co wskazuje na lukę w amerykańskim sektorze STEM (nauka, technologia, inżynieria i matematyka). - Inicjatywa CHIPS Act, mająca na celu wzmocnienie amerykańskiej produkcji półprzewodników, napotyka wyzwania, ponieważ etykieta „Made in America” jest kwestionowana z powodu procesu pakowania odbywającego się na Tajwanie, z planami na amerykańskie możliwości pakowania do 2027 roku.”" + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "„43 tysiące mniej kierowców na drogach Manhattanu po wprowadzeniu opłat za wjazd do centrum”", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "„Po wprowadzeniu opłat za wjazd do centrum, liczba kierowców wjeżdżających do Manhattanu poniżej 60. ulicy zmniejszyła się o 7,5%, co oznacza 43 000 mniej kierowców każdego dnia roboczego.”", + "„Zmniejszenie ruchu poprawiło płynność ruchu i zwiększyło prędkości autobusów, a niektóre autobusy ekspresowe odnotowały większą liczbę pasażerów.”", + "„Metropolitan Transportation Authority (MTA) wykorzystuje wpływy z opłat drogowych, szacowane na 500 milionów dolarów rocznie, na poprawę transportu, pomimo pewnego sprzeciwu politycznego.”" + ], + "commentSummary": [ + "„Wprowadzenie opłat za wjazd do zatłoczonych obszarów na Manhattanie spowodowało zmniejszenie liczby kierowców o 43 000, co przyczyniło się do zwiększenia prędkości autobusów i potencjalnie lepszych czasów reakcji służb ratunkowych.”", + "„Polityka ta ma na celu zmniejszenie zatorów drogowych i poprawę jakości powietrza, choć wywołała debatę na temat jej wpływu na osoby o niższych dochodach.”", + "„Zwolennicy twierdzą, że korzyści obejmują bardziej efektywny transport publiczny i czystsze powietrze, podczas gdy trwają dyskusje na temat równoważenia tych zalet z potrzebami kierowców.”" + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.pt.json b/records/2025-01-14/2025-01-14.pt.json new file mode 100644 index 000000000..ef95bced9 --- /dev/null +++ b/records/2025-01-14/2025-01-14.pt.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "Pesquisador de segurança da Snyk implanta pacotes NPM maliciosos visando cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "A Snyk, uma pesquisadora de segurança, lançou pacotes NPM maliciosos visando a Cursor.com, uma empresa de codificação de IA, para coletar dados do sistema e enviá-los para um serviço controlado por um atacante.", + "As pacotes, identificados como \"cursor-retrieval\", \"cursor-always-local\" e \"cursor-shadow-workspace\", foram sinalizados pelo scanner de análise de pacotes OpenSSF, resultando nos avisos MAL-2025-27, MAL-2025-28 e MAL-2025-29.", + "Este incidente destaca a importância de examinar os pacotes NPM antes da instalação para evitar potenciais ameaças à segurança." + ], + "commentSummary": [ + "A Snyk, um pesquisador de segurança, lançou pacotes NPM (Node Package Manager) maliciosos direcionados ao cursor.com, destacando vulnerabilidades de confusão de dependência. - O incidente gerou um debate sobre a ética da pesquisa em segurança, especialmente no que diz respeito à exposição pública de variáveis de ambiente. - A Cursor.com esclareceu que não autorizou a ação, e a Snyk pediu desculpas, ressaltando os desafios de equilibrar a pesquisa de segurança ofensiva com os padrões éticos." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "I Switched to Firefox and Never Looked Back", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox é elogiado por seu gerenciamento superior de abas, recurso Pocket integrado para salvar links e um serviço de e-mail focado em privacidade, tornando-o uma forte alternativa ao Chrome. - Recursos adicionais como uma ferramenta de captura de tela fácil de usar, um botão ChatGPT, modo Picture-in-Picture, opções de pesquisa personalizáveis e rolagem suave melhoram a experiência de navegação. - Embora o Firefox não tenha o recurso de aplicativos da web do Chrome, seu design cuidadoso e menor demanda de recursos o tornam a escolha preferida para alguns usuários." + ], + "commentSummary": [ + "Os usuários do Firefox enfrentam desafios de plataformas como o YouTube, que podem intencionalmente degradar a experiência para navegadores não-Google ou usuários que utilizam bloqueadores de anúncios. - Essa tendência levanta preocupações sobre a autonomia do usuário, pois penaliza aqueles que optam por uma experiência na web sem anúncios e sem vigilância. - O Firefox oferece recursos únicos, como abas de contêiner, que melhoram a privacidade e a usabilidade, tornando-o uma escolha preferida para usuários que buscam independência de navegadores controlados por grandes corporações." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "CEO da Sonos renuncia após fiasco de atualização de aplicativo", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "O CEO da Sonos renunciou após uma atualização controversa do aplicativo que exigia que os usuários substituíssem sistemas de som caros, causando insatisfação entre os clientes. - A atualização introduziu um sistema baseado em nuvem, afastando-se do confiável Universal Plug and Play (UPnP), o que levou a problemas de conectividade e aumento da complexidade. - Esta situação destaca o conflito entre estratégias de negócios e a manutenção da confiança do cliente, enquanto o CEO transita para um papel consultivo com um pacote de indenização." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "Na barriga do MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "O ensaio examina como o algoritmo do YouTube influencia a criação de conteúdo, usando MrBeast como estudo de caso, destacando uma mudança em direção a um conteúdo impulsionado pelo engajamento em vez de significativo. - Discute as implicações mais amplas para a alfabetização midiática e o impacto cultural de plataformas como YouTube e TikTok, sugerindo uma tendência para conteúdos superficiais e reacionários. - Diversas perspectivas são consideradas sobre o papel dos algoritmos na formação de conteúdo e a influência de criadores populares nas normas culturais." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "Operações do Git no GitHub estão fora do ar", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub enfrentou uma interrupção nas operações do Git em 13 de janeiro de 2025, devido a uma alteração de configuração que afetou o balanceador de carga interno, durando das 23:35 às 00:24 UTC. - O problema foi resolvido revertendo a alteração de configuração, e o GitHub está trabalhando para melhorar os processos de monitoramento e implantação para evitar incidentes semelhantes. - A interrupção também afetou os serviços Actions e Pages do GitHub, destacando a natureza interconectada de seus serviços de plataforma." + ], + "commentSummary": [ + "GitHub enfrentou uma grande interrupção que impactou as operações de git, levando à confusão entre os desenvolvedores que inicialmente suspeitaram de problemas com suas chaves SSH ou configurações locais. - O incidente destacou os desafios de depender de serviços centralizados, provocando discussões sobre as vantagens de auto-hospedagem e sistemas descentralizados. - Embora o problema tenha sido resolvido, ele ressaltou preocupações sobre a confiabilidade do GitHub e os riscos de depender de plataformas de terceiros para tarefas essenciais." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 lançado com expansão ZFS raidz", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 foi lançado, introduzindo recursos significativos como Expansão RAIDZ, Desduplicação Rápida, Entrada/Saída Direta, saída em JSON e suporte para nomes de arquivos longos. - O lançamento inclui correções de bugs essenciais e melhorias de desempenho, compatível com kernels Linux 4.18 - 6.12 e versões FreeBSD 13.3, 14.0 - 14.2. - A atualização é um esforço colaborativo de 134 colaboradores, com documentação abrangente e um registro de alterações disponível para revisão." + ], + "commentSummary": [ + "ZFS 2.3 foi lançado, introduzindo recursos como expansão RAIDZ, desduplicação rápida, IO direto, saída JSON e suporte para nomes de arquivos longos. - A expansão RAIDZ é particularmente notável, pois permite que os usuários adicionem novos dispositivos a um pool RAIDZ existente sem tempo de inatividade, aumentando a capacidade de armazenamento. - O lançamento é considerado um avanço significativo para os usuários de ZFS, sendo comparado a outros sistemas de arquivos como Btrfs e Windows Storage Spaces, apesar de algumas limitações, como a incapacidade de reduzir pools." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Contêineres Alpine, Ubuntu, Fedora e Arch contendo ambientes de desktop completos", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop fornece contêineres baseados em Alpine, Ubuntu, Fedora e Arch com ambientes de desktop completos acessíveis através de navegadores web, suportando as arquiteturas x86-64 e arm64.", + "Os usuários podem selecionar entre vários ambientes de desktop, como XFCE, KDE, MATE, i3, Openbox e IceWM, usando tags de imagem específicas e acessar o Webtop por meio de URLs designados.", + "Os recursos de segurança incluem a opção seccomp do Docker e a configuração de autenticação, com opções de personalização disponíveis através de variáveis de ambiente, além de suporte para aceleração de GPU com drivers de código aberto." + ], + "commentSummary": [ + "Webtop fornece contêineres com ambientes de desktop completos para Alpine, Ubuntu, Fedora e Arch, adequados para configurações rápidas por trás de uma VPN.", + "Os usuários elogiam o Webtop por sua velocidade e facilidade de uso, especialmente quando utilizado com o contêiner Gluetun para conexões seguras, mas alertam contra a exposição de contêineres à internet sem medidas de segurança devido à falta de autenticação padrão.", + "O projeto é valorizado por ser de código aberto e flexível, com usuários compartilhando configurações, e alternativas como Kasm e Selkies são destacadas para propósitos semelhantes." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 em cada 5 anúncios de emprego online são falsos ou nunca são preenchidos, aponta estudo", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "A recent study indicates that 20% of online job postings are either fake or remain unfilled, adding to job seekers' frustration. - This \"ghost job\" trend might be a tactic for companies to project an image of growth. - Job platforms such as Greenhouse and LinkedIn have introduced job verification services to assist users in identifying genuine job opportunities." + ], + "commentSummary": [ + "Um estudo revela que 20% das vagas de emprego online são falsas ou permanecem não preenchidas, muitas vezes devido à necessidade das empresas de cumprir com as políticas de imigração dos EUA. - As empresas também podem manter as vagas abertas para encontrar candidatos ideais, alterar requisitos ou já terem candidatos internos pré-selecionados. - O mercado de trabalho é difícil para os candidatos, que frequentemente enfrentam o desaparecimento das empresas e rejeições automatizadas, o que leva a pedidos por intervenção regulatória." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Transformar um cruzamento em um local inseguro para pedestres para economizar segundos para motoristas", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "O debate gira em torno de se os cruzamentos devem priorizar a segurança dos pedestres ou a eficiência dos motoristas, com alguns preferindo cruzamentos controlados por semáforos e travessias diagonais para pedestres em vez de paradas de 4 vias.", + "Opiniões variam sobre leis de trânsito e design de infraestrutura, com discussões sobre a segurança de atravessar fora da faixa e os riscos associados a conversões à direita no sinal vermelho.", + "Alguns defendem soluções alternativas, como rotatórias ou a adoção de padrões de engenharia de tráfego holandeses, para melhorar tanto a segurança quanto a eficiência." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL é o Sistema de Gerenciamento de Banco de Dados do Ano de 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL foi premiado como DBMS do Ano 2024 pela DB-Engines, alcançando esse reconhecimento pela quinta vez, superando 423 outros sistemas de gerenciamento de banco de dados.", + "PostgreSQL, com uma história que se estende por quase 35 anos, continua a inovar, como visto nas melhorias recentes do PostgreSQL 17, lançado em setembro de 2024.", + "Snowflake e Microsoft garantiram o segundo e terceiro lugares, respectivamente, com a Snowflake sendo destacada por seu armazenamento de dados baseado em nuvem e suporte multi-nuvem, enquanto a Microsoft oferece bancos de dados relacionais gerenciados robustos através do Azure SQL Database e SQL Server." + ], + "commentSummary": [ + "PostgreSQL foi premiado como Sistema de Gerenciamento de Banco de Dados do Ano 2024 pelo db-engines.com, destacando sua crescente popularidade e reconhecimento na indústria.", + "Os usuários estão considerando mudar do Microsoft SQL Server para o PostgreSQL devido aos altos custos de licenciamento e limitações de recursos, apesar dos potenciais desafios de migração.", + "PostgreSQL é favorecido por seus recursos robustos e custo-benefício, tornando-o uma escolha preferida para projetos futuros, embora alguns usuários explorem alternativas como Babelfish para reduzir custos." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Login OAuth do Google não protege contra a compra de um domínio de startup falida", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "A discussão destaca uma vulnerabilidade no sistema de login OAuth do Google quando o domínio de uma startup falida é adquirido por um novo proprietário, potencialmente permitindo acesso não autorizado a serviços.", + "Esse problema surge porque o Google pode não distinguir entre os proprietários originais e novos do domínio, afetando qualquer sistema que use autenticação baseada em domínio.", + "A solução proposta é usar identificadores únicos que permanecem constantes ao longo do tempo, embora a implementação dessa solução varie entre os provedores de identidade." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Usando habilidades de codificação para gerar renda passiva", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "O autor fez a transição de um cargo de CTO para solopreneur, conseguindo ganhar mais por meio de um portfólio de produtos de software.", + "Principais estratégias incluem focar em trabalho profundo, começar com pequenos projetos, iterar rapidamente e dedicar tempo aos esforços de marketing.", + "A jornada enfatiza a resiliência devido às incertezas, mas destaca a autonomia e liberdade incomparáveis deste caminho de carreira, encorajando aqueles com habilidades de codificação a considerá-lo para renda passiva." + ], + "commentSummary": [ + "Um usuário descreveu a geração de renda passiva por meio de sites de spam de SEO usando nomes de domínio expirantes, ganhando aproximadamente $30 mil anualmente, apesar das preocupações éticas e da eventual repressão do Google.", + "O post gerou um debate sobre renda passiva, com alguns usuários argumentando que é mais parecido com administrar um negócio do que realmente ganhos passivos.", + "Os participantes compartilharam experiências e desafios em projetos paralelos, destacando a importância do tempo, resiliência e planejamento estratégico." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Proposta da Espanha: imposto de 100% sobre casas compradas por residentes fora da UE", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "Considerando a crise habitacional e a necessidade de conter a compra especulativa, a Espanha está avaliando a implementação de um imposto de 100% sobre aquisições de imóveis por residentes de fora da UE.", + "Proposta do Primeiro-Ministro Pedro Sánchez inclui a expansão da habitação social e a regulamentação dos aluguéis turísticos para enfrentar a disparidade entre os preços das habitações e os rendimentos.", + "A futura transformação da proposta em lei é incerta, com alguns analistas vendo-a como um impedimento para investidores estrangeiros, em vez de uma mudança legislativa garantida." + ], + "commentSummary": [ + "Está sendo considerado na Espanha um imposto de 100% sobre casas compradas por residentes de fora da UE para enfrentar problemas de acessibilidade à moradia. - Críticos sugerem que compradores estrangeiros não são a principal causa dos altos preços das habitações, citando a burocracia lenta e as leis de zoneamento como fatores mais significativos. - A proposta gerou um debate sobre o papel da propriedade estrangeira nos mercados imobiliários e sua eficácia na resolução de questões de acessibilidade." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Em breve, a Apple receberá chips 'feitos na América' da fábrica da TSMC no Arizona", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple está testando processadores da instalação da TSMC no Arizona, com planos para produção em massa até o primeiro trimestre, potencialmente se tornando o primeiro cliente dos EUA da TSMC para chips fabricados localmente. - Esta iniciativa visa fortalecer a independência de silício dos EUA, reduzindo a dependência de Taiwan, que é vulnerável a riscos geopolíticos e naturais. - A fábrica da TSMC no Arizona está programada para produzir chips avançados de 3nm e 2nm, com esforços contínuos para melhorar o recrutamento local e parcerias com universidades dos EUA, embora a embalagem ocorra inicialmente em Taiwan até que a instalação de Peoria esteja operacional." + ], + "commentSummary": [ + "Apple receberá chips da fábrica da TSMC no Arizona, mas eles precisam ser enviados de volta para Taiwan para embalagem devido à insuficiência de instalações nos EUA. - Mais de 50% da força de trabalho na fábrica do Arizona é de Taiwan, indicando uma lacuna no campo de STEM (Ciência, Tecnologia, Engenharia e Matemática) nos EUA. - A iniciativa do CHIPS Act, destinada a melhorar a fabricação de semicondutores nos EUA, enfrenta desafios, pois o rótulo \"Feito na América\" é questionado devido ao processo de embalagem ocorrer em Taiwan, com planos para capacidades de embalagem nos EUA até 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43 mil motoristas a menos nas estradas de Manhattan após a ativação da precificação de congestionamento", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Após a implementação da precificação de congestionamento, houve uma redução de 7,5% no número de motoristas entrando em Manhattan abaixo da 60th Street, o que equivale a 43.000 motoristas a menos a cada dia útil.", + "A redução no tráfego melhorou o fluxo de trânsito e aumentou a velocidade dos ônibus, com alguns ônibus expressos experimentando um aumento no número de passageiros.", + "O Metropolitan Transportation Authority (MTA) utiliza a receita de pedágio, estimada em $500 milhões anualmente, para melhorias no transporte, apesar de alguma oposição política." + ], + "commentSummary": [ + "A implementação da precificação de congestionamento em Manhattan resultou em 43.000 motoristas a menos, levando a um aumento na velocidade dos ônibus e, potencialmente, a melhores tempos de resposta em emergências.", + "A política é projetada para reduzir a congestão do tráfego e melhorar a qualidade do ar, embora tenha gerado debate sobre seu impacto em indivíduos de baixa renda.", + "Os defensores argumentam que os benefícios incluem um transporte público mais eficiente e ar mais limpo, enquanto as discussões continuam sobre como equilibrar essas vantagens com as necessidades dos motoristas." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.ro.json b/records/2025-01-14/2025-01-14.ro.json new file mode 100644 index 000000000..2ffbf288a --- /dev/null +++ b/records/2025-01-14/2025-01-14.ro.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "„Cercetătorul de securitate Snyk lansează pachete NPM malițioase care vizează cursor.com”", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "„Un cercetător în securitate de la Snyk a lansat pachete NPM malițioase care vizează Cursor.com, o companie de codare AI, pentru a colecta date de sistem și a le trimite către un serviciu controlat de atacator.”", + "„Pachetele, identificate ca „cursor-retrieval”, „cursor-always-local” și „cursor-shadow-workspace”, au fost semnalate de scannerul de analiză a pachetelor OpenSSF, rezultând în avizele MAL-2025-27, MAL-2025-28 și MAL-2025-29.”", + "„Acest incident subliniază importanța examinării atente a pachetelor NPM înainte de instalare pentru a evita potențialele amenințări de securitate.”" + ], + "commentSummary": [ + "„Un cercetător în securitate de la Snyk a lansat pachete NPM (Node Package Manager) malițioase care vizau cursor.com, evidențiind vulnerabilitățile de confuzie a dependențelor. - Incidentul a declanșat o dezbatere privind etica cercetării în securitate, în special în ceea ce privește expunerea publică a variabilelor de mediu. - Cursor.com a clarificat că nu au autorizat acțiunea, iar Snyk și-a cerut scuze ulterior, subliniind provocările în echilibrarea cercetării ofensive în securitate cu standardele etice.”" + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "„Am trecut la Firefox și nu m-am mai uitat înapoi”", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "„Firefox este lăudat pentru gestionarea superioară a filelor, funcția Pocket integrată pentru salvarea linkurilor și un serviciu de redirecționare a e-mailurilor axat pe confidențialitate, făcându-l o alternativă puternică la Chrome. - Funcții suplimentare precum un instrument de captură de ecran ușor de utilizat, un buton ChatGPT, funcția Picture-in-Picture, opțiuni de căutare personalizabile și derularea lină îmbunătățesc experiența de navigare. - Deși Firefox nu dispune de funcția de aplicație web a Chrome, designul său atent și cerințele reduse de resurse îl fac o alegere preferată pentru unii utilizatori.”" + ], + "commentSummary": [ + "„Utilizatorii Firefox se confruntă cu provocări din partea platformelor precum YouTube, care pot degrada intenționat experiența pentru browserele non-Google sau utilizatorii care folosesc adblockere. - Această tendință ridică îngrijorări cu privire la autonomia utilizatorilor, deoarece penalizează pe cei care optează pentru o experiență web fără reclame și supraveghere. - Firefox oferă caracteristici unice, cum ar fi filele container, care îmbunătățesc confidențialitatea și utilizabilitatea, făcându-l o alegere preferată pentru utilizatorii care caută independență față de browserele controlate de mari corporații.”" + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "„CEO-ul Sonos demisionează după fiasco-ul actualizării aplicației”", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„CEO-ul Sonos a demisionat în urma unei actualizări controversate a aplicației care a cerut utilizatorilor să înlocuiască sisteme audio costisitoare, provocând nemulțumirea clienților. - Actualizarea a introdus un sistem bazat pe cloud, renunțând la Universal Plug and Play (UPnP) fiabil, ceea ce a dus la probleme de conectivitate și complexitate crescută. - Această situație subliniază conflictul dintre strategiile de afaceri și menținerea încrederii clienților, pe măsură ce CEO-ul trece la un rol de consilier cu un pachet de compensații.”" + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "„În burta lui MrBeast”", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Eseul examinează modul în care algoritmul YouTube influențează crearea de conținut, folosindu-l pe MrBeast ca studiu de caz, evidențiind o schimbare către un conținut axat pe angajament mai degrabă decât pe semnificație. - Se discută implicațiile mai largi pentru alfabetizarea media și impactul cultural al platformelor precum YouTube și TikTok, sugerând o tendință către conținut superficial și reacționar. - Sunt luate în considerare diverse perspective asupra rolului algoritmilor în modelarea conținutului și influența creatorilor populari asupra normelor culturale.”" + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "„Operațiunile Git de pe GitHub sunt indisponibile”", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "„GitHub a întâmpinat o întrerupere a operațiunilor Git pe 13 ianuarie 2025, din cauza unei modificări de configurare care a afectat echilibratorul de sarcină intern, durând de la 23:35 la 00:24 UTC. - Problema a fost rezolvată prin revenirea la modificarea de configurare, iar GitHub lucrează la îmbunătățirea proceselor de monitorizare și implementare pentru a preveni incidente similare. - Întreruperea a afectat, de asemenea, serviciile Actions și Pages ale GitHub, evidențiind natura interconectată a serviciilor platformei lor.”" + ], + "commentSummary": [ + "„GitHub a întâmpinat o întrerupere majoră care a afectat operațiunile git, ceea ce a dus la confuzie în rândul dezvoltatorilor care inițial au suspectat probleme cu cheile lor SSH sau cu configurațiile locale. - Incidentul a subliniat provocările de a se baza pe servicii centralizate, determinând discuții despre avantajele găzduirii proprii și a sistemelor descentralizate. - Deși problema a fost rezolvată, aceasta a evidențiat preocupările legate de fiabilitatea GitHub și riscurile de a depinde de platforme terțe pentru sarcini esențiale.”" + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "„ZFS 2.3 lansat cu extinderea ZFS raidz”", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "„OpenZFS 2.3.0 a fost lansat, introducând caracteristici semnificative precum extinderea RAIDZ, deduplicarea rapidă, intrare/ieșire directă, ieșire JSON și suport pentru nume de fișiere lungi. - Lansarea include corecții esențiale de erori și îmbunătățiri de performanță, compatibile cu nucleele Linux 4.18 - 6.12 și versiunile FreeBSD 13.3, 14.0 - 14.2. - Actualizarea este un efort colaborativ al 134 de contribuitori, cu documentație cuprinzătoare și un jurnal de modificări disponibil pentru revizuire.”" + ], + "commentSummary": [ + "„ZFS 2.3 a fost lansat, introducând caracteristici precum extinderea RAIDZ, deduplicarea rapidă, IO direct, ieșire JSON și suport pentru nume de fișiere lungi. - Extinderea RAIDZ este deosebit de remarcabilă, deoarece permite utilizatorilor să adauge noi dispozitive la un pool RAIDZ existent fără timp de nefuncționare, sporind capacitatea de stocare. - Lansarea este considerată un avans semnificativ pentru utilizatorii ZFS, fiind comparată cu alte sisteme de fișiere precum Btrfs și Windows Storage Spaces, în ciuda unor limitări, cum ar fi incapacitatea de a micșora pool-urile.”" + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "„Webtop – Containere Alpine, Ubuntu, Fedora și Arch care conțin medii desktop complete”", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "„Linuxserver/webtop oferă containere bazate pe Alpine, Ubuntu, Fedora și Arch cu medii desktop complete accesibile prin browsere web, suportând atât arhitecturile x86-64, cât și arm64.”", + "„Utilizatorii pot selecta din diverse medii desktop, cum ar fi XFCE, KDE, MATE, i3, Openbox și IceWM, folosind etichete de imagine specifice și pot accesa Webtop prin URL-uri desemnate.”", + "„Caracteristicile de securitate includ opțiunea seccomp a Docker și configurarea autentificării, cu opțiuni de personalizare disponibile prin variabile de mediu, și suport pentru accelerarea GPU cu drivere open-source.”" + ], + "commentSummary": [ + "„Webtop oferă containere cu medii desktop complete pentru Alpine, Ubuntu, Fedora și Arch, potrivite pentru configurări rapide în spatele unui VPN.”", + "„Utilizatorii laudă Webtop pentru viteza și ușurința sa de utilizare, în special atunci când este utilizat cu containerul Gluetun pentru conexiuni securizate, dar avertizează împotriva expunerii containerelor la internet fără măsuri de securitate din cauza lipsei autentificării implicite.”", + "„Proiectul este apreciat pentru faptul că este open-source și flexibil, utilizatorii împărtășind configurații, iar alternative precum Kasm și Selkies sunt remarcate pentru scopuri similare.”" + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "„1 din 5 anunțuri de locuri de muncă online sunt fie false, fie nu sunt niciodată ocupate, arată un studiu”", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "„Un studiu recent indică faptul că 20% dintre anunțurile de locuri de muncă online sunt fie false, fie rămân neocupate, adăugând la frustrarea celor care caută un loc de muncă. - Această tendință de „locuri de muncă fantomă” ar putea fi o tactică a companiilor de a proiecta o imagine de creștere. - Platforme de locuri de muncă precum Greenhouse și LinkedIn au introdus servicii de verificare a locurilor de muncă pentru a ajuta utilizatorii să identifice oportunitățile de muncă autentice.”" + ], + "commentSummary": [ + "„Un studiu relevă că 20% dintre anunțurile de locuri de muncă online sunt fie false, fie rămân neocupate, adesea din cauza necesității companiilor de a respecta politicile de imigrație din SUA. - Companiile pot, de asemenea, să lase anunțurile de locuri de muncă active pentru a găsi candidați ideali, a schimba cerințele sau a avea candidați interni preselectați. - Piața muncii este dificilă pentru solicitanți, care întâlnesc frecvent lipsa de răspuns și respingeri automate, ceea ce determină apeluri pentru intervenții de reglementare.”" + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "„Transformarea unei intersecții într-un loc nesigur pentru pietoni pentru a economisi câteva secunde pentru șoferi”", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Dezbaterea se concentrează pe faptul dacă intersecțiile ar trebui să prioritizeze siguranța pietonilor sau eficiența șoferilor, unii favorizând intersecțiile controlate de semafoare și traversările pietonale simultane în detrimentul opririlor în patru direcții.”", + "„Opiniile variază cu privire la legile de circulație și designul infrastructurii, cu discuții despre siguranța traversării neregulamentare și riscurile asociate cu virajele la dreapta pe roșu.”", + "„Unii susțin soluții alternative, cum ar fi sensurile giratorii sau adoptarea standardelor olandeze de inginerie a traficului, pentru a îmbunătăți atât siguranța, cât și eficiența.”" + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "„PostgreSQL este Sistemul de Management al Bazelor de Date al Anului 2024”", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "„PostgreSQL a fost desemnat DBMS-ul Anului 2024 de către DB-Engines, obținând această recunoaștere pentru a cincea oară, depășind alte 423 de sisteme de gestionare a bazelor de date.”", + "„PostgreSQL, cu o istorie de aproape 35 de ani, continuă să inoveze, așa cum se vede în îmbunătățirile recente ale PostgreSQL 17, lansat în septembrie 2024.”", + "„Snowflake și Microsoft au obținut locurile doi și trei, respectiv, cu Snowflake remarcat pentru depozitarea de date bazată pe cloud și suportul multi-cloud, în timp ce Microsoft oferă baze de date relaționale gestionate robust prin Azure SQL Database și SQL Server.”" + ], + "commentSummary": [ + "„PostgreSQL a fost desemnat Sistemul de Management al Bazelor de Date al Anului 2024 de către db-engines.com, evidențiind popularitatea și recunoașterea sa în creștere în industrie.”", + "„Utilizatorii iau în considerare trecerea de la Microsoft SQL Server la PostgreSQL din cauza costurilor ridicate de licențiere și a limitărilor de resurse, în ciuda provocărilor potențiale de migrare.”", + "„PostgreSQL este preferat pentru caracteristicile sale robuste și rentabilitatea sa, ceea ce îl face o alegere preferată pentru proiectele viitoare, deși unii utilizatori explorează alternative precum Babelfish pentru a reduce costurile.”" + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "„Conectarea OAuth de la Google nu protejează împotriva achiziționării unui domeniu al unei startup-uri eșuate”", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Discuția evidențiază o vulnerabilitate în sistemul de autentificare OAuth al Google atunci când domeniul unei startup eșuate este achiziționat de un nou proprietar, permițând potențial accesul neautorizat la servicii.”", + "„Această problemă apare deoarece Google s-ar putea să nu facă distincția între proprietarii originali și noii proprietari ai domeniului, afectând orice sistem care utilizează autentificarea bazată pe domeniu.”", + "„O soluție propusă este utilizarea identificatorilor unici care rămân constanți în timp, deși implementarea acestei soluții variază între furnizorii de identitate.”" + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "„Folosirea abilităților de programare pentru a obține venituri pasive”", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "„Autorul a făcut tranziția de la rolul de CTO la soloprenor, reușind să câștige mai mult printr-un portofoliu de produse software.”", + "„Strategiile cheie includ concentrarea pe munca profundă, începerea cu proiecte mici, iterarea rapidă și dedicarea timpului pentru eforturile de marketing.”", + "„Călătoria subliniază reziliența în fața incertitudinilor, dar evidențiază autonomia și libertatea de neegalat ale acestui parcurs profesional, încurajându-i pe cei cu abilități de programare să îl considere pentru venituri pasive.”" + ], + "commentSummary": [ + "„Un utilizator a descris generarea de venituri pasive prin site-uri web de tip spam SEO folosind nume de domenii care expiră, câștigând aproximativ 30.000 de dolari anual, în ciuda preocupărilor etice și a represaliilor ulterioare din partea Google.”", + "„Postarea a stârnit o dezbatere despre veniturile pasive, unii utilizatori susținând că este mai degrabă asemănătoare cu administrarea unei afaceri decât cu câștigurile cu adevărat pasive.”", + "„Participanții au împărtășit experiențe și provocări în proiectele secundare, subliniind importanța timpului, rezilienței și planificării strategice.”" + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "„Spania propune un impozit de 100% pe locuințele cumpărate de rezidenți din afara UE”", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "„Spania ia în considerare un impozit de 100% pe achizițiile imobiliare de către rezidenții din afara UE, având ca scop abordarea crizei locuințelor și limitarea achizițiilor speculative.”", + "„Propunerea prim-ministrului Pedro Sánchez include extinderea locuințelor sociale și reglementarea închirierilor turistice pentru a aborda disparitatea dintre prețurile locuințelor și venituri.”", + "„Viitorul propunerii ca lege este incert, unii analiști considerând-o mai degrabă un factor de descurajare pentru investitorii străini decât o schimbare legislativă garantată.”" + ], + "commentSummary": [ + "„Spania ia în considerare un impozit de 100% pe locuințele achiziționate de rezidenți din afara UE pentru a aborda problemele de accesibilitate a locuințelor. - Criticii sugerează că cumpărătorii străini nu sunt cauza principală a prețurilor ridicate ale locuințelor, menționând birocrația lentă și legile de zonare ca factori mai semnificativi. - Propunerea a declanșat o dezbatere cu privire la rolul proprietății străine pe piețele imobiliare și eficacitatea acesteia în rezolvarea problemelor de accesibilitate.”" + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "„Apple va primi în curând cipuri 'fabricate în America' de la fabrica TSMC din Arizona”", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "„Apple testează procesoare de la fabrica TSMC din Arizona, cu planuri de producție în masă până în primul trimestru, devenind potențial primul client american al TSMC pentru cipuri fabricate local. - Această inițiativă are ca scop consolidarea independenței siliconului în SUA, reducând dependența de Taiwan, care este vulnerabil la riscuri geopolitice și naturale. - Fabrica TSMC din Arizona este pregătită să producă cipuri avansate de 3nm și 2nm, cu eforturi continue de a îmbunătăți recrutarea locală și parteneriatele cu universitățile americane, deși ambalarea va avea loc inițial în Taiwan până când facilitatea din Peoria va fi operațională.”" + ], + "commentSummary": [ + "„Apple va primi cipuri de la fabrica TSMC din Arizona, dar acestea trebuie trimise înapoi în Taiwan pentru ambalare din cauza insuficienței facilităților din SUA. - Peste 50% din forța de muncă de la fabrica din Arizona provine din Taiwan, indicând un decalaj în domeniul STEM (Știință, Tehnologie, Inginerie și Matematică) din SUA. - Inițiativa CHIPS Act, care vizează îmbunătățirea producției de semiconductori în SUA, se confruntă cu provocări, deoarece eticheta „Fabricat în America” este pusă sub semnul întrebării din cauza procesului de ambalare care are loc în Taiwan, cu planuri pentru capacități de ambalare în SUA până în 2027.”" + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "„Cu 43.000 de șoferi mai puțin pe drumurile din Manhattan după ce a fost activată taxarea pentru congestionare”", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "„După implementarea taxării pentru congestionare, a existat o reducere de 7,5% a șoferilor care intră în Manhattan sub strada 60, ceea ce echivalează cu 43.000 de șoferi mai puțini în fiecare zi lucrătoare.”", + "„Reducerea traficului a îmbunătățit fluxul de trafic și a crescut viteza autobuzelor, unele autobuze expres înregistrând o creștere a numărului de pasageri.”", + "„Autoritatea Metropolitană de Transport (MTA) folosește veniturile din taxe, estimate la 500 de milioane de dolari anual, pentru îmbunătățiri ale transportului, în ciuda unei anumite opoziții politice.”" + ], + "commentSummary": [ + "„Implementarea taxării pentru congestionare în Manhattan a dus la reducerea cu 43.000 a numărului de șoferi, ceea ce a condus la creșterea vitezei autobuzelor și, posibil, la îmbunătățirea timpilor de răspuns pentru situațiile de urgență.”", + "„Politica este concepută pentru a reduce congestionarea traficului și a îmbunătăți calitatea aerului, deși a stârnit dezbateri cu privire la impactul său asupra persoanelor cu venituri mai mici.”", + "„Susținătorii susțin că beneficiile includ un transport public mai eficient și un aer mai curat, în timp ce discuțiile continuă asupra echilibrării acestor avantaje cu nevoile șoferilor.”" + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.ru.json b/records/2025-01-14/2025-01-14.ru.json new file mode 100644 index 000000000..f8fe60e3a --- /dev/null +++ b/records/2025-01-14/2025-01-14.ru.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "Исследователь безопасности Snyk разворачивает вредоносные пакеты NPM, нацеленные на cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "Исследователь безопасности из Snyk выпустил вредоносные пакеты NPM, нацеленные на Cursor.com, компанию, занимающуюся AI-кодированием, чтобы собирать системные данные и отправлять их на сервис, контролируемый злоумышленником.", + "Пакеты, идентифицированные как \"cursor-retrieval\", \"cursor-always-local\" и \"cursor-shadow-workspace\", были отмечены сканером анализа пакетов OpenSSF, что привело к предупреждениям MAL-2025-27, MAL-2025-28 и MAL-2025-29.", + "Этот инцидент подчеркивает важность тщательной проверки пакетов NPM перед установкой, чтобы избежать потенциальных угроз безопасности." + ], + "commentSummary": [ + "Исследователь безопасности из Snyk выпустил вредоносные пакеты NPM (Node Package Manager), нацеленные на cursor.com, подчеркивая уязвимости путаницы зависимостей. - Инцидент вызвал дебаты об этике исследований безопасности, особенно в отношении публичного раскрытия переменных окружения. - Cursor.com уточнили, что они не санкционировали это действие, и Snyk с тех пор извинились, подчеркивая трудности в балансировании наступательных исследований безопасности с этическими стандартами." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "Я перешел на Firefox и никогда не оглядывался назад", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox хвалят за превосходное управление вкладками, встроенную функцию Pocket для сохранения ссылок и ориентированную на конфиденциальность функцию пересылки электронной почты, что делает его сильной альтернативой Chrome. - Дополнительные функции, такие как удобный инструмент для создания скриншотов, кнопка ChatGPT, режим \"картинка в картинке\", настраиваемые параметры поиска и плавная прокрутка, улучшают впечатления от просмотра. - Хотя Firefox не имеет функции веб-приложений, как у Chrome, его продуманный дизайн и сниженные требования к ресурсам делают его предпочтительным выбором для некоторых пользователей." + ], + "commentSummary": [ + "Пользователи Firefox сталкиваются с трудностями на платформах, таких как YouTube, которые могут намеренно ухудшать опыт для пользователей не-Google браузеров или тех, кто использует блокировщики рекламы. - Эта тенденция вызывает обеспокоенность по поводу автономии пользователей, так как она наказывает тех, кто выбирает веб-опыт без рекламы и слежки. - Firefox предлагает уникальные функции, такие как контейнерные вкладки, которые улучшают конфиденциальность и удобство использования, делая его предпочтительным выбором для пользователей, стремящихся к независимости от браузеров, контролируемых крупными корпорациями." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Генеральный директор Sonos уходит в отставку после неудачного обновления приложения", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Генеральный директор Sonos ушел в отставку после спорного обновления приложения, которое требовало от пользователей замены дорогостоящих звуковых систем, что вызвало недовольство клиентов. - Обновление ввело облачную систему, отказавшись от надежной технологии Universal Plug and Play (UPnP), что привело к проблемам с подключением и увеличению сложности. - Эта ситуация подчеркивает конфликт между бизнес-стратегиями и поддержанием доверия клиентов, так как генеральный директор переходит на консультативную роль с выходным пособием." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "В чреве MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Эссе исследует, как алгоритм YouTube влияет на создание контента, используя MrBeast в качестве примера, подчеркивая сдвиг в сторону контента, ориентированного на вовлеченность, а не на значимость. - Обсуждаются более широкие последствия для медиаграмотности и культурное влияние таких платформ, как YouTube и TikTok, предполагая тенденцию к поверхностному и реакционному контенту. - Рассматриваются различные точки зрения на роль алгоритмов в формировании контента и влияние популярных создателей на культурные нормы." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "Операции Git на GitHub не работают", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub столкнулся с сбоем операций Git 13 января 2025 года из-за изменения конфигурации, повлиявшего на внутренний балансировщик нагрузки, который длился с 23:35 до 00:24 по UTC. - Проблема была решена путем отмены изменения конфигурации, и GitHub работает над улучшением процессов мониторинга и развертывания, чтобы предотвратить подобные инциденты. - Сбой также затронул сервисы GitHub Actions и Pages, что подчеркивает взаимосвязанную природу их платформенных сервисов." + ], + "commentSummary": [ + "GitHub столкнулся с серьезным сбоем, который повлиял на операции с git, вызвав замешательство среди разработчиков, которые первоначально подозревали проблемы с их SSH-ключами или локальными конфигурациями. - Инцидент подчеркнул трудности, связанные с зависимостью от централизованных сервисов, вызвав обсуждения о преимуществах самохостинга и децентрализованных систем. - Хотя проблема была решена, она подчеркнула обеспокоенность по поводу надежности GitHub и рисков, связанных с зависимостью от сторонних платформ для выполнения важных задач." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "Выпущен ZFS 2.3 с расширением ZFS raidz", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 выпущен, представляя значительные функции, такие как расширение RAIDZ, быстрая дедупликация, прямой ввод/вывод, вывод в формате JSON и поддержка длинных имен файлов. - Выпуск включает в себя важные исправления ошибок и улучшения производительности, совместимые с ядрами Linux 4.18 - 6.12 и версиями FreeBSD 13.3, 14.0 - 14.2. - Обновление является совместной работой 134 участников, с доступной для ознакомления полной документацией и журналом изменений." + ], + "commentSummary": [ + "ZFS 2.3 был выпущен, представив такие функции, как расширение RAIDZ, быстрая дедупликация, прямой ввод-вывод, вывод в формате JSON и поддержка длинных имен файлов. - Расширение RAIDZ особенно примечательно, так как позволяет пользователям добавлять новые устройства в существующий пул RAIDZ без простоя, увеличивая емкость хранилища. - Выпуск считается значительным достижением для пользователей ZFS, вызывая сравнения с другими файловыми системами, такими как Btrfs и Windows Storage Spaces, несмотря на некоторые ограничения, такие как невозможность уменьшения пулов." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – контейнеры Alpine, Ubuntu, Fedora и Arch, содержащие полные настольные среды", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop предоставляет контейнеры на основе Alpine, Ubuntu, Fedora и Arch с полными настольными окружениями, доступными через веб-браузеры, поддерживая архитектуры x86-64 и arm64.", + "Пользователи могут выбирать из различных настольных сред, таких как XFCE, KDE, MATE, i3, Openbox и IceWM, используя определенные теги изображений, и получать доступ к Webtop через указанные URL-адреса.", + "Функции безопасности включают в себя опцию seccomp Docker и настройку аутентификации, с возможностью настройки через переменные окружения, а также поддержку ускорения GPU с использованием драйверов с открытым исходным кодом." + ], + "commentSummary": [ + "Webtop предоставляет контейнеры с полными рабочими столами для Alpine, Ubuntu, Fedora и Arch, подходящие для быстрой настройки за VPN.", + "Пользователи хвалят Webtop за его скорость и простоту использования, особенно при использовании с контейнером Gluetun для безопасных подключений, но предостерегают от вывода контейнеров в интернет без мер безопасности из-за отсутствия аутентификации по умолчанию.", + "Проект ценится за то, что он является открытым и гибким, пользователи делятся конфигурациями, а такие альтернативы, как Kasm и Selkies, отмечены для схожих целей." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 из 5 онлайн-вакансий либо фальшивые, либо никогда не заполняются, как показало исследование.", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "Недавнее исследование показывает, что 20% онлайн-вакансий либо фальшивые, либо остаются незаполненными, что добавляет разочарования соискателям. - Эта тенденция \"призрачных вакансий\" может быть тактикой компаний для создания образа роста. - Платформы для поиска работы, такие как Greenhouse и LinkedIn, внедрили услуги проверки вакансий, чтобы помочь пользователям в идентификации подлинных возможностей трудоустройства." + ], + "commentSummary": [ + "Исследование показывает, что 20% онлайн-вакансий либо фальшивые, либо остаются незаполненными, часто из-за необходимости компаний соблюдать иммиграционные политики США. - Компании также могут оставлять вакансии открытыми, чтобы найти идеальных кандидатов, изменить требования или иметь заранее выбранных внутренних кандидатов. - Рынок труда сложен для соискателей, которые часто сталкиваются с игнорированием и автоматическими отказами, что вызывает призывы к регуляторному вмешательству." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Делать перекресток небезопасным для пешеходов, чтобы сэкономить секунды для водителей", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Дебаты сосредоточены на том, должны ли перекрестки отдавать приоритет безопасности пешеходов или эффективности водителей, причем некоторые предпочитают перекрестки с светофорами и пешеходные переходы вместо перекрестков с четырьмя стопами.", + "Мнения расходятся по поводу законов о дорожном движении и проектирования инфраструктуры, обсуждаются вопросы безопасности перехода улицы в неположенном месте и риски, связанные с поворотом направо на красный свет.", + "Некоторые выступают за альтернативные решения, такие как круговые перекрестки или принятие голландских стандартов дорожного проектирования для повышения как безопасности, так и эффективности." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL - это система управления базами данных года 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL был удостоен звания СУБД года 2024 по версии DB-Engines, получив это признание в пятый раз, обойдя 423 другие системы управления базами данных.", + "PostgreSQL, с историей, охватывающей почти 35 лет, продолжает внедрять инновации, что видно на примере последних улучшений PostgreSQL 17, выпущенного в сентябре 2024 года.", + "Snowflake и Microsoft заняли второе и третье места соответственно, при этом Snowflake отмечен за свои облачные хранилища данных и поддержку мультиоблачности, в то время как Microsoft предлагает надежные управляемые реляционные базы данных через Azure SQL Database и SQL Server." + ], + "commentSummary": [ + "PostgreSQL был удостоен звания Система управления базами данных года 2024 по версии db-engines.com, что подчеркивает его растущую популярность и признание в отрасли.", + "Пользователи рассматривают возможность перехода с Microsoft SQL Server на PostgreSQL из-за высоких затрат на лицензирование и ограничений ресурсов, несмотря на возможные трудности с миграцией.", + "PostgreSQL пользуется популярностью благодаря своим надежным функциям и экономической эффективности, что делает его предпочтительным выбором для будущих проектов, хотя некоторые пользователи рассматривают альтернативы, такие как Babelfish, чтобы снизить затраты." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "OAuth-авторизация Google не защищает от покупки домена неудавшегося стартапа.", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Обсуждение подчеркивает уязвимость в системе входа Google OAuth, когда домен неудавшегося стартапа приобретает новый владелец, что потенциально позволяет несанкционированный доступ к сервисам.", + "Эта проблема возникает, потому что Google может не различать оригинальных и новых владельцев домена, что влияет на любую систему, использующую аутентификацию на основе домена.", + "Предлагаемое решение заключается в использовании уникальных идентификаторов, которые остаются постоянными с течением времени, хотя реализация этого решения варьируется среди поставщиков идентификационных услуг." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Использование навыков программирования для получения пассивного дохода", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "Автор перешел с должности технического директора на путь солопредпринимателя, успешно зарабатывая больше благодаря портфелю программных продуктов.", + "Ключевые стратегии включают в себя сосредоточение на глубокой работе, начало с небольших проектов, быструю итерацию и выделение времени на маркетинговые усилия.", + "Путешествие подчеркивает стойкость перед лицом неопределенностей, но выделяет несравненную автономию и свободу этого карьерного пути, побуждая тех, кто обладает навыками программирования, рассмотреть его для получения пассивного дохода." + ], + "commentSummary": [ + "Пользователь описал создание пассивного дохода через SEO-спам-сайты, используя истекающие доменные имена, зарабатывая примерно $30k в год, несмотря на этические проблемы и последующее вмешательство Google.", + "Публикация вызвала дебаты о пассивном доходе, при этом некоторые пользователи утверждают, что это больше похоже на ведение бизнеса, чем на действительно пассивный заработок.", + "Участники поделились опытом и трудностями в побочных проектах, подчеркнув важность времени, устойчивости и стратегического планирования." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Испания предлагает 100% налог на дома, купленные резидентами, не входящими в ЕС", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "Испания рассматривает возможность введения 100% налога на покупку недвижимости для нерезидентов ЕС, стремясь решить жилищный кризис и ограничить спекулятивные покупки.", + "Предложение премьер-министра Педро Санчеса включает расширение социального жилья и регулирование туристической аренды для решения проблемы несоответствия между ценами на жилье и доходами.", + "Будущее предложения как закона остается неопределенным, и некоторые аналитики рассматривают его скорее как сдерживающий фактор для иностранных инвесторов, чем как гарантированное законодательное изменение." + ], + "commentSummary": [ + "Испания рассматривает возможность введения 100% налога на дома, приобретаемые резидентами, не входящими в ЕС, чтобы решить проблемы доступности жилья. - Критики утверждают, что иностранные покупатели не являются основной причиной высоких цен на жилье, указывая на медлительность бюрократии и законы о зонировании как на более значительные факторы. - Это предложение вызвало дебаты о роли иностранной собственности на рынке жилья и ее эффективности в решении проблем доступности." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple вскоре получит чипы 'сделано в Америке' с фабрики TSMC в Аризоне.", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple тестирует процессоры из аризонского завода TSMC, планируя массовое производство к первому кварталу, что потенциально делает её первым клиентом TSMC в США для локально произведённых чипов. - Эта инициатива направлена на укрепление независимости США в области кремния, снижая зависимость от Тайваня, который уязвим к геополитическим и природным рискам. - Аризонский завод TSMC будет производить передовые чипы 3нм и 2нм, с продолжающимися усилиями по улучшению местного набора сотрудников и партнёрств с американскими университетами, хотя упаковка изначально будет происходить на Тайване, пока объект в Пеории не станет операционным." + ], + "commentSummary": [ + "Apple будет получать чипы с завода TSMC в Аризоне, но их необходимо отправлять обратно на Тайвань для упаковки из-за недостатка соответствующих мощностей в США. - Более 50% рабочей силы на заводе в Аризоне составляют сотрудники из Тайваня, что указывает на пробел в области STEM (наука, технологии, инженерия и математика) в США. - Инициатива CHIPS Act, направленная на усиление производства полупроводников в США, сталкивается с трудностями, так как маркировка \"Сделано в Америке\" ставится под сомнение из-за процесса упаковки, происходящего на Тайване, с планами по созданию возможностей для упаковки в США к 2027 году." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "На дорогах Манхэттена стало на 43 тысячи водителей меньше после введения платы за въезд в зону с высокой загруженностью.", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "После внедрения системы платного въезда количество водителей, въезжающих в Манхэттен ниже 60-й улицы, сократилось на 7,5%, что эквивалентно 43 000 водителей меньше каждый будний день.", + "Снижение трафика улучшило поток движения и увеличило скорость автобусов, при этом некоторые экспресс-автобусы испытывают рост числа пассажиров.", + "Метрополитенское транспортное управление (MTA) использует доходы от сборов, оцениваемые в 500 миллионов долларов в год, для улучшения транспорта, несмотря на некоторое политическое сопротивление." + ], + "commentSummary": [ + "Введение платы за въезд в Манхэттен привело к сокращению числа водителей на 43 000, что способствовало увеличению скорости движения автобусов и, возможно, улучшению времени реагирования экстренных служб.", + "Политика направлена на снижение заторов на дорогах и улучшение качества воздуха, хотя она вызвала дебаты по поводу ее влияния на людей с низким доходом.", + "Сторонники утверждают, что преимущества включают более эффективный общественный транспорт и более чистый воздух, в то время как продолжаются обсуждения о том, как сбалансировать эти преимущества с потребностями водителей." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.sk.json b/records/2025-01-14/2025-01-14.sk.json new file mode 100644 index 000000000..9e7acab7f --- /dev/null +++ b/records/2025-01-14/2025-01-14.sk.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "„Výskumník bezpečnosti Snyk nasadzuje škodlivé balíky NPM zamerané na cursor.com“", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "„Bezpečnostný výskumník zo spoločnosti Snyk vydal škodlivé NPM balíčky zamerané na Cursor.com, spoločnosť zaoberajúcu sa AI kódovaním, s cieľom zhromažďovať systémové údaje a posielať ich na službu kontrolovanú útočníkom.“", + "„Balíky, identifikované ako „cursor-retrieval“, „cursor-always-local“ a „cursor-shadow-workspace“, boli označené skenerom analýzy balíkov OpenSSF, čo viedlo k upozorneniam MAL-2025-27, MAL-2025-28 a MAL-2025-29.“", + "„Tento incident zdôrazňuje dôležitosť dôkladného preskúmania NPM balíkov pred ich inštaláciou, aby sa predišlo potenciálnym bezpečnostným hrozbám.“" + ], + "commentSummary": [ + "„Bezpečnostný výskumník zo spoločnosti Snyk zverejnil škodlivé balíčky NPM (Node Package Manager) zamerané na cursor.com, čím poukázal na zraniteľnosti spôsobené zmätkom v závislostiach. - Tento incident vyvolal diskusiu o etike bezpečnostného výskumu, najmä pokiaľ ide o verejné zverejňovanie premenných prostredia. - Cursor.com objasnil, že túto akciu neautorizovali, a Snyk sa odvtedy ospravedlnil, čím zdôraznil výzvy pri vyvažovaní ofenzívneho bezpečnostného výskumu s etickými normami.“" + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "„Prešiel som na Firefox a nikdy som sa neobzrel späť“", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "„Firefox je chválený za svoju vynikajúcu správu kariet, vstavanú funkciu Pocket na ukladanie odkazov a súkromie zameraný emailový relé, čo z neho robí silnú alternatívu k Chrome. - Ďalšie funkcie ako užívateľsky prívetivý nástroj na snímanie obrazovky, tlačidlo ChatGPT, funkcia Obraz v obraze, prispôsobiteľné možnosti vyhľadávania a plynulé posúvanie zlepšujú zážitok z prehliadania. - Aj keď Firefox nemá funkciu webových aplikácií ako Chrome, jeho premyslený dizajn a znížené nároky na zdroje ho robia preferovanou voľbou pre niektorých používateľov.“" + ], + "commentSummary": [ + "„Používatelia Firefoxu čelia výzvam zo strany platforiem ako YouTube, ktoré môžu úmyselne zhoršovať zážitok pre používateľov ne-Google prehliadačov alebo tých, ktorí používajú blokovače reklám. - Tento trend vyvoláva obavy o autonómiu používateľov, pretože penalizuje tých, ktorí sa rozhodnú pre web bez reklám a sledovania. - Firefox ponúka jedinečné funkcie, ako sú kontajnerové karty, ktoré zvyšujú súkromie a použiteľnosť, čo z neho robí obľúbenú voľbu pre používateľov hľadajúcich nezávislosť od veľkých korporátne kontrolovaných prehliadačov.“" + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "„Generálny riaditeľ spoločnosti Sonos odstupuje po fiasku s aktualizáciou aplikácie“", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Generálny riaditeľ spoločnosti Sonos rezignoval po kontroverznej aktualizácii aplikácie, ktorá vyžadovala, aby používatelia nahradili drahé zvukové systémy, čo spôsobilo nespokojnosť zákazníkov. - Aktualizácia zaviedla systém založený na cloude, čím sa vzdialila od spoľahlivého Universal Plug and Play (UPnP), čo viedlo k problémom s pripojením a zvýšenej zložitosti. - Táto situácia zdôrazňuje konflikt medzi obchodnými stratégiami a udržiavaním dôvery zákazníkov, keďže generálny riaditeľ prechádza do poradenskej úlohy s odstupným balíkom.“" + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "„V bruchu MrBeasta“", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Esej skúma, ako YouTube algoritmus ovplyvňuje tvorbu obsahu, pričom ako prípadovú štúdiu používa MrBeasta, a zdôrazňuje posun smerom k obsahu zameranému na zapojenie skôr než na zmysluplný obsah. - Diskutuje o širších dôsledkoch pre mediálnu gramotnosť a kultúrny vplyv platforiem ako YouTube a TikTok, naznačujúc trend smerom k povrchnému a reakčnému obsahu. - Zvažujú sa rôzne perspektívy o úlohe algoritmov pri formovaní obsahu a vplyve populárnych tvorcov na kultúrne normy.“" + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "„Operácie Git na GitHube sú nefunkčné“", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "„GitHub čelil výpadku operácií Git 13. januára 2025 kvôli zmene konfigurácie, ktorá ovplyvnila interný vyvažovač záťaže, a trval od 23:35 do 00:24 UTC. - Problém bol vyriešený návratom k pôvodnej konfigurácii a GitHub pracuje na zlepšení monitorovacích a nasadzovacích procesov, aby sa predišlo podobným incidentom. - Výpadok tiež ovplyvnil služby GitHub Actions a Pages, čo poukazuje na prepojenú povahu ich platformových služieb.“" + ], + "commentSummary": [ + "„GitHub čelil veľkému výpadku, ktorý ovplyvnil git operácie, čo viedlo k zmätku medzi vývojármi, ktorí spočiatku podozrievali problémy so svojimi SSH kľúčmi alebo lokálnymi konfiguráciami. - Incident zdôraznil výzvy spojené so spoliehaním sa na centralizované služby, čo podnietilo diskusie o výhodách samohostovania a decentralizovaných systémov. - Hoci bol problém vyriešený, poukázal na obavy o spoľahlivosť GitHubu a riziká spoliehania sa na platformy tretích strán pre základné úlohy.“" + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "„ZFS 2.3 vydaný s rozšírením ZFS raidz“", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "„OpenZFS 2.3.0 bol vydaný a prináša významné funkcie ako rozšírenie RAIDZ, rýchlu deduplikáciu, priamy vstup/výstup, výstup vo formáte JSON a podporu pre dlhé názvy súborov. - Vydanie zahŕňa dôležité opravy chýb a vylepšenia výkonu, kompatibilné s jadrami Linuxu 4.18 - 6.12 a verziami FreeBSD 13.3, 14.0 - 14.2. - Aktualizácia je výsledkom spolupráce 134 prispievateľov, s dostupnou komplexnou dokumentáciou a záznamom zmien na preštudovanie.“" + ], + "commentSummary": [ + "„ZFS 2.3 bol vydaný, prinášajúc funkcie ako rozšírenie RAIDZ, rýchlu deduplikáciu, priamy IO, výstup v JSON a podporu pre dlhé názvy súborov. - Rozšírenie RAIDZ je obzvlášť pozoruhodné, pretože umožňuje používateľom pridávať nové zariadenia do existujúceho RAIDZ poolu bez prestojov, čím zvyšuje kapacitu úložiska. - Vydanie je považované za významný pokrok pre používateľov ZFS, pričom sa porovnáva s inými súborovými systémami ako Btrfs a Windows Storage Spaces, napriek niektorým obmedzeniam, ako je neschopnosť zmenšiť pooly.“" + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "„Webtop – kontajnery Alpine, Ubuntu, Fedora a Arch obsahujúce plné desktopové prostredia“", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "„Linuxserver/webtop poskytuje kontajnery založené na Alpine, Ubuntu, Fedora a Arch s plnými desktopovými prostrediami prístupnými cez webové prehliadače, podporujúcimi architektúry x86-64 aj arm64.“", + "„Používatelia si môžu vybrať z rôznych desktopových prostredí, ako sú XFCE, KDE, MATE, i3, Openbox a IceWM, pomocou špecifických značiek obrázkov a pristupovať k Webtopu prostredníctvom určených URL adries.“", + "„Bezpečnostné funkcie zahŕňajú možnosť seccomp v Dockeri a nastavenie autentifikácie, s možnosťami prispôsobenia prostredníctvom premenných prostredia a podporou akcelerácie GPU s open-source ovládačmi.“" + ], + "commentSummary": [ + "„Webtop poskytuje kontajnery s plnými desktopovými prostrediami pre Alpine, Ubuntu, Fedora a Arch, vhodné pre rýchle nastavenia za VPN.“", + "„Používatelia chvália Webtop za jeho rýchlosť a jednoduchosť použitia, najmä keď sa používa s kontajnerom Gluetun pre zabezpečené pripojenia, ale varujú pred vystavením kontajnerov internetu bez bezpečnostných opatrení kvôli absencii predvolenej autentifikácie.“", + "„Projekt je cenený za to, že je open-source a flexibilný, pričom používatelia zdieľajú konfigurácie, a alternatívy ako Kasm a Selkies sú známe pre podobné účely.“" + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "„1 z 5 online pracovných ponúk je buď falošná, alebo nikdy nie je obsadená, zistila štúdia“", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "„Nedávna štúdia naznačuje, že 20 % online pracovných ponúk je buď falošných, alebo zostáva neobsadených, čo pridáva k frustrácii uchádzačov o zamestnanie. - Tento trend „duchovných pracovných miest“ môže byť taktikou spoločností na projekciu obrazu rastu. - Pracovné platformy ako Greenhouse a LinkedIn zaviedli služby overovania pracovných miest, aby pomohli používateľom identifikovať skutočné pracovné príležitosti.“" + ], + "commentSummary": [ + "„Štúdia odhaľuje, že 20 % online pracovných ponúk je buď falošných, alebo zostáva neobsadených, často kvôli tomu, že spoločnosti musia dodržiavať imigračné politiky USA. - Spoločnosti môžu tiež ponechať pracovné ponuky zverejnené, aby našli ideálnych kandidátov, zmenili požiadavky alebo mali vopred vybraných interných kandidátov. - Trh práce je pre uchádzačov náročný, často sa stretávajú s ignorovaním a automatizovanými odmietnutiami, čo vyvoláva výzvy na regulačné zásahy.“" + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "„Urobiť križovatku nebezpečnou pre chodcov, aby sa ušetrili sekundy pre vodičov“", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Debata sa sústreďuje na to, či by križovatky mali uprednostňovať bezpečnosť chodcov alebo efektívnosť vodičov, pričom niektorí uprednostňujú svetelne riadené križovatky a prechody pre chodcov pred štvorcestnými zastaveniami.“", + "„Názory na dopravné zákony a návrh infraštruktúry sa líšia, pričom sa diskutuje o bezpečnosti prechádzania mimo priechodu a rizikách spojených s odbočovaním doprava na červenú.“", + "„Niektorí obhajujú alternatívne riešenia, ako sú kruhové objazdy alebo prijatie holandských štandardov dopravného inžinierstva na zvýšenie bezpečnosti a efektívnosti.“" + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "„PostgreSQL je systém na správu databáz roka 2024“", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "„PostgreSQL získal ocenenie DBMS roka 2024 od DB-Engines, čím dosiahol toto uznanie už piatykrát, prekonávajúc 423 ďalších systémov na správu databáz.“", + "„PostgreSQL, s históriou trvajúcou takmer 35 rokov, naďalej inovuje, čo je vidieť na nedávnych vylepšeniach PostgreSQL 17, vydaných v septembri 2024.“", + "„Snowflake a Microsoft si zabezpečili druhé a tretie miesto, pričom Snowflake je známy svojím cloudovým dátovým skladovaním a podporou viacerých cloudov, zatiaľ čo Microsoft ponúka robustné spravované relačné databázy prostredníctvom Azure SQL Database a SQL Server.“" + ], + "commentSummary": [ + "„PostgreSQL bol ocenený ako Systém na správu databáz roka 2024 podľa db-engines.com, čo zdôrazňuje jeho rastúcu popularitu a uznanie v priemysle.“", + "„Používatelia zvažujú prechod z Microsoft SQL Server na PostgreSQL kvôli vysokým licenčným nákladom a obmedzeniam zdrojov, napriek potenciálnym výzvam pri migrácii.“", + "„PostgreSQL je obľúbený pre svoje robustné funkcie a nákladovú efektívnosť, čo z neho robí preferovanú voľbu pre budúce projekty, hoci niektorí používatelia skúmajú alternatívy ako Babelfish na zníženie nákladov.“" + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "„Google OAuth prihlásenie nechráni pred kúpou domény neúspešného startupu“", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "„Diskusia poukazuje na zraniteľnosť v systéme prihlásenia Google OAuth, keď doménu neúspešného startupu získa nový vlastník, čo môže potenciálne umožniť neoprávnený prístup k službám.“", + "„Tento problém vzniká, pretože Google nemusí rozlišovať medzi pôvodnými a novými vlastníkmi domény, čo ovplyvňuje akýkoľvek systém, ktorý používa autentifikáciu založenú na doméne.“", + "„Navrhovaným riešením je použitie jedinečných identifikátorov, ktoré zostávajú konštantné v priebehu času, hoci implementácia tohto riešenia sa líši medzi poskytovateľmi identity.“" + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "„Používanie programovacích zručností na vytváranie pasívneho príjmu“", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "„Autor prešiel z pozície CTO na solopodnikateľa a úspešne zarába viac prostredníctvom portfólia softvérových produktov.“", + "„Kľúčové stratégie zahŕňajú zameranie sa na hlbokú prácu, začínanie s malými projektmi, rýchle iterovanie a venovanie času marketingovým aktivitám.“", + "„Cesta zdôrazňuje odolnosť kvôli neistotám, ale vyzdvihuje neprekonateľnú autonómiu a slobodu tejto kariérnej cesty, čím povzbudzuje tých, ktorí majú zručnosti v kódovaní, aby ju zvážili ako pasívny príjem.“" + ], + "commentSummary": [ + "„Používateľ opísal generovanie pasívneho príjmu prostredníctvom SEO spamových webových stránok pomocou expirovaných doménových mien, pričom zarábal približne 30 tisíc dolárov ročne, napriek etickým obavám a následnému zásahu zo strany Googlu.“", + "„Príspevok vyvolal diskusiu o pasívnom príjme, pričom niektorí používatelia tvrdili, že je to skôr podobné vedeniu podnikania než skutočne pasívnym zárobkom.“", + "„Účastníci sa podelili o skúsenosti a výzvy v bočných projektoch, pričom zdôraznili dôležitosť času, odolnosti a strategického plánovania.“" + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "„Španielsko navrhuje 100% daň na domy kúpené obyvateľmi mimo EÚ“", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "„Španielsko zvažuje 100% daň na nákupy nehnuteľností obyvateľmi mimo EÚ, s cieľom riešiť krízu bývania a obmedziť špekulatívne nákupy.“", + "„Návrh premiéra Pedra Sáncheza zahŕňa rozšírenie sociálneho bývania a reguláciu turistických prenájmov na riešenie rozdielu medzi cenami bývania a príjmami.“", + "„Budúcnosť návrhu ako zákona je neistá, pričom niektorí analytici ho vnímajú skôr ako odstrašujúci prostriedok pre zahraničných investorov než ako zaručenú legislatívnu zmenu.“" + ], + "commentSummary": [ + "„Španielsko zvažuje 100% daň na domy kúpené obyvateľmi mimo EÚ, aby riešilo problémy s dostupnosťou bývania. - Kritici naznačujú, že zahraniční kupci nie sú hlavnou príčinou vysokých cien bývania, pričom ako významnejšie faktory uvádzajú pomalú byrokraciu a územné zákony. - Návrh vyvolal diskusiu o úlohe zahraničného vlastníctva na trhoch s bývaním a jeho účinnosti pri riešení problémov s dostupnosťou.“" + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "„Apple čoskoro dostane čipy 'vyrobené v Amerike' z továrne TSMC v Arizone“", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "„Apple testuje procesory z arizonského závodu TSMC s plánmi na hromadnú výrobu do prvého štvrťroka, pričom by sa mohol stať prvým americkým zákazníkom TSMC pre lokálne vyrábané čipy. - Táto iniciatíva má za cieľ posilniť americkú nezávislosť na silikóne, čím sa zníži závislosť na Taiwane, ktorý je zraniteľný voči geopolitickým a prírodným rizikám. - Arizonská továreň TSMC má vyrábať pokročilé 3nm a 2nm čipy, pričom prebiehajú snahy o zlepšenie miestneho náboru a partnerstiev s americkými univerzitami, hoci balenie sa spočiatku bude vykonávať na Taiwane, kým nebude prevádzková továreň v Peorii.“" + ], + "commentSummary": [ + "„Apple dostane čipy z arizonskej továrne TSMC, ale musia byť poslané späť na Taiwan na balenie kvôli nedostatočným zariadeniam v USA. - Viac ako 50 % pracovnej sily v arizonskej továrni pochádza z Taiwanu, čo naznačuje medzeru v oblasti STEM (veda, technológia, inžinierstvo a matematika) v USA. - Iniciatíva CHIPS Act, zameraná na posilnenie výroby polovodičov v USA, čelí výzvam, pretože označenie „Vyrobené v Amerike“ je spochybňované kvôli procesu balenia prebiehajúcemu na Taiwane, s plánmi na americké baliace kapacity do roku 2027.“" + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "„O 43 tisíc menej vodičov na cestách v Manhattane po zavedení poplatkov za preťaženie dopravy“", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "„Po zavedení poplatkov za preťaženie došlo k zníženiu počtu vodičov vstupujúcich do Manhattanu pod 60. ulicou o 7,5 %, čo predstavuje o 43 000 menej vodičov každý pracovný deň.“", + "„Zníženie premávky zlepšilo plynulosť dopravy a zvýšilo rýchlosť autobusov, pričom niektoré expresné autobusy zaznamenali vyšší počet cestujúcich.“", + "„Metropolitný dopravný úrad (MTA) využíva príjmy z mýta, odhadované na 500 miliónov dolárov ročne, na zlepšenie dopravy, napriek určitému politickému odporu.“" + ], + "commentSummary": [ + "„Zavedenie poplatkov za preťaženie dopravy na Manhattane viedlo k zníženiu počtu vodičov o 43 000, čo viedlo k zvýšeniu rýchlosti autobusov a potenciálne lepším časom reakcie záchranných služieb.“", + "„Politika je navrhnutá tak, aby znížila dopravné zápchy a zlepšila kvalitu ovzdušia, hoci vyvolala diskusiu o jej dopade na osoby s nižšími príjmami.“", + "„Zástancovia tvrdia, že výhody zahŕňajú efektívnejšiu verejnú dopravu a čistejší vzduch, zatiaľ čo diskusie pokračujú o vyvážení týchto výhod s potrebami vodičov.“" + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.sv.json b/records/2025-01-14/2025-01-14.sv.json new file mode 100644 index 000000000..c216d6ec3 --- /dev/null +++ b/records/2025-01-14/2025-01-14.sv.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "En säkerhetsforskare från Snyk distribuerar skadliga NPM-paket som riktar sig mot cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "En säkerhetsforskare från Snyk släppte skadliga NPM-paket som riktade sig mot Cursor.com, ett AI-kodningsföretag, för att samla in systemdata och skicka den till en tjänst kontrollerad av angriparen.", + "Paketen, identifierade som \"cursor-retrieval\", \"cursor-always-local\" och \"cursor-shadow-workspace\", flaggades av OpenSSF:s paketanalysverktyg, vilket resulterade i rådgivningar MAL-2025-27, MAL-2025-28 och MAL-2025-29.", + "Denna incident belyser vikten av att granska NPM-paket innan installation för att undvika potentiella säkerhetshot." + ], + "commentSummary": [ + "En säkerhetsforskare från Snyk släppte skadliga NPM (Node Package Manager) paket riktade mot cursor.com, vilket belyser sårbarheter i beroendekonfusion. - Händelsen har väckt en debatt om etiken inom säkerhetsforskning, särskilt när det gäller offentlig exponering av miljövariabler. - Cursor.com klargjorde att de inte godkände åtgärden, och Snyk har sedan dess bett om ursäkt, vilket understryker utmaningarna i att balansera offensiv säkerhetsforskning med etiska standarder." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "Jag bytte till Firefox och har aldrig sett tillbaka", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox beröms för sin överlägsna flikhantering, inbyggda Pocket-funktion för att spara länkar och en integritetsfokuserad e-postrelä, vilket gör det till ett starkt alternativ till Chrome. - Ytterligare funktioner som ett användarvänligt skärmdumpsverktyg, en ChatGPT-knapp, Bild-i-bild, anpassningsbara sökalternativ och smidig rullning förbättrar surfupplevelsen. - Även om Firefox saknar Chromes webbappfunktion, gör dess genomtänkta design och minskade resurskrav det till ett föredraget val för vissa användare." + ], + "commentSummary": [ + "Firefox-användare står inför utmaningar från plattformar som YouTube, som kan avsiktligt försämra upplevelsen för icke-Google-webbläsare eller användare som använder annonsblockerare. - Denna trend väcker oro över användarens autonomi, eftersom den straffar dem som väljer en annonsfri och övervakningsfri webbupplevelse. - Firefox erbjuder unika funktioner, såsom containerflikar, som förbättrar integritet och användbarhet, vilket gör det till ett föredraget val för användare som söker oberoende från stora företagskontrollerade webbläsare." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Sonos VD avgår efter appuppdateringsfiasko", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Sonos VD har avgått efter en kontroversiell appuppdatering som krävde att användare ersatte kostsamma ljudsystem, vilket orsakade kundmissnöje. - Uppdateringen introducerade ett molnbaserat system, vilket innebar en övergång från det pålitliga Universal Plug and Play (UPnP), vilket ledde till anslutningsproblem och ökad komplexitet. - Denna situation understryker konflikten mellan affärsstrategier och att upprätthålla kundförtroende, då VD:n övergår till en rådgivande roll med ett avgångsvederlag." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "I magen på MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Uppsatsen undersöker hur YouTubes algoritm påverkar innehållsskapande, med MrBeast som ett fallstudieexempel, och belyser en förskjutning mot engagemangsdrivet snarare än meningsfullt innehåll. - Den diskuterar de bredare konsekvenserna för medieläskunnighet och den kulturella påverkan av plattformar som YouTube och TikTok, och föreslår en trend mot ytligt och reaktionärt innehåll. - Olika perspektiv beaktas på algoritmers roll i att forma innehåll och populära skapares inflytande på kulturella normer." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "GitHub Git-operationer är nere", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub drabbades av ett avbrott i Git-operationer den 13 januari 2025 på grund av en konfigurationsändring som påverkade den interna lastbalanseraren, vilket varade från 23:35 till 00:24 UTC. - Problemet löstes genom att återställa konfigurationsändringen, och GitHub arbetar på att förbättra övervaknings- och distributionsprocesser för att förhindra liknande incidenter. - Avbrottet påverkade även GitHubs Actions- och Pages-tjänster, vilket belyser den sammanlänkade naturen hos deras plattformstjänster." + ], + "commentSummary": [ + "GitHub drabbades av ett stort avbrott som påverkade git-operationer, vilket ledde till förvirring bland utvecklare som initialt misstänkte problem med sina SSH-nycklar eller lokala konfigurationer. - Händelsen betonade utmaningarna med att förlita sig på centraliserade tjänster och ledde till diskussioner om fördelarna med egen hosting och decentraliserade system. - Även om problemet löstes, belyste det oro över GitHubs tillförlitlighet och riskerna med att vara beroende av tredjepartsplattformar för viktiga uppgifter." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 släppt med ZFS raidz-expansion", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 har släppts och introducerar betydande funktioner som RAIDZ Expansion, snabb deduplicering, direkt in-/utmatning, JSON-utmatning och stöd för långa filnamn. - Utgåvan inkluderar viktiga buggfixar och prestandaförbättringar, kompatibel med Linux-kärnor 4.18 - 6.12 och FreeBSD-versioner 13.3, 14.0 - 14.2. - Uppdateringen är ett samarbetsprojekt från 134 bidragsgivare, med omfattande dokumentation och en ändringslogg tillgänglig för granskning." + ], + "commentSummary": [ + "ZFS 2.3 har släppts och introducerar funktioner som RAIDZ-expansion, snabb deduplicering, direkt IO, JSON-utdata och stöd för långa filnamn. - RAIDZ-expansion är särskilt anmärkningsvärd eftersom den tillåter användare att lägga till nya enheter till en befintlig RAIDZ-pool utan driftstopp, vilket ökar lagringskapaciteten. - Utgåvan anses vara ett betydande framsteg för ZFS-användare och jämförs med andra filsystem som Btrfs och Windows Storage Spaces, trots vissa begränsningar som oförmågan att krympa pooler." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Alpine, Ubuntu, Fedora och Arch-containrar som innehåller fullständiga skrivbordsmiljöer", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop tillhandahåller containrar baserade på Alpine, Ubuntu, Fedora och Arch med fullständiga skrivbordsmiljöer som är tillgängliga via webbläsare, och stöder både x86-64 och arm64-arkitekturer.", + "Användare kan välja mellan olika skrivbordsmiljöer som XFCE, KDE, MATE, i3, Openbox och IceWM genom att använda specifika bildtaggar, och få tillgång till Webtop via angivna URL:er.", + "Till säkerhetsfunktionerna hör Dockers seccomp-alternativ och autentiseringsinställningar, med anpassningsmöjligheter tillgängliga via miljövariabler, samt stöd för GPU-acceleration med öppen källkod-drivrutiner." + ], + "commentSummary": [ + "Webtop tillhandahåller containrar med fullständiga skrivbordsmiljöer för Alpine, Ubuntu, Fedora och Arch, lämpliga för snabba installationer bakom en VPN.", + "Användare berömmer Webtop för dess snabbhet och användarvänlighet, särskilt när det används med Gluetun-containern för säkra anslutningar, men varnar för att exponera containrar för internet utan säkerhetsåtgärder på grund av brist på standardautentisering.", + "Projektet värderas för att vara öppen källkod och flexibelt, med användare som delar konfigurationer, och alternativ som Kasm och Selkies noteras för liknande ändamål." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 av 5 jobbannonser online är antingen falska eller aldrig tillsatta, enligt en studie.", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "En nyligen genomförd studie visar att 20% av online-jobbannonser antingen är falska eller förblir obesatta, vilket ökar frustrationen hos arbetssökande. - Denna trend med \"spökjobb\" kan vara en taktik för företag att projicera en bild av tillväxt. - Jobbplattformar som Greenhouse och LinkedIn har infört tjänster för jobbverifiering för att hjälpa användare att identifiera äkta jobbmöjligheter." + ], + "commentSummary": [ + "En studie avslöjar att 20% av onlinejobbannonser antingen är falska eller förblir obesatta, ofta på grund av att företag behöver följa amerikanska immigrationsregler. - Företag kan också låta jobbannonser vara kvar för att hitta idealiska kandidater, ändra krav eller ha förvalda interna kandidater. - Arbetsmarknaden är svår för sökande, som ofta stöter på ghosting och automatiserade avslag, vilket leder till krav på reglerande ingripanden." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Att göra en korsning osäker för fotgängare för att spara sekunder för bilister", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Debatten kretsar kring huruvida korsningar bör prioritera fotgängarsäkerhet eller förarens effektivitet, där vissa föredrar ljusreglerade korsningar och fotgängarövergångar framför fyrvägsstopp.", + "Åsikterna varierar om trafiklagar och infrastrukturdesign, med diskussioner om säkerheten vid att gå mot röd gubbe och riskerna förknippade med högersvängar vid rött ljus.", + "Vissa förespråkar alternativa lösningar som rondeller eller att anta nederländska trafikingenjörsstandarder för att förbättra både säkerhet och effektivitet." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL är Årets Databashanteringssystem 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL har tilldelats utmärkelsen DBMS of the Year 2024 av DB-Engines, och har därmed uppnått denna erkänsla för femte gången, vilket överträffar 423 andra databashanteringssystem.", + "PostgreSQL, med en historia som sträcker sig över nästan 35 år, fortsätter att förnya sig, vilket ses i de senaste förbättringarna av PostgreSQL 17, som släpptes i september 2024.", + "Snowflake och Microsoft säkrade andra respektive tredje plats, där Snowflake noterades för sin molnbaserade datalagring och stöd för flera moln, medan Microsoft erbjuder robusta hanterade relationsdatabaser genom Azure SQL Database och SQL Server." + ], + "commentSummary": [ + "PostgreSQL har tilldelats utmärkelsen Årets Databashanteringssystem 2024 av db-engines.com, vilket understryker dess växande popularitet och erkännande inom branschen.", + "Användare överväger att byta från Microsoft SQL Server till PostgreSQL på grund av höga licenskostnader och resursbegränsningar, trots potentiella migrationsutmaningar.", + "PostgreSQL är omtyckt för sina robusta funktioner och kostnadseffektivitet, vilket gör det till ett föredraget val för framtida projekt, även om vissa användare utforskar alternativ som Babelfish för att minska kostnaderna." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Googles OAuth-inloggning skyddar inte mot att köpa en misslyckad startup-domän", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Diskussionen belyser en sårbarhet i Googles OAuth-inloggningssystem när en misslyckad startups domän förvärvas av en ny ägare, vilket potentiellt kan tillåta obehörig åtkomst till tjänster.", + "Detta problem uppstår eftersom Google kanske inte kan skilja mellan de ursprungliga och nya domänägarna, vilket påverkar alla system som använder domänbaserad autentisering.", + "En föreslagen lösning är att använda unika identifierare som förblir konstanta över tid, även om implementeringen av denna lösning varierar mellan olika identitetsleverantörer." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Använda kodningsfärdigheter för att skapa passiv inkomst", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "Författaren övergick från en CTO-roll till att bli soloprenör och tjänade framgångsrikt mer genom en portfölj av mjukvaruprodukter.", + "Nyckelstrategier inkluderar att fokusera på djupt arbete, börja med små projekt, iterera snabbt och ägna tid åt marknadsföringsinsatser.", + "Resan betonar motståndskraft på grund av osäkerheter, men framhäver den oöverträffade autonomin och friheten i denna karriärväg, vilket uppmuntrar dem med kodningsfärdigheter att överväga den för passiv inkomst." + ], + "commentSummary": [ + "En användare beskrev hur de genererade passiv inkomst genom SEO-spamwebbplatser med hjälp av utgående domännamn, och tjänade cirka 30 000 dollar årligen, trots etiska betänkligheter och Googles slutliga nedslag.", + "Det inlägget väckte en debatt om passiv inkomst, där vissa användare hävdade att det liknar mer att driva ett företag än verkligt passiva intäkter.", + "Deltagarna delade med sig av erfarenheter och utmaningar i sidoprojekt, och betonade vikten av tid, motståndskraft och strategisk planering." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Spanien föreslår 100% skatt på bostäder köpta av icke-EU-invånare", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "Spanien överväger en 100% skatt på fastighetsköp av icke-EU-invånare, med målet att hantera bostadskrisen och begränsa spekulativa köp.", + "Premiärminister Pedro Sánchez förslag inkluderar att utöka socialt boende och reglera turistuthyrning för att hantera skillnaden mellan bostadspriser och inkomster.", + "Förslagets framtid som lag är osäker, med vissa analytiker som ser det som en avskräckande faktor för utländska investerare snarare än en garanterad lagändring." + ], + "commentSummary": [ + "Spanien överväger en 100% skatt på bostäder köpta av icke-EU-invånare för att hantera problem med bostadspriser. - Kritiker menar att utländska köpare inte är den främsta orsaken till höga bostadspriser och pekar på långsam byråkrati och zonindelningar som mer betydande faktorer. - Förslaget har väckt en debatt om utländskt ägandes roll på bostadsmarknaderna och dess effektivitet i att lösa prisfrågor." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple kommer snart att få 'tillverkade i Amerika' chips från TSMC:s fabrik i Arizona", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple testar processorer från TSMC:s anläggning i Arizona, med planer på massproduktion under första kvartalet, vilket potentiellt gör dem till TSMC:s första amerikanska kund för lokalt tillverkade chip. - Detta initiativ syftar till att stärka USA:s kiseloberoende och minska beroendet av Taiwan, som är sårbart för geopolitiska och naturliga risker. - TSMC:s fabrik i Arizona ska producera avancerade 3nm och 2nm chip, med pågående ansträngningar för att förbättra lokal rekrytering och samarbeten med amerikanska universitet, även om förpackning initialt kommer att ske i Taiwan tills anläggningen i Peoria är i drift." + ], + "commentSummary": [ + "Apple kommer att få chips från TSMC:s fabrik i Arizona, men de måste skickas tillbaka till Taiwan för förpackning på grund av otillräckliga anläggningar i USA. - Över 50 % av arbetskraften vid fabriken i Arizona kommer från Taiwan, vilket indikerar en brist inom det amerikanska STEM-området (vetenskap, teknik, ingenjörskonst och matematik). - CHIPS Act-initiativet, som syftar till att förbättra den amerikanska halvledartillverkningen, står inför utmaningar då \"Made in America\"-märkningen ifrågasätts på grund av att förpackningsprocessen sker i Taiwan, med planer på amerikanska förpackningsmöjligheter till 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43 000 färre förare på Manhattans vägar efter att trängselavgifter införts", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Efter att trängselavgifter infördes minskade antalet förare som körde in i Manhattan söder om 60:e gatan med 7,5 %, vilket motsvarar 43 000 färre förare varje vardag.", + "Den minskade trafiken har förbättrat trafikflödet och ökat bussarnas hastighet, med vissa expressbussar som upplever högre passagerarantal.", + "Metropolitan Transportation Authority (MTA) använder intäkterna från vägtullar, uppskattade till 500 miljoner dollar årligen, för förbättringar av kollektivtrafiken, trots viss politisk opposition." + ], + "commentSummary": [ + "Införandet av trängselavgifter på Manhattan har resulterat i 43 000 färre bilister, vilket har lett till ökad busshastighet och potentiellt bättre responstider för räddningstjänsten.", + "Policyn är utformad för att minska trafikstockningar och förbättra luftkvaliteten, även om den har väckt debatt om dess påverkan på låginkomsttagare.", + "Förespråkare hävdar att fördelarna inkluderar mer effektiv kollektivtrafik och renare luft, medan diskussioner fortsätter om att balansera dessa fördelar med förarnas behov." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.ta.json b/records/2025-01-14/2025-01-14.ta.json new file mode 100644 index 000000000..855587704 --- /dev/null +++ b/records/2025-01-14/2025-01-14.ta.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "ச்னிக் பாதுகாப்பு ஆராய்ச்சியாளர் cursor.com ஐ இலக்காகக் கொண்ட தீங்கிழைக்கும் NPM தொகுப்புகளைப் பரப்புகிறார்", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "ஒரு Snyk பாதுகாப்பு ஆராய்ச்சியாளர் Cursor.com என்ற AI குறியீட்டு நிறுவனத்தை இலக்காகக் கொண்ட தீங்கிழைக்கும் NPM தொகுப்புகளை வெளியிட்டு, கணினி தரவுகளை சேகரித்து, அதை தாக்குதலாளி கட்டுப்பாட்டில் உள்ள சேவைக்கு அனுப்பினார்.", + "பொதியங்கள், \"கர்சர்-மீட்டெடுப்பு,\" \"கர்சர்-எப்போதும்-உள்ளூர்,\" மற்றும் \"கர்சர்-நிழல்-வேலைநிலம்\" என அடையாளம் காணப்பட்டன, OpenSSF பொதிய பகுப்பாய்வு ஸ்கேனர் மூலம் குறிக்கப்படுவதால், MAL-2025-27, MAL-2025-28, மற்றும் MAL-2025-29 என அறிவுறுத்தல்கள் வெளியிடப்பட்டன.", + "இந்த நிகழ்வு, சாத்தியமான பாதுகாப்பு அச்சுறுத்தல்களை தவிர்க்க, நிறுவுவதற்கு முன் NPM தொகுப்புகளை ஆராய்வதின் முக்கியத்துவத்தை வெளிப்படுத்துகிறது." + ], + "commentSummary": [ + "ஒரு Snyk பாதுகாப்பு ஆராய்ச்சியாளர் cursor.com-ஐ குறிவைத்து தீங்கிழைக்கும் NPM (Node Package Manager) தொகுப்புகளை வெளியிட்டார், சார்பு குழப்பம் பாதிப்புகளை வெளிப்படுத்தினார். - இந்த சம்பவம் பாதுகாப்பு ஆராய்ச்சியின் நெறிமுறைகள் குறித்து விவாதத்தை தூண்டியுள்ளது, குறிப்பாக சூழல் மாறிலிகளை பொது வெளியில் வெளிப்படுத்துவது தொடர்பாக. - Cursor.com அவர்கள் இந்த நடவடிக்கையை அங்கீகரிக்கவில்லை என்று தெளிவுபடுத்தியது, மேலும் Snyk மன்னிப்பு கேட்டுள்ளது, நெறிமுறைகள் மற்றும் தாக்குதல் பாதுகாப்பு ஆராய்ச்சியை சமநிலைப்படுத்துவதில் உள்ள சவால்களை வலியுறுத்துகிறது." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "நான் ஃபயர்பாக்ஸுக்கு மாறினேன் மற்றும் மீண்டும் ஒருபோதும் திரும்பிப் பார்க்கவில்லை", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox அதன் மேம்பட்ட தாவல் மேலாண்மை, இணைக்கப்பட்ட பாக்கெட் அம்சம் மூலம் இணைப்புகளை சேமிக்க, மற்றும் தனியுரிமை மையமாகிய மின்னஞ்சல் ரிலே ஆகியவற்றிற்காக பாராட்டப்படுகிறது, இதனால் இது Chrome க்கு ஒரு வலுவான மாற்றாக உள்ளது. - பயனர் நட்பு ஸ்கிரீன்ஷாட் கருவி, ChatGPT பொத்தான், படம்-இன்-படம், தனிப்பயனாக்கக்கூடிய தேடல் விருப்பங்கள், மற்றும் மென்மையான ஸ்க்ரோலிங் போன்ற கூடுதல் அம்சங்கள் உலாவல் அனுபவத்தை மேம்படுத்துகின்றன. - Firefox Chrome இன் வலை பயன்பாட்டு அம்சத்தை கொண்டிருக்கவில்லை என்றாலும், அதன் சிந்தனையுடன் வடிவமைப்பு மற்றும் குறைந்த வள தேவைகள் சில பயனர்களுக்கு விருப்பமான தேர்வாக இதை மாற்றுகின்றன." + ], + "commentSummary": [ + "பயன்பாட்டாளர்கள், யூடியூப் போன்ற தளங்களால் எதிர்கொள்ளும் சவால்கள், குறிப்பாக கூகிள் அல்லாத உலாவிகள் அல்லது விளம்பர தடுப்பிகளை பயன்படுத்தும் பயனர்களுக்கு அனுபவத்தை குறைக்கலாம். - இந்த போக்கு பயனர் சுயாதீனத்திற்கான கவலைகளை எழுப்புகிறது, ஏனெனில் இது விளம்பரமற்ற மற்றும் கண்காணிப்பற்ற இணைய அனுபவத்தை தேர்ந்தெடுக்கும் பயனர்களை தண்டிக்கிறது. - பயனர் சுயாதீனத்திற்காக பெரும் நிறுவனங்களால் கட்டுப்படுத்தப்படும் உலாவிகளில் இருந்து விடுபட விரும்பும் பயனர்களுக்கு, பிரத்தியேக தன்மை மற்றும் பயன்பாட்டை மேம்படுத்தும் கொண்டெய்னர் டேப்கள் போன்ற தனித்துவமான அம்சங்களை வழங்குவதால், ஃபயர்பாக்ஸ் ஒரு விருப்பமான தேர்வாக உள்ளது." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "சோனோஸ் தலைமை நிர்வாக அதிகாரி செயலி புதுப்பிப்பு சிக்கலுக்குப் பிறகு பதவி விலகினார்", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "சோனோஸ் நிறுவனத்தின் தலைமை நிர்வாக அதிகாரி, வாடிக்கையாளர்களின் அதிருப்தியை ஏற்படுத்திய விலையுயர்ந்த ஒலிக்கருவிகளை மாற்ற வலியுறுத்திய சர்ச்சைக்குரிய செயலி புதுப்பிப்பைத் தொடர்ந்து ராஜினாமா செய்துள்ளார். - இந்த புதுப்பிப்பு மேக அடிப்படையிலான அமைப்பை அறிமுகப்படுத்தியது, நம்பகமான யுனிவர்சல் பிளக் அண்ட் பிளே (UPnP) முறையிலிருந்து விலகியது, இது இணைப்பு சிக்கல்களை மற்றும் அதிகரித்த சிக்கல்களை ஏற்படுத்தியது. - இந்த நிலைமை வணிக உத்திகள் மற்றும் வாடிக்கையாளர் நம்பிக்கையை பராமரிப்பதற்கிடையிலான மோதலை வலியுறுத்துகிறது, ஏனெனில் தலைமை நிர்வாக அதிகாரி ஒரு ஆலோசனைப் பங்கிற்கு மாற்றம் செய்யப்படுகிறார் மற்றும் ஒரு பிரிவு தொகுப்புடன்." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "MrBeast என்பவரின் வயிற்றில்", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "கட்டுரை YouTube இன் ஆல்கொரிதம் உள்ளடக்க உருவாக்கத்தை எவ்வாறு பாதிக்கிறது என்பதை ஆய்வு செய்கிறது, MrBeast ஐ ஒரு வழக்குக் கற்பிதமாகக் கொண்டு, ஈர்ப்பை மையமாகக் கொண்ட உள்ளடக்கத்திற்கேற்ற மாற்றத்தை வெளிப்படுத்துகிறது. - இது ஊடக கல்வி மற்றும் YouTube மற்றும் TikTok போன்ற தளங்களின் கலாச்சார தாக்கம் பற்றிய பரந்த விளைவுகளை விவரிக்கிறது, மேற்பரப்பான மற்றும் எதிர்வினை உள்ளடக்கத்திற்கான ஒரு போக்கை முன்மொழிகிறது. - ஆல்கொரிதங்கள் உள்ளடக்கத்தை வடிவமைப்பதில் மற்றும் பிரபலமான உருவாக்குநர்கள் கலாச்சார நெறிமுறைகளில் ஏற்படுத்தும் தாக்கத்தில் பல்வேறு பார்வைகள் பரிசீலிக்கப்படுகின்றன." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "GitHub Git செயல்பாடுகள் செயலிழந்துள்ளன", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub, ஜனவரி 13, 2025 அன்று, உள்துறை சுமை சமநிலை மாற்றத்தை பாதித்த ஒரு கட்டமைப்பு மாற்றம் காரணமாக Git செயல்பாடுகள் தடை ஏற்பட்டது, இது 23:35 முதல் 00:24 UTC வரை நீடித்தது. - இந்த பிரச்சினை கட்டமைப்பு மாற்றத்தை மாற்றுவதன் மூலம் தீர்க்கப்பட்டது, மேலும் இதுபோன்ற சம்பவங்களைத் தடுக்க கண்காணிப்பு மற்றும் பிரசாரம் செயல்முறைகளை மேம்படுத்த GitHub பணியாற்றி வருகிறது. - இந்த தடை GitHub இன் Actions மற்றும் Pages சேவைகளையும் பாதித்தது, அவர்களின் தள சேவைகளின் பரஸ்பர இணைந்த தன்மையை வெளிப்படுத்தியது." + ], + "commentSummary": [ + "GitHub ஒரு முக்கியமான சேவையின்மை பிரச்சினையை எதிர்கொண்டது, இது git செயல்பாடுகளை பாதித்தது, இதனால் முதலில் தங்கள் SSH விசைகள் அல்லது உள்ளூர் கட்டமைப்புகளுடன் பிரச்சினைகள் உள்ளன என்று சந்தேகித்த டெவலப்பர்களுக்கு குழப்பம் ஏற்பட்டது. - இந்த சம்பவம் மையமயமாக்கப்பட்ட சேவைகளின் மீது நம்பிக்கை வைப்பதன் சவால்களை வலியுறுத்தியது, சுய-ஹோஸ்டிங் மற்றும் மையமற்ற அமைப்புகளின் நன்மைகள் பற்றிய விவாதங்களைத் தூண்டியது. - பிரச்சினை தீர்க்கப்பட்டாலும், GitHub இன் நம்பகத்தன்மை மற்றும் முக்கிய பணிகளுக்காக மூன்றாம் தரப்பு தளங்களின் மீது நம்பிக்கை வைப்பதன் அபாயங்களைப் பற்றிய கவலைகளை இது வெளிப்படுத்தியது." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 வெளியிடப்பட்டது ZFS raidz விரிவாக்கத்துடன்", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "TEXT: OpenZFS 2.3.0 வெளியிடப்பட்டுள்ளது, RAIDZ விரிவாக்கம், வேகமான Deduplication, நேரடி உள்ளீடு/வெளியீடு, JSON வெளியீடு மற்றும் நீண்ட கோப்பு பெயர்களுக்கு ஆதரவு போன்ற முக்கிய அம்சங்களை அறிமுகப்படுத்துகிறது. - இந்த வெளியீடு முக்கிய பிழை திருத்தங்கள் மற்றும் செயல்திறன் மேம்பாடுகளை உள்ளடக்கியது, Linux kernels 4.18 - 6.12 மற்றும் FreeBSD பதிப்புகள் 13.3, 14.0 - 14.2 உடன் இணக்கமானது. - இந்த புதுப்பிப்பு 134 பங்களிப்பாளர்களின் கூட்டாண்மை முயற்சியாகும், விரிவான ஆவணங்கள் மற்றும் மாற்றம் பதிவு மதிப்பீட்டிற்காக கிடைக்கின்றன." + ], + "commentSummary": [ + "ZFS 2.3 வெளியிடப்பட்டுள்ளது, RAIDZ விரிவாக்கம், வேகமான டிடுப்ளிகேஷன், நேரடி IO, JSON வெளியீடு, நீண்ட கோப்பு பெயர்களுக்கு ஆதரவு போன்ற அம்சங்களை அறிமுகப்படுத்துகிறது. - RAIDZ விரிவாக்கம் குறிப்பாக குறிப்பிடத்தக்கது, ஏனெனில் இது பயனர்களுக்கு எந்த இடையூறும் இல்லாமல் உள்ள RAIDZ குளத்தில் புதிய சாதனங்களைச் சேர்க்க அனுமதிக்கிறது, சேமிப்பு திறனை மேம்படுத்துகிறது. - இந்த வெளியீடு ZFS பயனர்களுக்கு ஒரு முக்கிய முன்னேற்றமாகக் கருதப்படுகிறது, Btrfs மற்றும் Windows Storage Spaces போன்ற பிற கோப்பக அமைப்புகளுடன் ஒப்பிடப்படுகிறது, குளங்களைச் சுருக்க முடியாதது போன்ற சில வரம்புகள் இருந்தாலும்." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "வலைமேடை – முழுமையான டெஸ்க்டாப் சூழல்களைக் கொண்ட ஆல்பைன், உபுண்டு, ஃபெடோரா மற்றும் ஆர்ச் கண்டெய்னர்கள்", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop ஆனது Alpine, Ubuntu, Fedora, மற்றும் Arch அடிப்படையிலான கன்டெய்னர்களை வழங்குகிறது, அவை முழுமையான டெஸ்க்டாப் சூழல்களை வலை உலாவிகளின் மூலம் அணுகக்கூடியவாறு செய்கின்றன, மேலும் x86-64 மற்றும் arm64 கட்டமைப்புகளையும் ஆதரிக்கின்றன.", + "பயனர்கள் XFCE, KDE, MATE, i3, Openbox, மற்றும் IceWM போன்ற பல்வேறு டெஸ்க்டாப் சூழல்களில் இருந்து தேர்வு செய்யலாம், குறிப்பிட்ட படக்குறிகளைப் பயன்படுத்தி, குறிப்பிட்ட URLகளின் மூலம் வலைமேடையை அணுகலாம்.", + "பாதுகாப்பு அம்சங்களில் Docker இன் seccomp விருப்பம் மற்றும் அங்கீகார அமைப்பு அடங்கும், சூழல் மாறிகள் மூலம் தனிப்பயனாக்கல் விருப்பங்கள் கிடைக்கின்றன, மேலும் திறந்த மூல இயக்கிகள் மூலம் GPU வேகப்படுத்தலுக்கான ஆதரவு உள்ளது." + ], + "commentSummary": [ + "Webtop, Alpine, Ubuntu, Fedora, மற்றும் Arch ஆகியவற்றிற்கான முழுமையான டெஸ்க்டாப் சூழல்களுடன் கொண்டெய்னர்களை வழங்குகிறது, இது VPN பின்னால் விரைவான அமைப்புகளுக்கு ஏற்றதாகும்.", + "பயனர்கள் Webtop ஐ அதன் வேகம் மற்றும் பயன்படுத்த எளிமையான தன்மைக்காக பாராட்டுகின்றனர், குறிப்பாக Gluetun கொண்டெய்னருடன் பாதுகாப்பான இணைப்புகளுக்கு பயன்படுத்தும்போது, ஆனால் இயல்புநிலை அங்கீகாரம் இல்லாததால் பாதுகாப்பு நடவடிக்கைகள் இல்லாமல் கொண்டெய்னர்களை இணையத்துடன் வெளிப்படுத்துவதை எச்சரிக்கின்றனர்.", + "தமிழில் எழுத வேண்டும். இந்த திட்டம் திறந்த மூலமாகவும், நெகிழ்வானதாகவும் மதிக்கப்படுகிறது, பயனர்கள் கட்டமைப்புகளை பகிர்ந்து கொள்கின்றனர், மேலும் Kasm மற்றும் Selkies போன்ற மாற்றுகள் இதே போன்ற நோக்கங்களுக்காக குறிப்பிடப்படுகின்றன." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "ஆன்லைன் வேலைவாய்ப்பு விளம்பரங்களில் 5 இல் 1 என்பது போலியானது அல்லது ஒருபோதும் நிரப்பப்படாதது என்று ஆய்வு கண்டறிந்துள்ளது", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "சமீபத்திய ஆய்வு ஒன்று, ஆன்லைன் வேலைவாய்ப்பு அறிவிப்புகளில் 20% போலியானவையாகவோ அல்லது நிரப்பப்படாதவையாகவோ உள்ளன என்று காட்டுகிறது, இது வேலை தேடுபவர்களின் ஏமாற்றத்தை அதிகரிக்கிறது. - இந்த \"பேய் வேலை\" போக்கு, நிறுவனங்கள் வளர்ச்சி படத்தை வெளிப்படுத்தும் உத்தியாக இருக்கலாம். - கிரீன்ஹவுஸ் மற்றும் லிங்க்ட்இன் போன்ற வேலைவாய்ப்பு தளங்கள், பயனர்களுக்கு உண்மையான வேலை வாய்ப்புகளை அடையாளம் காண உதவ வேலை சரிபார்ப்பு சேவைகளை அறிமுகப்படுத்தியுள்ளன." + ], + "commentSummary": [ + "தமிழில் எழுத வேண்டும். ஒரு ஆய்வு தெரிவிக்கிறது, ஆன்லைன் வேலைவாய்ப்பு அறிவிப்புகளில் 20% போலியானவையாகவோ அல்லது நிரப்பப்படாதவையாகவோ உள்ளன, பெரும்பாலும் அமெரிக்க குடியேற்றக் கொள்கைகளை பின்பற்ற நிறுவனங்கள் தேவைப்படும் காரணத்தினால். - நிறுவனங்கள் கூடுதல் நேரத்திற்காக வேலைவாய்ப்பு அறிவிப்புகளை வைத்திருக்கலாம், சிறந்த வேட்பாளர்களைத் தேட, தேவைகளை மாற்ற, அல்லது முன்பே தேர்ந்தெடுக்கப்பட்ட உள்நாட்டு வேட்பாளர்களை வைத்திருக்கலாம். - வேலை சந்தை விண்ணப்பதாரர்களுக்கு கடினமாக உள்ளது, அவர்கள் அடிக்கடி 'கோஸ்டிங்' மற்றும் தானியங்கி மறுப்புகளை சந்திக்கின்றனர், இது ஒழுங்குமுறை தலையீட்டை கோருகிறது." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "வாகன ஓட்டிகளுக்காக விநாடிகளை சேமிக்க பாதசாரிகளுக்கு ஒரு சந்திப்பை பாதுகாப்பற்றதாக மாற்றுதல்", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "தமிழில் எழுத வேண்டும். விவாதம் சந்திப்புகளில் பாதசாரி பாதுகாப்பை முன்னுரிமைப்படுத்த வேண்டுமா அல்லது வாகன ஓட்டுநரின் செயல்திறனை முன்னுரிமைப்படுத்த வேண்டுமா என்பதைக் குறிக்கிறது, சிலர் ஒளி கட்டுப்பாட்டிலான சந்திப்புகள் மற்றும் பாதசாரி சறுக்கல்களை 4 வழி நிறுத்தங்களுக்குப் பதிலாக ஆதரிக்கின்றனர்.", + "பாதுகாப்பற்ற இடங்களில் சாலையை கடக்குதல் மற்றும் சிவப்பு விளக்கில் வலதுபுறம் திரும்புவதால் ஏற்படும் அபாயங்கள் குறித்து போக்குவரத்து சட்டங்கள் மற்றும் உள்கட்டமைப்பு வடிவமைப்பில் கருத்துக்கள் மாறுபடுகின்றன.", + "தமிழில் எழுத வேண்டும்: சிலர் பாதுகாப்பையும் செயல்திறனையும் மேம்படுத்துவதற்காக சுற்றுச்சாலை அல்லது டச்சு போக்குவரத்து பொறியியல் தரநிலைகளை ஏற்கும் மாற்று தீர்வுகளை ஆதரிக்கின்றனர்." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL 2024 ஆம் ஆண்டின் தரவுத்தள மேலாண்மை அமைப்பாகும்", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL, 2024 ஆம் ஆண்டிற்கான DBMS ஆஃப் தி இயர் விருதை DB-Engines மூலம் பெற்றுள்ளது, 423 பிற தரவுத்தள மேலாண்மை அமைப்புகளை முந்தி, ஐந்தாவது முறையாக இந்த அங்கீகாரத்தை பெற்றுள்ளது.", + "PostgreSQL, 35 ஆண்டுகளுக்கு மேல் நீடிக்கும் வரலாற்றுடன், 2024 செப்டம்பரில் வெளியிடப்பட்ட PostgreSQL 17 இன் சமீபத்திய மேம்பாடுகளில் காணப்படும் புதிய முயற்சிகளை தொடர்ந்து மேற்கொள்கிறது.", + "Snowflake மற்றும் Microsoft முறையே இரண்டாம் மற்றும் மூன்றாம் இடங்களைப் பெற்றன, Snowflake அதன் மேக அடிப்படையிலான தரவுத்தொகுப்பு மற்றும் பல மேக ஆதரவுக்காக குறிப்பிடப்பட்டது, அதேசமயம் Microsoft Azure SQL Database மற்றும் SQL Server மூலம் வலுவான மேலாண்மை செய்யப்பட்ட தொடர்பு தரவுத்தொகுப்புகளை வழங்குகிறது." + ], + "commentSummary": [ + "PostgreSQL 2024 ஆம் ஆண்டிற்கான தரவுத்தள மேலாண்மை அமைப்பு விருதை db-engines.com மூலம் பெற்றுள்ளது, இது அதன் வளர்ந்து வரும் பிரபலத்தையும், தொழில்துறையில் கிடைக்கும் அங்கீகாரத்தையும் வெளிப்படுத்துகிறது.", + "பயனர்கள் மைக்ரோசாஃப்ட் SQL சர்வர் இருந்து PostgreSQL க்கு மாறுவதைக் கருதுகின்றனர், அதிக உரிமம் செலவுகள் மற்றும் வளக் கட்டுப்பாடுகள் காரணமாக, இடமாற்ற சவால்கள் இருந்தாலும்.", + "PostgreSQL அதன் வலுவான அம்சங்கள் மற்றும் செலவுக் குறைவுக்காக விரும்பப்படுகிறது, இது எதிர்கால திட்டங்களுக்கு விருப்பமான தேர்வாக இருக்கிறது, ஆனால் சில பயனர்கள் செலவுகளை குறைக்க Babelfish போன்ற மாற்றங்களை ஆராய்கிறார்கள்." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Google இன் OAuth உள்நுழைவு ஒரு தோல்வியுற்ற ஸ்டார்ட்அப் டொமைனை வாங்குவதிலிருந்து பாதுகாக்காது", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "இந்த விவாதம், தோல்வியடைந்த ஸ்டார்ட்அப்பின் டொமைன் புதிய உரிமையாளரால் கைப்பற்றப்படும் போது, கூகிளின் OAuth உள்நுழைவு அமைப்பில் உள்ள ஒரு பாதிப்பை வெளிப்படுத்துகிறது, இது அனுமதியற்ற அணுகலை சேவைகளுக்கு அனுமதிக்கக்கூடும்.", + "இந்த பிரச்சனை உருவாகிறது, ஏனெனில் கூகுள் அசல் மற்றும் புதிய டொமைன் உரிமையாளர்களை வேறுபடுத்தாமல் இருக்கலாம், இது டொமைன் அடிப்படையிலான அங்கீகாரத்தைப் பயன்படுத்தும் எந்தவொரு அமைப்பையும் பாதிக்கக்கூடும்.", + "ஒரு பரிந்துரைக்கப்பட்ட தீர்வு என்பது காலப்போக்கில் மாறாத தனித்துவமான அடையாளங்களைப் பயன்படுத்துவது, ஆனால் இந்த தீர்வின் செயலாக்கம் அடையாள வழங்குநர்களிடையே மாறுபடுகிறது." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "கோடிங் திறன்களை பயன்படுத்தி பாசிவ் வருமானம் பெறுதல்", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "TEXT: ஆசிரியர் CTO பங்கிலிருந்து தனியார் தொழில்முனைவோராக மாறி, மென்பொருள் தயாரிப்புகளின் தொகுப்பின் மூலம் அதிக வருமானம் ஈட்டினார். TEXT:", + "முக்கிய உத்திகள் ஆழமான பணியில் கவனம் செலுத்துவது, சிறிய திட்டங்களுடன் தொடங்குவது, விரைவாக திருத்துவது மற்றும் சந்தைப்படுத்தல் முயற்சிகளுக்கு நேரத்தை ஒதுக்குவது ஆகியவற்றை உள்ளடக்கியவை.", + "இந்த பயணம் நிச்சயமற்ற தன்மையால் பொறுமையை வலியுறுத்துகிறது, ஆனால் இந்த தொழில் பாதையின் ஒப்பற்ற சுயாதீனத்தையும் சுதந்திரத்தையும் சிறப்பிக்கிறது, குறியீட்டு திறன்களைக் கொண்டவர்களை இதை பாசிவ் வருமானத்திற்காக பரிசீலிக்க ஊக்குவிக்கிறது." + ], + "commentSummary": [ + "ஒரு பயனர், முடிவடையும் டொமைன் பெயர்களைப் பயன்படுத்தி SEO ஸ்பாம் வலைத்தளங்கள் மூலம் பாசிவ் வருமானத்தை உருவாக்கி, ஆண்டுக்கு சுமார் $30k சம்பாதிப்பதாக, நெறிமுறைக் கவலைகள் மற்றும் கூகிளின் இறுதியில் நடவடிக்கை எடுப்பதைப் பொருட்படுத்தாமல் விவரித்தார்.", + "TEXT: இந்த பதிவு, சில பயனர்கள் உண்மையில் பாசிவ் வருமானத்தை விட ஒரு வணிகத்தை நடத்துவது போன்றது என்று வாதிடுவதால், பாசிவ் வருமானம் குறித்த விவாதத்தை தூண்டியது. TEXT:", + "TEXT: பங்கேற்பாளர்கள் பக்கத் திட்டங்களில் அனுபவங்களையும் சவால்களையும் பகிர்ந்து கொண்டனர், நேரம், பொறுமை மற்றும் மூலோபாய திட்டமிடலின் முக்கியத்துவத்தை வலியுறுத்தினர்." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "ஸ்பெயின், ஐரோப்பிய ஒன்றியத்திற்கு வெளியே உள்ள குடியிருப்பாளர்களால் வாங்கப்படும் வீடுகளுக்கு 100% வரி விதிக்க முன்மொழிகிறது", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "ஸ்பெயின், வீட்டு வசதி நெருக்கடியை சமாளிக்கவும், ஊக வணிகத்தை கட்டுப்படுத்தவும் நோக்கி, ஐரோப்பிய ஒன்றியத்திற்கு வெளியே உள்ள குடியிருப்பாளர்களால் செய்யப்படும் நில விற்பனை வாங்குதல்களுக்கு 100% வரி விதிப்பதை பரிசீலிக்கிறது.", + "பிரதமர் பெட்ரோ சாஞ்சஸ் முன்மொழிந்த திட்டம் சமூக வீடுகளை விரிவுபடுத்துவதையும், வீட்டு விலை மற்றும் வருமானங்களுக்கிடையேயான வேறுபாட்டை சமாளிக்க சுற்றுலா வாடகைகளை ஒழுங்குபடுத்துவதையும் உள்ளடக்கியது.", + "தமிழில் எழுத வேண்டும். சில பகுப்பாய்வாளர்கள் இதை ஒரு உறுதியான சட்ட மாற்றமாக அல்லாமல், வெளிநாட்டு முதலீட்டாளர்களுக்கு தடையாகக் காண்கிறார்கள் என்பதால், அந்த முன்மொழிவின் சட்டமாக்கலின் எதிர்காலம் நிச்சயமற்றதாக உள்ளது." + ], + "commentSummary": [ + "ஸ்பெயின், இல்லத்திற்கான விலை ஏற்றத்தை சமாளிக்க, ஐரோப்பிய ஒன்றியத்திற்கு வெளியே உள்ள குடியிருப்பாளர்களால் வாங்கப்படும் வீடுகளுக்கு 100% வரி விதிக்க பரிசீலிக்கிறது. - விமர்சகர்கள், வெளிநாட்டு வாங்குபவர்கள் இல்லத்திற்கான விலை உயர்வின் முதன்மை காரணம் அல்ல என்று கூறி, மந்தமான நிர்வாகம் மற்றும் மண்டல சட்டங்கள் போன்றவை முக்கியமான காரணிகள் எனக் குறிப்பிடுகின்றனர். - இந்த முன்மொழிவு, வீட்டு சந்தைகளில் வெளிநாட்டு சொந்தக்காரர்களின் பங்கு மற்றும் விலை ஏற்றத்தை தீர்க்க அதன் பயன்தன்மை குறித்து விவாதத்தை தூண்டியுள்ளது." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "ஆப்பிள் விரைவில் TSMC இன் அரிசோனா தொழிற்சாலையில் இருந்து 'அமெரிக்காவில் தயாரிக்கப்பட்ட' சிப்களை பெறும்", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "உரை: ஆப்பிள் TSMC இன் அரிசோனா தொழிற்சாலையில் இருந்து செயலிகளை சோதித்து வருகிறது, முதல் காலாண்டிற்குள் பெருமளவில் உற்பத்தி செய்ய திட்டமிட்டுள்ளது, இது உள்ளூர் தயாரிக்கப்பட்ட சிப்களுக்கான TSMC இன் முதல் அமெரிக்க வாடிக்கையாளராக ஆப்பிள் மாறக்கூடும். - இந்த முயற்சி அமெரிக்காவின் சிலிகான் சுயாதீனத்தை வலுப்படுத்துவதற்காக, புவியியல் மற்றும் இயற்கை அபாயங்களுக்கு ஆளாகக்கூடிய தைவானின் மீது சார்பை குறைப்பதற்காக மேற்கொள்ளப்படுகிறது. - TSMC இன் அரிசோனா தொழிற்சாலை மேம்பட்ட 3nm மற்றும் 2nm சிப்களை தயாரிக்க அமைக்கப்பட்டுள்ளது, உள்ளூர் ஆட்சேர்ப்பு மற்றும் அமெரிக்க பல்கலைக்கழகங்களுடன் கூட்டாண்மைகளை மேம்படுத்தும் முயற்சிகள் நடைபெற்று வருகின்றன, ஆனால் பேக்கேஜிங் ஆரம்பத்தில் தைவானில் நடைபெறும், பியோரியா தொழிற்சாலை செயல்பாட்டுக்கு வரும்வரை." + ], + "commentSummary": [ + "உரை: ஆப்பிள் TSMC இன் அரிசோனா ஆலையிலிருந்து சிப்களைப் பெறும், ஆனால் போதுமான அமெரிக்க வசதிகள் இல்லாததால் அவற்றை திருப்பி தைவானுக்கு அனுப்பி மூடுவதற்குத் தேவையாகிறது. - அரிசோனா ஆலையில் பணிபுரியும் பணியாளர்களில் 50% க்கும் மேற்பட்டோர் தைவானிலிருந்து வந்தவர்கள், இது அமெரிக்காவின் STEM (அறிவியல், தொழில்நுட்பம், பொறியியல் மற்றும் கணிதம்) துறையில் ஒரு இடைவெளியைக் குறிக்கிறது. - அமெரிக்க அரைக்கட்டமைப்பு உற்பத்தியை மேம்படுத்தும் நோக்கில் CHIPS சட்டம் முயற்சி சவால்களை எதிர்கொள்கிறது, ஏனெனில் \"அமெரிக்காவில் தயாரிக்கப்பட்டது\" என்ற லேபிள் கேள்விக்குறியாகிறது, மூடுதல் செயல்முறை தைவானில் நடைபெறுவதால், 2027 ஆம் ஆண்டுக்குள் அமெரிக்க மூடுதல் திறன்களை உருவாக்கும் திட்டங்களுடன்." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "மெருகூட்டல் கட்டணம் செயல்படுத்தப்பட்ட பிறகு மான்ஹாட்டன் சாலைகளில் 43,000 ஓட்டுநர்கள் குறைந்துள்ளனர்", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "கூட்ட நெரிசல் விலை நிர்ணயம் செயல்படுத்தப்பட்ட பிறகு, 60வது தெருவுக்கு கீழே மான்ஹாட்டனில் நுழையும் வாகன ஓட்டிகளின் எண்ணிக்கை 7.5% குறைந்தது, இது வாரத்தின் ஒவ்வொரு வேலை நாளிலும் 43,000 வாகன ஓட்டிகள் குறைவாக உள்ளனர் என்பதற்கு சமமாகும்.", + "பேருந்து போக்குவரத்து குறைந்ததன் காரணமாக போக்குவரத்து ஓட்டம் மேம்பட்டுள்ளது மற்றும் பேருந்து வேகங்கள் அதிகரித்துள்ளன, சில விரைவு பேருந்துகளில் பயணிகள் எண்ணிக்கை அதிகரித்துள்ளது.", + "மெட்ரோபாலிடன் போக்குவரத்து ஆணையம் (MTA) ஆண்டுக்கு $500 மில்லியன் என மதிப்பிடப்பட்ட சுங்க வருவாயை, சில அரசியல் எதிர்ப்புகள் இருந்தபோதிலும், போக்குவரத்து மேம்பாடுகளுக்காக பயன்படுத்துகிறது." + ], + "commentSummary": [ + "மஹாட்டனில் நெரிசல் கட்டணத்தை நடைமுறைப்படுத்துவதன் மூலம் 43,000 கார் ஓட்டிகள் குறைந்துள்ளனர், இது பேருந்து வேகங்களை அதிகரிக்கவும், அவசர சேவை நேரங்களை மேம்படுத்தவும் வழிவகுக்கிறது.", + "கொள்கை போக்குவரத்து நெரிசலை குறைத்து காற்றின் தரத்தை மேம்படுத்த வடிவமைக்கப்பட்டுள்ளது, ஆனால் இது குறைந்த வருமானம் கொண்ட நபர்களின் மீது அதன் தாக்கம் குறித்து விவாதத்தை ஏற்படுத்தியுள்ளது.", + "ஆதரவாளர்கள், அதிக செயல்திறன் கொண்ட பொது போக்குவரத்து மற்றும் சுத்தமான காற்று போன்ற நன்மைகளை உள்ளடக்கியதாக வாதிடுகின்றனர், அதே நேரத்தில் இவை சாரதிகளின் தேவைகளுடன் சமநிலைப்படுத்துவது பற்றிய விவாதங்கள் தொடர்கின்றன." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.th.json b/records/2025-01-14/2025-01-14.th.json new file mode 100644 index 000000000..e111dd1cc --- /dev/null +++ b/records/2025-01-14/2025-01-14.th.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "นักวิจัยด้านความปลอดภัยของ Snyk ปล่อยแพ็กเกจ NPM ที่เป็นอันตรายโดยมีเป้าหมายที่ cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "นักวิจัยด้านความปลอดภัยจาก Snyk ได้ปล่อยแพ็กเกจ NPM ที่เป็นอันตรายซึ่งมุ่งเป้าไปที่ Cursor.com ซึ่งเป็นบริษัทเขียนโค้ด AI เพื่อรวบรวมข้อมูลระบบและส่งไปยังบริการที่ผู้โจมตีควบคุม", + "แพ็กเกจที่ถูกระบุว่าเป็น \"cursor-retrieval,\" \"cursor-always-local,\" และ \"cursor-shadow-workspace\" ถูกตั้งค่าสถานะโดยเครื่องสแกนการวิเคราะห์แพ็กเกจของ OpenSSF ส่งผลให้มีคำแนะนำ MAL-2025-27, MAL-2025-28, และ MAL-2025-29", + "เหตุการณ์นี้เน้นย้ำถึงความสำคัญของการตรวจสอบแพ็กเกจ NPM ก่อนการติดตั้งเพื่อหลีกเลี่ยงภัยคุกคามด้านความปลอดภัยที่อาจเกิดขึ้น" + ], + "commentSummary": [ + "นักวิจัยด้านความปลอดภัยจาก Snyk ได้ปล่อยแพ็กเกจ NPM (Node Package Manager) ที่เป็นอันตรายซึ่งมุ่งเป้าไปที่ cursor.com โดยเน้นถึงช่องโหว่ของการสับสนในความพึ่งพา - เหตุการณ์นี้ได้จุดประกายการถกเถียงเกี่ยวกับจริยธรรมของการวิจัยด้านความปลอดภัย โดยเฉพาะอย่างยิ่งเกี่ยวกับการเปิดเผยตัวแปรสภาพแวดล้อมต่อสาธารณะ - Cursor.com ได้ชี้แจงว่าพวกเขาไม่ได้อนุญาตให้ดำเนินการดังกล่าว และ Snyk ได้ขอโทษในภายหลัง โดยเน้นถึงความท้าทายในการสร้างสมดุลระหว่างการวิจัยด้านความปลอดภัยเชิงรุกกับมาตรฐานทางจริยธรรม" + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "ฉันเปลี่ยนไปใช้ Firefox และไม่เคยหันกลับไปมองอีกเลย", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox ได้รับการยกย่องในเรื่องการจัดการแท็บที่ยอดเยี่ยม ฟีเจอร์ Pocket ในตัวสำหรับบันทึกลิงก์ และการส่งต่ออีเมลที่เน้นความเป็นส่วนตัว ทำให้เป็นทางเลือกที่แข็งแกร่งสำหรับ Chrome - ฟีเจอร์เพิ่มเติมเช่น เครื่องมือจับภาพหน้าจอที่ใช้งานง่าย ปุ่ม ChatGPT โหมด Picture-in-Picture ตัวเลือกการค้นหาที่ปรับแต่งได้ และการเลื่อนที่ราบรื่น ช่วยเพิ่มประสบการณ์การท่องเว็บ - แม้ว่า Firefox จะขาดฟีเจอร์แอปเว็บของ Chrome แต่การออกแบบที่รอบคอบและการใช้ทรัพยากรที่ลดลงทำให้เป็นตัวเลือกที่ผู้ใช้บางคนชื่นชอบ" + ], + "commentSummary": [ + "ผู้ใช้ Firefox เผชิญกับความท้าทายจากแพลตฟอร์มอย่าง YouTube ซึ่งอาจจงใจลดประสบการณ์การใช้งานสำหรับเบราว์เซอร์ที่ไม่ใช่ของ Google หรือผู้ใช้ที่ใช้ตัวบล็อกโฆษณา - แนวโน้มนี้ก่อให้เกิดความกังวลเกี่ยวกับความเป็นอิสระของผู้ใช้ เนื่องจากเป็นการลงโทษผู้ที่เลือกใช้งานเว็บที่ปราศจากโฆษณาและการสอดส่อง - Firefox มีคุณสมบัติเฉพาะ เช่น แท็บคอนเทนเนอร์ ซึ่งช่วยเพิ่มความเป็นส่วนตัวและการใช้งาน ทำให้เป็นตัวเลือกที่ผู้ใช้ที่ต้องการความเป็นอิสระจากเบราว์เซอร์ที่ถูกควบคุมโดยบริษัทใหญ่ๆ นิยมใช้" + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "ซีอีโอของ Sonos ลาออกหลังจากปัญหาการอัปเดตแอป", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "ซีอีโอของ Sonos ได้ลาออกหลังจากการอัปเดตแอปที่เป็นที่ถกเถียงซึ่งบังคับให้ผู้ใช้ต้องเปลี่ยนระบบเสียงที่มีราคาแพง ทำให้เกิดความไม่พอใจในหมู่ลูกค้า - การอัปเดตนี้ได้แนะนำระบบที่ใช้คลาวด์ แทนที่ระบบ Universal Plug and Play (UPnP) ที่เชื่อถือได้ ซึ่งนำไปสู่ปัญหาการเชื่อมต่อและความซับซ้อนที่เพิ่มขึ้น - สถานการณ์นี้เน้นย้ำถึงความขัดแย้งระหว่างกลยุทธ์ทางธุรกิจกับการรักษาความไว้วางใจของลูกค้า ในขณะที่ซีอีโอเปลี่ยนไปสู่บทบาทที่ปรึกษาพร้อมกับแพ็คเกจชดเชย" + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "ในท้องของ MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "บทความนี้ตรวจสอบว่าอัลกอริทึมของ YouTube มีอิทธิพลต่อการสร้างเนื้อหาอย่างไร โดยใช้ MrBeast เป็นกรณีศึกษา เน้นการเปลี่ยนแปลงไปสู่เนื้อหาที่ขับเคลื่อนด้วยการมีส่วนร่วมมากกว่าเนื้อหาที่มีความหมาย - มีการอภิปรายถึงผลกระทบที่กว้างขึ้นต่อการรู้เท่าทันสื่อและผลกระทบทางวัฒนธรรมของแพลตฟอร์มอย่าง YouTube และ TikTok โดยเสนอแนวโน้มไปสู่เนื้อหาที่ผิวเผินและตอบโต้ - มีการพิจารณามุมมองต่างๆ เกี่ยวกับบทบาทของอัลกอริทึมในการกำหนดเนื้อหาและอิทธิพลของผู้สร้างยอดนิยมต่อบรรทัดฐานทางวัฒนธรรม" + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "การดำเนินการ Git บน GitHub หยุดทำงาน", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub ประสบปัญหาการหยุดชะงักของการดำเนินการ Git เมื่อวันที่ 13 มกราคม 2025 เนื่องจากการเปลี่ยนแปลงการกำหนดค่าที่ส่งผลกระทบต่อโหลดบาลานเซอร์ภายใน ซึ่งกินเวลาตั้งแต่ 23:35 ถึง 00:24 UTC - ปัญหาได้รับการแก้ไขโดยการย้อนกลับการเปลี่ยนแปลงการกำหนดค่า และ GitHub กำลังทำงานเพื่อปรับปรุงกระบวนการตรวจสอบและการปรับใช้เพื่อป้องกันเหตุการณ์ที่คล้ายกัน - การหยุดชะงักยังส่งผลกระทบต่อบริการ Actions และ Pages ของ GitHub ซึ่งเน้นถึงธรรมชาติที่เชื่อมโยงกันของบริการแพลตฟอร์มของพวกเขา" + ], + "commentSummary": [ + "GitHub ประสบปัญหาการหยุดทำงานครั้งใหญ่ที่ส่งผลกระทบต่อการดำเนินการของ git ทำให้นักพัฒนาสับสนในตอนแรกที่สงสัยว่ามีปัญหากับคีย์ SSH หรือการตั้งค่าท้องถิ่นของพวกเขา - เหตุการณ์นี้เน้นย้ำถึงความท้าทายของการพึ่งพาบริการแบบรวมศูนย์ กระตุ้นให้เกิดการสนทนาเกี่ยวกับข้อดีของการโฮสต์เองและระบบแบบกระจาย - แม้ว่าปัญหาจะได้รับการแก้ไขแล้ว แต่ก็ได้เน้นย้ำถึงความกังวลเกี่ยวกับความน่าเชื่อถือของ GitHub และความเสี่ยงของการพึ่งพาแพลตฟอร์มของบุคคลที่สามสำหรับงานที่จำเป็น" + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 เปิดตัวพร้อมกับการขยาย ZFS raidz", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 ได้รับการเปิดตัวแล้ว โดยมีการแนะนำฟีเจอร์สำคัญเช่น RAIDZ Expansion, Fast Deduplication, Direct Input/Output, การแสดงผลแบบ JSON และการรองรับชื่อไฟล์ที่ยาว - การเปิดตัวนี้รวมถึงการแก้ไขบั๊กที่สำคัญและการปรับปรุงประสิทธิภาพ ซึ่งสามารถใช้งานร่วมกับเคอร์เนล Linux เวอร์ชัน 4.18 - 6.12 และ FreeBSD เวอร์ชัน 13.3, 14.0 - 14.2 - การอัปเดตนี้เป็นความร่วมมือจากผู้ร่วมพัฒนา 134 คน พร้อมด้วยเอกสารประกอบและบันทึกการเปลี่ยนแปลงที่สามารถตรวจสอบได้" + ], + "commentSummary": [ + "ZFS 2.3 ได้รับการเปิดตัวแล้ว โดยมีการแนะนำฟีเจอร์ต่างๆ เช่น การขยาย RAIDZ, การลดข้อมูลซ้ำอย่างรวดเร็ว, การใช้งาน IO โดยตรง, การแสดงผล JSON และการรองรับชื่อไฟล์ที่ยาว - การขยาย RAIDZ นั้นโดดเด่นเป็นพิเศษเนื่องจากช่วยให้ผู้ใช้สามารถเพิ่มอุปกรณ์ใหม่ลงใน RAIDZ pool ที่มีอยู่โดยไม่ต้องหยุดทำงาน เพิ่มความจุในการจัดเก็บข้อมูล - การเปิดตัวนี้ถือเป็นความก้าวหน้าที่สำคัญสำหรับผู้ใช้ ZFS โดยมีการเปรียบเทียบกับระบบไฟล์อื่นๆ เช่น Btrfs และ Windows Storage Spaces แม้ว่าจะมีข้อจำกัดบางประการ เช่น การไม่สามารถลดขนาด pool ได้" + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – คอนเทนเนอร์ Alpine, Ubuntu, Fedora และ Arch ที่มีสภาพแวดล้อมเดสก์ท็อปแบบเต็มรูปแบบ", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop ให้บริการคอนเทนเนอร์ที่มีพื้นฐานจาก Alpine, Ubuntu, Fedora, และ Arch พร้อมด้วยสภาพแวดล้อมเดสก์ท็อปเต็มรูปแบบที่สามารถเข้าถึงได้ผ่านเว็บเบราว์เซอร์ รองรับทั้งสถาปัตยกรรม x86-64 และ arm64", + "ผู้ใช้สามารถเลือกจากสภาพแวดล้อมเดสก์ท็อปต่าง ๆ เช่น XFCE, KDE, MATE, i3, Openbox และ IceWM โดยใช้แท็กภาพเฉพาะ และเข้าถึง Webtop ผ่าน URL ที่กำหนด", + "คุณสมบัติด้านความปลอดภัยประกอบด้วยตัวเลือก seccomp ของ Docker และการตั้งค่าการยืนยันตัวตน พร้อมตัวเลือกการปรับแต่งที่สามารถทำได้ผ่านตัวแปรสภาพแวดล้อม และรองรับการเร่งความเร็ว GPU ด้วยไดรเวอร์โอเพ่นซอร์ส" + ], + "commentSummary": [ + "Webtop ให้บริการคอนเทนเนอร์ที่มีสภาพแวดล้อมเดสก์ท็อปเต็มรูปแบบสำหรับ Alpine, Ubuntu, Fedora, และ Arch ซึ่งเหมาะสำหรับการตั้งค่าอย่างรวดเร็วหลัง VPN", + "ผู้ใช้ชื่นชม Webtop ในเรื่องความเร็วและความง่ายในการใช้งาน โดยเฉพาะเมื่อใช้ร่วมกับ Gluetun container เพื่อการเชื่อมต่อที่ปลอดภัย แต่เตือนให้ระวังการเปิดเผย container สู่อินเทอร์เน็ตโดยไม่มีมาตรการรักษาความปลอดภัย เนื่องจากขาดการยืนยันตัวตนเริ่มต้น", + "โครงการนี้มีคุณค่าสำหรับการเป็นโอเพ่นซอร์สและยืดหยุ่น โดยผู้ใช้สามารถแบ่งปันการตั้งค่าได้ และทางเลือกอื่น ๆ เช่น Kasm และ Selkies ก็ถูกกล่าวถึงเพื่อวัตถุประสงค์ที่คล้ายกัน" + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 ใน 5 ของประกาศรับสมัครงานออนไลน์เป็นของปลอมหรือไม่เคยมีการจ้างงานจริง, การศึกษาพบ", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "การศึกษาล่าสุดระบุว่า 20% ของประกาศรับสมัครงานออนไลน์เป็นของปลอมหรือยังไม่ได้รับการเติมเต็ม ซึ่งเพิ่มความหงุดหงิดให้กับผู้หางาน - แนวโน้ม \"งานผี\" นี้อาจเป็นกลยุทธ์ของบริษัทในการสร้างภาพลักษณ์ของการเติบโต - แพลตฟอร์มงานเช่น Greenhouse และ LinkedIn ได้แนะนำบริการตรวจสอบงานเพื่อช่วยผู้ใช้ในการระบุโอกาสงานที่แท้จริง" + ], + "commentSummary": [ + "การศึกษาพบว่า 20% ของประกาศรับสมัครงานออนไลน์เป็นประกาศปลอมหรือยังไม่ได้รับการเติมเต็ม ซึ่งมักเกิดจากบริษัทที่ต้องปฏิบัติตามนโยบายการย้ายถิ่นฐานของสหรัฐฯ - บริษัทอาจปล่อยประกาศรับสมัครงานไว้เพื่อหาผู้สมัครที่เหมาะสม เปลี่ยนแปลงข้อกำหนด หรือมีผู้สมัครภายในที่ได้รับการคัดเลือกไว้ล่วงหน้า - ตลาดงานเป็นเรื่องยากสำหรับผู้สมัคร ที่มักพบกับการถูกเมินเฉยและการปฏิเสธอัตโนมัติ ทำให้เกิดการเรียกร้องให้มีการแทรกแซงด้านกฎระเบียบ" + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "ทำให้ทางแยกไม่ปลอดภัยสำหรับคนเดินเท้าเพื่อประหยัดเวลาไม่กี่วินาทีสำหรับผู้ขับขี่", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "การอภิปรายมุ่งเน้นไปที่ว่าทางแยกควรให้ความสำคัญกับความปลอดภัยของคนเดินเท้าหรือประสิทธิภาพของผู้ขับขี่ โดยบางคนสนับสนุนทางแยกที่ควบคุมด้วยสัญญาณไฟและการข้ามถนนของคนเดินเท้าแทนที่จะใช้จุดหยุด 4 ทาง", + "ความคิดเห็นเกี่ยวกับกฎหมายจราจรและการออกแบบโครงสร้างพื้นฐานมีความหลากหลาย โดยมีการอภิปรายเกี่ยวกับความปลอดภัยของการเดินข้ามถนนในที่ห้ามและความเสี่ยงที่เกี่ยวข้องกับการเลี้ยวขวาเมื่อสัญญาณไฟแดง", + "บางคนสนับสนุนทางเลือกอื่น เช่น วงเวียน หรือการนำมาตรฐานวิศวกรรมจราจรของเนเธอร์แลนด์มาใช้เพื่อเพิ่มความปลอดภัยและประสิทธิภาพ" + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL เป็นระบบจัดการฐานข้อมูลแห่งปี 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL ได้รับรางวัล DBMS of the Year 2024 จาก DB-Engines โดยได้รับการยอมรับนี้เป็นครั้งที่ห้า แซงหน้า 423 ระบบจัดการฐานข้อมูลอื่น ๆ", + "PostgreSQL ซึ่งมีประวัติยาวนานเกือบ 35 ปี ยังคงสร้างสรรค์นวัตกรรมใหม่ ๆ ดังที่เห็นได้จากการปรับปรุงล่าสุดของ PostgreSQL 17 ที่เปิดตัวในเดือนกันยายน 2024", + "Snowflake และ Microsoft ได้รับตำแหน่งที่สองและสามตามลำดับ โดย Snowflake มีความโดดเด่นในด้านการจัดเก็บข้อมูลบนคลาวด์และการสนับสนุนหลายคลาวด์ ในขณะที่ Microsoft มีการจัดการฐานข้อมูลเชิงสัมพันธ์ที่แข็งแกร่งผ่าน Azure SQL Database และ SQL Server" + ], + "commentSummary": [ + "PostgreSQL ได้รับรางวัลระบบจัดการฐานข้อมูลแห่งปี 2024 จาก db-engines.com ซึ่งเน้นย้ำถึงความนิยมที่เพิ่มขึ้นและการยอมรับในอุตสาหกรรม", + "ผู้ใช้กำลังพิจารณาเปลี่ยนจาก Microsoft SQL Server ไปเป็น PostgreSQL เนื่องจากค่าใช้จ่ายในการออกใบอนุญาตที่สูงและข้อจำกัดด้านทรัพยากร แม้ว่าจะมีความท้าทายในการย้ายข้อมูลก็ตาม", + "PostgreSQL ได้รับความนิยมเนื่องจากมีฟีเจอร์ที่แข็งแกร่งและคุ้มค่า ทำให้เป็นตัวเลือกที่นิยมสำหรับโครงการในอนาคต แม้ว่าผู้ใช้บางรายจะสำรวจทางเลือกอื่นเช่น Babelfish เพื่อลดค่าใช้จ่าย" + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "การเข้าสู่ระบบ OAuth ของ Google ไม่ได้ป้องกันการซื้อโดเมนของสตาร์ทอัพที่ล้มเหลว", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "การอภิปรายเน้นถึงช่องโหว่ในระบบล็อกอิน OAuth ของ Google เมื่อโดเมนของสตาร์ทอัพที่ล้มเหลวถูกซื้อโดยเจ้าของใหม่ ซึ่งอาจทำให้เกิดการเข้าถึงบริการโดยไม่ได้รับอนุญาต", + "ปัญหานี้เกิดขึ้นเนื่องจาก Google อาจไม่สามารถแยกแยะระหว่างเจ้าของโดเมนเดิมและเจ้าของโดเมนใหม่ได้ ซึ่งส่งผลกระทบต่อระบบใด ๆ ที่ใช้การยืนยันตัวตนตามโดเมน", + "วิธีแก้ปัญหาที่เสนอคือการใช้ตัวระบุที่ไม่ซ้ำกันซึ่งคงที่ตลอดเวลา แม้ว่าการนำวิธีแก้ปัญหานี้ไปใช้จะแตกต่างกันไปในหมู่ผู้ให้บริการระบุตัวตน" + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "การใช้ทักษะการเขียนโค้ดเพื่อสร้างรายได้แบบพาสซีฟ", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "ผู้เขียนเปลี่ยนจากบทบาท CTO มาเป็นผู้ประกอบการเดี่ยว โดยประสบความสำเร็จในการสร้างรายได้มากขึ้นผ่านพอร์ตโฟลิโอของผลิตภัณฑ์ซอฟต์แวร์", + "กลยุทธ์หลักประกอบด้วยการมุ่งเน้นที่การทำงานอย่างลึกซึ้ง เริ่มต้นด้วยโครงการขนาดเล็ก ทำซ้ำอย่างรวดเร็ว และทุ่มเทเวลาให้กับความพยายามทางการตลาด", + "การเดินทางนี้เน้นย้ำถึงความยืดหยุ่นเนื่องจากความไม่แน่นอน แต่ยังชี้ให้เห็นถึงความเป็นอิสระและเสรีภาพที่ไม่มีใครเทียบได้ของเส้นทางอาชีพนี้ โดยกระตุ้นให้ผู้ที่มีทักษะการเขียนโค้ดพิจารณาเพื่อรายได้แบบพาสซีฟ" + ], + "commentSummary": [ + "ผู้ใช้คนหนึ่งได้อธิบายถึงการสร้างรายได้แบบพาสซีฟผ่านเว็บไซต์สแปม SEO โดยใช้ชื่อโดเมนที่กำลังจะหมดอายุ ทำรายได้ประมาณ $30,000 ต่อปี แม้ว่าจะมีข้อกังวลด้านจริยธรรมและการปราบปรามของ Google ในที่สุด", + "โพสต์ดังกล่าวจุดประกายการถกเถียงเกี่ยวกับรายได้แบบพาสซีฟ โดยมีผู้ใช้บางคนโต้แย้งว่ามันคล้ายกับการดำเนินธุรกิจมากกว่าที่จะเป็นรายได้แบบพาสซีฟอย่างแท้จริง", + "ผู้เข้าร่วมได้แบ่งปันประสบการณ์และความท้าทายในการทำโครงการเสริม โดยเน้นถึงความสำคัญของเวลา ความยืดหยุ่น และการวางแผนเชิงกลยุทธ์" + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "สเปนเสนอภาษี 100% สำหรับบ้านที่ซื้อโดยผู้อยู่อาศัยนอกสหภาพยุโรป", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "สเปนกำลังพิจารณาภาษี 100% สำหรับการซื้ออสังหาริมทรัพย์โดยผู้ที่ไม่ใช่ผู้อยู่อาศัยในสหภาพยุโรป โดยมีเป้าหมายเพื่อแก้ไขปัญหาวิกฤตที่อยู่อาศัยและควบคุมการซื้อเพื่อเก็งกำไร", + "ข้อเสนอของนายกรัฐมนตรีเปโดร ซานเชซ รวมถึงการขยายที่อยู่อาศัยสังคมและการควบคุมการเช่าที่พักสำหรับนักท่องเที่ยวเพื่อแก้ไขความไม่สมดุลระหว่างราคาที่อยู่อาศัยและรายได้", + "อนาคตของข้อเสนอนี้ในฐานะกฎหมายยังไม่แน่นอน โดยนักวิเคราะห์บางคนมองว่าเป็นการขัดขวางนักลงทุนต่างชาติมากกว่าการเปลี่ยนแปลงทางกฎหมายที่รับประกันได้" + ], + "commentSummary": [ + "สเปนกำลังพิจารณาภาษี 100% สำหรับบ้านที่ซื้อโดยผู้ที่ไม่ใช่ผู้อยู่อาศัยในสหภาพยุโรปเพื่อแก้ปัญหาความสามารถในการซื้อที่อยู่อาศัย - นักวิจารณ์แนะนำว่าผู้ซื้อชาวต่างชาติไม่ใช่สาเหตุหลักของราคาที่อยู่อาศัยสูง โดยอ้างถึงระบบราชการที่ล่าช้าและกฎหมายการแบ่งเขตว่าเป็นปัจจัยที่สำคัญกว่า - ข้อเสนอนี้ได้จุดประกายการถกเถียงเกี่ยวกับบทบาทของการเป็นเจ้าของโดยชาวต่างชาติในตลาดที่อยู่อาศัยและประสิทธิภาพของมันในการแก้ไขปัญหาความสามารถในการซื้อ" + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "แอปเปิลจะได้รับชิป 'ผลิตในอเมริกา' จากโรงงานของ TSMC ในรัฐแอริโซนาในไม่ช้า", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple กำลังทดสอบโปรเซสเซอร์จากโรงงานของ TSMC ในรัฐแอริโซนา โดยมีแผนที่จะผลิตในปริมาณมากภายในไตรมาสแรก ซึ่งอาจทำให้ Apple กลายเป็นลูกค้ารายแรกของ TSMC ในสหรัฐฯ สำหรับชิปที่ผลิตในท้องถิ่น - โครงการนี้มีเป้าหมายเพื่อเสริมสร้างความเป็นอิสระด้านซิลิคอนของสหรัฐฯ ลดการพึ่งพาไต้หวันซึ่งมีความเสี่ยงต่อปัญหาทางภูมิรัฐศาสตร์และธรรมชาติ - โรงงานของ TSMC ในแอริโซนามีกำหนดจะผลิตชิปขั้นสูงขนาด 3nm และ 2nm โดยมีความพยายามอย่างต่อเนื่องในการเพิ่มการสรรหาบุคลากรในท้องถิ่นและความร่วมมือกับมหาวิทยาลัยในสหรัฐฯ แม้ว่าการบรรจุหีบห่อจะเกิดขึ้นในไต้หวันในช่วงแรกจนกว่าโรงงานใน Peoria จะเริ่มดำเนินการ" + ], + "commentSummary": [ + "แอปเปิลจะได้รับชิปจากโรงงานของ TSMC ในรัฐแอริโซนา แต่จำเป็นต้องส่งกลับไปยังไต้หวันเพื่อบรรจุภัณฑ์เนื่องจากสิ่งอำนวยความสะดวกในสหรัฐฯ ไม่เพียงพอ - กว่า 50% ของแรงงานที่โรงงานในแอริโซนามาจากไต้หวัน ซึ่งบ่งชี้ถึงช่องว่างในสาขา STEM (วิทยาศาสตร์ เทคโนโลยี วิศวกรรมศาสตร์ และคณิตศาสตร์) ของสหรัฐฯ - โครงการ CHIPS Act ที่มุ่งเสริมสร้างการผลิตเซมิคอนดักเตอร์ในสหรัฐฯ เผชิญกับความท้าทายเนื่องจากป้าย \"ผลิตในอเมริกา\" ถูกตั้งคำถามเนื่องจากกระบวนการบรรจุภัณฑ์เกิดขึ้นในไต้หวัน โดยมีแผนสำหรับความสามารถในการบรรจุภัณฑ์ในสหรัฐฯ ภายในปี 2027" + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "มีผู้ขับขี่น้อยลง 43,000 คนบนถนนในแมนฮัตตันหลังจากการเปิดใช้งานการคิดค่าผ่านทางตามความหนาแน่นของการจราจร", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "หลังจากการใช้ระบบการคิดค่าธรรมเนียมการจราจร มีการลดลงของผู้ขับขี่ที่เข้าสู่แมนฮัตตันใต้ถนนที่ 60 ลง 7.5% ซึ่งเท่ากับมีผู้ขับขี่น้อยลง 43,000 คนในแต่ละวันธรรมดา", + "การลดลงของการจราจรได้ปรับปรุงการไหลของการจราจรและเพิ่มความเร็วของรถบัส โดยมีรถบัสด่วนบางสายที่มีจำนวนผู้โดยสารเพิ่มขึ้น", + "การขนส่งมวลชนมหานคร (MTA) ใช้รายได้จากค่าผ่านทาง ซึ่งประมาณการไว้ที่ 500 ล้านดอลลาร์ต่อปี สำหรับการปรับปรุงระบบขนส่ง แม้ว่าจะมีการคัดค้านทางการเมืองอยู่บ้าง" + ], + "commentSummary": [ + "การนำระบบการคิดค่าธรรมเนียมการจราจรติดขัดมาใช้ในแมนฮัตตันส่งผลให้มีผู้ขับขี่รถยนต์น้อยลง 43,000 คน นำไปสู่ความเร็วของรถโดยสารที่เพิ่มขึ้นและอาจทำให้เวลาตอบสนองฉุกเฉินดีขึ้น", + "นโยบายนี้ถูกออกแบบมาเพื่อลดความแออัดของการจราจรและปรับปรุงคุณภาพอากาศ แม้ว่าจะก่อให้เกิดการถกเถียงเกี่ยวกับผลกระทบต่อบุคคลที่มีรายได้น้อย", + "ผู้สนับสนุนโต้แย้งว่าประโยชน์รวมถึงระบบขนส่งสาธารณะที่มีประสิทธิภาพมากขึ้นและอากาศที่สะอาดขึ้น ในขณะที่การอภิปรายยังคงดำเนินต่อไปเกี่ยวกับการสร้างสมดุลระหว่างข้อดีเหล่านี้กับความต้องการของผู้ขับขี่" + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.tr.json b/records/2025-01-14/2025-01-14.tr.json new file mode 100644 index 000000000..fdce7ece6 --- /dev/null +++ b/records/2025-01-14/2025-01-14.tr.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "Bir Snyk güvenlik araştırmacısı, cursor.com'u hedef alan kötü niyetli NPM paketleri dağıtıyor.", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "Bir Snyk güvenlik araştırmacısı, sistem verilerini toplamak ve saldırgan kontrolündeki bir hizmete göndermek amacıyla, bir yapay zeka kodlama şirketi olan Cursor.com'u hedef alan kötü niyetli NPM paketleri yayımladı.", + "Bu paketler, \"cursor-retrieval,\" \"cursor-always-local\" ve \"cursor-shadow-workspace\" olarak tanımlandı ve OpenSSF paket analiz tarayıcısı tarafından işaretlenerek MAL-2025-27, MAL-2025-28 ve MAL-2025-29 uyarılarına yol açtı.", + "Bu olay, potansiyel güvenlik tehditlerinden kaçınmak için NPM paketlerini yüklemeden önce dikkatlice incelemenin önemini vurgulamaktadır." + ], + "commentSummary": [ + "Snyk güvenlik araştırmacısı, cursor.com'u hedef alan kötü amaçlı NPM (Node Package Manager) paketlerini yayınlayarak bağımlılık karışıklığı açıklarını vurguladı. - Olay, özellikle ortam değişkenlerinin kamuya açıklanması konusunda güvenlik araştırmalarının etiği üzerine bir tartışma başlattı. - Cursor.com, bu eylemi yetkilendirmediklerini açıkladı ve Snyk, saldırgan güvenlik araştırmalarını etik standartlarla dengelemenin zorluklarını vurgulayarak özür diledi." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "Firefox'a Geçtim ve Bir Daha Asla Geriye Bakmadım", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox, üstün sekme yönetimi, bağlantıları kaydetmek için yerleşik Pocket özelliği ve gizlilik odaklı e-posta yönlendirmesi ile övülmekte olup, Chrome'a güçlü bir alternatif oluşturmaktadır. - Kullanıcı dostu ekran görüntüsü aracı, ChatGPT düğmesi, Resim içinde Resim, özelleştirilebilir arama seçenekleri ve akıcı kaydırma gibi ek özellikler, gezinme deneyimini geliştirmektedir. - Firefox, Chrome'un web uygulama özelliğinden yoksun olsa da, düşünceli tasarımı ve azaltılmış kaynak talepleri, bazı kullanıcılar için tercih edilen bir seçenek haline getirmektedir." + ], + "commentSummary": [ + "Firefox kullanıcıları, YouTube gibi platformlardan, özellikle Google dışı tarayıcılar veya reklam engelleyiciler kullanan kullanıcılar için deneyimi kasıtlı olarak kötüleştirebilecek zorluklarla karşı karşıya kalıyor. - Bu eğilim, reklamsız ve gözetimsiz bir web deneyimi tercih edenleri cezalandırdığı için kullanıcı özerkliği konusunda endişeleri artırıyor. - Firefox, gizliliği ve kullanılabilirliği artıran konteyner sekmeleri gibi benzersiz özellikler sunarak, büyük şirketlerin kontrolündeki tarayıcılardan bağımsızlık arayan kullanıcılar için tercih edilen bir seçenek haline geliyor." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Sonos CEO'su, uygulama güncelleme fiyaskosunun ardından istifa etti", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Sonos CEO'su, kullanıcıların pahalı ses sistemlerini değiştirmesini gerektiren tartışmalı bir uygulama güncellemesinin ardından istifa etti ve bu durum müşteri memnuniyetsizliğine yol açtı. - Güncelleme, güvenilir Universal Plug and Play (UPnP) sisteminden uzaklaşarak bulut tabanlı bir sistem tanıttı ve bu da bağlantı sorunlarına ve artan karmaşıklığa neden oldu. - Bu durum, iş stratejileri ile müşteri güvenini sürdürme arasındaki çatışmayı vurgularken, CEO bir kıdem tazminatı paketi ile danışmanlık rolüne geçiş yapıyor." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "MrBeast'in karnında", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Makale, YouTube'un algoritmasının içerik oluşturmayı nasıl etkilediğini inceliyor ve MrBeast'i bir vaka çalışması olarak kullanarak, anlamlı içerikten ziyade etkileşim odaklı bir kaymaya dikkat çekiyor. - Medya okuryazarlığı ve YouTube ile TikTok gibi platformların kültürel etkileri için daha geniş sonuçları tartışıyor ve yüzeysel ve tepkisel içeriğe doğru bir eğilim öneriyor. - Algoritmaların içeriği şekillendirmedeki rolü ve popüler içerik oluşturucuların kültürel normlar üzerindeki etkisi hakkında çeşitli bakış açıları ele alınıyor." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "GithHub Git İşlemleri Çalışmıyor", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub, 13 Ocak 2025'te, iç yük dengeleyicisini etkileyen bir yapılandırma değişikliği nedeniyle 23:35'ten 00:24 UTC'ye kadar süren bir Git operasyonları kesintisi yaşadı. - Sorun, yapılandırma değişikliğinin geri alınmasıyla çözüldü ve GitHub, benzer olayları önlemek için izleme ve dağıtım süreçlerini iyileştirmeye çalışıyor. - Kesinti, GitHub'ın Actions ve Pages hizmetlerini de etkiledi ve platform hizmetlerinin birbirine bağlı doğasını vurguladı." + ], + "commentSummary": [ + "GitHub, git işlemlerini etkileyen büyük bir kesinti yaşadı ve bu durum, başlangıçta SSH anahtarları veya yerel yapılandırmalarla ilgili sorunlar olduğunu düşünen geliştiriciler arasında kafa karışıklığına neden oldu. - Olay, merkezi hizmetlere güvenmenin zorluklarını vurguladı ve kendi kendine barındırma ve merkezi olmayan sistemlerin avantajları üzerine tartışmaları tetikledi. - Sorun çözülmüş olmasına rağmen, GitHub'ın güvenilirliği ve temel görevler için üçüncü taraf platformlara bağımlılığın riskleri konusundaki endişeleri gündeme getirdi." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3, ZFS raidz genişletmesi ile yayınlandı", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0, RAIDZ Genişletme, Hızlı Tekilleştirme, Doğrudan Giriş/Çıkış, JSON çıktısı ve uzun dosya adları desteği gibi önemli özellikler sunarak yayınlandı. - Sürüm, Linux çekirdekleri 4.18 - 6.12 ve FreeBSD sürümleri 13.3, 14.0 - 14.2 ile uyumlu olan temel hata düzeltmeleri ve performans iyileştirmelerini içeriyor. - Güncelleme, 134 katkıda bulunanın işbirliğiyle hazırlandı ve incelenmek üzere kapsamlı bir dokümantasyon ve değişiklik günlüğü mevcut." + ], + "commentSummary": [ + "ZFS 2.3, RAIDZ genişletme, hızlı veri tekilleştirme, doğrudan IO, JSON çıktısı ve uzun dosya adları desteği gibi özellikler sunarak piyasaya sürüldü. - RAIDZ genişletme, özellikle dikkat çekicidir çünkü kullanıcıların mevcut bir RAIDZ havuzuna yeni cihazlar eklemesine olanak tanır ve bu da depolama kapasitesini artırırken kesinti süresi olmadan yapılabilir. - Bu sürüm, ZFS kullanıcıları için önemli bir ilerleme olarak kabul edilir ve Btrfs ve Windows Storage Spaces gibi diğer dosya sistemleriyle karşılaştırmalar yapılır, havuzları küçültme yeteneği gibi bazı sınırlamalar olmasına rağmen." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Tam masaüstü ortamları içeren Alpine, Ubuntu, Fedora ve Arch konteynerleri", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop, web tarayıcılar aracılığıyla erişilebilen tam masaüstü ortamları sunan, Alpine, Ubuntu, Fedora ve Arch tabanlı konteynerler sağlar ve hem x86-64 hem de arm64 mimarilerini destekler.", + "Kullanıcılar, belirli imaj etiketlerini kullanarak XFCE, KDE, MATE, i3, Openbox ve IceWM gibi çeşitli masaüstü ortamlarından seçim yapabilir ve belirlenmiş URL'ler aracılığıyla Webtop'a erişebilirler.", + "Metin: Güvenlik özellikleri arasında Docker'ın seccomp seçeneği ve kimlik doğrulama kurulumu bulunur, ortam değişkenleri aracılığıyla özelleştirme seçenekleri mevcuttur ve açık kaynak sürücülerle GPU hızlandırma desteği sunulmaktadır." + ], + "commentSummary": [ + "Webtop, Alpine, Ubuntu, Fedora ve Arch için tam masaüstü ortamlarına sahip konteynerler sunar ve bir VPN arkasında hızlı kurulumlar için uygundur.", + "Kullanıcılar, Webtop'un hızını ve kullanım kolaylığını, özellikle güvenli bağlantılar için Gluetun konteyneri ile kullanıldığında övüyorlar, ancak varsayılan kimlik doğrulama eksikliği nedeniyle konteynerleri internete güvenlik önlemleri olmadan açma konusunda uyarıda bulunuyorlar.", + "Proje, açık kaynaklı ve esnek olması nedeniyle değerli bulunmakta, kullanıcılar yapılandırmaları paylaşmakta ve Kasm ile Selkies gibi alternatifler benzer amaçlar için belirtilmektedir." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "Çalışma, çevrimiçi iş ilanlarının 5'te 1'inin ya sahte olduğunu ya da hiç doldurulmadığını ortaya koyuyor.", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "Son yapılan bir çalışma, çevrimiçi iş ilanlarının %20'sinin ya sahte olduğunu ya da doldurulmadığını, bu durumun iş arayanların hayal kırıklığını artırdığını gösteriyor. - Bu \"hayalet iş\" trendi, şirketlerin büyüme imajı yansıtmak için bir taktik olabilir. - Greenhouse ve LinkedIn gibi iş platformları, kullanıcıların gerçek iş fırsatlarını belirlemelerine yardımcı olmak için iş doğrulama hizmetleri sunmaya başladı." + ], + "commentSummary": [ + "Bir çalışma, çevrimiçi iş ilanlarının %20'sinin ya sahte olduğunu ya da doldurulmadığını, bunun genellikle şirketlerin ABD göçmenlik politikalarına uyması gerektiğinden kaynaklandığını ortaya koyuyor. - Şirketler ayrıca ideal adayları bulmak, gereksinimleri değiştirmek veya önceden seçilmiş iç adaylara sahip olmak için iş ilanlarını açık bırakabilir. - İş piyasası, sık sık hayalet muamele ve otomatik reddedilme ile karşılaşan başvuru sahipleri için zordur ve bu durum düzenleyici müdahale çağrılarına yol açmaktadır." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Yayalar için bir kavşağı güvensiz hale getirerek sürücüler için saniyeler kazanmak", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Bu tartışma, kavşakların yaya güvenliğini mi yoksa sürücü verimliliğini mi önceliklendirmesi gerektiği etrafında dönüyor; bazıları ışık kontrollü kavşakları ve yaya geçitlerini 4 yönlü duraklara tercih ediyor.", + "Fikirler, trafik yasaları ve altyapı tasarımı konusunda farklılık göstermektedir; bu, yaya geçidi olmayan yerlerde karşıdan karşıya geçmenin güvenliği ve kırmızı ışıkta sağa dönüşle ilgili riskler üzerine tartışmaları içermektedir.", + "Kimileri, hem güvenliği hem de verimliliği artırmak için dönel kavşaklar veya Hollanda trafik mühendisliği standartlarının benimsenmesi gibi alternatif çözümleri savunuyor." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL, 2024 Yılının Veritabanı Yönetim Sistemi oldu.", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL, 423 diğer veritabanı yönetim sistemini geride bırakarak, DB-Engines tarafından 2024 Yılının DBMS'si ödülüne layık görüldü ve bu tanınırlığı beşinci kez elde etti.", + "PostgreSQL, neredeyse 35 yıllık bir geçmişe sahip olup, Eylül 2024'te piyasaya sürülen PostgreSQL 17'nin son geliştirmelerinde görüldüğü gibi yenilik yapmaya devam ediyor.", + "Snowflake ve Microsoft sırasıyla ikinci ve üçüncü sırayı aldı; Snowflake bulut tabanlı veri ambarı ve çoklu bulut desteği ile dikkat çekerken, Microsoft Azure SQL Veritabanı ve SQL Server aracılığıyla güçlü yönetilen ilişkisel veritabanları sunuyor." + ], + "commentSummary": [ + "PostgreSQL, db-engines.com tarafından 2024 Yılının Veritabanı Yönetim Sistemi ödülüne layık görüldü ve bu, endüstrideki artan popülaritesini ve tanınırlığını vurguluyor.", + "Kullanıcılar, olası geçiş zorluklarına rağmen yüksek lisans maliyetleri ve kaynak sınırlamaları nedeniyle Microsoft SQL Server'dan PostgreSQL'e geçmeyi düşünüyor.", + "PostgreSQL, sağlam özellikleri ve maliyet etkinliği nedeniyle gelecekteki projeler için tercih edilen bir seçenek olup, bazı kullanıcılar maliyetleri azaltmak için Babelfish gibi alternatifleri de araştırmaktadır." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Google’ın OAuth girişi, başarısız bir girişim alan adının satın alınmasına karşı koruma sağlamaz.", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Bu tartışma, başarısız bir girişimin alan adının yeni bir sahip tarafından satın alındığında, Google'ın OAuth giriş sisteminde yetkisiz erişime izin verebilecek bir güvenlik açığını vurgulamaktadır.", + "Bu sorun, Google'ın orijinal ve yeni alan adı sahiplerini ayırt edememesi nedeniyle ortaya çıkar ve alan adı tabanlı kimlik doğrulama kullanan herhangi bir sistemi etkileyebilir.", + "Önerilen bir çözüm, zamanla sabit kalan benzersiz tanımlayıcılar kullanmaktır, ancak bu çözümün uygulanması kimlik sağlayıcıları arasında farklılık göstermektedir." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Pasif gelir elde etmek için kodlama becerilerini kullanma", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "Yazar, CTO rolünden soloprenörlüğe geçiş yaparak, bir dizi yazılım ürünü aracılığıyla daha fazla kazanç elde etti.", + "Temel stratejiler arasında derin çalışmaya odaklanmak, küçük projelerle başlamak, hızlı bir şekilde yinelemek ve pazarlama çabalarına zaman ayırmak yer alır.", + "Yolculuk, belirsizlikler nedeniyle dayanıklılığı vurgularken, bu kariyer yolunun eşsiz özerklik ve özgürlüğünü öne çıkarıyor ve kodlama becerilerine sahip olanları pasif gelir için bunu düşünmeye teşvik ediyor." + ], + "commentSummary": [ + "Kullanıcı, etik kaygılara ve Google'ın nihai baskısına rağmen, sona eren alan adlarını kullanarak SEO spam web siteleri aracılığıyla pasif gelir elde etmeyi ve yıllık yaklaşık 30 bin dolar kazanmayı tarif etti.", + "Bu gönderi, pasif gelir konusunda bir tartışma başlattı ve bazı kullanıcılar bunun gerçekten pasif kazançlardan ziyade bir iş yürütmeye daha çok benzediğini savundu.", + "Katılımcılar, yan projelerdeki deneyimlerini ve zorluklarını paylaşarak zamanın, dayanıklılığın ve stratejik planlamanın önemini vurguladılar." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "İspanya, AB üyesi olmayan sakinler tarafından satın alınan evlere %100 vergi öneriyor", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "İspanya, konut krizini ele almak ve spekülatif alımları sınırlamak amacıyla AB üyesi olmayan sakinler tarafından yapılan gayrimenkul alımlarına %100 vergi getirmeyi düşünüyor.", + "Başbakan Pedro Sánchez'in teklifi, konut fiyatları ile gelirler arasındaki eşitsizliği ele almak için sosyal konutların genişletilmesini ve turistik kiralamaların düzenlenmesini içeriyor.", + "Teklifin yasa olarak geleceği belirsiz, bazı analistler bunu kesin bir yasal değişiklikten ziyade yabancı yatırımcılar için bir caydırıcı olarak görüyor." + ], + "commentSummary": [ + "İspanya, konutların uygun fiyatlı olma sorunlarını ele almak için AB dışı sakinler tarafından satın alınan evlere %100 vergi getirmeyi düşünüyor. - Eleştirmenler, yabancı alıcıların yüksek konut fiyatlarının birincil nedeni olmadığını, yavaş bürokrasi ve imar yasalarının daha önemli faktörler olduğunu öne sürüyor. - Öneri, konut piyasalarında yabancı mülkiyetin rolü ve uygun fiyatlılık sorunlarını çözmedeki etkinliği konusunda bir tartışma başlattı." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple yakında TSMC'nin Arizona fabrikasından 'Amerika'da üretilmiş' çipler alacak", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple, TSMC'nin Arizona tesisinden işlemcileri test ediyor ve ilk çeyrekte seri üretime geçmeyi planlıyor, bu da TSMC'nin yerel olarak üretilen çipler için ilk ABD müşterisi olma potansiyelini taşıyor. - Bu girişim, ABD'nin silikon bağımsızlığını güçlendirmeyi, jeopolitik ve doğal risklere karşı savunmasız olan Tayvan'a bağımlılığı azaltmayı amaçlıyor. - TSMC'nin Arizona fabrikası, gelişmiş 3nm ve 2nm çipler üretecek ve yerel işe alım ile ABD üniversiteleriyle ortaklıkları geliştirme çabaları devam ediyor, ancak paketleme başlangıçta Tayvan'da gerçekleşecek ve Peoria tesisi faaliyete geçene kadar bu durum sürecek." + ], + "commentSummary": [ + "Apple, TSMC'nin Arizona tesisinden çip alacak, ancak ABD'deki yetersiz tesisler nedeniyle paketleme için Tayvan'a geri gönderilmeleri gerekiyor. - Arizona tesisindeki iş gücünün %50'den fazlası Tayvan'dan, bu da ABD'nin STEM (Bilim, Teknoloji, Mühendislik ve Matematik) alanında bir boşluk olduğunu gösteriyor. - ABD yarı iletken üretimini artırmayı amaçlayan CHIPS Yasası girişimi, paketleme sürecinin Tayvan'da gerçekleşmesi nedeniyle \"Amerika'da Üretildi\" etiketinin sorgulanmasıyla zorluklarla karşılaşıyor, 2027 yılına kadar ABD'de paketleme yetenekleri için planlar yapılıyor." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "Yoğunluk fiyatlandırması devreye girdikten sonra Manhattan yollarında 43 bin daha az sürücü var.", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Yoğunluk fiyatlandırması uygulandıktan sonra, 60. Cadde'nin altındaki Manhattan'a giren sürücülerde %7,5'lik bir azalma oldu, bu da her hafta içi 43.000 daha az sürücüye eşdeğer.", + "Trafikteki azalma, trafik akışını iyileştirmiş ve otobüs hızlarını artırmıştır, bazı ekspres otobüsler daha yüksek yolcu sayısı yaşamaktadır.", + "MTA, bazı siyasi muhalefetlere rağmen, yıllık yaklaşık 500 milyon dolar olarak tahmin edilen geçiş ücreti gelirini ulaşım iyileştirmeleri için kullanıyor." + ], + "commentSummary": [ + "Manhattan'da tıkanıklık fiyatlandırmasının uygulanması, 43.000 daha az sürücüye yol açarak otobüs hızlarının artmasına ve potansiyel olarak daha iyi acil durum müdahale sürelerine neden oldu.", + "Politika, trafik sıkışıklığını azaltmak ve hava kalitesini iyileştirmek için tasarlanmıştır, ancak düşük gelirli bireyler üzerindeki etkisi konusunda tartışmalara yol açmıştır.", + "Destekleyenler, faydalar arasında daha verimli toplu taşıma ve daha temiz hava olduğunu savunurken, bu avantajların sürücülerin ihtiyaçlarıyla nasıl dengeleneceği konusunda tartışmalar devam ediyor." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.vi.json b/records/2025-01-14/2025-01-14.vi.json new file mode 100644 index 000000000..cc25ffc27 --- /dev/null +++ b/records/2025-01-14/2025-01-14.vi.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "Snyk nhà nghiên cứu bảo mật triển khai các gói NPM độc hại nhắm mục tiêu vào cursor.com", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "Một nhà nghiên cứu bảo mật của Snyk đã phát hành các gói NPM độc hại nhắm vào Cursor.com, một công ty mã hóa AI, để thu thập dữ liệu hệ thống và gửi nó đến một dịch vụ do kẻ tấn công kiểm soát.", + "Những gói này, được xác định là \"cursor-retrieval,\" \"cursor-always-local,\" và \"cursor-shadow-workspace,\" đã bị gắn cờ bởi máy quét phân tích gói OpenSSF, dẫn đến các khuyến cáo MAL-2025-27, MAL-2025-28, và MAL-2025-29.", + "Vụ việc này nhấn mạnh tầm quan trọng của việc kiểm tra kỹ lưỡng các gói NPM trước khi cài đặt để tránh các mối đe dọa an ninh tiềm ẩn." + ], + "commentSummary": [ + "Ai nghiên cứu bảo mật của Snyk đã phát hành các gói NPM (Node Package Manager) độc hại nhắm vào cursor.com, làm nổi bật các lỗ hổng nhầm lẫn phụ thuộc. - Sự cố này đã gây ra một cuộc tranh luận về đạo đức trong nghiên cứu bảo mật, đặc biệt là liên quan đến việc công khai các biến môi trường. - Cursor.com đã làm rõ rằng họ không ủy quyền cho hành động này, và Snyk đã xin lỗi kể từ đó, nhấn mạnh những thách thức trong việc cân bằng nghiên cứu bảo mật tấn công với các tiêu chuẩn đạo đức." + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "Tôi đã chuyển sang Firefox và không bao giờ nhìn lại", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox được khen ngợi vì khả năng quản lý tab vượt trội, tính năng Pocket tích hợp để lưu liên kết và dịch vụ chuyển tiếp email tập trung vào quyền riêng tư, làm cho nó trở thành một lựa chọn thay thế mạnh mẽ cho Chrome. - Các tính năng bổ sung như công cụ chụp màn hình thân thiện với người dùng, nút ChatGPT, chế độ Picture-in-Picture, tùy chọn tìm kiếm có thể tùy chỉnh và cuộn mượt mà nâng cao trải nghiệm duyệt web. - Mặc dù Firefox thiếu tính năng ứng dụng web của Chrome, thiết kế chu đáo và yêu cầu tài nguyên giảm khiến nó trở thành lựa chọn ưa thích của một số người dùng." + ], + "commentSummary": [ + "Người dùng Firefox đối mặt với thách thức từ các nền tảng như YouTube, có thể cố ý làm giảm trải nghiệm cho các trình duyệt không phải của Google hoặc người dùng sử dụng trình chặn quảng cáo. - Xu hướng này gây lo ngại về quyền tự chủ của người dùng, vì nó trừng phạt những người chọn trải nghiệm web không có quảng cáo và giám sát. - Firefox cung cấp các tính năng độc đáo, như tab container, giúp tăng cường quyền riêng tư và khả năng sử dụng, làm cho nó trở thành lựa chọn ưa thích cho những người dùng tìm kiếm sự độc lập khỏi các trình duyệt do các tập đoàn lớn kiểm soát." + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "CEO của Sonos từ chức sau vụ bê bối cập nhật ứng dụng", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Theo thông tin, CEO của Sonos đã từ chức sau khi có một bản cập nhật ứng dụng gây tranh cãi, yêu cầu người dùng thay thế các hệ thống âm thanh đắt tiền, dẫn đến sự không hài lòng của khách hàng. - Bản cập nhật này đã giới thiệu một hệ thống dựa trên đám mây, chuyển từ hệ thống Universal Plug and Play (UPnP) đáng tin cậy, dẫn đến các vấn đề kết nối và tăng độ phức tạp. - Tình huống này nhấn mạnh mâu thuẫn giữa chiến lược kinh doanh và duy trì niềm tin của khách hàng, khi CEO chuyển sang vai trò cố vấn với một gói trợ cấp thôi việc." + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "Trong bụng của MrBeast", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Theo bài tiểu luận, thuật toán của YouTube ảnh hưởng đến việc tạo nội dung như thế nào, sử dụng MrBeast làm trường hợp nghiên cứu, nhấn mạnh sự chuyển dịch hướng tới nội dung dựa trên sự tương tác hơn là nội dung có ý nghĩa. - Nó thảo luận về những tác động rộng lớn hơn đối với khả năng hiểu biết về truyền thông và ảnh hưởng văn hóa của các nền tảng như YouTube và TikTok, gợi ý một xu hướng hướng tới nội dung hời hợt và phản ứng. - Nhiều quan điểm khác nhau được xem xét về vai trò của thuật toán trong việc định hình nội dung và ảnh hưởng của những người sáng tạo nổi tiếng đối với các chuẩn mực văn hóa." + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "Hoạt động Git trên GitHub đang gặp sự cố", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "GitHub đã gặp sự cố gián đoạn hoạt động Git vào ngày 13 tháng 1 năm 2025, do thay đổi cấu hình ảnh hưởng đến bộ cân bằng tải nội bộ, kéo dài từ 23:35 đến 00:24 UTC. - Vấn đề đã được giải quyết bằng cách hoàn nguyên thay đổi cấu hình, và GitHub đang làm việc để cải thiện quy trình giám sát và triển khai nhằm ngăn chặn các sự cố tương tự. - Sự cố gián đoạn cũng ảnh hưởng đến các dịch vụ Actions và Pages của GitHub, làm nổi bật tính chất liên kết của các dịch vụ nền tảng của họ." + ], + "commentSummary": [ + "GitHub đã gặp phải một sự cố lớn ảnh hưởng đến các hoạt động git, dẫn đến sự nhầm lẫn trong cộng đồng phát triển khi ban đầu họ nghi ngờ có vấn đề với các khóa SSH hoặc cấu hình cục bộ của mình. - Sự cố này nhấn mạnh những thách thức của việc phụ thuộc vào các dịch vụ tập trung, thúc đẩy các cuộc thảo luận về lợi ích của việc tự lưu trữ và các hệ thống phi tập trung. - Mặc dù vấn đề đã được giải quyết, nhưng nó đã làm nổi bật những lo ngại về độ tin cậy của GitHub và những rủi ro khi phụ thuộc vào các nền tảng bên thứ ba cho các nhiệm vụ quan trọng." + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "ZFS 2.3 phát hành với mở rộng ZFS raidz", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "OpenZFS 2.3.0 đã được phát hành, giới thiệu các tính năng quan trọng như Mở rộng RAIDZ, Khử trùng lặp Nhanh, Đầu vào/Đầu ra Trực tiếp, đầu ra JSON và hỗ trợ tên tệp dài. - Bản phát hành bao gồm các bản sửa lỗi quan trọng và cải tiến hiệu suất, tương thích với các nhân Linux từ 4.18 đến 6.12 và các phiên bản FreeBSD 13.3, 14.0 - 14.2. - Bản cập nhật là nỗ lực hợp tác từ 134 người đóng góp, với tài liệu đầy đủ và nhật ký thay đổi có sẵn để xem xét." + ], + "commentSummary": [ + "ZFS 2.3 đã được phát hành, giới thiệu các tính năng như mở rộng RAIDZ, khử trùng lặp nhanh, IO trực tiếp, đầu ra JSON và hỗ trợ tên tệp dài. - Mở rộng RAIDZ đặc biệt đáng chú ý vì nó cho phép người dùng thêm thiết bị mới vào một pool RAIDZ hiện có mà không cần thời gian ngừng hoạt động, tăng cường khả năng lưu trữ. - Bản phát hành này được coi là một bước tiến đáng kể cho người dùng ZFS, được so sánh với các hệ thống tệp khác như Btrfs và Windows Storage Spaces, mặc dù có một số hạn chế như không thể thu nhỏ pool." + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop – Các container Alpine, Ubuntu, Fedora và Arch chứa các môi trường desktop đầy đủ", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop cung cấp các container dựa trên Alpine, Ubuntu, Fedora và Arch với các môi trường desktop đầy đủ có thể truy cập thông qua trình duyệt web, hỗ trợ cả kiến trúc x86-64 và arm64.", + "Người dùng có thể chọn từ nhiều môi trường desktop khác nhau như XFCE, KDE, MATE, i3, Openbox và IceWM bằng cách sử dụng các thẻ hình ảnh cụ thể, và truy cập Webtop thông qua các URL được chỉ định.", + "Những tính năng bảo mật bao gồm tùy chọn seccomp của Docker và thiết lập xác thực, với các tùy chọn tùy chỉnh có sẵn thông qua các biến môi trường, và hỗ trợ tăng tốc GPU với các trình điều khiển mã nguồn mở." + ], + "commentSummary": [ + "Webtop cung cấp các container với môi trường desktop đầy đủ cho Alpine, Ubuntu, Fedora và Arch, phù hợp cho các thiết lập nhanh chóng đằng sau một VPN.", + "Người dùng khen ngợi Webtop vì tốc độ và dễ sử dụng, đặc biệt khi sử dụng với container Gluetun để kết nối an toàn, nhưng cảnh báo không nên để lộ các container ra internet mà không có biện pháp bảo mật do thiếu xác thực mặc định.", + "Đề án được đánh giá cao vì là mã nguồn mở và linh hoạt, với người dùng chia sẻ các cấu hình, và các lựa chọn thay thế như Kasm và Selkies được ghi nhận cho các mục đích tương tự." + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "1 trong 5 tin tuyển dụng trực tuyến là giả hoặc không bao giờ được lấp đầy, nghiên cứu cho thấy", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "Một nghiên cứu gần đây chỉ ra rằng 20% các bài đăng tuyển dụng trực tuyến là giả mạo hoặc không được lấp đầy, làm tăng thêm sự thất vọng của người tìm việc. - Xu hướng \"công việc ma\" này có thể là một chiến thuật của các công ty để tạo ra hình ảnh phát triển. - Các nền tảng việc làm như Greenhouse và LinkedIn đã giới thiệu các dịch vụ xác minh công việc để hỗ trợ người dùng nhận diện các cơ hội việc làm thực sự." + ], + "commentSummary": [ + "Một nghiên cứu tiết lộ rằng 20% các tin tuyển dụng trực tuyến là giả hoặc không được lấp đầy, thường do các công ty cần tuân thủ các chính sách nhập cư của Mỹ. - Các công ty cũng có thể để lại các tin tuyển dụng để tìm ứng viên lý tưởng, thay đổi yêu cầu, hoặc đã có sẵn ứng viên nội bộ được chọn trước. - Thị trường việc làm khó khăn cho các ứng viên, những người thường xuyên gặp phải tình trạng bị bỏ rơi và từ chối tự động, dẫn đến những lời kêu gọi can thiệp quy định." + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "Biến một giao lộ trở nên không an toàn cho người đi bộ để tiết kiệm vài giây cho người lái xe", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Cuộc tranh luận xoay quanh việc liệu các giao lộ nên ưu tiên an toàn cho người đi bộ hay hiệu quả cho người lái xe, với một số người ủng hộ các giao lộ có đèn điều khiển và lối đi bộ chéo thay vì dừng 4 chiều.", + "Ý kiến khác nhau về luật giao thông và thiết kế cơ sở hạ tầng, với các cuộc thảo luận về sự an toàn của việc đi bộ không đúng luật và những rủi ro liên quan đến việc rẽ phải khi đèn đỏ.", + "Một số người ủng hộ các giải pháp thay thế như vòng xuyến hoặc áp dụng các tiêu chuẩn kỹ thuật giao thông của Hà Lan để nâng cao cả an toàn và hiệu quả." + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL là Hệ quản trị cơ sở dữ liệu của năm 2024", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL đã được trao giải DBMS của năm 2024 bởi DB-Engines, đạt được sự công nhận này lần thứ năm, vượt qua 423 hệ thống quản lý cơ sở dữ liệu khác.", + "PostgreSQL, với lịch sử kéo dài gần 35 năm, tiếp tục đổi mới, như được thấy trong những cải tiến gần đây của PostgreSQL 17, phát hành vào tháng 9 năm 2024.", + "Snowflake và Microsoft lần lượt giành vị trí thứ hai và thứ ba, với Snowflake được ghi nhận nhờ kho dữ liệu dựa trên đám mây và hỗ trợ đa đám mây, trong khi Microsoft cung cấp các cơ sở dữ liệu quan hệ được quản lý mạnh mẽ thông qua Azure SQL Database và SQL Server." + ], + "commentSummary": [ + "PostgreSQL đã được trao giải Hệ thống Quản lý Cơ sở Dữ liệu của Năm 2024 bởi db-engines.com, nhấn mạnh sự phổ biến ngày càng tăng và sự công nhận trong ngành.", + "Người dùng đang cân nhắc chuyển từ Microsoft SQL Server sang PostgreSQL do chi phí cấp phép cao và hạn chế về tài nguyên, mặc dù có thể gặp phải những thách thức trong quá trình di chuyển.", + "PostgreSQL được ưa chuộng nhờ các tính năng mạnh mẽ và hiệu quả về chi phí, khiến nó trở thành lựa chọn ưu tiên cho các dự án trong tương lai, mặc dù một số người dùng tìm kiếm các giải pháp thay thế như Babelfish để giảm chi phí." + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "Đăng nhập OAuth của Google không bảo vệ chống lại việc mua một tên miền của startup thất bại", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "Cuộc thảo luận nêu bật một lỗ hổng trong hệ thống đăng nhập OAuth của Google khi tên miền của một công ty khởi nghiệp thất bại được chủ sở hữu mới mua lại, có thể cho phép truy cập trái phép vào các dịch vụ.", + "Vấn đề này phát sinh vì Google có thể không phân biệt giữa chủ sở hữu tên miền gốc và mới, ảnh hưởng đến bất kỳ hệ thống nào sử dụng xác thực dựa trên tên miền.", + "Một giải pháp đề xuất là sử dụng các định danh duy nhất không thay đổi theo thời gian, mặc dù việc triển khai giải pháp này khác nhau giữa các nhà cung cấp danh tính." + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "Kiếm thu nhập thụ động bằng cách sử dụng kỹ năng lập trình", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "Người tác giả đã chuyển từ vai trò CTO sang làm một doanh nhân độc lập, thành công kiếm được nhiều hơn thông qua một danh mục các sản phẩm phần mềm.", + "Những chiến lược chính bao gồm tập trung vào công việc sâu, bắt đầu với các dự án nhỏ, lặp lại nhanh chóng và dành thời gian cho các nỗ lực tiếp thị.", + "Chuyến hành trình nhấn mạnh sự kiên cường do những bất định, nhưng làm nổi bật sự tự chủ và tự do vô song của con đường sự nghiệp này, khuyến khích những người có kỹ năng lập trình nên cân nhắc nó để có thu nhập thụ động." + ], + "commentSummary": [ + "Một người dùng đã mô tả việc tạo thu nhập thụ động thông qua các trang web spam SEO bằng cách sử dụng tên miền sắp hết hạn, kiếm được khoảng 30 nghìn đô la hàng năm, mặc dù có những lo ngại về đạo đức và việc Google cuối cùng sẽ trấn áp.", + "Đoạn đăng đã gây ra một cuộc tranh luận về thu nhập thụ động, với một số người dùng cho rằng nó giống như điều hành một doanh nghiệp hơn là thu nhập thực sự thụ động.", + "Những người tham gia đã chia sẻ kinh nghiệm và thách thức trong các dự án phụ, nhấn mạnh tầm quan trọng của thời gian, sự kiên cường và lập kế hoạch chiến lược." + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "Tây Ban Nha đề xuất thuế 100% đối với nhà ở được mua bởi cư dân không thuộc EU", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "Tây Ban Nha đang xem xét áp dụng thuế 100% đối với việc mua bất động sản bởi các cư dân không thuộc EU, nhằm giải quyết cuộc khủng hoảng nhà ở và hạn chế việc mua bán mang tính đầu cơ.", + "Đề xuất của Thủ tướng Pedro Sánchez bao gồm việc mở rộng nhà ở xã hội và điều chỉnh cho thuê du lịch để giải quyết sự chênh lệch giữa giá nhà và thu nhập.", + "Việc đề xuất này trở thành luật trong tương lai là không chắc chắn, với một số nhà phân tích coi nó như một biện pháp ngăn cản các nhà đầu tư nước ngoài hơn là một sự thay đổi lập pháp được đảm bảo." + ], + "commentSummary": [ + "Tây Ban Nha đang xem xét áp dụng thuế 100% đối với các ngôi nhà được mua bởi cư dân ngoài EU để giải quyết vấn đề khả năng chi trả nhà ở. - Những người chỉ trích cho rằng người mua nước ngoài không phải là nguyên nhân chính gây ra giá nhà cao, mà thay vào đó là do thủ tục hành chính chậm chạp và luật quy hoạch. - Đề xuất này đã khơi dậy một cuộc tranh luận về vai trò của quyền sở hữu nước ngoài trong thị trường nhà ở và hiệu quả của nó trong việc giải quyết các vấn đề về khả năng chi trả." + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "Apple sẽ sớm nhận được chip 'sản xuất tại Mỹ' từ nhà máy của TSMC ở Arizona", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "Apple đang thử nghiệm các bộ vi xử lý từ cơ sở của TSMC tại Arizona, với kế hoạch sản xuất hàng loạt vào quý đầu tiên, có thể trở thành khách hàng đầu tiên của TSMC tại Mỹ cho các chip sản xuất trong nước. - Sáng kiến này nhằm tăng cường sự độc lập về silicon của Mỹ, giảm sự phụ thuộc vào Đài Loan, nơi dễ bị tổn thương trước các rủi ro địa chính trị và thiên nhiên. - Nhà máy của TSMC tại Arizona dự kiến sẽ sản xuất các chip tiên tiến 3nm và 2nm, với nỗ lực liên tục để tăng cường tuyển dụng địa phương và hợp tác với các trường đại học Mỹ, mặc dù việc đóng gói ban đầu sẽ diễn ra tại Đài Loan cho đến khi cơ sở Peoria đi vào hoạt động." + ], + "commentSummary": [ + "Apple sẽ nhận chip từ nhà máy của TSMC ở Arizona, nhưng chúng cần được gửi lại Đài Loan để đóng gói do thiếu cơ sở ở Mỹ. - Hơn 50% lực lượng lao động tại nhà máy Arizona đến từ Đài Loan, cho thấy một khoảng trống trong lĩnh vực STEM (Khoa học, Công nghệ, Kỹ thuật và Toán học) của Mỹ. - Sáng kiến Đạo luật CHIPS, nhằm tăng cường sản xuất chất bán dẫn của Mỹ, đang đối mặt với thách thức khi nhãn \"Sản xuất tại Mỹ\" bị đặt câu hỏi do quá trình đóng gói diễn ra ở Đài Loan, với kế hoạch cho khả năng đóng gói tại Mỹ vào năm 2027." + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "43 nghìn tài xế ít hơn trên các con đường ở Manhattan sau khi thu phí tắc nghẽn được kích hoạt", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "Sau khi áp dụng giá cước tắc nghẽn, đã có sự giảm 7,5% số lượng tài xế vào Manhattan dưới phố 60, tương đương với 43.000 tài xế ít hơn mỗi ngày trong tuần.", + "Việc giảm lưu lượng giao thông đã cải thiện dòng chảy giao thông và tăng tốc độ xe buýt, với một số xe buýt nhanh có lượng hành khách tăng cao hơn.", + "Mặc dù có một số phản đối chính trị, Cơ quan Giao thông Vận tải Đô thị (MTA) sử dụng doanh thu từ phí cầu đường, ước tính khoảng 500 triệu đô la hàng năm, để cải thiện hệ thống giao thông." + ], + "commentSummary": [ + "Việc thực hiện giá cước tắc nghẽn ở Manhattan đã dẫn đến việc giảm 43.000 tài xế, làm tăng tốc độ xe buýt và có thể cải thiện thời gian phản ứng khẩn cấp.", + "Chính sách này được thiết kế để giảm tắc nghẽn giao thông và cải thiện chất lượng không khí, mặc dù nó đã gây ra tranh luận về tác động của nó đối với những người có thu nhập thấp hơn.", + "Những người ủng hộ lập luận rằng lợi ích bao gồm giao thông công cộng hiệu quả hơn và không khí sạch hơn, trong khi các cuộc thảo luận tiếp tục về việc cân bằng những lợi ích này với nhu cầu của người lái xe." + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.zh-Hans.json b/records/2025-01-14/2025-01-14.zh-Hans.json new file mode 100644 index 000000000..2a1592b4a --- /dev/null +++ b/records/2025-01-14/2025-01-14.zh-Hans.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "“思客安全研究员部署恶意NPM包,目标是cursor.com”", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "“一个 Snyk 安全研究员发布了针对 AI 编码公司 Cursor.com 的恶意 NPM 包,以收集系统数据并将其发送到攻击者控制的服务。”", + "“这些被标识为“cursor-retrieval”、“cursor-always-local”和“cursor-shadow-workspace”的软件包被OpenSSF软件包分析扫描器标记,导致发布了MAL-2025-27、MAL-2025-28和MAL-2025-29的建议。”", + "“此事件突显了在安装之前仔细审查NPM包以避免潜在安全威胁的重要性。”" + ], + "commentSummary": [ + "“一个 Snyk 安全研究员发布了针对 cursor.com 的恶意 NPM(Node Package Manager)包,突显了依赖混淆漏洞。- 这一事件引发了关于安全研究伦理的辩论,特别是关于环境变量的公开暴露。- Cursor.com 澄清他们并未授权此行为,Snyk 随后道歉,强调了在平衡攻击性安全研究与伦理标准方面的挑战。”" + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "“我切换到 Firefox 后再也没有回头”", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox因其出色的标签管理、内置的Pocket功能用于保存链接以及注重隐私的电子邮件中继而受到赞誉,使其成为Chrome的强大替代品。- 其他功能如用户友好的截图工具、ChatGPT按钮、画中画、自定义搜索选项和流畅的滚动增强了浏览体验。- 尽管Firefox缺乏Chrome的网络应用功能,但其周到的设计和较低的资源需求使其成为一些用户的首选。" + ], + "commentSummary": [ + "“Firefox用户面临来自YouTube等平台的挑战,这些平台可能故意降低非谷歌浏览器或使用广告拦截器用户的体验。- 这一趋势引发了对用户自主权的担忧,因为它惩罚了那些选择无广告和无监控网络体验的用户。- Firefox提供了独特的功能,如容器标签,增强了隐私和可用性,使其成为寻求独立于大型企业控制浏览器的用户的首选。”" + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "“Sonos首席执行官在应用程序更新风波后辞职”", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "“Sonos首席执行官因一项有争议的应用程序更新而辞职,该更新要求用户更换昂贵的音响系统,导致客户不满。- 该更新引入了基于云的系统,放弃了可靠的通用即插即用(UPnP),导致连接问题和复杂性增加。- 这一情况突显了商业策略与维护客户信任之间的冲突,因为首席执行官将过渡到顾问角色,并获得遣散费。”" + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "“在MrBeast的腹中”", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "“这篇文章探讨了YouTube的算法如何影响内容创作,以MrBeast为案例研究,强调了一种向以参与度为导向而非有意义内容的转变。- 它讨论了对媒体素养的更广泛影响以及像YouTube和TikTok这样的平台的文化影响,暗示了一种趋向于肤浅和反应性内容的趋势。- 文章考虑了各种观点,探讨了算法在塑造内容中的作用以及流行创作者对文化规范的影响。”" + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "“GitHub Git 操作已中断”", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "“GitHub在2025年1月13日因配置更改影响内部负载均衡器而面临Git操作中断,从23:35持续到00:24(UTC)。- 通过恢复配置更改解决了该问题,GitHub正在努力改进监控和部署流程以防止类似事件。- 此次中断还影响了GitHub的Actions和Pages服务,突显了其平台服务的互联性质。”" + ], + "commentSummary": [ + "“GitHub遭遇了一次重大故障,影响了git操作,导致开发者们最初怀疑是他们的SSH密钥或本地配置出现了问题。- 这一事件突显了依赖集中式服务的挑战,引发了关于自托管和去中心化系统优势的讨论。- 尽管问题已得到解决,但它突显了对GitHub可靠性的担忧以及依赖第三方平台处理关键任务的风险。”" + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "“ZFS 2.3发布,支持ZFS raidz扩展”", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "“OpenZFS 2.3.0 已发布,引入了重要功能,如 RAIDZ 扩展、快速重复数据删除、直接输入/输出、JSON 输出和对长文件名的支持。- 此版本包括基本的错误修复和性能增强,兼容 Linux 内核 4.18 - 6.12 和 FreeBSD 版本 13.3, 14.0 - 14.2。- 此更新是由 134 位贡献者共同努力的成果,提供了全面的文档和变更日志供审阅。”" + ], + "commentSummary": [ + "“ZFS 2.3 已发布,推出了诸如 RAIDZ 扩展、快速重复数据删除、直接 IO、JSON 输出和对长文件名的支持等功能。- RAIDZ 扩展尤其值得注意,因为它允许用户在不中断的情况下向现有的 RAIDZ 池添加新设备,从而增强存储容量。- 尽管存在一些限制,如无法缩小池,但此次发布被认为是 ZFS 用户的重大进步,与其他文件系统如 Btrfs 和 Windows Storage Spaces 相比备受关注。”" + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "“Webtop – Alpine、Ubuntu、Fedora 和 Arch 容器包含完整的桌面环境”", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "“Linuxserver/webtop 提供基于 Alpine、Ubuntu、Fedora 和 Arch 的容器,这些容器具有可通过网络浏览器访问的完整桌面环境,支持 x86-64 和 arm64 架构。”", + "“用户可以通过使用特定的镜像标签,从各种桌面环境中进行选择,如XFCE、KDE、MATE、i3、Openbox和IceWM,并通过指定的URL访问Webtop。”", + "“安全功能包括 Docker 的 seccomp 选项和身份验证设置,通过环境变量提供自定义选项,并支持使用开源驱动程序进行 GPU 加速。”" + ], + "commentSummary": [ + "“Webtop 提供带有完整桌面环境的容器,适用于 Alpine、Ubuntu、Fedora 和 Arch,适合在 VPN 后快速设置。”", + "“用户称赞 Webtop 的速度和易用性,特别是在与 Gluetun 容器一起使用以实现安全连接时,但警告不要在没有安全措施的情况下将容器暴露在互联网上,因为缺乏默认身份验证。”", + "“该项目因其开源和灵活性而受到重视,用户可以共享配置,类似的替代方案如 Kasm 和 Selkies 也因类似用途而受到关注。”" + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "“研究发现,五分之一的在线招聘信息要么是假的,要么从未被填补。”", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "“最近的一项研究表明,20%的在线招聘信息要么是假的,要么无人填补,这增加了求职者的挫败感。- 这种“幽灵职位”趋势可能是公司为了展示增长形象而采取的一种策略。- Greenhouse和LinkedIn等招聘平台已经推出了职位验证服务,以帮助用户识别真实的就业机会。”" + ], + "commentSummary": [ + "“研究显示,20%的在线招聘信息要么是假的,要么未被填补,这通常是因为公司需要遵守美国移民政策。- 公司也可能会保留招聘信息以寻找理想的候选人、更改要求,或已有预选的内部候选人。- 对于求职者来说,求职市场很困难,他们经常遇到失联和自动拒绝,这促使人们呼吁进行监管干预。”" + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "“为了给司机节省几秒钟而使行人交叉路口变得不安全”", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "“辩论的焦点在于十字路口应优先考虑行人安全还是驾驶员效率,一些人倾向于使用灯控十字路口和行人专用过街道而不是四向停车。”", + "“关于交通法规和基础设施设计的意见各不相同,其中包括对乱穿马路的安全性以及红灯右转所带来的风险的讨论。”", + "“有些人提倡采用替代方案,如环形交叉路口或采用荷兰交通工程标准,以提高安全性和效率。”" + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL是2024年度数据库管理系统", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL被DB-Engines评为2024年度数据库管理系统(DBMS),这是其第五次获得此殊荣,超过了其他423个数据库管理系统。", + "“PostgreSQL 拥有近 35 年的历史,仍在不断创新,这在 2024 年 9 月发布的 PostgreSQL 17 的最新增强功能中得到了体现。”", + "“雪花公司和微软分别获得了第二和第三名,雪花公司因其基于云的数据仓库和多云支持而受到关注,而微软则通过 Azure SQL 数据库和 SQL 服务器提供强大的托管关系数据库。”" + ], + "commentSummary": [ + "PostgreSQL被db-engines.com评为2024年度数据库管理系统,突显其在行业中的日益普及和认可。", + "“用户正在考虑从 Microsoft SQL Server 切换到 PostgreSQL,原因是高昂的许可费用和资源限制,尽管可能面临迁移挑战。”", + "“PostgreSQL因其强大的功能和成本效益而受到青睐,使其成为未来项目的首选,尽管一些用户会探索像Babelfish这样的替代方案以降低成本。”" + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "“Google 的 OAuth 登录无法防止购买失败初创公司的域名”", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "“讨论指出,当一个失败的初创公司的域名被新所有者收购时,谷歌的OAuth登录系统存在一个漏洞,这可能允许未经授权的访问服务。”", + "“此问题的出现是因为谷歌可能无法区分原始域名所有者和新域名所有者,从而影响任何使用基于域名认证的系统。”", + "“一个建议的解决方案是使用在时间上保持不变的唯一标识符,尽管这一解决方案的实施在不同的身份提供者之间有所不同。”" + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "“利用编程技能赚取被动收入”", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "“作者从首席技术官的角色转变为独立创业者,通过一系列软件产品成功赚取了更多收入。”", + "“关键策略包括专注于深度工作,从小项目开始,快速迭代,并投入时间进行营销工作。”", + "“这段旅程强调了由于不确定性而需要的韧性,但同时突出了这一职业道路无与伦比的自主性和自由,鼓励那些拥有编码技能的人考虑将其作为被动收入的来源。”" + ], + "commentSummary": [ + "“有用户描述了通过使用即将过期的域名创建SEO垃圾网站来产生被动收入,尽管存在道德问题和谷歌最终的打击,但每年仍能赚取大约3万美元。”", + "“这篇帖子引发了关于被动收入的辩论,一些用户认为这更像是经营一项业务,而不是真正的被动收入。”", + "“参与者分享了在副项目中的经验和挑战,强调了时间、韧性和战略规划的重要性。”" + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "西班牙提议对非欧盟居民购买的房屋征收100%税", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "“西班牙正在考虑对非欧盟居民的房地产购买征收100%的税,以解决住房危机并遏制投机性购买。”", + "“首相佩德罗·桑切斯的提议包括扩大社会住房和规范旅游租赁,以解决房价与收入之间的差距。”", + "“该提案作为法律的未来尚不确定,一些分析人士认为它更像是对外国投资者的威慑,而不是一项有保障的立法变更。”" + ], + "commentSummary": [ + "西班牙正在考虑对非欧盟居民购买的房屋征收100%的税,以解决住房负担能力问题。- 批评者认为,外国买家并不是高房价的主要原因,缓慢的官僚程序和分区法才是更重要的因素。- 这一提议引发了关于外国所有权在住房市场中的作用及其在解决负担能力问题上的有效性的辩论。" + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "“苹果将很快从台积电的亚利桑那州工厂收到‘美国制造’的芯片。”", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "“苹果正在测试来自台积电亚利桑那工厂的处理器,计划在第一季度实现量产,可能成为台积电首个使用本地制造芯片的美国客户。- 这一举措旨在增强美国的硅独立性,减少对台湾的依赖,因为台湾易受地缘政治和自然风险的影响。- 台积电的亚利桑那工厂计划生产先进的3纳米和2纳米芯片,并正在努力加强本地招聘和与美国大学的合作,尽管封装工作最初将在台湾进行,直到皮奥里亚工厂投入运营。”" + ], + "commentSummary": [ + "“苹果将从台积电的亚利桑那工厂接收芯片,但由于美国设施不足,这些芯片需要送回台湾进行封装。- 亚利桑那工厂超过50%的员工来自台湾,这表明美国在STEM(科学、技术、工程和数学)领域存在差距。- 《芯片法案》旨在提升美国半导体制造能力,但由于封装过程在台湾进行,“美国制造”标签受到质疑,计划到2027年在美国建立封装能力。”" + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "“拥堵收费启动后,曼哈顿道路上的司机减少了4.3万人。”", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "“在实施拥堵收费后,进入曼哈顿60街以下地区的司机减少了7.5%,相当于每个工作日减少了43,000名司机。”", + "“交通量的减少改善了交通流量并提高了公交车速度,一些快速公交的乘客量有所增加。”", + "“尽管存在一些政治反对意见,大都会运输署(MTA)将估计每年5亿美元的收费收入用于交通改善。”" + ], + "commentSummary": [ + "“在曼哈顿实施拥堵收费后,司机数量减少了43,000人,这导致公交车速度加快,并可能改善紧急响应时间。”", + "“该政策旨在减少交通拥堵并改善空气质量,尽管它引发了关于其对低收入人群影响的争论。”", + "“支持者认为,优点包括更高效的公共交通和更清洁的空气,同时关于如何平衡这些优势与司机需求的讨论仍在继续。”" + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/records/2025-01-14/2025-01-14.zh-Hant.json b/records/2025-01-14/2025-01-14.zh-Hant.json new file mode 100644 index 000000000..c31e56ae4 --- /dev/null +++ b/records/2025-01-14/2025-01-14.zh-Hant.json @@ -0,0 +1,288 @@ +[ + { + "id": 42690473, + "title": "「Snyk 資安研究員部署惡意 NPM 套件以攻擊 cursor.com」", + "originLink": "https://sourcecodered.com/snyk-malicious-npm-package/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690473", + "commentBody": "", + "originSummary": [ + "「一位 Snyk 的安全研究員發布了針對 AI 編碼公司 Cursor.com 的惡意 NPM 套件,以收集系統數據並將其發送到由攻擊者控制的服務。」", + "「這些套件被標識為“cursor-retrieval”、“cursor-always-local”和“cursor-shadow-workspace”,並被 OpenSSF 套件分析掃描器標記,導致發出建議 MAL-2025-27、MAL-2025-28 和 MAL-2025-29。」", + "此事件突顯了在安裝前仔細檢查 NPM 套件以避免潛在安全威脅的重要性。" + ], + "commentSummary": [ + "「一位 Snyk 的安全研究員發布了針對 cursor.com 的惡意 NPM(Node Package Manager)套件,突顯了依賴混淆漏洞。此事件引發了關於安全研究倫理的辯論,特別是涉及環境變數公開的問題。Cursor.com 澄清他們並未授權此行為,而 Snyk 也已道歉,強調在攻擊性安全研究與倫理標準之間取得平衡的挑戰。」" + ], + "points": 540, + "commentCount": 270, + "retryCount": 0, + "time": 1736807907 + }, + { + "id": 42696081, + "title": "「我改用 Firefox 後就再也沒有回頭過」", + "originLink": "https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696081", + "commentBody": "", + "originSummary": [ + "Firefox 因其優越的分頁管理、內建的 Pocket 功能用於儲存連結,以及注重隱私的電子郵件中繼功能而受到讚譽,使其成為 Chrome 的強大替代品。- 其他功能如使用者友好的截圖工具、ChatGPT 按鈕、畫中畫、可自訂的搜尋選項和流暢的滾動效果,提升了瀏覽體驗。- 雖然 Firefox 缺乏 Chrome 的網頁應用程式功能,但其周到的設計和較低的資源需求使其成為某些使用者的首選。" + ], + "commentSummary": [ + "「Firefox 使用者面臨來自 YouTube 等平台的挑戰,這些平台可能故意降低非 Google 瀏覽器或使用廣告攔截器的用戶的體驗。這一趨勢引發了對用戶自主權的擔憂,因為它懲罰了那些選擇無廣告和無監控網路體驗的人。Firefox 提供了獨特的功能,例如容器分頁,這些功能增強了隱私和可用性,使其成為尋求擺脫大型企業控制的瀏覽器的用戶的首選。」" + ], + "points": 480, + "commentCount": 392, + "retryCount": 0, + "time": 1736854678 + }, + { + "id": 42687932, + "title": "Sonos 執行長在應用程式更新風波後辭職", + "originLink": "https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42687932", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "「Sonos 的執行長在一項具爭議的應用程式更新後辭職,該更新要求用戶更換昂貴的音響系統,導致顧客不滿。- 此次更新引入了一個基於雲端的系統,捨棄了可靠的通用即插即用(UPnP),這導致了連接問題和複雜度增加。- 這種情況突顯了商業策略與維持顧客信任之間的衝突,執行長將轉任顧問角色並獲得遣散費。」" + ], + "points": 409, + "commentCount": 493, + "retryCount": 0, + "time": 1736797368 + }, + { + "id": 42696691, + "title": "「在 MrBeast 的肚子裡」", + "originLink": "https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696691", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "這篇文章探討了 YouTube 的演算法如何影響內容創作,並以 MrBeast 作為案例研究,強調了一種從有意義內容轉向以互動為驅動的內容的轉變。- 它討論了對媒體素養的更廣泛影響以及像 YouTube 和 TikTok 這樣的平台對文化的影響,指出了一種趨勢,即內容變得表面化和反應性。- 各種觀點被考慮在內,討論了演算法在塑造內容中的角色以及受歡迎的創作者對文化規範的影響。" + ], + "points": 369, + "commentCount": 258, + "retryCount": 0, + "time": 1736859931 + }, + { + "id": 42691184, + "title": "「GitHub Git 操作暫時無法使用」", + "originLink": "https://www.githubstatus.com/incidents/qd96yfgvmcf9", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42691184", + "commentBody": "", + "originSummary": [ + "「GitHub 在 2025 年 1 月 13 日因為一項影響內部負載平衡器的配置變更而遭遇 Git 操作中斷,持續時間從 UTC 時間 23:35 到 00:24。- 問題通過恢復配置變更得到解決,GitHub 正在努力改進監控和部署流程以防止類似事件發生。- 此次中斷也影響了 GitHub 的 Actions 和 Pages 服務,突顯了其平台服務的互聯性。」" + ], + "commentSummary": [ + "GitHub 遭遇了一次重大故障,影響了 git 操作,導致開發者感到困惑,最初懷疑是他們的 SSH 金鑰或本地配置出了問題。- 這次事件突顯了依賴集中式服務的挑戰,促使人們討論自我託管和去中心化系統的優勢。- 雖然問題已經解決,但這次事件突顯了對 GitHub 可靠性的擔憂,以及依賴第三方平台進行重要任務的風險。" + ], + "points": 324, + "commentCount": 250, + "retryCount": 0, + "time": 1736812051 + }, + { + "id": 42694596, + "title": "「ZFS 2.3 發佈,新增 ZFS raidz 擴展功能」", + "originLink": "https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42694596", + "commentBody": "", + "originSummary": [ + "「OpenZFS 2.3.0 已經發布,推出了重要功能,如 RAIDZ 擴展、快速重複資料刪除、直接輸入/輸出、JSON 輸出以及對長檔名的支援。此版本包含了基本的錯誤修正和效能增強,與 Linux 核心 4.18 - 6.12 和 FreeBSD 版本 13.3、14.0 - 14.2 相容。這次更新是由 134 位貢獻者共同努力的成果,並提供了完整的文件和變更記錄供檢閱。」" + ], + "commentSummary": [ + "「ZFS 2.3 已經發布,推出了 RAIDZ 擴展、快速重複資料刪除、直接 IO、JSON 輸出以及對長檔名的支援等功能。- RAIDZ 擴展尤其值得注意,因為它允許使用者在不需要停機的情況下,將新設備添加到現有的 RAIDZ 磁碟陣列中,從而提升儲存容量。- 此次發布被認為是 ZFS 使用者的一項重大進展,儘管存在一些限制,例如無法縮小磁碟陣列,但仍被拿來與其他檔案系統如 Btrfs 和 Windows Storage Spaces 相提並論。」" + ], + "points": 302, + "commentCount": 215, + "retryCount": 0, + "time": 1736838539 + }, + { + "id": 42690983, + "title": "Webtop-包含完整桌面環境的 Alpine、Ubuntu、Fedora 和 Arch 容器", + "originLink": "https://docs.linuxserver.io/images/docker-webtop/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690983", + "commentBody": "", + "originSummary": [ + "Linuxserver/webtop 提供基於 Alpine、Ubuntu、Fedora 和 Arch 的容器,這些容器具有完整的桌面環境,可透過網頁瀏覽器存取,並支援 x86-64 和 arm64 架構。", + "使用者可以透過特定的映像標籤選擇各種桌面環境,例如 XFCE、KDE、MATE、i3、Openbox 和 IceWM,並透過指定的 URL 存取 Webtop。", + "安全功能包括 Docker 的 seccomp 選項和身份驗證設置,並可透過環境變數進行自訂,且支援使用開源驅動程式的 GPU 加速。" + ], + "commentSummary": [ + "Webtop 提供包含完整桌面環境的容器,適用於 Alpine、Ubuntu、Fedora 和 Arch,適合在 VPN 後快速設置。", + "使用者讚揚 Webtop 的速度和易用性,特別是在與 Gluetun 容器搭配使用以確保連線安全時,但警告不要在沒有安全措施的情況下將容器暴露在網際網路上,因為缺乏預設的身份驗證。", + "「該專案因其開源和靈活性而受到重視,使用者可以分享配置,並且像 Kasm 和 Selkies 這樣的替代方案也因類似用途而受到關注。」" + ], + "points": 297, + "commentCount": 57, + "retryCount": 0, + "time": 1736810708 + }, + { + "id": 42697783, + "title": "研究發現,每五個線上職缺中就有一個是假的或從未被填補。", + "originLink": "https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42697783", + "commentBody": "", + "originSummary": [ + "「一項最近的研究顯示,20% 的線上職缺要麼是假的,要麼是未填補的,這增加了求職者的挫折感。這種“幽靈職缺”趨勢可能是公司用來展示成長形象的一種策略。像 Greenhouse 和 LinkedIn 這樣的求職平台已經推出了職缺驗證服務,以協助用戶識別真實的工作機會。」" + ], + "commentSummary": [ + "「一項研究顯示,20% 的線上職缺要麼是假的,要麼未被填補,這通常是因為公司需要遵守美國的移民政策。- 公司也可能會保留職缺以尋找理想的候選人、更改要求,或已經預先選定內部候選人。- 對於求職者來說,求職市場是困難的,他們經常遇到音訊全無和自動拒絕,這引發了對監管干預的呼籲。」" + ], + "points": 273, + "commentCount": 224, + "retryCount": 0, + "time": 1736865860 + }, + { + "id": 42698557, + "title": "為了讓駕駛節省幾秒鐘而使行人穿越道變得不安全", + "originLink": "https://collegetowns.substack.com/p/making-an-intersection-unsafe-for", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42698557", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "辯論的焦點在於十字路口應優先考慮行人安全還是駕駛效率,有些人偏好使用紅綠燈控制的路口和行人專用交叉道,而非四向停車標誌。", + "對於交通法規和基礎設施設計的看法各異,討論包括闖紅燈的安全性以及紅燈右轉所帶來的風險。", + "有些人主張採用替代方案,如圓環或採用荷蘭交通工程標準,以提升安全性和效率。" + ], + "points": 267, + "commentCount": 362, + "retryCount": 0, + "time": 1736869194 + }, + { + "id": 42696080, + "title": "PostgreSQL 是 2024 年度的資料庫管理系統", + "originLink": "https://db-engines.com/en/blog_post/109", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696080", + "commentBody": "", + "originSummary": [ + "PostgreSQL 獲得了 DB-Engines 頒發的 2024 年度資料庫管理系統獎,這是它第五次獲得此殊榮,超越了其他 423 種資料庫管理系統。", + "PostgreSQL 擁有近 35 年的歷史,持續創新,這在 2024 年 9 月發布的 PostgreSQL 17 的最新增強功能中可見一斑。", + "「Snowflake 和 Microsoft 分別獲得第二和第三名,Snowflake 因其雲端資料倉儲和多雲支援而受到讚譽,而 Microsoft 則透過 Azure SQL Database 和 SQL Server 提供強大的託管關聯式資料庫。」" + ], + "commentSummary": [ + "PostgreSQL 獲得了 db-engines.com 頒發的 2024 年度資料庫管理系統獎,這突顯了其在業界日益增長的受歡迎程度和認可度。", + "儘管可能面臨遷移挑戰,使用者正在考慮從 Microsoft SQL Server 轉換到 PostgreSQL,原因是高昂的授權費用和資源限制。", + "PostgreSQL 因其強大的功能和成本效益而受到青睞,使其成為未來專案的首選,儘管有些使用者會探索像 Babelfish 這樣的替代方案以降低成本。" + ], + "points": 239, + "commentCount": 79, + "retryCount": 0, + "time": 1736854677 + }, + { + "id": 42699099, + "title": "「Google 的 OAuth 登入無法防止購買失敗的新創公司網域」", + "originLink": "https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699099", + "commentBody": "", + "originSummary": [], + "commentSummary": [ + "「討論強調了 Google 的 OAuth 登入系統中的一個漏洞,當一個失敗的初創公司的網域被新擁有者收購時,可能會允許未經授權的服務存取。」", + "「此問題的產生是因為 Google 可能無法區分原始域名擁有者和新域名擁有者,從而影響任何使用基於域名驗證的系統。」", + "「一個建議的解決方案是使用隨時間保持不變的唯一識別碼,儘管此解決方案的實施在不同的身份提供者之間有所不同。」" + ], + "points": 200, + "commentCount": 112, + "retryCount": 0, + "time": 1736871241 + }, + { + "id": 42696822, + "title": "利用程式設計技能賺取被動收入", + "originLink": "https://www.coryzue.com/writing/solopreneur/", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42696822", + "commentBody": "", + "originSummary": [ + "作者從首席技術官的職位轉型為個人創業者,透過一系列軟體產品成功賺取更多收入。", + "關鍵策略包括專注於深度工作、從小型專案開始、快速迭代,以及投入時間於行銷工作。", + "這段旅程強調了因不確定性而需要的韌性,但也突顯了這條職業道路無與倫比的自主性和自由,鼓勵擁有程式設計技能的人考慮將其作為被動收入的來源。" + ], + "commentSummary": [ + "有一位使用者描述了透過 SEO 垃圾網站來產生被動收入的方法,這些網站使用即將到期的網域名稱,儘管存在道德上的顧慮以及 Google 最終的打擊行動,他每年仍能賺取約 3 萬美元。", + "「這篇文章引發了關於被動收入的辯論,一些使用者認為這更像是經營一門生意,而非真正的被動收入。」", + "「參與者分享了在副業專案中的經驗和挑戰,強調了時間、韌性和策略規劃的重要性。」" + ], + "points": 167, + "commentCount": 90, + "retryCount": 0, + "time": 1736860888 + }, + { + "id": 42690781, + "title": "西班牙提議對非歐盟居民購買的房屋徵收100%稅", + "originLink": "https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42690781", + "commentBody": "", + "originSummary": [ + "西班牙正在考慮對非歐盟居民的房地產購買徵收100%的稅,旨在解決住房危機並抑制投機性購買。", + "首相佩德羅·桑切斯的提議包括擴大社會住宅和規範旅遊租賃,以解決房價與收入之間的差距。", + "該提案作為法律的未來尚不確定,一些分析師認為它更像是對外國投資者的威懾,而不是一項保證的立法變革。" + ], + "commentSummary": [ + "西班牙正在考慮對非歐盟居民購買的房屋徵收 100% 的稅,以解決住房負擔能力問題。- 批評者認為,外國買家並不是房價高漲的主要原因,並指出緩慢的官僚程序和分區法規是更重要的因素。- 這項提案引發了關於外國擁有權在住房市場中的角色及其在解決負擔能力問題上的有效性的辯論。" + ], + "points": 162, + "commentCount": 254, + "retryCount": 0, + "time": 1736809603 + }, + { + "id": 42699977, + "title": "蘋果即將從台積電位於亞利桑那州的工廠獲得「美國製造」的晶片", + "originLink": "https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42699977", + "commentBody": "", + "originSummary": [ + "蘋果正在測試來自台積電亞利桑那廠的處理器,計劃在第一季度開始量產,可能成為台積電首位使用美國本地製造晶片的客戶。此舉旨在加強美國的矽獨立性,減少對台灣的依賴,因為台灣易受地緣政治和自然風險的影響。台積電的亞利桑那廠將生產先進的3奈米和2奈米晶片,並持續努力增強當地的招聘和與美國大學的合作,儘管封裝工作將在台灣進行,直到皮奧里亞設施投入運營。" + ], + "commentSummary": [ + "蘋果將從台積電的亞利桑那州工廠獲得晶片,但由於美國設施不足,這些晶片需要送回台灣進行封裝。- 亞利桑那州工廠超過50%的勞動力來自台灣,顯示出美國在STEM(科學、技術、工程和數學)領域的差距。- 《晶片法案》計畫旨在增強美國半導體製造能力,但由於封裝過程在台灣進行,導致「美國製造」標籤受到質疑,並計畫在2027年前提升美國的封裝能力。" + ], + "points": 160, + "commentCount": 73, + "retryCount": 0, + "time": 1736873807 + }, + { + "id": 42692730, + "title": "在擁擠收費啟用後,曼哈頓道路上的駕駛人數減少了43,000人", + "originLink": "https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says", + "originBody": "", + "commentLink": "https://news.ycombinator.com/item?id=42692730", + "commentBody": "", + "originSummary": [ + "「在實施擁擠收費後,進入曼哈頓60街以下的駕駛人數減少了7.5%,相當於每個工作日減少了43,000名駕駛。」", + "交通量的減少改善了交通流量並提高了公車速度,部分快捷公車的乘客量有所增加。", + "大都會運輸署(MTA)將估計每年5億美元的通行費收入用於交通改善,儘管面臨一些政治反對。" + ], + "commentSummary": [ + "在曼哈頓實施擁擠收費政策後,駕駛人數減少了43,000人,這導致公車速度加快,並可能改善緊急應變時間。", + "該政策旨在減少交通擁擠並改善空氣品質,儘管它引發了關於其對低收入者影響的辯論。", + "支持者認為,這些好處包括更高效的公共交通和更清潔的空氣,同時討論仍在繼續,以平衡這些優勢與駕駛者需求之間的關係。" + ], + "points": 154, + "commentCount": 199, + "retryCount": 0, + "time": 1736821606 + } +] diff --git a/static/rss/newsletter/ar.xml b/static/rss/newsletter/ar.xml index a1b41db2f..823123156 100644 --- a/static/rss/newsletter/ar.xml +++ b/static/rss/newsletter/ar.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

باحث أمني في Snyk ينشر حزم NPM خبيثة تستهدف cursor.com

+
    +
  • أصدر باحث أمني من شركة Snyk حزم NPM خبيثة تستهدف موقع Cursor.com، وهي شركة متخصصة في البرمجة بالذكاء الاصطناعي، لجمع بيانات النظام وإرسالها إلى خدمة يتحكم فيها المهاجم.
    • +
  • تم تحديد الحزم المسماة "cursor-retrieval"، "cursor-always-local"، و"cursor-shadow-workspace" بواسطة ماسح تحليل الحزم OpenSSF، مما أدى إلى إصدار التحذيرات MAL-2025-27، MAL-2025-28، وMAL-2025-29.
    • +
  • تسلط هذه الحادثة الضوء على أهمية فحص حزم NPM قبل التثبيت لتجنب التهديدات الأمنية المحتملة.
    • +
+

ردود الفعل

+
    +
  • أصدر باحث أمني من Snyk حزم NPM (مدير حزم Node) خبيثة تستهدف cursor.com، مما يبرز ثغرات الارتباك في الاعتماديات. - أثار الحادث نقاشًا حول أخلاقيات البحث الأمني، خاصة فيما يتعلق بالكشف العلني عن متغيرات البيئة. - أوضحت cursor.com أنها لم تأذن بهذا الإجراء، واعتذرت Snyk منذ ذلك الحين، مما يبرز التحديات في موازنة البحث الأمني الهجومي مع المعايير الأخلاقية.
    • +
+

لقد انتقلت إلى فايرفوكس ولم أنظر إلى الوراء أبدًا

+
    +
  • يُشاد بمتصفح فايرفوكس لإدارته الفائقة للتبويبات وميزة Pocket المدمجة لحفظ الروابط وميزة البريد الإلكتروني التي تركز على الخصوصية، مما يجعله بديلاً قوياً لمتصفح كروم. - ميزات إضافية مثل أداة لقطة الشاشة سهلة الاستخدام، زر ChatGPT، وضع الصورة داخل الصورة، خيارات البحث القابلة للتخصيص، والتمرير السلس تعزز تجربة التصفح. - على الرغم من أن فايرفوكس يفتقر إلى ميزة تطبيقات الويب الخاصة بكروم، إلا أن تصميمه المدروس ومتطلباته المنخفضة للموارد تجعله الخيار المفضل لبعض المستخدمين.
    • +
+

ردود الفعل

+
    +
  • يواجه مستخدمو فايرفوكس تحديات من منصات مثل يوتيوب، التي قد تقوم عمدًا بتقليل جودة التجربة لمتصفحات غير تابعة لجوجل أو للمستخدمين الذين يستخدمون أدوات حجب الإعلانات. - يثير هذا الاتجاه مخاوف بشأن استقلالية المستخدم، حيث يعاقب أولئك الذين يختارون تجربة ويب خالية من الإعلانات والمراقبة. - يقدم فايرفوكس ميزات فريدة، مثل علامات التبويب الحاوية، التي تعزز الخصوصية وسهولة الاستخدام، مما يجعله خيارًا مفضلًا للمستخدمين الذين يسعون للاستقلال عن المتصفحات التي تسيطر عليها الشركات الكبرى.
    • +
+

الرئيس التنفيذي لشركة سونوس يتنحى بعد فضيحة تحديث التطبيق

+

ردود الفعل

+
    +
  • استقال الرئيس التنفيذي لشركة سونوس بعد تحديث تطبيق مثير للجدل أجبر المستخدمين على استبدال أنظمة الصوت المكلفة، مما تسبب في استياء العملاء. - قدم التحديث نظامًا قائمًا على السحابة، مبتعدًا عن نظام التوصيل والتشغيل العالمي الموثوق (UPnP)، مما أدى إلى مشاكل في الاتصال وزيادة التعقيد. - يبرز هذا الوضع الصراع بين استراتيجيات الأعمال والحفاظ على ثقة العملاء، حيث ينتقل الرئيس التنفيذي إلى دور استشاري مع حزمة تعويضات.
    • +
+

في بطن مستر بيست

+

ردود الفعل

+
    +
  • تتناول المقالة كيفية تأثير خوارزمية يوتيوب على إنشاء المحتوى، باستخدام MrBeast كدراسة حالة، مسلطة الضوء على التحول نحو المحتوى الذي يحركه التفاعل بدلاً من المحتوى ذو المعنى. - تناقش الآثار الأوسع على محو الأمية الإعلامية والتأثير الثقافي للمنصات مثل يوتيوب وتيك توك، مشيرة إلى اتجاه نحو المحتوى السطحي والتفاعلي. - يتم النظر في وجهات نظر مختلفة حول دور الخوارزميات في تشكيل المحتوى وتأثير المبدعين المشهورين على المعايير الثقافية.
    • +
+

عمليات Git على GitHub متوقفة

+
    +
  • واجهت GitHub انقطاعًا في عمليات Git في 13 يناير 2025 بسبب تغيير في التكوين أثر على موازن التحميل الداخلي، واستمر من الساعة 23:35 حتى 00:24 بالتوقيت العالمي. - تم حل المشكلة عن طريق التراجع عن تغيير التكوين، وتعمل GitHub على تحسين عمليات المراقبة والنشر لمنع حوادث مماثلة. - أثر الانقطاع أيضًا على خدمات Actions وPages في GitHub، مما يبرز الطبيعة المترابطة لخدمات منصتهم.
    • +
+

ردود الفعل

+
    +
  • واجه GitHub انقطاعًا كبيرًا أثر على عمليات git، مما أدى إلى ارتباك بين المطورين الذين اشتبهوا في البداية بوجود مشكلات في مفاتيح SSH الخاصة بهم أو تكويناتهم المحلية. - سلط الحادث الضوء على التحديات المرتبطة بالاعتماد على الخدمات المركزية، مما أثار مناقشات حول مزايا الاستضافة الذاتية والأنظمة اللامركزية. - وعلى الرغم من حل المشكلة، إلا أنها أبرزت المخاوف بشأن موثوقية GitHub والمخاطر المرتبطة بالاعتماد على منصات الطرف الثالث للمهام الأساسية.
    • +
+

تم إصدار ZFS 2.3 مع توسيع ZFS raidz

+
    +
  • تم إصدار OpenZFS 2.3.0، حيث تم تقديم ميزات هامة مثل توسيع RAIDZ، وإزالة التكرار السريع، والإدخال/الإخراج المباشر، وإخراج JSON، ودعم الأسماء الطويلة للملفات. - يتضمن الإصدار إصلاحات أساسية للأخطاء وتحسينات في الأداء، وهو متوافق مع نوى لينكس من 4.18 إلى 6.12 وإصدارات FreeBSD من 13.3 إلى 14.0 - 14.2. - التحديث هو جهد تعاوني من 134 مساهمًا، مع توفر وثائق شاملة وسجل تغييرات للمراجعة.
    • +
+

ردود الفعل

+
    +
  • تم إصدار ZFS 2.3، حيث تم تقديم ميزات مثل توسيع RAIDZ، وإلغاء التكرار السريع، وIO المباشر، وإخراج JSON، ودعم الأسماء الطويلة للملفات. - يُعتبر توسيع RAIDZ ملحوظًا بشكل خاص لأنه يسمح للمستخدمين بإضافة أجهزة جديدة إلى مجموعة RAIDZ موجودة دون توقف، مما يعزز سعة التخزين. - يُعتبر الإصدار تقدمًا كبيرًا لمستخدمي ZFS، حيث يتم مقارنته بأنظمة ملفات أخرى مثل Btrfs وWindows Storage Spaces، على الرغم من بعض القيود مثل عدم القدرة على تقليص المجموعات.
    • +
+

ويب توب - حاويات ألباين، أوبونتو، فيدورا، وآرتش تحتوي على بيئات سطح مكتب كاملة

+
    +
  • يوفر Linuxserver/webtop حاويات تعتمد على أنظمة Alpine وUbuntu وFedora وArch مع بيئات سطح مكتب كاملة يمكن الوصول إليها عبر متصفحات الويب، وتدعم كل من معماريات x86-64 وarm64.
    • +
  • يمكن للمستخدمين اختيار بيئات سطح المكتب المختلفة مثل XFCE وKDE وMATE وi3 وOpenbox وIceWM باستخدام علامات الصور المحددة، والوصول إلى Webtop عبر عناوين URL المخصصة.
    • +
  • تشمل ميزات الأمان خيار seccomp في Docker وإعداد المصادقة، مع توفر خيارات التخصيص من خلال متغيرات البيئة، ودعم تسريع GPU باستخدام برامج تشغيل مفتوحة المصدر.
    • +
+

ردود الفعل

+
    +
  • يوفر Webtop حاويات ببيئات سطح مكتب كاملة لأنظمة Alpine وUbuntu وFedora وArch، وهي مناسبة لإعدادات سريعة خلف VPN.
    • +
  • يشيد المستخدمون بـ Webtop لسرعته وسهولة استخدامه، خاصة عند استخدامه مع حاوية Gluetun للاتصالات الآمنة، لكنهم يحذرون من تعريض الحاويات للإنترنت دون اتخاذ تدابير أمنية بسبب عدم وجود مصادقة افتراضية.
    • +
  • يُقدَّر المشروع لكونه مفتوح المصدر ومرنًا، حيث يشارك المستخدمون التكوينات، وتُلاحظ بدائل مثل Kasm وSelkies لأغراض مشابهة.
    • +
+

وجدت دراسة أن 1 من كل 5 إعلانات وظائف عبر الإنترنت إما مزيفة أو لم يتم شغلها أبدًا

+
    +
  • تشير دراسة حديثة إلى أن 20% من إعلانات الوظائف عبر الإنترنت إما زائفة أو تبقى شاغرة، مما يزيد من إحباط الباحثين عن عمل. - قد تكون هذه الظاهرة المعروفة بـ"الوظائف الشبحية" تكتيكًا تستخدمه الشركات لإظهار صورة عن النمو. - وقد قدمت منصات التوظيف مثل Greenhouse وLinkedIn خدمات تحقق من الوظائف لمساعدة المستخدمين في التعرف على فرص العمل الحقيقية.
    • +
+

ردود الفعل

+
    +
  • تكشف دراسة أن 20% من إعلانات الوظائف عبر الإنترنت إما زائفة أو تبقى شاغرة، غالبًا بسبب حاجة الشركات للامتثال لسياسات الهجرة الأمريكية. - قد تترك الشركات أيضًا إعلانات الوظائف مفتوحة للعثور على المرشحين المثاليين، أو لتغيير المتطلبات، أو لوجود مرشحين داخليين تم اختيارهم مسبقًا. - سوق العمل صعب بالنسبة للمتقدمين، الذين يواجهون بشكل متكرر التجاهل والرفض الآلي، مما يدفع إلى الدعوة لتدخل تنظيمي.
    • +
+

جعل التقاطع غير آمن للمشاة لتوفير ثوانٍ للسائقين

+

ردود الفعل

+
    +
  • يدور النقاش حول ما إذا كان يجب على التقاطعات أن تعطي الأولوية لسلامة المشاة أو كفاءة السائقين، حيث يفضل البعض التقاطعات التي يتم التحكم فيها بالإشارات الضوئية وعبور المشاة على التوقفات الرباعية.
    • +
  • تختلف الآراء حول قوانين المرور وتصميم البنية التحتية، مع مناقشات حول سلامة عبور المشاة في غير الأماكن المخصصة والمخاطر المرتبطة بالانعطاف إلى اليمين عند الإشارة الحمراء.
    • +
  • يدعو البعض إلى حلول بديلة مثل الدوارات أو تبني معايير الهندسة المرورية الهولندية لتعزيز كل من السلامة والكفاءة.
    • +
+

PostgreSQL هو نظام إدارة قواعد البيانات لعام 2024

+
    +
  • تم منح PostgreSQL جائزة نظام إدارة قواعد البيانات لعام 2024 من قبل DB-Engines، محققًا هذا الاعتراف للمرة الخامسة، متفوقًا على 423 نظامًا آخر لإدارة قواعد البيانات.
    • +
  • يواصل PostgreSQL الابتكار بعد تاريخ يمتد لأكثر من 35 عامًا، كما يتضح من التحسينات الأخيرة في PostgreSQL 17، الذي تم إصداره في سبتمبر 2024.
    • +
  • احتلت Snowflake وMicrosoft المركزين الثاني والثالث على التوالي، حيث تميزت Snowflake بتخزين البيانات السحابي ودعم السحابة المتعددة، بينما تقدم Microsoft قواعد بيانات علائقية مُدارة قوية من خلال Azure SQL Database وSQL Server.
    • +
+

ردود الفعل

+
    +
  • تم منح PostgreSQL جائزة نظام إدارة قواعد البيانات لعام 2024 من قبل db-engines.com، مما يبرز شعبيته المتزايدة والاعتراف به في الصناعة.
    • +
  • يفكر المستخدمون في الانتقال من Microsoft SQL Server إلى PostgreSQL بسبب التكاليف العالية للتراخيص والقيود على الموارد، على الرغم من التحديات المحتملة في عملية الانتقال.
    • +
  • يُفضل PostgreSQL لميزاته القوية وفعاليته من حيث التكلفة، مما يجعله خيارًا مفضلاً للمشاريع المستقبلية، على الرغم من أن بعض المستخدمين يستكشفون بدائل مثل Babelfish لتقليل التكاليف.
    • +
+

تسجيل الدخول باستخدام OAuth من جوجل لا يحمي من شراء نطاق شركة ناشئة فاشلة

+

ردود الفعل

+
    +
  • تسلط المناقشة الضوء على ثغرة في نظام تسجيل الدخول OAuth الخاص بجوجل عندما يتم الاستحواذ على نطاق شركة ناشئة فاشلة من قبل مالك جديد، مما قد يسمح بالوصول غير المصرح به إلى الخدمات.
    • +
  • تنشأ هذه المشكلة لأن جوجل قد لا تميز بين المالكين الأصليين والجدد للنطاق، مما يؤثر على أي نظام يستخدم المصادقة المستندة إلى النطاق.
    • +
  • الحل المقترح هو استخدام معرفات فريدة تظل ثابتة مع مرور الوقت، على الرغم من أن تنفيذ هذا الحل يختلف بين مزودي الهوية.
    • +
+

استخدام مهارات البرمجة لتحقيق دخل سلبي

+
    +
  • انتقل المؤلف من دور مدير التكنولوجيا التنفيذي إلى العمل كريادي منفرد، ونجح في كسب المزيد من خلال مجموعة من المنتجات البرمجية.
    • +
  • تشمل الاستراتيجيات الرئيسية التركيز على العمل العميق، والبدء بمشاريع صغيرة، والتكرار بسرعة، وتخصيص الوقت للجهود التسويقية.
    • +
  • تؤكد الرحلة على المرونة بسبب عدم اليقين، لكنها تسلط الضوء على الاستقلالية والحرية التي لا مثيل لها في هذا المسار الوظيفي، مما يشجع أولئك الذين يمتلكون مهارات البرمجة على التفكير فيه كمصدر دخل سلبي.
    • +
+

ردود الفعل

+
    +
  • وصف مستخدم كيفية توليد دخل سلبي من خلال مواقع الويب التي تستخدم البريد العشوائي لتحسين محركات البحث باستخدام أسماء النطاقات المنتهية، حيث يكسب حوالي 30 ألف دولار سنويًا، على الرغم من المخاوف الأخلاقية وحملة جوجل النهائية ضد هذه الممارسات.
    • +
  • أثار المنشور نقاشًا حول الدخل السلبي، حيث جادل بعض المستخدمين بأنه يشبه إدارة الأعمال أكثر من كونه أرباحًا سلبية حقيقية.
    • +
  • شارك المشاركون تجاربهم وتحدياتهم في المشاريع الجانبية، مسلطين الضوء على أهمية الوقت والمرونة والتخطيط الاستراتيجي.
    • +
+

إسبانيا تقترح ضريبة بنسبة 100% على المنازل التي يشتريها المقيمون من خارج الاتحاد الأوروبي

+
    +
  • تدرس إسبانيا فرض ضريبة بنسبة 100% على شراء العقارات من قبل المقيمين من خارج الاتحاد الأوروبي، بهدف معالجة أزمة الإسكان والحد من الشراء المضاربي.
    • +
  • تشمل اقتراحات رئيس الوزراء بيدرو سانشيز توسيع الإسكان الاجتماعي وتنظيم الإيجارات السياحية لمعالجة التفاوت بين أسعار المساكن والدخول.
    • +
  • مستقبل الاقتراح كقانون غير مؤكد، حيث يرى بعض المحللين أنه يشكل رادعًا للمستثمرين الأجانب بدلاً من أن يكون تغييرًا تشريعيًا مضمونًا.
    • +
+

ردود الفعل

+
    +
  • تدرس إسبانيا فرض ضريبة بنسبة 100% على المنازل التي يشتريها المقيمون من خارج الاتحاد الأوروبي لمعالجة مشاكل القدرة على تحمل تكاليف السكن. - يشير النقاد إلى أن المشترين الأجانب ليسوا السبب الرئيسي لارتفاع أسعار المساكن، مشيرين إلى البيروقراطية البطيئة وقوانين تقسيم المناطق كعوامل أكثر أهمية. - أثار الاقتراح نقاشًا حول دور الملكية الأجنبية في أسواق الإسكان وفعاليته في حل قضايا القدرة على تحمل التكاليف.
    • +
+

ستتلقى شركة آبل قريبًا رقائق 'صُنعت في أمريكا' من مصنع TSMC في أريزونا

+
    +
  • تختبر شركة آبل معالجات من منشأة TSMC في أريزونا، مع خطط للإنتاج الضخم بحلول الربع الأول، مما قد يجعلها أول عميل لـ TSMC في الولايات المتحدة للرقائق المصنعة محليًا. - تهدف هذه المبادرة إلى تعزيز استقلالية السيليكون في الولايات المتحدة، وتقليل الاعتماد على تايوان، التي تعتبر عرضة للمخاطر الجيوسياسية والطبيعية. - من المقرر أن تنتج منشأة TSMC في أريزونا رقائق متقدمة بحجم 3 نانومتر و2 نانومتر، مع جهود مستمرة لتعزيز التوظيف المحلي والشراكات مع الجامعات الأمريكية، على الرغم من أن التغليف سيتم في البداية في تايوان حتى تصبح منشأة بيوريا جاهزة للعمل.
    • +
+

ردود الفعل

+
    +
  • ستتلقى شركة آبل رقائق من مصنع TSMC في أريزونا، ولكن يجب إرسالها مرة أخرى إلى تايوان للتغليف بسبب نقص المرافق في الولايات المتحدة. - أكثر من 50% من القوى العاملة في مصنع أريزونا هم من تايوان، مما يشير إلى وجود فجوة في مجال العلوم والتكنولوجيا والهندسة والرياضيات (STEM) في الولايات المتحدة. - تواجه مبادرة قانون الرقائق، التي تهدف إلى تعزيز تصنيع أشباه الموصلات في الولايات المتحدة، تحديات حيث يتم التشكيك في علامة "صنع في أمريكا" بسبب عملية التغليف التي تحدث في تايوان، مع خطط لتوفير قدرات تغليف في الولايات المتحدة بحلول عام 2027.
    • +
+

43 ألف سائق أقل على طرق مانهاتن بعد تفعيل تسعير الازدحام

+
    +
  • بعد تنفيذ تسعير الازدحام، كان هناك انخفاض بنسبة 7.5% في عدد السائقين الذين يدخلون مانهاتن أسفل الشارع الستين، مما يعادل 43,000 سائق أقل كل يوم من أيام الأسبوع.
    • +
  • أدى تقليل حركة المرور إلى تحسين تدفق الحركة وزيادة سرعات الحافلات، حيث شهدت بعض الحافلات السريعة زيادة في عدد الركاب.
    • +
  • تستخدم هيئة النقل الحضرية (MTA) إيرادات الرسوم، التي تُقدر بحوالي 500 مليون دولار سنويًا، لتحسينات النقل، على الرغم من بعض المعارضة السياسية.
    • +
+

ردود الفعل

+
    +
  • أدى تنفيذ تسعير الازدحام في مانهاتن إلى تقليل عدد السائقين بمقدار 43,000، مما أدى إلى زيادة سرعات الحافلات وربما تحسين أوقات استجابة الطوارئ.
    • +
  • تم تصميم السياسة لتقليل الازدحام المروري وتحسين جودة الهواء، على الرغم من أنها أثارت جدلاً حول تأثيرها على الأفراد ذوي الدخل المنخفض.
    • +
  • يجادل المؤيدون بأن الفوائد تشمل وسائل نقل عام أكثر كفاءة وهواء أنظف، بينما تستمر المناقشات حول موازنة هذه المزايا مع احتياجات السائقين.
    • +
+ + + + + +]]> + https://hn.cho.sh/ar/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

سيارة فولفو 1993 ذاتية القيادة مع نظام الطيار المفتوح

-
    -
  • شارك مجموعة من الأصدقاء في سباق Carbage Run 2025 النسخة الشتوية، وهو سباق يستمر لمدة 6 أيام عبر السويد إلى الدائرة القطبية والعودة إلى هلسنكي، ويتطلب أن تكون السيارات لا تقل عن 20 عامًا وتقدر قيمتها بأقل من 1000 يورو.
    • -
  • قاموا بتحويل سيارة فولفو 940 Estate موديل 1993 إلى مركبة ذاتية القيادة باستخدام نظام openpilot من comma.ai، مع دمج مكونات حديثة مثل نظام التوجيه الكهربائي، وiBooster من بوش، ومستشعر رادار من تسلا.
    • -
  • ستتضمن التحديثات المستقبلية تفاصيل حول الأسلاك، ووحدة التحكم في المحرك المخصصة (ECU)، وخطط لجعل الشفرة مفتوحة المصدر، مما يبرز النهج المبتكر للمشروع في تحديث المركبات القديمة بتكنولوجيا القيادة الذاتية.
    • -
-

ردود الفعل

-
    -
  • تم تعديل سيارة فولفو 940 موديل 1993 بتقنية OpenPilot، وهي تقنية قيادة ذاتية، مما يبرز التقاء تصميم السيارات الكلاسيكية مع التكنولوجيا الحديثة.
    • -
  • واجه المشروع تحديات، بما في ذلك تحديث أنظمة الفرامل والتوجيه، مما أثار مخاوف قانونية وسلامة، خاصة مع التعديلات التي يقوم بها الأفراد بأنفسهم مثل لحام عمود التوجيه.
    • -
  • امتدت المناقشة إلى تنظيمات السيارات في أوروبا، وتراجع سيارات الهوت رود في الولايات المتحدة، والاختلافات الثقافية في حريات تعديل السيارات، حيث يُنظر إلى المشروع كجهد ملهم في مجال الأعمال اليدوية رغم المخاوف المتعلقة بالسلامة.
    • -
-

VoxelSpace: خوارزمية عرض التضاريس في أقل من 20 سطرًا من الكود (2020)

-
    -
  • استخدمت لعبة Comanche التي أصدرتها NovaLogic في عام 1992 محرك Voxel Space، وهي تقنية عرض ثلاثية الأبعاد تعتمد على تقنية تتبع الأشعة، لإنشاء تضاريس مفصلة مع تظليل وظلال.
    • -
  • استخدم محرك Voxel Space خرائط الارتفاع والألوان وخوارزمية رسم بسيطة، حيث كان يرسم خطوطًا عمودية من الخلف إلى الأمام، مما يمكن تحسينه لأداء أفضل.
    • -
  • يتوفر كود المحرك بموجب رخصة MIT، ولكن قد تكون التكنولوجيا لا تزال محمية ببراءات اختراع في بعض المناطق.
    • -
-

ردود الفعل

-
    -
  • VoxelSpace هو خوارزمية لتصيير التضاريس تتميز ببساطتها، حيث تتطلب أقل من 20 سطرًا من الشيفرة، وتثير الحنين إلى تطوير الألعاب المبتكر خلال العصور التي كانت فيها الأجهزة محدودة.
    • -
  • تركز الألعاب الحديثة من فئة AAA على تحسينات معقدة واتجاهات السوق، غالبًا على حساب الأصالة، في حين توفر الألعاب المستقلة والمنصات مثل PICO-8 حرية إبداعية أكبر.
    • -
  • على الرغم من التقدم التكنولوجي، يشعر بعض المطورين واللاعبين بأن "السحر" الذي كان في الألعاب القديمة مفقود، إلا أن المشاريع المبتكرة مثل التصيير الفوكسيلي تستمر في إلهام الإبداع.
    • -
-

كيفية رسم مخطط في لعبة فيديو

-
    -
  • تناقش المقالة خمس تقنيات لتقديم الخطوط العريضة في Unity، وهي منصة تطوير ألعاب شهيرة، مع تسليط الضوء على استخدامها في ألعاب مثل Sable وThe Last of Us. - تشمل التقنيات تأثيرات الحواف، بثق الرؤوس، المخزن المؤقت الضبابي، خوارزمية القفز الفيضاني، واكتشاف الحواف، ولكل منها مزايا فريدة ومقايضات من حيث الأداء والجودة البصرية. - توفر المقالة رؤى حول موازنة هذه الأساليب لتحقيق جمالية اللعبة المثلى ودعم اللعب، مع موارد إضافية وائتمانات لنماذج ثلاثية الأبعاد مرفقة.
    • -
-

ردود الفعل

-
    -
  • يستكشف المقال تقنيات متقدمة لرسم الخطوط العريضة في ألعاب الفيديو، مع التركيز على كفاءة خوارزمية القفز الفيضاني (JFA) وحقول المسافة الموقعة (SDFs) مقارنة بالطرق التقليدية. - يتعمق في الرسومات ثلاثية الأبعاد ذات الطابع الخاص، مناقشًا تقنيات التصيير والاستخدام المحتمل للشبكات العصبية في الإضاءة والتصميم. - يقدم المساهمون رؤى حول التطور التاريخي لتظليل الخلايا في الألعاب، مثل Jet Set Radio، مسلطين الضوء على التقاطع المتطور بين التكنولوجيا والفن في الرسومات ثلاثية الأبعاد.
    • -
-

أنا أستقيل من صحيفة واشنطن بوست

-

ردود الفعل

-
    -
  • يترك الكاتب صحيفة واشنطن بوست بسبب فشلها في التكيف مع المشهد الإعلامي المتغير ونهجها في تقديم القضايا، الذي يعتقدون أنه غير فعال بالنسبة للمواضيع الحرجة مثل الديمقراطية.
    • -
  • تواجه وسائل الإعلام التقليدية، وخاصة الصحف المحلية، صعوبات مالية، مما يؤدي إلى تقارير متحيزة وتراجع في ثقة الجمهور، في حين لا يمكن لوسائل التواصل الاجتماعي أن تحل محل العمل الدقيق للصحافة.
    • -
  • تُثار مخاوف بشأن تأثير الأفراد الأثرياء، مثل جيف بيزوس، على وسائل الإعلام، وتأثير المصالح التجارية على دور الإعلام في محاسبة السلطة.
    • -
-

حصلت Perplexity على إعلانات

-

ردود الفعل

-
    -
  • أدخلت Perplexity الإعلانات، مما أدى إلى مناقشات حول حتمية الإعلانات في الخدمات عبر الإنترنت بسبب تردد المستهلكين في الدفع مقابل تجارب خالية من الإعلانات. - يجد بعض المستخدمين الإعلانات متطفلة ويفضلون الخدمات القائمة على الاشتراك مثل Kagi، التي تقدم بحثًا خاليًا من الإعلانات، بينما يواصل آخرون اختيار الخيارات المجانية المدعومة بالإعلانات. - يبرز هذا الوضع النقاش المستمر بين النماذج المدعومة بالإعلانات وتلك القائمة على الاشتراك في الخدمات الرقمية.
    • -
- - - - - -]]> - https://hn.cho.sh/ar/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/bn.xml b/static/rss/newsletter/bn.xml index d555785c6..c89332761 100644 --- a/static/rss/newsletter/bn.xml +++ b/static/rss/newsletter/bn.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

স্নাইক নিরাপত্তা গবেষক ক্ষতিকারক এনপিএম প্যাকেজ স্থাপন করেছেন যা কার্সর.কমকে লক্ষ্য করে।

+
    +
  • একজন Snyk নিরাপত্তা গবেষক Cursor.com, একটি এআই কোডিং কোম্পানিকে লক্ষ্য করে ক্ষতিকারক NPM প্যাকেজ প্রকাশ করেছেন, যা সিস্টেম ডেটা সংগ্রহ করে এবং তা আক্রমণকারী নিয়ন্ত্রিত সার্ভিসে পাঠায়।
    • +
  • প্যাকেজগুলি, যা "cursor-retrieval," "cursor-always-local," এবং "cursor-shadow-workspace" নামে চিহ্নিত হয়েছে, OpenSSF প্যাকেজ বিশ্লেষণ স্ক্যানার দ্বারা চিহ্নিত হয়েছিল, যার ফলে MAL-2025-27, MAL-2025-28, এবং MAL-2025-29 পরামর্শগুলি জারি করা হয়।
    • +
  • এই ঘটনা ইনস্টলেশনের আগে NPM প্যাকেজগুলি পরীক্ষা করার গুরুত্বকে তুলে ধরে যাতে সম্ভাব্য নিরাপত্তা হুমকি এড়ানো যায়।
    • +
+

প্রতিক্রিয়া

+
    +
  • একজন Snyk নিরাপত্তা গবেষক cursor.com লক্ষ্য করে ক্ষতিকারক NPM (Node Package Manager) প্যাকেজ প্রকাশ করেছেন, যা নির্ভরতা বিভ্রান্তি দুর্বলতাগুলি তুলে ধরেছে। - এই ঘটনা নিরাপত্তা গবেষণার নীতিশাস্ত্র নিয়ে বিতর্ক উস্কে দিয়েছে, বিশেষ করে পরিবেশ ভেরিয়েবলগুলির প্রকাশ্য উন্মোচন সম্পর্কে। - Cursor.com স্পষ্ট করেছে যে তারা এই কাজের অনুমোদন দেয়নি, এবং Snyk পরে ক্ষমা চেয়েছে, আক্রমণাত্মক নিরাপত্তা গবেষণা এবং নৈতিক মানগুলির মধ্যে ভারসাম্য বজায় রাখার চ্যালেঞ্জগুলি তুলে ধরেছে।
    • +
+

আমি ফায়ারফক্সে স্যুইচ করেছি এবং আর কখনও পিছনে ফিরে তাকাইনি

+
    +
  • ফায়ারফক্স তার উন্নত ট্যাব ব্যবস্থাপনা, লিঙ্ক সংরক্ষণের জন্য বিল্ট-ইন পকেট ফিচার এবং গোপনীয়তা-কেন্দ্রিক ইমেল রিলে জন্য প্রশংসিত হয়, যা এটিকে ক্রোমের একটি শক্তিশালী বিকল্প করে তোলে। - ব্যবহারকারী-বান্ধব স্ক্রিনশট টুল, একটি ChatGPT বোতাম, পিকচার-ইন-পিকচার, কাস্টমাইজযোগ্য অনুসন্ধান বিকল্প এবং মসৃণ স্ক্রলিং এর মতো অতিরিক্ত বৈশিষ্ট্যগুলি ব্রাউজিং অভিজ্ঞতাকে উন্নত করে। - যদিও ফায়ারফক্সের ক্রোমের ওয়েব অ্যাপ ফিচার নেই, এর চিন্তাশীল নকশা এবং কম সম্পদ চাহিদা এটিকে কিছু ব্যবহারকারীর জন্য পছন্দের পছন্দ করে তোলে।
    • +
+

প্রতিক্রিয়া

+
    +
  • ফায়ারফক্স ব্যবহারকারীরা ইউটিউবের মতো প্ল্যাটফর্ম থেকে চ্যালেঞ্জের সম্মুখীন হন, যা ইচ্ছাকৃতভাবে গুগল-বহির্ভূত ব্রাউজার বা বিজ্ঞাপন ব্লকার ব্যবহারকারীদের জন্য অভিজ্ঞতা খারাপ করতে পারে। - এই প্রবণতা ব্যবহারকারীর স্বায়ত্তশাসন সম্পর্কে উদ্বেগ উত্থাপন করে, কারণ এটি বিজ্ঞাপন-মুক্ত এবং নজরদারি-মুক্ত ওয়েব অভিজ্ঞতা বেছে নেওয়া ব্যক্তিদের শাস্তি দেয়। - ফায়ারফক্স অনন্য বৈশিষ্ট্যগুলি অফার করে, যেমন কন্টেইনার ট্যাব, যা গোপনীয়তা এবং ব্যবহারযোগ্যতা বাড়ায়, এটিকে প্রধান কর্পোরেট-নিয়ন্ত্রিত ব্রাউজার থেকে স্বাধীনতা খুঁজছেন ব্যবহারকারীদের জন্য একটি পছন্দের বিকল্প করে তোলে।
    • +
+

অ্যাপ আপডেট বিপর্যয়ের পর সোনোস সিইও পদত্যাগ করেছেন

+

প্রতিক্রিয়া

+
    +
  • সোনোসের সিইও একটি বিতর্কিত অ্যাপ আপডেটের পর পদত্যাগ করেছেন যা ব্যবহারকারীদের ব্যয়বহুল সাউন্ড সিস্টেম প্রতিস্থাপন করতে বাধ্য করেছিল, যার ফলে গ্রাহকদের অসন্তোষ সৃষ্টি হয়েছিল। - আপডেটটি একটি ক্লাউড-ভিত্তিক সিস্টেম প্রবর্তন করেছিল, যা নির্ভরযোগ্য ইউনিভার্সাল প্লাগ অ্যান্ড প্লে (UPnP) থেকে দূরে সরে গিয়েছিল, যা সংযোগ সমস্যার সৃষ্টি করেছিল এবং জটিলতা বৃদ্ধি করেছিল। - এই পরিস্থিতি ব্যবসায়িক কৌশল এবং গ্রাহক আস্থা বজায় রাখার মধ্যে দ্বন্দ্বকে তুলে ধরে, কারণ সিইও একটি পরামর্শমূলক ভূমিকায় একটি সেভারেন্স প্যাকেজ সহ স্থানান্তরিত হচ্ছেন।
    • +
+

মিস্টার বিস্টের পেটের মধ্যে

+

প্রতিক্রিয়া

+
    +
  • প্রবন্ধটি ইউটিউবের অ্যালগরিদম কীভাবে কন্টেন্ট তৈরি প্রভাবিত করে তা পরীক্ষা করে, মিস্টারবিস্টকে একটি কেস স্টাডি হিসেবে ব্যবহার করে, যা অর্থবহ কন্টেন্টের পরিবর্তে সম্পৃক্ততা-চালিত কন্টেন্টের দিকে একটি পরিবর্তনকে তুলে ধরে। - এটি মিডিয়া সাক্ষরতার জন্য বিস্তৃত প্রভাব এবং ইউটিউব ও টিকটকের মতো প্ল্যাটফর্মগুলির সাংস্কৃতিক প্রভাব নিয়ে আলোচনা করে, যা পৃষ্ঠতল এবং প্রতিক্রিয়াশীল কন্টেন্টের দিকে একটি প্রবণতা নির্দেশ করে। - অ্যালগরিদমগুলি কীভাবে কন্টেন্ট গঠন করে এবং জনপ্রিয় নির্মাতারা সাংস্কৃতিক নিয়মগুলিতে কীভাবে প্রভাব ফেলে সে সম্পর্কে বিভিন্ন দৃষ্টিভঙ্গি বিবেচনা করা হয়।
    • +
+

গিটহাব গিট অপারেশনগুলি ডাউন রয়েছে

+
    +
  • গিটহাব ১৩ জানুয়ারি, ২০২৫ তারিখে একটি গিট অপারেশন আউটেজের সম্মুখীন হয়েছিল, যা অভ্যন্তরীণ লোড ব্যালান্সারে প্রভাবিত একটি কনফিগারেশন পরিবর্তনের কারণে হয়েছিল এবং এটি ২৩:৩৫ থেকে ০০:২৪ ইউটিসি পর্যন্ত স্থায়ী হয়েছিল। - সমস্যাটি কনফিগারেশন পরিবর্তন ফিরিয়ে নিয়ে সমাধান করা হয়েছিল এবং গিটহাব মনিটরিং এবং ডিপ্লয়মেন্ট প্রক্রিয়াগুলি উন্নত করার জন্য কাজ করছে যাতে অনুরূপ ঘটনা প্রতিরোধ করা যায়। - আউটেজটি গিটহাবের অ্যাকশনস এবং পেজেস পরিষেবাগুলিকেও প্রভাবিত করেছিল, যা তাদের প্ল্যাটফর্ম পরিষেবাগুলির আন্তঃসংযুক্ত প্রকৃতিকে তুলে ধরে।
    • +
+

প্রতিক্রিয়া

+
    +
  • গিটহাব একটি বড় আউটেজের সম্মুখীন হয়েছিল যা গিট অপারেশনগুলিকে প্রভাবিত করেছিল, যার ফলে ডেভেলপারদের মধ্যে বিভ্রান্তি সৃষ্টি হয়েছিল যারা প্রাথমিকভাবে তাদের SSH কী বা স্থানীয় কনফিগারেশনের সমস্যাগুলি সন্দেহ করেছিল। - এই ঘটনা কেন্দ্রীভূত পরিষেবাগুলির উপর নির্ভর করার চ্যালেঞ্জগুলিকে তুলে ধরেছিল, যা স্ব-হোস্টিং এবং বিকেন্দ্রীভূত সিস্টেমের সুবিধাগুলি নিয়ে আলোচনার সূত্রপাত করেছিল। - যদিও সমস্যাটি সমাধান করা হয়েছিল, এটি গিটহাবের নির্ভরযোগ্যতা সম্পর্কে উদ্বেগ এবং প্রয়োজনীয় কাজগুলির জন্য তৃতীয় পক্ষের প্ল্যাটফর্মগুলির উপর নির্ভর করার ঝুঁকিগুলিকে হাইলাইট করেছিল।
    • +
+

ZFS 2.3 মুক্তি পেয়েছে ZFS raidz সম্প্রসারণ সহ

+
    +
  • OpenZFS 2.3.0 প্রকাশিত হয়েছে, যা RAIDZ Expansion, Fast Deduplication, Direct Input/Output, JSON আউটপুট এবং দীর্ঘ ফাইল নামের জন্য সমর্থন সহ উল্লেখযোগ্য বৈশিষ্ট্যগুলি প্রবর্তন করেছে। - এই প্রকাশনায় প্রয়োজনীয় বাগ ফিক্স এবং কর্মক্ষমতা উন্নয়ন অন্তর্ভুক্ত রয়েছে, যা লিনাক্স কার্নেল 4.18 - 6.12 এবং ফ্রিBSD সংস্করণ 13.3, 14.0 - 14.2 এর সাথে সামঞ্জস্যপূর্ণ। - এই আপডেটটি 134 জন অবদানকারীর একটি যৌথ প্রচেষ্টা, যার জন্য বিস্তৃত ডকুমেন্টেশন এবং একটি পরিবর্তন লগ পর্যালোচনার জন্য উপলব্ধ।
    • +
+

প্রতিক্রিয়া

+
    +
  • ZFS 2.3 প্রকাশিত হয়েছে, যা RAIDZ সম্প্রসারণ, দ্রুত ডিডুপ্লিকেশন, সরাসরি IO, JSON আউটপুট এবং দীর্ঘ ফাইল নামের জন্য সমর্থন সহ বৈশিষ্ট্যগুলি প্রবর্তন করেছে। - RAIDZ সম্প্রসারণ বিশেষভাবে উল্লেখযোগ্য কারণ এটি ব্যবহারকারীদের বিদ্যমান RAIDZ পুলে নতুন ডিভাইস যোগ করার অনুমতি দেয় কোনো ডাউনটাইম ছাড়াই, যা স্টোরেজ ক্ষমতা বাড়ায়। - এই প্রকাশনাটি ZFS ব্যবহারকারীদের জন্য একটি উল্লেখযোগ্য অগ্রগতি হিসাবে বিবেচিত হয়, যা Btrfs এবং Windows Storage Spaces এর মতো অন্যান্য ফাইল সিস্টেমের সাথে তুলনা করে, যদিও পুল সংকুচিত করতে অক্ষমতার মতো কিছু সীমাবদ্ধতা রয়েছে।
    • +
+

ওয়েবটপ – আলপাইন, উবুন্টু, ফেডোরা, এবং আর্চ কন্টেইনারগুলি সম্পূর্ণ ডেস্কটপ পরিবেশ সহ অন্তর্ভুক্ত করে

+
    +
  • Linuxserver/webtop সম্পূর্ণ ডেস্কটপ পরিবেশ সহ কন্টেইনার প্রদান করে যা Alpine, Ubuntu, Fedora, এবং Arch এর উপর ভিত্তি করে তৈরি এবং ওয়েব ব্রাউজারের মাধ্যমে অ্যাক্সেসযোগ্য, যা x86-64 এবং arm64 আর্কিটেকচার উভয়কেই সমর্থন করে।
    • +
  • ব্যবহারকারীরা নির্দিষ্ট ইমেজ ট্যাগ ব্যবহার করে XFCE, KDE, MATE, i3, Openbox, এবং IceWM এর মতো বিভিন্ন ডেস্কটপ পরিবেশ থেকে নির্বাচন করতে পারেন এবং নির্দিষ্ট URL এর মাধ্যমে ওয়েবটপে প্রবেশ করতে পারেন।
    • +
  • নিরাপত্তা বৈশিষ্ট্যগুলির মধ্যে রয়েছে Docker-এর seccomp অপশন এবং প্রমাণীকরণ সেটআপ, পরিবেশ ভেরিয়েবলের মাধ্যমে কাস্টমাইজেশন বিকল্পগুলি উপলব্ধ, এবং ওপেন-সোর্স ড্রাইভার সহ GPU ত্বরণ সমর্থন।
    • +
+

প্রতিক্রিয়া

+
    +
  • ওয়েবটপ অ্যালপাইন, উবুন্টু, ফেডোরা এবং আর্চের জন্য সম্পূর্ণ ডেস্কটপ পরিবেশ সহ কন্টেইনার সরবরাহ করে, যা ভিপিএন-এর পিছনে দ্রুত সেটআপের জন্য উপযুক্ত।
    • +
  • ব্যবহারকারীরা ওয়েবটপের গতি এবং ব্যবহার সহজতার জন্য প্রশংসা করেন, বিশেষ করে যখন এটি গ্লুটুন কন্টেইনারের সাথে নিরাপদ সংযোগের জন্য ব্যবহার করা হয়, তবে ডিফল্ট প্রমাণীকরণের অভাবে নিরাপত্তা ব্যবস্থা ছাড়া কন্টেইনারগুলোকে ইন্টারনেটে উন্মুক্ত করার বিরুদ্ধে সতর্ক করেন।
    • +
  • প্রকল্পটি ওপেন-সোর্স এবং নমনীয় হওয়ার জন্য মূল্যবান, যেখানে ব্যবহারকারীরা কনফিগারেশন শেয়ার করে, এবং কাসম এবং সেলকিসের মতো বিকল্পগুলি একই উদ্দেশ্যে উল্লেখযোগ্য।
    • +
+

অনুসন্ধানে দেখা গেছে, প্রতি ৫টি অনলাইন চাকরির বিজ্ঞাপনের মধ্যে ১টি হয় ভুয়া অথবা কখনো পূরণ হয় না।

+
    +
  • একটি সাম্প্রতিক গবেষণায় দেখা গেছে যে অনলাইন চাকরির বিজ্ঞাপনগুলির ২০% হয় মিথ্যা বা পূরণ হয় না, যা চাকরি প্রার্থীদের হতাশা বাড়ায়। - এই "ভূত চাকরি" প্রবণতা হতে পারে কোম্পানিগুলির জন্য একটি কৌশল তাদের বৃদ্ধির চিত্র প্রদর্শনের জন্য। - গ্রিনহাউস এবং লিঙ্কডইন-এর মতো চাকরি প্ল্যাটফর্মগুলি ব্যবহারকারীদের প্রকৃত চাকরির সুযোগ সনাক্ত করতে সহায়তা করার জন্য চাকরি যাচাইকরণ পরিষেবা চালু করেছে।
    • +
+

প্রতিক্রিয়া

+
    +
  • একটি গবেষণায় প্রকাশ করা হয়েছে যে অনলাইন চাকরির বিজ্ঞাপনগুলির ২০% হয় ভুয়া বা পূরণ হয় না, প্রায়শই মার্কিন অভিবাসন নীতির সাথে সামঞ্জস্য রাখতে কোম্পানিগুলির প্রয়োজনের কারণে। - কোম্পানিগুলি আদর্শ প্রার্থীদের খুঁজে পেতে, প্রয়োজনীয়তা পরিবর্তন করতে, বা পূর্বনির্ধারিত অভ্যন্তরীণ প্রার্থীদের থাকতে চাকরির বিজ্ঞাপনগুলি রেখে দিতে পারে। - চাকরির বাজার আবেদনকারীদের জন্য কঠিন, যারা প্রায়শই ঘোস্টিং এবং স্বয়ংক্রিয় প্রত্যাখ্যানের সম্মুখীন হয়, যা নিয়ন্ত্রক হস্তক্ষেপের আহ্বান জানায়।
    • +
+

চালকদের সেকেন্ড বাঁচানোর জন্য পথচারীদের জন্য একটি সংযোগস্থলকে অনিরাপদ করা

+

প্রতিক্রিয়া

+
    +
  • আলোচনাটি কেন্দ্রীভূত হয়েছে যে, চৌরাস্তা গুলোতে পথচারীর নিরাপত্তা অগ্রাধিকার পাবে নাকি চালকের কার্যকারিতা, যেখানে কিছু লোক লাইট-নিয়ন্ত্রিত চৌরাস্তা এবং পথচারী স্ক্র্যাম্বলকে ৪-ওয়ে স্টপের চেয়ে বেশি পছন্দ করে।
    • +
  • ট্রাফিক আইন এবং অবকাঠামো নকশা নিয়ে মতামত ভিন্ন হয়, যেখানে জেব্রা ক্রসিংয়ের নিরাপত্তা এবং লাল বাতিতে ডান দিকে মোড় নেওয়ার সাথে সম্পর্কিত ঝুঁকি নিয়ে আলোচনা হয়।
    • +
  • কিছু লোক বিকল্প সমাধানের পক্ষে যেমন গোলচত্বর বা ডাচ ট্রাফিক প্রকৌশল মানদণ্ড গ্রহণের পক্ষে যুক্তি দেন যাতে উভয় নিরাপত্তা এবং দক্ষতা বৃদ্ধি পায়।
    • +
+

PostgreSQL হল ২০২৪ সালের ডেটাবেস ম্যানেজমেন্ট সিস্টেম অফ দ্য ইয়ার

+
    +
  • PostgreSQL DB-Engines দ্বারা ২০২৪ সালের DBMS অফ দ্য ইয়ার পুরস্কার পেয়েছে, যা ৪২৩টি অন্যান্য ডাটাবেস ম্যানেজমেন্ট সিস্টেমকে অতিক্রম করে পঞ্চমবারের মতো এই স্বীকৃতি অর্জন করেছে।
    • +
  • প্রায় ৩৫ বছরের ইতিহাস নিয়ে PostgreSQL এখনও উদ্ভাবন করে চলেছে, যা সেপ্টেম্বর ২০২৪-এ প্রকাশিত PostgreSQL 17-এর সাম্প্রতিক উন্নতিগুলিতে দেখা যায়।
    • +
  • স্নোফ্লেক এবং মাইক্রোসফট যথাক্রমে দ্বিতীয় এবং তৃতীয় স্থান অর্জন করেছে, যেখানে স্নোফ্লেক তার ক্লাউড-ভিত্তিক ডেটা ওয়্যারহাউজিং এবং মাল্টি-ক্লাউড সমর্থনের জন্য উল্লেখযোগ্য, অন্যদিকে মাইক্রোসফ্ট অ্যাজুর এসকিউএল ডেটাবেস এবং এসকিউএল সার্ভারের মাধ্যমে শক্তিশালী পরিচালিত রিলেশনাল ডেটাবেস সরবরাহ করে।
    • +
+

প্রতিক্রিয়া

+
    +
  • PostgreSQL ২০২৪ সালের ডেটাবেস ম্যানেজমেন্ট সিস্টেম অফ দ্য ইয়ার পুরস্কার পেয়েছে db-engines.com থেকে, যা এর ক্রমবর্ধমান জনপ্রিয়তা এবং শিল্পে স্বীকৃতি প্রদর্শন করে।
    • +
  • ব্যবহারকারীরা উচ্চ লাইসেন্সিং খরচ এবং সম্পদের সীমাবদ্ধতার কারণে মাইক্রোসফট SQL সার্ভার থেকে PostgreSQL-এ পরিবর্তন করার কথা বিবেচনা করছেন, যদিও সম্ভাব্য মাইগ্রেশন চ্যালেঞ্জ রয়েছে।
    • +
  • PostgreSQL তার শক্তিশালী বৈশিষ্ট্য এবং খরচ-সাশ্রয়ী হওয়ার জন্য পছন্দ করা হয়, যা এটিকে ভবিষ্যতের প্রকল্পগুলির জন্য একটি পছন্দের বিকল্প করে তোলে, যদিও কিছু ব্যবহারকারী খরচ কমানোর জন্য Babelfish এর মতো বিকল্পগুলি অন্বেষণ করেন।
    • +
+

গুগলের OAuth লগইন একটি ব্যর্থ স্টার্টআপ ডোমেইন কেনার বিরুদ্ধে সুরক্ষা প্রদান করে না

+

প্রতিক্রিয়া

+
    +
  • আলোচনাটি গুগলের OAuth লগইন সিস্টেমের একটি দুর্বলতাকে তুলে ধরে যখন একটি ব্যর্থ স্টার্টআপের ডোমেইন নতুন মালিক দ্বারা অধিগ্রহণ করা হয়, যা সম্ভাব্যভাবে অননুমোদিত সেবাগুলিতে প্রবেশের অনুমতি দিতে পারে।
    • +
  • এই সমস্যা দেখা দেয় কারণ গুগল হয়তো মূল এবং নতুন ডোমেইন মালিকদের মধ্যে পার্থক্য করতে পারে না, যা ডোমেইন-ভিত্তিক প্রমাণীকরণ ব্যবহার করে এমন যে কোনো সিস্টেমকে প্রভাবিত করতে পারে।
    • +
  • একটি প্রস্তাবিত সমাধান হল এমন অনন্য শনাক্তকারী ব্যবহার করা যা সময়ের সাথে সাথে অপরিবর্তিত থাকে, যদিও এই সমাধানের বাস্তবায়ন পরিচয় প্রদানকারীদের মধ্যে ভিন্ন হয়।
    • +
+

কোডিং দক্ষতা ব্যবহার করে প্যাসিভ আয় করা

+
    +
  • লেখক একজন সিটিও ভূমিকা থেকে একক উদ্যোক্তা হিসেবে রূপান্তরিত হয়েছেন, সফটওয়্যার পণ্যের একটি পোর্টফোলিওর মাধ্যমে সফলভাবে আরও বেশি উপার্জন করছেন।
    • +
  • মূল কৌশলগুলির মধ্যে রয়েছে গভীর কাজের উপর মনোযোগ দেওয়া, ছোট প্রকল্প দিয়ে শুরু করা, দ্রুত পুনরাবৃত্তি করা এবং বিপণন প্রচেষ্টার জন্য সময় উৎসর্গ করা।
    • +
  • যাত্রাটি অনিশ্চয়তার কারণে স্থিতিস্থাপকতার উপর জোর দেয়, তবে এই ক্যারিয়ার পথের অতুলনীয় স্বায়ত্তশাসন এবং স্বাধীনতাকে তুলে ধরে, কোডিং দক্ষতা সম্পন্ন ব্যক্তিদের এটি প্যাসিভ আয়ের জন্য বিবেচনা করার জন্য উৎসাহিত করে।
    • +
+

প্রতিক্রিয়া

+
    +
  • একজন ব্যবহারকারী বর্ণনা করেছেন যে কীভাবে তারা SEO স্প্যাম ওয়েবসাইটের মাধ্যমে প্যাসিভ আয় তৈরি করেছেন, যা মেয়াদোত্তীর্ণ ডোমেইন নাম ব্যবহার করে বার্ষিক প্রায় $30k উপার্জন করে, যদিও নৈতিক উদ্বেগ এবং গুগলের শেষ পর্যন্ত দমন করার পরেও।
    • +
  • পোস্টটি প্যাসিভ আয়ের উপর একটি বিতর্ক উস্কে দিয়েছে, যেখানে কিছু ব্যবহারকারী যুক্তি দিয়েছেন যে এটি প্রকৃতপক্ষে প্যাসিভ আয়ের চেয়ে ব্যবসা পরিচালনার সাথে বেশি সাদৃশ্যপূর্ণ।
    • +
  • অংশগ্রহণকারীরা পার্শ্ব প্রকল্পগুলিতে অভিজ্ঞতা এবং চ্যালেঞ্জগুলি শেয়ার করেছেন, সময়, স্থিতিশীলতা এবং কৌশলগত পরিকল্পনার গুরুত্বকে তুলে ধরে।
    • +
+

স্পেন অ-ইউরোপীয় ইউনিয়নের বাসিন্দাদের দ্বারা কেনা বাড়ির উপর ১০০% কর প্রস্তাব করেছে

+
    +
  • স্পেন অ-ইউরোপীয় ইউনিয়নের বাসিন্দাদের দ্বারা রিয়েল এস্টেট ক্রয়ের উপর ১০০% কর আরোপের কথা বিবেচনা করছে, যা আবাসন সংকট মোকাবেলা এবং জল্পনামূলক ক্রয় নিয়ন্ত্রণের লক্ষ্যে।
    • +
  • প্রধানমন্ত্রী পেদ্রো সানচেজের প্রস্তাবের মধ্যে রয়েছে সামাজিক আবাসন সম্প্রসারণ এবং পর্যটক ভাড়াগুলি নিয়ন্ত্রণ করা, যা আবাসন মূল্য এবং আয়ের মধ্যে বৈষম্য মোকাবেলা করতে সহায়ক হবে।
    • +
  • প্রস্তাবটির আইন হিসেবে ভবিষ্যৎ অনিশ্চিত, কিছু বিশ্লেষক এটিকে বিদেশি বিনিয়োগকারীদের জন্য একটি প্রতিবন্ধকতা হিসেবে দেখছেন, নিশ্চিত আইনগত পরিবর্তন হিসেবে নয়।
    • +
+

প্রতিক্রিয়া

+
    +
  • স্পেন অ-ইউরোপীয় ইউনিয়নের বাসিন্দাদের দ্বারা কেনা বাড়ির উপর ১০০% কর আরোপের কথা বিবেচনা করছে যাতে আবাসন সাশ্রয়ীতা সমস্যার সমাধান করা যায়। - সমালোচকরা বলছেন যে বিদেশী ক্রেতারা উচ্চ আবাসন মূল্যের প্রধান কারণ নয়, বরং ধীর প্রশাসনিক প্রক্রিয়া এবং জোনিং আইনকে আরও গুরুত্বপূর্ণ কারণ হিসেবে উল্লেখ করেছেন। - এই প্রস্তাবটি আবাসন বাজারে বিদেশী মালিকানার ভূমিকা এবং সাশ্রয়ীতা সমস্যার সমাধানে এর কার্যকারিতা নিয়ে বিতর্কের সূচনা করেছে।
    • +
+

অ্যাপল শীঘ্রই TSMC-এর অ্যারিজোনা ফ্যাব থেকে 'মেড ইন আমেরিকা' চিপস পাবে

+
    +
  • অ্যাপল টিএসএমসি'র অ্যারিজোনা কারখানার প্রসেসর পরীক্ষা করছে, প্রথম ত্রৈমাসিকের মধ্যে ব্যাপক উৎপাদনের পরিকল্পনা নিয়ে, যা স্থানীয়ভাবে উত্পাদিত চিপের জন্য টিএসএমসি'র প্রথম মার্কিন গ্রাহক হতে পারে। - এই উদ্যোগটি মার্কিন সিলিকন স্বাধীনতা বাড়ানোর লক্ষ্যে, তাইওয়ানের উপর নির্ভরতা কমানোর জন্য, যা ভূ-রাজনৈতিক এবং প্রাকৃতিক ঝুঁকির প্রতি সংবেদনশীল। - টিএসএমসি'র অ্যারিজোনা ফ্যাব উন্নত ৩এনএম এবং ২এনএম চিপ উৎপাদন করবে, স্থানীয় নিয়োগ এবং মার্কিন বিশ্ববিদ্যালয়গুলির সাথে অংশীদারিত্ব বাড়ানোর প্রচেষ্টা চলমান রয়েছে, যদিও প্যাকেজিং প্রাথমিকভাবে তাইওয়ানে ঘটবে যতক্ষণ না পিওরিয়া কারখানাটি কার্যকর হয়।
    • +
+

প্রতিক্রিয়া

+
    +
  • অ্যাপল টিএসএমসি'র অ্যারিজোনা প্ল্যান্ট থেকে চিপ পাবে, কিন্তু সেগুলো প্যাকেজিংয়ের জন্য তাইওয়ানে ফেরত পাঠাতে হবে কারণ যুক্তরাষ্ট্রে পর্যাপ্ত সুবিধা নেই। - অ্যারিজোনা প্ল্যান্টের কর্মশক্তির ৫০% এরও বেশি তাইওয়ান থেকে এসেছে, যা যুক্তরাষ্ট্রের এসটিইএম (বিজ্ঞান, প্রযুক্তি, প্রকৌশল, এবং গণিত) ক্ষেত্রে একটি ফাঁক নির্দেশ করে। - চিপস অ্যাক্ট উদ্যোগ, যা যুক্তরাষ্ট্রের সেমিকন্ডাক্টর উৎপাদন বাড়ানোর লক্ষ্যে কাজ করছে, চ্যালেঞ্জের সম্মুখীন হচ্ছে কারণ "মেড ইন আমেরিকা" লেবেলটি প্রশ্নবিদ্ধ হচ্ছে প্যাকেজিং প্রক্রিয়া তাইওয়ানে হওয়ার কারণে, যদিও ২০২৭ সালের মধ্যে যুক্তরাষ্ট্রে প্যাকেজিং সক্ষমতা তৈরির পরিকল্পনা রয়েছে।
    • +
+

কনজেশন প্রাইসিং চালু হওয়ার পর ম্যানহাটনের রাস্তায় ৪৩ হাজার কম গাড়িচালক

+
    +
  • যখন যানজট মূল্য নির্ধারণ কার্যকর করা হয়েছিল, তখন ৬০তম স্ট্রিটের নিচে ম্যানহাটনে প্রবেশকারী চালকদের সংখ্যা ৭.৫% হ্রাস পেয়েছিল, যা প্রতিদিনের সপ্তাহের দিনে ৪৩,০০০ কম চালকের সমান।
    • +
  • যানজট কমে যাওয়ায় ট্রাফিক প্রবাহ উন্নত হয়েছে এবং বাসের গতি বেড়েছে, কিছু এক্সপ্রেস বাসে যাত্রী সংখ্যা বৃদ্ধি পেয়েছে।
    • +
  • মেট্রোপলিটন ট্রান্সপোর্টেশন অথরিটি (এমটিএ) কিছু রাজনৈতিক বিরোধিতা সত্ত্বেও ট্রানজিট উন্নতির জন্য টোল রাজস্ব, যা বার্ষিক প্রায় ৫০০ মিলিয়ন ডলার অনুমান করা হয়, ব্যবহার করে।
    • +
+

প্রতিক্রিয়া

+
    +
  • ম্যানহাটনে যানজট মূল্যায়নের বাস্তবায়নের ফলে ৪৩,০০০ কম চালক হয়েছে, যা বাসের গতি বৃদ্ধি এবং সম্ভাব্যভাবে জরুরি সেবার প্রতিক্রিয়া সময় উন্নত করেছে।
    • +
  • নীতিটি যানজট কমানো এবং বায়ুর গুণমান উন্নত করার জন্য তৈরি করা হয়েছে, যদিও এটি নিম্ন আয়ের ব্যক্তিদের উপর এর প্রভাব নিয়ে বিতর্ক সৃষ্টি করেছে।
    • +
  • সমর্থকরা যুক্তি দেন যে এর সুবিধাগুলির মধ্যে রয়েছে আরও দক্ষ গণপরিবহন এবং পরিষ্কার বাতাস, যখন এই সুবিধাগুলির সাথে চালকদের প্রয়োজনের ভারসাম্য বজায় রাখার বিষয়ে আলোচনা অব্যাহত রয়েছে।
    • +
+ + + + + +]]> + https://hn.cho.sh/bn/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

স্বয়ংচালিত ১৯৯৩ ভলভো ওপেন পাইলট সহ

-
    -
  • একদল বন্ধু কারবেজ রান ২০২৫ শীতকালীন সংস্করণে অংশগ্রহণ করেছিল, যা সুইডেনের মধ্য দিয়ে মেরু বৃত্ত পর্যন্ত এবং হেলসিঙ্কিতে ফিরে আসার জন্য ৬ দিনের একটি র্যালি, যেখানে গাড়িগুলির বয়স কমপক্ষে ২০ বছর হতে হবে এবং মূল্য €১০০০ এর নিচে হতে হবে।
    • -
  • তারা একটি ১৯৯৩ সালের ভলভো ৯৪০ এস্টেটকে স্বয়ংচালিত গাড়িতে রূপান্তরিত করেছে, কমা.এআই-এর ওপেনপাইলট ব্যবহার করে, যেখানে আধুনিক উপাদান যেমন বৈদ্যুতিক পাওয়ার স্টিয়ারিং, একটি বোশ আইবুস্টার এবং একটি টেসলা রাডার সেন্সর অন্তর্ভুক্ত করা হয়েছে।
    • -
  • ভবিষ্যতের আপডেটগুলিতে তারের বিশদ, একটি কাস্টম ইঞ্জিন কন্ট্রোল ইউনিট (ইসিইউ) এবং কোডটি ওপেন-সোর্স করার পরিকল্পনা অন্তর্ভুক্ত থাকবে, যা পুরানো যানবাহনগুলিকে স্বয়ংক্রিয় প্রযুক্তির সাথে রেট্রোফিট করার প্রকল্পের উদ্ভাবনী পদ্ধতির উপর আলোকপাত করবে।
    • -
-

প্রতিক্রিয়া

-
    -
  • একটি ১৯৯৩ সালের ভলভো ৯৪০ ওপেনপাইলট, একটি স্বয়ংক্রিয় চালনা প্রযুক্তি, দিয়ে পুনরায় সজ্জিত করা হয়েছিল, যা ক্লাসিক গাড়ির নকশা এবং আধুনিক প্রযুক্তির সংযোগকে তুলে ধরে।
    • -
  • প্রকল্পটি চ্যালেঞ্জের সম্মুখীন হয়েছিল, যার মধ্যে ব্রেক এবং স্টিয়ারিং সিস্টেম আপডেট করা, বিশেষ করে স্টিয়ারিং কলাম ওয়েল্ডিংয়ের মতো DIY পরিবর্তনের সাথে আইনি এবং নিরাপত্তা উদ্বেগ উত্থাপন করা অন্তর্ভুক্ত ছিল।
    • -
  • আলোচনাটি ইউরোপে গাড়ির নিয়মাবলী, মার্কিন যুক্তরাষ্ট্রে হটরডের পতন এবং গাড়ি পরিবর্তনের স্বাধীনতায় সাংস্কৃতিক পার্থক্যগুলিতে বিস্তৃত হয়েছিল, যেখানে প্রকল্পটি নিরাপত্তা উদ্বেগ সত্ত্বেও একটি অনুপ্রেরণামূলক DIY প্রচেষ্টা হিসাবে দেখা হয়েছিল।
    • -
-

ভক্সেলস্পেস: ২০ লাইনের কম কোডে ভূখণ্ড রেন্ডারিং অ্যালগরিদম (২০২০)

-
    -
  • NovaLogic-এর ১৯৯২ সালের গেম Comanche Voxel Space ইঞ্জিন ব্যবহার করেছিল, যা রে কাস্টিং-এর উপর ভিত্তি করে একটি ২.৫ডি রেন্ডারিং কৌশল, যা ছায়া এবং শেডিং সহ বিস্তারিত ভূখণ্ড তৈরি করেছিল।
    • -
  • ভক্সেল স্পেস ইঞ্জিন উচ্চতা এবং রঙের মানচিত্র এবং একটি সহজ রেন্ডারিং অ্যালগরিদম ব্যবহার করত, যা পিছন থেকে সামনে পর্যন্ত উল্লম্ব রেখা আঁকত, যা কর্মক্ষমতার জন্য অপ্টিমাইজ করা যেতে পারত।
    • -
  • ইঞ্জিনের কোডটি এমআইটি লাইসেন্সের অধীনে উপলব্ধ, তবে প্রযুক্তিটি এখনও কিছু অঞ্চলে পেটেন্ট করা হতে পারে।
    • -
-

প্রতিক্রিয়া

-
    -
  • ভক্সেলস্পেস একটি ভূখণ্ড রেন্ডারিং অ্যালগরিদম যা তার সরলতার জন্য উল্লেখযোগ্য, যা ২০ লাইনের কম কোড প্রয়োজন এবং হার্ডওয়্যার-সীমাবদ্ধ যুগে উদ্ভাবনী গেম ডেভেলপমেন্টের জন্য নস্টালজিয়া উদ্রেক করে।
    • -
  • আধুনিক AAA গেমগুলি জটিল অপ্টিমাইজেশন এবং বাজারের প্রবণতার উপর মনোযোগ কেন্দ্রীভূত করে, যা প্রায়শই মৌলিকতার ক্ষতির কারণ হয়, যেখানে ইন্ডি গেম এবং PICO-8 এর মতো প্ল্যাটফর্মগুলি আরও সৃজনশীল স্বাধীনতা প্রদান করে।
    • -
  • প্রযুক্তিগত অগ্রগতির পরেও, কিছু ডেভেলপার এবং খেলোয়াড় মনে করেন যে পুরনো গেমগুলোর "জাদু" অনুপস্থিত, যদিও ভক্সেল রেন্ডারিংয়ের মতো উদ্ভাবনী প্রকল্পগুলি সৃজনশীলতাকে অনুপ্রাণিত করতে থাকে।
    • -
-

ভিডিও গেমে একটি আউটলাইন কীভাবে আঁকবেন

-
    -
  • প্রবন্ধটি ইউনিটি, একটি জনপ্রিয় গেম ডেভেলপমেন্ট প্ল্যাটফর্মে আউটলাইন রেন্ডার করার পাঁচটি কৌশল নিয়ে আলোচনা করে, যা সেবল এবং দ্য লাস্ট অফ আস-এর মতো গেমে তাদের ব্যবহারের উপর আলোকপাত করে। - কৌশলগুলির মধ্যে রয়েছে রিম ইফেক্টস, ভার্টেক্স এক্সট্রুশন, ব্লার্ড বাফার, জাম্প ফ্লাড অ্যালগরিদম, এবং এজ ডিটেকশন, প্রতিটি পারফরম্যান্স এবং ভিজ্যুয়াল গুণমানের ক্ষেত্রে অনন্য সুবিধা এবং ট্রেড-অফ সহ। - প্রবন্ধটি এই পদ্ধতিগুলিকে ভারসাম্যপূর্ণ করার অন্তর্দৃষ্টি প্রদান করে যাতে গেমের নান্দনিকতা এবং গেমপ্লে সমর্থনের জন্য সর্বোত্তম হয়, অতিরিক্ত সম্পদ এবং 3D মডেলের জন্য ক্রেডিট সহ।
    • -
-

প্রতিক্রিয়া

-
    -
  • প্রবন্ধটি ভিডিও গেমসে আউটলাইন আঁকার উন্নত কৌশলগুলি অন্বেষণ করে, যেখানে জাম্প ফ্লাড অ্যালগরিদম (JFA) এবং সাইনড ডিস্ট্যান্স ফিল্ডস (SDFs) এর দক্ষতাকে প্রচলিত পদ্ধতির তুলনায় জোর দেওয়া হয়েছে। - এটি স্টাইলাইজড 3D গ্রাফিক্সে গভীরভাবে আলোচনা করে, রেন্ডারিং কৌশল এবং আলোকসজ্জা ও স্টাইলিংয়ের জন্য নিউরাল নেটওয়ার্কের সম্ভাব্য ব্যবহারের কথা বলে। - অবদানকারীরা গেমসে সেল শেডিংয়ের ঐতিহাসিক বিকাশের অন্তর্দৃষ্টি প্রদান করেন, যেমন জেট সেট রেডিও, যেখানে 3D গ্রাফিক্সে প্রযুক্তি এবং শিল্পের ক্রমবর্ধমান সংযোগকে তুলে ধরা হয়েছে।
    • -
-

আমি ওয়াশিংটন পোস্ট ছেড়ে দিচ্ছি

-

প্রতিক্রিয়া

-
    -
  • লেখক ওয়াশিংটন পোস্ট ছেড়ে যাচ্ছেন কারণ এটি পরিবর্তনশীল মিডিয়া প্রেক্ষাপটে খাপ খাওয়াতে ব্যর্থ হয়েছে এবং বিষয়গুলি উপস্থাপনের পদ্ধতি, যা তারা বিশ্বাস করেন যে গণতন্ত্রের মতো গুরুত্বপূর্ণ বিষয়গুলির জন্য অকার্যকর।
    • -
  • প্রচলিত গণমাধ্যম, বিশেষ করে স্থানীয় সংবাদপত্রগুলি, আর্থিকভাবে সংগ্রাম করছে, যার ফলে পক্ষপাতদুষ্ট প্রতিবেদন এবং জনসাধারণের আস্থার হ্রাস ঘটছে, যখন সামাজিক মাধ্যম সাংবাদিকতার কঠোর কাজের বিকল্প হতে পারে না।
    • -
  • ধনী ব্যক্তিদের, যেমন জেফ বেজোস, মিডিয়া আউটলেটগুলোর উপর প্রভাব এবং কর্পোরেট স্বার্থের কারণে ক্ষমতাকে জবাবদিহিতার মধ্যে রাখার ক্ষেত্রে মিডিয়ার ভূমিকার উপর প্রভাব নিয়ে উদ্বেগ প্রকাশ করা হয়েছে।
    • -
-

পারপ্লেক্সিটি বিজ্ঞাপন পেয়েছে

-

প্রতিক্রিয়া

-
    -
  • পারপ্লেক্সিটি বিজ্ঞাপন চালু করেছে, যা অনলাইন পরিষেবাগুলিতে বিজ্ঞাপনের অনিবার্যতা সম্পর্কে আলোচনা শুরু করেছে কারণ গ্রাহকরা বিজ্ঞাপন-মুক্ত অভিজ্ঞতার জন্য অর্থ প্রদান করতে অনিচ্ছুক। - কিছু ব্যবহারকারী বিজ্ঞাপনকে অনধিকারপ্রবেশকারী মনে করেন এবং কাগির মতো সাবস্ক্রিপশন-ভিত্তিক পরিষেবাগুলিকে পছন্দ করেন, যা বিজ্ঞাপন-মুক্ত অনুসন্ধান প্রদান করে, অন্যদিকে অন্যরা বিনামূল্যে, বিজ্ঞাপন-সমর্থিত বিকল্পগুলি বেছে নিতে থাকে। - এই পরিস্থিতি ডিজিটাল পরিষেবাগুলিতে বিজ্ঞাপন-সমর্থিত এবং সাবস্ক্রিপশন-ভিত্তিক মডেলের মধ্যে চলমান বিতর্ককে তুলে ধরে।
    • -
- - - - - -]]> - https://hn.cho.sh/bn/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/cs.xml b/static/rss/newsletter/cs.xml index 6217fd2cb..1ae0d96a8 100644 --- a/static/rss/newsletter/cs.xml +++ b/static/rss/newsletter/cs.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

„Výzkumník bezpečnosti Snyk nasazuje škodlivé balíčky NPM zaměřené na cursor.com“

+
    +
  • „Bezpečnostní výzkumník ze společnosti Snyk zveřejnil škodlivé balíčky NPM zaměřené na Cursor.com, společnost zabývající se AI kódováním, s cílem shromažďovat systémová data a odesílat je na službu ovládanou útočníkem.“
    • +
  • „Balíčky, identifikované jako „cursor-retrieval“, „cursor-always-local“ a „cursor-shadow-workspace“, byly označeny skenerem analýzy balíčků OpenSSF, což vedlo k vydání upozornění MAL-2025-27, MAL-2025-28 a MAL-2025-29.“
    • +
  • „Tento incident zdůrazňuje důležitost pečlivého prověřování NPM balíčků před jejich instalací, aby se předešlo možným bezpečnostním hrozbám.“
    • +
+

Reakce

+
    +
  • „Bezpečnostní výzkumník společnosti Snyk zveřejnil škodlivé balíčky NPM (Node Package Manager) zaměřené na cursor.com, čímž poukázal na zranitelnosti způsobené záměnou závislostí. - Incident vyvolal debatu o etice bezpečnostního výzkumu, zejména pokud jde o veřejné odhalení proměnných prostředí. - Cursor.com objasnil, že tuto akci neautorizovali, a Snyk se od té doby omluvil, což zdůrazňuje výzvy při vyvažování ofenzivního bezpečnostního výzkumu s etickými standardy.“
    • +
+

„Přešel jsem na Firefox a nikdy se neohlédl zpět“

+
    +
  • „Firefox je chválen za svou vynikající správu karet, vestavěnou funkci Pocket pro ukládání odkazů a e-mailový relé zaměřený na ochranu soukromí, což z něj činí silnou alternativu k Chromu. - Další funkce jako uživatelsky přívětivý nástroj pro snímky obrazovky, tlačítko ChatGPT, režim obraz v obraze, přizpůsobitelné možnosti vyhledávání a plynulé rolování zlepšují zážitek z prohlížení. - Ačkoli Firefox postrádá funkci webových aplikací Chromu, jeho promyšlený design a nižší nároky na zdroje z něj činí preferovanou volbu pro některé uživatele.“
    • +
+

Reakce

+
    +
  • „Uživatelé Firefoxu čelí výzvám ze strany platforem jako YouTube, které mohou záměrně zhoršovat zážitek pro prohlížeče mimo Google nebo pro uživatele používající blokátory reklam. Tento trend vyvolává obavy ohledně autonomie uživatelů, protože penalizuje ty, kteří se rozhodnou pro webový zážitek bez reklam a sledování. Firefox nabízí jedinečné funkce, jako jsou kontejnerové karty, které zvyšují soukromí a použitelnost, což z něj činí oblíbenou volbu pro uživatele hledající nezávislost na prohlížečích ovládaných velkými korporacemi.“
    • +
+

„Generální ředitel společnosti Sonos odstupuje po fiasku s aktualizací aplikace“

+

Reakce

+
    +
  • „Generální ředitel společnosti Sonos rezignoval po kontroverzní aktualizaci aplikace, která vyžadovala, aby uživatelé nahradili drahé zvukové systémy, což způsobilo nespokojenost zákazníků. - Aktualizace zavedla systém založený na cloudu, čímž se odklonila od spolehlivého Universal Plug and Play (UPnP), což vedlo k problémům s konektivitou a zvýšené složitosti. - Tato situace zdůrazňuje konflikt mezi obchodními strategiemi a udržováním důvěry zákazníků, zatímco generální ředitel přechází do poradní role s odstupným balíčkem.“
    • +
+

„V břiše MrBeasta“

+

Reakce

+
    +
  • „Esej zkoumá, jak algoritmus YouTube ovlivňuje tvorbu obsahu, přičemž jako případovou studii používá MrBeasta, a zdůrazňuje posun směrem k obsahu řízenému zapojením spíše než k smysluplnému obsahu. Diskutuje o širších důsledcích pro mediální gramotnost a kulturní dopad platforem jako YouTube a TikTok, naznačujíc trend směrem k povrchnímu a reakčnímu obsahu. Zvažují se různé perspektivy na roli algoritmů při formování obsahu a vliv populárních tvůrců na kulturní normy.“
    • +
+

„Operace Git na GitHubu jsou mimo provoz“

+
    +
  • „GitHub čelil výpadku operací Git dne 13. ledna 2025 kvůli změně konfigurace ovlivňující interní vyrovnávač zatížení, který trval od 23:35 do 00:24 UTC. - Problém byl vyřešen vrácením změny konfigurace a GitHub pracuje na zlepšení monitorovacích a nasazovacích procesů, aby se předešlo podobným incidentům. - Výpadek také ovlivnil služby GitHub Actions a Pages, což zdůrazňuje propojenou povahu jejich platformových služeb.“
    • +
+

Reakce

+
    +
  • „GitHub čelil významnému výpadku, který ovlivnil git operace, což vedlo ke zmatku mezi vývojáři, kteří zpočátku podezřívali problémy se svými SSH klíči nebo místními konfiguracemi. - Incident zdůraznil výzvy spojené se spoléháním na centralizované služby, což vyvolalo diskuse o výhodách samostatného hostování a decentralizovaných systémů. - Ačkoli byl problém vyřešen, poukázal na obavy ohledně spolehlivosti GitHubu a rizik spojených se závislostí na platformách třetích stran pro klíčové úkoly.“
    • +
+

„ZFS 2.3 vydán s rozšířením ZFS raidz“

+
    +
  • „OpenZFS 2.3.0 byl vydán a přináší významné funkce jako rozšíření RAIDZ, rychlou deduplikaci, přímý vstup/výstup, výstup ve formátu JSON a podporu pro dlouhé názvy souborů. - Vydání zahrnuje důležité opravy chyb a vylepšení výkonu, kompatibilní s jádry Linuxu 4.18 - 6.12 a verzemi FreeBSD 13.3, 14.0 - 14.2. - Aktualizace je výsledkem spolupráce 134 přispěvatelů, s dostupnou komplexní dokumentací a seznamem změn k nahlédnutí.“
    • +
+

Reakce

+
    +
  • „ZFS 2.3 byl vydán a přináší funkce jako rozšíření RAIDZ, rychlou deduplikaci, přímý vstup/výstup, výstup ve formátu JSON a podporu pro dlouhé názvy souborů. - Rozšíření RAIDZ je obzvláště pozoruhodné, protože umožňuje uživatelům přidávat nové zařízení do stávajícího RAIDZ poolu bez výpadku, čímž zvyšuje kapacitu úložiště. - Toto vydání je považováno za významný pokrok pro uživatele ZFS, přičemž se srovnává s jinými souborovými systémy jako Btrfs a Windows Storage Spaces, i přes některá omezení, jako je neschopnost zmenšit pooly.“
    • +
+

„Webtop – kontejnery Alpine, Ubuntu, Fedora a Arch obsahující plná desktopová prostředí“

+
    +
  • „Linuxserver/webtop poskytuje kontejnery založené na Alpine, Ubuntu, Fedora a Arch s plnými desktopovými prostředími přístupnými přes webové prohlížeče, podporujícími jak architektury x86-64, tak arm64.“
    • +
  • „Uživatelé si mohou vybrat z různých desktopových prostředí, jako jsou XFCE, KDE, MATE, i3, Openbox a IceWM, pomocí specifických značek obrázků a přistupovat k Webtopu prostřednictvím určených URL.“
    • +
  • „Bezpečnostní funkce zahrnují možnost seccomp v Dockeru a nastavení autentizace, s možnostmi přizpůsobení prostřednictvím proměnných prostředí, a podporu pro akceleraci GPU s open-source ovladači.“
    • +
+

Reakce

+
    +
  • „Webtop poskytuje kontejnery s plnými desktopovými prostředími pro Alpine, Ubuntu, Fedora a Arch, vhodné pro rychlé nastavení za VPN.“
    • +
  • „Uživatelé chválí Webtop za jeho rychlost a snadnost použití, zejména při použití s kontejnerem Gluetun pro zabezpečené připojení, ale varují před vystavením kontejnerů internetu bez bezpečnostních opatření kvůli absenci výchozí autentizace.“
    • +
  • „Projekt je ceněn za to, že je open-source a flexibilní, přičemž uživatelé sdílejí konfigurace, a alternativy jako Kasm a Selkies jsou zmíněny pro podobné účely.“
    • +
+

„1 z 5 online pracovních nabídek je buď falešná, nebo nikdy není obsazena, zjistila studie.“

+
    +
  • „Nedávná studie naznačuje, že 20 % online pracovních nabídek je buď falešných, nebo zůstává neobsazených, což přispívá k frustraci uchazečů o zaměstnání. - Tento trend „duchovních pracovních míst“ může být taktikou firem, jak projektovat obraz růstu. - Pracovní platformy jako Greenhouse a LinkedIn zavedly služby ověřování pracovních nabídek, aby uživatelům pomohly identifikovat skutečné pracovní příležitosti.“
    • +
+

Reakce

+
    +
  • „Studie odhaluje, že 20 % online pracovních nabídek je buď falešných, nebo zůstává neobsazených, často kvůli potřebě firem dodržovat imigrační politiky USA. - Firmy mohou také ponechat pracovní nabídky aktivní, aby našly ideální kandidáty, změnily požadavky nebo měly předem vybrané interní kandidáty. - Trh práce je pro uchazeče obtížný, často se setkávají s ignorováním a automatickým odmítáním, což vyvolává výzvy k regulačnímu zásahu.“
    • +
+

„Učinit křižovatku nebezpečnou pro chodce, aby se ušetřily sekundy pro řidiče“

+

Reakce

+
    +
  • „Debata se soustředí na to, zda by křižovatky měly upřednostňovat bezpečnost chodců nebo efektivitu řidičů, přičemž někteří upřednostňují světelně řízené křižovatky a přechody pro chodce před čtyřcestnými zastávkami.“
    • +
  • „Názory na dopravní předpisy a návrh infrastruktury se různí, přičemž se diskutuje o bezpečnosti přecházení mimo přechod a rizicích spojených s odbočováním vpravo na červenou.“
    • +
  • „Někteří prosazují alternativní řešení, jako jsou kruhové objezdy nebo přijetí nizozemských standardů dopravního inženýrství, aby se zvýšila bezpečnost i efektivita.“
    • +
+

„PostgreSQL je systém pro správu databází roku 2024“

+
    +
  • „PostgreSQL byl oceněn jako DBMS roku 2024 podle DB-Engines, čímž získal toto uznání popáté a překonal 423 dalších systémů pro správu databází.“
    • +
  • „PostgreSQL, s historií sahající téměř 35 let zpět, nadále inovuje, jak je vidět na nedávných vylepšeních PostgreSQL 17, vydaných v září 2024.“
    • +
  • „Snowflake a Microsoft si zajistily druhé a třetí místo, přičemž Snowflake je známý pro své cloudové datové sklady a podporu více cloudů, zatímco Microsoft nabízí robustní spravované relační databáze prostřednictvím Azure SQL Database a SQL Server.“
    • +
+

Reakce

+
    +
  • „PostgreSQL byl oceněn jako Systém pro správu databází roku 2024 podle db-engines.com, což zdůrazňuje jeho rostoucí popularitu a uznání v oboru.“
    • +
  • „Uživatelé zvažují přechod z Microsoft SQL Server na PostgreSQL kvůli vysokým licenčním nákladům a omezením zdrojů, i přes možné výzvy spojené s migrací.“
    • +
  • „PostgreSQL je oblíbený pro své robustní funkce a nákladovou efektivitu, což z něj činí preferovanou volbu pro budoucí projekty, ačkoli někteří uživatelé zkoumají alternativy jako Babelfish ke snížení nákladů.“
    • +
+

„Google OAuth přihlášení nechrání proti nákupu domény zkrachovalého startupu“

+

Reakce

+
    +
  • „Diskuse poukazuje na zranitelnost v systému přihlašování Google OAuth, když je doména neúspěšného startupu získána novým vlastníkem, což může potenciálně umožnit neoprávněný přístup ke službám.“
    • +
  • „Tento problém vzniká, protože Google nemusí rozlišovat mezi původními a novými vlastníky domény, což ovlivňuje jakýkoli systém, který používá autentizaci založenou na doméně.“
    • +
  • „Navrhovaným řešením je použití jedinečných identifikátorů, které zůstávají konstantní v průběhu času, ačkoli implementace tohoto řešení se liší mezi poskytovateli identity.“
    • +
+

„Použití programovacích dovedností k vytváření pasivního příjmu“

+
    +
  • „Autor přešel z role CTO na solopodnikatele a úspěšně vydělává více prostřednictvím portfolia softwarových produktů.“
    • +
  • „Klíčové strategie zahrnují zaměření na hlubokou práci, začínání s malými projekty, rychlé iterace a věnování času marketingovým aktivitám.“
    • +
  • „Cesta zdůrazňuje odolnost kvůli nejistotám, ale vyzdvihuje jedinečnou autonomii a svobodu této kariérní cesty, čímž povzbuzuje ty, kteří mají dovednosti v programování, aby ji zvážili jako zdroj pasivního příjmu.“
    • +
+

Reakce

+
    +
  • „Uživatel popsal generování pasivního příjmu prostřednictvím SEO spamových webů s využitím expirovaných doménových jmen, přičemž vydělával přibližně 30 tisíc dolarů ročně, navzdory etickým obavám a následnému zásahu ze strany Googlu.“
    • +
  • „Příspěvek vyvolal debatu o pasivním příjmu, přičemž někteří uživatelé tvrdili, že je to spíše podobné provozování podnikání než skutečně pasivní výdělky.“
    • +
  • „Účastníci sdíleli zkušenosti a výzvy v rámci vedlejších projektů, zdůrazňujíc důležitost času, odolnosti a strategického plánování.“
    • +
+

„Španělsko navrhuje 100% daň na domy koupené rezidenty mimo EU“

+
    +
  • „Španělsko zvažuje zavedení 100% daně na nákupy nemovitostí osobami, které nejsou rezidenty EU, s cílem řešit krizi bydlení a omezit spekulativní nákupy.“
    • +
  • „Návrh premiéra Pedra Sáncheze zahrnuje rozšíření sociálního bydlení a regulaci turistických pronájmů, aby se řešila nerovnováha mezi cenami bydlení a příjmy.“
    • +
  • „Budoucnost návrhu jako zákona je nejistá, přičemž někteří analytici jej vnímají spíše jako odstrašující prostředek pro zahraniční investory než jako zaručenou legislativní změnu.“
    • +
+

Reakce

+
    +
  • „Španělsko zvažuje 100% daň na domy zakoupené rezidenty mimo EU, aby řešilo problémy s dostupností bydlení. - Kritici naznačují, že zahraniční kupci nejsou hlavní příčinou vysokých cen bydlení, přičemž jako významnější faktory uvádějí pomalou byrokracii a územní zákony. - Návrh vyvolal debatu o roli zahraničního vlastnictví na trzích s bydlením a jeho účinnosti při řešení problémů s dostupností.“
    • +
+

„Apple brzy obdrží čipy 'vyrobené v Americe' z továrny TSMC v Arizoně“

+
    +
  • „Apple testuje procesory z arizonského závodu TSMC s plány na hromadnou výrobu v prvním čtvrtletí, což by mohlo z TSMC udělat prvního amerického zákazníka pro lokálně vyráběné čipy. - Tato iniciativa má za cíl posílit americkou nezávislost na křemíku a snížit závislost na Tchaj-wanu, který je zranitelný vůči geopolitickým a přírodním rizikům. - Arizonská továrna TSMC má vyrábět pokročilé 3nm a 2nm čipy, s probíhajícími snahami o posílení místního náboru a partnerství s americkými univerzitami, ačkoli balení bude zpočátku probíhat na Tchaj-wanu, dokud nebude provozuschopné zařízení v Peorii.“
    • +
+

Reakce

+
    +
  • „Apple obdrží čipy z arizonské továrny TSMC, ale ty musí být odeslány zpět na Tchaj-wan k balení kvůli nedostatečným zařízením v USA. - Více než 50 % pracovní síly v arizonské továrně pochází z Tchaj-wanu, což naznačuje mezeru v oblasti STEM (věda, technologie, inženýrství a matematika) v USA. - Iniciativa CHIPS Act, zaměřená na posílení americké výroby polovodičů, čelí výzvám, protože označení „Vyrobeno v Americe“ je zpochybňováno kvůli procesu balení probíhajícímu na Tchaj-wanu, s plány na americké balicí kapacity do roku 2027.“
    • +
+

„O 43 tisíc řidičů méně na silnicích Manhattanu poté, co bylo zavedeno zpoplatnění dopravy.“

+
    +
  • „Po zavedení poplatků za vjezd do centra došlo k 7,5% snížení počtu řidičů vjíždějících do Manhattanu pod 60. ulicí, což odpovídá 43 000 méně řidičům každý všední den.“
    • +
  • „Snížení provozu zlepšilo plynulost dopravy a zvýšilo rychlost autobusů, přičemž některé expresní autobusy zaznamenaly vyšší počet cestujících.“
    • +
  • „Metropolitní dopravní úřad (MTA) využívá příjmy z mýtného, které se odhadují na 500 milionů dolarů ročně, na zlepšení dopravy, a to i přes určitou politickou opozici.“
    • +
+

Reakce

+
    +
  • „Zavedení poplatků za vjezd do přeplněných oblastí na Manhattanu vedlo k poklesu počtu řidičů o 43 000, což přispělo ke zvýšení rychlosti autobusů a potenciálně lepším časům reakce záchranných složek.“
    • +
  • „Politika je navržena tak, aby snížila dopravní zácpy a zlepšila kvalitu ovzduší, i když vyvolala debatu o jejím dopadu na osoby s nižšími příjmy.“
    • +
  • „Zastánci tvrdí, že přínosy zahrnují efektivnější veřejnou dopravu a čistší ovzduší, zatímco diskuse pokračují o vyvážení těchto výhod s potřebami řidičů.“
    • +
+ + + + + +]]> + https://hn.cho.sh/cs/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

„Samořídící Volvo z roku 1993 s otevřeným pilotem“

-
    -
  • „Skupina přátel se zúčastnila zimní edice Carbage Run 2025, což je šestidenní rallye přes Švédsko k polárnímu kruhu a zpět do Helsinek, přičemž auta musí být stará alespoň 20 let a mít hodnotu pod 1000 €.“
    • -
  • „Přeměnili Volvo 940 Estate z roku 1993 na autonomní vozidlo pomocí openpilot od comma.ai, přičemž začlenili moderní komponenty jako elektrické posilovače řízení, Bosch iBooster a radarový senzor Tesla.“
    • -
  • „Budoucí aktualizace budou zahrnovat podrobnosti o elektroinstalaci, vlastní řídicí jednotce motoru (ECU) a plány na otevření zdrojového kódu, což zdůrazňuje inovativní přístup projektu k modernizaci starších vozidel s autonomní technologií.“
    • -
-

Reakce

-
    -
  • „Volvo 940 z roku 1993 bylo vybaveno technologií OpenPilot, což je technologie pro autonomní řízení, což zdůrazňuje propojení klasického designu automobilů s moderními technologiemi.“
    • -
  • „Projekt čelil výzvám, včetně aktualizace brzdových a řídicích systémů, což vyvolalo právní a bezpečnostní obavy, zejména u úprav typu „udělej si sám“, jako je svařování řídicího sloupku.“
    • -
  • „Diskuse se rozšířila na automobilové předpisy v Evropě, úpadek hotrodů v USA a kulturní rozdíly ve svobodě úprav automobilů, přičemž projekt byl vnímán jako inspirativní kutilský počin navzdory obavám o bezpečnost.“
    • -
-

„VoxelSpace: Algoritmus pro vykreslování terénu v méně než 20 řádcích kódu (2020)“

-
    -
  • „Hra Comanche od NovaLogic z roku 1992 využívala engine Voxel Space, což je 2.5D vykreslovací technika založená na ray castingu, k vytvoření detailních terénů se stínováním a stíny.“
    • -
  • „Voxel Space engine používal výškové a barevné mapy a jednoduchý vykreslovací algoritmus, který kreslil svislé čáry od zadní části k přední, což mohlo být optimalizováno pro výkon.“
    • -
  • „Kód motoru je dostupný pod licencí MIT, ale technologie může být stále patentována v některých regionech.“
    • -
-

Reakce

-
    -
  • „VoxelSpace je algoritmus pro vykreslování terénu, který je pozoruhodný svou jednoduchostí, vyžadující méně než 20 řádků kódu, a vyvolává nostalgii po inovativním vývoji her v dobách s omezeným hardwarem.“
    • -
  • „Moderní AAA hry se zaměřují na složité optimalizace a tržní trendy, často na úkor originality, zatímco nezávislé hry a platformy jako PICO-8 poskytují více tvůrčí svobody.“
    • -
  • „Navzdory technologickému pokroku někteří vývojáři a hráči cítí, že „kouzlo“ starších her chybí, ačkoli inovativní projekty jako voxelové vykreslování nadále inspirují kreativitu.“
    • -
-

„Jak nakreslit obrys ve videohře“

-
    -
  • „Článek pojednává o pěti technikách pro vykreslování obrysů v Unity, populární platformě pro vývoj her, a zdůrazňuje jejich použití ve hrách jako Sable a The Last of Us. - Techniky zahrnují Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm a Edge Detection, z nichž každá má jedinečné výhody a kompromisy z hlediska výkonu a vizuální kvality. - Článek poskytuje vhled do vyvážení těchto metod pro optimální estetiku her a podporu hratelnosti, s dalšími zdroji a kredity pro 3D modely.“
    • -
-

Reakce

-
    -
  • „Článek zkoumá pokročilé techniky pro kreslení obrysů ve videohrách, zdůrazňuje efektivitu algoritmu Jump Flood (JFA) a podepsaných vzdálenostních polí (SDF) oproti tradičním metodám. - Zabývá se stylizovanou 3D grafikou, diskutuje o technikách renderování a potenciálním využití neuronových sítí pro osvětlení a stylizaci. - Přispěvatelé poskytují pohledy na historický vývoj cel-shadingu ve hrách, jako je Jet Set Radio, a zdůrazňují vyvíjející se propojení technologie a umění v 3D grafice.“
    • -
-

„Odcházím z Washington Post“

-

Reakce

-
    -
  • „Autor opouští Washington Post kvůli jeho neschopnosti přizpůsobit se vyvíjejícímu se mediálnímu prostředí a jeho přístupu k prezentaci problémů, který považují za neúčinný pro kritická témata, jako je demokracie.“
    • -
  • „Tradiční média, zejména místní noviny, se potýkají s finančními problémy, což vede k zaujatému zpravodajství a poklesu důvěry veřejnosti, zatímco sociální média nemohou nahradit důkladnou práci žurnalistiky.“
    • -
  • „Obavy jsou vyjádřeny ohledně vlivu bohatých jednotlivců, jako je Jeff Bezos, na mediální kanály a dopadu korporátních zájmů na roli médií při zodpovědnosti moci.“
    • -
-

„Perplexity má reklamy“

-

Reakce

-
    -
  • „Perplexity zavedla reklamy, což vedlo k diskusím o nevyhnutelnosti reklam v online službách kvůli neochotě spotřebitelů platit za zážitky bez reklam. - Někteří uživatelé považují reklamy za rušivé a dávají přednost službám na bázi předplatného, jako je Kagi, které nabízejí vyhledávání bez reklam, zatímco jiní nadále volí bezplatné, reklamou podporované možnosti. - Tato situace zdůrazňuje probíhající debatu mezi modely podporovanými reklamou a modely založenými na předplatném v digitálních službách.“
    • -
- - - - - -]]> - https://hn.cho.sh/cs/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/da.xml b/static/rss/newsletter/da.xml index 6532367f1..33dc19dd6 100644 --- a/static/rss/newsletter/da.xml +++ b/static/rss/newsletter/da.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

En Snyk-sikkerhedsforsker implementerer ondsindede NPM-pakker rettet mod cursor.com

+
    +
  • En Snyk-sikkerhedsforsker frigav ondsindede NPM-pakker rettet mod Cursor.com, et AI-kodningsfirma, for at indsamle systemdata og sende dem til en angriberkontrolleret tjeneste.
    • +
  • Pakkerne, identificeret som "cursor-retrieval," "cursor-always-local," og "cursor-shadow-workspace," blev markeret af OpenSSF-pakkeanalysescanneren, hvilket resulterede i rådgivninger MAL-2025-27, MAL-2025-28 og MAL-2025-29.
    • +
  • Denne hændelse understreger vigtigheden af at undersøge NPM-pakker grundigt inden installation for at undgå potentielle sikkerhedstrusler.
    • +
+

Reaktioner

+
    +
  • En Snyk-sikkerhedsforsker frigav ondsindede NPM (Node Package Manager) pakker rettet mod cursor.com, hvilket fremhævede sårbarheder ved afhængighedsforvirring. - Hændelsen har udløst en debat om etikken i sikkerhedsforskning, især med hensyn til offentlig eksponering af miljøvariabler. - Cursor.com præciserede, at de ikke havde godkendt handlingen, og Snyk har siden undskyldt, hvilket understreger udfordringerne ved at balancere offensiv sikkerhedsforskning med etiske standarder.
    • +
+

Jeg skiftede til Firefox og har aldrig set mig tilbage

+
    +
  • Firefox bliver rost for sin overlegne fanebladshåndtering, indbyggede Pocket-funktion til at gemme links og en privatlivsfokuseret e-mail-relæ, hvilket gør det til et stærkt alternativ til Chrome. - Yderligere funktioner som et brugervenligt skærmbilledeværktøj, en ChatGPT-knap, Billede-i-billede, tilpasselige søgemuligheder og jævn rullefunktion forbedrer browseroplevelsen. - Selvom Firefox mangler Chromes webapp-funktion, gør dets gennemtænkte design og reducerede ressourcekrav det til et foretrukket valg for nogle brugere.
    • +
+

Reaktioner

+
    +
  • Firefox-brugere står over for udfordringer fra platforme som YouTube, der muligvis bevidst forringer oplevelsen for ikke-Google browsere eller brugere, der anvender annonceblokkere. - Denne tendens vækker bekymring om brugerautonomi, da det straffer dem, der vælger en annoncefri og overvågningsfri weboplevelse. - Firefox tilbyder unikke funktioner, såsom containerfaner, der forbedrer privatliv og brugervenlighed, hvilket gør det til et foretrukket valg for brugere, der søger uafhængighed fra store virksomhedskontrollerede browsere.
    • +
+

Sonos' administrerende direktør træder tilbage efter app-opdateringsfiasko

+

Reaktioner

+
    +
  • Sonos' administrerende direktør har trukket sig efter en kontroversiel app-opdatering, der krævede, at brugerne skulle udskifte dyre lydsystemer, hvilket forårsagede utilfredshed blandt kunderne. - Opdateringen introducerede et cloud-baseret system, der bevægede sig væk fra det pålidelige Universal Plug and Play (UPnP), hvilket førte til forbindelsesproblemer og øget kompleksitet. - Denne situation understreger konflikten mellem forretningsstrategier og opretholdelse af kundetillid, da direktøren overgår til en rådgivende rolle med en fratrædelsespakke.
    • +
+

I maven på MrBeast

+

Reaktioner

+
    +
  • Essayet undersøger, hvordan YouTubes algoritme påvirker indholdsskabelse ved at bruge MrBeast som et casestudie, og fremhæver en skift mod engagement-drevet snarere end meningsfuldt indhold. - Det diskuterer de bredere implikationer for mediekompetence og den kulturelle indflydelse af platforme som YouTube og TikTok, og antyder en tendens mod overfladisk og reaktionært indhold. - Forskellige perspektiver overvejes om algoritmers rolle i at forme indhold og indflydelsen af populære skabere på kulturelle normer.
    • +
+

GitHub Git-operationer er nede

+
    +
  • GitHub oplevede et nedbrud i Git-operationer den 13. januar 2025 på grund af en konfigurationsændring, der påvirkede den interne load balancer, og varede fra 23:35 til 00:24 UTC. - Problemet blev løst ved at tilbageføre konfigurationsændringen, og GitHub arbejder på at forbedre overvågnings- og implementeringsprocesser for at forhindre lignende hændelser. - Nedbruddet påvirkede også GitHubs Actions og Pages-tjenester, hvilket fremhæver den indbyrdes forbundne natur af deres platformtjenester.
    • +
+

Reaktioner

+
    +
  • GitHub oplevede et større nedbrud, der påvirkede git-operationer, hvilket førte til forvirring blandt udviklere, der først mistænkte problemer med deres SSH-nøgler eller lokale konfigurationer. - Hændelsen understregede udfordringerne ved at stole på centraliserede tjenester og fremkaldte diskussioner om fordelene ved selv-hosting og decentrale systemer. - Selvom problemet blev løst, fremhævede det bekymringer om GitHubs pålidelighed og risikoen ved at være afhængig af tredjepartsplatforme til essentielle opgaver.
    • +
+

ZFS 2.3 udgivet med ZFS raidz-udvidelse

+
    +
  • OpenZFS 2.3.0 er blevet udgivet og introducerer betydelige funktioner som RAIDZ-udvidelse, hurtig deduplikering, direkte input/output, JSON-output og understøttelse af lange filnavne. - Udgivelsen inkluderer væsentlige fejlrettelser og ydeevneforbedringer, kompatibel med Linux-kerner 4.18 - 6.12 og FreeBSD-versioner 13.3, 14.0 - 14.2. - Opdateringen er et samarbejde fra 134 bidragydere, med omfattende dokumentation og en ændringslog tilgængelig for gennemgang.
    • +
+

Reaktioner

+
    +
  • ZFS 2.3 er blevet udgivet og introducerer funktioner som RAIDZ-udvidelse, hurtig deduplikering, direkte IO, JSON-output og understøttelse af lange filnavne. - RAIDZ-udvidelse er særligt bemærkelsesværdig, da det giver brugerne mulighed for at tilføje nye enheder til en eksisterende RAIDZ-pool uden nedetid, hvilket øger lagerkapaciteten. - Udgivelsen betragtes som et betydeligt fremskridt for ZFS-brugere og sammenlignes med andre filsystemer som Btrfs og Windows Storage Spaces, på trods af nogle begrænsninger som manglende evne til at reducere poolstørrelser.
    • +
+

Webtop – Alpine, Ubuntu, Fedora og Arch containere, der indeholder fulde desktop-miljøer

+
    +
  • Linuxserver/webtop tilbyder containere baseret på Alpine, Ubuntu, Fedora og Arch med fulde skrivebordsmiljøer, der er tilgængelige gennem webbrowsere, og som understøtter både x86-64 og arm64 arkitekturer.
    • +
  • Brugere kan vælge mellem forskellige skrivebordsmiljøer som XFCE, KDE, MATE, i3, Openbox og IceWM ved at bruge specifikke billedtags og få adgang til Webtop via angivne URL'er.
    • +
  • Security-funktioner inkluderer Dockers seccomp-option og autentificeringsopsætning, med tilpasningsmuligheder tilgængelige gennem miljøvariabler, samt support til GPU-acceleration med open-source drivere.
    • +
+

Reaktioner

+
    +
  • Webtop tilbyder containere med fulde desktop-miljøer til Alpine, Ubuntu, Fedora og Arch, velegnet til hurtige opsætninger bag en VPN.
    • +
  • Brugere roser Webtop for dets hastighed og brugervenlighed, især når det bruges med Gluetun-containeren for sikre forbindelser, men advarer mod at eksponere containere for internettet uden sikkerhedsforanstaltninger på grund af manglende standardgodkendelse.
    • +
  • Projektet værdsættes for at være open-source og fleksibelt, hvor brugere deler konfigurationer, og alternativer som Kasm og Selkies bemærkes for lignende formål.
    • +
+

1 ud af 5 online jobopslag er enten falske eller aldrig besat, viser undersøgelse

+
    +
  • En nylig undersøgelse viser, at 20% af online jobopslag enten er falske eller forbliver ubesatte, hvilket øger jobsøgendes frustration. - Denne "spøgelsesjob"-tendens kan være en taktik for virksomheder til at projicere et billede af vækst. - Jobplatforme som Greenhouse og LinkedIn har introduceret jobverifikationstjenester for at hjælpe brugere med at identificere ægte jobmuligheder.
    • +
+

Reaktioner

+
    +
  • En undersøgelse afslører, at 20% af online jobopslag enten er falske eller forbliver ubesatte, ofte fordi virksomheder skal overholde amerikanske immigrationspolitikker. - Virksomheder kan også lade jobopslag stå for at finde ideelle kandidater, ændre krav eller have forudvalgte interne kandidater. - Arbejdsmarkedet er vanskeligt for ansøgere, der ofte oplever ghosting og automatiske afslag, hvilket har ført til opfordringer til regulerende indgreb.
    • +
+

At gøre et vejkryds usikkert for fodgængere for at spare sekunder for bilister

+

Reaktioner

+
    +
  • Debatten drejer sig om, hvorvidt kryds skal prioritere fodgængersikkerhed eller førereffektivitet, hvor nogle foretrækker lysregulerede kryds og fodgængerfelter frem for 4-vejs stop.
    • +
  • Der er delte meninger om færdselslove og infrastrukturdesign, med diskussioner om sikkerheden ved at krydse vejen uden for fodgængerfeltet og de risici, der er forbundet med højresving for rødt lys.
    • +
  • Der er nogle, der går ind for alternative løsninger som rundkørsler eller vedtagelse af hollandske trafikingeniørstandarder for at forbedre både sikkerhed og effektivitet.
    • +
+

PostgreSQL er Årets Databasestyringssystem 2024

+
    +
  • PostgreSQL er blevet tildelt prisen som Årets DBMS 2024 af DB-Engines, og opnår denne anerkendelse for femte gang, idet det overgår 423 andre databasehåndteringssystemer.
    • +
  • PostgreSQL, med en historie der strækker sig over næsten 35 år, fortsætter med at innovere, som det ses i de seneste forbedringer af PostgreSQL 17, der blev udgivet i september 2024.
    • +
  • Snowflake og Microsoft sikrede sig henholdsvis anden- og tredjepladsen, hvor Snowflake blev bemærket for sin cloud-baserede datawarehousing og multi-cloud support, mens Microsoft tilbyder robuste administrerede relationelle databaser gennem Azure SQL Database og SQL Server.
    • +
+

Reaktioner

+
    +
  • PostgreSQL er blevet tildelt prisen som Årets Database Management System 2024 af db-engines.com, hvilket fremhæver dets voksende popularitet og anerkendelse i branchen.
    • +
  • Brugere overvejer at skifte fra Microsoft SQL Server til PostgreSQL på grund af høje licensomkostninger og ressourcebegrænsninger, på trods af potentielle migrationsudfordringer.
    • +
  • PostgreSQL foretrækkes for sine robuste funktioner og omkostningseffektivitet, hvilket gør det til et foretrukket valg for fremtidige projekter, selvom nogle brugere udforsker alternativer som Babelfish for at reducere omkostningerne.
    • +
+

Googles OAuth-login beskytter ikke mod køb af et mislykket startup-domæne

+

Reaktioner

+
    +
  • Diskussionen fremhæver en sårbarhed i Googles OAuth-login-system, når et mislykket startups domæne erhverves af en ny ejer, hvilket potentielt tillader uautoriseret adgang til tjenester.
    • +
  • Dette problem opstår, fordi Google muligvis ikke skelner mellem de oprindelige og nye domæneejer, hvilket påvirker ethvert system, der bruger domænebaseret autentifikation.
    • +
  • En foreslået løsning er at bruge unikke identifikatorer, der forbliver konstante over tid, selvom implementeringen af denne løsning varierer blandt identitetsudbydere.
    • +
+

Brug af kodningsfærdigheder til at skabe passiv indkomst

+
    +
  • Forfatteren gik fra en CTO-rolle til at blive soloprenør og tjente med succes mere gennem en portefølje af softwareprodukter.
    • +
  • Vigtige strategier inkluderer at fokusere på dybt arbejde, starte med små projekter, iterere hurtigt og dedikere tid til markedsføringsindsatser.
    • +
  • Rejsen understreger modstandskraft på grund af usikkerheder, men fremhæver den uovertrufne autonomi og frihed ved denne karrierevej, hvilket opmuntrer dem med kodningsfærdigheder til at overveje det som en kilde til passiv indkomst.
    • +
+

Reaktioner

+
    +
  • En bruger beskrev, hvordan de genererede passiv indkomst gennem SEO-spamwebsteder ved at bruge udløbende domænenavne, og tjente cirka $30.000 årligt, på trods af etiske bekymringer og Googles eventuelle nedslag.
    • +
  • Opslaget udløste en debat om passiv indkomst, hvor nogle brugere argumenterede for, at det minder mere om at drive en virksomhed end om virkelig passive indtægter.
    • +
  • Deltagerne delte erfaringer og udfordringer i sideprojekter og fremhævede vigtigheden af tid, modstandsdygtighed og strategisk planlægning.
    • +
+

Spanien foreslår 100% skat på boliger købt af ikke-EU-borgere

+
    +
  • Spanien overvejer en 100% skat på ejendomskøb foretaget af ikke-EU-borgere med det formål at tackle boligkrisen og begrænse spekulative køb.
    • +
  • Premierminister Pedro Sánchez' forslag omfatter udvidelse af sociale boliger og regulering af turistudlejninger for at tackle forskellen mellem boligpriser og indkomster.
    • +
  • Forslagets fremtid som lov er usikker, da nogle analytikere ser det som en afskrækkelse for udenlandske investorer snarere end en garanteret lovgivningsændring.
    • +
+

Reaktioner

+
    +
  • Spanien overvejer en 100% skat på boliger købt af ikke-EU-borgere for at tackle problemer med boligoverkommelighed. - Kritikere foreslår, at udenlandske købere ikke er den primære årsag til de høje boligpriser og peger på langsom bureaukrati og planlovgivning som mere betydelige faktorer. - Forslaget har antændt en debat om udenlandsk ejerskabs rolle på boligmarkederne og dets effektivitet i at løse overkommelighedsproblemer.
    • +
+

Apple vil snart modtage 'fremstillet i Amerika' chips fra TSMC's fabrik i Arizona

+
    +
  • Apple tester processorer fra TSMC's facilitet i Arizona med planer om masseproduktion i første kvartal, hvilket potentielt gør dem til TSMC's første amerikanske kunde for lokalt fremstillede chips. - Dette initiativ har til formål at styrke USA's uafhængighed inden for silicium og reducere afhængigheden af Taiwan, som er sårbar over for geopolitiske og naturlige risici. - TSMC's fabrik i Arizona skal producere avancerede 3nm og 2nm chips, med igangværende bestræbelser på at forbedre lokal rekruttering og partnerskaber med amerikanske universiteter, selvom pakning i første omgang vil finde sted i Taiwan, indtil anlægget i Peoria er operationelt.
    • +
+

Reaktioner

+
    +
  • Apple vil modtage chips fra TSMC's fabrik i Arizona, men de skal sendes tilbage til Taiwan for pakning på grund af utilstrækkelige faciliteter i USA. - Over 50% af arbejdsstyrken på fabrikken i Arizona er fra Taiwan, hvilket indikerer en mangel i det amerikanske STEM (Science, Technology, Engineering, and Mathematics) felt. - CHIPS Act-initiativet, der sigter mod at styrke amerikansk halvlederproduktion, står over for udfordringer, da "Made in America"-mærket bliver sat spørgsmålstegn ved på grund af pakningsprocessen, der foregår i Taiwan, med planer om amerikanske pakningsmuligheder inden 2027.
    • +
+

43.000 færre bilister på Manhattans veje efter indførelsen af trængselsafgifter

+
    +
  • Efter indførelsen af trængselsafgifter var der en reduktion på 7,5 % i antallet af bilister, der kørte ind i Manhattan under 60th Street, hvilket svarer til 43.000 færre bilister hver hverdag.
    • +
  • Reduktionen i trafikken har forbedret trafikflowet og øget bussernes hastigheder, hvor nogle ekspresbusser oplever højere passagertal.
    • +
  • Metropolitan Transportation Authority (MTA) bruger indtægterne fra vejafgifter, anslået til 500 millioner dollars årligt, til forbedringer af offentlig transport, på trods af en vis politisk modstand.
    • +
+

Reaktioner

+
    +
  • Implementeringen af trængselsafgifter i Manhattan har resulteret i 43.000 færre bilister, hvilket har ført til øgede busfart og potentielt bedre responstider for nødtjenester.
    • +
  • Politikken er designet til at reducere trafikbelastning og forbedre luftkvaliteten, selvom den har udløst debat om dens indvirkning på personer med lavere indkomst.
    • +
  • Fortalere hævder, at fordelene inkluderer mere effektiv offentlig transport og renere luft, mens diskussionerne fortsætter om at balancere disse fordele med bilisternes behov.
    • +
+ + + + + +]]> + https://hn.cho.sh/da/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Selvkørende 1993 Volvo med open pilot

-
    -
  • En gruppe venner deltog i Carbage Run 2025 Winter-udgaven, et 6-dages rally gennem Sverige til polarcirklen og tilbage til Helsinki, hvor bilerne skulle være mindst 20 år gamle og have en værdi under €1000.
    • -
  • De omdannede en 1993 Volvo 940 Estate til et selvkørende køretøj ved hjælp af openpilot fra comma.ai, og integrerede moderne komponenter som elektrisk servostyring, en Bosch iBooster og en Tesla radarsensor.
    • -
  • Fremtidige opdateringer vil inkludere detaljer om ledningsføring, en specialfremstillet motorstyringsenhed (ECU) og planer om at open-source koden, hvilket fremhæver projektets innovative tilgang til at eftermontere ældre køretøjer med autonom teknologi.
    • -
-

Reaktioner

-
    -
  • En Volvo 940 fra 1993 blev eftermonteret med OpenPilot, en selvkørende teknologi, hvilket fremhæver krydsfeltet mellem klassisk bildesign og moderne teknologi.
    • -
  • Projektet stod over for udfordringer, herunder opdatering af bremse- og styresystemerne, hvilket rejste juridiske og sikkerhedsmæssige bekymringer, især med gør-det-selv-modifikationer som svejsning af ratstammen.
    • -
  • Diskussionen udvidede sig til bilreguleringer i Europa, tilbagegangen af hotrods i USA og kulturelle forskelle i friheden til bilmodifikationer, med projektet betragtet som en inspirerende gør-det-selv-indsats trods sikkerhedsbekymringer.
    • -
-

VoxelSpace: Terrænrenderingsalgoritme på mindre end 20 linjer kode (2020)

-
    -
  • NovaLogics spil Comanche fra 1992 anvendte Voxel Space-motoren, en 2.5D renderingsteknik baseret på ray casting, til at skabe detaljerede terræner med skygger og skyggeeffekter.
    • -
  • Voxel Space-motoren brugte højde- og farvekort samt en simpel renderingsalgoritme, der tegnede lodrette linjer fra bag til front, hvilket kunne optimeres for ydeevne.
    • -
  • Motorens kode er tilgængelig under MIT-licensen, men teknologien kan stadig være patenteret i visse regioner.
    • -
-

Reaktioner

-
    -
  • VoxelSpace er en terrænrenderingsalgoritme kendt for sin enkelhed, da den kræver mindre end 20 linjer kode, og den vækker nostalgi for innovativ spiludvikling i perioder med begrænset hardware.
    • -
  • Moderne AAA-spil fokuserer på komplekse optimeringer og markedstendenser, ofte på bekostning af originalitet, mens indie-spil og platforme som PICO-8 giver mere kreativ frihed.
    • -
  • På trods af teknologiske fremskridt føler nogle udviklere og spillere, at "magien" fra ældre spil mangler, selvom innovative projekter som voxel-rendering fortsat inspirerer til kreativitet.
    • -
-

Sådan tegner du en omrids i et videospil

-
    -
  • Artiklen diskuterer fem teknikker til at gengive konturer i Unity, en populær spiludviklingsplatform, og fremhæver deres anvendelse i spil som Sable og The Last of Us. - Teknikkerne inkluderer Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm og Edge Detection, hver med unikke fordele og kompromiser i forhold til ydeevne og visuel kvalitet. - Artiklen giver indsigt i at balancere disse metoder for optimal spilæstetik og gameplay-understøttelse, med yderligere ressourcer og krediteringer for 3D-modeller inkluderet.
    • -
-

Reaktioner

-
    -
  • Artiklen udforsker avancerede teknikker til at tegne konturer i videospil, med vægt på effektiviteten af Jump Flood Algorithm (JFA) og Signed Distance Fields (SDFs) i forhold til traditionelle metoder. - Den går i dybden med stiliseret 3D-grafik, diskuterer renderingsteknikker og den potentielle brug af neurale netværk til belysning og styling. - Bidragydere giver indsigt i den historiske udvikling af cel shading i spil, såsom Jet Set Radio, og fremhæver det udviklende samspil mellem teknologi og kunst i 3D-grafik.
    • -
-

Jeg stopper på Washington Post

-

Reaktioner

-
    -
  • Forfatteren forlader Washington Post på grund af avisens manglende evne til at tilpasse sig det skiftende medielandskab og dens tilgang til at præsentere emner, som de mener er ineffektiv for kritiske emner som demokrati.
    • -
  • Traditionelle medier, især lokale aviser, kæmper økonomisk, hvilket fører til partisk rapportering og et fald i offentlighedens tillid, mens sociale medier ikke kan erstatte det grundige arbejde, som journalistik kræver.
    • -
  • Bekymringer rejses om indflydelsen fra velhavende individer, såsom Jeff Bezos, på medievirksomheder, og virkningen af virksomheders interesser på mediernes rolle i at holde magten ansvarlig.
    • -
-

Perplexity har fået annoncer

-

Reaktioner

-
    -
  • Perplexity har introduceret reklamer, hvilket har ført til diskussioner om uundgåeligheden af reklamer i onlinetjenester på grund af forbrugernes modvilje mod at betale for reklamefri oplevelser. - Nogle brugere finder reklamer påtrængende og foretrækker abonnementsbaserede tjenester som Kagi, der tilbyder reklamefri søgning, mens andre fortsætter med at vælge gratis, reklameunderstøttede muligheder. - Denne situation understreger den igangværende debat mellem reklameunderstøttede og abonnementsbaserede modeller i digitale tjenester.
    • -
- - - - - -]]> - https://hn.cho.sh/da/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/de.xml b/static/rss/newsletter/de.xml index e814ce726..1168be976 100644 --- a/static/rss/newsletter/de.xml +++ b/static/rss/newsletter/de.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

„Snyk-Sicherheitsforscher setzt bösartige NPM-Pakete ein, die auf cursor.com abzielen.“

+
    +
  • „Ein Snyk-Sicherheitsforscher veröffentlichte bösartige NPM-Pakete, die auf Cursor.com, ein KI-Coding-Unternehmen, abzielen, um Systemdaten zu sammeln und an einen von Angreifern kontrollierten Dienst zu senden.“
    • +
  • „Die Pakete, die als „cursor-retrieval“, „cursor-always-local“ und „cursor-shadow-workspace“ identifiziert wurden, wurden vom OpenSSF-Paketanalysescanner markiert, was zu den Warnungen MAL-2025-27, MAL-2025-28 und MAL-2025-29 führte.“
    • +
  • „Dieser Vorfall unterstreicht die Bedeutung der Überprüfung von NPM-Paketen vor der Installation, um potenzielle Sicherheitsbedrohungen zu vermeiden.“
    • +
+

Reaktionen

+
    +
  • „Ein Snyk-Sicherheitsforscher hat bösartige NPM (Node Package Manager)-Pakete veröffentlicht, die auf cursor.com abzielen und Schwachstellen in der Abhängigkeitsverwirrung aufzeigen. - Der Vorfall hat eine Debatte über die Ethik der Sicherheitsforschung ausgelöst, insbesondere in Bezug auf die öffentliche Offenlegung von Umgebungsvariablen. - Cursor.com stellte klar, dass sie die Aktion nicht autorisiert haben, und Snyk hat sich inzwischen entschuldigt, was die Herausforderungen bei der Balance zwischen offensiver Sicherheitsforschung und ethischen Standards unterstreicht.“
    • +
+

„Ich bin zu Firefox gewechselt und habe nie zurückgeblickt.“

+
    +
  • „Firefox wird für seine überlegene Tab-Verwaltung, die integrierte Pocket-Funktion zum Speichern von Links und ein datenschutzorientiertes E-Mail-Relay gelobt, was es zu einer starken Alternative zu Chrome macht. - Zusätzliche Funktionen wie ein benutzerfreundliches Screenshot-Tool, ein ChatGPT-Button, Bild-in-Bild, anpassbare Suchoptionen und sanftes Scrollen verbessern das Surferlebnis. - Obwohl Firefox die Web-App-Funktion von Chrome fehlt, machen sein durchdachtes Design und der reduzierte Ressourcenbedarf es für einige Benutzer zur bevorzugten Wahl.“
    • +
+

Reaktionen

+
    +
  • „Firefox-Nutzer stehen vor Herausforderungen durch Plattformen wie YouTube, die möglicherweise absichtlich das Erlebnis für Nicht-Google-Browser oder Nutzer, die Werbeblocker verwenden, verschlechtern. - Dieser Trend wirft Bedenken hinsichtlich der Nutzerautonomie auf, da er diejenigen bestraft, die sich für ein werbefreies und überwachungsfreies Web-Erlebnis entscheiden. - Firefox bietet einzigartige Funktionen wie Container-Tabs, die die Privatsphäre und Benutzerfreundlichkeit verbessern und es zu einer bevorzugten Wahl für Nutzer machen, die Unabhängigkeit von großen, konzernkontrollierten Browsern suchen.“
    • +
+

„Sonos-CEO tritt nach Debakel mit App-Update zurück“

+

Reaktionen

+
    +
  • „Der CEO von Sonos ist nach einem umstrittenen App-Update zurückgetreten, das die Nutzer dazu zwang, teure Soundsysteme zu ersetzen, was zu Unzufriedenheit bei den Kunden führte. - Das Update führte ein cloudbasiertes System ein und entfernte sich vom zuverlässigen Universal Plug and Play (UPnP), was zu Konnektivitätsproblemen und erhöhter Komplexität führte. - Diese Situation unterstreicht den Konflikt zwischen Geschäftsstrategien und der Aufrechterhaltung des Kundenvertrauens, während der CEO in eine beratende Rolle mit einem Abfindungspaket wechselt.“
    • +
+

„Im Bauch des MrBeast“

+

Reaktionen

+
    +
  • „Der Aufsatz untersucht, wie der YouTube-Algorithmus die Inhaltserstellung beeinflusst, wobei MrBeast als Fallstudie dient und eine Verschiebung hin zu engagementgetriebenen statt sinnvollen Inhalten hervorgehoben wird. - Es werden die breiteren Auswirkungen auf Medienkompetenz und den kulturellen Einfluss von Plattformen wie YouTube und TikTok diskutiert, wobei ein Trend zu oberflächlichen und reaktionären Inhalten vorgeschlagen wird. - Verschiedene Perspektiven werden in Betracht gezogen, um die Rolle von Algorithmen bei der Gestaltung von Inhalten und den Einfluss populärer Ersteller auf kulturelle Normen zu beleuchten.“
    • +
+

„GitHub-Git-Operationen sind ausgefallen“

+
    +
  • „GitHub erlebte am 13. Januar 2025 einen Ausfall der Git-Operationen aufgrund einer Konfigurationsänderung, die den internen Load Balancer betraf und von 23:35 bis 00:24 UTC andauerte. - Das Problem wurde durch Rückgängigmachen der Konfigurationsänderung behoben, und GitHub arbeitet daran, die Überwachungs- und Bereitstellungsprozesse zu verbessern, um ähnliche Vorfälle zu verhindern. - Der Ausfall betraf auch die Dienste GitHub Actions und Pages, was die miteinander verbundene Natur ihrer Plattformdienste verdeutlicht.“
    • +
+

Reaktionen

+
    +
  • „GitHub erlebte einen größeren Ausfall, der git-Operationen beeinträchtigte und zu Verwirrung unter Entwicklern führte, die zunächst Probleme mit ihren SSH-Schlüsseln oder lokalen Konfigurationen vermuteten. - Der Vorfall unterstrich die Herausforderungen, die mit der Abhängigkeit von zentralisierten Diensten einhergehen, und führte zu Diskussionen über die Vorteile von Selbsthosting und dezentralen Systemen. - Obwohl das Problem behoben wurde, machte es Bedenken hinsichtlich der Zuverlässigkeit von GitHub und der Risiken deutlich, die mit der Abhängigkeit von Drittanbieterplattformen für wesentliche Aufgaben verbunden sind.“
    • +
+

„ZFS 2.3 veröffentlicht mit ZFS raidz-Erweiterung“

+
    +
  • „OpenZFS 2.3.0 wurde veröffentlicht und führt bedeutende Funktionen wie RAIDZ-Erweiterung, schnelle Deduplizierung, direkte Ein-/Ausgabe, JSON-Ausgabe und Unterstützung für lange Dateinamen ein. - Die Veröffentlichung umfasst wesentliche Fehlerbehebungen und Leistungsverbesserungen, die mit Linux-Kernen 4.18 - 6.12 und FreeBSD-Versionen 13.3, 14.0 - 14.2 kompatibel sind. - Das Update ist eine gemeinsame Anstrengung von 134 Mitwirkenden, mit umfassender Dokumentation und einem Änderungsprotokoll zur Überprüfung.“
    • +
+

Reaktionen

+
    +
  • „ZFS 2.3 wurde veröffentlicht und führt Funktionen wie RAIDZ-Erweiterung, schnelle Deduplizierung, Direct IO, JSON-Ausgabe und Unterstützung für lange Dateinamen ein. - Die RAIDZ-Erweiterung ist besonders bemerkenswert, da sie es Benutzern ermöglicht, neue Geräte zu einem bestehenden RAIDZ-Pool ohne Ausfallzeiten hinzuzufügen, wodurch die Speicherkapazität erhöht wird. - Die Veröffentlichung wird als bedeutender Fortschritt für ZFS-Benutzer angesehen und zieht Vergleiche mit anderen Dateisystemen wie Btrfs und Windows Storage Spaces, trotz einiger Einschränkungen wie der Unfähigkeit, Pools zu verkleinern.“
    • +
+

„Webtop – Alpine-, Ubuntu-, Fedora- und Arch-Container mit vollständigen Desktop-Umgebungen“

+
    +
  • „Linuxserver/webtop bietet Container basierend auf Alpine, Ubuntu, Fedora und Arch mit vollständigen Desktop-Umgebungen, die über Webbrowser zugänglich sind und sowohl die x86-64- als auch die arm64-Architekturen unterstützen.“
    • +
  • „Benutzer können aus verschiedenen Desktop-Umgebungen wie XFCE, KDE, MATE, i3, Openbox und IceWM auswählen, indem sie spezifische Image-Tags verwenden und über festgelegte URLs auf den Webtop zugreifen.“
    • +
  • „Sicherheitsfunktionen umfassen die seccomp-Option von Docker und die Einrichtung der Authentifizierung, mit Anpassungsoptionen über Umgebungsvariablen und Unterstützung für GPU-Beschleunigung mit Open-Source-Treibern.“
    • +
+

Reaktionen

+
    +
  • „Webtop bietet Container mit vollständigen Desktop-Umgebungen für Alpine, Ubuntu, Fedora und Arch, die sich für schnelle Setups hinter einem VPN eignen.“
    • +
  • „Benutzer loben Webtop für seine Geschwindigkeit und Benutzerfreundlichkeit, insbesondere in Verbindung mit dem Gluetun-Container für sichere Verbindungen, warnen jedoch davor, Container ohne Sicherheitsmaßnahmen dem Internet auszusetzen, da es an standardmäßiger Authentifizierung fehlt.“
    • +
  • „Das Projekt wird für seine Open-Source-Natur und Flexibilität geschätzt, wobei Benutzer Konfigurationen teilen, und Alternativen wie Kasm und Selkies werden für ähnliche Zwecke erwähnt.“
    • +
+

„1 von 5 Online-Stellenanzeigen ist entweder gefälscht oder wird nie besetzt, wie eine Studie herausfand.“

+
    +
  • „Eine aktuelle Studie zeigt, dass 20 % der Online-Stellenanzeigen entweder gefälscht sind oder unbesetzt bleiben, was die Frustration der Arbeitssuchenden erhöht. - Dieser Trend der „Geisterjobs“ könnte eine Taktik von Unternehmen sein, um ein Wachstumsbild zu projizieren. - Jobplattformen wie Greenhouse und LinkedIn haben Jobverifizierungsdienste eingeführt, um Nutzern bei der Identifizierung echter Jobmöglichkeiten zu helfen.“
    • +
+

Reaktionen

+
    +
  • „Eine Studie zeigt, dass 20 % der Online-Stellenanzeigen entweder gefälscht sind oder unbesetzt bleiben, oft weil Unternehmen den US-Einwanderungsrichtlinien entsprechen müssen. - Unternehmen lassen Stellenanzeigen möglicherweise auch online, um ideale Kandidaten zu finden, Anforderungen zu ändern oder bereits intern ausgewählte Kandidaten zu haben. - Der Arbeitsmarkt ist für Bewerber schwierig, die häufig auf Ghosting und automatisierte Ablehnungen stoßen, was zu Forderungen nach regulatorischen Eingriffen führt.“
    • +
+

„Eine Kreuzung unsicher für Fußgänger machen, um Fahrern Sekunden zu sparen“

+

Reaktionen

+
    +
  • „Die Debatte dreht sich darum, ob Kreuzungen die Sicherheit von Fußgängern oder die Effizienz der Fahrer priorisieren sollten, wobei einige lichtgesteuerte Kreuzungen und Fußgängerüberwege gegenüber 4-Wege-Stoppkreuzungen bevorzugen.“
    • +
  • „Die Meinungen über Verkehrsregeln und Infrastrukturdesign gehen auseinander, wobei Diskussionen über die Sicherheit des unerlaubten Überquerens der Straße und die Risiken im Zusammenhang mit Rechtsabbiegen bei Rot geführt werden.“
    • +
  • „Einige befürworten alternative Lösungen wie Kreisverkehre oder die Übernahme niederländischer Verkehrstechnikstandards, um sowohl die Sicherheit als auch die Effizienz zu verbessern.“
    • +
+

„PostgreSQL ist das Datenbankverwaltungssystem des Jahres 2024“

+
    +
  • „PostgreSQL wurde von DB-Engines zum DBMS des Jahres 2024 gekürt und hat diese Auszeichnung zum fünften Mal erhalten, wobei es 423 andere Datenbankmanagementsysteme übertroffen hat.“
    • +
  • „PostgreSQL, mit einer Geschichte von fast 35 Jahren, setzt seine Innovationen fort, wie in den jüngsten Verbesserungen von PostgreSQL 17 zu sehen ist, das im September 2024 veröffentlicht wurde.“
    • +
  • „Snowflake und Microsoft sicherten sich den zweiten bzw. dritten Platz, wobei Snowflake für seine cloudbasierte Datenlagerung und Multi-Cloud-Unterstützung bekannt ist, während Microsoft über Azure SQL Database und SQL Server robuste verwaltete relationale Datenbanken anbietet.“
    • +
+

Reaktionen

+
    +
  • „PostgreSQL wurde von db-engines.com als Datenbankverwaltungssystem des Jahres 2024 ausgezeichnet, was seine wachsende Beliebtheit und Anerkennung in der Branche unterstreicht.“
    • +
  • „Benutzer ziehen in Betracht, von Microsoft SQL Server zu PostgreSQL zu wechseln, aufgrund hoher Lizenzkosten und Ressourcenbeschränkungen, trotz potenzieller Migrationsherausforderungen.“
    • +
  • „PostgreSQL wird aufgrund seiner robusten Funktionen und Kosteneffizienz bevorzugt, was es zu einer bevorzugten Wahl für zukünftige Projekte macht, obwohl einige Benutzer Alternativen wie Babelfish erkunden, um Kosten zu senken.“
    • +
+

„Googles OAuth-Login schützt nicht vor dem Kauf einer gescheiterten Startup-Domain“

+

Reaktionen

+
    +
  • „Die Diskussion hebt eine Schwachstelle im OAuth-Anmeldesystem von Google hervor, wenn die Domain eines gescheiterten Startups von einem neuen Eigentümer übernommen wird, was möglicherweise unbefugten Zugriff auf Dienste ermöglicht.“
    • +
  • „Dieses Problem tritt auf, weil Google möglicherweise nicht zwischen den ursprünglichen und den neuen Domaininhabern unterscheidet, was sich auf jedes System auswirken kann, das eine domänenbasierte Authentifizierung verwendet.“
    • +
  • „Ein vorgeschlagener Lösungsansatz besteht darin, eindeutige Kennungen zu verwenden, die im Laufe der Zeit konstant bleiben, obwohl die Umsetzung dieser Lösung bei verschiedenen Identitätsanbietern variiert.“
    • +
+

„Mit Programmierkenntnissen passives Einkommen erzielen“

+
    +
  • „Der Autor wechselte von einer CTO-Rolle zu einem Solopreneur und verdiente erfolgreich mehr durch ein Portfolio von Softwareprodukten.“
    • +
  • „Zu den wichtigsten Strategien gehören der Fokus auf tiefgehende Arbeit, der Beginn mit kleinen Projekten, schnelles Iterieren und die Widmung von Zeit für Marketingbemühungen.“
    • +
  • „Die Reise betont die Widerstandsfähigkeit angesichts von Unsicherheiten, hebt jedoch die unvergleichliche Autonomie und Freiheit dieses Karrierewegs hervor und ermutigt diejenigen mit Programmierkenntnissen, ihn für passives Einkommen in Betracht zu ziehen.“
    • +
+

Reaktionen

+
    +
  • „Ein Nutzer beschrieb, wie er passives Einkommen durch SEO-Spam-Websites mit ablaufenden Domainnamen generierte und dabei trotz ethischer Bedenken und Googles letztendlichem Durchgreifen etwa 30.000 US-Dollar jährlich verdiente.“
    • +
  • „Der Beitrag löste eine Debatte über passives Einkommen aus, wobei einige Nutzer argumentierten, dass es eher dem Betreiben eines Unternehmens ähnelt als wirklich passiven Einnahmen.“
    • +
  • „Teilnehmer teilten Erfahrungen und Herausforderungen in Nebenprojekten und hoben die Bedeutung von Zeit, Widerstandsfähigkeit und strategischer Planung hervor.“
    • +
+

„Spanien schlägt 100% Steuer auf von Nicht-EU-Bürgern gekaufte Immobilien vor“

+
    +
  • „Spanien erwägt eine 100%ige Steuer auf Immobilienkäufe durch Nicht-EU-Bürger, um die Wohnungsnot zu bekämpfen und spekulative Käufe einzudämmen.“
    • +
  • „Der Vorschlag von Premierminister Pedro Sánchez umfasst die Ausweitung des sozialen Wohnungsbaus und die Regulierung von Touristenvermietungen, um das Ungleichgewicht zwischen Wohnungspreisen und Einkommen anzugehen.“
    • +
  • „Die Zukunft des Vorschlags als Gesetz ist ungewiss, da einige Analysten ihn eher als Abschreckung für ausländische Investoren denn als garantierte gesetzliche Änderung betrachten.“
    • +
+

Reaktionen

+
    +
  • „Spanien erwägt eine 100%ige Steuer auf von Nicht-EU-Bürgern gekaufte Immobilien, um Probleme mit der Erschwinglichkeit von Wohnraum anzugehen. - Kritiker argumentieren, dass ausländische Käufer nicht die Hauptursache für hohe Immobilienpreise sind und verweisen auf langsame Bürokratie und Zonengesetze als bedeutendere Faktoren. - Der Vorschlag hat eine Debatte über die Rolle des ausländischen Eigentums auf den Wohnungsmärkten und seine Wirksamkeit bei der Lösung von Erschwinglichkeitsproblemen ausgelöst.“
    • +
+

„Apple wird bald 'Made in America'-Chips aus der TSMC-Fabrik in Arizona erhalten.“

+
    +
  • „Apple testet Prozessoren aus TSMCs Anlage in Arizona und plant die Massenproduktion bis zum ersten Quartal, was TSMC möglicherweise zum ersten US-Kunden für lokal hergestellte Chips machen könnte. - Diese Initiative zielt darauf ab, die Unabhängigkeit der USA im Bereich Silizium zu stärken und die Abhängigkeit von Taiwan zu verringern, das anfällig für geopolitische und natürliche Risiken ist. - TSMCs Fabrik in Arizona soll fortschrittliche 3nm- und 2nm-Chips produzieren, mit laufenden Bemühungen zur Verbesserung der lokalen Rekrutierung und Partnerschaften mit US-Universitäten, obwohl die Verpackung zunächst in Taiwan erfolgen wird, bis die Anlage in Peoria betriebsbereit ist.“
    • +
+

Reaktionen

+
    +
  • „Apple wird Chips aus TSMCs Werk in Arizona erhalten, aber sie müssen zum Verpacken nach Taiwan zurückgeschickt werden, da es in den USA an ausreichenden Einrichtungen mangelt. - Über 50 % der Belegschaft im Werk in Arizona stammt aus Taiwan, was auf eine Lücke im US-amerikanischen MINT-Bereich (Mathematik, Informatik, Naturwissenschaften und Technik) hinweist. - Die CHIPS-Act-Initiative, die darauf abzielt, die US-Halbleiterproduktion zu stärken, steht vor Herausforderungen, da das Label „Made in America“ aufgrund des Verpackungsprozesses in Taiwan in Frage gestellt wird, mit Plänen für US-Verpackungskapazitäten bis 2027.“
    • +
+

„43.000 weniger Fahrer auf den Straßen Manhattans, nachdem die Staugebühr aktiviert wurde“

+
    +
  • „Nach der Einführung der Staugebühr gab es einen Rückgang von 7,5 % bei den Fahrern, die unterhalb der 60. Straße nach Manhattan einfahren, was 43.000 weniger Fahrer an jedem Wochentag entspricht.“
    • +
  • „Die Verringerung des Verkehrs hat den Verkehrsfluss verbessert und die Busgeschwindigkeiten erhöht, wobei einige Expressbusse eine höhere Fahrgastzahl verzeichnen.“
    • +
  • „Die Metropolitan Transportation Authority (MTA) verwendet die Mauterlöse, die auf jährlich 500 Millionen Dollar geschätzt werden, für Verbesserungen im öffentlichen Nahverkehr, trotz einiger politischer Opposition.“
    • +
+

Reaktionen

+
    +
  • „Die Einführung der Staugebühren in Manhattan hat zu 43.000 weniger Fahrern geführt, was zu höheren Busgeschwindigkeiten und möglicherweise besseren Reaktionszeiten für Notfälle führt.“
    • +
  • „Die Richtlinie ist darauf ausgelegt, Verkehrsstaus zu reduzieren und die Luftqualität zu verbessern, obwohl sie eine Debatte über ihre Auswirkungen auf einkommensschwächere Personen ausgelöst hat.“
    • +
  • „Befürworter argumentieren, dass die Vorteile effizientere öffentliche Verkehrsmittel und sauberere Luft umfassen, während die Diskussionen darüber fortgesetzt werden, wie diese Vorteile mit den Bedürfnissen der Autofahrer in Einklang gebracht werden können.“
    • +
+ + + + + +]]> + https://hn.cho.sh/de/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

„Selbstfahrender Volvo 1993 mit Open Pilot“

-
    -
  • „Eine Gruppe von Freunden nahm an der Carbage Run 2025 Winterausgabe teil, einer 6-tägigen Rallye durch Schweden bis zum Polarkreis und zurück nach Helsinki, bei der die Autos mindestens 20 Jahre alt sein und einen Wert von unter 1000 € haben mussten.“
    • -
  • „Sie verwandelten einen Volvo 940 Estate von 1993 in ein selbstfahrendes Fahrzeug, indem sie openpilot von comma.ai verwendeten und moderne Komponenten wie eine elektrische Servolenkung, einen Bosch iBooster und einen Tesla-Radarsensor integrierten.“
    • -
  • „Zukünftige Updates werden Details zur Verkabelung, einer kundenspezifischen Motorsteuerungseinheit (ECU) und Pläne zur Open-Source-Veröffentlichung des Codes enthalten, was den innovativen Ansatz des Projekts zur Nachrüstung älterer Fahrzeuge mit autonomer Technologie hervorhebt.“
    • -
-

Reaktionen

-
    -
  • „Ein Volvo 940 aus dem Jahr 1993 wurde mit OpenPilot, einer Technologie für autonomes Fahren, nachgerüstet, was die Schnittstelle zwischen klassischem Autodesign und moderner Technik hervorhebt.“
    • -
  • „Das Projekt stieß auf Herausforderungen, darunter die Aktualisierung der Brems- und Lenksysteme, was rechtliche und sicherheitstechnische Bedenken aufwarf, insbesondere bei DIY-Modifikationen wie dem Schweißen der Lenksäule.“
    • -
  • „Die Diskussion erstreckte sich auf die Autovorschriften in Europa, den Rückgang der Hotrods in den USA und kulturelle Unterschiede in den Freiheiten der Automodifikation, wobei das Projekt trotz Sicherheitsbedenken als inspirierendes DIY-Vorhaben angesehen wurde.“
    • -
-

„VoxelSpace: Terrain-Rendering-Algorithmus in weniger als 20 Zeilen Code (2020)“

-
    -
  • „Das 1992 von NovaLogic veröffentlichte Spiel Comanche nutzte die Voxel Space-Engine, eine 2.5D-Rendering-Technik, die auf Raycasting basiert, um detaillierte Landschaften mit Schattierungen und Schatten zu erstellen.“
    • -
  • „Die Voxel Space-Engine verwendete Höhen- und Farbkarten sowie einen einfachen Rendering-Algorithmus, der vertikale Linien von hinten nach vorne zeichnete und für die Leistung optimiert werden konnte.“
    • -
  • „Der Code des Motors ist unter der MIT-Lizenz verfügbar, aber die Technologie könnte in bestimmten Regionen dennoch patentiert sein.“
    • -
-

Reaktionen

-
    -
  • „VoxelSpace ist ein Terrain-Rendering-Algorithmus, der für seine Einfachheit bekannt ist, da er weniger als 20 Zeilen Code benötigt, und Nostalgie für innovative Spieleentwicklung in hardwarebegrenzten Zeiten weckt.“
    • -
  • „Moderne AAA-Spiele konzentrieren sich auf komplexe Optimierungen und Markttrends, oft auf Kosten der Originalität, während Indie-Spiele und Plattformen wie PICO-8 mehr kreative Freiheit bieten.“
    • -
  • „Trotz technologischer Fortschritte haben einige Entwickler und Spieler das Gefühl, dass der „Zauber“ älterer Spiele fehlt, obwohl innovative Projekte wie das Voxel-Rendering weiterhin Kreativität inspirieren.“
    • -
-

„Wie man eine Umrisslinie in einem Videospiel zeichnet“

-
    -
  • „Der Artikel behandelt fünf Techniken zur Darstellung von Umrissen in Unity, einer beliebten Spieleentwicklungsplattform, und hebt deren Verwendung in Spielen wie Sable und The Last of Us hervor. - Zu den Techniken gehören Rand-Effekte, Vertex-Extrusion, verschwommener Puffer, Jump-Flood-Algorithmus und Kantenerkennung, die jeweils einzigartige Vorteile und Kompromisse in Bezug auf Leistung und visuelle Qualität bieten. - Der Artikel bietet Einblicke in die Balance dieser Methoden für optimale Spielästhetik und Gameplay-Unterstützung, mit zusätzlichen Ressourcen und Danksagungen für 3D-Modelle.“
    • -
-

Reaktionen

-
    -
  • „Der Artikel untersucht fortschrittliche Techniken zum Zeichnen von Umrissen in Videospielen und betont die Effizienz des Jump Flood Algorithmus (JFA) und der Signed Distance Fields (SDFs) gegenüber traditionellen Methoden. - Er vertieft sich in stilisierte 3D-Grafiken, diskutiert Rendering-Techniken und den potenziellen Einsatz von neuronalen Netzwerken für Beleuchtung und Stilgebung. - Die Mitwirkenden geben Einblicke in die historische Entwicklung des Cel-Shadings in Spielen, wie zum Beispiel Jet Set Radio, und heben die sich entwickelnde Schnittstelle von Technologie und Kunst in 3D-Grafiken hervor.“
    • -
-

„Ich kündige bei der Washington Post“

-

Reaktionen

-
    -
  • „Der Autor verlässt die Washington Post aufgrund ihres Versagens, sich an die sich entwickelnde Medienlandschaft anzupassen, und ihrer Herangehensweise an die Darstellung von Themen, die seiner Meinung nach für kritische Themen wie Demokratie ineffektiv ist.“
    • -
  • „Traditionelle Medien, insbesondere lokale Zeitungen, kämpfen finanziell, was zu voreingenommener Berichterstattung und einem Rückgang des öffentlichen Vertrauens führt, während soziale Medien die gründliche Arbeit des Journalismus nicht ersetzen können.“
    • -
  • „Es werden Bedenken hinsichtlich des Einflusses wohlhabender Personen wie Jeff Bezos auf Medienunternehmen und der Auswirkungen von Unternehmensinteressen auf die Rolle der Medien bei der Rechenschaftspflicht der Mächtigen geäußert.“
    • -
-

„Perplexity hat Werbung bekommen“

-

Reaktionen

-
    -
  • „Perplexity hat Werbung eingeführt, was zu Diskussionen über die Unvermeidlichkeit von Anzeigen in Online-Diensten geführt hat, da Verbraucher zögern, für werbefreie Erlebnisse zu zahlen. - Einige Nutzer empfinden Werbung als aufdringlich und bevorzugen abonnementbasierte Dienste wie Kagi, die eine werbefreie Suche bieten, während andere weiterhin kostenlose, werbefinanzierte Optionen wählen. - Diese Situation unterstreicht die anhaltende Debatte zwischen werbefinanzierten und abonnementbasierten Modellen in digitalen Diensten.“
    • -
- - - - - -]]> - https://hn.cho.sh/de/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/el.xml b/static/rss/newsletter/el.xml index dca6f80ee..74f88c60e 100644 --- a/static/rss/newsletter/el.xml +++ b/static/rss/newsletter/el.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

Ερευνητής ασφαλείας της Snyk αναπτύσσει κακόβουλα πακέτα NPM που στοχεύουν το cursor.com

+
    +
  • Ένας ερευνητής ασφαλείας της Snyk κυκλοφόρησε κακόβουλα πακέτα NPM που στοχεύουν την Cursor.com, μια εταιρεία κωδικοποίησης AI, για να συλλέξει δεδομένα συστήματος και να τα στείλει σε μια υπηρεσία που ελέγχεται από επιτιθέμενο.
    • +
  • Τα πακέτα, που αναγνωρίστηκαν ως "cursor-retrieval," "cursor-always-local," και "cursor-shadow-workspace," επισημάνθηκαν από τον σαρωτή ανάλυσης πακέτων OpenSSF, με αποτέλεσμα τις συμβουλές MAL-2025-27, MAL-2025-28, και MAL-2025-29.
    • +
  • Αυτό το περιστατικό υπογραμμίζει τη σημασία της προσεκτικής εξέτασης των πακέτων NPM πριν από την εγκατάσταση για την αποφυγή πιθανών απειλών ασφαλείας.
    • +
+

Αντιδράσεις

+
    +
  • Ένας ερευνητής ασφαλείας της Snyk κυκλοφόρησε κακόβουλα πακέτα NPM (Node Package Manager) που στοχεύουν το cursor.com, επισημαίνοντας ευπάθειες σύγχυσης εξαρτήσεων. - Το περιστατικό έχει προκαλέσει συζήτηση σχετικά με την ηθική της έρευνας ασφαλείας, ιδιαίτερα όσον αφορά τη δημόσια έκθεση μεταβλητών περιβάλλοντος. - Το Cursor.com διευκρίνισε ότι δεν εξουσιοδότησε την ενέργεια, και η Snyk έχει έκτοτε ζητήσει συγγνώμη, υπογραμμίζοντας τις προκλήσεις στην εξισορρόπηση της επιθετικής έρευνας ασφαλείας με τα ηθικά πρότυπα.
    • +
+

Άλλαξα σε Firefox και δεν κοίταξα ποτέ πίσω

+
    +
  • Ο Firefox επαινείται για την ανώτερη διαχείριση καρτελών, τη λειτουργία Pocket για αποθήκευση συνδέσμων και την εστιασμένη στην ιδιωτικότητα υπηρεσία αναμετάδοσης email, καθιστώντας τον μια ισχυρή εναλλακτική λύση στο Chrome. - Πρόσθετα χαρακτηριστικά όπως το φιλικό προς τον χρήστη εργαλείο λήψης στιγμιότυπων, το κουμπί ChatGPT, η λειτουργία Picture-in-Picture, οι προσαρμόσιμες επιλογές αναζήτησης και η ομαλή κύλιση βελτιώνουν την εμπειρία περιήγησης. - Αν και ο Firefox στερείται της δυνατότητας web app του Chrome, ο προσεκτικός σχεδιασμός του και οι μειωμένες απαιτήσεις πόρων τον καθιστούν προτιμώμενη επιλογή για ορισμένους χρήστες.
    • +
+

Αντιδράσεις

+
    +
  • Οι χρήστες του Firefox αντιμετωπίζουν προκλήσεις από πλατφόρμες όπως το YouTube, οι οποίες μπορεί να υποβαθμίζουν σκόπιμα την εμπειρία για μη-Google περιηγητές ή χρήστες που χρησιμοποιούν adblockers. - Αυτή η τάση εγείρει ανησυχίες σχετικά με την αυτονομία των χρηστών, καθώς τιμωρεί εκείνους που επιλέγουν μια εμπειρία διαδικτύου χωρίς διαφημίσεις και παρακολούθηση. - Ο Firefox προσφέρει μοναδικά χαρακτηριστικά, όπως οι καρτέλες κοντέινερ, που ενισχύουν την ιδιωτικότητα και τη χρηστικότητα, καθιστώντας τον μια προτιμώμενη επιλογή για χρήστες που αναζητούν ανεξαρτησία από περιηγητές που ελέγχονται από μεγάλες εταιρείες.
    • +
+

Ο Διευθύνων Σύμβουλος της Sonos παραιτείται μετά από το φιάσκο της ενημέρωσης της εφαρμογής

+

Αντιδράσεις

+
    +
  • Ο διευθύνων σύμβουλος της Sonos παραιτήθηκε μετά από μια αμφιλεγόμενη ενημέρωση εφαρμογής που απαιτούσε από τους χρήστες να αντικαταστήσουν ακριβά ηχοσυστήματα, προκαλώντας δυσαρέσκεια στους πελάτες. - Η ενημέρωση εισήγαγε ένα σύστημα βασισμένο στο cloud, απομακρυνόμενο από το αξιόπιστο Universal Plug and Play (UPnP), το οποίο οδήγησε σε προβλήματα συνδεσιμότητας και αυξημένη πολυπλοκότητα. - Αυτή η κατάσταση υπογραμμίζει τη σύγκρουση μεταξύ επιχειρηματικών στρατηγικών και διατήρησης της εμπιστοσύνης των πελατών, καθώς ο διευθύνων σύμβουλος μεταβαίνει σε συμβουλευτικό ρόλο με ένα πακέτο αποζημίωσης.
    • +
+

Στην κοιλιά του MrBeast

+

Αντιδράσεις

+
    +
  • Το δοκίμιο εξετάζει πώς ο αλγόριθμος του YouTube επηρεάζει τη δημιουργία περιεχομένου, χρησιμοποιώντας τον MrBeast ως μελέτη περίπτωσης, υπογραμμίζοντας μια μετατόπιση προς το περιεχόμενο που βασίζεται στην αλληλεπίδραση παρά στο ουσιαστικό περιεχόμενο. - Συζητά τις ευρύτερες επιπτώσεις για την παιδεία στα μέσα και τον πολιτιστικό αντίκτυπο πλατφορμών όπως το YouTube και το TikTok, προτείνοντας μια τάση προς επιφανειακό και αντιδραστικό περιεχόμενο. - Εξετάζονται διάφορες προοπτικές για τον ρόλο των αλγορίθμων στη διαμόρφωση περιεχομένου και την επιρροή των δημοφιλών δημιουργών στους πολιτιστικούς κανόνες.
    • +
+

Οι λειτουργίες Git στο GitHub είναι εκτός λειτουργίας

+
    +
  • Η GitHub αντιμετώπισε διακοπή λειτουργίας των Git operations στις 13 Ιανουαρίου 2025, λόγω αλλαγής διαμόρφωσης που επηρέασε τον εσωτερικό εξισορροπιστή φορτίου, διαρκώντας από τις 23:35 έως τις 00:24 UTC. - Το πρόβλημα επιλύθηκε με την επαναφορά της αλλαγής διαμόρφωσης, και η GitHub εργάζεται για τη βελτίωση των διαδικασιών παρακολούθησης και ανάπτυξης για την αποτροπή παρόμοιων περιστατικών. - Η διακοπή επηρέασε επίσης τις υπηρεσίες Actions και Pages της GitHub, υπογραμμίζοντας τη διασυνδεδεμένη φύση των υπηρεσιών της πλατφόρμας τους.
    • +
+

Αντιδράσεις

+
    +
  • Το GitHub αντιμετώπισε μια σημαντική διακοπή που επηρέασε τις λειτουργίες git, προκαλώντας σύγχυση μεταξύ των προγραμματιστών που αρχικά υποψιάστηκαν προβλήματα με τα SSH κλειδιά τους ή τις τοπικές ρυθμίσεις τους. - Το περιστατικό υπογράμμισε τις προκλήσεις της εξάρτησης από κεντρικές υπηρεσίες, προκαλώντας συζητήσεις για τα πλεονεκτήματα της αυτο-φιλοξενίας και των αποκεντρωμένων συστημάτων. - Αν και το πρόβλημα επιλύθηκε, ανέδειξε ανησυχίες σχετικά με την αξιοπιστία του GitHub και τους κινδύνους της εξάρτησης από πλατφόρμες τρίτων για βασικές εργασίες.
    • +
+

Κυκλοφόρησε το ZFS 2.3 με επέκταση ZFS raidz

+
    +
  • Η έκδοση OpenZFS 2.3.0 έχει κυκλοφορήσει, εισάγοντας σημαντικά χαρακτηριστικά όπως την επέκταση RAIDZ, την ταχεία αποαναπαραγωγή, την άμεση είσοδο/έξοδο, την έξοδο JSON και την υποστήριξη για μακρά ονόματα αρχείων. - Η έκδοση περιλαμβάνει βασικές διορθώσεις σφαλμάτων και βελτιώσεις απόδοσης, συμβατή με πυρήνες Linux 4.18 - 6.12 και εκδόσεις FreeBSD 13.3, 14.0 - 14.2. - Η ενημέρωση είναι αποτέλεσμα συνεργασίας 134 συνεισφερόντων, με πλήρη τεκμηρίωση και αρχείο αλλαγών διαθέσιμα για ανασκόπηση.
    • +
+

Αντιδράσεις

+
    +
  • Η έκδοση ZFS 2.3 έχει κυκλοφορήσει, εισάγοντας χαρακτηριστικά όπως η επέκταση RAIDZ, η γρήγορη αποαναπαραγωγή, το άμεσο IO, η έξοδος JSON και η υποστήριξη για μακριά ονόματα αρχείων. - Η επέκταση RAIDZ είναι ιδιαίτερα αξιοσημείωτη καθώς επιτρέπει στους χρήστες να προσθέτουν νέες συσκευές σε μια υπάρχουσα δεξαμενή RAIDZ χωρίς διακοπή λειτουργίας, ενισχύοντας τη χωρητικότητα αποθήκευσης. - Η κυκλοφορία θεωρείται σημαντική πρόοδος για τους χρήστες του ZFS, συγκρινόμενη με άλλα συστήματα αρχείων όπως το Btrfs και το Windows Storage Spaces, παρά κάποιους περιορισμούς όπως η αδυναμία συρρίκνωσης δεξαμενών.
    • +
+

Webtop – Κοντέινερ Alpine, Ubuntu, Fedora και Arch που περιέχουν πλήρη περιβάλλοντα επιφάνειας εργασίας

+
    +
  • Το Linuxserver/webtop παρέχει κοντέινερ βασισμένα σε Alpine, Ubuntu, Fedora και Arch με πλήρη περιβάλλοντα επιφάνειας εργασίας προσβάσιμα μέσω προγραμμάτων περιήγησης ιστού, υποστηρίζοντας τόσο τις αρχιτεκτονικές x86-64 όσο και arm64.
    • +
  • Οι χρήστες μπορούν να επιλέξουν από διάφορα περιβάλλοντα επιφάνειας εργασίας όπως τα XFCE, KDE, MATE, i3, Openbox και IceWM χρησιμοποιώντας συγκεκριμένες ετικέτες εικόνας, και να έχουν πρόσβαση στο Webtop μέσω καθορισμένων URLs.
    • +
  • Τα χαρακτηριστικά ασφαλείας περιλαμβάνουν την επιλογή seccomp του Docker και τη ρύθμιση αυθεντικοποίησης, με διαθέσιμες επιλογές προσαρμογής μέσω μεταβλητών περιβάλλοντος, καθώς και υποστήριξη για επιτάχυνση GPU με ανοιχτού κώδικα οδηγούς.
    • +
+

Αντιδράσεις

+
    +
  • Το Webtop παρέχει κοντέινερ με πλήρη περιβάλλοντα επιφάνειας εργασίας για Alpine, Ubuntu, Fedora και Arch, κατάλληλα για γρήγορες ρυθμίσεις πίσω από ένα VPN.
    • +
  • Οι χρήστες επαινούν το Webtop για την ταχύτητα και την ευκολία χρήσης του, ιδιαίτερα όταν χρησιμοποιείται με το κοντέινερ Gluetun για ασφαλείς συνδέσεις, αλλά προειδοποιούν κατά της έκθεσης των κοντέινερ στο διαδίκτυο χωρίς μέτρα ασφαλείας λόγω έλλειψης προεπιλεγμένης αυθεντικοποίησης.
    • +
  • Το έργο εκτιμάται για το ότι είναι ανοιχτού κώδικα και ευέλικτο, με τους χρήστες να μοιράζονται διαμορφώσεις, ενώ εναλλακτικές όπως το Kasm και το Selkies σημειώνονται για παρόμοιους σκοπούς.
    • +
+

1 στις 5 διαδικτυακές αγγελίες εργασίας είναι είτε ψεύτικες είτε δεν καλύπτονται ποτέ, σύμφωνα με μελέτη.

+
    +
  • Μια πρόσφατη μελέτη δείχνει ότι το 20% των διαδικτυακών αγγελιών εργασίας είναι είτε ψεύτικες είτε παραμένουν κενές, προσθέτοντας στην απογοήτευση των αναζητούντων εργασία. - Αυτή η τάση των "φανταστικών θέσεων εργασίας" μπορεί να είναι μια τακτική για τις εταιρείες να προβάλλουν μια εικόνα ανάπτυξης. - Πλατφόρμες εργασίας όπως το Greenhouse και το LinkedIn έχουν εισαγάγει υπηρεσίες επαλήθευσης θέσεων εργασίας για να βοηθήσουν τους χρήστες να εντοπίζουν αυθεντικές ευκαιρίες εργασίας.
    • +
+

Αντιδράσεις

+
    +
  • Μια μελέτη αποκαλύπτει ότι το 20% των διαδικτυακών αγγελιών εργασίας είναι είτε ψεύτικες είτε παραμένουν κενές, συχνά λόγω της ανάγκης των εταιρειών να συμμορφωθούν με τις πολιτικές μετανάστευσης των ΗΠΑ. - Οι εταιρείες μπορεί επίσης να αφήνουν τις αγγελίες εργασίας ανοιχτές για να βρουν ιδανικούς υποψηφίους, να αλλάξουν απαιτήσεις ή να έχουν προεπιλεγμένους εσωτερικούς υποψηφίους. - Η αγορά εργασίας είναι δύσκολη για τους αιτούντες, οι οποίοι συχνά αντιμετωπίζουν την αδιαφορία και τις αυτοματοποιημένες απορρίψεις, προκαλώντας εκκλήσεις για ρυθμιστική παρέμβαση.
    • +
+

Κάνοντας μια διασταύρωση επικίνδυνη για τους πεζούς για να εξοικονομηθούν δευτερόλεπτα για τους οδηγούς

+

Αντιδράσεις

+
    +
  • Η συζήτηση επικεντρώνεται στο αν οι διασταυρώσεις πρέπει να δίνουν προτεραιότητα στην ασφάλεια των πεζών ή στην αποδοτικότητα των οδηγών, με κάποιους να προτιμούν τις διασταυρώσεις με φανάρια και τις διαβάσεις πεζών έναντι των διασταυρώσεων με στάση σε όλες τις κατευθύνσεις.
    • +
  • Οι απόψεις ποικίλλουν σχετικά με τους νόμους κυκλοφορίας και τον σχεδιασμό υποδομών, με συζητήσεις για την ασφάλεια της παράνομης διάβασης πεζών και τους κινδύνους που συνδέονται με τις δεξιές στροφές με κόκκινο.
    • +
  • Μερικοί υποστηρίζουν εναλλακτικές λύσεις όπως οι κυκλικοί κόμβοι ή η υιοθέτηση των ολλανδικών προτύπων μηχανικής κυκλοφορίας για την ενίσχυση τόσο της ασφάλειας όσο και της αποδοτικότητας.
    • +
+

Το PostgreSQL είναι το Σύστημα Διαχείρισης Βάσεων Δεδομένων της Χρονιάς 2024

+
    +
  • Η PostgreSQL έχει βραβευτεί ως το DBMS της Χρονιάς 2024 από την DB-Engines, επιτυγχάνοντας αυτή την αναγνώριση για πέμπτη φορά, ξεπερνώντας 423 άλλα συστήματα διαχείρισης βάσεων δεδομένων.
    • +
  • Το PostgreSQL, με ιστορία που εκτείνεται σχεδόν 35 χρόνια, συνεχίζει να καινοτομεί, όπως φαίνεται στις πρόσφατες βελτιώσεις του PostgreSQL 17, που κυκλοφόρησε τον Σεπτέμβριο του 2024.
    • +
  • Η Snowflake και η Microsoft κατέλαβαν τη δεύτερη και τρίτη θέση, αντίστοιχα, με τη Snowflake να σημειώνεται για την αποθήκευση δεδομένων στο cloud και την υποστήριξη πολλαπλών cloud, ενώ η Microsoft προσφέρει ισχυρές διαχειριζόμενες σχεσιακές βάσεις δεδομένων μέσω του Azure SQL Database και του SQL Server.
    • +
+

Αντιδράσεις

+
    +
  • Η PostgreSQL έχει βραβευτεί ως το Σύστημα Διαχείρισης Βάσεων Δεδομένων της Χρονιάς 2024 από το db-engines.com, υπογραμμίζοντας την αυξανόμενη δημοτικότητά της και την αναγνώρισή της στη βιομηχανία.
    • +
  • Οι χρήστες σκέφτονται να μεταβούν από το Microsoft SQL Server στο PostgreSQL λόγω των υψηλών κόστους αδειοδότησης και των περιορισμών πόρων, παρά τις πιθανές προκλήσεις της μετανάστευσης.
    • +
  • Το PostgreSQL προτιμάται για τα ισχυρά χαρακτηριστικά του και την οικονομική του αποδοτικότητα, καθιστώντας το μια προτιμώμενη επιλογή για μελλοντικά έργα, αν και ορισμένοι χρήστες εξερευνούν εναλλακτικές λύσεις όπως το Babelfish για να μειώσουν το κόστος.
    • +
+

Η σύνδεση μέσω OAuth της Google δεν προστατεύει από την αγορά ενός domain αποτυχημένης startup.

+

Αντιδράσεις

+
    +
  • Η συζήτηση αναδεικνύει μια ευπάθεια στο σύστημα σύνδεσης OAuth της Google όταν το domain μιας αποτυχημένης startup αποκτάται από νέο ιδιοκτήτη, επιτρέποντας ενδεχομένως μη εξουσιοδοτημένη πρόσβαση σε υπηρεσίες.
    • +
  • Αυτό το ζήτημα προκύπτει επειδή η Google μπορεί να μην διακρίνει μεταξύ των αρχικών και των νέων ιδιοκτητών του τομέα, επηρεάζοντας οποιοδήποτε σύστημα που χρησιμοποιεί αυθεντικοποίηση βάσει τομέα.
    • +
  • Μια προτεινόμενη λύση είναι η χρήση μοναδικών αναγνωριστικών που παραμένουν σταθερά με την πάροδο του χρόνου, αν και η εφαρμογή αυτής της λύσης διαφέρει μεταξύ των παρόχων ταυτότητας.
    • +
+

Χρησιμοποιώντας δεξιότητες προγραμματισμού για να δημιουργήσετε παθητικό εισόδημα

+
    +
  • Ο συγγραφέας μεταπήδησε από τη θέση του CTO σε έναν ρόλο solopreneur, κερδίζοντας επιτυχώς περισσότερα μέσω ενός χαρτοφυλακίου λογισμικών προϊόντων.
    • +
  • Οι βασικές στρατηγικές περιλαμβάνουν την εστίαση σε βαθιά εργασία, την έναρξη με μικρά έργα, την ταχεία επανάληψη και την αφιέρωση χρόνου στις προσπάθειες μάρκετινγκ.
    • +
  • Το ταξίδι δίνει έμφαση στην ανθεκτικότητα λόγω των αβεβαιοτήτων, αλλά υπογραμμίζει την απαράμιλλη αυτονομία και ελευθερία αυτής της επαγγελματικής πορείας, ενθαρρύνοντας όσους έχουν δεξιότητες προγραμματισμού να τη σκεφτούν για παθητικό εισόδημα.
    • +
+

Αντιδράσεις

+
    +
  • Ένας χρήστης περιέγραψε τη δημιουργία παθητικού εισοδήματος μέσω ιστοσελίδων SEO spam χρησιμοποιώντας ληγμένα ονόματα τομέων, κερδίζοντας περίπου $30k ετησίως, παρά τις ηθικές ανησυχίες και την τελική καταστολή από την Google.
    • +
  • Η ανάρτηση προκάλεσε μια συζήτηση σχετικά με το παθητικό εισόδημα, με ορισμένους χρήστες να υποστηρίζουν ότι μοιάζει περισσότερο με τη λειτουργία μιας επιχείρησης παρά με πραγματικά παθητικά κέρδη.
    • +
  • Οι συμμετέχοντες μοιράστηκαν εμπειρίες και προκλήσεις σε παράπλευρα έργα, υπογραμμίζοντας τη σημασία του χρόνου, της ανθεκτικότητας και του στρατηγικού σχεδιασμού.
    • +
+

Η Ισπανία προτείνει φόρο 100% στα σπίτια που αγοράζονται από κατοίκους εκτός ΕΕ

+
    +
  • Η Ισπανία εξετάζει την επιβολή φόρου 100% στις αγορές ακινήτων από κατοίκους εκτός ΕΕ, με στόχο την αντιμετώπιση της στεγαστικής κρίσης και τον περιορισμό των κερδοσκοπικών αγορών.
    • +
  • Η πρόταση του Πρωθυπουργού Πέδρο Σάντσεθ περιλαμβάνει την επέκταση της κοινωνικής στέγασης και τη ρύθμιση των τουριστικών ενοικιάσεων για την αντιμετώπιση της ανισότητας μεταξύ των τιμών των κατοικιών και των εισοδημάτων.
    • +
  • Το μέλλον της πρότασης ως νόμος είναι αβέβαιο, με ορισμένους αναλυτές να τη θεωρούν ως αποτρεπτικό παράγοντα για ξένους επενδυτές παρά ως εγγυημένη νομοθετική αλλαγή.
    • +
+

Αντιδράσεις

+
    +
  • Η Ισπανία εξετάζει την επιβολή φόρου 100% στα σπίτια που αγοράζονται από κατοίκους εκτός ΕΕ για να αντιμετωπίσει τα προβλήματα προσιτότητας στέγασης. - Οι επικριτές υποστηρίζουν ότι οι ξένοι αγοραστές δεν είναι η κύρια αιτία των υψηλών τιμών κατοικιών, αναφέροντας τη βραδεία γραφειοκρατία και τους νόμους ζωνοποίησης ως πιο σημαντικούς παράγοντες. - Η πρόταση έχει προκαλέσει συζήτηση σχετικά με το ρόλο της ξένης ιδιοκτησίας στις αγορές κατοικίας και την αποτελεσματικότητά της στην επίλυση ζητημάτων προσιτότητας.
    • +
+

Η Apple σύντομα θα παραλάβει τσιπ 'κατασκευασμένα στην Αμερική' από το εργοστάσιο της TSMC στην Αριζόνα.

+
    +
  • Η Apple δοκιμάζει επεξεργαστές από την εγκατάσταση της TSMC στην Αριζόνα, με σχέδια για μαζική παραγωγή μέχρι το πρώτο τρίμηνο, ενδεχομένως να γίνει ο πρώτος πελάτης της TSMC στις Η.Π.Α. για τοπικά κατασκευασμένα τσιπ. - Αυτή η πρωτοβουλία στοχεύει στην ενίσχυση της ανεξαρτησίας των Η.Π.Α. στον τομέα του πυριτίου, μειώνοντας την εξάρτηση από την Ταϊβάν, η οποία είναι ευάλωτη σε γεωπολιτικούς και φυσικούς κινδύνους. - Το εργοστάσιο της TSMC στην Αριζόνα πρόκειται να παράγει προηγμένα τσιπ 3nm και 2nm, με συνεχιζόμενες προσπάθειες για ενίσχυση της τοπικής πρόσληψης και συνεργασίες με πανεπιστήμια των Η.Π.Α., αν και η συσκευασία θα πραγματοποιείται αρχικά στην Ταϊβάν μέχρι να λειτουργήσει η εγκατάσταση στην Peoria.
    • +
+

Αντιδράσεις

+
    +
  • Η Apple θα παραλάβει τσιπ από το εργοστάσιο της TSMC στην Αριζόνα, αλλά πρέπει να σταλούν πίσω στην Ταϊβάν για συσκευασία λόγω ανεπαρκών εγκαταστάσεων στις Η.Π.Α. - Πάνω από το 50% του εργατικού δυναμικού στο εργοστάσιο της Αριζόνα προέρχεται από την Ταϊβάν, υποδεικνύοντας ένα κενό στον τομέα STEM (Επιστήμη, Τεχνολογία, Μηχανική και Μαθηματικά) στις Η.Π.Α. - Η πρωτοβουλία του νόμου CHIPS, που στοχεύει στην ενίσχυση της κατασκευής ημιαγωγών στις Η.Π.Α., αντιμετωπίζει προκλήσεις καθώς η ετικέτα "Κατασκευασμένο στην Αμερική" αμφισβητείται λόγω της διαδικασίας συσκευασίας που πραγματοποιείται στην Ταϊβάν, με σχέδια για δυνατότητες συσκευασίας στις Η.Π.Α. μέχρι το 2027.
    • +
+

43.000 λιγότεροι οδηγοί στους δρόμους του Μανχάταν μετά την ενεργοποίηση της χρέωσης συμφόρησης

+
    +
  • Μετά την εφαρμογή της τιμολόγησης συμφόρησης, υπήρξε μείωση κατά 7,5% των οδηγών που εισέρχονται στο Μανχάταν κάτω από την 60η Οδό, που ισοδυναμεί με 43.000 λιγότερους οδηγούς κάθε καθημερινή.
    • +
  • Η μείωση της κυκλοφορίας έχει βελτιώσει τη ροή της κυκλοφορίας και αυξήσει τις ταχύτητες των λεωφορείων, με ορισμένα λεωφορεία express να παρουσιάζουν αυξημένη επιβατική κίνηση.
    • +
  • Η Μητροπολιτική Αρχή Μεταφορών (MTA) χρησιμοποιεί τα έσοδα από τα διόδια, που εκτιμώνται σε 500 εκατομμύρια δολάρια ετησίως, για βελτιώσεις στις μεταφορές, παρά την πολιτική αντίθεση.
    • +
+

Αντιδράσεις

+
    +
  • Η εφαρμογή της τιμολόγησης συμφόρησης στο Μανχάταν έχει οδηγήσει σε 43.000 λιγότερους οδηγούς, με αποτέλεσμα την αύξηση των ταχυτήτων των λεωφορείων και πιθανώς καλύτερους χρόνους απόκρισης έκτακτης ανάγκης.
    • +
  • Η πολιτική έχει σχεδιαστεί για να μειώσει τη συμφόρηση της κυκλοφορίας και να βελτιώσει την ποιότητα του αέρα, αν και έχει προκαλέσει συζήτηση σχετικά με την επίδρασή της στα άτομα με χαμηλότερο εισόδημα.
    • +
  • Οι υποστηρικτές υποστηρίζουν ότι τα οφέλη περιλαμβάνουν πιο αποδοτικές δημόσιες συγκοινωνίες και καθαρότερο αέρα, ενώ οι συζητήσεις συνεχίζονται για την εξισορρόπηση αυτών των πλεονεκτημάτων με τις ανάγκες των οδηγών.
    • +
+ + + + + +]]> + https://hn.cho.sh/el/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Αυτοοδηγούμενο Volvo του 1993 με ανοιχτό πιλότο

-
    -
  • Μια ομάδα φίλων συμμετείχε στην Χειμερινή έκδοση του Carbage Run 2025, έναν 6ήμερο αγώνα ράλι μέσω της Σουηδίας προς τον πολικό κύκλο και πίσω στο Ελσίνκι, απαιτώντας τα αυτοκίνητα να είναι τουλάχιστον 20 ετών και να έχουν αξία κάτω από €1000.
    • -
  • Μετέτρεψαν ένα Volvo 940 Estate του 1993 σε αυτοκινούμενο όχημα χρησιμοποιώντας το openpilot από την comma.ai, ενσωματώνοντας σύγχρονα εξαρτήματα όπως ηλεκτρικό τιμόνι, ένα Bosch iBooster και έναν αισθητήρα ραντάρ από Tesla.
    • -
  • Οι μελλοντικές ενημερώσεις θα περιλαμβάνουν λεπτομέρειες για την καλωδίωση, μια προσαρμοσμένη Μονάδα Ελέγχου Κινητήρα (ECU) και σχέδια για την ανοιχτή διάθεση του κώδικα, υπογραμμίζοντας την καινοτόμο προσέγγιση του έργου για την αναβάθμιση παλαιότερων οχημάτων με αυτόνομη τεχνολογία.
    • -
-

Αντιδράσεις

-
    -
  • Ένα Volvo 940 του 1993 εξοπλίστηκε με OpenPilot, μια τεχνολογία αυτόνομης οδήγησης, αναδεικνύοντας τη διασταύρωση του κλασικού σχεδιασμού αυτοκινήτων με τη σύγχρονη τεχνολογία.
    • -
  • Το έργο αντιμετώπισε προκλήσεις, συμπεριλαμβανομένης της ενημέρωσης των συστημάτων φρένων και διεύθυνσης, εγείροντας νομικές και θέματα ασφάλειας, ιδιαίτερα με τροποποιήσεις DIY όπως η συγκόλληση της κολώνας διεύθυνσης.
    • -
  • Η συζήτηση επεκτάθηκε στους κανονισμούς αυτοκινήτων στην Ευρώπη, την πτώση των hotrods στις ΗΠΑ και τις πολιτισμικές διαφορές στις ελευθερίες τροποποίησης αυτοκινήτων, με το έργο να θεωρείται ως μια εμπνευσμένη προσπάθεια DIY παρά τις ανησυχίες για την ασφάλεια.
    • -
-

VoxelSpace: Αλγόριθμος απόδοσης εδάφους σε λιγότερες από 20 γραμμές κώδικα (2020)

-
    -
  • Το παιχνίδι Comanche της NovaLogic το 1992 χρησιμοποίησε τη μηχανή Voxel Space, μια τεχνική απόδοσης 2.5D βασισμένη στο ray casting, για να δημιουργήσει λεπτομερείς τοπογραφίες με σκίαση και σκιές.
    • -
  • Η μηχανή Voxel Space χρησιμοποιούσε χάρτες ύψους και χρώματος και έναν απλό αλγόριθμο απόδοσης, σχεδιάζοντας κάθετες γραμμές από πίσω προς τα εμπρός, που μπορούσαν να βελτιστοποιηθούν για απόδοση.
    • -
  • Ο κώδικας της μηχανής είναι διαθέσιμος υπό την άδεια MIT, αλλά η τεχνολογία μπορεί να είναι ακόμα κατοχυρωμένη με δίπλωμα ευρεσιτεχνίας σε ορισμένες περιοχές.
    • -
-

Αντιδράσεις

-
    -
  • Το VoxelSpace είναι ένας αλγόριθμος απόδοσης εδάφους που ξεχωρίζει για την απλότητά του, απαιτώντας λιγότερες από 20 γραμμές κώδικα, και προκαλεί νοσταλγία για την καινοτόμο ανάπτυξη παιχνιδιών κατά τις εποχές με περιορισμούς στο υλικό.
    • -
  • Τα σύγχρονα παιχνίδια AAA επικεντρώνονται σε πολύπλοκες βελτιστοποιήσεις και τάσεις της αγοράς, συχνά εις βάρος της πρωτοτυπίας, ενώ τα ανεξάρτητα παιχνίδια και πλατφόρμες όπως το PICO-8 παρέχουν περισσότερη δημιουργική ελευθερία.
    • -
  • Παρά τις τεχνολογικές εξελίξεις, κάποιοι προγραμματιστές και παίκτες αισθάνονται ότι η "μαγεία" των παλαιότερων παιχνιδιών λείπει, αν και καινοτόμα έργα όπως η απόδοση voxel συνεχίζουν να εμπνέουν δημιουργικότητα.
    • -
-

Πώς να σχεδιάσετε ένα περίγραμμα σε ένα βιντεοπαιχνίδι

-
    -
  • Το άρθρο συζητά πέντε τεχνικές για την απόδοση περιγραμμάτων στο Unity, μια δημοφιλή πλατφόρμα ανάπτυξης παιχνιδιών, επισημαίνοντας τη χρήση τους σε παιχνίδια όπως το Sable και το The Last of Us. - Οι τεχνικές περιλαμβάνουν Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm και Edge Detection, καθεμία με μοναδικά πλεονεκτήματα και συμβιβασμούς όσον αφορά την απόδοση και την οπτική ποιότητα. - Το άρθρο παρέχει πληροφορίες για την εξισορρόπηση αυτών των μεθόδων για βέλτιστη αισθητική παιχνιδιού και υποστήριξη παιχνιδιού, με επιπλέον πόρους και πιστώσεις για 3D μοντέλα που περιλαμβάνονται.
    • -
-

Αντιδράσεις

-
    -
  • Το άρθρο εξερευνά προηγμένες τεχνικές για τη σχεδίαση περιγραμμάτων σε βιντεοπαιχνίδια, δίνοντας έμφαση στην αποδοτικότητα του Αλγορίθμου Άλματος Πλημμύρας (JFA) και των Υπογεγραμμένων Πεδίων Απόστασης (SDFs) σε σχέση με τις παραδοσιακές μεθόδους. - Εμβαθύνει στα στυλιζαρισμένα 3D γραφικά, συζητώντας τεχνικές απόδοσης και τη δυνητική χρήση νευρωνικών δικτύων για φωτισμό και στυλιζάρισμα. - Οι συνεισφέροντες παρέχουν πληροφορίες για την ιστορική ανάπτυξη του cel shading στα παιχνίδια, όπως το Jet Set Radio, υπογραμμίζοντας τη συνεχώς εξελισσόμενη διασταύρωση της τεχνολογίας και της τέχνης στα 3D γραφικά.
    • -
-

Παρατάω την Washington Post

-

Αντιδράσεις

-
    -
  • Ο συγγραφέας αποχωρεί από την Washington Post λόγω της αποτυχίας της να προσαρμοστεί στο εξελισσόμενο τοπίο των μέσων ενημέρωσης και της προσέγγισής της στην παρουσίαση θεμάτων, την οποία θεωρεί αναποτελεσματική για κρίσιμα ζητήματα όπως η δημοκρατία.
    • -
  • Τα παραδοσιακά μέσα ενημέρωσης, ιδιαίτερα οι τοπικές εφημερίδες, αντιμετωπίζουν οικονομικές δυσκολίες, οδηγώντας σε μεροληπτική αναφορά και μείωση της εμπιστοσύνης του κοινού, ενώ τα μέσα κοινωνικής δικτύωσης δεν μπορούν να αντικαταστήσουν την αυστηρή εργασία της δημοσιογραφίας.
    • -
  • Εγείρονται ανησυχίες σχετικά με την επιρροή πλούσιων ατόμων, όπως ο Jeff Bezos, στα μέσα ενημέρωσης, και τον αντίκτυπο των εταιρικών συμφερόντων στον ρόλο των μέσων ενημέρωσης να λογοδοτούν την εξουσία.
    • -
-

Η Perplexity απέκτησε διαφημίσεις

-

Αντιδράσεις

-
    -
  • Η Perplexity έχει εισαγάγει διαφημίσεις, οδηγώντας σε συζητήσεις για την αναπόφευκτη παρουσία διαφημίσεων στις διαδικτυακές υπηρεσίες λόγω της απροθυμίας των καταναλωτών να πληρώσουν για εμπειρίες χωρίς διαφημίσεις. - Ορισμένοι χρήστες θεωρούν τις διαφημίσεις ενοχλητικές και προτιμούν υπηρεσίες με συνδρομή όπως το Kagi, που προσφέρουν αναζήτηση χωρίς διαφημίσεις, ενώ άλλοι συνεχίζουν να επιλέγουν δωρεάν επιλογές που υποστηρίζονται από διαφημίσεις. - Αυτή η κατάσταση υπογραμμίζει τη συνεχιζόμενη συζήτηση μεταξύ μοντέλων που υποστηρίζονται από διαφημίσεις και αυτών που βασίζονται σε συνδρομές στις ψηφιακές υπηρεσίες.
    • -
- - - - - -]]> - https://hn.cho.sh/el/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/en.xml b/static/rss/newsletter/en.xml index 25c9a0ba8..a37601114 100644 --- a/static/rss/newsletter/en.xml +++ b/static/rss/newsletter/en.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

Snyk security researcher deploys malicious NPM packages targeting cursor.com

+
    +
  • A Snyk security researcher released malicious NPM packages targeting Cursor.com, an AI coding company, to collect system data and send it to an attacker-controlled service.
    • +
  • The packages, identified as "cursor-retrieval," "cursor-always-local," and "cursor-shadow-workspace," were flagged by the OpenSSF package analysis scanner, resulting in advisories MAL-2025-27, MAL-2025-28, and MAL-2025-29.
    • +
  • This incident highlights the importance of scrutinizing NPM packages before installation to avoid potential security threats.
    • +
+

Reactions

+
    +
  • A Snyk security researcher released malicious NPM (Node Package Manager) packages aimed at cursor.com, highlighting dependency confusion vulnerabilities. - The incident has sparked a debate on the ethics of security research, particularly regarding the public exposure of environment variables. - Cursor.com clarified they did not authorize the action, and Snyk has since apologized, underscoring the challenges in balancing offensive security research with ethical standards.
    • +
+

I Switched to Firefox and Never Looked Back

+
    +
  • Firefox is praised for its superior tab management, built-in Pocket feature for saving links, and a privacy-focused email relay, making it a strong alternative to Chrome. - Additional features like a user-friendly screenshot tool, a ChatGPT button, Picture-in-Picture, customizable search options, and smooth scrolling enhance the browsing experience. - Although Firefox lacks Chrome's web app feature, its thoughtful design and reduced resource demands make it a preferred choice for some users.
    • +
+

Reactions

+
    +
  • Firefox users face challenges from platforms like YouTube, which may intentionally degrade the experience for non-Google browsers or users employing adblockers. - This trend raises concerns about user autonomy, as it penalizes those opting for an ad-free and surveillance-free web experience. - Firefox offers unique features, such as container tabs, which enhance privacy and usability, making it a favored choice for users seeking independence from major corporate-controlled browsers.
    • +
+

Sonos CEO steps down after app update debacle

+

Reactions

+
    +
  • The Sonos CEO has resigned following a controversial app update that required users to replace costly sound systems, causing customer dissatisfaction. - The update introduced a cloud-based system, moving away from the reliable Universal Plug and Play (UPnP), which led to connectivity issues and increased complexity. - This situation underscores the conflict between business strategies and maintaining customer trust, as the CEO transitions to an advisory role with a severance package.
    • +
+

In the belly of the MrBeast

+

Reactions

+
    +
  • The essay examines how YouTube's algorithm influences content creation, using MrBeast as a case study, highlighting a shift towards engagement-driven rather than meaningful content. - It discusses the broader implications for media literacy and the cultural impact of platforms like YouTube and TikTok, suggesting a trend towards superficial and reactionary content. - Various perspectives are considered on the role of algorithms in shaping content and the influence of popular creators on cultural norms.
    • +
+

GitHub Git Operations Are Down

+
    +
  • GitHub faced a Git operations outage on January 13, 2025, due to a configuration change affecting the internal load balancer, lasting from 23:35 to 00:24 UTC. - The issue was resolved by reverting the configuration change, and GitHub is working on improving monitoring and deployment processes to prevent similar incidents. - The outage also affected GitHub's Actions and Pages services, highlighting the interconnected nature of their platform services.
    • +
+

Reactions

+
    +
  • GitHub faced a major outage impacting git operations, leading to confusion among developers who initially suspected issues with their SSH keys or local configurations. - The incident underscored the challenges of relying on centralized services, prompting discussions on the advantages of self-hosting and decentralized systems. - Although the issue was resolved, it highlighted concerns about GitHub's reliability and the risks of depending on third-party platforms for essential tasks.
    • +
+

ZFS 2.3 released with ZFS raidz expansion

+
    +
  • OpenZFS 2.3.0 has been released, introducing significant features such as RAIDZ Expansion, Fast Deduplication, Direct Input/Output, JSON output, and support for long file names. - The release includes essential bug fixes and performance enhancements, compatible with Linux kernels 4.18 - 6.12 and FreeBSD versions 13.3, 14.0 - 14.2. - The update is a collaborative effort from 134 contributors, with comprehensive documentation and a change log available for review.
    • +
+

Reactions

+
    +
  • ZFS 2.3 has been released, introducing features like RAIDZ expansion, fast deduplication, direct IO, JSON output, and support for long file names. - RAIDZ expansion is particularly notable as it allows users to add new devices to an existing RAIDZ pool without downtime, enhancing storage capacity. - The release is considered a significant advancement for ZFS users, drawing comparisons with other filesystems like Btrfs and Windows Storage Spaces, despite some limitations like the inability to shrink pools.
    • +
+

Webtop – Alpine,Ubuntu,Fedora,and Arch containers containing full desktop envs

+
    +
  • Linuxserver/webtop provides containers based on Alpine, Ubuntu, Fedora, and Arch with full desktop environments accessible through web browsers, supporting both x86-64 and arm64 architectures.
    • +
  • Users can select from various desktop environments such as XFCE, KDE, MATE, i3, Openbox, and IceWM by using specific image tags, and access the Webtop via designated URLs.
    • +
  • Security features include Docker's seccomp option and authentication setup, with customization options available through environment variables, and support for GPU acceleration with open-source drivers.
    • +
+

Reactions

+
    +
  • Webtop provides containers with full desktop environments for Alpine, Ubuntu, Fedora, and Arch, suitable for quick setups behind a VPN.
    • +
  • Users commend Webtop for its speed and ease of use, particularly when used with the Gluetun container for secure connections, but caution against exposing containers to the internet without security measures due to lack of default authentication.
    • +
  • The project is valued for being open-source and flexible, with users sharing configurations, and alternatives like Kasm and Selkies are noted for similar purposes.
    • +
+

1 in 5 online job postings are either fake or never filled, study finds

+
    +
  • A recent study indicates that 20% of online job postings are either fake or remain unfilled, adding to job seekers' frustration. - This "ghost job" trend might be a tactic for companies to project an image of growth. - Job platforms such as Greenhouse and LinkedIn have introduced job verification services to assist users in identifying genuine job opportunities.
    • +
+

Reactions

+
    +
  • A study reveals that 20% of online job postings are either fake or remain unfilled, often due to companies needing to comply with US immigration policies. - Companies may also leave job postings up to find ideal candidates, change requirements, or have pre-selected internal candidates. - The job market is difficult for applicants, who frequently encounter ghosting and automated rejections, prompting calls for regulatory intervention.
    • +
+

Making an intersection unsafe for pedestrians to save seconds for drivers

+

Reactions

+
    +
  • The debate centers around whether intersections should prioritize pedestrian safety or driver efficiency, with some favoring light-controlled intersections and pedestrian scrambles over 4-way stops.
    • +
  • Opinions vary on traffic laws and infrastructure design, with discussions on the safety of jaywalking and the risks associated with right turns on red.
    • +
  • Some advocate for alternative solutions like roundabouts or adopting Dutch traffic engineering standards to enhance both safety and efficiency.
    • +
+

PostgreSQL is the Database Management System of the Year 2024

+
    +
  • PostgreSQL has been awarded DBMS of the Year 2024 by DB-Engines, achieving this recognition for the fifth time, surpassing 423 other database management systems.
    • +
  • PostgreSQL, with a history spanning nearly 35 years, continues to innovate, as seen in the recent enhancements of PostgreSQL 17, released in September 2024.
    • +
  • Snowflake and Microsoft secured second and third places, respectively, with Snowflake noted for its cloud-based data warehousing and multi-cloud support, while Microsoft offers robust managed relational databases through Azure SQL Database and SQL Server.
    • +
+

Reactions

+
    +
  • PostgreSQL has been awarded Database Management System of the Year 2024 by db-engines.com, highlighting its growing popularity and recognition in the industry.
    • +
  • Users are considering switching from Microsoft SQL Server to PostgreSQL due to high licensing costs and resource limitations, despite potential migration challenges.
    • +
  • PostgreSQL is favored for its robust features and cost-effectiveness, making it a preferred choice for future projects, although some users explore alternatives like Babelfish to reduce costs.
    • +
+

Google’s OAuth login doesn’t protect against purchasing a failed startup domain

+

Reactions

+
    +
  • The discussion highlights a vulnerability in Google’s OAuth login system when a failed startup's domain is acquired by a new owner, potentially allowing unauthorized access to services.
    • +
  • This issue arises because Google may not distinguish between the original and new domain owners, affecting any system that uses domain-based authentication.
    • +
  • A proposed solution is to use unique identifiers that remain constant over time, though the implementation of this solution varies among identity providers.
    • +
+

Using coding skills to make passive income

+
    +
  • The author transitioned from a CTO role to a solopreneur, successfully earning more through a portfolio of software products.
    • +
  • Key strategies include focusing on deep work, starting with small projects, iterating quickly, and dedicating time to marketing efforts.
    • +
  • The journey emphasizes resilience due to uncertainties, but highlights the unmatched autonomy and freedom of this career path, encouraging those with coding skills to consider it for passive income.
    • +
+

Reactions

+
    +
  • A user described generating passive income through SEO spam websites using expiring domain names, earning approximately $30k annually, despite ethical concerns and Google's eventual crackdown.
    • +
  • The post sparked a debate on passive income, with some users arguing it's more akin to running a business than truly passive earnings.
    • +
  • Participants shared experiences and challenges in side projects, highlighting the importance of time, resilience, and strategic planning.
    • +
+

Spain proposes 100% tax on homes bought by non-EU residents

+
    +
  • Spain is considering a 100% tax on real estate purchases by non-EU residents, aiming to address the housing crisis and curb speculative buying.
    • +
  • Prime Minister Pedro Sánchez's proposal includes expanding social housing and regulating tourist rentals to tackle the disparity between housing prices and incomes.
    • +
  • The proposal's future as law is uncertain, with some analysts viewing it as a deterrent to foreign investors rather than a guaranteed legislative change.
    • +
+

Reactions

+
    +
  • Spain is considering a 100% tax on homes purchased by non-EU residents to tackle housing affordability problems. - Critics suggest that foreign buyers are not the primary cause of high housing prices, citing slow bureaucracy and zoning laws as more significant factors. - The proposal has ignited a debate on the role of foreign ownership in housing markets and its effectiveness in resolving affordability issues.
    • +
+

Apple will soon receive 'made in America' chips from TSMC's Arizona fab

+
    +
  • Apple is testing processors from TSMC's Arizona facility, with plans for mass production by the first quarter, potentially becoming TSMC's first U.S. customer for locally manufactured chips. - This initiative aims to bolster U.S. silicon independence, reducing dependency on Taiwan, which is vulnerable to geopolitical and natural risks. - TSMC's Arizona fab is set to produce advanced 3nm and 2nm chips, with ongoing efforts to enhance local recruitment and partnerships with U.S. universities, although packaging will initially occur in Taiwan until the Peoria facility is operational.
    • +
+

Reactions

+
    +
  • Apple will receive chips from TSMC's Arizona plant, but they need to be sent back to Taiwan for packaging due to insufficient U.S. facilities. - Over 50% of the workforce at the Arizona plant is from Taiwan, indicating a gap in the U.S. STEM (Science, Technology, Engineering, and Mathematics) field. - The CHIPS Act initiative, aimed at enhancing U.S. semiconductor manufacturing, faces challenges as the "Made in America" label is questioned due to the packaging process occurring in Taiwan, with plans for U.S. packaging capabilities by 2027.
    • +
+

43K fewer drivers on Manhattan roads after congestion pricing turned on

+
    +
  • After congestion pricing was implemented, there was a 7.5% reduction in drivers entering Manhattan below 60th Street, equating to 43,000 fewer drivers each weekday.
    • +
  • The reduction in traffic has improved traffic flow and increased bus speeds, with some express buses experiencing higher ridership.
    • +
  • The Metropolitan Transportation Authority (MTA) uses the toll revenue, estimated at $500 million annually, for transit improvements, despite some political opposition.
    • +
+

Reactions

+
    +
  • The implementation of congestion pricing in Manhattan has resulted in 43,000 fewer drivers, leading to increased bus speeds and potentially better emergency response times.
    • +
  • The policy is designed to reduce traffic congestion and improve air quality, though it has sparked debate over its impact on lower-income individuals.
    • +
  • Proponents argue that the benefits include more efficient public transit and cleaner air, while discussions continue on balancing these advantages with the needs of drivers.
    • +
+ + + + + +]]> + https://hn.cho.sh/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Self driving 1993 Volvo with open pilot

-
    -
  • A group of friends participated in the Carbage Run 2025 Winter edition, a 6-day rally through Sweden to the polar circle and back to Helsinki, requiring cars to be at least 20 years old and valued under €1000.
    • -
  • They transformed a 1993 Volvo 940 Estate into a self-driving vehicle using openpilot from comma.ai, incorporating modern components like electric power steering, a Bosch iBooster, and a Tesla radar sensor.
    • -
  • Future updates will include details on wiring, a custom Engine Control Unit (ECU), and plans to open-source the code, highlighting the project's innovative approach to retrofitting older vehicles with autonomous technology.
    • -
-

Reactions

-
    -
  • A 1993 Volvo 940 was retrofitted with OpenPilot, a self-driving technology, highlighting the intersection of classic car design and modern tech.
    • -
  • The project faced challenges, including updating the brake and steering systems, raising legal and safety concerns, particularly with DIY modifications like welding the steering column.
    • -
  • The discussion extended to car regulations in Europe, the decline of hotrods in the US, and cultural differences in car modification freedoms, with the project viewed as an inspiring DIY effort despite safety concerns.
    • -
-

VoxelSpace: Terrain rendering algorithm in less than 20 lines of code (2020)

-
    -
  • NovaLogic's 1992 game Comanche utilized the Voxel Space engine, a 2.5D rendering technique based on ray casting, to create detailed terrains with shading and shadows.
    • -
  • The Voxel Space engine used height and color maps and a simple rendering algorithm, drawing vertical lines from back to front, which could be optimized for performance.
    • -
  • The engine's code is available under the MIT license, but the technology may still be patented in certain regions.
    • -
-

Reactions

-
    -
  • VoxelSpace is a terrain rendering algorithm notable for its simplicity, requiring less than 20 lines of code, and evokes nostalgia for innovative game development during hardware-limited eras.
    • -
  • Modern AAA games focus on complex optimizations and market trends, often at the expense of originality, whereas indie games and platforms like PICO-8 provide more creative freedom.
    • -
  • Despite technological advancements, some developers and players feel that the "magic" of older games is missing, though innovative projects like voxel rendering continue to inspire creativity.
    • -
-

How to draw an outline in a video game

-
    -
  • The article discusses five techniques for rendering outlines in Unity, a popular game development platform, highlighting their use in games like Sable and The Last of Us. - Techniques include Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm, and Edge Detection, each with unique advantages and trade-offs in terms of performance and visual quality. - The article provides insights into balancing these methods for optimal game aesthetics and gameplay support, with additional resources and credits for 3D models included.
    • -
-

Reactions

-
    -
  • The article explores advanced techniques for drawing outlines in video games, emphasizing the efficiency of the Jump Flood Algorithm (JFA) and Signed Distance Fields (SDFs) over traditional methods. - It delves into stylized 3D graphics, discussing rendering techniques and the potential use of neural networks for lighting and styling. - Contributors provide insights into the historical development of cel shading in games, such as Jet Set Radio, highlighting the evolving intersection of technology and art in 3D graphics.
    • -
-

I'm quitting the Washington Post

-

Reactions

-
    -
  • The author is leaving the Washington Post due to its failure to adapt to the evolving media landscape and its approach to presenting issues, which they believe is ineffective for critical topics like democracy.
    • -
  • Traditional media, particularly local newspapers, are struggling financially, leading to biased reporting and a decline in public trust, while social media cannot replace the rigorous work of journalism.
    • -
  • Concerns are raised about the influence of wealthy individuals, such as Jeff Bezos, on media outlets, and the impact of corporate interests on the media's role in holding power accountable.
    • -
-

Perplexity got ads

-

Reactions

-
    -
  • Perplexity has introduced advertisements, leading to discussions about the inevitability of ads in online services due to consumer reluctance to pay for ad-free experiences. - Some users find ads intrusive and prefer subscription-based services like Kagi, which offer ad-free search, while others continue to choose free, ad-supported options. - This situation underscores the ongoing debate between ad-supported and subscription-based models in digital services.
    • -
- - - - - -]]> - https://hn.cho.sh/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/es.xml b/static/rss/newsletter/es.xml index c7dd02f32..ccf022a05 100644 --- a/static/rss/newsletter/es.xml +++ b/static/rss/newsletter/es.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

Snyk investigador de seguridad despliega paquetes NPM maliciosos dirigidos a cursor.com

+
    +
  • Un investigador de seguridad de Snyk lanzó paquetes NPM maliciosos dirigidos a Cursor.com, una empresa de codificación de IA, para recopilar datos del sistema y enviarlos a un servicio controlado por un atacante.
    • +
  • Los paquetes, identificados como "cursor-retrieval", "cursor-always-local" y "cursor-shadow-workspace", fueron señalados por el escáner de análisis de paquetes de OpenSSF, lo que resultó en las advertencias MAL-2025-27, MAL-2025-28 y MAL-2025-29.
    • +
  • Este incidente resalta la importancia de examinar los paquetes de NPM antes de la instalación para evitar posibles amenazas de seguridad.
    • +
+

Reacciones

+
    +
  • Un investigador de seguridad de Snyk lanzó paquetes maliciosos de NPM (Node Package Manager) dirigidos a cursor.com, destacando vulnerabilidades de confusión de dependencias. - El incidente ha generado un debate sobre la ética de la investigación en seguridad, especialmente en lo que respecta a la exposición pública de variables de entorno. - Cursor.com aclaró que no autorizaron la acción, y Snyk se ha disculpado desde entonces, subrayando los desafíos de equilibrar la investigación de seguridad ofensiva con los estándares éticos.
    • +
+

He cambiado a Firefox y nunca miré atrás

+
    +
  • Firefox es elogiado por su superior gestión de pestañas, la función integrada de Pocket para guardar enlaces y un servicio de retransmisión de correo electrónico enfocado en la privacidad, lo que lo convierte en una fuerte alternativa a Chrome. - Características adicionales como una herramienta de captura de pantalla fácil de usar, un botón de ChatGPT, Picture-in-Picture, opciones de búsqueda personalizables y un desplazamiento suave mejoran la experiencia de navegación. - Aunque Firefox carece de la función de aplicaciones web de Chrome, su diseño cuidadoso y la reducción en el consumo de recursos lo hacen una opción preferida para algunos usuarios.
    • +
+

Reacciones

+
    +
  • Los usuarios de Firefox enfrentan desafíos de plataformas como YouTube, que pueden degradar intencionalmente la experiencia para navegadores no pertenecientes a Google o usuarios que emplean bloqueadores de anuncios. - Esta tendencia genera preocupaciones sobre la autonomía del usuario, ya que penaliza a aquellos que optan por una experiencia web sin anuncios y sin vigilancia. - Firefox ofrece características únicas, como las pestañas de contenedores, que mejoran la privacidad y la usabilidad, convirtiéndolo en una opción preferida para los usuarios que buscan independencia de los navegadores controlados por grandes corporaciones.
    • +
+

El CEO de Sonos renuncia tras el fiasco de la actualización de la aplicación

+

Reacciones

+
    +
  • El CEO de Sonos ha renunciado tras una controvertida actualización de la aplicación que requería que los usuarios reemplazaran costosos sistemas de sonido, lo que causó insatisfacción entre los clientes. - La actualización introdujo un sistema basado en la nube, alejándose del confiable Universal Plug and Play (UPnP), lo que provocó problemas de conectividad y mayor complejidad. - Esta situación subraya el conflicto entre las estrategias empresariales y el mantenimiento de la confianza del cliente, mientras el CEO pasa a un rol asesor con un paquete de indemnización.
    • +
+

En el vientre del MrBeast

+

Reacciones

+
    +
  • La redacción examina cómo el algoritmo de YouTube influye en la creación de contenido, utilizando a MrBeast como estudio de caso, destacando un cambio hacia contenido impulsado por el compromiso en lugar de contenido significativo. - Discute las implicaciones más amplias para la alfabetización mediática y el impacto cultural de plataformas como YouTube y TikTok, sugiriendo una tendencia hacia contenido superficial y reaccionario. - Se consideran diversas perspectivas sobre el papel de los algoritmos en la conformación del contenido y la influencia de los creadores populares en las normas culturales.
    • +
+

Las operaciones de Git en GitHub están caídas

+
    +
  • GitHub enfrentó una interrupción de operaciones de Git el 13 de enero de 2025, debido a un cambio de configuración que afectó al equilibrador de carga interno, que duró desde las 23:35 hasta las 00:24 UTC. - El problema se resolvió revirtiendo el cambio de configuración, y GitHub está trabajando en mejorar los procesos de monitoreo y despliegue para prevenir incidentes similares. - La interrupción también afectó a los servicios de Actions y Pages de GitHub, destacando la naturaleza interconectada de sus servicios de plataforma.
    • +
+

Reacciones

+
    +
  • GitHub enfrentó una importante interrupción que afectó las operaciones de git, lo que llevó a la confusión entre los desarrolladores que inicialmente sospecharon problemas con sus claves SSH o configuraciones locales. - El incidente subrayó los desafíos de depender de servicios centralizados, lo que provocó discusiones sobre las ventajas de la auto-hospedaje y los sistemas descentralizados. - Aunque el problema se resolvió, destacó preocupaciones sobre la fiabilidad de GitHub y los riesgos de depender de plataformas de terceros para tareas esenciales.
    • +
+

ZFS 2.3 lanzado con expansión ZFS raidz

+
    +
  • OpenZFS 2.3.0 ha sido lanzado, introduciendo características significativas como la expansión RAIDZ, deduplicación rápida, entrada/salida directa, salida JSON y soporte para nombres de archivos largos. - La versión incluye correcciones de errores esenciales y mejoras de rendimiento, compatible con los núcleos de Linux 4.18 - 6.12 y las versiones de FreeBSD 13.3, 14.0 - 14.2. - La actualización es un esfuerzo colaborativo de 134 contribuyentes, con documentación completa y un registro de cambios disponible para revisión.
    • +
+

Reacciones

+
    +
  • ZFS 2.3 ha sido lanzado, introduciendo características como la expansión de RAIDZ, deduplicación rápida, IO directo, salida JSON y soporte para nombres de archivos largos. - La expansión de RAIDZ es particularmente notable ya que permite a los usuarios agregar nuevos dispositivos a un pool RAIDZ existente sin tiempo de inactividad, mejorando la capacidad de almacenamiento. - El lanzamiento se considera un avance significativo para los usuarios de ZFS, estableciendo comparaciones con otros sistemas de archivos como Btrfs y Windows Storage Spaces, a pesar de algunas limitaciones como la imposibilidad de reducir el tamaño de los pools.
    • +
+

Webtop: contenedores de Alpine, Ubuntu, Fedora y Arch que contienen entornos de escritorio completos

+
    +
  • Linuxserver/webtop proporciona contenedores basados en Alpine, Ubuntu, Fedora y Arch con entornos de escritorio completos accesibles a través de navegadores web, compatibles con arquitecturas x86-64 y arm64.
    • +
  • Los usuarios pueden seleccionar entre varios entornos de escritorio como XFCE, KDE, MATE, i3, Openbox e IceWM utilizando etiquetas de imagen específicas, y acceder al Webtop a través de URL designadas.
    • +
  • Las características de seguridad incluyen la opción seccomp de Docker y la configuración de autenticación, con opciones de personalización disponibles a través de variables de entorno, y soporte para aceleración de GPU con controladores de código abierto.
    • +
+

Reacciones

+
    +
  • Webtop proporciona contenedores con entornos de escritorio completos para Alpine, Ubuntu, Fedora y Arch, adecuados para configuraciones rápidas detrás de una VPN.
    • +
  • Los usuarios elogian a Webtop por su velocidad y facilidad de uso, especialmente cuando se utiliza con el contenedor Gluetun para conexiones seguras, pero advierten contra la exposición de contenedores a internet sin medidas de seguridad debido a la falta de autenticación predeterminada.
    • +
  • El proyecto es valorado por ser de código abierto y flexible, con usuarios compartiendo configuraciones, y se destacan alternativas como Kasm y Selkies para propósitos similares.
    • +
+

1 de cada 5 ofertas de trabajo en línea son falsas o nunca se cubren, según un estudio.

+
    +
  • Un estudio reciente indica que el 20% de las ofertas de trabajo en línea son falsas o permanecen sin cubrir, lo que aumenta la frustración de los buscadores de empleo. - Esta tendencia de "trabajos fantasma" podría ser una táctica de las empresas para proyectar una imagen de crecimiento. - Plataformas de empleo como Greenhouse y LinkedIn han introducido servicios de verificación de empleos para ayudar a los usuarios a identificar oportunidades laborales genuinas.
    • +
+

Reacciones

+
    +
  • Un estudio revela que el 20% de las ofertas de trabajo en línea son falsas o permanecen sin cubrir, a menudo debido a que las empresas necesitan cumplir con las políticas de inmigración de EE. UU. - Las empresas también pueden dejar las ofertas de trabajo publicadas para encontrar candidatos ideales, cambiar los requisitos o tener candidatos internos preseleccionados. - El mercado laboral es difícil para los solicitantes, que frecuentemente enfrentan el fenómeno del ghosting y rechazos automatizados, lo que provoca llamados a una intervención regulatoria.
    • +
+

Hacer una intersección insegura para los peatones para ahorrar segundos a los conductores

+

Reacciones

+
    +
  • La discusión se centra en si las intersecciones deben priorizar la seguridad de los peatones o la eficiencia de los conductores, con algunos que prefieren intersecciones controladas por semáforos y cruces peatonales sobre paradas de 4 vías.
    • +
  • Las opiniones varían sobre las leyes de tráfico y el diseño de infraestructuras, con debates sobre la seguridad de cruzar la calle fuera de los pasos peatonales y los riesgos asociados con girar a la derecha en rojo.
    • +
  • Algunos abogan por soluciones alternativas como las rotondas o la adopción de estándares de ingeniería de tráfico holandeses para mejorar tanto la seguridad como la eficiencia.
    • +
+

PostgreSQL es el Sistema de Gestión de Bases de Datos del Año 2024

+
    +
  • PostgreSQL ha sido galardonado como el DBMS del Año 2024 por DB-Engines, logrando este reconocimiento por quinta vez, superando a otros 423 sistemas de gestión de bases de datos.
    • +
  • PostgreSQL, con una historia que abarca casi 35 años, sigue innovando, como se puede ver en las recientes mejoras de PostgreSQL 17, lanzado en septiembre de 2024.
    • +
  • Snowflake y Microsoft aseguraron el segundo y tercer lugar, respectivamente, con Snowflake destacado por su almacenamiento de datos en la nube y soporte multi-nube, mientras que Microsoft ofrece bases de datos relacionales administradas robustas a través de Azure SQL Database y SQL Server.
    • +
+

Reacciones

+
    +
  • PostgreSQL ha sido galardonado como el Sistema de Gestión de Bases de Datos del Año 2024 por db-engines.com, destacando su creciente popularidad y reconocimiento en la industria.
    • +
  • Los usuarios están considerando cambiar de Microsoft SQL Server a PostgreSQL debido a los altos costos de licencias y las limitaciones de recursos, a pesar de los posibles desafíos de migración.
    • +
  • PostgreSQL es preferido por sus características robustas y rentabilidad, lo que lo convierte en una opción preferida para futuros proyectos, aunque algunos usuarios exploran alternativas como Babelfish para reducir costos.
    • +
+

El inicio de sesión de OAuth de Google no protege contra la compra de un dominio de startup fallida

+

Reacciones

+
    +
  • La discusión resalta una vulnerabilidad en el sistema de inicio de sesión OAuth de Google cuando el dominio de una startup fallida es adquirido por un nuevo propietario, lo que podría permitir el acceso no autorizado a servicios.
    • +
  • Este problema surge porque Google puede no distinguir entre los propietarios originales y nuevos del dominio, lo que afecta a cualquier sistema que utilice autenticación basada en dominios.
    • +
  • Una solución propuesta es utilizar identificadores únicos que permanezcan constantes a lo largo del tiempo, aunque la implementación de esta solución varía entre los proveedores de identidad.
    • +
+

Usar habilidades de codificación para generar ingresos pasivos

+
    +
  • El autor pasó de un rol de CTO a un solopreneur, ganando exitosamente más a través de una cartera de productos de software.
    • +
  • Las estrategias clave incluyen centrarse en el trabajo profundo, comenzar con proyectos pequeños, iterar rápidamente y dedicar tiempo a los esfuerzos de marketing.
    • +
  • La travesía enfatiza la resiliencia debido a las incertidumbres, pero destaca la autonomía y libertad incomparables de este camino profesional, animando a aquellos con habilidades de codificación a considerarlo para obtener ingresos pasivos.
    • +
+

Reacciones

+
    +
  • Un usuario describió cómo generar ingresos pasivos a través de sitios web de spam de SEO utilizando nombres de dominio que están por expirar, ganando aproximadamente $30,000 anualmente, a pesar de las preocupaciones éticas y la eventual represión de Google.
    • +
  • La publicación provocó un debate sobre los ingresos pasivos, con algunos usuarios argumentando que se asemeja más a dirigir un negocio que a ganancias verdaderamente pasivas.
    • +
  • Los participantes compartieron experiencias y desafíos en proyectos paralelos, destacando la importancia del tiempo, la resiliencia y la planificación estratégica.
    • +
+

España propone un impuesto del 100% sobre las viviendas compradas por residentes no pertenecientes a la UE

+
    +
  • España está considerando un impuesto del 100% sobre las compras de bienes raíces por parte de residentes no pertenecientes a la UE, con el objetivo de abordar la crisis de vivienda y frenar la compra especulativa.
    • +
  • La propuesta del Primer Ministro Pedro Sánchez incluye la expansión de la vivienda social y la regulación de los alquileres turísticos para abordar la disparidad entre los precios de la vivienda y los ingresos.
    • +
  • La futura aprobación de la propuesta como ley es incierta, ya que algunos analistas la ven más como un elemento disuasorio para los inversores extranjeros que como un cambio legislativo garantizado.
    • +
+

Reacciones

+
    +
  • España está considerando un impuesto del 100% sobre las viviendas compradas por residentes no pertenecientes a la UE para abordar los problemas de asequibilidad de la vivienda. - Los críticos sugieren que los compradores extranjeros no son la causa principal de los altos precios de la vivienda, citando la burocracia lenta y las leyes de zonificación como factores más significativos. - La propuesta ha encendido un debate sobre el papel de la propiedad extranjera en los mercados de vivienda y su efectividad para resolver los problemas de asequibilidad.
    • +
+

Apple pronto recibirá chips 'hechos en América' de la fábrica de TSMC en Arizona

+
    +
  • Apple está probando procesadores de la planta de TSMC en Arizona, con planes para la producción en masa para el primer trimestre, lo que podría convertirla en el primer cliente estadounidense de TSMC para chips fabricados localmente. - Esta iniciativa tiene como objetivo fortalecer la independencia de silicio de EE. UU., reduciendo la dependencia de Taiwán, que es vulnerable a riesgos geopolíticos y naturales. - La fábrica de TSMC en Arizona está preparada para producir chips avanzados de 3nm y 2nm, con esfuerzos continuos para mejorar el reclutamiento local y las asociaciones con universidades estadounidenses, aunque el empaquetado se realizará inicialmente en Taiwán hasta que la instalación de Peoria esté operativa.
    • +
+

Reacciones

+
    +
  • Apple recibirá chips de la planta de TSMC en Arizona, pero deben ser enviados de regreso a Taiwán para su empaquetado debido a la insuficiencia de instalaciones en EE. UU. - Más del 50% de la fuerza laboral en la planta de Arizona proviene de Taiwán, lo que indica una brecha en el campo STEM (Ciencia, Tecnología, Ingeniería y Matemáticas) de EE. UU. - La iniciativa de la Ley CHIPS, destinada a mejorar la fabricación de semiconductores en EE. UU., enfrenta desafíos ya que se cuestiona la etiqueta "Hecho en América" debido al proceso de empaquetado que ocurre en Taiwán, con planes para capacidades de empaquetado en EE. UU. para 2027.
    • +
+

43,000 conductores menos en las carreteras de Manhattan después de que se activó el cobro por congestión

+
    +
  • Después de que se implementó el peaje por congestión, hubo una reducción del 7.5% en los conductores que ingresaban a Manhattan por debajo de la Calle 60, lo que equivale a 43,000 conductores menos cada día de la semana.
    • +
  • La reducción del tráfico ha mejorado el flujo vehicular y aumentado la velocidad de los autobuses, con algunos autobuses exprés experimentando un mayor número de pasajeros.
    • +
  • La Autoridad Metropolitana de Transporte (MTA) utiliza los ingresos por peajes, estimados en 500 millones de dólares anuales, para mejoras en el transporte, a pesar de cierta oposición política.
    • +
+

Reacciones

+
    +
  • La implementación de la tarificación por congestión en Manhattan ha resultado en 43,000 conductores menos, lo que ha llevado a un aumento en la velocidad de los autobuses y potencialmente mejores tiempos de respuesta de emergencia.
    • +
  • La política está diseñada para reducir la congestión del tráfico y mejorar la calidad del aire, aunque ha generado debate sobre su impacto en las personas de bajos ingresos.
    • +
  • Los defensores argumentan que los beneficios incluyen un transporte público más eficiente y un aire más limpio, mientras continúan las discusiones sobre cómo equilibrar estas ventajas con las necesidades de los conductores.
    • +
+ + + + + +]]> + https://hn.cho.sh/es/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Volvo 1993 autónomo con piloto abierto

-
    -
  • Un grupo de amigos participó en la edición de invierno del Carbage Run 2025, un rally de 6 días a través de Suecia hasta el círculo polar y de regreso a Helsinki, que requiere que los coches tengan al menos 20 años de antigüedad y un valor inferior a 1000 €.
    • -
  • Transformaron un Volvo 940 Estate de 1993 en un vehículo autónomo utilizando openpilot de comma.ai, incorporando componentes modernos como dirección asistida eléctrica, un iBooster de Bosch y un sensor de radar de Tesla.
    • -
  • Las actualizaciones futuras incluirán detalles sobre el cableado, una Unidad de Control del Motor (ECU) personalizada y planes para abrir el código, destacando el enfoque innovador del proyecto para adaptar vehículos antiguos con tecnología autónoma.
    • -
-

Reacciones

-
    -
  • Un Volvo 940 de 1993 fue adaptado con OpenPilot, una tecnología de conducción autónoma, destacando la intersección entre el diseño clásico de automóviles y la tecnología moderna.
    • -
  • La proyecto enfrentó desafíos, incluyendo la actualización de los sistemas de frenos y dirección, lo que planteó preocupaciones legales y de seguridad, especialmente con modificaciones caseras como la soldadura de la columna de dirección.
    • -
  • La discusión se extendió a las regulaciones de automóviles en Europa, el declive de los hotrods en los EE. UU. y las diferencias culturales en las libertades de modificación de automóviles, con el proyecto visto como un esfuerzo inspirador de bricolaje a pesar de las preocupaciones de seguridad.
    • -
-

VoxelSpace: Algoritmo de renderizado de terrenos en menos de 20 líneas de código (2020)

-
    -
  • El juego Comanche de NovaLogic de 1992 utilizó el motor Voxel Space, una técnica de renderizado 2.5D basada en el ray casting, para crear terrenos detallados con sombreado y sombras.
    • -
  • La tecnología Voxel Space utilizaba mapas de altura y color junto con un algoritmo de renderizado simple, dibujando líneas verticales de atrás hacia adelante, lo cual podía optimizarse para mejorar el rendimiento.
    • -
  • La codificación del motor está disponible bajo la licencia MIT, pero la tecnología aún puede estar patentada en ciertas regiones.
    • -
-

Reacciones

-
    -
  • VoxelSpace es un algoritmo de renderizado de terrenos notable por su simplicidad, ya que requiere menos de 20 líneas de código, y evoca nostalgia por el desarrollo innovador de juegos durante épocas con limitaciones de hardware.
    • -
  • Los juegos AAA modernos se centran en optimizaciones complejas y tendencias del mercado, a menudo a expensas de la originalidad, mientras que los juegos indie y plataformas como PICO-8 ofrecen más libertad creativa.
    • -
  • A pesar de los avances tecnológicos, algunos desarrolladores y jugadores sienten que la "magia" de los juegos antiguos está ausente, aunque proyectos innovadores como el renderizado de vóxeles continúan inspirando creatividad.
    • -
-

Cómo dibujar un contorno en un videojuego

-
    -
  • El artículo discute cinco técnicas para renderizar contornos en Unity, una popular plataforma de desarrollo de juegos, destacando su uso en juegos como Sable y The Last of Us. - Las técnicas incluyen Efectos de Borde, Extrusión de Vértices, Búfer Desenfocado, Algoritmo de Inundación por Saltos y Detección de Bordes, cada una con ventajas y desventajas únicas en términos de rendimiento y calidad visual. - El artículo ofrece ideas sobre cómo equilibrar estos métodos para lograr una estética óptima en los juegos y apoyar la jugabilidad, con recursos adicionales y créditos para modelos 3D incluidos.
    • -
-

Reacciones

-
    -
  • La artículo explora técnicas avanzadas para dibujar contornos en videojuegos, enfatizando la eficiencia del Algoritmo de Inundación por Saltos (JFA) y los Campos de Distancia Firmada (SDFs) sobre los métodos tradicionales. - Se adentra en gráficos 3D estilizados, discutiendo técnicas de renderizado y el uso potencial de redes neuronales para iluminación y estilo. - Los colaboradores ofrecen perspectivas sobre el desarrollo histórico del sombreado cel en juegos, como Jet Set Radio, destacando la intersección evolutiva de la tecnología y el arte en gráficos 3D.
    • -
-

Voy a dejar el Washington Post

-

Reacciones

-
    -
  • El autor está dejando el Washington Post debido a su incapacidad para adaptarse al cambiante panorama mediático y su enfoque para presentar temas, que consideran ineficaz para asuntos críticos como la democracia.
    • -
  • Los medios tradicionales, en particular los periódicos locales, están enfrentando dificultades financieras, lo que lleva a un sesgo en la información y una disminución en la confianza pública, mientras que las redes sociales no pueden reemplazar el trabajo riguroso del periodismo.
    • -
  • Se plantean preocupaciones sobre la influencia de individuos adinerados, como Jeff Bezos, en los medios de comunicación, y el impacto de los intereses corporativos en el papel de los medios para responsabilizar al poder.
    • -
-

Perplexity tiene anuncios

-

Reacciones

-
    -
  • Perplexity ha introducido anuncios, lo que ha llevado a discusiones sobre la inevitabilidad de los anuncios en los servicios en línea debido a la reticencia de los consumidores a pagar por experiencias sin anuncios. - Algunos usuarios encuentran los anuncios intrusivos y prefieren servicios basados en suscripción como Kagi, que ofrecen búsquedas sin anuncios, mientras que otros continúan eligiendo opciones gratuitas con anuncios. - Esta situación subraya el debate continuo entre los modelos basados en anuncios y los basados en suscripción en los servicios digitales.
    • -
- - - - - -]]> - https://hn.cho.sh/es/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/fi.xml b/static/rss/newsletter/fi.xml index 290f36920..602f2b6e7 100644 --- a/static/rss/newsletter/fi.xml +++ b/static/rss/newsletter/fi.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

Snyk-tietoturvatutkija ottaa käyttöön haitallisia NPM-paketteja, jotka kohdistuvat cursor.com-sivustoon.

+
    +
  • Eräs Snykin tietoturvatutkija julkaisi haitallisia NPM-paketteja, jotka kohdistuivat Cursor.comiin, tekoälykoodausyritykseen, kerätäkseen järjestelmätietoja ja lähettääkseen ne hyökkääjän hallitsemaan palveluun.
    • +
  • Pakettien nimet ovat "cursor-retrieval", "cursor-always-local" ja "cursor-shadow-workspace", ja ne merkittiin OpenSSF-pakettianalyysiskannerin toimesta, mikä johti neuvonantoihin MAL-2025-27, MAL-2025-28 ja MAL-2025-29.
    • +
  • Tämä tapaus korostaa NPM-pakettien tarkastelun tärkeyttä ennen asennusta mahdollisten tietoturvauhkien välttämiseksi.
    • +
+

Reaktiot

+
    +
  • Eräs Snykin tietoturvatutkija julkaisi haitallisia NPM (Node Package Manager) -paketteja, jotka kohdistuivat cursor.comiin, tuoden esiin riippuvuuksien sekaantumiseen liittyviä haavoittuvuuksia. - Tapaus on herättänyt keskustelua tietoturvatutkimuksen etiikasta, erityisesti ympäristömuuttujien julkiseen paljastamiseen liittyen. - Cursor.com selvensi, etteivät he olleet valtuuttaneet toimintaa, ja Snyk on sittemmin pyytänyt anteeksi, korostaen hyökkäävän tietoturvatutkimuksen ja eettisten standardien tasapainottamisen haasteita.
    • +
+

Vaihdoinkin Firefoxiin enkä ole katsonut taaksepäin

+
    +
  • Firefoxia kehutaan sen erinomaisesta välilehtien hallinnasta, sisäänrakennetusta Pocket-ominaisuudesta linkkien tallentamiseen ja yksityisyyteen keskittyvästä sähköpostin välityspalvelusta, mikä tekee siitä vahvan vaihtoehdon Chromelle. - Lisäominaisuudet, kuten käyttäjäystävällinen kuvakaappaustyökalu, ChatGPT-painike, Picture-in-Picture, muokattavat hakuvaihtoehdot ja sujuva vieritys parantavat selauskokemusta. - Vaikka Firefoxilta puuttuu Chromen verkkosovellusominaisuus, sen harkittu suunnittelu ja vähäisempi resurssien kulutus tekevät siitä joidenkin käyttäjien suosikin.
    • +
+

Reaktiot

+
    +
  • Firefox-käyttäjät kohtaavat haasteita alustoilta, kuten YouTube, jotka saattavat tahallisesti heikentää kokemusta ei-Google-selaimille tai käyttäjille, jotka käyttävät mainostenesto-ohjelmia. - Tämä suuntaus herättää huolta käyttäjien autonomiasta, sillä se rankaisee niitä, jotka valitsevat mainosvapaan ja valvonnasta vapaan verkkokokemuksen. - Firefox tarjoaa ainutlaatuisia ominaisuuksia, kuten konttivälilehtiä, jotka parantavat yksityisyyttä ja käytettävyyttä, tehden siitä suositun valinnan käyttäjille, jotka etsivät riippumattomuutta suurten yritysten hallitsemista selaimista.
    • +
+

Sonosin toimitusjohtaja eroaa sovelluspäivityksen epäonnistumisen jälkeen

+

Reaktiot

+
    +
  • Sonosin toimitusjohtaja on eronnut kiistanalaisen sovelluspäivityksen jälkeen, joka vaati käyttäjiä korvaamaan kalliit äänijärjestelmät, aiheuttaen asiakastyytymättömyyttä. - Päivitys toi mukanaan pilvipohjaisen järjestelmän, joka siirtyi pois luotettavasta Universal Plug and Play (UPnP) -järjestelmästä, mikä johti yhteysongelmiin ja lisäsi monimutkaisuutta. - Tämä tilanne korostaa liiketoimintastrategioiden ja asiakassuhteiden ylläpitämisen välistä ristiriitaa, kun toimitusjohtaja siirtyy neuvonantajan rooliin erorahapaketin kanssa.
    • +
+

MrBeastin vatsassa

+

Reaktiot

+
    +
  • Essee tutkii, kuinka YouTuben algoritmi vaikuttaa sisällön luomiseen, käyttäen MrBeastia tapaustutkimuksena, ja korostaa siirtymää kohti sitoutumislähtöistä pikemminkin kuin merkityksellistä sisältöä. - Se käsittelee laajempia vaikutuksia medialukutaitoon ja kulttuurista vaikutusta alustoilla kuten YouTube ja TikTok, ehdottaen suuntausta pinnalliseen ja reaktiiviseen sisältöön. - Eri näkökulmia tarkastellaan algoritmien roolista sisällön muokkaamisessa ja suosittujen tekijöiden vaikutuksesta kulttuurisiin normeihin.
    • +
+

Gitin GitHub-operaatiot ovat alhaalla

+
    +
  • GitHub kohtasi Git-toimintojen katkoksen 13. tammikuuta 2025, johtuen kokoonpanomuutoksesta, joka vaikutti sisäiseen kuormantasaajaan, kestäen 23:35:stä 00:24:ään UTC-aikaa. - Ongelma ratkaistiin palauttamalla kokoonpanomuutos, ja GitHub työskentelee parantaakseen valvonta- ja käyttöönottoprosesseja estääkseen vastaavat tapaukset. - Katkos vaikutti myös GitHubin Actions- ja Pages-palveluihin, korostaen niiden alustapalveluiden keskinäistä yhteyttä.
    • +
+

Reaktiot

+
    +
  • GitHub kohtasi merkittävän katkoksen, joka vaikutti git-toimintoihin ja aiheutti hämmennystä kehittäjien keskuudessa, jotka aluksi epäilivät ongelmia SSH-avaimissaan tai paikallisissa kokoonpanoissaan. - Tapaus korosti keskitettyihin palveluihin luottamisen haasteita ja herätti keskusteluja itseisännöinnin ja hajautettujen järjestelmien eduista. - Vaikka ongelma ratkaistiin, se toi esiin huolenaiheita GitHubin luotettavuudesta ja kolmannen osapuolen alustojen varaan rakentamisen riskeistä olennaisissa tehtävissä.
    • +
+

ZFS 2.3 julkaistu ZFS raidz -laajennuksella

+
    +
  • OpenZFS 2.3.0 on julkaistu, ja se tuo mukanaan merkittäviä ominaisuuksia, kuten RAIDZ-laajennuksen, nopean deduplikoinnin, suoran syötteen/ulostulon, JSON-ulostulon ja tuen pitkille tiedostonimille. - Julkaisu sisältää olennaisia virheenkorjauksia ja suorituskyvyn parannuksia, ja se on yhteensopiva Linux-ytimien 4.18 - 6.12 ja FreeBSD-versioiden 13.3, 14.0 - 14.2 kanssa. - Päivitys on 134 avustajan yhteistyön tulos, ja siitä on saatavilla kattava dokumentaatio ja muutosloki tarkasteltavaksi.
    • +
+

Reaktiot

+
    +
  • ZFS 2.3 on julkaistu, ja se tuo mukanaan ominaisuuksia kuten RAIDZ-laajennus, nopea deduplikointi, suora IO, JSON-tuloste ja tuki pitkille tiedostonimille. - RAIDZ-laajennus on erityisen merkittävä, sillä se mahdollistaa käyttäjille uusien laitteiden lisäämisen olemassa olevaan RAIDZ-pooliin ilman käyttökatkoa, mikä parantaa tallennuskapasiteettia. - Julkaisua pidetään merkittävänä edistysaskeleena ZFS-käyttäjille, ja sitä verrataan muihin tiedostojärjestelmiin kuten Btrfs ja Windows Storage Spaces, vaikka sillä on joitakin rajoituksia, kuten kyvyttömyys pienentää pooleja.
    • +
+

Webtop – Alpine-, Ubuntu-, Fedora- ja Arch-kontit, jotka sisältävät täydet työpöytäympäristöt

+
    +
  • Linuxserver/webtop tarjoaa kontteja, jotka perustuvat Alpineen, Ubuntuun, Fedoraan ja Archiin, ja joissa on täydet työpöytäympäristöt, jotka ovat käytettävissä verkkoselaimien kautta, tukien sekä x86-64 että arm64-arkkitehtuureja.
    • +
  • Kayttäjät voivat valita erilaisista työpöytäympäristöistä, kuten XFCE, KDE, MATE, i3, Openbox ja IceWM, käyttämällä tiettyjä kuvamerkintöjä ja käyttää Webtopia määrättyjen URL-osoitteiden kautta.
    • +
  • Turvaominaisuuksiin kuuluvat Dockerin seccomp-vaihtoehto ja todennuksen asennus, mukautusmahdollisuudet ympäristömuuttujien kautta sekä tuki GPU-kiihdytykselle avoimen lähdekoodin ajureilla.
    • +
+

Reaktiot

+
    +
  • Webtop tarjoaa kontteja, joissa on täydet työpöytäympäristöt Alpine-, Ubuntu-, Fedora- ja Arch-järjestelmille, sopien nopeisiin asennuksiin VPN:n taakse.
    • +
  • Webtopin käyttäjät kehuvat sen nopeutta ja helppokäyttöisyyttä, erityisesti kun sitä käytetään Gluetun-kontin kanssa turvallisten yhteyksien luomiseksi, mutta varoittavat konttien altistamisesta internetille ilman turvatoimia oletusautentikoinnin puutteen vuoksi.
    • +
  • Projektia arvostetaan sen avoimen lähdekoodin ja joustavuuden vuoksi, ja käyttäjät jakavat kokoonpanoja. Vaihtoehdot kuten Kasm ja Selkies mainitaan samanlaisiin tarkoituksiin.
    • +
+

1 viidestä verkossa julkaistusta työpaikkailmoituksesta on joko väärennös tai niitä ei koskaan täytetä, tutkimus paljastaa

+
    +
  • Äskettäinen tutkimus osoittaa, että 20 % verkossa olevista työpaikkailmoituksista on joko väärennettyjä tai jää täyttämättä, mikä lisää työnhakijoiden turhautumista. - Tämä "haamutyöpaikkojen" trendi saattaa olla yritysten keino luoda kuvaa kasvusta. - Työpaikka-alustat, kuten Greenhouse ja LinkedIn, ovat ottaneet käyttöön työpaikkojen varmennuspalveluita auttaakseen käyttäjiä tunnistamaan aidot työmahdollisuudet.
    • +
+

Reaktiot

+
    +
  • Eräs tutkimus paljastaa, että 20 % verkossa olevista työpaikkailmoituksista on joko väärennettyjä tai jää täyttämättä, usein siksi, että yritysten on noudatettava Yhdysvaltojen maahanmuuttopolitiikkaa. - Yritykset voivat myös pitää työpaikkailmoituksia esillä löytääkseen ihanteellisia ehdokkaita, muuttaakseen vaatimuksia tai koska heillä on jo valmiiksi valittuja sisäisiä ehdokkaita. - Työmarkkinat ovat hakijoille vaikeat, ja he kohtaavat usein "ghostingia" ja automatisoituja hylkäyksiä, mikä on johtanut vaatimuksiin sääntelytoimista.
    • +
+

Tehdä risteyksestä turvaton jalankulkijoille säästääkseen sekunteja autoilijoille

+

Reaktiot

+
    +
  • Keskustelu keskittyy siihen, tulisiko risteyksissä asettaa etusijalle jalankulkijoiden turvallisuus vai autoilijoiden tehokkuus, ja jotkut suosivat liikennevalo-ohjattuja risteyksiä ja jalankulkijoiden ylityksiä neljän suunnan pysähdysten sijaan.
    • +
  • Mielipiteet vaihtelevat liikennelakien ja infrastruktuurin suunnittelun suhteen, ja keskusteluja käydään muun muassa kadunylityksen turvallisuudesta ja oikealle kääntymisen riskeistä punaisissa valoissa.
    • +
  • Jotkut kannattavat vaihtoehtoisia ratkaisuja, kuten liikenneympyröitä tai hollantilaisten liikennesuunnittelustandardien omaksumista, parantaakseen sekä turvallisuutta että tehokkuutta.
    • +
+

PostgreSQL on vuoden 2024 tietokannan hallintajärjestelmä.

+
    +
  • PostgreSQL on saanut DB-Enginesin myöntämän Vuoden DBMS 2024 -palkinnon, saavuttaen tämän tunnustuksen viidennen kerran, ohittaen 423 muuta tietokannan hallintajärjestelmää.
    • +
  • PostgreSQL, jolla on lähes 35 vuoden historia, jatkaa innovointia, kuten nähdään syyskuussa 2024 julkaistun PostgreSQL 17:n viimeaikaisissa parannuksissa.
    • +
  • Snowflake ja Microsoft saavuttivat toisen ja kolmannen sijan, Snowflaken erottuessa pilvipohjaisesta tietovarastoinnistaan ja monipilvitukensa ansiosta, kun taas Microsoft tarjoaa vankkoja hallittuja relaatiotietokantoja Azure SQL Database- ja SQL Server -palveluiden kautta.
    • +
+

Reaktiot

+
    +
  • PostgreSQL on saanut vuoden 2024 tietokannan hallintajärjestelmän palkinnon db-engines.com-sivustolta, mikä korostaa sen kasvavaa suosiota ja tunnustusta alalla.
    • +
  • Käyttäjät harkitsevat siirtymistä Microsoft SQL Serveristä PostgreSQL:ään korkeiden lisensointikustannusten ja resurssirajoitusten vuoksi, huolimatta mahdollisista siirtymähaasteista.
    • +
  • PostgreSQL on suosittu sen vankkojen ominaisuuksien ja kustannustehokkuuden vuoksi, mikä tekee siitä suositun valinnan tuleviin projekteihin, vaikka jotkut käyttäjät tutkivat vaihtoehtoja, kuten Babelfish, kustannusten vähentämiseksi.
    • +
+

Googlen OAuth-kirjautuminen ei suojaa epäonnistuneen startup-yrityksen verkkotunnuksen ostamiselta

+

Reaktiot

+
    +
  • Keskustelu tuo esiin haavoittuvuuden Googlen OAuth-kirjautumisjärjestelmässä, kun epäonnistuneen startup-yrityksen verkkotunnus hankitaan uuden omistajan toimesta, mikä voi mahdollisesti sallia luvattoman pääsyn palveluihin.
    • +
  • Tämä ongelma syntyy, koska Google ei välttämättä erota alkuperäisiä ja uusia verkkotunnuksen omistajia toisistaan, mikä vaikuttaa kaikkiin järjestelmiin, jotka käyttävät verkkotunnuspohjaista todennusta.
    • +
  • Yksi ehdotettu ratkaisu on käyttää yksilöllisiä tunnisteita, jotka pysyvät muuttumattomina ajan myötä, vaikka tämän ratkaisun toteutus vaihtelee eri identiteetin tarjoajien kesken.
    • +
+

Koodausosaamisen hyödyntäminen passiivisen tulon hankkimiseen

+
    +
  • Kirjoittaja siirtyi teknologiajohtajan roolista yksinyrittäjäksi ja ansaitsi menestyksekkäästi enemmän ohjelmistotuotteiden portfoliollaan.
    • +
  • Keskeisiin strategioihin kuuluu keskittyminen syvälliseen työskentelyyn, aloittaminen pienistä projekteista, nopea iterointi ja ajan omistaminen markkinointiponnisteluille.
    • +
  • Matka korostaa epävarmuuksien vuoksi resilienssiä, mutta tuo esiin tämän urapolun vertaansa vailla olevan autonomian ja vapauden, kannustaen koodaustaitoisia harkitsemaan sitä passiivisen tulon lähteenä.
    • +
+

Reaktiot

+
    +
  • Eräs käyttäjä kuvaili passiivisen tulon hankkimista SEO-spam-sivustojen kautta käyttämällä vanhentuvia verkkotunnuksia, ansaiten noin 30 000 dollaria vuodessa, huolimatta eettisistä huolenaiheista ja Googlen lopulta tapahtuvasta tiukennuksesta.
    • +
  • Julkaisu herätti keskustelua passiivisista tuloista, ja jotkut käyttäjät väittivät, että se muistuttaa enemmän yrityksen pyörittämistä kuin todellisia passiivisia ansioita.
    • +
  • Osallistujat jakoivat kokemuksia ja haasteita sivuprojekteissa, korostaen ajan, sitkeyden ja strategisen suunnittelun merkitystä.
    • +
+

Espanja ehdottaa 100 % veroa EU:n ulkopuolisten asukkien ostamille asunnoille

+
    +
  • Espanja harkitsee 100 % veroa kiinteistöhankinnoille, jotka tehdään EU:n ulkopuolisilta asukkailta, pyrkien ratkaisemaan asuntokriisiä ja hillitsemään spekulatiivista ostamista.
    • +
  • Pääministeri Pedro Sánchezin ehdotus sisältää sosiaalisen asuntotuotannon laajentamisen ja turistivuokrausten sääntelyn, jotta voitaisiin puuttua asuntohintojen ja tulojen väliseen epätasapainoon.
    • +
  • Ehdotuksen tulevaisuus lakina on epävarma, ja jotkut analyytikot pitävät sitä pikemminkin ulkomaisten sijoittajien pelotteena kuin taattuna lainsäädännöllisenä muutoksena.
    • +
+

Reaktiot

+
    +
  • Espanja harkitsee 100 % veroa EU:n ulkopuolisten asukkaiden ostamille asunnoille ratkaistakseen asuntojen kohtuuhintaisuuteen liittyviä ongelmia. - Kriitikot väittävät, että ulkomaiset ostajat eivät ole asuntojen korkeiden hintojen ensisijainen syy, vaan hitaat byrokratiaprosessit ja kaavoituslait ovat merkittävämpiä tekijöitä. - Ehdotus on herättänyt keskustelua ulkomaisen omistuksen roolista asuntomarkkinoilla ja sen tehokkuudesta kohtuuhintaisuuskysymysten ratkaisemisessa.
    • +
+

Apple saa pian 'made in America' -sirut TSMC:n Arizonan tehtaasta

+
    +
  • Apple testaa TSMC:n Arizonan laitoksen prosessoreita, suunnitellen massatuotantoa ensimmäiselle vuosineljännekselle, ja saattaa näin tulla TSMC:n ensimmäiseksi Yhdysvaltain asiakkaaksi paikallisesti valmistetuille siruille. - Tämä aloite pyrkii vahvistamaan Yhdysvaltojen piiriomavaraisuutta, vähentäen riippuvuutta Taiwanista, joka on altis geopoliittisille ja luonnonriskeille. - TSMC:n Arizonan tehdas aikoo tuottaa edistyneitä 3nm ja 2nm siruja, ja pyrkii parantamaan paikallista rekrytointia sekä yhteistyötä Yhdysvaltain yliopistojen kanssa, vaikka pakkaaminen tapahtuukin aluksi Taiwanissa, kunnes Peorian laitos on toiminnassa.
    • +
+

Reaktiot

+
    +
  • Apple saa siruja TSMC:n Arizonan tehtaalta, mutta ne on lähetettävä takaisin Taiwaniin pakkausta varten Yhdysvaltojen riittämättömien tilojen vuoksi. - Yli 50 % Arizonan tehtaan työvoimasta on Taiwanista, mikä osoittaa puutteen Yhdysvaltojen STEM (tiede, teknologia, insinööritiede ja matematiikka) alalla. - CHIPS Act -aloite, jonka tavoitteena on parantaa Yhdysvaltojen puolijohdevalmistusta, kohtaa haasteita, kun "Made in America" -merkintää kyseenalaistetaan pakkausprosessin tapahtuessa Taiwanissa, ja suunnitelmissa on Yhdysvaltojen pakkauskapasiteetin kehittäminen vuoteen 2027 mennessä.
    • +
+

43 000 kuljettajaa vähemmän Manhattanin teillä ruuhkamaksujen käyttöönoton jälkeen

+
    +
  • Ruuhkamaksujen käyttöönoton jälkeen Manhattanille 60. kadun alapuolelle ajavien kuljettajien määrä väheni 7,5 %, mikä tarkoittaa 43 000 vähemmän kuljettajaa joka arkipäivä.
    • +
  • Liikenteen väheneminen on parantanut liikenteen sujuvuutta ja lisännyt bussien nopeuksia, ja joillakin pikabusseilla on ollut enemmän matkustajia.
    • +
  • Metropolitan Transportation Authority (MTA) käyttää tietullituloja, joiden arvioidaan olevan 500 miljoonaa dollaria vuosittain, liikenteen parannuksiin, huolimatta joistakin poliittisista vastustuksista.
    • +
+

Reaktiot

+
    +
  • Ruuhkamaksujen käyttöönotto Manhattanilla on johtanut 43 000 kuljettajan vähenemiseen, mikä on lisännyt bussien nopeuksia ja mahdollisesti parantanut hätätilanteisiin vastaamisaikoja.
    • +
  • Politiikan tarkoituksena on vähentää liikenneruuhkia ja parantaa ilmanlaatua, vaikka se onkin herättänyt keskustelua sen vaikutuksista pienituloisiin henkilöihin.
    • +
  • Kannattajat väittävät, että hyödyt sisältävät tehokkaamman joukkoliikenteen ja puhtaamman ilman, kun taas keskustelut jatkuvat näiden etujen tasapainottamisesta autoilijoiden tarpeiden kanssa.
    • +
+ + + + + +]]> + https://hn.cho.sh/fi/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

1993 Volvo, jossa on itseajava Open Pilot -järjestelmä

-
    -
  • Ryhmä ystäviä osallistui Carbage Run 2025 talviversioon, kuuden päivän ralliin Ruotsin halki napapiirille ja takaisin Helsinkiin, jossa autojen tuli olla vähintään 20 vuotta vanhoja ja arvoltaan alle 1000 €.
    • -
  • He muuttivat vuoden 1993 Volvo 940 Estate -auton itseajavaksi ajoneuvoksi käyttämällä comma.ai:n openpilot-järjestelmää, ja lisäsivät siihen moderneja komponentteja, kuten sähköisen ohjaustehostimen, Bosch iBoosterin ja Teslan tutkasensorin.
    • -
  • Tulevat päivitykset sisältävät tietoja johdotuksesta, räätälöidystä moottorinohjausyksiköstä (ECU) ja suunnitelmista avata koodi avoimeen lähdekoodiin, mikä korostaa projektin innovatiivista lähestymistapaa vanhempien ajoneuvojen varustamiseen autonomisella teknologialla.
    • -
-

Reaktiot

-
    -
  • Vuoden 1993 Volvo 940 varustettiin OpenPilotilla, itseajavalla teknologialla, mikä korostaa klassisen autodesignin ja modernin teknologian yhdistymistä.
    • -
  • Projekti kohtasi haasteita, mukaan lukien jarru- ja ohjausjärjestelmien päivittäminen, mikä herätti oikeudellisia ja turvallisuushuolia, erityisesti tee-se-itse-muutosten, kuten ohjausakselin hitsaamisen, yhteydessä.
    • -
  • Keskustelu laajeni Euroopan autolainsäädäntöihin, hotrodien vähenemiseen Yhdysvalloissa ja kulttuurieroihin autojen muokkausvapaudessa, ja projektia pidettiin inspiroivana tee-se-itse-ponnistuksena turvallisuushuolista huolimatta.
    • -
-

VoxelSpace: Maaston renderöintialgoritmi alle 20 koodirivillä (2020)

-
    -
  • NovaLogicin vuoden 1992 peli Comanche käytti Voxel Space -moottoria, 2.5D-renderöintitekniikkaa, joka perustui säteiden heijastukseen, luodakseen yksityiskohtaisia maastoja varjostuksilla ja varjoilla.
    • -
  • Voxel Space -moottori käytti korkeus- ja värikarttoja sekä yksinkertaista renderöintialgoritmia, joka piirsi pystysuoria viivoja takaa eteen, mikä voitiin optimoida suorituskyvyn parantamiseksi.
    • -
  • Moottorin koodi on saatavilla MIT-lisenssin alaisena, mutta teknologia saattaa silti olla patentoitu tietyillä alueilla.
    • -
-

Reaktiot

-
    -
  • VoxelSpace on maaston renderöintialgoritmi, joka on tunnettu yksinkertaisuudestaan, sillä se vaatii alle 20 koodiriviä, ja herättää nostalgiaa innovatiivisesta pelikehityksestä laitteistorajoitteisina aikoina.
    • -
  • Modernit AAA-pelit keskittyvät monimutkaisiin optimointeihin ja markkinatrendeihin, usein alkuperäisyyden kustannuksella, kun taas indie-pelit ja alustat kuten PICO-8 tarjoavat enemmän luovaa vapautta.
    • -
  • Huolimatta teknologisista edistysaskelista, jotkut kehittäjät ja pelaajat kokevat, että vanhempien pelien "taika" puuttuu, vaikka innovatiiviset projektit, kuten vokselirenderöinti, jatkavat luovuuden inspiroimista.
    • -
-

Kuinka piirtää ääriviiva videopelissä

-
    -
  • Artikkeli käsittelee viittä tekniikkaa ääriviivojen renderöimiseksi Unityssä, suositussa pelinkehitysalustassa, korostaen niiden käyttöä peleissä kuten Sable ja The Last of Us. - Tekniikoihin kuuluvat Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm ja Edge Detection, joista jokaisella on omat ainutlaatuiset etunsa ja kompromissinsa suorituskyvyn ja visuaalisen laadun suhteen. - Artikkeli tarjoaa näkemyksiä näiden menetelmien tasapainottamisesta optimaalisen pelin estetiikan ja pelitukien saavuttamiseksi, sisältäen lisäresursseja ja kiitokset 3D-malleista.
    • -
-

Reaktiot

-
    -
  • Artikkeli tutkii edistyneitä tekniikoita ääriviivojen piirtämiseen videopeleissä, korostaen Jump Flood -algoritmin (JFA) ja allekirjoitettujen etäisyyskenttien (SDF) tehokkuutta perinteisiin menetelmiin verrattuna. - Se syventyy tyyliteltyihin 3D-grafiikoihin, käsitellen renderöintitekniikoita ja mahdollisuutta käyttää neuroverkkoja valaistuksessa ja tyylittelyssä. - Avustajat tarjoavat näkemyksiä cel shadingin historiallisesta kehityksestä peleissä, kuten Jet Set Radio, korostaen teknologian ja taiteen kehittyvää leikkauspistettä 3D-grafiikassa.
    • -
-

Jätän Washington Postin

-

Reaktiot

-
    -
  • Kirjoittaja jättää Washington Postin, koska se ei ole onnistunut sopeutumaan muuttuvaan mediaympäristöön ja sen tapa esittää asioita on heidän mielestään tehoton kriittisissä aiheissa, kuten demokratiassa.
    • -
  • Perinteinen media, erityisesti paikallislehdet, kamppailee taloudellisesti, mikä johtaa puolueelliseen raportointiin ja yleisön luottamuksen heikkenemiseen, kun taas sosiaalinen media ei voi korvata journalismin perusteellista työtä.
    • -
  • Huolenaiheita herättää varakkaiden henkilöiden, kuten Jeff Bezosin, vaikutusvalta tiedotusvälineisiin sekä yritysetujen vaikutus median rooliin vallanpitäjien vastuullisuuden valvojana.
    • -
-

Perplexity sai mainoksia

-

Reaktiot

-
    -
  • Perplexity on ottanut käyttöön mainoksia, mikä on johtanut keskusteluihin mainosten väistämättömyydestä verkkopalveluissa, koska kuluttajat eivät halua maksaa mainoksettomista kokemuksista. - Jotkut käyttäjät pitävät mainoksia tunkeilevina ja suosivat tilauspohjaisia palveluita, kuten Kagi, jotka tarjoavat mainoksetonta hakua, kun taas toiset valitsevat edelleen ilmaisia, mainoksilla tuettuja vaihtoehtoja. - Tämä tilanne korostaa jatkuvaa keskustelua mainoksilla tuettujen ja tilauspohjaisten mallien välillä digitaalisissa palveluissa.
    • -
- - - - - -]]> - https://hn.cho.sh/fi/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/fr.xml b/static/rss/newsletter/fr.xml index fde54763e..06ffb8a2e 100644 --- a/static/rss/newsletter/fr.xml +++ b/static/rss/newsletter/fr.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

Un chercheur en sécurité de Snyk déploie des paquets NPM malveillants ciblant cursor.com

+
    +
  • Un chercheur en sécurité de Snyk a publié des paquets NPM malveillants ciblant Cursor.com, une entreprise de codage IA, pour collecter des données système et les envoyer à un service contrôlé par un attaquant.
    • +
  • Les paquets, identifiés comme "cursor-retrieval", "cursor-always-local" et "cursor-shadow-workspace", ont été signalés par le scanner d'analyse de paquets OpenSSF, entraînant les avis MAL-2025-27, MAL-2025-28 et MAL-2025-29.
    • +
  • Cet incident souligne l'importance de scruter les paquets NPM avant l'installation pour éviter les menaces potentielles à la sécurité.
    • +
+

Réactions

+
    +
  • Un chercheur en sécurité de Snyk a publié des paquets NPM (Node Package Manager) malveillants ciblant cursor.com, mettant en évidence des vulnérabilités de confusion de dépendance. - L'incident a déclenché un débat sur l'éthique de la recherche en sécurité, notamment en ce qui concerne l'exposition publique des variables d'environnement. - Cursor.com a précisé qu'ils n'avaient pas autorisé cette action, et Snyk s'est depuis excusé, soulignant les défis de l'équilibre entre la recherche en sécurité offensive et les normes éthiques.
    • +
+

Je suis passé à Firefox et je n'ai jamais regretté.

+
    +
  • Firefox est salué pour sa gestion supérieure des onglets, sa fonctionnalité Pocket intégrée pour enregistrer des liens, et son relais de messagerie axé sur la confidentialité, en faisant une alternative solide à Chrome. - Des fonctionnalités supplémentaires comme un outil de capture d'écran convivial, un bouton ChatGPT, le mode Picture-in-Picture, des options de recherche personnalisables, et un défilement fluide améliorent l'expérience de navigation. - Bien que Firefox manque de la fonctionnalité d'application web de Chrome, sa conception réfléchie et ses exigences réduites en ressources en font un choix préféré pour certains utilisateurs.
    • +
+

Réactions

+
    +
  • Les utilisateurs de Firefox sont confrontés à des défis de la part de plateformes comme YouTube, qui peuvent intentionnellement dégrader l'expérience pour les navigateurs non-Google ou les utilisateurs employant des bloqueurs de publicités. - Cette tendance soulève des préoccupations concernant l'autonomie des utilisateurs, car elle pénalise ceux qui optent pour une expérience web sans publicité et sans surveillance. - Firefox offre des fonctionnalités uniques, telles que les onglets conteneurs, qui améliorent la confidentialité et l'utilisabilité, en faisant un choix privilégié pour les utilisateurs cherchant à s'affranchir des navigateurs contrôlés par de grandes entreprises.
    • +
+

Le PDG de Sonos démissionne après le fiasco de la mise à jour de l'application

+

Réactions

+
    +
  • Le PDG de Sonos a démissionné suite à une mise à jour controversée de l'application qui obligeait les utilisateurs à remplacer des systèmes audio coûteux, provoquant l'insatisfaction des clients. - La mise à jour a introduit un système basé sur le cloud, s'éloignant du fiable Universal Plug and Play (UPnP), ce qui a entraîné des problèmes de connectivité et une complexité accrue. - Cette situation souligne le conflit entre les stratégies commerciales et le maintien de la confiance des clients, alors que le PDG passe à un rôle de conseiller avec un package de départ.
    • +
+

Dans le ventre de MrBeast

+

Réactions

+
    +
  • L'essai examine comment l'algorithme de YouTube influence la création de contenu, en utilisant MrBeast comme étude de cas, soulignant un passage vers un contenu axé sur l'engagement plutôt que sur le sens. - Il discute des implications plus larges pour la littératie médiatique et l'impact culturel des plateformes comme YouTube et TikTok, suggérant une tendance vers un contenu superficiel et réactionnaire. - Diverses perspectives sont considérées sur le rôle des algorithmes dans la formation du contenu et l'influence des créateurs populaires sur les normes culturelles.
    • +
+

Les opérations Git sur GitHub sont en panne

+
    +
  • GitHub a connu une panne des opérations Git le 13 janvier 2025, en raison d'un changement de configuration affectant l'équilibreur de charge interne, qui a duré de 23h35 à 00h24 UTC. - Le problème a été résolu en annulant le changement de configuration, et GitHub travaille à améliorer les processus de surveillance et de déploiement pour éviter des incidents similaires. - La panne a également affecté les services Actions et Pages de GitHub, soulignant la nature interconnectée de leurs services de plateforme.
    • +
+

Réactions

+
    +
  • GitHub a connu une panne majeure affectant les opérations git, ce qui a conduit à la confusion parmi les développeurs qui ont d'abord suspecté des problèmes avec leurs clés SSH ou leurs configurations locales. - L'incident a souligné les défis liés à la dépendance aux services centralisés, suscitant des discussions sur les avantages de l'auto-hébergement et des systèmes décentralisés. - Bien que le problème ait été résolu, il a mis en lumière des préoccupations concernant la fiabilité de GitHub et les risques de dépendre de plateformes tierces pour des tâches essentielles.
    • +
+

ZFS 2.3 publié avec l'expansion ZFS raidz

+
    +
  • OpenZFS 2.3.0 a été publié, introduisant des fonctionnalités significatives telles que l'expansion RAIDZ, la déduplication rapide, l'entrée/sortie directe, la sortie JSON et la prise en charge des noms de fichiers longs. - La version inclut des corrections de bugs essentielles et des améliorations de performance, compatible avec les noyaux Linux 4.18 - 6.12 et les versions FreeBSD 13.3, 14.0 - 14.2. - La mise à jour est le fruit d'un effort collaboratif de 134 contributeurs, avec une documentation complète et un journal des modifications disponibles pour consultation.
    • +
+

Réactions

+
    +
  • ZFS 2.3 a été publié, introduisant des fonctionnalités telles que l'expansion RAIDZ, la déduplication rapide, l'IO direct, la sortie JSON et la prise en charge des noms de fichiers longs. - L'expansion RAIDZ est particulièrement remarquable car elle permet aux utilisateurs d'ajouter de nouveaux dispositifs à un pool RAIDZ existant sans temps d'arrêt, augmentant ainsi la capacité de stockage. - La version est considérée comme une avancée significative pour les utilisateurs de ZFS, établissant des comparaisons avec d'autres systèmes de fichiers comme Btrfs et Windows Storage Spaces, malgré certaines limitations comme l'incapacité de réduire les pools.
    • +
+

Webtop – Conteneurs Alpine, Ubuntu, Fedora et Arch contenant des environnements de bureau complets

+
    +
  • Linuxserver/webtop propose des conteneurs basés sur Alpine, Ubuntu, Fedora et Arch avec des environnements de bureau complets accessibles via des navigateurs web, prenant en charge les architectures x86-64 et arm64.
    • +
  • Les utilisateurs peuvent choisir parmi divers environnements de bureau tels que XFCE, KDE, MATE, i3, Openbox et IceWM en utilisant des balises d'image spécifiques, et accéder au Webtop via des URL désignées.
    • +
  • Les fonctionnalités de sécurité incluent l'option seccomp de Docker et la configuration d'authentification, avec des options de personnalisation disponibles via des variables d'environnement, ainsi que la prise en charge de l'accélération GPU avec des pilotes open-source.
    • +
+

Réactions

+
    +
  • Webtop fournit des conteneurs avec des environnements de bureau complets pour Alpine, Ubuntu, Fedora et Arch, adaptés pour des configurations rapides derrière un VPN.
    • +
  • Les utilisateurs louent Webtop pour sa rapidité et sa facilité d'utilisation, en particulier lorsqu'il est utilisé avec le conteneur Gluetun pour des connexions sécurisées, mais mettent en garde contre l'exposition des conteneurs à Internet sans mesures de sécurité en raison de l'absence d'authentification par défaut.
    • +
  • Le projet est apprécié pour être open-source et flexible, avec des utilisateurs partageant des configurations, et des alternatives comme Kasm et Selkies sont notées pour des objectifs similaires.
    • +
+

1 offre d'emploi en ligne sur 5 est soit fausse, soit jamais pourvue, selon une étude

+
    +
  • Une étude récente indique que 20 % des offres d'emploi en ligne sont soit fausses, soit restent non pourvues, ce qui ajoute à la frustration des chercheurs d'emploi. - Cette tendance des "emplois fantômes" pourrait être une tactique pour les entreprises de projeter une image de croissance. - Des plateformes d'emploi telles que Greenhouse et LinkedIn ont introduit des services de vérification des offres d'emploi pour aider les utilisateurs à identifier les opportunités d'emploi authentiques.
    • +
+

Réactions

+
    +
  • Une étude révèle que 20 % des offres d'emploi en ligne sont soit fausses, soit restent non pourvues, souvent parce que les entreprises doivent se conformer aux politiques d'immigration des États-Unis. - Les entreprises peuvent également laisser des offres d'emploi en ligne pour trouver des candidats idéaux, modifier les exigences ou avoir des candidats internes pré-sélectionnés. - Le marché du travail est difficile pour les candidats, qui rencontrent fréquemment des disparitions et des rejets automatisés, ce qui incite à demander une intervention réglementaire.
    • +
+

Rendre une intersection dangereuse pour les piétons afin de gagner quelques secondes pour les conducteurs

+

Réactions

+
    +
  • Le débat porte sur la question de savoir si les intersections doivent privilégier la sécurité des piétons ou l'efficacité des conducteurs, certains préférant les intersections contrôlées par des feux et les carrefours piétons aux arrêts à 4 voies.
    • +
  • Les opinions divergent sur les lois de la circulation et la conception des infrastructures, avec des discussions sur la sécurité du passage piéton en dehors des clous et les risques associés aux virages à droite au feu rouge.
    • +
  • Certains préconisent des solutions alternatives comme les ronds-points ou l'adoption des normes d'ingénierie de la circulation néerlandaises pour améliorer à la fois la sécurité et l'efficacité.
    • +
+

PostgreSQL est le système de gestion de base de données de l'année 2024

+
    +
  • PostgreSQL a été désigné SGBD de l'année 2024 par DB-Engines, obtenant cette reconnaissance pour la cinquième fois, surpassant 423 autres systèmes de gestion de bases de données.
    • +
  • PostgreSQL, avec une histoire s'étendant sur près de 35 ans, continue d'innover, comme en témoignent les récentes améliorations de PostgreSQL 17, sorti en septembre 2024.
    • +
  • Snowflake et Microsoft ont respectivement obtenu les deuxième et troisième places, Snowflake étant reconnu pour son entrepôt de données basé sur le cloud et son support multi-cloud, tandis que Microsoft propose des bases de données relationnelles gérées robustes via Azure SQL Database et SQL Server.
    • +
+

Réactions

+
    +
  • PostgreSQL a été désigné Système de Gestion de Base de Données de l'année 2024 par db-engines.com, soulignant sa popularité croissante et sa reconnaissance dans l'industrie.
    • +
  • Les utilisateurs envisagent de passer de Microsoft SQL Server à PostgreSQL en raison des coûts de licence élevés et des limitations de ressources, malgré les défis potentiels de migration.
    • +
  • PostgreSQL est prisé pour ses fonctionnalités robustes et son rapport coût-efficacité, ce qui en fait un choix privilégié pour les projets futurs, bien que certains utilisateurs explorent des alternatives comme Babelfish pour réduire les coûts.
    • +
+

Le système de connexion OAuth de Google ne protège pas contre l'achat d'un domaine d'une startup échouée.

+

Réactions

+
    +
  • Le débat met en lumière une vulnérabilité dans le système de connexion OAuth de Google lorsqu'un domaine d'une startup échouée est acquis par un nouveau propriétaire, ce qui pourrait potentiellement permettre un accès non autorisé aux services.
    • +
  • Ce problème survient parce que Google peut ne pas faire la distinction entre les propriétaires de domaine d'origine et les nouveaux, ce qui affecte tout système utilisant l'authentification basée sur le domaine.
    • +
  • Une solution proposée consiste à utiliser des identifiants uniques qui restent constants dans le temps, bien que la mise en œuvre de cette solution varie selon les fournisseurs d'identité.
    • +
+

Utiliser des compétences en codage pour générer des revenus passifs

+
    +
  • L'auteur est passé d'un rôle de CTO à celui de solopreneur, réussissant à gagner plus grâce à un portefeuille de produits logiciels.
    • +
  • Les stratégies clés incluent la concentration sur un travail en profondeur, le démarrage avec de petits projets, l'itération rapide et la dédication de temps aux efforts de marketing.
    • +
  • Le voyage met l'accent sur la résilience face aux incertitudes, mais souligne l'autonomie et la liberté inégalées de cette voie professionnelle, encourageant ceux qui possèdent des compétences en codage à la considérer pour un revenu passif.
    • +
+

Réactions

+
    +
  • Un utilisateur a décrit la génération de revenus passifs grâce à des sites web de spam SEO utilisant des noms de domaine expirants, gagnant environ 30 000 $ par an, malgré des préoccupations éthiques et la répression éventuelle de Google.
    • +
  • Le message a suscité un débat sur le revenu passif, certains utilisateurs soutenant qu'il s'apparente davantage à la gestion d'une entreprise qu'à des gains véritablement passifs.
    • +
  • Les participants ont partagé des expériences et des défis dans des projets parallèles, soulignant l'importance du temps, de la résilience et de la planification stratégique.
    • +
+

Espagne propose une taxe de 100 % sur les maisons achetées par des résidents non-UE

+
    +
  • Espagne envisage une taxe de 100 % sur les achats immobiliers par des résidents non-UE, visant à résoudre la crise du logement et à freiner les achats spéculatifs.
    • +
  • Le projet du Premier ministre Pedro Sánchez comprend l'expansion du logement social et la régulation des locations touristiques pour s'attaquer à la disparité entre les prix du logement et les revenus.
    • +
  • Le futur de la proposition en tant que loi est incertain, certains analystes la considérant comme un frein pour les investisseurs étrangers plutôt qu'un changement législatif garanti.
    • +
+

Réactions

+
    +
  • Espagne envisage une taxe de 100 % sur les maisons achetées par des résidents non-UE pour résoudre les problèmes d'accessibilité au logement. - Les critiques suggèrent que les acheteurs étrangers ne sont pas la principale cause des prix élevés de l'immobilier, citant la lenteur de la bureaucratie et les lois de zonage comme des facteurs plus significatifs. - La proposition a déclenché un débat sur le rôle de la propriété étrangère dans les marchés immobiliers et son efficacité à résoudre les problèmes d'accessibilité.
    • +
+

Apple recevra bientôt des puces 'fabriquées en Amérique' de l'usine de TSMC en Arizona

+
    +
  • Apple teste des processeurs provenant de l'usine de TSMC en Arizona, avec des plans pour une production de masse d'ici le premier trimestre, devenant potentiellement le premier client américain de TSMC pour des puces fabriquées localement. - Cette initiative vise à renforcer l'indépendance en silicium des États-Unis, réduisant la dépendance vis-à-vis de Taïwan, qui est vulnérable aux risques géopolitiques et naturels. - L'usine de TSMC en Arizona est prête à produire des puces avancées de 3 nm et 2 nm, avec des efforts continus pour améliorer le recrutement local et les partenariats avec les universités américaines, bien que l'emballage se fasse initialement à Taïwan jusqu'à ce que l'installation de Peoria soit opérationnelle.
    • +
+

Réactions

+
    +
  • Apple recevra des puces de l'usine de TSMC en Arizona, mais elles doivent être renvoyées à Taïwan pour l'emballage en raison de l'insuffisance des installations aux États-Unis. - Plus de 50 % de la main-d'œuvre de l'usine de l'Arizona provient de Taïwan, ce qui indique un écart dans le domaine STEM (Science, Technologie, Ingénierie et Mathématiques) aux États-Unis. - L'initiative du CHIPS Act, visant à améliorer la fabrication de semi-conducteurs aux États-Unis, fait face à des défis alors que le label "Made in America" est remis en question en raison du processus d'emballage se déroulant à Taïwan, avec des plans pour des capacités d'emballage aux États-Unis d'ici 2027.
    • +
+

43 000 conducteurs de moins sur les routes de Manhattan après l'activation du péage de congestion

+
    +
  • Après la mise en œuvre de la tarification de congestion, il y a eu une réduction de 7,5 % du nombre de conducteurs entrant à Manhattan au-dessous de la 60e rue, ce qui équivaut à 43 000 conducteurs de moins chaque jour de semaine.
    • +
  • La réduction du trafic a amélioré la fluidité de la circulation et augmenté la vitesse des bus, certains bus express connaissant une augmentation du nombre de passagers.
    • +
  • Le Metropolitan Transportation Authority (MTA) utilise les recettes des péages, estimées à 500 millions de dollars par an, pour des améliorations du transport en commun, malgré une certaine opposition politique.
    • +
+

Réactions

+
    +
  • La mise en œuvre de la tarification de la congestion à Manhattan a entraîné 43 000 conducteurs de moins, ce qui a conduit à une augmentation de la vitesse des bus et potentiellement à de meilleurs temps de réponse des services d'urgence.
    • +
  • Cette politique est conçue pour réduire la congestion du trafic et améliorer la qualité de l'air, bien qu'elle ait suscité un débat sur son impact sur les personnes à faible revenu.
    • +
  • Les partisans soutiennent que les avantages incluent un transport en commun plus efficace et un air plus pur, tandis que les discussions se poursuivent sur l'équilibre entre ces avantages et les besoins des conducteurs.
    • +
+ + + + + +]]> + https://hn.cho.sh/fr/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Volvo 1993 autonome avec pilote ouvert

-
    -
  • Un groupe d'amis a participé à l'édition hivernale 2025 du Carbage Run, un rallye de 6 jours à travers la Suède jusqu'au cercle polaire et retour à Helsinki, nécessitant des voitures d'au moins 20 ans et d'une valeur inférieure à 1000 €.
    • -
  • Ils ont transformé une Volvo 940 Estate de 1993 en un véhicule autonome en utilisant openpilot de comma.ai, en incorporant des composants modernes tels que la direction assistée électrique, un iBooster Bosch et un capteur radar Tesla.
    • -
  • Les mises à jour futures incluront des détails sur le câblage, une unité de contrôle moteur (ECU) personnalisée, et des plans pour rendre le code open-source, mettant en avant l'approche innovante du projet pour équiper les anciens véhicules de technologie autonome.
    • -
-

Réactions

-
    -
  • Une Volvo 940 de 1993 a été équipée d'OpenPilot, une technologie de conduite autonome, mettant en lumière l'intersection entre le design classique des voitures et la technologie moderne.
    • -
  • Le projet a rencontré des défis, notamment la mise à jour des systèmes de freinage et de direction, soulevant des préoccupations juridiques et de sécurité, en particulier avec des modifications faites maison comme le soudage de la colonne de direction.
    • -
  • Les discussions se sont étendues aux réglementations automobiles en Europe, au déclin des hotrods aux États-Unis et aux différences culturelles en matière de libertés de modification automobile, le projet étant considéré comme un effort DIY inspirant malgré les préoccupations de sécurité.
    • -
-

VoxelSpace : Algorithme de rendu de terrain en moins de 20 lignes de code (2020)

-
    -
  • Le jeu Comanche de NovaLogic, sorti en 1992, utilisait le moteur Voxel Space, une technique de rendu 2.5D basée sur le lancer de rayons, pour créer des terrains détaillés avec des ombrages et des ombres.
    • -
  • Le moteur Voxel Space utilisait des cartes de hauteur et de couleur ainsi qu'un algorithme de rendu simple, traçant des lignes verticales de l'arrière vers l'avant, ce qui pouvait être optimisé pour la performance.
    • -
  • Le code du moteur est disponible sous la licence MIT, mais la technologie peut encore être brevetée dans certaines régions.
    • -
-

Réactions

-
    -
  • VoxelSpace est un algorithme de rendu de terrain remarquable par sa simplicité, nécessitant moins de 20 lignes de code, et évoque la nostalgie du développement de jeux innovants durant les époques où le matériel était limité.
    • -
  • Les jeux AAA modernes se concentrent sur des optimisations complexes et des tendances du marché, souvent au détriment de l'originalité, tandis que les jeux indépendants et les plateformes comme PICO-8 offrent plus de liberté créative.
    • -
  • Malgré les avancées technologiques, certains développeurs et joueurs estiment que la "magie" des anciens jeux manque, bien que des projets innovants comme le rendu voxel continuent d'inspirer la créativité.
    • -
-

Comment dessiner un contour dans un jeu vidéo

-
    -
  • L'article discute de cinq techniques pour rendre les contours dans Unity, une plateforme de développement de jeux populaire, en soulignant leur utilisation dans des jeux comme Sable et The Last of Us. - Les techniques incluent les effets de bord, l'extrusion de vertex, le tampon flou, l'algorithme de saut de crue et la détection de bord, chacune avec des avantages uniques et des compromis en termes de performance et de qualité visuelle. - L'article fournit des informations sur l'équilibre de ces méthodes pour une esthétique de jeu optimale et un soutien au gameplay, avec des ressources supplémentaires et des crédits pour les modèles 3D inclus.
    • -
-

Réactions

-
    -
  • L'article explore des techniques avancées pour dessiner des contours dans les jeux vidéo, en mettant l'accent sur l'efficacité de l'algorithme Jump Flood (JFA) et des champs de distance signés (SDF) par rapport aux méthodes traditionnelles. - Il se penche sur les graphismes 3D stylisés, discutant des techniques de rendu et de l'utilisation potentielle des réseaux neuronaux pour l'éclairage et le style. - Les contributeurs fournissent des perspectives sur le développement historique du cel shading dans les jeux, tels que Jet Set Radio, soulignant l'intersection évolutive de la technologie et de l'art dans les graphismes 3D.
    • -
-

Je quitte le Washington Post

-

Réactions

-
    -
  • L'auteur quitte le Washington Post en raison de son incapacité à s'adapter au paysage médiatique en évolution et de son approche de la présentation des problèmes, qu'il juge inefficace pour des sujets critiques comme la démocratie.
    • -
  • Les médias traditionnels, en particulier les journaux locaux, rencontrent des difficultés financières, ce qui entraîne un reportage biaisé et une baisse de la confiance du public, tandis que les réseaux sociaux ne peuvent pas remplacer le travail rigoureux du journalisme.
    • -
  • Des préoccupations sont soulevées concernant l'influence de personnes fortunées, telles que Jeff Bezos, sur les médias, et l'impact des intérêts des entreprises sur le rôle des médias dans la responsabilisation du pouvoir.
    • -
-

Perplexity a des publicités

-

Réactions

-
    -
  • Perplexity a introduit des publicités, ce qui a conduit à des discussions sur l'inévitabilité des publicités dans les services en ligne en raison de la réticence des consommateurs à payer pour des expériences sans publicité. - Certains utilisateurs trouvent les publicités intrusives et préfèrent les services par abonnement comme Kagi, qui offrent une recherche sans publicité, tandis que d'autres continuent de choisir des options gratuites soutenues par la publicité. - Cette situation souligne le débat en cours entre les modèles soutenus par la publicité et ceux basés sur l'abonnement dans les services numériques.
    • -
- - - - - -]]> - https://hn.cho.sh/fr/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/he.xml b/static/rss/newsletter/he.xml index ad206eec7..eb3f18ccc 100644 --- a/static/rss/newsletter/he.xml +++ b/static/rss/newsletter/he.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

חוקר אבטחה של Snyk מפרסם חבילות NPM זדוניות המכוונות ל-cursor.com

+
    +
  • חוקר אבטחה של Snyk שחרר חבילות NPM זדוניות המכוונות ל-Cursor.com, חברת קידוד מבוססת בינה מלאכותית, כדי לאסוף נתוני מערכת ולשלוח אותם לשירות בשליטת תוקף.
    • +
  • החבילות, שזוהו כ-"cursor-retrieval", "cursor-always-local", ו-"cursor-shadow-workspace", סומנו על ידי סורק ניתוח החבילות של OpenSSF, מה שהוביל להמלצות MAL-2025-27, MAL-2025-28, ו-MAL-2025-29.
    • +
  • תקלה זו מדגישה את החשיבות של בדיקת חבילות NPM לפני ההתקנה כדי להימנע מאיומי אבטחה פוטנציאליים.
    • +
+

תגובות

+
    +
  • חוקר אבטחה של Snyk שחרר חבילות NPM (מנהל חבילות Node) זדוניות המכוונות ל-cursor.com, והדגיש פגיעויות של בלבול תלות. - האירוע עורר דיון על האתיקה של מחקר אבטחה, במיוחד בנוגע לחשיפה ציבורית של משתני סביבה. - cursor.com הבהירו שהם לא אישרו את הפעולה, ו-Snyk התנצל מאז, מה שמדגיש את האתגרים באיזון בין מחקר אבטחה התקפי לסטנדרטים אתיים.
    • +
+

עברתי לפיירפוקס ולעולם לא הבטתי לאחור

+
    +
  • פיירפוקס זוכה לשבחים על ניהול הלשוניות המעולה שלו, תכונת Pocket המובנית לשמירת קישורים, ושירות דואר אלקטרוני ממוקד פרטיות, מה שהופך אותו לחלופה חזקה לכרום. - תכונות נוספות כמו כלי צילום מסך ידידותי למשתמש, כפתור ChatGPT, תמונה בתוך תמונה, אפשרויות חיפוש מותאמות אישית וגלילה חלקה משפרות את חוויית הגלישה. - למרות שפיירפוקס חסר את תכונת האפליקציות האינטרנטיות של כרום, העיצוב המחושב שלו והדרישות המופחתות למשאבים הופכים אותו לבחירה מועדפת עבור חלק מהמשתמשים.
    • +
+

תגובות

+
    +
  • משתמשי פיירפוקס מתמודדים עם אתגרים מפלטפורמות כמו יוטיוב, שעשויות להרע בכוונה את החוויה עבור דפדפנים שאינם של גוגל או משתמשים המשתמשים בחוסמי פרסומות. מגמה זו מעוררת דאגות לגבי האוטונומיה של המשתמש, שכן היא מענישה את אלו הבוחרים בחוויית אינטרנט ללא פרסומות וללא מעקב. פיירפוקס מציעה תכונות ייחודיות, כמו כרטיסיות מכולה, המשפרות את הפרטיות והשימושיות, מה שהופך אותה לבחירה מועדפת עבור משתמשים המחפשים עצמאות מדפדפנים הנשלטים על ידי תאגידים גדולים.
    • +
+

מנכ"ל סונוס מתפטר לאחר תקרית עדכון האפליקציה

+

תגובות

+
    +
  • המנכ"ל של סונוס התפטר בעקבות עדכון אפליקציה שנוי במחלוקת שדרש מהמשתמשים להחליף מערכות קול יקרות, מה שגרם לאי שביעות רצון בקרב הלקוחות. - העדכון הציג מערכת מבוססת ענן, שהתרחקה מהמערכת האמינה Universal Plug and Play (UPnP), מה שהוביל לבעיות קישוריות והגברת המורכבות. - מצב זה מדגיש את הקונפליקט בין אסטרטגיות עסקיות לבין שמירה על אמון הלקוחות, כאשר המנכ"ל עובר לתפקיד ייעוץ עם חבילת פיצויים.
    • +
+

בבטנו של מרביסט

+

תגובות

+
    +
  • המאמר בוחן כיצד האלגוריתם של יוטיוב משפיע על יצירת תוכן, תוך שימוש במר ביסט כמקרה בוחן, ומדגיש מעבר לתוכן מונע מעורבות במקום תוכן משמעותי. - הוא דן בהשלכות הרחבות יותר על אוריינות מדיה וההשפעה התרבותית של פלטפורמות כמו יוטיוב וטיקטוק, ומציע מגמה לעבר תוכן שטחי ותגובתי. - נבחנות פרספקטיבות שונות על תפקידם של אלגוריתמים בעיצוב תוכן ועל השפעתם של יוצרים פופולריים על נורמות תרבותיות.
    • +
+

פעולות Git ב-GitHub מושבתות

+
    +
  • GitHub חוותה הפסקת פעילות של פעולות Git ב-13 בינואר 2025, עקב שינוי תצורה שהשפיע על מאזן העומסים הפנימי, שנמשך מ-23:35 עד 00:24 לפי זמן UTC. - הבעיה נפתרה על ידי החזרת שינוי התצורה, ו-GitHub עובדת על שיפור תהליכי הניטור והפריסה כדי למנוע תקריות דומות. - ההפסקה השפיעה גם על שירותי Actions ו-Pages של GitHub, מה שמדגיש את האופי המקושר של שירותי הפלטפורמה שלהם.
    • +
+

תגובות

+
    +
  • GitHub חוותה תקלה משמעותית שהשפיעה על פעולות git, מה שגרם לבלבול בקרב מפתחים שחשדו בתחילה בבעיות עם מפתחות ה-SSH שלהם או בהגדרות המקומיות. - האירוע הדגיש את האתגרים שבסמיכה על שירותים מרכזיים, והוביל לדיונים על היתרונות של אירוח עצמי ומערכות מבוזרות. - למרות שהבעיה נפתרה, היא הדגישה חששות לגבי האמינות של GitHub והסיכונים שבסמיכה על פלטפורמות צד שלישי למשימות חיוניות.
    • +
+

זמן שחרור ZFS 2.3 עם הרחבת ZFS raidz

+
    +
  • OpenZFS 2.3.0 שוחרר, ומציג תכונות משמעותיות כמו הרחבת RAIDZ, דה-דופליקציה מהירה, קלט/פלט ישיר, פלט JSON ותמיכה בשמות קבצים ארוכים. - השחרור כולל תיקוני באגים חיוניים ושיפורי ביצועים, תואם לליבות לינוקס 4.18 - 6.12 וגרסאות FreeBSD 13.3, 14.0 - 14.2. - העדכון הוא מאמץ שיתופי של 134 תורמים, עם תיעוד מקיף ורשימת שינויים זמינים לעיון.
    • +
+

תגובות

+
    +
  • זי.אף.אס 2.3 שוחרר, ומציג תכונות כמו הרחבת RAIDZ, דה-דופליקציה מהירה, קלט/פלט ישיר, פלט JSON ותמיכה בשמות קבצים ארוכים. - הרחבת RAIDZ היא במיוחד בולטת מכיוון שהיא מאפשרת למשתמשים להוסיף התקנים חדשים לבריכת RAIDZ קיימת ללא זמן השבתה, מה שמגביר את קיבולת האחסון. - השחרור נחשב להתקדמות משמעותית עבור משתמשי זי.אף.אס, ומושווה למערכות קבצים אחרות כמו Btrfs ו-Windows Storage Spaces, למרות מגבלות מסוימות כמו חוסר היכולת להקטין בריכות.
    • +
+

Webtop – מכולות של Alpine, Ubuntu, Fedora ו-Arch המכילות סביבות שולחן עבודה מלאות

+
    +
  • Linuxserver/webtop מספק מכולות המבוססות על Alpine, Ubuntu, Fedora ו-Arch עם סביבות שולחן עבודה מלאות הנגישות דרך דפדפני אינטרנט, ותומכות בארכיטקטורות x86-64 ו-arm64.
    • +
  • משתמשים יכולים לבחור מתוך סביבות שולחן עבודה שונות כמו XFCE, KDE, MATE, i3, Openbox, ו-IceWM על ידי שימוש בתגי תמונה ספציפיים, ולגשת ל-Webtop דרך כתובות URL ייעודיות.
    • +
  • מאפייני האבטחה כוללים את אפשרות ה-seccomp של Docker והגדרת אימות, עם אפשרויות התאמה אישית זמינות דרך משתני סביבה, ותמיכה בהאצת GPU עם מנהלי התקנים בקוד פתוח.
    • +
+

תגובות

+
    +
  • Webtop מספקת מכולות עם סביבות שולחן עבודה מלאות עבור Alpine, Ubuntu, Fedora ו-Arch, המתאימות להתקנות מהירות מאחורי VPN.
    • +
  • משתמשים משבחים את Webtop על מהירותו וקלות השימוש בו, במיוחד כאשר משתמשים בו עם מיכל Gluetun לחיבורים מאובטחים, אך מזהירים מפני חשיפת מיכלים לאינטרנט ללא אמצעי אבטחה בשל היעדר אימות ברירת מחדל.
    • +
  • הפרויקט מוערך על היותו קוד פתוח וגמיש, כאשר משתמשים משתפים תצורות, ואלטרנטיבות כמו Kasm ו-Selkies נחשבות למטרות דומות.
    • +
+

מחקר מגלה כי 1 מתוך 5 מודעות דרושים באינטרנט הן מזויפות או שלא מתמלאות לעולם

+
    +
  • מחקר עדכני מצביע על כך ש-20% מהמשרות המפורסמות באינטרנט הן או מזויפות או נשארות לא מאוישות, מה שמוסיף לתסכול של מחפשי העבודה. - מגמת "משרות רפאים" זו עשויה להיות טקטיקה של חברות להציג תדמית של צמיחה. - פלטפורמות עבודה כמו Greenhouse ו-LinkedIn הציגו שירותי אימות משרות כדי לסייע למשתמשים בזיהוי הזדמנויות עבודה אמיתיות.
    • +
+

תגובות

+
    +
  • מחקר מגלה כי 20% מהמשרות המפורסמות באינטרנט הן מזויפות או נשארות לא מאוישות, לעיתים קרובות בגלל שחברות צריכות לעמוד במדיניות ההגירה של ארה"ב. - חברות עשויות גם להשאיר משרות פנויות כדי למצוא מועמדים אידיאליים, לשנות דרישות, או שיש להן מועמדים פנימיים שנבחרו מראש. - שוק העבודה קשה למועמדים, אשר נתקלים לעיתים קרובות בהיעלמות תקשורת ודחיות אוטומטיות, מה שמעורר קריאות להתערבות רגולטורית.
    • +
+

להפוך צומת ללא בטוחה להולכי רגל כדי לחסוך שניות לנהגים

+

תגובות

+
    +
  • הדיון מתמקד בשאלה האם צמתים צריכים להעדיף את בטיחות הולכי הרגל או את יעילות הנהגים, כאשר יש המעדיפים צמתים עם רמזורים ומעברי חצייה מרובי כיוונים על פני צמתים עם עצירה בארבעה כיוונים.
    • +
  • יש דעות שונות לגבי חוקי התנועה ועיצוב התשתיות, עם דיונים על בטיחות חציית כביש שלא במעבר חציה והסיכונים הקשורים לפניות ימינה באור אדום.
    • +
  • ישנם כאלה שממליצים על פתרונות חלופיים כמו כיכרות או אימוץ תקני הנדסת תנועה הולנדיים כדי לשפר הן את הבטיחות והן את היעילות.
    • +
+

PostgreSQL היא מערכת ניהול מסדי הנתונים של השנה 2024

+
    +
  • PostgreSQL זכתה בתואר מערכת ניהול בסיסי נתונים של השנה 2024 על ידי DB-Engines, וזוהי הפעם החמישית שהיא זוכה בהכרה זו, כשהיא עוקפת 423 מערכות ניהול בסיסי נתונים אחרות.
    • +
  • PostgreSQL, עם היסטוריה המשתרעת על פני כמעט 35 שנים, ממשיך לחדש, כפי שניתן לראות בשיפורים האחרונים של PostgreSQL 17, ששוחרר בספטמבר 2024.
    • +
  • סנופלייק ומיקרוסופט תפסו את המקומות השני והשלישי, בהתאמה, כאשר סנופלייק נודעה בזכות מחסני הנתונים מבוססי הענן שלה ותמיכה בריבוי עננים, בעוד שמיקרוסופט מציעה מסדי נתונים יחסיים מנוהלים חזקים דרך Azure SQL Database ו-SQL Server.
    • +
+

תגובות

+
    +
  • PostgreSQL זכתה בתואר מערכת ניהול מסדי הנתונים של השנה 2024 על ידי db-engines.com, מה שמדגיש את הפופולריות וההכרה הגוברת שלה בתעשייה.
    • +
  • משתמשים שוקלים לעבור מ-Microsoft SQL Server ל-PostgreSQL בשל עלויות רישוי גבוהות ומגבלות משאבים, למרות אתגרי ההגירה הפוטנציאליים.
    • +
  • PostgreSQL מועדף בשל התכונות החזקות והעלות-תועלת שלו, מה שהופך אותו לבחירה מועדפת לפרויקטים עתידיים, אם כי חלק מהמשתמשים בוחנים חלופות כמו Babelfish כדי להפחית עלויות.
    • +
+

כניסת OAuth של גוגל לא מגנה מפני רכישת דומיין של סטארטאפ שנכשל

+

תגובות

+
    +
  • הדיון מדגיש פגיעות במערכת ההתחברות של OAuth של גוגל כאשר הדומיין של סטארטאפ שנכשל נרכש על ידי בעלים חדש, מה שעשוי לאפשר גישה לא מורשית לשירותים.
    • +
  • בעיה זו מתעוררת מכיוון שגוגל עשויה לא להבחין בין הבעלים המקוריים של הדומיין לבין הבעלים החדשים, מה שמשפיע על כל מערכת שמשתמשת באימות מבוסס דומיין.
    • +
  • פתרון מוצע הוא להשתמש במזהים ייחודיים שנשארים קבועים לאורך זמן, אם כי יישום הפתרון הזה משתנה בין ספקי הזהות.
    • +
+

להשתמש בכישורי תכנות כדי להרוויח הכנסה פסיבית

+
    +
  • המחבר עבר מתפקיד של CTO ליזם עצמאי, והצליח להרוויח יותר באמצעות פורטפוליו של מוצרי תוכנה.
    • +
  • אסטרטגיות מפתח כוללות התמקדות בעבודה מעמיקה, התחלה עם פרויקטים קטנים, חזרה מהירה והקדשת זמן למאמצי שיווק.
    • +
  • המסע מדגיש חוסן עקב אי ודאויות, אך מדגיש את האוטונומיה והחופש הבלתי משתווים של מסלול קריירה זה, ומעודד את אלו עם כישורי קידוד לשקול אותו כהכנסה פסיבית.
    • +
+

תגובות

+
    +
  • משתמש תיאר יצירת הכנסה פסיבית באמצעות אתרי ספאם של SEO תוך שימוש בשמות דומיין שפג תוקפם, והרוויח כ-30,000 דולר בשנה, למרות חששות אתיים והמאבק של גוגל בתופעה בסופו של דבר.
    • +
  • הפוסט עורר דיון על הכנסה פסיבית, כאשר חלק מהמשתמשים טוענים שזה דומה יותר לניהול עסק מאשר לרווחים פסיביים באמת.
    • +
  • משתתפים שיתפו חוויות ואתגרים בפרויקטים צדדיים, והדגישו את החשיבות של זמן, חוסן ותכנון אסטרטגי.
    • +
+

ספרד מציעה מס של 100% על בתים שנרכשים על ידי תושבים שאינם מהאיחוד האירופי

+
    +
  • ספרד שוקלת להטיל מס של 100% על רכישות נדל"ן על ידי תושבים שאינם מהאיחוד האירופי, במטרה להתמודד עם משבר הדיור ולרסן רכישות ספקולטיביות.
    • +
  • ראש הממשלה פדרו סאנצ'ס מציע להרחיב את הדיור הציבורי ולווסת את השכרת הדירות לתיירים כדי להתמודד עם הפער בין מחירי הדיור להכנסות.
    • +
  • העתיד של ההצעה כחוק אינו ודאי, כאשר חלק מהאנליסטים רואים בה כהרתעה למשקיעים זרים ולא כשינוי חקיקתי מובטח.
    • +
+

תגובות

+
    +
  • ספרד שוקלת להטיל מס של 100% על בתים שנרכשים על ידי תושבים שאינם מהאיחוד האירופי כדי להתמודד עם בעיות נגישות לדיור. - מבקרים טוענים כי קונים זרים אינם הגורם העיקרי למחירי הדיור הגבוהים, ומציינים את הבירוקרטיה האיטית וחוקי התכנון כגורמים משמעותיים יותר. - ההצעה הציתה דיון על תפקיד הבעלות הזרה בשוקי הדיור ועל יעילותה בפתרון בעיות הנגישות.
    • +
+

בהקדם אפל תקבל שבבים 'תוצרת אמריקה' ממפעל TSMC באריזונה

+
    +
  • Apple בוחנת מעבדים ממתקן אריזונה של TSMC, עם תוכניות לייצור המוני עד הרבעון הראשון, וייתכן שתהפוך ללקוח האמריקאי הראשון של TSMC לשבבים המיוצרים מקומית. - יוזמה זו נועדה לחזק את העצמאות הסיליקונית של ארה"ב, ולהפחית את התלות בטייוואן, שהיא פגיעה לסיכונים גיאופוליטיים וטבעיים. - המפעל של TSMC באריזונה מתוכנן לייצר שבבים מתקדמים בגודל 3 ננומטר ו-2 ננומטר, עם מאמצים מתמשכים לשיפור הגיוס המקומי ושיתופי פעולה עם אוניברסיטאות בארה"ב, אם כי האריזה תתבצע בתחילה בטייוואן עד שהמתקן בפאוריה יהיה פעיל.
    • +
+

תגובות

+
    +
  • Apple תקבל שבבים ממפעל TSMC באריזונה, אך יש לשלוח אותם בחזרה לטייוואן לאריזה בשל מחסור במתקנים בארה"ב. - מעל 50% מכוח העבודה במפעל באריזונה מגיע מטייוואן, מה שמצביע על פער בתחום ה-STEM (מדע, טכנולוגיה, הנדסה ומתמטיקה) בארה"ב. - יוזמת חוק השבבים, שמטרתה לשפר את ייצור השבבים בארה"ב, מתמודדת עם אתגרים כאשר תווית "תוצרת אמריקה" מוטלת בספק בשל תהליך האריזה המתרחש בטייוואן, עם תוכניות ליכולות אריזה בארה"ב עד 2027.
    • +
+

43 אלף נהגים פחות בכבישי מנהטן לאחר הפעלת תמחור גודש

+
    +
  • לאחר יישום תמחור העומס, חלה ירידה של 7.5% במספר הנהגים הנכנסים למנהטן מתחת לרחוב ה-60, מה שמתורגם ל-43,000 נהגים פחות בכל יום חול.
    • +
  • הירידה בתנועה שיפרה את זרימת התנועה והעלתה את מהירות האוטובוסים, כאשר חלק מהאוטובוסים המהירים חווים עלייה במספר הנוסעים.
    • +
  • הרשות המטרופולינית לתחבורה (MTA) משתמשת בהכנסות מאגרות, המוערכות בכ-500 מיליון דולר בשנה, לשיפור התחבורה, למרות התנגדות פוליטית מסוימת.
    • +
+

תגובות

+
    +
  • היישום של תמחור גודש במנהטן הביא ל-43,000 נהגים פחות, מה שהוביל להאצת מהירות האוטובוסים וייתכן שגם לשיפור בזמני התגובה של שירותי החירום.
    • +
  • המדיניות נועדה להפחית את עומסי התנועה ולשפר את איכות האוויר, אם כי היא עוררה ויכוח על השפעתה על אנשים בעלי הכנסה נמוכה יותר.
    • +
  • תומכים טוענים כי היתרונות כוללים תחבורה ציבורית יעילה יותר ואוויר נקי יותר, בעוד שהדיונים נמשכים על איזון יתרונות אלו עם צרכי הנהגים.
    • +
+ + + + + +]]> + https://hn.cho.sh/he/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

וולוו 1993 עם נהיגה עצמית באמצעות Open Pilot

-
    -
  • קבוצת חברים השתתפה במהדורת החורף של מרוץ קרבג' 2025, ראלי בן 6 ימים דרך שבדיה אל המעגל הארקטי וחזרה להלסינקי, הדורש מכוניות בנות לפחות 20 שנה וששוויין יהיה מתחת ל-1000 אירו.
    • -
  • הם הפכו את ה-Volvo 940 Estate משנת 1993 לרכב אוטונומי באמצעות openpilot מ-comma.ai, תוך שילוב רכיבים מודרניים כמו הגה כוח חשמלי, iBooster של Bosch וחיישן רדאר של טסלה.
    • -
  • עדכונים עתידיים יכללו פרטים על חיווט, יחידת בקרת מנוע (ECU) מותאמת אישית, ותוכניות לפתוח את הקוד לקוד פתוח, תוך הדגשת הגישה החדשנית של הפרויקט לשדרוג רכבים ישנים בטכנולוגיה אוטונומית.
    • -
-

תגובות

-
    -
  • ולוו 940 משנת 1993 הותאם עם OpenPilot, טכנולוגיית נהיגה עצמית, המדגישה את המפגש בין עיצוב רכב קלאסי לטכנולוגיה מודרנית.
    • -
  • הפרויקט התמודד עם אתגרים, כולל עדכון מערכות הבלמים וההיגוי, שהעלו חששות משפטיים ובטיחותיים, במיוחד עם שינויים עצמאיים כמו ריתוך עמוד ההיגוי.
    • -
  • הדיון התרחב לתקנות רכב באירופה, הירידה בפופולריות של מכוניות הוט רוד בארה"ב, והבדלים תרבותיים בחופש לשינוי רכבים, כאשר הפרויקט נחשב למאמץ עשה זאת בעצמך מעורר השראה למרות חששות בטיחותיים.
    • -
-

VoxelSpace: אלגוריתם רינדור שטח בפחות מ-20 שורות קוד (2020)

-
    -
  • משחק Comanche של NovaLogic משנת 1992 השתמש במנוע Voxel Space, טכניקת רינדור 2.5D המבוססת על הקרנת קרניים, כדי ליצור שטחים מפורטים עם הצללה וצללים.
    • -
  • המנוע Voxel Space השתמש במפות גובה וצבע ובאלגוריתם רינדור פשוט, שצייר קווים אנכיים מאחור לקדימה, שניתן היה לאופטימיזציה לביצועים.
    • -
  • הקוד של המנוע זמין תחת רישיון MIT, אך ייתכן שהטכנולוגיה עדיין מוגנת בפטנט באזורים מסוימים.
    • -
-

תגובות

-
    -
  • VoxelSpace הוא אלגוריתם לרינדור שטח הידוע בפשטותו, הדורש פחות מ-20 שורות קוד, ומעורר נוסטלגיה לפיתוח משחקים חדשני בתקופות בהן החומרה הייתה מוגבלת.
    • -
  • משחקי AAA מודרניים מתמקדים באופטימיזציות מורכבות ובמגמות שוק, לעיתים על חשבון המקוריות, בעוד שמשחקים עצמאיים ופלטפורמות כמו PICO-8 מספקים חופש יצירתי רב יותר.
    • -
  • על אף ההתקדמות הטכנולוגית, ישנם מפתחים ושחקנים שמרגישים כי ה'קסם' של משחקים ישנים חסר, אם כי פרויקטים חדשניים כמו רינדור ווקסל ממשיכים לעורר יצירתיות.
    • -
-

איך לצייר קו מתאר במשחק וידאו

-
    -
  • המאמר דן בחמש טכניקות ליצירת קווי מתאר ב-Unity, פלטפורמת פיתוח משחקים פופולרית, ומדגיש את השימוש בהן במשחקים כמו Sable ו-The Last of Us. - הטכניקות כוללות אפקטים של שפה, שחול קודקודים, טשטוש באפר, אלגוריתם קפיצת הצפה, וזיהוי קצוות, כל אחת עם יתרונות ייחודיים ופשרות מבחינת ביצועים ואיכות חזותית. - המאמר מספק תובנות על איזון בין השיטות הללו להשגת אסתטיקה אופטימלית במשחק ותמיכה במשחקיות, עם משאבים נוספים וקרדיטים לדגמים תלת-ממדיים כלולים.
    • -
-

תגובות

-
    -
  • המאמר חוקר טכניקות מתקדמות ליצירת קווי מתאר במשחקי וידאו, תוך הדגשת היעילות של אלגוריתם Jump Flood (JFA) ושדות מרחק חתומים (SDFs) על פני שיטות מסורתיות. - הוא מתעמק בגרפיקה תלת-ממדית בסגנון, דן בטכניקות רינדור ובשימוש הפוטנציאלי ברשתות נוירונים לתאורה ולעיצוב. - התורמים מספקים תובנות על ההתפתחות ההיסטורית של הצללה בסגנון סל במשחקים, כמו Jet Set Radio, ומדגישים את המפגש המתפתח בין טכנולוגיה לאמנות בגרפיקה תלת-ממדית.
    • -
-

אני עוזב את הוושינגטון פוסט

-

תגובות

-
    -
  • המחבר עוזב את הוושינגטון פוסט בשל כישלונו להסתגל לנוף המדיה המשתנה ולגישתו להצגת נושאים, שלדעתם אינה יעילה עבור נושאים קריטיים כמו דמוקרטיה.
    • -
  • מדיה מסורתית, במיוחד עיתונים מקומיים, נאבקים כלכלית, מה שמוביל לדיווח מוטה ולירידה באמון הציבור, בעוד שמדיה חברתית אינה יכולה להחליף את העבודה הקפדנית של עיתונאות.
    • -
  • עולות חששות לגבי השפעתם של אנשים עשירים, כמו ג'ף בזוס, על כלי תקשורת, והשפעתם של אינטרסים תאגידיים על תפקיד התקשורת בהחזקת הכוח באחריות.
    • -
-

פרפלקסיטי קיבלה פרסומות

-

תגובות

-
    -
  • פרפלקסיטי הציגה פרסומות, מה שהוביל לדיונים על הבלתי נמנע של פרסומות בשירותים מקוונים בשל חוסר הרצון של הצרכנים לשלם עבור חוויות ללא פרסומות. - ישנם משתמשים שמוצאים את הפרסומות פולשניות ומעדיפים שירותים מבוססי מנוי כמו קאגי, שמציעים חיפוש ללא פרסומות, בעוד אחרים ממשיכים לבחור באפשרויות חינמיות הנתמכות בפרסומות. - מצב זה מדגיש את הדיון המתמשך בין מודלים הנתמכים בפרסומות לבין מודלים מבוססי מנוי בשירותים דיגיטליים.
    • -
- - - - - -]]> - https://hn.cho.sh/he/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/hi.xml b/static/rss/newsletter/hi.xml index 7a016281a..b7e835534 100644 --- a/static/rss/newsletter/hi.xml +++ b/static/rss/newsletter/hi.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

स्नाइक सुरक्षा शोधकर्ता ने कर्सर.कॉम को लक्षित करते हुए दुर्भावनापूर्ण एनपीएम पैकेज तैनात किए।

+
    +
  • एक Snyk सुरक्षा शोधकर्ता ने Cursor.com, एक AI कोडिंग कंपनी, को लक्षित करते हुए दुर्भावनापूर्ण NPM पैकेज जारी किए, ताकि सिस्टम डेटा एकत्र किया जा सके और इसे हमलावर-नियंत्रित सेवा पर भेजा जा सके।
    • +
  • पैकेजों को "कर्सर-रिट्रीवल," "कर्सर-ऑलवेज-लोकल," और "कर्सर-शैडो-वर्कस्पेस" के रूप में पहचाना गया, जिन्हें OpenSSF पैकेज विश्लेषण स्कैनर द्वारा चिह्नित किया गया, जिसके परिणामस्वरूप परामर्श MAL-2025-27, MAL-2025-28, और MAL-2025-29 जारी किए गए।
    • +
  • यह घटना संभावित सुरक्षा खतरों से बचने के लिए स्थापना से पहले NPM पैकेजों की जांच करने के महत्व को उजागर करती है।
    • +
+

प्रतिक्रियाओं

+
    +
  • एक Snyk सुरक्षा शोधकर्ता ने cursor.com को लक्षित करते हुए हानिकारक NPM (नोड पैकेज मैनेजर) पैकेज जारी किए, जो निर्भरता भ्रम कमजोरियों को उजागर करते हैं। - इस घटना ने सुरक्षा अनुसंधान की नैतिकता पर बहस छेड़ दी है, विशेष रूप से पर्यावरण वेरिएबल्स के सार्वजनिक प्रदर्शन के संबंध में। - Cursor.com ने स्पष्ट किया कि उन्होंने इस कार्रवाई को अधिकृत नहीं किया था, और Snyk ने इसके बाद माफी मांगी है, जो आक्रामक सुरक्षा अनुसंधान को नैतिक मानकों के साथ संतुलित करने की चुनौतियों को रेखांकित करता है।
    • +
+

मैंने फ़ायरफ़ॉक्स पर स्विच किया और फिर कभी पीछे मुड़कर नहीं देखा

+
    +
  • फायरफॉक्स को इसके उत्कृष्ट टैब प्रबंधन, लिंक सहेजने के लिए अंतर्निहित पॉकेट फीचर, और गोपनीयता-केंद्रित ईमेल रिले के लिए सराहा जाता है, जो इसे क्रोम का एक मजबूत विकल्प बनाता है। - उपयोगकर्ता के अनुकूल स्क्रीनशॉट टूल, एक चैटजीपीटी बटन, पिक्चर-इन-पिक्चर, अनुकूलन योग्य खोज विकल्प, और स्मूथ स्क्रॉलिंग जैसी अतिरिक्त विशेषताएं ब्राउज़िंग अनुभव को बेहतर बनाती हैं। - हालांकि फायरफॉक्स में क्रोम की वेब ऐप सुविधा की कमी है, लेकिन इसका विचारशील डिज़ाइन और कम संसाधन मांग इसे कुछ उपयोगकर्ताओं के लिए पसंदीदा विकल्प बनाते हैं।
    • +
+

प्रतिक्रियाओं

+
    +
  • फायरफॉक्स उपयोगकर्ताओं को यूट्यूब जैसे प्लेटफार्मों से चुनौतियों का सामना करना पड़ता है, जो गैर-गूगल ब्राउज़रों या विज्ञापन अवरोधकों का उपयोग करने वाले उपयोगकर्ताओं के लिए जानबूझकर अनुभव को खराब कर सकते हैं। - यह प्रवृत्ति उपयोगकर्ता स्वायत्तता के बारे में चिंताएं बढ़ाती है, क्योंकि यह उन लोगों को दंडित करती है जो विज्ञापन-मुक्त और निगरानी-मुक्त वेब अनुभव का विकल्प चुनते हैं। - फायरफॉक्स अद्वितीय विशेषताएं प्रदान करता है, जैसे कंटेनर टैब्स, जो गोपनीयता और उपयोगिता को बढ़ाते हैं, इसे प्रमुख कॉर्पोरेट-नियंत्रित ब्राउज़रों से स्वतंत्रता चाहने वाले उपयोगकर्ताओं के लिए एक पसंदीदा विकल्प बनाते हैं।
    • +
+

सोनोस के सीईओ ने ऐप अपडेट विवाद के बाद इस्तीफा दिया

+

प्रतिक्रियाओं

+
    +
  • सोनोस के सीईओ ने इस्तीफा दे दिया है, एक विवादास्पद ऐप अपडेट के बाद जिसने उपयोगकर्ताओं को महंगे साउंड सिस्टम को बदलने के लिए मजबूर किया, जिससे ग्राहक असंतोष उत्पन्न हुआ। - इस अपडेट ने एक क्लाउड-आधारित सिस्टम पेश किया, जो विश्वसनीय यूनिवर्सल प्लग एंड प्ले (UPnP) से हटकर था, जिससे कनेक्टिविटी समस्याएं और जटिलता बढ़ गई। - यह स्थिति व्यापारिक रणनीतियों और ग्राहक विश्वास बनाए रखने के बीच के संघर्ष को उजागर करती है, क्योंकि सीईओ एक सलाहकार भूमिका में एक सेवरेंस पैकेज के साथ स्थानांतरित हो रहे हैं।
    • +
+

MrBeast के पेट में

+

प्रतिक्रियाओं

+
    +
  • निबंध यह जांचता है कि YouTube का एल्गोरिदम सामग्री निर्माण को कैसे प्रभावित करता है, जिसमें MrBeast को एक केस स्टडी के रूप में उपयोग किया गया है, जो यह दर्शाता है कि सामग्री अब अर्थपूर्ण होने के बजाय सगाई-चालित हो रही है। - यह मीडिया साक्षरता के व्यापक प्रभावों और YouTube और TikTok जैसे प्लेटफार्मों के सांस्कृतिक प्रभाव पर चर्चा करता है, यह सुझाव देते हुए कि सामग्री सतही और प्रतिक्रियात्मक हो रही है। - सामग्री को आकार देने में एल्गोरिदम की भूमिका और सांस्कृतिक मानदंडों पर लोकप्रिय निर्माताओं के प्रभाव पर विभिन्न दृष्टिकोणों पर विचार किया गया है।
    • +
+

GitHub गिट ऑपरेशन्स डाउन हैं

+
    +
  • 13 जनवरी, 2025 को GitHub को एक Git ऑपरेशन्स आउटेज का सामना करना पड़ा, जो आंतरिक लोड बैलेंसर को प्रभावित करने वाले एक कॉन्फ़िगरेशन परिवर्तन के कारण हुआ, और यह 23:35 से 00:24 UTC तक चला। - इस समस्या को कॉन्फ़िगरेशन परिवर्तन को वापस लेकर हल किया गया, और GitHub समान घटनाओं को रोकने के लिए निगरानी और परिनियोजन प्रक्रियाओं में सुधार करने पर काम कर रहा है। - इस आउटेज ने GitHub के Actions और Pages सेवाओं को भी प्रभावित किया, जो उनके प्लेटफ़ॉर्म सेवाओं की आपस में जुड़ी प्रकृति को उजागर करता है।
    • +
+

प्रतिक्रियाओं

+
    +
  • GitHub को एक बड़ी रुकावट का सामना करना पड़ा, जिसने गिट ऑपरेशन्स को प्रभावित किया, जिससे डेवलपर्स के बीच भ्रम की स्थिति उत्पन्न हो गई, जिन्होंने शुरू में अपने SSH कुंजियों या स्थानीय कॉन्फ़िगरेशन्स में समस्याओं का संदेह किया। - इस घटना ने केंद्रीकृत सेवाओं पर निर्भरता की चुनौतियों को उजागर किया, जिससे स्व-होस्टिंग और विकेंद्रीकृत प्रणालियों के फायदों पर चर्चाएं शुरू हुईं। - हालांकि समस्या का समाधान हो गया, लेकिन इसने GitHub की विश्वसनीयता और आवश्यक कार्यों के लिए तृतीय-पक्ष प्लेटफार्मों पर निर्भरता के जोखिमों के बारे में चिंताओं को उजागर किया।
    • +
+

ZFS 2.3 ज़ेडएफएस रैडज़ विस्तार के साथ जारी किया गया

+
    +
  • OpenZFS 2.3.0 जारी किया गया है, जिसमें RAIDZ विस्तार, फास्ट डेडुप्लिकेशन, डायरेक्ट इनपुट/आउटपुट, JSON आउटपुट और लंबे फाइल नामों के लिए समर्थन जैसी महत्वपूर्ण विशेषताएं शामिल हैं। - इस रिलीज में आवश्यक बग फिक्स और प्रदर्शन सुधार शामिल हैं, जो Linux कर्नल 4.18 - 6.12 और FreeBSD संस्करण 13.3, 14.0 - 14.2 के साथ संगत हैं। - यह अपडेट 134 योगदानकर्ताओं के सहयोगात्मक प्रयास का परिणाम है, जिसमें व्यापक दस्तावेज़ीकरण और एक परिवर्तन लॉग समीक्षा के लिए उपलब्ध है।
    • +
+

प्रतिक्रियाओं

+
    +
  • ZFS 2.3 जारी किया गया है, जिसमें RAIDZ विस्तार, तेज डुप्लीकेशन, डायरेक्ट IO, JSON आउटपुट, और लंबे फाइल नामों के लिए समर्थन जैसी विशेषताएं शामिल हैं। - RAIDZ विस्तार विशेष रूप से उल्लेखनीय है क्योंकि यह उपयोगकर्ताओं को मौजूदा RAIDZ पूल में नए उपकरण जोड़ने की अनुमति देता है बिना डाउनटाइम के, जिससे भंडारण क्षमता बढ़ती है। - यह रिलीज ZFS उपयोगकर्ताओं के लिए एक महत्वपूर्ण प्रगति मानी जाती है, और इसकी तुलना Btrfs और Windows Storage Spaces जैसे अन्य फाइल सिस्टम्स के साथ की जाती है, हालांकि कुछ सीमाओं जैसे पूल को छोटा करने में असमर्थता के बावजूद।
    • +
+

वेबटॉप – अल्पाइन, उबंटू, फेडोरा, और आर्च कंटेनर जिनमें पूर्ण डेस्कटॉप वातावरण शामिल हैं

+
    +
  • Linuxserver/webtop अल्पाइन, उबंटू, फेडोरा, और आर्च पर आधारित कंटेनर प्रदान करता है, जो वेब ब्राउज़रों के माध्यम से पूर्ण डेस्कटॉप वातावरण तक पहुंच प्रदान करते हैं, और यह x86-64 और arm64 आर्किटेक्चर दोनों का समर्थन करता है।
    • +
  • उपयोगकर्ता विशेष इमेज टैग का उपयोग करके XFCE, KDE, MATE, i3, Openbox, और IceWM जैसे विभिन्न डेस्कटॉप वातावरणों में से चयन कर सकते हैं, और निर्दिष्ट URL के माध्यम से वेबटॉप तक पहुंच सकते हैं।
    • +
  • सुरक्षा विशेषताओं में Docker का seccomp विकल्प और प्रमाणीकरण सेटअप शामिल हैं, जिसमें पर्यावरण वेरिएबल्स के माध्यम से अनुकूलन विकल्प उपलब्ध हैं, और ओपन-सोर्स ड्राइवर्स के साथ GPU त्वरण के लिए समर्थन शामिल है।
    • +
+

प्रतिक्रियाओं

+
    +
  • वेबटॉप अल्पाइन, उबंटू, फेडोरा, और आर्च के लिए पूर्ण डेस्कटॉप वातावरण के साथ कंटेनर प्रदान करता है, जो वीपीएन के पीछे त्वरित सेटअप के लिए उपयुक्त हैं।
    • +
  • उपयोगकर्ता वेबटॉप की गति और उपयोग में आसानी के लिए इसकी प्रशंसा करते हैं, विशेष रूप से ग्लूटन कंटेनर के साथ सुरक्षित कनेक्शनों के लिए उपयोग किए जाने पर, लेकिन डिफ़ॉल्ट प्रमाणीकरण की कमी के कारण सुरक्षा उपायों के बिना कंटेनरों को इंटरनेट पर उजागर करने के खिलाफ चेतावनी देते हैं।
    • +
  • इस परियोजना को ओपन-सोर्स और लचीला होने के लिए महत्व दिया जाता है, जिसमें उपयोगकर्ता कॉन्फ़िगरेशन साझा करते हैं, और कास्म और सेल्की जैसे विकल्प समान उद्देश्यों के लिए उल्लेखनीय हैं।
    • +
+

ऑनलाइन नौकरी पोस्टिंग में से 5 में से 1 या तो नकली होती है या कभी भरी नहीं जाती, अध्ययन में पाया गया।

+
    +
  • हाल ही में एक अध्ययन से पता चलता है कि ऑनलाइन नौकरी पोस्टिंग में से 20% या तो नकली हैं या खाली रह जाती हैं, जिससे नौकरी खोजने वालों की निराशा बढ़ जाती है। - यह "भूत नौकरी" प्रवृत्ति कंपनियों के लिए विकास की छवि प्रस्तुत करने की एक रणनीति हो सकती है। - ग्रीनहाउस और लिंक्डइन जैसे नौकरी प्लेटफॉर्म ने उपयोगकर्ताओं को वास्तविक नौकरी के अवसरों की पहचान करने में मदद करने के लिए नौकरी सत्यापन सेवाएं शुरू की हैं।
    • +
+

प्रतिक्रियाओं

+
    +
  • एक अध्ययन से पता चलता है कि 20% ऑनलाइन नौकरी पोस्टिंग या तो नकली होती हैं या भरी नहीं जाती हैं, अक्सर कंपनियों को अमेरिकी आव्रजन नीतियों का पालन करने की आवश्यकता के कारण। - कंपनियां आदर्श उम्मीदवारों को खोजने, आवश्यकताओं को बदलने, या पहले से चयनित आंतरिक उम्मीदवारों के लिए नौकरी पोस्टिंग को बनाए रख सकती हैं। - नौकरी बाजार आवेदकों के लिए कठिन है, जो अक्सर घोस्टिंग और स्वचालित अस्वीकृति का सामना करते हैं, जिससे नियामक हस्तक्षेप की मांग होती है।
    • +
+

चालकों के लिए कुछ सेकंड बचाने के लिए पैदल यात्रियों के लिए चौराहे को असुरक्षित बनाना

+

प्रतिक्रियाओं

+
    +
  • बहस इस बात पर केंद्रित है कि चौराहों को पैदल यात्री सुरक्षा को प्राथमिकता देनी चाहिए या ड्राइवर की दक्षता को, जिसमें कुछ लोग लाइट-नियंत्रित चौराहों और पैदल यात्री स्क्रैम्बल को 4-वे स्टॉप्स पर प्राथमिकता देते हैं।
    • +
  • ट्रैफिक कानूनों और बुनियादी ढांचे के डिजाइन पर राय भिन्न होती है, जिसमें जेवॉकिंग की सुरक्षा और लाल बत्ती पर दाएं मुड़ने से जुड़े जोखिमों पर चर्चा शामिल है।
    • +
  • कुछ लोग सुरक्षा और दक्षता दोनों को बढ़ाने के लिए गोल चक्कर या डच यातायात इंजीनियरिंग मानकों को अपनाने जैसे वैकल्पिक समाधानों की वकालत करते हैं।
    • +
+

पोस्टग्रेएसक्यूएल वर्ष 2024 का डेटाबेस प्रबंधन प्रणाली है।

+
    +
  • पोस्टग्रेएसक्यूएल को DB-इंजिन्स द्वारा वर्ष 2024 का DBMS ऑफ द ईयर पुरस्कार दिया गया है, यह सम्मान पांचवीं बार प्राप्त करते हुए, 423 अन्य डेटाबेस प्रबंधन प्रणालियों को पीछे छोड़ दिया है।
    • +
  • पोस्टग्रेएसक्यूएल, जिसकी इतिहास लगभग 35 वर्षों का है, नवाचार करना जारी रखता है, जैसा कि सितंबर 2024 में जारी किए गए पोस्टग्रेएसक्यूएल 17 के हालिया सुधारों में देखा जा सकता है।
    • +
  • स्नोफ्लेक और माइक्रोसॉफ्ट ने क्रमशः दूसरे और तीसरे स्थान पर कब्जा किया, जिसमें स्नोफ्लेक को इसके क्लाउड-आधारित डेटा वेयरहाउसिंग और मल्टी-क्लाउड समर्थन के लिए जाना जाता है, जबकि माइक्रोसॉफ्ट Azure SQL डेटाबेस और SQL सर्वर के माध्यम से मजबूत प्रबंधित रिलेशनल डेटाबेस प्रदान करता है।
    • +
+

प्रतिक्रियाओं

+
    +
  • पोस्टग्रेएसक्यूएल को db-engines.com द्वारा वर्ष 2024 का डेटाबेस प्रबंधन प्रणाली पुरस्कार दिया गया है, जो उद्योग में इसकी बढ़ती लोकप्रियता और मान्यता को दर्शाता है।
    • +
  • उपयोगकर्ता माइक्रोसॉफ्ट SQL सर्वर से PostgreSQL में स्विच करने पर विचार कर रहे हैं, उच्च लाइसेंसिंग लागत और संसाधन सीमाओं के कारण, हालांकि संभावित माइग्रेशन चुनौतियाँ हो सकती हैं।
    • +
  • PostgreSQL अपनी मजबूत विशेषताओं और लागत-प्रभावशीलता के लिए पसंद किया जाता है, जिससे यह भविष्य की परियोजनाओं के लिए एक पसंदीदा विकल्प बन जाता है, हालांकि कुछ उपयोगकर्ता लागत को कम करने के लिए Babelfish जैसे विकल्पों का पता लगाते हैं।
    • +
+

Google का OAuth लॉगिन एक असफल स्टार्टअप डोमेन की खरीद के खिलाफ सुरक्षा नहीं करता है।

+

प्रतिक्रियाओं

+
    +
  • चर्चा में यह उजागर किया गया है कि जब एक असफल स्टार्टअप के डोमेन को नया मालिक अधिग्रहित करता है, तो गूगल के OAuth लॉगिन सिस्टम में एक कमजोरी होती है, जो संभावित रूप से सेवाओं तक अनधिकृत पहुंच की अनुमति दे सकती है।
    • +
  • यह समस्या इसलिए उत्पन्न होती है क्योंकि Google मूल और नए डोमेन मालिकों के बीच अंतर नहीं कर सकता है, जिससे किसी भी प्रणाली पर प्रभाव पड़ता है जो डोमेन-आधारित प्रमाणीकरण का उपयोग करती है।
    • +
  • एक प्रस्तावित समाधान यह है कि अद्वितीय पहचानकर्ताओं का उपयोग किया जाए जो समय के साथ स्थिर रहें, हालांकि इस समाधान का कार्यान्वयन विभिन्न पहचान प्रदाताओं के बीच भिन्न होता है।
    • +
+

कोडिंग कौशल का उपयोग करके निष्क्रिय आय अर्जित करना

+
    +
  • लेखक ने एक सीटीओ की भूमिका से एकल उद्यमी के रूप में परिवर्तन किया, और सॉफ्टवेयर उत्पादों के पोर्टफोलियो के माध्यम से अधिक कमाई करने में सफल रहे।
    • +
  • मुख्य रणनीतियों में गहन कार्य पर ध्यान केंद्रित करना, छोटे प्रोजेक्ट्स से शुरुआत करना, तेजी से पुनरावृत्ति करना, और विपणन प्रयासों के लिए समय समर्पित करना शामिल है।
    • +
  • यात्रा अनिश्चितताओं के कारण सहनशीलता पर जोर देती है, लेकिन इस करियर पथ की बेजोड़ स्वायत्तता और स्वतंत्रता को उजागर करती है, जिससे कोडिंग कौशल वाले लोगों को इसे निष्क्रिय आय के लिए विचार करने के लिए प्रोत्साहित किया जाता है।
    • +
+

प्रतिक्रियाओं

+
    +
  • एक उपयोगकर्ता ने बताया कि उन्होंने समाप्त हो रहे डोमेन नामों का उपयोग करके एसईओ स्पैम वेबसाइटों के माध्यम से निष्क्रिय आय उत्पन्न की, जिससे वे लगभग $30,000 वार्षिक कमा रहे थे, हालांकि नैतिक चिंताओं और गूगल की अंततः कार्रवाई के बावजूद।
    • +
  • इस पोस्ट ने निष्क्रिय आय पर बहस छेड़ दी, जिसमें कुछ उपयोगकर्ताओं का तर्क था कि यह वास्तव में निष्क्रिय कमाई की तुलना में एक व्यवसाय चलाने के अधिक समान है।
    • +
  • प्रतिभागियों ने साइड प्रोजेक्ट्स में अनुभवों और चुनौतियों को साझा किया, जिसमें समय, धैर्य और रणनीतिक योजना की महत्ता को उजागर किया गया।
    • +
+

स्पेन ने गैर-ईयू निवासियों द्वारा खरीदे गए घरों पर 100% कर लगाने का प्रस्ताव दिया है

+
    +
  • स्पेन गैर-ईयू निवासियों द्वारा रियल एस्टेट खरीद पर 100% कर लगाने पर विचार कर रहा है, जिसका उद्देश्य आवास संकट को संबोधित करना और सट्टा खरीद को रोकना है।
    • +
  • प्रधानमंत्री पेड्रो सांचेज़ का प्रस्ताव सामाजिक आवास का विस्तार करने और पर्यटक किराए को विनियमित करने को शामिल करता है ताकि आवास की कीमतों और आय के बीच असमानता को दूर किया जा सके।
    • +
  • प्रस्ताव का भविष्य कानून के रूप में अनिश्चित है, कुछ विश्लेषकों का मानना है कि यह विदेशी निवेशकों के लिए एक निवारक के रूप में कार्य कर सकता है बजाय इसके कि यह एक सुनिश्चित विधायी परिवर्तन हो।
    • +
+

प्रतिक्रियाओं

+
    +
  • स्पेन गैर-ईयू निवासियों द्वारा खरीदे गए घरों पर 100% कर लगाने पर विचार कर रहा है ताकि आवास की वहनीयता की समस्याओं का समाधान किया जा सके। - आलोचकों का सुझाव है कि विदेशी खरीदार उच्च आवास कीमतों का मुख्य कारण नहीं हैं, बल्कि धीमी नौकरशाही और ज़ोनिंग कानून अधिक महत्वपूर्ण कारक हैं। - इस प्रस्ताव ने आवास बाजारों में विदेशी स्वामित्व की भूमिका और वहनीयता मुद्दों को हल करने में इसकी प्रभावशीलता पर बहस छेड़ दी है।
    • +
+

एप्पल को जल्द ही टीएसएमसी के एरिज़ोना फैब से 'मेड इन अमेरिका' चिप्स प्राप्त होंगे

+
    +
  • एप्पल TSMC की एरिज़ोना सुविधा से प्रोसेसर का परीक्षण कर रहा है, और पहले तिमाही तक बड़े पैमाने पर उत्पादन की योजना बना रहा है, जिससे यह TSMC का पहला अमेरिकी ग्राहक बन सकता है जो स्थानीय रूप से निर्मित चिप्स का उपयोग करेगा। - इस पहल का उद्देश्य अमेरिकी सिलिकॉन स्वतंत्रता को बढ़ावा देना है, जिससे ताइवान पर निर्भरता कम हो सके, जो भू-राजनीतिक और प्राकृतिक जोखिमों के प्रति संवेदनशील है। - TSMC की एरिज़ोना फैब उन्नत 3nm और 2nm चिप्स का उत्पादन करने के लिए तैयार है, स्थानीय भर्ती को बढ़ावा देने और अमेरिकी विश्वविद्यालयों के साथ साझेदारी के प्रयास जारी हैं, हालांकि पैकेजिंग शुरू में ताइवान में होगी जब तक कि पियोरिया सुविधा चालू नहीं हो जाती।
    • +
+

प्रतिक्रियाओं

+
    +
  • एप्पल को TSMC के एरिज़ोना प्लांट से चिप्स मिलेंगे, लेकिन उन्हें पैकेजिंग के लिए ताइवान वापस भेजना होगा क्योंकि अमेरिका में पर्याप्त सुविधाएं नहीं हैं। - एरिज़ोना प्लांट में 50% से अधिक कार्यबल ताइवान से है, जो अमेरिका के STEM (विज्ञान, प्रौद्योगिकी, इंजीनियरिंग, और गणित) क्षेत्र में एक अंतर को दर्शाता है। - CHIPS एक्ट पहल, जिसका उद्देश्य अमेरिका में सेमीकंडक्टर निर्माण को बढ़ावा देना है, चुनौतियों का सामना कर रही है क्योंकि "मेड इन अमेरिका" लेबल पर सवाल उठाए जा रहे हैं, क्योंकि पैकेजिंग प्रक्रिया ताइवान में हो रही है, और 2027 तक अमेरिका में पैकेजिंग क्षमताओं की योजना है।
    • +
+

भीड़भाड़ मूल्य निर्धारण चालू होने के बाद मैनहट्टन की सड़कों पर 43 हजार कम ड्राइवर हैं।

+
    +
  • भीड़भाड़ मूल्य निर्धारण लागू होने के बाद, 60वीं स्ट्रीट के नीचे मैनहट्टन में प्रवेश करने वाले ड्राइवरों में 7.5% की कमी आई, जो प्रत्येक सप्ताह के दिन 43,000 कम ड्राइवरों के बराबर है।
    • +
  • यातायात में कमी ने यातायात प्रवाह में सुधार किया है और बसों की गति बढ़ाई है, जिससे कुछ एक्सप्रेस बसों में अधिक यात्री संख्या देखी गई है।
    • +
  • मेट्रोपॉलिटन ट्रांसपोर्टेशन अथॉरिटी (एमटीए) कुछ राजनीतिक विरोध के बावजूद, ट्रांजिट सुधारों के लिए टोल राजस्व का उपयोग करती है, जिसकी वार्षिक अनुमानित राशि $500 मिलियन है।
    • +
+

प्रतिक्रियाओं

+
    +
  • मैनहट्टन में भीड़भाड़ मूल्य निर्धारण के कार्यान्वयन के परिणामस्वरूप 43,000 कम ड्राइवर हो गए हैं, जिससे बस की गति में वृद्धि हुई है और संभावित रूप से आपातकालीन प्रतिक्रिया समय में सुधार हुआ है।
    • +
  • यह नीति यातायात जाम को कम करने और वायु गुणवत्ता में सुधार करने के लिए बनाई गई है, हालांकि इसने निम्न-आय वाले व्यक्तियों पर इसके प्रभाव को लेकर बहस छेड़ दी है।
    • +
  • समर्थकों का तर्क है कि लाभों में अधिक कुशल सार्वजनिक परिवहन और स्वच्छ हवा शामिल हैं, जबकि इन फायदों को ड्राइवरों की आवश्यकताओं के साथ संतुलित करने पर चर्चाएं जारी हैं।
    • +
+ + + + + +]]> + https://hn.cho.sh/hi/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

स्वचालित ड्राइविंग 1993 वोल्वो ओपन पायलट के साथ

-
    -
  • दोस्तों के एक समूह ने कार्बेज रन 2025 विंटर संस्करण में भाग लिया, जो स्वीडन के माध्यम से ध्रुवीय वृत्त तक और फिर हेलसिंकी वापस जाने वाली 6-दिवसीय रैली थी, जिसमें कारों की उम्र कम से कम 20 साल होनी चाहिए और उनकी कीमत €1000 से कम होनी चाहिए।
    • -
  • उन्होंने 1993 वोल्वो 940 एस्टेट को एक स्व-चालित वाहन में बदल दिया, जिसमें कॉमा.एआई से ओपनपायलट का उपयोग किया गया, और आधुनिक घटकों जैसे इलेक्ट्रिक पावर स्टीयरिंग, एक बॉश आईबूस्टर, और एक टेस्ला रडार सेंसर को शामिल किया।
    • -
  • भविष्य के अपडेट में वायरिंग, एक कस्टम इंजन कंट्रोल यूनिट (ECU) के विवरण और कोड को ओपन-सोर्स करने की योजनाएं शामिल होंगी, जो पुराने वाहनों को स्वायत्त तकनीक के साथ रेट्रोफिट करने के लिए परियोजना के नवाचारी दृष्टिकोण को उजागर करती हैं।
    • -
-

प्रतिक्रियाओं

-
    -
  • 1993 की वोल्वो 940 को ओपनपायलट, एक स्वचालित ड्राइविंग तकनीक के साथ पुनः सुसज्जित किया गया, जो क्लासिक कार डिजाइन और आधुनिक तकनीक के संगम को दर्शाता है।
    • -
  • परियोजना को चुनौतियों का सामना करना पड़ा, जिसमें ब्रेक और स्टीयरिंग सिस्टम को अपडेट करना शामिल था, जिससे कानूनी और सुरक्षा संबंधी चिंताएँ उत्पन्न हुईं, विशेष रूप से स्टीयरिंग कॉलम को वेल्डिंग जैसे DIY संशोधनों के साथ।
    • -
  • चर्चा यूरोप में कार नियमों, अमेरिका में हॉटरोड्स की गिरावट, और कार संशोधन स्वतंत्रताओं में सांस्कृतिक अंतर तक विस्तारित हुई, जिसमें इस परियोजना को सुरक्षा चिंताओं के बावजूद एक प्रेरणादायक DIY प्रयास के रूप में देखा गया।
    • -
-

वोक्सलस्पेस: 20 से कम लाइनों के कोड में भू-भाग प्रतिपादन एल्गोरिदम (2020)

-
    -
  • नोवा लॉजिक का 1992 का खेल कोमांचे ने वोक्सल स्पेस इंजन का उपयोग किया, जो कि रे कास्टिंग पर आधारित एक 2.5D रेंडरिंग तकनीक है, ताकि छायांकन और छायाओं के साथ विस्तृत भूभाग तैयार किया जा सके।
    • -
  • वोक्सल स्पेस इंजन ने ऊंचाई और रंग मानचित्रों का उपयोग किया और एक सरल रेंडरिंग एल्गोरिदम का उपयोग किया, जो पीछे से आगे की ओर ऊर्ध्वाधर रेखाएं खींचता था, जिसे प्रदर्शन के लिए अनुकूलित किया जा सकता था।
    • -
  • इंजन का कोड MIT लाइसेंस के तहत उपलब्ध है, लेकिन तकनीक अभी भी कुछ क्षेत्रों में पेटेंट हो सकती है।
    • -
-

प्रतिक्रियाओं

-
    -
  • वोक्सलस्पेस एक भू-भाग रेंडरिंग एल्गोरिदम है जो अपनी सरलता के लिए उल्लेखनीय है, इसे 20 से कम कोड की पंक्तियों की आवश्यकता होती है, और यह हार्डवेयर-सीमित युगों के दौरान नवाचारी गेम विकास के लिए पुरानी यादों को जागृत करता है।
    • -
  • आधुनिक AAA गेम जटिल अनुकूलन और बाजार प्रवृत्तियों पर ध्यान केंद्रित करते हैं, अक्सर मौलिकता की कीमत पर, जबकि इंडी गेम और PICO-8 जैसे प्लेटफॉर्म अधिक रचनात्मक स्वतंत्रता प्रदान करते हैं।
    • -
  • तकनीकी प्रगति के बावजूद, कुछ डेवलपर्स और खिलाड़ी महसूस करते हैं कि पुराने खेलों का "जादू" गायब है, हालांकि वोक्सल रेंडरिंग जैसे नवाचारी प्रोजेक्ट रचनात्मकता को प्रेरित करते रहते हैं।
    • -
-

वीडियो गेम में एक रूपरेखा कैसे बनाएं

-
    -
  • लेख में यूनिटी, एक लोकप्रिय गेम विकास प्लेटफॉर्म में रूपरेखाओं को प्रस्तुत करने के लिए पांच तकनीकों पर चर्चा की गई है, जो Sable और The Last of Us जैसे खेलों में उनके उपयोग को उजागर करती है। - तकनीकों में रिम इफेक्ट्स, वर्टेक्स एक्सट्रूज़न, ब्लर बफर, जंप फ्लड एल्गोरिदम, और एज डिटेक्शन शामिल हैं, जिनमें से प्रत्येक के प्रदर्शन और दृश्य गुणवत्ता के मामले में अद्वितीय लाभ और समझौते हैं। - लेख खेल की सौंदर्यशास्त्र और गेमप्ले समर्थन के लिए इन विधियों को संतुलित करने की अंतर्दृष्टि प्रदान करता है, जिसमें अतिरिक्त संसाधन और 3D मॉडल के लिए क्रेडिट शामिल हैं।
    • -
-

प्रतिक्रियाओं

-
    -
  • लेख वीडियो गेम्स में रूपरेखाएं खींचने की उन्नत तकनीकों का अन्वेषण करता है, पारंपरिक विधियों की तुलना में जंप फ्लड एल्गोरिदम (JFA) और साइनड डिस्टेंस फील्ड्स (SDFs) की दक्षता पर जोर देता है। - यह स्टाइलाइज्ड 3D ग्राफिक्स में गहराई से जाता है, रेंडरिंग तकनीकों और लाइटिंग और स्टाइलिंग के लिए न्यूरल नेटवर्क के संभावित उपयोग पर चर्चा करता है। - योगदानकर्ता गेम्स में सेल शेडिंग के ऐतिहासिक विकास में अंतर्दृष्टि प्रदान करते हैं, जैसे कि जेट सेट रेडियो, 3D ग्राफिक्स में प्रौद्योगिकी और कला के विकसित होते हुए अंतर्संबंध को उजागर करते हैं।
    • -
-

मैं वाशिंगटन पोस्ट छोड़ रहा हूँ

-

प्रतिक्रियाओं

-
    -
  • लेखक वाशिंगटन पोस्ट को छोड़ रहे हैं क्योंकि यह बदलते मीडिया परिदृश्य के अनुकूल नहीं हो पा रहा है और मुद्दों को प्रस्तुत करने का इसका दृष्टिकोण, जो वे मानते हैं कि लोकतंत्र जैसे महत्वपूर्ण विषयों के लिए अप्रभावी है।
    • -
  • पारंपरिक मीडिया, विशेष रूप से स्थानीय समाचार पत्र, वित्तीय रूप से संघर्ष कर रहे हैं, जिसके परिणामस्वरूप पक्षपाती रिपोर्टिंग और सार्वजनिक विश्वास में गिरावट आ रही है, जबकि सोशल मीडिया पत्रकारिता के कठोर कार्य को प्रतिस्थापित नहीं कर सकता।
    • -
  • धनी व्यक्तियों, जैसे कि जेफ बेजोस, के मीडिया आउटलेट्स पर प्रभाव और सत्ता को जवाबदेह ठहराने में मीडिया की भूमिका पर कॉर्पोरेट हितों के प्रभाव के बारे में चिंताएँ उठाई जा रही हैं।
    • -
-

पर्प्लेक्सिटी को विज्ञापन मिले

-

प्रतिक्रियाओं

-
    -
  • पेर्प्लेक्सिटी ने विज्ञापनों की शुरुआत की है, जिससे ऑनलाइन सेवाओं में विज्ञापनों की अनिवार्यता के बारे में चर्चाएं शुरू हो गई हैं, क्योंकि उपभोक्ता विज्ञापन-मुक्त अनुभवों के लिए भुगतान करने में अनिच्छुक होते हैं। - कुछ उपयोगकर्ताओं को विज्ञापन हस्तक्षेपकारी लगते हैं और वे कागी जैसी सदस्यता-आधारित सेवाओं को पसंद करते हैं, जो विज्ञापन-मुक्त खोज प्रदान करती हैं, जबकि अन्य मुफ्त, विज्ञापन-समर्थित विकल्पों को चुनना जारी रखते हैं। - यह स्थिति डिजिटल सेवाओं में विज्ञापन-समर्थित और सदस्यता-आधारित मॉडलों के बीच चल रही बहस को उजागर करती है।
    • -
- - - - - -]]> - https://hn.cho.sh/hi/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/hu.xml b/static/rss/newsletter/hu.xml index 7f07a2728..b0dde408f 100644 --- a/static/rss/newsletter/hu.xml +++ b/static/rss/newsletter/hu.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

„A Snyk biztonsági kutató rosszindulatú NPM csomagokat telepít, amelyek a cursor.com-ot célozzák meg.”

+
    +
  • „Egy Snyk biztonsági kutató rosszindulatú NPM csomagokat adott ki, amelyek a Cursor.com nevű AI kódoló céget célozták meg, hogy rendszert adatokat gyűjtsenek és azokat egy támadó által irányított szolgáltatásnak küldjék el.”
    • +
  • „A csomagokat, amelyeket "cursor-retrieval", "cursor-always-local" és "cursor-shadow-workspace" néven azonosítottak, az OpenSSF csomagelemző szkenner jelölte meg, ami a MAL-2025-27, MAL-2025-28 és MAL-2025-29 figyelmeztetésekhez vezetett.”
    • +
  • „Ez az eset rávilágít arra, hogy mennyire fontos alaposan megvizsgálni az NPM csomagokat a telepítés előtt, hogy elkerüljük a lehetséges biztonsági fenyegetéseket.”
    • +
+

Reakciók

+
    +
  • „Egy Snyk biztonsági kutató rosszindulatú NPM (Node Package Manager) csomagokat tett közzé, amelyek a cursor.com-ot célozták meg, kiemelve a függőségi zavarok sebezhetőségeit. - Az eset vitát váltott ki a biztonsági kutatások etikájáról, különösen a környezeti változók nyilvános kitettségével kapcsolatban. - A Cursor.com tisztázta, hogy nem engedélyezték a cselekvést, és a Snyk azóta bocsánatot kért, hangsúlyozva a támadó jellegű biztonsági kutatások és az etikai normák közötti egyensúly kihívásait.”
    • +
+

„Átváltottam a Firefoxra, és soha nem néztem vissza”

+
    +
  • „A Firefoxot dicsérik a kiváló lapkezeléséért, a beépített Pocket funkcióért, amely lehetővé teszi a linkek mentését, valamint a magánéletre összpontosító e-mail továbbításért, ami erős alternatívává teszi a Chrome-mal szemben. - További funkciók, mint a felhasználóbarát képernyőkép eszköz, a ChatGPT gomb, a kép a képben mód, testreszabható keresési lehetőségek és a sima görgetés javítják a böngészési élményt. - Bár a Firefox nem rendelkezik a Chrome webalkalmazás funkciójával, átgondolt kialakítása és csökkentett erőforrásigénye miatt néhány felhasználó számára előnyben részesített választás.”
    • +
+

Reakciók

+
    +
  • „A Firefox felhasználói kihívásokkal szembesülnek olyan platformok részéről, mint a YouTube, amely szándékosan ronthatja a nem Google böngészőket használók vagy hirdetésblokkolókat alkalmazók élményét. - Ez a tendencia aggodalmakat vet fel a felhasználói autonómiával kapcsolatban, mivel bünteti azokat, akik hirdetésmentes és megfigyelésmentes webes élményt választanak. - A Firefox egyedi funkciókat kínál, mint például a konténer lapok, amelyek növelik a magánélet védelmét és a használhatóságot, így kedvelt választás azok számára, akik függetlenedni szeretnének a nagyvállalati irányítás alatt álló böngészőktől.”
    • +
+

„A Sonos vezérigazgatója lemond az alkalmazás frissítési fiaskója után”

+

Reakciók

+
    +
  • „A Sonos vezérigazgatója lemondott egy ellentmondásos alkalmazásfrissítést követően, amely arra kényszerítette a felhasználókat, hogy cseréljék le drága hangrendszereiket, ami ügyfél-elégedetlenséget okozott. - A frissítés egy felhőalapú rendszert vezetett be, eltávolodva a megbízható Universal Plug and Play (UPnP) rendszertől, ami csatlakozási problémákhoz és megnövekedett bonyolultsághoz vezetett. - Ez a helyzet rávilágít az üzleti stratégiák és az ügyfélbizalom fenntartása közötti konfliktusra, miközben a vezérigazgató tanácsadói szerepbe lép át egy végkielégítési csomaggal.”
    • +
+

„A MrBeast gyomrában”

+

Reakciók

+
    +
  • „Az esszé azt vizsgálja, hogyan befolyásolja a YouTube algoritmusa a tartalomkészítést, MrBeast-et használva esettanulmányként, kiemelve az elmozdulást az elköteleződés-vezérelt, nem pedig a tartalmas tartalom felé. - Tárgyalja a médiaértés szélesebb körű következményeit és a YouTube-hoz és TikTok-hoz hasonló platformok kulturális hatását, egy felszínes és reakciós tartalom felé mutató trendet javasolva. - Különböző nézőpontokat vesz figyelembe az algoritmusok szerepéről a tartalom formálásában és a népszerű alkotók kulturális normákra gyakorolt hatásáról.”
    • +
+

„A GitHub Git műveletei nem működnek”

+
    +
  • „A GitHub 2025. január 13-án Git műveletek kiesésével szembesült egy konfigurációs változtatás miatt, amely az belső terheléselosztót érintette, és 23:35-től 00:24 UTC-ig tartott. - A problémát a konfigurációs változtatás visszavonásával oldották meg, és a GitHub azon dolgozik, hogy javítsa a monitorozási és telepítési folyamatokat, hogy megelőzze a hasonló eseteket. - A kiesés a GitHub Actions és Pages szolgáltatásait is érintette, kiemelve a platformszolgáltatásaik összekapcsolt jellegét.”
    • +
+

Reakciók

+
    +
  • „A GitHub jelentős leállást tapasztalt, amely a git műveleteket érintette, zavart okozva a fejlesztők körében, akik kezdetben SSH kulcsaik vagy helyi konfigurációik problémáira gyanakodtak. - Az eset rávilágított a központosított szolgáltatásokra való támaszkodás kihívásaira, és ösztönözte a vitákat az önálló hosztolás és a decentralizált rendszerek előnyeiről. - Bár a problémát megoldották, felhívta a figyelmet a GitHub megbízhatóságával kapcsolatos aggodalmakra és az alapvető feladatok harmadik fél platformjaira való támaszkodásának kockázataira.”
    • +
+

„Megjelent a ZFS 2.3 a ZFS raidz bővítéssel”

+
    +
  • „Megjelent az OpenZFS 2.3.0, amely jelentős új funkciókat vezet be, mint például a RAIDZ bővítés, a gyors deduplikáció, a közvetlen bemenet/kimenet, a JSON kimenet és a hosszú fájlnevek támogatása. - A kiadás alapvető hibajavításokat és teljesítményjavításokat tartalmaz, kompatibilis a 4.18 - 6.12 Linux kernel verziókkal és a FreeBSD 13.3, 14.0 - 14.2 verzióival. - A frissítés 134 közreműködő közös munkájának eredménye, részletes dokumentációval és változásnaplóval, amely elérhető áttekintésre.”
    • +
+

Reakciók

+
    +
  • „A ZFS 2.3 megjelent, és olyan funkciókat vezet be, mint a RAIDZ bővítés, gyors deduplikáció, közvetlen IO, JSON kimenet és a hosszú fájlnevek támogatása. - A RAIDZ bővítés különösen figyelemre méltó, mivel lehetővé teszi a felhasználók számára, hogy új eszközöket adjanak hozzá egy meglévő RAIDZ poolhoz leállás nélkül, növelve a tárolókapacitást. - A kiadást jelentős előrelépésnek tekintik a ZFS felhasználók számára, összehasonlítva más fájlrendszerekkel, mint például a Btrfs és a Windows Storage Spaces, annak ellenére, hogy vannak korlátai, mint például a poolok zsugorításának képtelensége.”
    • +
+

„Webtop – Alpine, Ubuntu, Fedora és Arch konténerek, amelyek teljes asztali környezeteket tartalmaznak”

+
    +
  • „A Linuxserver/webtop konténereket biztosít Alpine, Ubuntu, Fedora és Arch alapokon, teljes asztali környezettel, amelyek web böngészőkön keresztül érhetők el, támogatva mind az x86-64, mind az arm64 architektúrákat.”
    • +
  • „A felhasználók különböző asztali környezetek közül választhatnak, mint például az XFCE, KDE, MATE, i3, Openbox és IceWM, speciális képcímkék használatával, és a Webtopot kijelölt URL-ek segítségével érhetik el.”
    • +
  • „A biztonsági funkciók közé tartozik a Docker seccomp opciója és a hitelesítési beállítás, testreszabási lehetőségekkel a környezeti változókon keresztül, valamint támogatás a GPU gyorsításhoz nyílt forráskódú illesztőprogramokkal.”
    • +
+

Reakciók

+
    +
  • „A Webtop konténereket biztosít teljes asztali környezettel Alpine, Ubuntu, Fedora és Arch rendszerekhez, amelyek alkalmasak gyors beállításokra VPN mögött.”
    • +
  • „A felhasználók dicsérik a Webtop sebességét és könnyű használatát, különösen a Gluetun konténerrel való biztonságos kapcsolatok esetén, de óva intenek a konténerek internetre való kitételétől biztonsági intézkedések nélkül, mivel alapértelmezett hitelesítés hiányzik.”
    • +
  • „A projektet azért értékelik, mert nyílt forráskódú és rugalmas, a felhasználók megosztják a konfigurációkat, és a Kasm és a Selkies alternatívákat hasonló célokra említik.”
    • +
+

„Egy tanulmány szerint az online álláshirdetések közül 5-ből 1 vagy hamis, vagy soha nem töltik be.”

+
    +
  • „Egy friss tanulmány szerint az online álláshirdetések 20%-a vagy hamis, vagy betöltetlen marad, ami növeli az álláskeresők frusztrációját. - Ez a „szellemállás” trend talán egy taktika a vállalatok részéről, hogy növekedési képet vetítsenek előre. - Az olyan állásplatformok, mint a Greenhouse és a LinkedIn, álláshirdetés-ellenőrzési szolgáltatásokat vezettek be, hogy segítsenek a felhasználóknak azonosítani a valódi álláslehetőségeket.”
    • +
+

Reakciók

+
    +
  • „Egy tanulmány kimutatta, hogy az online álláshirdetések 20%-a vagy hamis, vagy betöltetlen marad, gyakran azért, mert a vállalatoknak meg kell felelniük az amerikai bevándorlási politikáknak. - A vállalatok azért is fenntarthatják az álláshirdetéseket, hogy megtalálják az ideális jelölteket, megváltoztassák a követelményeket, vagy mert már előre kiválasztott belső jelöltekkel rendelkeznek. - Az álláspiac nehéz a pályázók számára, akik gyakran találkoznak eltűnéssel és automatizált elutasításokkal, ami szabályozási beavatkozásra való felhívásokat eredményez.”
    • +
+

„Egy kereszteződést veszélyessé tenni a gyalogosok számára, hogy másodperceket spóroljanak az autósoknak”

+

Reakciók

+
    +
  • „A vita középpontjában az áll, hogy az útkereszteződéseknek a gyalogosok biztonságát vagy a járművezetők hatékonyságát kellene előtérbe helyezniük, egyesek a lámpával szabályozott kereszteződéseket és a gyalogos átkelőket részesítik előnyben a 4-utas megállókkal szemben.”
    • +
  • „A vélemények eltérnek a közlekedési törvényekről és az infrastruktúra tervezéséről, különös tekintettel a tilosban átkelés biztonságára és a piros lámpánál történő jobbra kanyarodás kockázataira.”
    • +
  • „Egyesek alternatív megoldásokat javasolnak, mint például körforgalmak vagy a holland közlekedéstechnikai szabványok átvétele a biztonság és a hatékonyság növelése érdekében.”
    • +
+

„A PostgreSQL a 2024-es év adatbázis-kezelő rendszere”

+
    +
  • „A PostgreSQL elnyerte a 2024-es Év DBMS-e díjat a DB-Engines-től, ezzel ötödik alkalommal kapta meg ezt az elismerést, megelőzve 423 másik adatbázis-kezelő rendszert.”
    • +
  • „A PostgreSQL, amelynek története közel 35 évre nyúlik vissza, továbbra is innovatív, amit a 2024 szeptemberében megjelent PostgreSQL 17 legújabb fejlesztései is bizonyítanak.”
    • +
  • „A Snowflake és a Microsoft a második és harmadik helyet szerezték meg, a Snowflake a felhőalapú adattárolásáról és a többfelhős támogatásáról ismert, míg a Microsoft az Azure SQL Database és az SQL Server révén erős, kezelt relációs adatbázisokat kínál.”
    • +
+

Reakciók

+
    +
  • „A PostgreSQL elnyerte a 2024-es Év Adatbázis-kezelő Rendszere díjat a db-engines.com-tól, ami kiemeli növekvő népszerűségét és elismerését az iparágban.”
    • +
  • „A felhasználók fontolgatják, hogy a magas licencdíjak és az erőforrás-korlátozások miatt áttérnek a Microsoft SQL Serverről a PostgreSQL-re, annak ellenére, hogy a migráció kihívásokkal járhat.”
    • +
  • „A PostgreSQL-t kedvelik robusztus funkciói és költséghatékonysága miatt, ami miatt előnyben részesítik a jövőbeli projektekhez, bár néhány felhasználó alternatívákat, például a Babelfish-t is felfedezi a költségek csökkentése érdekében.”
    • +
+

„A Google OAuth bejelentkezése nem véd a sikertelen startup domainjének megvásárlása ellen”

+

Reakciók

+
    +
  • „A vita rávilágít egy sebezhetőségre a Google OAuth bejelentkezési rendszerében, amikor egy meghiúsult startup domainjét egy új tulajdonos szerzi meg, ami potenciálisan lehetővé teheti a jogosulatlan hozzáférést a szolgáltatásokhoz.”
    • +
  • „Ez a probléma azért merül fel, mert a Google nem biztos, hogy megkülönbözteti az eredeti és az új domain tulajdonosokat, ami hatással lehet bármely rendszerre, amely domain alapú hitelesítést használ.”
    • +
  • „Egy javasolt megoldás az, hogy egyedi azonosítókat használjunk, amelyek idővel állandóak maradnak, bár ennek a megoldásnak a megvalósítása az egyes identitásszolgáltatók között eltérő.”
    • +
+

„Kódolási készségek használata passzív jövedelem szerzésére”

+
    +
  • „A szerző a CTO szerepkörből solopreneurré vált, és sikeresen többet keresett egy szoftvertermék-portfólió révén.”
    • +
  • „A kulcsfontosságú stratégiák közé tartozik a mély munkára való összpontosítás, a kis projektekkel való kezdés, a gyors iteráció, valamint az idő szentelése a marketing tevékenységekre.”
    • +
  • „Az utazás a bizonytalanságok miatt a rugalmasságot hangsúlyozza, de kiemeli ennek a karrierútnak a páratlan autonómiáját és szabadságát, bátorítva azokat, akik kódolási készségekkel rendelkeznek, hogy fontolják meg passzív jövedelemforrásként.”
    • +
+

Reakciók

+
    +
  • „Egy felhasználó leírta, hogyan generál passzív jövedelmet SEO spam weboldalakon keresztül, amelyek lejáró domain neveket használnak, és évente körülbelül 30 ezer dollárt keres, annak ellenére, hogy etikai aggályok merülnek fel, és a Google végül fellép ellene.”
    • +
  • „A bejegyzés vitát váltott ki a passzív jövedelemről, mivel néhány felhasználó azt állította, hogy ez inkább hasonlít egy vállalkozás működtetésére, mint valóban passzív keresetre.”
    • +
  • „A résztvevők megosztották tapasztalataikat és kihívásaikat a mellékprojektekben, kiemelve az idő, a kitartás és a stratégiai tervezés fontosságát.”
    • +
+

„Spanyolország 100%-os adót javasol az EU-n kívüli lakosok által vásárolt ingatlanokra”

+
    +
  • „Spanyolország fontolóra veszi a 100%-os adó bevezetését az ingatlanvásárlásokra nem EU-s lakosok esetében, azzal a céllal, hogy kezelje a lakhatási válságot és visszaszorítsa a spekulatív vásárlásokat.”
    • +
  • „Pedro Sánchez miniszterelnök javaslata magában foglalja a szociális lakások bővítését és a turisztikai bérlések szabályozását, hogy kezelje a lakásárak és a jövedelmek közötti különbséget.”
    • +
  • „A javaslat jövője, mint törvény, bizonytalan, mivel egyes elemzők inkább elrettentésként tekintenek rá a külföldi befektetők számára, semmint garantált jogszabályi változásként.”
    • +
+

Reakciók

+
    +
  • „Spanyolország fontolóra veszi, hogy 100%-os adót vet ki az EU-n kívüli lakosok által vásárolt ingatlanokra, hogy kezelje a lakhatási megfizethetőségi problémákat. - A kritikusok azt állítják, hogy a külföldi vásárlók nem a magas lakásárak elsődleges okai, inkább a lassú bürokráciát és a területrendezési törvényeket említik jelentősebb tényezőkként. - A javaslat vitát váltott ki a külföldi tulajdon szerepéről a lakáspiacon és annak hatékonyságáról a megfizethetőségi problémák megoldásában.”
    • +
+

„Az Apple hamarosan 'Amerikában készült' chipeket fog kapni a TSMC arizonai gyárából”

+
    +
  • „Az Apple teszteli a TSMC arizonai létesítményéből származó processzorokat, és tervezi a tömeggyártást az első negyedévre, potenciálisan a TSMC első amerikai ügyfelévé válva a helyben gyártott chipek tekintetében. - Ez az kezdeményezés célja az amerikai szilícium függetlenség erősítése, csökkentve a Tajvantól való függőséget, amely geopolitikai és természeti kockázatoknak van kitéve. - A TSMC arizonai gyára fejlett 3nm és 2nm chipeket fog gyártani, folyamatos erőfeszítésekkel a helyi toborzás és az amerikai egyetemekkel való partnerségek javítására, bár a csomagolás kezdetben Tajvanon fog történni, amíg a Peoria létesítmény működőképessé nem válik.”
    • +
+

Reakciók

+
    +
  • „Az Apple a TSMC arizonai üzeméből kap chipeket, de azokat vissza kell küldeni Tajvanra csomagolásra az amerikai létesítmények elégtelensége miatt. - Az arizonai üzemben dolgozók több mint 50%-a Tajvanról származik, ami az amerikai STEM (tudomány, technológia, mérnöki tudományok és matematika) terület hiányosságaira utal. - A CHIPS Act kezdeményezés, amely az amerikai félvezetőgyártás fejlesztését célozza, kihívásokkal néz szembe, mivel a "Made in America" címke megkérdőjeleződik a csomagolási folyamat Tajvanon történő lebonyolítása miatt, bár 2027-re tervezik az amerikai csomagolási képességek kiépítését.”
    • +
+

„43 ezerrel kevesebb sofőr van Manhattan útjain, miután bevezették a dugódíjat”

+
    +
  • „Miután bevezették a dugódíjat, 7,5%-kal csökkent a Manhattanbe a 60. utca alá behajtó autósok száma, ami napi 43 000-rel kevesebb autóst jelentett hétköznaponként.”
    • +
  • „A forgalom csökkenése javította a közlekedés áramlását és növelte a buszok sebességét, néhány expressz busz esetében pedig megnövekedett az utasforgalom.”
    • +
  • „A Metropolitan Transportation Authority (MTA) az évi 500 millió dollárra becsült útdíjbevételt közlekedési fejlesztésekre használja fel, annak ellenére, hogy némi politikai ellenállás tapasztalható.”
    • +
+

Reakciók

+
    +
  • „A dugódíj bevezetése Manhattanben 43 000-rel kevesebb autóst eredményezett, ami a buszok sebességének növekedéséhez és potenciálisan jobb vészhelyzeti reagálási időkhez vezetett.”
    • +
  • „A politika célja a forgalmi torlódások csökkentése és a levegő minőségének javítása, bár vitát váltott ki az alacsonyabb jövedelmű egyénekre gyakorolt hatásáról.”
    • +
  • „A támogatók azzal érvelnek, hogy az előnyök közé tartozik a hatékonyabb tömegközlekedés és a tisztább levegő, miközben folytatódnak a viták ezen előnyök és a járművezetők igényeinek egyensúlyba hozásáról.”
    • +
+ + + + + +]]> + https://hn.cho.sh/hu/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

„Önvezető 1993-as Volvo nyílt pilótával”

-
    -
  • „Egy baráti társaság részt vett a Carbage Run 2025 téli kiadásán, egy 6 napos rallyn Svédországon keresztül a sarkkörig és vissza Helsinkibe, amelyen a járműveknek legalább 20 éveseknek kell lenniük, és értékük nem haladhatja meg az 1000 eurót.”
    • -
  • „Átalakítottak egy 1993-as Volvo 940 Estate modellt önvezető járművé a comma.ai openpilot rendszerével, modern alkatrészeket, például elektromos szervokormányt, Bosch iBooster-t és Tesla radarérzékelőt beépítve.”
    • -
  • „A jövőbeli frissítések részleteket tartalmaznak majd a vezetékezésről, egy egyedi motorvezérlő egységről (ECU), valamint a kód nyílt forráskódúvá tételének terveiről, kiemelve a projekt innovatív megközelítését a régebbi járművek önvezető technológiával való felszerelésére.”
    • -
-

Reakciók

-
    -
  • „Egy 1993-as Volvo 940-et felszereltek az OpenPilot nevű önvezető technológiával, ami kiemeli a klasszikus autótervezés és a modern technológia találkozását.”
    • -
  • „A projekt kihívásokkal szembesült, beleértve a fék- és kormányműrendszerek frissítését, ami jogi és biztonsági aggályokat vetett fel, különösen az olyan barkács módosításokkal, mint a kormányoszlop hegesztése.”
    • -
  • „A vita kiterjedt az európai autószabályozásokra, az amerikai hotrodok hanyatlására és az autómodifikációs szabadságok kulturális különbségeire, miközben a projektet inspiráló barkács erőfeszítésként tekintették, a biztonsági aggályok ellenére.”
    • -
-

„VoxelSpace: Domborzatmegjelenítő algoritmus kevesebb mint 20 sor kódban (2020)”

-
    -
  • „A NovaLogic 1992-es Comanche játéka a Voxel Space motorral készült, amely egy 2.5D-s renderelési technika, amely sugárvetítésen alapul, és részletes terepeket hoz létre árnyékolással és árnyékokkal.”
    • -
  • „A Voxel Space motor magassági és színtérképeket használt, valamint egy egyszerű renderelési algoritmust, amely hátulról előre rajzolta a függőleges vonalakat, és amelyet teljesítmény szempontjából lehetett optimalizálni.”
    • -
  • „A motor kódja elérhető az MIT licenc alatt, de a technológia bizonyos régiókban még mindig szabadalmaztatott lehet.”
    • -
-

Reakciók

-
    -
  • „A VoxelSpace egy terepmegjelenítő algoritmus, amely egyszerűségéről ismert, kevesebb mint 20 sornyi kódot igényel, és nosztalgiát idéz elő az innovatív játékfejlesztés iránt a hardverkorlátozott korszakokban.”
    • -
  • „A modern AAA játékok a bonyolult optimalizálásokra és piaci trendekre összpontosítanak, gyakran az eredetiség rovására, míg az indie játékok és a PICO-8 platformok nagyobb kreatív szabadságot biztosítanak.”
    • -
  • „A technológiai fejlődés ellenére néhány fejlesztő és játékos úgy érzi, hogy a régebbi játékok „varázsa” hiányzik, bár az olyan innovatív projektek, mint a voxel renderelés, továbbra is inspirálják a kreativitást.”
    • -
-

„Hogyan rajzoljunk körvonalat egy videojátékban”

-
    -
  • „A cikk öt technikát tárgyal az Unity-ben, egy népszerű játékfejlesztési platformon, az körvonalak megjelenítésére, kiemelve azok használatát olyan játékokban, mint a Sable és a The Last of Us. - A technikák közé tartozik a Rim Effects, a Vertex Extrusion, a Blurred Buffer, a Jump Flood Algorithm és az Edge Detection, mindegyik egyedi előnyökkel és kompromisszumokkal rendelkezik a teljesítmény és a vizuális minőség szempontjából. - A cikk betekintést nyújt ezen módszerek kiegyensúlyozásába az optimális játékesztétika és játékmenet támogatása érdekében, további forrásokkal és 3D modellekhez kapcsolódó kreditekkel.”
    • -
-

Reakciók

-
    -
  • „A cikk a videojátékokban alkalmazott körvonalrajzolás fejlett technikáit vizsgálja, kiemelve a Jump Flood Algorithm (JFA) és a Signed Distance Fields (SDFs) hatékonyságát a hagyományos módszerekkel szemben. - Stílusos 3D grafikákat tárgyal, beleértve a renderelési technikákat és a neurális hálózatok világítási és stílusalkotási lehetőségeit. - A közreműködők betekintést nyújtanak a cel shading történelmi fejlődésébe a játékokban, mint például a Jet Set Radio, kiemelve a technológia és a művészet fejlődő metszéspontját a 3D grafikában.”
    • -
-

„Felmondok a Washington Postnál”

-

Reakciók

-
    -
  • „A szerző elhagyja a Washington Postot, mivel az nem tudott alkalmazkodni a változó médiakörnyezethez, és a kérdések bemutatásának módját is hatástalannak tartja olyan kritikus témák esetében, mint a demokrácia.”
    • -
  • „A hagyományos média, különösen a helyi újságok, pénzügyi nehézségekkel küzdenek, ami elfogult tudósításhoz és a közbizalom csökkenéséhez vezet, miközben a közösségi média nem helyettesítheti az újságírás alapos munkáját.”
    • -
  • „Aggodalmak merülnek fel a gazdag egyének, például Jeff Bezos, médiaorgánumokra gyakorolt befolyása, valamint a vállalati érdekek hatása miatt a média hatalomellenőrző szerepére.”
    • -
-

„A Perplexity reklámokat kapott”

-

Reakciók

-
    -
  • „A Perplexity bevezette a hirdetéseket, ami vitákat váltott ki az online szolgáltatásokban megjelenő hirdetések elkerülhetetlenségéről, mivel a fogyasztók vonakodnak fizetni a hirdetésmentes élményekért. - Néhány felhasználó tolakodónak találja a hirdetéseket, és inkább az olyan előfizetéses szolgáltatásokat részesíti előnyben, mint a Kagi, amely hirdetésmentes keresést kínál, míg mások továbbra is a hirdetésekkel támogatott ingyenes lehetőségeket választják. - Ez a helyzet rávilágít a digitális szolgáltatásokban az ad-támogatott és az előfizetéses modellek közötti folyamatos vitára.”
    • -
- - - - - -]]> - https://hn.cho.sh/hu/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/id.xml b/static/rss/newsletter/id.xml index 9cb4783c3..9a88cf3a2 100644 --- a/static/rss/newsletter/id.xml +++ b/static/rss/newsletter/id.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

Tidak ada teks yang diberikan untuk diterjemahkan.

+
    +
  • Seorang peneliti keamanan dari Snyk merilis paket NPM berbahaya yang menargetkan Cursor.com, sebuah perusahaan pemrograman AI, untuk mengumpulkan data sistem dan mengirimkannya ke layanan yang dikendalikan oleh penyerang.
    • +
  • Tiga paket, yang diidentifikasi sebagai "cursor-retrieval," "cursor-always-local," dan "cursor-shadow-workspace," ditandai oleh pemindai analisis paket OpenSSF, menghasilkan peringatan MAL-2025-27, MAL-2025-28, dan MAL-2025-29.
    • +
  • Insiden ini menyoroti pentingnya memeriksa paket NPM sebelum instalasi untuk menghindari potensi ancaman keamanan.
    • +
+

Reaksi

+
    +
  • A Snyk security researcher merilis paket NPM (Node Package Manager) berbahaya yang ditujukan pada cursor.com, menyoroti kerentanan kebingungan ketergantungan. - Insiden ini telah memicu perdebatan tentang etika penelitian keamanan, terutama mengenai paparan publik variabel lingkungan. - Cursor.com menjelaskan bahwa mereka tidak mengizinkan tindakan tersebut, dan Snyk telah meminta maaf, menekankan tantangan dalam menyeimbangkan penelitian keamanan ofensif dengan standar etika.
    • +
+

Saya Beralih ke Firefox dan Tidak Pernah Menyesal

+
    +
  • Firefox dipuji karena manajemen tab yang superior, fitur Pocket bawaan untuk menyimpan tautan, dan relay email yang berfokus pada privasi, menjadikannya alternatif yang kuat untuk Chrome. - Fitur tambahan seperti alat tangkapan layar yang ramah pengguna, tombol ChatGPT, Picture-in-Picture, opsi pencarian yang dapat disesuaikan, dan pengguliran yang mulus meningkatkan pengalaman menjelajah. - Meskipun Firefox tidak memiliki fitur aplikasi web Chrome, desainnya yang bijaksana dan permintaan sumber daya yang lebih rendah membuatnya menjadi pilihan yang disukai bagi beberapa pengguna.
    • +
+

Reaksi

+
    +
  • Pengguna Firefox menghadapi tantangan dari platform seperti YouTube, yang mungkin sengaja menurunkan kualitas pengalaman bagi pengguna browser non-Google atau yang menggunakan pemblokir iklan. - Tren ini menimbulkan kekhawatiran tentang otonomi pengguna, karena menghukum mereka yang memilih pengalaman web bebas iklan dan pengawasan. - Firefox menawarkan fitur unik, seperti tab kontainer, yang meningkatkan privasi dan kegunaan, menjadikannya pilihan favorit bagi pengguna yang mencari kebebasan dari browser yang dikendalikan oleh korporasi besar.
    • +
+

CEO Sonos mengundurkan diri setelah kekacauan pembaruan aplikasi

+

Reaksi

+
    +
  • Tidak lama setelah pembaruan aplikasi yang kontroversial, CEO Sonos mengundurkan diri. Pembaruan tersebut mengharuskan pengguna mengganti sistem suara yang mahal, menyebabkan ketidakpuasan pelanggan. Pembaruan ini memperkenalkan sistem berbasis cloud, menjauh dari Universal Plug and Play (UPnP) yang andal, yang menyebabkan masalah konektivitas dan meningkatkan kompleksitas. Situasi ini menyoroti konflik antara strategi bisnis dan mempertahankan kepercayaan pelanggan, sementara CEO beralih ke peran penasihat dengan paket pesangon.
    • +
+

Di dalam perut MrBeast

+

Reaksi

+
    +
  • Tulisan ini meneliti bagaimana algoritma YouTube mempengaruhi pembuatan konten, dengan menggunakan MrBeast sebagai studi kasus, menyoroti pergeseran menuju konten yang didorong oleh keterlibatan daripada konten yang bermakna. - Ini membahas implikasi yang lebih luas untuk literasi media dan dampak budaya dari platform seperti YouTube dan TikTok, menunjukkan tren menuju konten yang dangkal dan reaktif. - Berbagai perspektif dipertimbangkan mengenai peran algoritma dalam membentuk konten dan pengaruh pencipta populer terhadap norma budaya.
    • +
+

Operasi Git di GitHub Sedang Mengalami Gangguan

+
    +
  • GitHub mengalami gangguan operasi Git pada 13 Januari 2025, akibat perubahan konfigurasi yang mempengaruhi penyeimbang beban internal, yang berlangsung dari pukul 23:35 hingga 00:24 UTC. - Masalah ini diselesaikan dengan mengembalikan perubahan konfigurasi, dan GitHub sedang berupaya meningkatkan pemantauan dan proses penerapan untuk mencegah insiden serupa. - Gangguan ini juga mempengaruhi layanan Actions dan Pages GitHub, menyoroti sifat saling terhubung dari layanan platform mereka.
    • +
+

Reaksi

+
    +
  • GitHub mengalami gangguan besar yang mempengaruhi operasi git, menyebabkan kebingungan di kalangan pengembang yang awalnya menduga masalah dengan kunci SSH atau konfigurasi lokal mereka. - Insiden ini menyoroti tantangan mengandalkan layanan terpusat, mendorong diskusi tentang keuntungan dari self-hosting dan sistem terdesentralisasi. - Meskipun masalah tersebut telah diselesaikan, hal ini menyoroti kekhawatiran tentang keandalan GitHub dan risiko bergantung pada platform pihak ketiga untuk tugas-tugas penting.
    • +
+

ZFS 2.3 dirilis dengan ekspansi ZFS raidz

+
    +
  • OpenZFS 2.3.0 telah dirilis, memperkenalkan fitur-fitur signifikan seperti Ekspansi RAIDZ, Deduplication Cepat, Input/Output Langsung, keluaran JSON, dan dukungan untuk nama file panjang. - Rilis ini mencakup perbaikan bug penting dan peningkatan kinerja, kompatibel dengan kernel Linux 4.18 - 6.12 dan versi FreeBSD 13.3, 14.0 - 14.2. - Pembaruan ini merupakan upaya kolaboratif dari 134 kontributor, dengan dokumentasi lengkap dan log perubahan tersedia untuk ditinjau.
    • +
+

Reaksi

+
    +
  • ZFS 2.3 telah dirilis, memperkenalkan fitur-fitur seperti ekspansi RAIDZ, deduplikasi cepat, IO langsung, output JSON, dan dukungan untuk nama file yang panjang. - Ekspansi RAIDZ sangat menonjol karena memungkinkan pengguna untuk menambahkan perangkat baru ke pool RAIDZ yang sudah ada tanpa waktu henti, meningkatkan kapasitas penyimpanan. - Rilis ini dianggap sebagai kemajuan signifikan bagi pengguna ZFS, menarik perbandingan dengan sistem file lain seperti Btrfs dan Windows Storage Spaces, meskipun ada beberapa keterbatasan seperti ketidakmampuan untuk mengecilkan pool.
    • +
+

Webtop – Kontainer Alpine, Ubuntu, Fedora, dan Arch yang berisi lingkungan desktop lengkap

+
    +
  • Linuxserver/webtop menyediakan kontainer berbasis Alpine, Ubuntu, Fedora, dan Arch dengan lingkungan desktop penuh yang dapat diakses melalui peramban web, mendukung arsitektur x86-64 dan arm64.
    • +
  • Pengguna dapat memilih dari berbagai lingkungan desktop seperti XFCE, KDE, MATE, i3, Openbox, dan IceWM dengan menggunakan tag gambar tertentu, dan mengakses Webtop melalui URL yang ditentukan.
    • +
  • Fitur keamanan mencakup opsi seccomp Docker dan pengaturan autentikasi, dengan opsi kustomisasi yang tersedia melalui variabel lingkungan, serta dukungan untuk akselerasi GPU dengan driver sumber terbuka.
    • +
+

Reaksi

+
    +
  • Webtop menyediakan kontainer dengan lingkungan desktop penuh untuk Alpine, Ubuntu, Fedora, dan Arch, cocok untuk pengaturan cepat di belakang VPN.
    • +
  • Pengguna memuji Webtop karena kecepatannya dan kemudahan penggunaannya, terutama saat digunakan dengan kontainer Gluetun untuk koneksi yang aman, tetapi memperingatkan agar tidak mengekspos kontainer ke internet tanpa langkah-langkah keamanan karena tidak adanya otentikasi bawaan.
    • +
  • Teks ini menilai proyek tersebut karena bersifat open-source dan fleksibel, dengan pengguna yang berbagi konfigurasi, dan alternatif seperti Kasm dan Selkies dicatat untuk tujuan serupa.
    • +
+

1 dari 5 lowongan pekerjaan online adalah palsu atau tidak pernah terisi, menurut sebuah studi.

+
    +
  • Studi terbaru menunjukkan bahwa 20% dari lowongan pekerjaan online adalah palsu atau tetap tidak terisi, menambah frustrasi para pencari kerja. - Tren "pekerjaan hantu" ini mungkin merupakan taktik bagi perusahaan untuk memproyeksikan citra pertumbuhan. - Platform pekerjaan seperti Greenhouse dan LinkedIn telah memperkenalkan layanan verifikasi pekerjaan untuk membantu pengguna mengidentifikasi peluang kerja yang asli.
    • +
+

Reaksi

+
    +
  • Sebuah studi mengungkapkan bahwa 20% dari lowongan pekerjaan online adalah palsu atau tetap tidak terisi, sering kali karena perusahaan perlu mematuhi kebijakan imigrasi AS. - Perusahaan juga mungkin membiarkan lowongan pekerjaan tetap terbuka untuk menemukan kandidat ideal, mengubah persyaratan, atau memiliki kandidat internal yang sudah dipilih sebelumnya. - Pasar kerja sulit bagi pelamar, yang sering kali menghadapi pengabaian dan penolakan otomatis, mendorong seruan untuk intervensi regulasi.
    • +
+

Membuat persimpangan tidak aman bagi pejalan kaki demi menghemat beberapa detik bagi pengemudi

+

Reaksi

+
    +
  • Teks tersebut membahas perdebatan mengenai apakah persimpangan seharusnya memprioritaskan keselamatan pejalan kaki atau efisiensi pengemudi, dengan beberapa pihak lebih menyukai persimpangan yang dikendalikan lampu dan penyeberangan pejalan kaki dibandingkan dengan pemberhentian 4 arah.
    • +
  • Opini bervariasi mengenai undang-undang lalu lintas dan desain infrastruktur, dengan diskusi tentang keselamatan menyeberang jalan sembarangan dan risiko yang terkait dengan belok kanan saat lampu merah.
    • +
  • Beberapa orang menganjurkan solusi alternatif seperti bundaran atau mengadopsi standar rekayasa lalu lintas Belanda untuk meningkatkan keselamatan dan efisiensi.
    • +
+

PostgreSQL adalah Sistem Manajemen Basis Data Tahun 2024

+
    +
  • PostgreSQL telah dianugerahi DBMS of the Year 2024 oleh DB-Engines, meraih pengakuan ini untuk kelima kalinya, melampaui 423 sistem manajemen basis data lainnya.
    • +
  • PostgreSQL, dengan sejarah yang mencakup hampir 35 tahun, terus berinovasi, seperti yang terlihat dalam peningkatan terbaru PostgreSQL 17, yang dirilis pada September 2024.
    • +
  • Snowflake dan Microsoft masing-masing menempati posisi kedua dan ketiga, dengan Snowflake dikenal karena penyimpanan data berbasis cloud dan dukungan multi-cloud, sementara Microsoft menawarkan basis data relasional terkelola yang kuat melalui Azure SQL Database dan SQL Server.
    • +
+

Reaksi

+
    +
  • PostgreSQL telah dianugerahi Database Management System of the Year 2024 oleh db-engines.com, menyoroti popularitasnya yang semakin meningkat dan pengakuan di industri.
    • +
  • Pengguna sedang mempertimbangkan untuk beralih dari Microsoft SQL Server ke PostgreSQL karena biaya lisensi yang tinggi dan keterbatasan sumber daya, meskipun ada tantangan migrasi yang potensial.
    • +
  • PostgreSQL disukai karena fitur-fiturnya yang kuat dan efektivitas biayanya, menjadikannya pilihan yang disukai untuk proyek-proyek mendatang, meskipun beberapa pengguna menjelajahi alternatif seperti Babelfish untuk mengurangi biaya.
    • +
+

Login OAuth Google tidak melindungi terhadap pembelian domain startup yang gagal.

+

Reaksi

+
    +
  • Teks tersebut menyoroti kerentanan dalam sistem login OAuth Google ketika domain dari sebuah startup yang gagal diakuisisi oleh pemilik baru, yang berpotensi memungkinkan akses tidak sah ke layanan.
    • +
  • Masalah ini muncul karena Google mungkin tidak dapat membedakan antara pemilik domain asli dan yang baru, yang mempengaruhi sistem apa pun yang menggunakan autentikasi berbasis domain.
    • +
  • Solusi yang diusulkan adalah menggunakan pengenal unik yang tetap konstan dari waktu ke waktu, meskipun penerapan solusi ini bervariasi di antara penyedia identitas.
    • +
+

Memanfaatkan keterampilan pemrograman untuk menghasilkan pendapatan pasif

+
    +
  • Penulis beralih dari peran CTO menjadi solopreneur, berhasil mendapatkan lebih banyak melalui portofolio produk perangkat lunak.
    • +
  • Strategi utama meliputi fokus pada pekerjaan mendalam, memulai dengan proyek kecil, iterasi cepat, dan mendedikasikan waktu untuk upaya pemasaran.
    • +
  • Teks ini menekankan ketahanan menghadapi ketidakpastian, tetapi menyoroti otonomi dan kebebasan yang tak tertandingi dari jalur karier ini, mendorong mereka yang memiliki keterampilan pemrograman untuk mempertimbangkannya sebagai sumber pendapatan pasif.
    • +
+

Reaksi

+
    +
  • Seorang pengguna menggambarkan cara menghasilkan pendapatan pasif melalui situs web spam SEO dengan menggunakan nama domain yang akan kedaluwarsa, menghasilkan sekitar $30 ribu per tahun, meskipun ada kekhawatiran etis dan tindakan tegas dari Google pada akhirnya.
    • +
  • Tulisan tersebut memicu perdebatan tentang pendapatan pasif, dengan beberapa pengguna berargumen bahwa itu lebih mirip menjalankan bisnis daripada benar-benar pendapatan pasif.
    • +
  • Para peserta berbagi pengalaman dan tantangan dalam proyek sampingan, menyoroti pentingnya waktu, ketahanan, dan perencanaan strategis.
    • +
+

Spanyol mengusulkan pajak 100% pada rumah yang dibeli oleh penduduk non-Uni Eropa.

+
    +
  • Spanyol sedang mempertimbangkan pajak 100% pada pembelian real estat oleh penduduk non-Uni Eropa, dengan tujuan untuk mengatasi krisis perumahan dan mengekang pembelian spekulatif.
    • +
  • Proposal Perdana Menteri Pedro Sánchez mencakup perluasan perumahan sosial dan pengaturan penyewaan wisata untuk mengatasi kesenjangan antara harga rumah dan pendapatan.
    • +
  • Tidak pasti apakah proposal tersebut akan menjadi undang-undang, dengan beberapa analis melihatnya lebih sebagai penghalang bagi investor asing daripada perubahan legislatif yang dijamin.
    • +
+

Reaksi

+
    +
  • Spanyol sedang mempertimbangkan pajak 100% pada rumah yang dibeli oleh penduduk non-Uni Eropa untuk mengatasi masalah keterjangkauan perumahan. - Para kritikus menyarankan bahwa pembeli asing bukanlah penyebab utama tingginya harga perumahan, dengan menyebut birokrasi yang lambat dan undang-undang zonasi sebagai faktor yang lebih signifikan. - Usulan ini telah memicu perdebatan tentang peran kepemilikan asing dalam pasar perumahan dan efektivitasnya dalam menyelesaikan masalah keterjangkauan.
    • +
+

Apple akan segera menerima chip 'buatan Amerika' dari pabrik TSMC di Arizona

+
    +
  • Apple sedang menguji prosesor dari fasilitas TSMC di Arizona, dengan rencana untuk produksi massal pada kuartal pertama, yang berpotensi menjadikan Apple sebagai pelanggan pertama TSMC di AS untuk chip yang diproduksi secara lokal. - Inisiatif ini bertujuan untuk memperkuat kemandirian silikon AS, mengurangi ketergantungan pada Taiwan, yang rentan terhadap risiko geopolitik dan alam. - Pabrik TSMC di Arizona akan memproduksi chip canggih 3nm dan 2nm, dengan upaya berkelanjutan untuk meningkatkan perekrutan lokal dan kemitraan dengan universitas di AS, meskipun pengemasan awalnya akan dilakukan di Taiwan hingga fasilitas di Peoria beroperasi.
    • +
+

Reaksi

+
    +
  • Apple akan menerima chip dari pabrik TSMC di Arizona, tetapi chip tersebut perlu dikirim kembali ke Taiwan untuk pengemasan karena fasilitas di AS tidak mencukupi. - Lebih dari 50% tenaga kerja di pabrik Arizona berasal dari Taiwan, menunjukkan adanya kesenjangan di bidang STEM (Sains, Teknologi, Teknik, dan Matematika) di AS. - Inisiatif Undang-Undang CHIPS, yang bertujuan untuk meningkatkan manufaktur semikonduktor di AS, menghadapi tantangan karena label "Made in America" dipertanyakan akibat proses pengemasan yang terjadi di Taiwan, dengan rencana untuk kemampuan pengemasan di AS pada tahun 2027.
    • +
+

43 ribu lebih sedikit pengemudi di jalan-jalan Manhattan setelah penetapan harga kemacetan diaktifkan

+
    +
  • Setelah penerapan harga kemacetan, terjadi pengurangan sebesar 7,5% pada pengemudi yang memasuki Manhattan di bawah 60th Street, yang setara dengan 43.000 pengemudi lebih sedikit setiap hari kerja.
    • +
  • Pengurangan lalu lintas telah memperbaiki aliran lalu lintas dan meningkatkan kecepatan bus, dengan beberapa bus ekspres mengalami peningkatan jumlah penumpang.
    • +
  • The Metropolitan Transportation Authority (MTA) menggunakan pendapatan tol, yang diperkirakan mencapai $500 juta per tahun, untuk perbaikan transportasi, meskipun ada beberapa oposisi politik.
    • +
+

Reaksi

+
    +
  • Pelaksanaan penetapan harga kemacetan di Manhattan telah mengakibatkan 43.000 pengemudi lebih sedikit, yang mengarah pada peningkatan kecepatan bus dan kemungkinan waktu respons darurat yang lebih baik.
    • +
  • Aturan ini dirancang untuk mengurangi kemacetan lalu lintas dan meningkatkan kualitas udara, meskipun telah memicu perdebatan mengenai dampaknya terhadap individu berpenghasilan rendah.
    • +
  • Para pendukung berpendapat bahwa manfaatnya meliputi transportasi umum yang lebih efisien dan udara yang lebih bersih, sementara diskusi terus berlanjut tentang menyeimbangkan keuntungan ini dengan kebutuhan para pengemudi.
    • +
+ + + + + +]]> + https://hn.cho.sh/id/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Mobil Volvo tahun 1993 dengan sistem kemudi otomatis

-
    -
  • Sekelompok teman berpartisipasi dalam Carbage Run edisi Musim Dingin 2025, sebuah reli selama 6 hari melalui Swedia menuju lingkaran kutub dan kembali ke Helsinki, yang mengharuskan mobil berusia setidaknya 20 tahun dan bernilai di bawah €1000.
    • -
  • Mereka mengubah Volvo 940 Estate tahun 1993 menjadi kendaraan otonom menggunakan openpilot dari comma.ai, dengan menggabungkan komponen modern seperti kemudi listrik, Bosch iBooster, dan sensor radar Tesla.
    • -
  • Pembaruan di masa depan akan mencakup detail tentang pengkabelan, Unit Kontrol Mesin (ECU) khusus, dan rencana untuk membuka kode sumber, menyoroti pendekatan inovatif proyek ini dalam memodifikasi kendaraan lama dengan teknologi otonom.
    • -
-

Reaksi

-
    -
  • Sebuah Volvo 940 tahun 1993 dilengkapi dengan OpenPilot, sebuah teknologi mengemudi otomatis, yang menyoroti persimpangan antara desain mobil klasik dan teknologi modern.
    • -
  • Proyek tersebut menghadapi tantangan, termasuk memperbarui sistem rem dan kemudi, yang menimbulkan kekhawatiran hukum dan keselamatan, terutama dengan modifikasi DIY seperti pengelasan kolom kemudi.
    • -
  • Diskusi meluas ke regulasi mobil di Eropa, penurunan hotrod di AS, dan perbedaan budaya dalam kebebasan modifikasi mobil, dengan proyek tersebut dipandang sebagai upaya DIY yang menginspirasi meskipun ada kekhawatiran tentang keselamatan.
    • -
-

VoxelSpace: Algoritma rendering medan dalam kurang dari 20 baris kode (2020)

-
    -
  • Permainan Comanche dari NovaLogic tahun 1992 menggunakan mesin Voxel Space, sebuah teknik rendering 2.5D yang didasarkan pada ray casting, untuk menciptakan medan yang terperinci dengan bayangan dan naungan.
    • -
  • Mesin Voxel Space menggunakan peta ketinggian dan warna serta algoritma rendering sederhana, menggambar garis vertikal dari belakang ke depan, yang dapat dioptimalkan untuk kinerja.
    • -
  • Teks mesin tersedia di bawah lisensi MIT, tetapi teknologinya mungkin masih dipatenkan di wilayah tertentu.
    • -
-

Reaksi

-
    -
  • VoxelSpace adalah algoritma rendering medan yang terkenal karena kesederhanaannya, membutuhkan kurang dari 20 baris kode, dan membangkitkan nostalgia untuk pengembangan game yang inovatif selama era keterbatasan perangkat keras.
    • -
  • Game AAA modern berfokus pada optimasi yang kompleks dan tren pasar, sering kali mengorbankan orisinalitas, sedangkan game indie dan platform seperti PICO-8 memberikan kebebasan kreatif yang lebih besar.
    • -
  • Meskipun ada kemajuan teknologi, beberapa pengembang dan pemain merasa bahwa "keajaiban" dari permainan lama hilang, meskipun proyek inovatif seperti rendering voxel terus menginspirasi kreativitas.
    • -
-

Bagaimana cara menggambar garis besar dalam permainan video

-
    -
  • Artikel tersebut membahas lima teknik untuk membuat garis tepi di Unity, sebuah platform pengembangan game yang populer, dengan menyoroti penggunaannya dalam game seperti Sable dan The Last of Us. - Teknik-teknik tersebut meliputi Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm, dan Edge Detection, masing-masing dengan keunggulan dan kompromi unik dalam hal kinerja dan kualitas visual. - Artikel ini memberikan wawasan tentang cara menyeimbangkan metode-metode ini untuk estetika game yang optimal dan dukungan gameplay, dengan sumber daya tambahan dan kredit untuk model 3D yang disertakan.
    • -
-

Reaksi

-
    -
  • Artikel ini mengeksplorasi teknik-teknik canggih untuk menggambar garis luar dalam video game, menekankan efisiensi Algoritma Jump Flood (JFA) dan Signed Distance Fields (SDFs) dibandingkan metode tradisional. - Artikel ini mendalami grafis 3D bergaya, membahas teknik rendering dan potensi penggunaan jaringan saraf untuk pencahayaan dan penataan. - Para kontributor memberikan wawasan tentang perkembangan historis cel shading dalam game, seperti Jet Set Radio, menyoroti persimpangan yang berkembang antara teknologi dan seni dalam grafis 3D.
    • -
-

Saya berhenti dari Washington Post

-

Reaksi

-
    -
  • Penulis tersebut meninggalkan Washington Post karena kegagalannya beradaptasi dengan lanskap media yang berkembang dan pendekatannya dalam menyajikan isu-isu, yang mereka anggap tidak efektif untuk topik kritis seperti demokrasi.
    • -
  • Media tradisional, terutama surat kabar lokal, sedang mengalami kesulitan keuangan, yang mengarah pada pelaporan yang bias dan penurunan kepercayaan publik, sementara media sosial tidak dapat menggantikan kerja jurnalistik yang ketat.
    • -
  • Keprihatinan muncul mengenai pengaruh individu kaya, seperti Jeff Bezos, terhadap media massa, dan dampak kepentingan korporasi terhadap peran media dalam mempertanggungjawabkan kekuasaan.
    • -
-

Perplexity mendapatkan iklan

-

Reaksi

-
    -
  • Perplexity telah memperkenalkan iklan, yang memicu diskusi tentang keniscayaan iklan dalam layanan online karena keengganan konsumen untuk membayar pengalaman bebas iklan. - Beberapa pengguna merasa iklan mengganggu dan lebih memilih layanan berbasis langganan seperti Kagi, yang menawarkan pencarian bebas iklan, sementara yang lain terus memilih opsi gratis yang didukung iklan. - Situasi ini menyoroti perdebatan yang sedang berlangsung antara model yang didukung iklan dan berbasis langganan dalam layanan digital.
    • -
- - - - - -]]> - https://hn.cho.sh/id/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/it.xml b/static/rss/newsletter/it.xml index 7b92d46a7..48f8fe504 100644 --- a/static/rss/newsletter/it.xml +++ b/static/rss/newsletter/it.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

Un ricercatore di sicurezza di Snyk distribuisce pacchetti NPM dannosi prendendo di mira cursor.com

+
    +
  • Un ricercatore di sicurezza di Snyk ha rilasciato pacchetti NPM dannosi mirati a Cursor.com, un'azienda di codifica AI, per raccogliere dati di sistema e inviarli a un servizio controllato da un attaccante.
    • +
  • I pacchetti, identificati come "cursor-retrieval", "cursor-always-local" e "cursor-shadow-workspace", sono stati segnalati dallo scanner di analisi dei pacchetti OpenSSF, risultando negli avvisi MAL-2025-27, MAL-2025-28 e MAL-2025-29.
    • +
  • Questo incidente evidenzia l'importanza di esaminare attentamente i pacchetti NPM prima dell'installazione per evitare potenziali minacce alla sicurezza.
    • +
+

Reazioni

+
    +
  • Un ricercatore di sicurezza di Snyk ha rilasciato pacchetti NPM (Node Package Manager) dannosi mirati a cursor.com, evidenziando vulnerabilità di confusione delle dipendenze. - L'incidente ha suscitato un dibattito sull'etica della ricerca sulla sicurezza, in particolare riguardo all'esposizione pubblica delle variabili d'ambiente. - Cursor.com ha chiarito di non aver autorizzato l'azione, e Snyk si è successivamente scusato, sottolineando le sfide nel bilanciare la ricerca sulla sicurezza offensiva con gli standard etici.
    • +
+

Io sono passato a Firefox e non sono mai tornato indietro

+
    +
  • Firefox è apprezzato per la sua gestione superiore delle schede, la funzione Pocket integrata per salvare i link e un servizio di inoltro email incentrato sulla privacy, rendendolo una valida alternativa a Chrome. - Funzionalità aggiuntive come uno strumento di screenshot facile da usare, un pulsante ChatGPT, la modalità Picture-in-Picture, opzioni di ricerca personalizzabili e uno scorrimento fluido migliorano l'esperienza di navigazione. - Sebbene Firefox manchi della funzione di app web di Chrome, il suo design attento e la ridotta richiesta di risorse lo rendono una scelta preferita per alcuni utenti.
    • +
+

Reazioni

+
    +
  • Gli utenti di Firefox affrontano sfide da piattaforme come YouTube, che potrebbero intenzionalmente degradare l'esperienza per i browser non Google o per gli utenti che utilizzano adblocker. - Questa tendenza solleva preoccupazioni riguardo all'autonomia degli utenti, poiché penalizza coloro che optano per un'esperienza web senza pubblicità e sorveglianza. - Firefox offre funzionalità uniche, come le schede contenitore, che migliorano la privacy e l'usabilità, rendendolo una scelta preferita per gli utenti che cercano indipendenza dai browser controllati da grandi aziende.
    • +
+

Il CEO di Sonos si dimette dopo il fiasco dell'aggiornamento dell'app

+

Reazioni

+
    +
  • Il CEO di Sonos si è dimesso a seguito di un controverso aggiornamento dell'app che ha richiesto agli utenti di sostituire costosi sistemi audio, causando insoddisfazione tra i clienti. - L'aggiornamento ha introdotto un sistema basato su cloud, allontanandosi dal affidabile Universal Plug and Play (UPnP), il che ha portato a problemi di connettività e maggiore complessità. - Questa situazione sottolinea il conflitto tra strategie aziendali e mantenimento della fiducia dei clienti, mentre il CEO passa a un ruolo di consulenza con un pacchetto di buonuscita.
    • +
+

Nella pancia di MrBeast

+

Reazioni

+
    +
  • L'articolo esamina come l'algoritmo di YouTube influenzi la creazione di contenuti, utilizzando MrBeast come caso di studio, evidenziando un passaggio verso contenuti guidati dall'engagement piuttosto che significativi. - Discute le implicazioni più ampie per l'alfabetizzazione mediatica e l'impatto culturale di piattaforme come YouTube e TikTok, suggerendo una tendenza verso contenuti superficiali e reazionari. - Vengono considerate varie prospettive sul ruolo degli algoritmi nel plasmare i contenuti e l'influenza dei creatori popolari sulle norme culturali.
    • +
+

Le operazioni Git su GitHub sono inattive

+
    +
  • GitHub ha affrontato un'interruzione delle operazioni Git il 13 gennaio 2025, a causa di una modifica di configurazione che ha influenzato il bilanciatore di carico interno, durata dalle 23:35 alle 00:24 UTC. - Il problema è stato risolto ripristinando la modifica di configurazione, e GitHub sta lavorando per migliorare i processi di monitoraggio e distribuzione per prevenire incidenti simili. - L'interruzione ha anche influenzato i servizi Actions e Pages di GitHub, evidenziando la natura interconnessa dei loro servizi di piattaforma.
    • +
+

Reazioni

+
    +
  • GitHub ha affrontato un'importante interruzione che ha influenzato le operazioni git, causando confusione tra gli sviluppatori che inizialmente sospettavano problemi con le loro chiavi SSH o configurazioni locali. - L'incidente ha sottolineato le sfide di affidarsi a servizi centralizzati, stimolando discussioni sui vantaggi dell'auto-hosting e dei sistemi decentralizzati. - Sebbene il problema sia stato risolto, ha evidenziato preoccupazioni sulla affidabilità di GitHub e i rischi di dipendere da piattaforme di terze parti per compiti essenziali.
    • +
+

ZFS 2.3 rilasciato con espansione ZFS raidz

+
    +
  • OpenZFS 2.3.0 è stato rilasciato, introducendo funzionalità significative come l'espansione RAIDZ, la deduplicazione veloce, l'input/output diretto, l'output JSON e il supporto per nomi di file lunghi. - Il rilascio include correzioni di bug essenziali e miglioramenti delle prestazioni, compatibile con i kernel Linux 4.18 - 6.12 e le versioni FreeBSD 13.3, 14.0 - 14.2. - L'aggiornamento è uno sforzo collaborativo di 134 contributori, con documentazione completa e un registro delle modifiche disponibile per la revisione.
    • +
+

Reazioni

+
    +
  • ZFS 2.3 è stato rilasciato, introducendo funzionalità come l'espansione RAIDZ, la deduplicazione veloce, l'IO diretto, l'output JSON e il supporto per nomi di file lunghi. - L'espansione RAIDZ è particolarmente degna di nota poiché consente agli utenti di aggiungere nuovi dispositivi a un pool RAIDZ esistente senza tempi di inattività, migliorando la capacità di archiviazione. - Il rilascio è considerato un avanzamento significativo per gli utenti ZFS, con confronti con altri filesystem come Btrfs e Windows Storage Spaces, nonostante alcune limitazioni come l'impossibilità di ridurre i pool.
    • +
+

Webtop – Contenitori Alpine, Ubuntu, Fedora e Arch contenenti ambienti desktop completi

+
    +
  • Linuxserver/webtop fornisce container basati su Alpine, Ubuntu, Fedora e Arch con ambienti desktop completi accessibili tramite browser web, supportando sia le architetture x86-64 che arm64.
    • +
  • Gli utenti possono scegliere tra vari ambienti desktop come XFCE, KDE, MATE, i3, Openbox e IceWM utilizzando tag di immagine specifici e accedere al Webtop tramite URL designati.
    • +
  • Le funzionalità di sicurezza includono l'opzione seccomp di Docker e la configurazione dell'autenticazione, con opzioni di personalizzazione disponibili tramite variabili d'ambiente, e supporto per l'accelerazione GPU con driver open-source.
    • +
+

Reazioni

+
    +
  • Webtop fornisce container con ambienti desktop completi per Alpine, Ubuntu, Fedora e Arch, adatti per configurazioni rapide dietro una VPN.
    • +
  • Gli utenti elogiano Webtop per la sua velocità e facilità d'uso, in particolare quando viene utilizzato con il container Gluetun per connessioni sicure, ma avvertono di non esporre i container a internet senza misure di sicurezza a causa della mancanza di autenticazione predefinita.
    • +
  • Il progetto è apprezzato per essere open-source e flessibile, con gli utenti che condividono configurazioni, e alternative come Kasm e Selkies sono notate per scopi simili.
    • +
+

1 su 5 annunci di lavoro online sono falsi o non vengono mai coperti, secondo uno studio

+
    +
  • Un recente studio indica che il 20% delle offerte di lavoro online sono false o rimangono non occupate, aumentando la frustrazione dei cercatori di lavoro. - Questa tendenza dei "lavori fantasma" potrebbe essere una tattica delle aziende per proiettare un'immagine di crescita. - Piattaforme di lavoro come Greenhouse e LinkedIn hanno introdotto servizi di verifica delle offerte di lavoro per aiutare gli utenti a identificare opportunità di lavoro autentiche.
    • +
+

Reazioni

+
    +
  • Uno studio rivela che il 20% delle offerte di lavoro online sono false o rimangono non occupate, spesso perché le aziende devono conformarsi alle politiche di immigrazione degli Stati Uniti. - Le aziende possono anche lasciare le offerte di lavoro aperte per trovare candidati ideali, cambiare i requisiti o avere candidati interni pre-selezionati. - Il mercato del lavoro è difficile per i candidati, che spesso incontrano ghosting e rifiuti automatizzati, spingendo a richiedere un intervento normativo.
    • +
+

Rendere un incrocio pericoloso per i pedoni per risparmiare secondi agli automobilisti

+

Reazioni

+
    +
  • Il dibattito si concentra sul fatto se le intersezioni debbano dare priorità alla sicurezza dei pedoni o all'efficienza dei conducenti, con alcuni che preferiscono le intersezioni controllate da semafori e gli attraversamenti pedonali a raso rispetto agli incroci a 4 vie.
    • +
  • Le opinioni variano sulle leggi del traffico e sul design delle infrastrutture, con discussioni sulla sicurezza dell'attraversamento pedonale non autorizzato e sui rischi associati alle svolte a destra con semaforo rosso.
    • +
  • Alcuni sostengono soluzioni alternative come le rotatorie o l'adozione degli standard di ingegneria del traffico olandesi per migliorare sia la sicurezza che l'efficienza.
    • +
+

PostgreSQL è il Sistema di Gestione di Database dell'Anno 2024

+
    +
  • PostgreSQL è stato premiato come DBMS dell'anno 2024 da DB-Engines, ottenendo questo riconoscimento per la quinta volta, superando 423 altri sistemi di gestione di database.
    • +
  • PostgreSQL, con una storia che si estende per quasi 35 anni, continua a innovare, come si vede nei recenti miglioramenti di PostgreSQL 17, rilasciato a settembre 2024.
    • +
  • Snowflake e Microsoft si sono assicurati rispettivamente il secondo e il terzo posto, con Snowflake noto per il suo data warehousing basato su cloud e il supporto multi-cloud, mentre Microsoft offre robusti database relazionali gestiti tramite Azure SQL Database e SQL Server.
    • +
+

Reazioni

+
    +
  • PostgreSQL è stato premiato come Database Management System dell'anno 2024 da db-engines.com, evidenziando la sua crescente popolarità e riconoscimento nel settore.
    • +
  • Gli utenti stanno considerando di passare da Microsoft SQL Server a PostgreSQL a causa degli elevati costi di licenza e delle limitazioni delle risorse, nonostante le potenziali sfide di migrazione.
    • +
  • PostgreSQL è apprezzato per le sue caratteristiche robuste e la convenienza economica, rendendolo una scelta preferita per i progetti futuri, sebbene alcuni utenti esplorino alternative come Babelfish per ridurre i costi.
    • +
+

Il login OAuth di Google non protegge dall'acquisto di un dominio di una startup fallita

+

Reazioni

+
    +
  • Il dibattito mette in evidenza una vulnerabilità nel sistema di login OAuth di Google quando il dominio di una startup fallita viene acquisito da un nuovo proprietario, potenzialmente consentendo l'accesso non autorizzato ai servizi.
    • +
  • Questo problema si verifica perché Google potrebbe non distinguere tra i proprietari originali e nuovi del dominio, influenzando qualsiasi sistema che utilizza l'autenticazione basata sul dominio.
    • +
  • Una soluzione proposta è quella di utilizzare identificatori unici che rimangono costanti nel tempo, sebbene l'implementazione di questa soluzione vari tra i fornitori di identità.
    • +
+

Utilizzare le competenze di programmazione per generare un reddito passivo

+
    +
  • L'autore è passato da un ruolo di CTO a solopreneur, guadagnando con successo di più attraverso un portafoglio di prodotti software.
    • +
  • Le strategie chiave includono concentrarsi sul lavoro profondo, iniziare con piccoli progetti, iterare rapidamente e dedicare tempo agli sforzi di marketing.
    • +
  • Il viaggio sottolinea la resilienza a causa delle incertezze, ma mette in evidenza l'autonomia e la libertà impareggiabili di questo percorso professionale, incoraggiando coloro che possiedono competenze di programmazione a considerarlo per un reddito passivo.
    • +
+

Reazioni

+
    +
  • Un utente ha descritto come generare reddito passivo attraverso siti web di spam SEO utilizzando nomi di dominio in scadenza, guadagnando circa $30k all'anno, nonostante le preoccupazioni etiche e la successiva repressione da parte di Google.
    • +
  • Il post ha suscitato un dibattito sul reddito passivo, con alcuni utenti che sostengono che sia più simile a gestire un'attività piuttosto che a guadagni veramente passivi.
    • +
  • I partecipanti hanno condiviso esperienze e sfide nei progetti paralleli, sottolineando l'importanza del tempo, della resilienza e della pianificazione strategica.
    • +
+

Spagna propone una tassa del 100% sulle case acquistate da residenti non UE

+
    +
  • Spagna sta considerando un'imposta del 100% sugli acquisti immobiliari da parte di residenti non UE, con l'obiettivo di affrontare la crisi abitativa e frenare gli acquisti speculativi.
    • +
  • Il piano del Primo Ministro Pedro Sánchez prevede l'espansione degli alloggi sociali e la regolamentazione degli affitti turistici per affrontare la disparità tra i prezzi delle case e i redditi.
    • +
  • Il futuro della proposta come legge è incerto, con alcuni analisti che la vedono come un deterrente per gli investitori stranieri piuttosto che un cambiamento legislativo garantito.
    • +
+

Reazioni

+
    +
  • Spagna sta considerando un'imposta del 100% sulle case acquistate da residenti non UE per affrontare i problemi di accessibilità abitativa. - I critici suggeriscono che gli acquirenti stranieri non sono la causa principale dei prezzi elevati delle case, citando la burocrazia lenta e le leggi urbanistiche come fattori più significativi. - La proposta ha acceso un dibattito sul ruolo della proprietà straniera nei mercati immobiliari e sulla sua efficacia nel risolvere i problemi di accessibilità.
    • +
+

Apple riceverà presto chip 'made in America' dalla fabbrica di TSMC in Arizona

+
    +
  • Apple sta testando i processori della struttura di TSMC in Arizona, con piani per la produzione di massa entro il primo trimestre, potenzialmente diventando il primo cliente statunitense di TSMC per i chip prodotti localmente. - Questa iniziativa mira a rafforzare l'indipendenza del silicio degli Stati Uniti, riducendo la dipendenza da Taiwan, che è vulnerabile a rischi geopolitici e naturali. - La fabbrica di TSMC in Arizona è destinata a produrre chip avanzati a 3nm e 2nm, con sforzi in corso per migliorare il reclutamento locale e le collaborazioni con le università statunitensi, anche se l'imballaggio inizialmente avverrà a Taiwan fino a quando la struttura di Peoria sarà operativa.
    • +
+

Reazioni

+
    +
  • Apple riceverà chip dall'impianto di TSMC in Arizona, ma devono essere rispediti a Taiwan per l'imballaggio a causa dell'insufficienza delle strutture negli Stati Uniti. - Oltre il 50% della forza lavoro nell'impianto dell'Arizona proviene da Taiwan, indicando una lacuna nel campo STEM (Scienza, Tecnologia, Ingegneria e Matematica) degli Stati Uniti. - L'iniziativa del CHIPS Act, volta a migliorare la produzione di semiconduttori negli Stati Uniti, affronta sfide poiché l'etichetta "Made in America" è messa in discussione a causa del processo di imballaggio che avviene a Taiwan, con piani per capacità di imballaggio negli Stati Uniti entro il 2027.
    • +
+

43.000 conducenti in meno sulle strade di Manhattan dopo l'attivazione della tariffazione della congestione

+
    +
  • Dopo l'implementazione della tariffazione della congestione, c'è stata una riduzione del 7,5% dei conducenti che entrano a Manhattan sotto la 60ª strada, pari a 43.000 conducenti in meno ogni giorno feriale.
    • +
  • La riduzione del traffico ha migliorato il flusso del traffico e aumentato la velocità degli autobus, con alcuni autobus espressi che registrano un aumento del numero di passeggeri.
    • +
  • Il Metropolitan Transportation Authority (MTA) utilizza i ricavi dei pedaggi, stimati a 500 milioni di dollari all'anno, per miglioramenti del trasporto pubblico, nonostante alcune opposizioni politiche.
    • +
+

Reazioni

+
    +
  • Il sistema di tariffazione della congestione implementato a Manhattan ha portato a 43.000 conducenti in meno, con un conseguente aumento della velocità degli autobus e potenzialmente tempi di risposta migliori per le emergenze.
    • +
  • La politica è progettata per ridurre la congestione del traffico e migliorare la qualità dell'aria, anche se ha suscitato dibattiti sul suo impatto sulle persone a basso reddito.
    • +
  • Secondo i sostenitori, i vantaggi includono un trasporto pubblico più efficiente e un'aria più pulita, mentre continuano le discussioni su come bilanciare questi vantaggi con le esigenze degli automobilisti.
    • +
+ + + + + +]]> + https://hn.cho.sh/it/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Volvo 1993 a guida autonoma con open pilot

-
    -
  • Un gruppo di amici ha partecipato all'edizione invernale del Carbage Run 2025, un rally di 6 giorni attraverso la Svezia fino al circolo polare e ritorno a Helsinki, che richiede auto di almeno 20 anni e con un valore inferiore a €1000.
    • -
  • Hanno trasformato una Volvo 940 Estate del 1993 in un veicolo a guida autonoma utilizzando openpilot di comma.ai, incorporando componenti moderni come il servosterzo elettrico, un Bosch iBooster e un sensore radar Tesla.
    • -
  • Futuri aggiornamenti includeranno dettagli sul cablaggio, una centralina elettronica (ECU) personalizzata e piani per rendere open-source il codice, mettendo in evidenza l'approccio innovativo del progetto per l'aggiornamento di veicoli più vecchi con tecnologia autonoma.
    • -
-

Reazioni

-
    -
  • Una Volvo 940 del 1993 è stata adattata con OpenPilot, una tecnologia di guida autonoma, mettendo in evidenza l'intersezione tra il design delle auto classiche e la tecnologia moderna.
    • -
  • Il progetto ha affrontato sfide, tra cui l'aggiornamento dei sistemi di frenata e sterzo, sollevando preoccupazioni legali e di sicurezza, in particolare con modifiche fai-da-te come la saldatura della colonna dello sterzo.
    • -
  • Il dibattito si è esteso alle normative automobilistiche in Europa, al declino delle hotrod negli Stati Uniti e alle differenze culturali nelle libertà di modifica delle auto, con il progetto visto come uno sforzo fai-da-te ispiratore nonostante le preoccupazioni per la sicurezza.
    • -
-

VoxelSpace: Algoritmo di rendering del terreno in meno di 20 righe di codice (2020)

-
    -
  • Il gioco Comanche del 1992 di NovaLogic utilizzava il motore Voxel Space, una tecnica di rendering 2.5D basata sul ray casting, per creare terreni dettagliati con ombreggiature e ombre.
    • -
  • Il motore Voxel Space utilizzava mappe di altezza e colore e un semplice algoritmo di rendering, disegnando linee verticali da dietro a davanti, che potevano essere ottimizzate per le prestazioni.
    • -
  • Il codice del motore è disponibile sotto la licenza MIT, ma la tecnologia potrebbe essere ancora brevettata in alcune regioni.
    • -
-

Reazioni

-
    -
  • VoxelSpace è un algoritmo di rendering del terreno noto per la sua semplicità, richiedendo meno di 20 righe di codice, e suscita nostalgia per lo sviluppo innovativo dei giochi durante le epoche con limitazioni hardware.
    • -
  • I giochi AAA moderni si concentrano su ottimizzazioni complesse e tendenze di mercato, spesso a scapito dell'originalità, mentre i giochi indie e le piattaforme come PICO-8 offrono maggiore libertà creativa.
    • -
  • Nonostante i progressi tecnologici, alcuni sviluppatori e giocatori sentono che la "magia" dei giochi più vecchi manca, anche se progetti innovativi come il rendering voxel continuano a ispirare creatività.
    • -
-

Come disegnare un contorno in un videogioco

-
    -
  • L'articolo discute cinque tecniche per il rendering dei contorni in Unity, una popolare piattaforma di sviluppo di giochi, evidenziando il loro utilizzo in giochi come Sable e The Last of Us. - Le tecniche includono Effetti di Bordo, Estrusione dei Vertici, Buffer Sfocato, Algoritmo di Jump Flood e Rilevamento dei Bordi, ciascuna con vantaggi unici e compromessi in termini di prestazioni e qualità visiva. - L'articolo fornisce approfondimenti su come bilanciare questi metodi per un'estetica di gioco ottimale e supporto al gameplay, con risorse aggiuntive e crediti per i modelli 3D inclusi.
    • -
-

Reazioni

-
    -
  • L'articolo esplora tecniche avanzate per disegnare contorni nei videogiochi, sottolineando l'efficienza dell'algoritmo Jump Flood (JFA) e dei campi di distanza firmati (SDF) rispetto ai metodi tradizionali. - Si addentra nella grafica 3D stilizzata, discutendo tecniche di rendering e il potenziale uso delle reti neurali per l'illuminazione e lo stile. - I contributori forniscono approfondimenti sullo sviluppo storico del cel shading nei giochi, come Jet Set Radio, evidenziando l'evoluzione dell'intersezione tra tecnologia e arte nella grafica 3D.
    • -
-

Sto lasciando il Washington Post

-

Reazioni

-
    -
  • L'autore sta lasciando il Washington Post a causa della sua incapacità di adattarsi al panorama mediatico in evoluzione e al suo approccio alla presentazione delle questioni, che ritiene inefficace per argomenti critici come la democrazia.
    • -
  • Le media tradizionali, in particolare i giornali locali, stanno affrontando difficoltà finanziarie, portando a un giornalismo di parte e a un calo della fiducia pubblica, mentre i social media non possono sostituire il lavoro rigoroso del giornalismo.
    • -
  • Si sollevano preoccupazioni riguardo all'influenza di individui facoltosi, come Jeff Bezos, sui mezzi di comunicazione, e l'impatto degli interessi aziendali sul ruolo dei media nel tenere il potere sotto controllo.
    • -
-

Perplexity ha ottenuto annunci

-

Reazioni

-
    -
  • Perplexity ha introdotto pubblicità, portando a discussioni sull'inevitabilità degli annunci nei servizi online a causa della riluttanza dei consumatori a pagare per esperienze senza pubblicità. - Alcuni utenti trovano gli annunci invadenti e preferiscono servizi in abbonamento come Kagi, che offrono ricerche senza pubblicità, mentre altri continuano a scegliere opzioni gratuite supportate da annunci. - Questa situazione sottolinea il dibattito in corso tra modelli supportati da annunci e modelli basati su abbonamento nei servizi digitali.
    • -
- - - - - -]]> - https://hn.cho.sh/it/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/ja.xml b/static/rss/newsletter/ja.xml index d97fb0db6..28b5c06d6 100644 --- a/static/rss/newsletter/ja.xml +++ b/static/rss/newsletter/ja.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

「Snykのセキュリティ研究者が、cursor.comを標的とする悪意のあるNPMパッケージを展開」

+
    +
  • 「Snykのセキュリティ研究者が、AIコーディング会社であるCursor.comを標的とした悪意のあるNPMパッケージを公開し、システムデータを収集して攻撃者が制御するサービスに送信しました。」
    • +
  • 「パッケージ「cursor-retrieval」、「cursor-always-local」、「cursor-shadow-workspace」は、OpenSSFパッケージ分析スキャナーによってフラグが立てられ、勧告MAL-2025-27、MAL-2025-28、MAL-2025-29が発行されました。」
    • +
  • 「この事件は、潜在的なセキュリティ脅威を避けるために、インストール前にNPMパッケージを精査することの重要性を強調しています。」
    • +
+

反応

+
    +
  • 「Snykのセキュリティ研究者がcursor.comを狙った悪意のあるNPM(Node Package Manager)パッケージを公開し、依存関係の混乱による脆弱性を浮き彫りにしました。この事件は、特に環境変数の公表に関するセキュリティ研究の倫理についての議論を引き起こしました。Cursor.comはこの行動を許可していないことを明らかにし、Snykはその後謝罪し、攻撃的なセキュリティ研究と倫理基準のバランスを取ることの難しさを強調しました。」
    • +
+

「私はFirefoxに切り替えて、振り返ることはありませんでした」

+
    +
  • 「Firefoxは、優れたタブ管理、リンクを保存するための内蔵Pocket機能、プライバシーに配慮したメールリレーで称賛されており、Chromeの強力な代替手段となっています。- ユーザーフレンドリーなスクリーンショットツール、ChatGPTボタン、ピクチャーインピクチャー、カスタマイズ可能な検索オプション、スムーズなスクロールなどの追加機能がブラウジング体験を向上させます。- FirefoxはChromeのウェブアプリ機能を欠いているものの、その考え抜かれたデザインとリソースの少ない要求が、一部のユーザーにとって好ましい選択肢となっています。」
    • +
+

反応

+
    +
  • 「Firefoxのユーザーは、YouTubeのようなプラットフォームからの挑戦に直面しています。これらのプラットフォームは、非Googleブラウザや広告ブロッカーを使用するユーザーに対して意図的に体験を劣化させることがあります。この傾向は、広告なしで監視のないウェブ体験を選ぶユーザーを罰するものであり、ユーザーの自主性に関する懸念を引き起こしています。Firefoxは、コンテナタブのようなプライバシーと使いやすさを向上させる独自の機能を提供しており、大手企業が管理するブラウザからの独立を求めるユーザーにとって好まれる選択肢となっています。」
    • +
+

「SonosのCEOがアプリの更新問題を受けて辞任」

+

反応

+
    +
  • 「SonosのCEOは、ユーザーに高価なサウンドシステムの交換を要求する物議を醸したアプリのアップデートに続いて辞任しました。このアップデートはクラウドベースのシステムを導入し、信頼性のあるUniversal Plug and Play(UPnP)から移行したため、接続の問題や複雑さが増しました。この状況は、ビジネス戦略と顧客の信頼維持の間の対立を浮き彫りにしており、CEOは退職金を伴うアドバイザリー役に移行します。」
    • +
+

MrBeastの腹の中で

+

反応

+
    +
  • 「このエッセイは、YouTubeのアルゴリズムがコンテンツ制作にどのように影響を与えるかを、MrBeastを事例として検討し、意味のあるコンテンツよりもエンゲージメント重視の方向へのシフトを強調しています。 - メディアリテラシーへの広範な影響と、YouTubeやTikTokのようなプラットフォームの文化的影響について議論し、表面的で反応的なコンテンツへの傾向を示唆しています。 - アルゴリズムがコンテンツを形成する役割と、人気クリエイターが文化的規範に与える影響について、さまざまな視点が考慮されています。」
    • +
+

GitHubのGit操作が停止しています

+
    +
  • 「GitHubは、2025年1月13日に内部ロードバランサーに影響を与える設定変更のため、23:35から00:24 UTCまでGit操作の障害に直面しました。この問題は設定変更を元に戻すことで解決され、GitHubは同様のインシデントを防ぐために監視と展開プロセスの改善に取り組んでいます。この障害はGitHubのActionsとPagesサービスにも影響を与え、プラットフォームサービスの相互接続性を浮き彫りにしました。」
    • +
+

反応

+
    +
  • 「GitHubはgit操作に影響を与える大規模な障害に直面し、開発者たちは最初、SSHキーやローカル設定に問題があると疑いました。このインシデントは、集中型サービスに依存することの課題を浮き彫りにし、セルフホスティングや分散型システムの利点についての議論を促しました。問題は解決されたものの、GitHubの信頼性や、重要な作業をサードパーティプラットフォームに依存することのリスクに対する懸念が浮き彫りになりました。」
    • +
+

「ZFS 2.3がZFS raidz拡張機能と共にリリースされました」

+
    +
  • 「OpenZFS 2.3.0がリリースされ、RAIDZ拡張、迅速な重複排除、直接入出力、JSON出力、長いファイル名のサポートなどの重要な機能が導入されました。このリリースには、Linuxカーネル4.18 - 6.12およびFreeBSDバージョン13.3、14.0 - 14.2と互換性のある重要なバグ修正とパフォーマンスの向上が含まれています。このアップデートは134人の貢献者による共同作業の成果であり、包括的なドキュメントと変更ログがレビューのために利用可能です。」
    • +
+

反応

+
    +
  • ZFS 2.3がリリースされ、RAIDZ拡張、迅速な重複排除、ダイレクトIO、JSON出力、長いファイル名のサポートなどの機能が導入されました。- 特にRAIDZ拡張は注目に値し、ユーザーが既存のRAIDZプールに新しいデバイスをダウンタイムなしで追加できるようにし、ストレージ容量を拡張します。- このリリースはZFSユーザーにとって重要な進歩と見なされており、BtrfsやWindows Storage Spacesなどの他のファイルシステムと比較されていますが、プールを縮小できないといったいくつかの制限もあります。
    • +
+

Webtop – フルデスクトップ環境を含むAlpine、Ubuntu、Fedora、およびArchコンテナ

+
    +
  • Linuxserver/webtopは、Alpine、Ubuntu、Fedora、Archに基づいたコンテナを提供し、ウェブブラウザを通じてアクセス可能なフルデスクトップ環境を備えており、x86-64とarm64の両方のアーキテクチャをサポートしています。
    • +
  • ユーザーは、特定のイメージタグを使用して、XFCE、KDE、MATE、i3、Openbox、IceWMなどのさまざまなデスクトップ環境を選択し、指定されたURLを介してWebtopにアクセスできます。
    • +
  • 「セキュリティ機能には、Dockerのseccompオプションと認証設定が含まれ、環境変数を通じてカスタマイズオプションが利用可能であり、オープンソースドライバーによるGPUアクセラレーションのサポートもあります。」
    • +
+

反応

+
    +
  • Webtopは、Alpine、Ubuntu、Fedora、Archのフルデスクトップ環境を備えたコンテナを提供しており、VPNの背後での迅速なセットアップに適しています。
    • +
  • 「ユーザーは、Webtopがその速度と使いやすさで特にGluetunコンテナと組み合わせて安全な接続を行う際に称賛していますが、デフォルトの認証がないため、セキュリティ対策なしでコンテナをインターネットに公開することに対しては注意を促しています。」
    • +
  • 「このプロジェクトはオープンソースで柔軟性があることが評価されており、ユーザーが設定を共有しています。また、KasmやSelkiesのような代替案も同様の目的で注目されています。」
    • +
+

「オンライン求人の5件に1件は偽物であるか、または決して埋まらないことが研究で判明」

+
    +
  • 「最近の研究によると、オンライン求人の20%が偽物であるか、未充足のままであり、求職者の不満を増大させています。この「ゴーストジョブ」トレンドは、企業が成長のイメージを投影するための戦術である可能性があります。GreenhouseやLinkedInなどの求人プラットフォームは、ユーザーが本物の求人を見分けるのを助けるために求人確認サービスを導入しています。」
    • +
+

反応

+
    +
  • 「調査によると、オンライン求人の20%が偽造であるか、未充足のままであることが明らかになりました。これはしばしば、企業が米国の移民政策に従う必要があるためです。企業はまた、理想的な候補者を見つけるために求人を掲載し続けたり、要件を変更したり、内部で事前に選ばれた候補者を持っていることもあります。求職者にとっては、ゴースティングや自動拒否に頻繁に遭遇するため、規制の介入を求める声が上がっています。」
    • +
+

「歩行者の安全を犠牲にして、運転者の数秒を節約する交差点を作ること」

+

反応

+
    +
  • 「議論は、交差点が歩行者の安全を優先すべきか、運転者の効率を優先すべきかに焦点を当てており、一部の人々は4方向停止よりも信号制御の交差点や歩行者スクランブルを支持しています。」
    • +
  • 「交通法やインフラ設計に関する意見はさまざまで、信号無視の安全性や赤信号での右折に伴うリスクについての議論が行われています。」
    • +
  • 「一部の人々は、安全性と効率性を向上させるために、ラウンドアバウトやオランダの交通工学基準の採用などの代替解決策を提唱しています。」
    • +
+

「PostgreSQLは2024年のデータベース管理システム・オブ・ザ・イヤーです」

+
    +
  • 「PostgreSQLは、DB-Enginesによって2024年のDBMSオブザイヤーに選ばれ、423の他のデータベース管理システムを上回り、5回目の受賞を果たしました。」
    • +
  • 「PostgreSQLは、約35年にわたる歴史を持ち、2024年9月にリリースされたPostgreSQL 17の最近の強化に見られるように、革新を続けています。」
    • +
  • 「スノーフレークとマイクロソフトはそれぞれ2位と3位を獲得しました。スノーフレークはクラウドベースのデータウェアハウジングとマルチクラウドサポートで注目され、マイクロソフトはAzure SQL DatabaseとSQL Serverを通じて強力なマネージドリレーショナルデータベースを提供しています。」
    • +
+

反応

+
    +
  • 「PostgreSQLは、db-engines.comによって2024年のデータベース管理システム・オブ・ザ・イヤーに選ばれ、その業界での人気と認知度の高まりが強調されています。」
    • +
  • 「ユーザーは、移行の課題があるにもかかわらず、高いライセンスコストとリソースの制限のために、Microsoft SQL ServerからPostgreSQLへの切り替えを検討しています。」
    • +
  • 「PostgreSQLは、その堅牢な機能とコスト効率の良さから、将来のプロジェクトにおいて好まれる選択肢となっていますが、一部のユーザーはコスト削減のためにBabelfishのような代替案を模索しています。」
    • +
+

「GoogleのOAuthログインは、失敗したスタートアップのドメイン購入に対して保護しません」

+

反応

+
    +
  • 「この議論は、失敗したスタートアップのドメインが新しい所有者に取得された際に、GoogleのOAuthログインシステムにおける脆弱性を強調しており、これがサービスへの不正アクセスを可能にする可能性があることを示しています。」
    • +
  • 「この問題は、Googleが元のドメイン所有者と新しいドメイン所有者を区別できない可能性があるために発生し、ドメインベースの認証を使用するシステムに影響を与える可能性があります。」
    • +
  • 「提案された解決策は、時間が経っても変わらない一意の識別子を使用することですが、この解決策の実施はアイデンティティプロバイダーによって異なります。」
    • +
+

「コーディングスキルを活用して不労所得を得る」

+
    +
  • 「著者はCTOの役職からソロプレナーに転身し、ソフトウェア製品のポートフォリオを通じてより多くの収入を得ることに成功しました。」
    • +
  • 「主な戦略には、深い作業に集中すること、小さなプロジェクトから始めること、迅速に反復すること、そしてマーケティング活動に時間を割くことが含まれます。」
    • +
  • この旅は不確実性によるレジリエンスを強調していますが、このキャリアパスの比類のない自律性と自由を強調し、コーディングスキルを持つ人々に受動的収入のためにそれを検討するよう促しています。
    • +
+

反応

+
    +
  • 「あるユーザーが、期限切れのドメイン名を使用したSEOスパムウェブサイトを通じて受動的収入を得ており、倫理的な懸念やGoogleの最終的な取り締まりにもかかわらず、年間約3万ドルを稼いでいると説明しました。」
    • +
  • 「その投稿はパッシブインカムについての議論を引き起こし、一部のユーザーはそれが本当に受動的な収入というよりも、ビジネスを運営することに近いと主張しました。」
    • +
  • 「参加者はサイドプロジェクトでの経験と課題を共有し、時間、レジリエンス、戦略的計画の重要性を強調しました。」
    • +
+

「スペイン、非EU居住者による住宅購入に対して100%の税を提案」

+
    +
  • 「スペインは、住宅危機に対処し、投機的な購入を抑制することを目的として、非EU居住者による不動産購入に対して100%の税を検討しています。」
    • +
  • 「首相ペドロ・サンチェスの提案には、住宅価格と収入の格差に対処するために、社会住宅の拡大と観光賃貸の規制が含まれています。」
    • +
  • 「提案の法制化の将来は不確実であり、一部のアナリストはこれを確実な法改正というよりも、むしろ外国投資家への抑止力と見なしています。」
    • +
+

反応

+
    +
  • 「スペインは、住宅の手頃な価格の問題に対処するために、非EU居住者によって購入された住宅に対して100%の税を検討しています。批評家は、外国人購入者が高い住宅価格の主な原因ではないとし、遅い官僚主義やゾーニング法がより重要な要因であると指摘しています。この提案は、住宅市場における外国人所有の役割と、手頃な価格の問題を解決する効果についての議論を引き起こしています。」
    • +
+

「アップルはまもなく、TSMCのアリゾナ工場から『メイド・イン・アメリカ』のチップを受け取る予定です」

+
    +
  • 「AppleはTSMCのアリゾナ施設からのプロセッサをテストしており、第一四半期までに量産を計画している。これにより、TSMCの米国で製造されたチップの最初の顧客になる可能性がある。この取り組みは、台湾に依存しがちなシリコンの独立性を強化し、地政学的および自然のリスクに対する脆弱性を減少させることを目的としている。TSMCのアリゾナ工場は、先進的な3nmおよび2nmチップを生産する予定であり、地元の採用と米国の大学との提携を強化する努力が続けられているが、パッケージングは当初、ピオリア施設が稼働するまで台湾で行われる予定である。」
    • +
+

反応

+
    +
  • 「アップルはTSMCのアリゾナ工場からチップを受け取りますが、米国の施設が不十分なため、パッケージングのために台湾に送り返す必要があります。- アリゾナ工場の労働力の50%以上が台湾から来ており、米国のSTEM(科学、技術、工学、数学)分野のギャップを示しています。- 米国の半導体製造を強化することを目的としたCHIPS法のイニシアチブは、パッケージングプロセスが台湾で行われるため、「メイド・イン・アメリカ」ラベルが疑問視され、2027年までに米国でのパッケージング能力を計画していることから、課題に直面しています。」
    • +
+

「混雑料金が導入された後、マンハッタンの道路から43,000人のドライバーが減少」

+
    +
  • 「混雑料金制度が導入された後、60丁目より南のマンハッタンに入る運転手が7.5%減少し、平日ごとに43,000人の運転手が減少しました。」
    • +
  • 「交通量の減少により交通の流れが改善され、バスの速度が向上し、一部の急行バスでは乗客数が増加しています。」
    • +
  • メトロポリタン交通局(MTA)は、年間約5億ドルと見積もられる通行料収入を、政治的な反対があるにもかかわらず、交通改善のために使用しています。
    • +
+

反応

+
    +
  • 「マンハッタンでの混雑料金の導入により、43,000人の運転手が減少し、バスの速度が向上し、緊急対応時間が改善される可能性があります。」
    • +
  • 「この政策は交通渋滞を緩和し、空気の質を改善することを目的としていますが、低所得者層への影響について議論を引き起こしています。」
    • +
  • 「支持者は、利点としてより効率的な公共交通機関と清潔な空気を挙げており、これらの利点と運転者のニーズをどのようにバランスさせるかについての議論が続いています。」
    • +
+ + + + + +]]> + https://hn.cho.sh/ja/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

「オープンパイロットを搭載した1993年製ボルボの自動運転車」

-
    -
  • 友人のグループが、2025年の冬版のカーベージランに参加しました。これは、スウェーデンを通り、北極圏まで行き、ヘルシンキに戻る6日間のラリーで、参加車両は少なくとも20年以上前のもので、価値が1000ユーロ未満であることが求められます。
    • -
  • 「彼らは、1993年製のボルボ940エステートを、comma.aiのオープンパイロットを使用して自動運転車に変え、電動パワーステアリング、ボッシュのiBooster、テスラのレーダーセンサーなどの最新コンポーネントを組み込みました。」
    • -
  • 「将来のアップデートには、配線の詳細、カスタムエンジンコントロールユニット(ECU)、およびコードをオープンソース化する計画が含まれ、古い車両に自律技術を後付けするというプロジェクトの革新的なアプローチが強調されます。」
    • -
-

反応

-
    -
  • 「1993年製のボルボ940が、クラシックカーのデザインと最新技術の交差点を示す自動運転技術であるOpenPilotを搭載するように改造されました。」
    • -
  • 「プロジェクトは、ブレーキとステアリングシステムの更新を含む課題に直面し、特にステアリングコラムの溶接のようなDIY改造に関して、法的および安全性の懸念を引き起こしました。」
    • -
  • 「議論はヨーロッパの自動車規制、アメリカでのホットロッドの衰退、そして自動車改造の自由における文化的な違いにまで及び、安全性の懸念があるにもかかわらず、このプロジェクトはインスピレーションを与えるDIYの取り組みとして見られました。」
    • -
-

「VoxelSpace: 20行未満のコードでの地形レンダリングアルゴリズム (2020)」

-
    -
  • 「NovaLogicの1992年のゲーム『Comanche』は、ボクセルスペースエンジンという2.5Dレンダリング技術を使用し、レイキャスティングに基づいて詳細な地形を陰影と影で作成しました。」
    • -
  • ボクセルスペースエンジンは、高度マップとカラーマップを使用し、シンプルなレンダリングアルゴリズムを採用しており、後ろから前に向かって垂直線を描画することで、パフォーマンスの最適化が可能でした。
    • -
  • 「エンジンのコードはMITライセンスの下で利用可能ですが、技術は特定の地域で特許が取得されている可能性があります。」
    • -
-

反応

-
    -
  • 「VoxelSpaceは、そのシンプルさで注目される地形レンダリングアルゴリズムで、20行未満のコードで実装可能です。ハードウェアが制限されていた時代の革新的なゲーム開発を思い起こさせるものです。」
    • -
  • 「現代のAAAゲームは、しばしば独創性を犠牲にして、複雑な最適化や市場のトレンドに焦点を当てていますが、一方でインディーゲームやPICO-8のようなプラットフォームは、より創造的な自由を提供します。」
    • -
  • 「技術の進歩にもかかわらず、一部の開発者やプレイヤーは、古いゲームの「魔法」が失われていると感じていますが、ボクセルレンダリングのような革新的なプロジェクトは引き続き創造性を刺激しています。」
    • -
-

「ビデオゲームでアウトラインを描く方法」

-
    -
  • 「この記事では、人気のゲーム開発プラットフォームであるUnityにおけるアウトライン描画の5つの技術について論じており、SableやThe Last of Usのようなゲームでの使用を強調しています。技術には、リムエフェクト、頂点押し出し、ぼかしバッファ、ジャンプフラッドアルゴリズム、エッジ検出が含まれ、それぞれがパフォーマンスと視覚品質における独自の利点とトレードオフを持っています。この記事は、これらの方法を最適なゲーム美学とゲームプレイのサポートのためにバランスを取るための洞察を提供し、3Dモデルの追加リソースとクレジットも含まれています。」
    • -
-

反応

-
    -
  • 「この記事は、ビデオゲームにおけるアウトライン描画の高度な技術を探求し、従来の方法に比べてジャンプフラッドアルゴリズム(JFA)と符号付き距離場(SDF)の効率性を強調しています。スタイライズされた3Dグラフィックスに深く入り込み、レンダリング技術やライティングとスタイリングにおけるニューラルネットワークの潜在的な使用について議論しています。寄稿者は、ジェットセットラジオのようなゲームにおけるセルシェーディングの歴史的発展についての洞察を提供し、3Dグラフィックスにおける技術とアートの進化する交差点を強調しています。」
    • -
-

ワシントン・ポストを辞めます

-

反応

-
    -
  • 「著者は、進化するメディア環境に適応できず、民主主義のような重要なトピックに対するアプローチが効果的でないと考えているため、ワシントン・ポストを去ることになりました。」
    • -
  • 「伝統的なメディア、特に地方新聞は財政的に苦境に立たされており、それが偏った報道や公共の信頼の低下につながっています。一方で、ソーシャルメディアはジャーナリズムの厳密な作業を代替することはできません。」
    • -
  • 「裕福な個人、例えばジェフ・ベゾスがメディアに与える影響や、企業の利益が権力を監視するメディアの役割に及ぼす影響について懸念が提起されています。」
    • -
-

「Perplexityに広告が表示されました」

-

反応

-
    -
  • 「Perplexityは広告を導入し、消費者が広告なしの体験に対して支払うことに消極的であるため、オンラインサービスにおける広告の不可避性についての議論を引き起こしています。- 一部のユーザーは広告を煩わしいと感じ、Kagiのような広告なしの検索を提供するサブスクリプションベースのサービスを好みますが、他のユーザーは引き続き無料の広告サポートオプションを選択しています。- この状況は、デジタルサービスにおける広告サポートモデルとサブスクリプションベースモデルの間の継続的な議論を浮き彫りにしています。」
    • -
- - - - - -]]> - https://hn.cho.sh/ja/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/ko.xml b/static/rss/newsletter/ko.xml index 6aa15b351..0b97d412a 100644 --- a/static/rss/newsletter/ko.xml +++ b/static/rss/newsletter/ko.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

시닉 보안 연구원이 cursor.com을 대상으로 하는 악성 NPM 패키지를 배포하다

+
    +
  • 한 Snyk 보안 연구원이 AI 코딩 회사인 Cursor.com을 대상으로 시스템 데이터를 수집하고 이를 공격자가 제어하는 서비스로 전송하기 위해 악성 NPM 패키지를 배포했습니다.
    • +
  • 이 패키지들은 "cursor-retrieval," "cursor-always-local," 및 "cursor-shadow-workspace"로 식별되었으며, OpenSSF 패키지 분석 스캐너에 의해 플래그가 지정되어 권고 사항 MAL-2025-27, MAL-2025-28, 및 MAL-2025-29가 발행되었습니다.
    • +
  • 이 사건은 잠재적인 보안 위협을 피하기 위해 NPM 패키지를 설치하기 전에 면밀히 검토하는 것의 중요성을 강조합니다.
    • +
+

반응

+
    +
  • 한 Snyk 보안 연구원이 cursor.com을 겨냥한 악성 NPM(Node Package Manager) 패키지를 공개하여 의존성 혼동 취약점을 강조했습니다. - 이 사건은 특히 환경 변수의 공개 노출과 관련하여 보안 연구의 윤리에 대한 논쟁을 촉발했습니다. - Cursor.com은 이 행동을 승인하지 않았다고 밝혔으며, Snyk는 이후 사과하면서 공격적 보안 연구와 윤리적 기준 간의 균형을 맞추는 데 있어 어려움을 강조했습니다.
    • +
+

파이어폭스로 전환하고 다시는 돌아보지 않았다

+
    +
  • Firefox는 우수한 탭 관리, 링크 저장을 위한 내장 Pocket 기능, 그리고 프라이버시 중심의 이메일 릴레이로 칭찬받으며 Chrome의 강력한 대안이 됩니다. - 사용자 친화적인 스크린샷 도구, ChatGPT 버튼, 화면 속 화면(Picture-in-Picture), 맞춤형 검색 옵션, 부드러운 스크롤링과 같은 추가 기능들이 브라우징 경험을 향상시킵니다. - Firefox는 Chrome의 웹 앱 기능이 부족하지만, 신중한 디자인과 감소된 자원 요구로 인해 일부 사용자들에게 선호되는 선택이 됩니다.
    • +
+

반응

+
    +
  • Firefox 사용자는 YouTube와 같은 플랫폼에서 비 Google 브라우저나 광고 차단기를 사용하는 사용자에게 의도적으로 경험을 저하시킬 수 있는 도전에 직면해 있습니다. - 이러한 경향은 광고 없는 감시 없는 웹 경험을 선택하는 사용자를 처벌하기 때문에 사용자 자율성에 대한 우려를 제기합니다. - Firefox는 컨테이너 탭과 같은 독특한 기능을 제공하여 프라이버시와 사용성을 향상시켜 주요 기업이 통제하는 브라우저로부터 독립을 추구하는 사용자에게 선호되는 선택이 되고 있습니다.
    • +
+

Sonos CEO, 앱 업데이트 문제로 사임

+

반응

+
    +
  • Sonos의 CEO가 논란이 된 앱 업데이트 이후 사임했습니다. 이 업데이트는 사용자들이 비싼 사운드 시스템을 교체하도록 요구하여 고객 불만을 초래했습니다. - 업데이트는 클라우드 기반 시스템을 도입하여 신뢰할 수 있는 Universal Plug and Play (UPnP)에서 벗어나게 했고, 이로 인해 연결 문제와 복잡성이 증가했습니다. - 이 상황은 비즈니스 전략과 고객 신뢰 유지 간의 갈등을 강조하며, CEO는 퇴직 패키지를 받으며 자문 역할로 전환합니다.
    • +
+

MrBeast의 배 속에서

+

반응

+
    +
  • 이 에세이는 YouTube의 알고리즘이 콘텐츠 제작에 어떻게 영향을 미치는지를 MrBeast를 사례로 사용하여 검토하며, 의미 있는 콘텐츠보다는 참여 중심으로의 전환을 강조합니다. - 이는 미디어 리터러시와 YouTube 및 TikTok과 같은 플랫폼의 문화적 영향에 대한 더 넓은 함의를 논의하며, 피상적이고 반응적인 콘텐츠로의 경향을 제안합니다. - 알고리즘이 콘텐츠를 형성하는 역할과 인기 있는 창작자들이 문화적 규범에 미치는 영향에 대한 다양한 관점이 고려됩니다.
    • +
+

GitHub Git 작업이 중단되었습니다

+
    +
  • GitHub은 2025년 1월 13일에 내부 로드 밸런서에 영향을 미치는 구성 변경으로 인해 Git 작업 중단을 겪었으며, 이는 23:35부터 00:24 UTC까지 지속되었습니다. - 문제는 구성 변경을 되돌림으로써 해결되었으며, GitHub은 유사한 사건을 방지하기 위해 모니터링 및 배포 프로세스를 개선하고 있습니다. - 이번 중단은 GitHub의 Actions 및 Pages 서비스에도 영향을 미쳐, 플랫폼 서비스의 상호 연결된 특성을 부각시켰습니다.
    • +
+

반응

+
    +
  • GitHub는 git 작업에 영향을 미치는 주요 장애를 겪었고, 이로 인해 개발자들은 처음에 자신의 SSH 키나 로컬 설정에 문제가 있다고 의심하게 되었습니다. - 이 사건은 중앙 집중식 서비스에 의존하는 것의 어려움을 강조하며, 자체 호스팅 및 분산 시스템의 장점에 대한 논의를 촉발했습니다. - 문제는 해결되었지만, GitHub의 신뢰성과 필수 작업을 위해 타사 플랫폼에 의존하는 것의 위험성에 대한 우려를 부각시켰습니다.
    • +
+

ZFS 2.3이 ZFS raidz 확장 기능과 함께 출시되었습니다.

+
    +
  • OpenZFS 2.3.0이 출시되어 RAIDZ 확장, 빠른 중복 제거, 직접 입출력, JSON 출력, 긴 파일 이름 지원과 같은 중요한 기능이 도입되었습니다. - 이번 릴리스에는 필수적인 버그 수정과 성능 향상이 포함되어 있으며, Linux 커널 4.18 - 6.12 및 FreeBSD 버전 13.3, 14.0 - 14.2와 호환됩니다. - 이 업데이트는 134명의 기여자가 협력한 결과로, 포괄적인 문서와 변경 로그가 검토를 위해 제공됩니다.
    • +
+

반응

+
    +
  • ZFS 2.3이 출시되어 RAIDZ 확장, 빠른 중복 제거, 직접 IO, JSON 출력, 긴 파일 이름 지원과 같은 기능이 도입되었습니다. - 특히 RAIDZ 확장은 사용자가 기존 RAIDZ 풀에 새로운 장치를 추가하여 다운타임 없이 저장 용량을 확장할 수 있게 해주는 점에서 주목할 만합니다. - 이번 출시는 ZFS 사용자에게 중요한 발전으로 간주되며, Btrfs 및 Windows Storage Spaces와 같은 다른 파일 시스템과 비교되고 있지만, 풀을 축소할 수 없는 등의 몇 가지 제한 사항이 있습니다.
    • +
+

Webtop – 전체 데스크톱 환경을 포함한 Alpine, Ubuntu, Fedora 및 Arch 컨테이너

+
    +
  • Linuxserver/webtop은 웹 브라우저를 통해 접근할 수 있는 전체 데스크톱 환경을 제공하는 컨테이너를 Alpine, Ubuntu, Fedora, Arch 기반으로 제공하며, x86-64 및 arm64 아키텍처를 모두 지원합니다.
    • +
  • 사용자는 특정 이미지 태그를 사용하여 XFCE, KDE, MATE, i3, Openbox, IceWM과 같은 다양한 데스크톱 환경을 선택할 수 있으며, 지정된 URL을 통해 Webtop에 접속할 수 있습니다.
    • +
  • 보안 기능에는 Docker의 seccomp 옵션과 인증 설정이 포함되며, 환경 변수를 통한 사용자 정의 옵션과 오픈 소스 드라이버를 통한 GPU 가속 지원이 포함됩니다.
    • +
+

반응

+
    +
  • Webtop은 Alpine, Ubuntu, Fedora 및 Arch에 대한 전체 데스크톱 환경을 갖춘 컨테이너를 제공하여 VPN 뒤에서 빠르게 설정할 수 있습니다.
    • +
  • 사용자들은 Webtop이 속도와 사용의 용이성 면에서 특히 Gluetun 컨테이너와 함께 사용할 때 칭찬하지만, 기본 인증이 없기 때문에 보안 조치 없이 컨테이너를 인터넷에 노출하는 것에 대해 주의를 당부합니다.
    • +
  • 이 프로젝트는 오픈 소스와 유연성으로 평가받고 있으며, 사용자들이 구성 설정을 공유하고 Kasm과 Selkies와 같은 대안들이 유사한 목적으로 주목받고 있습니다.
    • +
+

연구에 따르면 온라인 구인 공고 중 5개 중 1개는 가짜이거나 채워지지 않는 것으로 나타났습니다.

+
    +
  • 최근 연구에 따르면 온라인 구인 공고의 20%가 가짜이거나 채워지지 않은 상태로 남아 있어 구직자들의 좌절감을 더하고 있습니다. - 이러한 '유령 일자리' 트렌드는 기업들이 성장 이미지를 투영하기 위한 전술일 수 있습니다. - Greenhouse와 LinkedIn과 같은 구인 플랫폼은 사용자들이 진정한 취업 기회를 식별할 수 있도록 돕기 위해 구인 검증 서비스를 도입했습니다.
    • +
+

반응

+
    +
  • 한 연구에 따르면 온라인 구인 공고의 20%가 가짜이거나 채워지지 않은 상태로 남아 있으며, 이는 종종 기업이 미국 이민 정책을 준수해야 하기 때문입니다. - 기업은 이상적인 후보자를 찾거나, 요구 사항을 변경하거나, 내부 후보자를 미리 선정하기 위해 구인 공고를 계속 게시할 수도 있습니다. - 구직자들은 유령 구인이나 자동 거절을 자주 경험하여 규제 개입을 요구하는 목소리가 높아지고 있습니다.
    • +
+

운전자의 몇 초를 절약하기 위해 보행자에게 교차로를 위험하게 만들기

+

반응

+
    +
  • 논쟁은 교차로가 보행자 안전을 우선시해야 하는지 아니면 운전자 효율성을 우선시해야 하는지를 중심으로 진행되며, 일부는 4방향 정지보다 신호등이 있는 교차로와 보행자 전용 신호를 선호합니다.
    • +
  • 교통 법규와 인프라 설계에 대한 의견은 다양하며, 무단횡단의 안전성과 적신호에서의 우회전에 관련된 위험에 대한 논의가 이루어지고 있습니다.
    • +
  • 일부는 안전과 효율성을 모두 향상시키기 위해 회전 교차로나 네덜란드 교통 공학 기준을 채택하는 것과 같은 대안적 해결책을 지지합니다.
    • +
+

PostgreSQL은 2024년 올해의 데이터베이스 관리 시스템입니다.

+
    +
  • PostgreSQL는 DB-Engines에 의해 2024년 DBMS 올해의 상을 수상했으며, 423개의 다른 데이터베이스 관리 시스템을 제치고 다섯 번째로 이 인정을 받았습니다.
    • +
  • PostgreSQL은 거의 35년에 걸친 역사를 가지고 있으며, 2024년 9월에 출시된 PostgreSQL 17의 최근 개선에서 볼 수 있듯이 계속해서 혁신을 이어가고 있습니다.
    • +
  • 스노우플레이크와 마이크로소프트는 각각 2위와 3위를 차지했으며, 스노우플레이크는 클라우드 기반 데이터 웨어하우징과 멀티 클라우드 지원으로 주목받았고, 마이크로소프트는 Azure SQL Database와 SQL Server를 통해 강력한 관리형 관계형 데이터베이스를 제공한다.
    • +
+

반응

+
    +
  • PostgreSQL은 db-engines.com에 의해 2024년 올해의 데이터베이스 관리 시스템으로 선정되었으며, 이는 업계에서의 인지도와 인기가 높아지고 있음을 강조합니다.
    • +
  • 사용자들은 높은 라이선스 비용과 자원 제한 때문에 마이그레이션의 잠재적 어려움에도 불구하고 Microsoft SQL Server에서 PostgreSQL로 전환하는 것을 고려하고 있습니다.
    • +
  • PostgreSQL는 강력한 기능과 비용 효율성으로 인해 미래 프로젝트에서 선호되는 선택이며, 일부 사용자는 비용 절감을 위해 Babelfish와 같은 대안을 탐색하기도 합니다.
    • +
+

Google의 OAuth 로그인은 실패한 스타트업 도메인 구매를 방지하지 않습니다.

+

반응

+
    +
  • 이 논의는 실패한 스타트업의 도메인이 새로운 소유자에게 인수될 때 Google의 OAuth 로그인 시스템에서 발생할 수 있는 취약점을 강조하며, 이는 잠재적으로 서비스에 대한 무단 접근을 허용할 수 있습니다.
    • +
  • 이 문제는 Google이 원래 도메인 소유자와 새로운 도메인 소유자를 구별하지 못할 수 있기 때문에 발생하며, 도메인 기반 인증을 사용하는 모든 시스템에 영향을 미칩니다.
    • +
  • 제안된 해결책은 시간이 지나도 변하지 않는 고유 식별자를 사용하는 것이지만, 이 해결책의 구현은 신원 제공자마다 다릅니다.
    • +
+

코딩 기술을 사용하여 수동 소득 창출하기

+
    +
  • 저자는 CTO 역할에서 솔로프리뉴어로 전환하여 소프트웨어 제품 포트폴리오를 통해 더 많은 수익을 성공적으로 올렸습니다.
    • +
  • 주요 전략에는 깊이 있는 작업에 집중하고, 작은 프로젝트로 시작하며, 빠르게 반복하고, 마케팅 노력에 시간을 할애하는 것이 포함됩니다.
    • +
  • 이 여정은 불확실성으로 인한 회복력을 강조하지만, 이 경력 경로의 비할 데 없는 자율성과 자유를 강조하며 코딩 기술을 가진 사람들이 이를 수동적 수입을 위한 경로로 고려하도록 권장합니다.
    • +
+

반응

+
    +
  • 한 사용자가 만료되는 도메인 이름을 사용하여 SEO 스팸 웹사이트를 통해 수동 소득을 창출하고, 윤리적 우려와 구글의 최종 단속에도 불구하고 연간 약 3만 달러를 벌어들였다고 설명했습니다.
    • +
  • 그 게시물은 수동 소득에 대한 논쟁을 불러일으켰으며, 일부 사용자들은 그것이 진정한 수동 수익보다는 사업 운영에 더 가깝다고 주장했습니다.
    • +
  • 참가자들은 사이드 프로젝트에서의 경험과 도전 과제를 공유하며, 시간, 회복력, 전략적 계획의 중요성을 강조했습니다.
    • +
+

스페인, 비EU 거주자가 구매한 주택에 100% 세금 제안

+
    +
  • 스페인은 주택 위기 해결과 투기적 구매 억제를 목표로 비EU 거주자의 부동산 구매에 대해 100% 세금을 고려하고 있습니다.
    • +
  • 페드로 산체스 총리의 제안에는 주택 가격과 소득 간의 격차를 해소하기 위해 사회 주택을 확장하고 관광 임대를 규제하는 것이 포함되어 있습니다.
    • +
  • 그 제안의 법률로서의 미래는 불확실하며, 일부 분석가들은 이를 확실한 입법 변화라기보다는 외국인 투자자에 대한 억제책으로 보고 있습니다.
    • +
+

반응

+
    +
  • 스페인은 주택 가격 문제를 해결하기 위해 비EU 거주자가 구매한 주택에 대해 100% 세금을 부과하는 방안을 고려하고 있습니다. - 비평가들은 외국인 구매자가 높은 주택 가격의 주요 원인이 아니며, 느린 관료주의와 구역법이 더 중요한 요인이라고 지적합니다. - 이 제안은 주택 시장에서 외국인 소유의 역할과 주택 가격 문제 해결의 효과에 대한 논쟁을 불러일으켰습니다.
    • +
+

애플은 곧 TSMC의 애리조나 공장에서 '미국산' 칩을 받을 예정입니다.

+
    +
  • 애플은 TSMC의 애리조나 시설에서 프로세서를 테스트하고 있으며, 첫 분기까지 대량 생산을 계획하고 있어 TSMC의 미국 내 제조 칩의 첫 번째 고객이 될 가능성이 있습니다. - 이 이니셔티브는 미국의 실리콘 독립성을 강화하고, 지정학적 및 자연적 위험에 취약한 대만에 대한 의존도를 줄이는 것을 목표로 합니다. - TSMC의 애리조나 공장은 첨단 3nm 및 2nm 칩을 생산할 예정이며, 현지 채용 강화 및 미국 대학과의 파트너십을 추진하고 있지만, 포장 작업은 피오리아 시설이 가동될 때까지 초기에는 대만에서 이루어질 것입니다.
    • +
+

반응

+
    +
  • 애플은 TSMC의 애리조나 공장에서 칩을 받을 예정이지만, 미국 내 시설이 부족하여 포장을 위해 대만으로 다시 보내야 합니다. - 애리조나 공장의 인력 중 50% 이상이 대만 출신으로, 미국의 STEM(과학, 기술, 공학, 수학) 분야의 격차를 나타냅니다. - 미국 반도체 제조를 강화하기 위한 CHIPS 법안 이니셔티브는 포장 과정이 대만에서 이루어짐에 따라 '미국산' 라벨이 의문시되면서 도전에 직면하고 있으며, 2027년까지 미국 내 포장 역량을 갖출 계획입니다.
    • +
+

혼잡 통행료가 시행된 후 맨해튼 도로에서 운전자가 43,000명 감소

+
    +
  • 혼잡 통행료가 시행된 후 60번가 이하 맨해튼에 진입하는 운전자가 7.5% 감소하여 매주 평일마다 43,000명의 운전자가 줄어들었습니다.
    • +
  • 교통량 감소로 인해 교통 흐름이 개선되고 버스 속도가 증가했으며, 일부 급행 버스는 승객 수가 증가했습니다.
    • +
  • 메트로폴리탄 교통국(MTA)은 연간 약 5억 달러로 추산되는 통행료 수익을 교통 개선에 사용하고 있으며, 일부 정치적 반대에도 불구하고 이를 추진하고 있습니다.
    • +
+

반응

+
    +
  • 맨해튼에서 혼잡 통행료 제도를 시행한 결과, 운전자가 43,000명 줄어들었으며, 이는 버스 속도 증가와 잠재적으로 더 나은 응급 대응 시간을 초래했습니다.
    • +
  • 이 정책은 교통 혼잡을 줄이고 공기 질을 개선하기 위해 설계되었지만, 저소득층에 미치는 영향에 대한 논쟁을 불러일으켰습니다.
    • +
  • 지지자들은 혜택으로 더 효율적인 대중교통과 더 깨끗한 공기를 포함한다고 주장하며, 이러한 장점을 운전자의 필요와 균형을 맞추는 논의가 계속되고 있다.
    • +
+ + + + + +]]> + https://hn.cho.sh/ko/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

오픈 파일럿이 장착된 1993년식 볼보 자율주행차

-
    -
  • 친구들 그룹이 2025년 겨울 에디션 카베이지 런에 참가했습니다. 이 행사는 스웨덴을 통해 북극권까지 갔다가 헬싱키로 돌아오는 6일간의 랠리로, 참가 차량은 최소 20년 이상 된 차량이어야 하며 가치가 €1000 이하이어야 합니다.
    • -
  • 그들은 1993년식 볼보 940 에스테이트를 comma.ai의 오픈파일럿을 사용하여 자율주행 차량으로 변환했으며, 전자식 파워 스티어링, 보쉬 iBooster, 테슬라 레이더 센서와 같은 현대적인 부품을 통합했습니다.
    • -
  • 향후 업데이트에는 배선, 맞춤형 엔진 제어 장치(ECU)에 대한 세부 정보와 코드 오픈 소스 계획이 포함되어 있으며, 이는 오래된 차량에 자율 주행 기술을 장착하는 프로젝트의 혁신적인 접근 방식을 강조합니다.
    • -
-

반응

-
    -
  • 1993년식 볼보 940에 자율주행 기술인 오픈파일럿이 장착되어 고전적인 자동차 디자인과 현대 기술의 교차점을 강조하고 있다.
    • -
  • 프로젝트는 브레이크 및 조향 시스템의 업데이트를 포함한 여러 도전에 직면했으며, 특히 조향 칼럼을 용접하는 DIY 수정과 같은 경우 법적 및 안전 문제를 제기했습니다.
    • -
  • 논의는 유럽의 자동차 규제, 미국에서의 핫로드 감소, 자동차 개조 자유에 대한 문화적 차이로 확장되었으며, 이 프로젝트는 안전 문제에도 불구하고 영감을 주는 DIY 노력으로 간주되었습니다.
    • -
-

VoxelSpace: 20줄 미만의 코드로 구현된 지형 렌더링 알고리즘 (2020)

-
    -
  • NovaLogic의 1992년 게임 Comanche는 Voxel Space 엔진을 사용하여 레이 캐스팅에 기반한 2.5D 렌더링 기법으로 음영과 그림자가 있는 상세한 지형을 만들었습니다.
    • -
  • Voxel Space 엔진은 높이 및 색상 맵과 간단한 렌더링 알고리즘을 사용하여 뒤에서 앞으로 수직선을 그렸으며, 이는 성능 최적화를 위해 조정될 수 있었습니다.
    • -
  • 엔진의 코드는 MIT 라이선스 하에 제공되지만, 기술은 여전히 특정 지역에서 특허를 받을 수 있습니다.
    • -
-

반응

-
    -
  • VoxelSpace는 20줄 미만의 코드로 구현할 수 있는 간단함으로 유명한 지형 렌더링 알고리즘으로, 하드웨어가 제한된 시대의 혁신적인 게임 개발에 대한 향수를 불러일으킵니다.
    • -
  • 현대 AAA 게임은 종종 독창성을 희생하면서 복잡한 최적화와 시장 동향에 중점을 두는 반면, 인디 게임과 PICO-8과 같은 플랫폼은 더 많은 창의적 자유를 제공합니다.
    • -
  • 기술 발전에도 불구하고 일부 개발자와 플레이어들은 구형 게임의 '마법'이 사라졌다고 느끼지만, 복셀 렌더링과 같은 혁신적인 프로젝트는 여전히 창의력을 고취시키고 있다.
    • -
-

비디오 게임에서 윤곽선을 그리는 방법

-
    -
  • 이 기사는 인기 있는 게임 개발 플랫폼인 유니티에서 윤곽선을 렌더링하는 다섯 가지 기법을 논의하며, Sable과 The Last of Us와 같은 게임에서의 사용을 강조합니다. - 기법에는 Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm, Edge Detection이 포함되며, 각각 성능과 시각적 품질 측면에서 고유한 장점과 절충점을 가지고 있습니다. - 이 기사는 최적의 게임 미학과 게임 플레이 지원을 위해 이러한 방법을 균형 있게 사용하는 방법에 대한 통찰력을 제공하며, 추가 리소스와 3D 모델에 대한 크레딧도 포함되어 있습니다.
    • -
-

반응

-
    -
  • 이 기사는 비디오 게임에서 윤곽선을 그리는 고급 기술을 탐구하며, 전통적인 방법보다 점프 플러드 알고리즘(JFA)과 서명 거리 필드(SDF)의 효율성을 강조합니다. - 스타일화된 3D 그래픽을 깊이 있게 다루며, 렌더링 기술과 조명 및 스타일링을 위한 신경망의 잠재적 사용에 대해 논의합니다. - 기고자들은 Jet Set Radio와 같은 게임에서 셀 셰이딩의 역사적 발전에 대한 통찰력을 제공하며, 3D 그래픽에서 기술과 예술의 진화하는 교차점을 강조합니다.
    • -
-

저는 워싱턴 포스트를 그만둡니다

-

반응

-
    -
  • 그 저자는 워싱턴 포스트가 변화하는 미디어 환경에 적응하지 못하고 문제를 제시하는 접근 방식이 비효율적이라고 믿기 때문에 민주주의와 같은 중요한 주제에 대해 떠나고 있습니다.
    • -
  • 전통적인 미디어, 특히 지역 신문은 재정적으로 어려움을 겪고 있어 편향된 보도와 대중의 신뢰 하락을 초래하고 있으며, 소셜 미디어는 저널리즘의 철저한 작업을 대체할 수 없습니다.
    • -
  • 부유한 개인, 예를 들어 제프 베조스와 같은 인물들이 미디어 매체에 미치는 영향과 기업의 이익이 권력을 책임지게 하는 미디어의 역할에 미치는 영향에 대한 우려가 제기되고 있습니다.
    • -
-

Perplexity에 광고가 생겼다

-

반응

-
    -
  • Perplexity는 광고를 도입하여, 소비자들이 광고 없는 경험을 위해 비용을 지불하는 것을 꺼리기 때문에 온라인 서비스에서 광고의 불가피성에 대한 논의를 불러일으켰습니다. - 일부 사용자는 광고가 성가시다고 느끼며 광고 없는 검색을 제공하는 Kagi와 같은 구독 기반 서비스를 선호하는 반면, 다른 사람들은 여전히 무료로 광고가 지원되는 옵션을 선택합니다. - 이 상황은 디지털 서비스에서 광고 지원 모델과 구독 기반 모델 간의 지속적인 논쟁을 강조합니다.
    • -
- - - - - -]]> - https://hn.cho.sh/ko/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/nb.xml b/static/rss/newsletter/nb.xml index 6e4f96bf3..4cde995e0 100644 --- a/static/rss/newsletter/nb.xml +++ b/static/rss/newsletter/nb.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

Een Snyk-beveiligingsonderzoeker implementeert kwaadaardige NPM-pakketten die gericht zijn op cursor.com

+
    +
  • Een Snyk-beveiligingsonderzoeker heeft kwaadaardige NPM-pakketten vrijgegeven die gericht zijn op Cursor.com, een AI-coderingsbedrijf, om systeemgegevens te verzamelen en deze naar een door een aanvaller gecontroleerde dienst te sturen.
    • +
  • De pakketten, geïdentificeerd als "cursor-retrieval," "cursor-always-local," en "cursor-shadow-workspace," werden gemarkeerd door de OpenSSF-pakketanalysescanner, resulterend in adviezen MAL-2025-27, MAL-2025-28, en MAL-2025-29.
    • +
  • Dit voorval benadrukt het belang van het onderzoeken van NPM-pakketten voordat ze worden geïnstalleerd om mogelijke beveiligingsbedreigingen te vermijden.
    • +
+

Reaksjoner

+
    +
  • Een Snyk-beveiligingsonderzoeker heeft kwaadaardige NPM (Node Package Manager) pakketten vrijgegeven die gericht zijn op cursor.com, waarmee afhankelijkheidsverwarringskwetsbaarheden worden benadrukt. - Het incident heeft een debat aangewakkerd over de ethiek van beveiligingsonderzoek, met name met betrekking tot de publieke blootstelling van omgevingsvariabelen. - Cursor.com verduidelijkte dat zij de actie niet hebben geautoriseerd, en Snyk heeft sindsdien zijn excuses aangeboden, waarmee de uitdagingen worden onderstreept in het balanceren van offensief beveiligingsonderzoek met ethische normen.
    • +
+

Ik ben overgestapt naar Firefox en heb nooit meer achterom gekeken

+
    +
  • Firefox wordt geprezen voor zijn superieure tabbladbeheer, ingebouwde Pocket-functie voor het opslaan van links en een privacygerichte e-mailrelay, waardoor het een sterk alternatief voor Chrome is. - Extra functies zoals een gebruiksvriendelijke screenshot-tool, een ChatGPT-knop, Picture-in-Picture, aanpasbare zoekopties en soepel scrollen verbeteren de browse-ervaring. - Hoewel Firefox de webapp-functie van Chrome mist, maken het doordachte ontwerp en de verminderde hulpbroneisen het voor sommige gebruikers een voorkeurskeuze.
    • +
+

Reaksjoner

+
    +
  • Firefox-brukere møter utfordringer fra plattformer som YouTube, som kan med vilje forringe opplevelsen for ikke-Google-nettlesere eller brukere som benytter adblockere. - Denne trenden vekker bekymringer om brukernes autonomi, da den straffer de som velger en annonsefri og overvåkingsfri nettopplevelse. - Firefox tilbyr unike funksjoner, som container-faner, som forbedrer personvern og brukervennlighet, noe som gjør det til et foretrukket valg for brukere som søker uavhengighet fra store, bedriftskontrollerte nettlesere.
    • +
+

Sonos-CEO stapt op na debacle met app-update

+

Reaksjoner

+
    +
  • De CEO van Sonos heeft ontslag genomen na een controversiële app-update die gebruikers dwong om dure geluidssystemen te vervangen, wat leidde tot ontevredenheid bij klanten. - De update introduceerde een cloud-gebaseerd systeem, waarmee werd afgestapt van het betrouwbare Universal Plug and Play (UPnP), wat leidde tot verbindingsproblemen en verhoogde complexiteit. - Deze situatie benadrukt het conflict tussen bedrijfsstrategieën en het behouden van klantvertrouwen, terwijl de CEO overgaat naar een adviserende rol met een ontslagvergoeding.
    • +
+

De buik van de MrBeast

+

Reaksjoner

+
    +
  • Het essay onderzoekt hoe het algoritme van YouTube invloed heeft op het maken van content, met MrBeast als casestudy, en benadrukt een verschuiving naar engagement-gedreven in plaats van betekenisvolle content. - Het bespreekt de bredere implicaties voor mediageletterdheid en de culturele impact van platforms zoals YouTube en TikTok, en suggereert een trend naar oppervlakkige en reactionaire content. - Verschillende perspectieven worden overwogen over de rol van algoritmen in het vormgeven van content en de invloed van populaire makers op culturele normen.
    • +
+

GitHub Git-bewerkingen zijn niet beschikbaar

+
    +
  • GitHub kreeg te maken met een storing in Git-operaties op 13 januari 2025, als gevolg van een configuratiewijziging die de interne load balancer beïnvloedde, en duurde van 23:35 tot 00:24 UTC. - Het probleem werd opgelost door de configuratiewijziging terug te draaien, en GitHub werkt aan het verbeteren van monitoring- en implementatieprocessen om soortgelijke incidenten te voorkomen. - De storing beïnvloedde ook de Actions- en Pages-diensten van GitHub, wat de onderling verbonden aard van hun platformdiensten benadrukt.
    • +
+

Reaksjoner

+
    +
  • GitHub sto overfor et stort driftsavbrudd som påvirket git-operasjoner, noe som førte til forvirring blant utviklere som først mistenkte problemer med sine SSH-nøkler eller lokale konfigurasjoner. - Hendelsen understreket utfordringene ved å stole på sentraliserte tjenester, og førte til diskusjoner om fordelene ved selvhosting og desentraliserte systemer. - Selv om problemet ble løst, fremhevet det bekymringer om GitHubs pålitelighet og risikoene ved å være avhengig av tredjepartsplattformer for essensielle oppgaver.
    • +
+

ZFS 2.3 uitgebracht met ZFS raidz-uitbreiding

+
    +
  • OpenZFS 2.3.0 har blitt utgitt, og introduserer betydelige funksjoner som RAIDZ-utvidelse, rask deduplisering, direkte inn-/utdata, JSON-utdata og støtte for lange filnavn. - Utgivelsen inkluderer essensielle feilrettinger og ytelsesforbedringer, kompatibel med Linux-kjerner 4.18 - 6.12 og FreeBSD-versjoner 13.3, 14.0 - 14.2. - Oppdateringen er et samarbeid fra 134 bidragsytere, med omfattende dokumentasjon og en endringslogg tilgjengelig for gjennomgang.
    • +
+

Reaksjoner

+
    +
  • ZFS 2.3 har blitt lansert, og introduserer funksjoner som RAIDZ-utvidelse, rask deduplisering, direkte IO, JSON-utdata og støtte for lange filnavn. - RAIDZ-utvidelse er spesielt bemerkelsesverdig da det lar brukere legge til nye enheter i en eksisterende RAIDZ-pool uten nedetid, noe som øker lagringskapasiteten. - Utgivelsen anses som et betydelig fremskritt for ZFS-brukere, og trekker sammenligninger med andre filsystemer som Btrfs og Windows Storage Spaces, til tross for noen begrensninger som manglende evne til å krympe pools.
    • +
+

Webtop – Alpine, Ubuntu, Fedora og Arch containere som inneholder komplette skrivebordsmiljøer

+
    +
  • Linuxserver/webtop biedt containers gebaseerd op Alpine, Ubuntu, Fedora en Arch met volledige desktopomgevingen die toegankelijk zijn via webbrowsers, en ondersteunt zowel x86-64 als arm64 architecturen.
    • +
  • Gebruikers kunnen kiezen uit verschillende desktopomgevingen zoals XFCE, KDE, MATE, i3, Openbox en IceWM door specifieke afbeeldingslabels te gebruiken en toegang te krijgen tot de Webtop via aangewezen URL's.
    • +
  • Beveiligingsfuncties omvatten Docker's seccomp-optie en authenticatie-instellingen, met aanpassingsmogelijkheden beschikbaar via omgevingsvariabelen, en ondersteuning voor GPU-versnelling met open-source stuurprogramma's.
    • +
+

Reaksjoner

+
    +
  • Webtop biedt containers met volledige desktopomgevingen voor Alpine, Ubuntu, Fedora en Arch, geschikt voor snelle installaties achter een VPN.
    • +
  • Gebruikers prijzen Webtop voor zijn snelheid en gebruiksgemak, vooral wanneer het wordt gebruikt met de Gluetun-container voor veilige verbindingen, maar waarschuwen tegen het blootstellen van containers aan het internet zonder beveiligingsmaatregelen vanwege het ontbreken van standaardauthenticatie.
    • +
  • Het project wordt gewaardeerd omdat het open-source en flexibel is, waarbij gebruikers configuraties delen, en alternatieven zoals Kasm en Selkies worden opgemerkt voor soortgelijke doeleinden.
    • +
+

1 op de 5 online vacatures is ofwel nep of wordt nooit ingevuld, blijkt uit onderzoek

+
    +
  • Een recente studie wijst uit dat 20% van de online vacatures ofwel nep zijn of onvervuld blijven, wat bijdraagt aan de frustratie van werkzoekenden. - Deze trend van "spookbanen" kan een tactiek zijn voor bedrijven om een beeld van groei te projecteren. - Banenplatforms zoals Greenhouse en LinkedIn hebben diensten voor vacatureverificatie geïntroduceerd om gebruikers te helpen echte kansen te identificeren.
    • +
+

Reaksjoner

+
    +
  • Een studie onthult dat 20% van de online vacatures ofwel nep zijn of onvervuld blijven, vaak omdat bedrijven moeten voldoen aan de Amerikaanse immigratiebeleid. - Bedrijven kunnen ook vacatures laten staan om ideale kandidaten te vinden, eisen te veranderen, of omdat ze al interne kandidaten hebben geselecteerd. - De arbeidsmarkt is moeilijk voor sollicitanten, die vaak te maken krijgen met ghosting en geautomatiseerde afwijzingen, wat oproept tot regelgevende interventie.
    • +
+

Een kruispunt onveilig maken voor voetgangers om seconden te besparen voor automobilisten

+

Reaksjoner

+
    +
  • Het debat draait om de vraag of kruispunten de veiligheid van voetgangers of de efficiëntie van bestuurders moeten prioriteren, waarbij sommigen de voorkeur geven aan lichtgeregelde kruispunten en voetgangersscrambles boven 4-wegstops.
    • +
  • De meningen over verkeerswetten en infrastructuurontwerp lopen uiteen, met discussies over de veiligheid van het oversteken buiten de oversteekplaats en de risico's die gepaard gaan met rechtsaf slaan bij rood licht.
    • +
  • Enkele pleiten voor alternatieve oplossingen zoals rotondes of het aannemen van Nederlandse verkeerskundige normen om zowel de veiligheid als de efficiëntie te verbeteren.
    • +
+

PostgreSQL is het Database Management Systeem van het Jaar 2024

+
    +
  • PostgreSQL is bekroond met de titel DBMS van het Jaar 2024 door DB-Engines, en behaalt deze erkenning voor de vijfde keer, waarmee het 423 andere databasebeheersystemen overtreft.
    • +
  • PostgreSQL, med en historie som strekker seg over nesten 35 år, fortsetter å innovere, noe som ses i de nylige forbedringene av PostgreSQL 17, utgitt i september 2024.
    • +
  • Snowflake en Microsoft sikret seg henholdsvis andre- og tredjeplass, med Snowflake kjent for sin skybaserte datalagring og støtte for flere skyer, mens Microsoft tilbyr robuste administrerte relasjonsdatabaser gjennom Azure SQL Database og SQL Server.
    • +
+

Reaksjoner

+
    +
  • PostgreSQL is bekroond met de titel Database Management System van het Jaar 2024 door db-engines.com, wat de groeiende populariteit en erkenning in de industrie benadrukt.
    • +
  • Gebruikers overwegen over te stappen van Microsoft SQL Server naar PostgreSQL vanwege de hoge licentiekosten en beperkingen in middelen, ondanks mogelijke migratie-uitdagingen.
    • +
  • PostgreSQL wordt geprefereerd vanwege zijn robuuste functies en kosteneffectiviteit, waardoor het een voorkeurskeuze is voor toekomstige projecten, hoewel sommige gebruikers alternatieven zoals Babelfish verkennen om kosten te verlagen.
    • +
+

De OAuth-login van Google beschermt niet tegen het kopen van een mislukte startup-domein.

+

Reaksjoner

+
    +
  • De discussie benadrukt een kwetsbaarheid in het OAuth-inlogsysteem van Google wanneer het domein van een mislukte startup wordt overgenomen door een nieuwe eigenaar, wat mogelijk ongeautoriseerde toegang tot diensten kan toestaan.
    • +
  • Dit probleem ontstaat omdat Google mogelijk geen onderscheid maakt tussen de oorspronkelijke en nieuwe domeineigenaren, wat van invloed is op elk systeem dat domeingebaseerde authenticatie gebruikt.
    • +
  • Een voorgestelde oplossing is om unieke identificatoren te gebruiken die constant blijven in de tijd, hoewel de implementatie van deze oplossing varieert tussen identiteitsaanbieders.
    • +
+

Codering gebruiken om passief inkomen te genereren

+
    +
  • De auteur ging over van een CTO-rol naar een solopreneur en verdiende met succes meer door middel van een portfolio van softwareproducten.
    • +
  • Belangrijke strategieën omvatten het richten op diep werk, beginnen met kleine projecten, snel itereren en tijd besteden aan marketinginspanningen.
    • +
  • De reis benadrukt veerkracht vanwege onzekerheden, maar benadrukt de ongeëvenaarde autonomie en vrijheid van dit carrièrepad, en moedigt degenen met codeervaardigheden aan om het te overwegen voor passief inkomen.
    • +
+

Reaksjoner

+
    +
  • Een gebruiker beschreef het genereren van passief inkomen via SEO-spamwebsites met behulp van verlopen domeinnamen, waarbij hij ongeveer $30.000 per jaar verdiende, ondanks ethische bezwaren en Google's uiteindelijke optreden.
    • +
  • De post veroorzaakte een debat over passief inkomen, waarbij sommige gebruikers betoogden dat het meer lijkt op het runnen van een bedrijf dan op echt passieve inkomsten.
    • +
  • Deelnemers deelden ervaringen en uitdagingen in nevenprojecten, waarbij ze het belang van tijd, veerkracht en strategische planning benadrukten.
    • +
+

Spanje stelt een belasting van 100% voor op woningen die door niet-EU-ingezetenen worden gekocht

+
    +
  • Spanje overweegt een belasting van 100% op vastgoed aankopen door niet-EU ingezetenen, met als doel de woningcrisis aan te pakken en speculatieve aankopen te beperken.
    • +
  • Het voorstel van premier Pedro Sánchez omvat de uitbreiding van sociale huisvesting en het reguleren van toeristische verhuur om de kloof tussen woningprijzen en inkomens aan te pakken.
    • +
  • De fremtidige statusen til forslaget som lov er usikker, med noen analytikere som ser det som en avskrekkende faktor for utenlandske investorer snarere enn en garantert lovendring.
    • +
+

Reaksjoner

+
    +
  • Spanje overweegt een belasting van 100% op woningen die door niet-EU-ingezetenen worden gekocht om problemen met betaalbaarheid van woningen aan te pakken. - Critici suggereren dat buitenlandse kopers niet de primaire oorzaak zijn van de hoge huizenprijzen, en wijzen op trage bureaucratie en bestemmingsplannen als belangrijkere factoren. - Het voorstel heeft een debat aangewakkerd over de rol van buitenlands eigendom in woningmarkten en de effectiviteit ervan bij het oplossen van betaalbaarheidsproblemen.
    • +
+

Apple zal binnenkort 'made in America'-chips ontvangen van TSMC's fabriek in Arizona

+
    +
  • Apple tester prosessorer fra TSMCs anlegg i Arizona, med planer om masseproduksjon innen første kvartal, og kan potensielt bli TSMCs første amerikanske kunde for lokalt produserte brikker. - Dette initiativet har som mål å styrke USAs silisiumuavhengighet, og redusere avhengigheten av Taiwan, som er sårbar for geopolitiske og naturlige risikoer. - TSMCs fabrikk i Arizona skal produsere avanserte 3nm og 2nm brikker, med pågående innsats for å forbedre lokal rekruttering og partnerskap med amerikanske universiteter, selv om pakking i utgangspunktet vil skje i Taiwan inntil anlegget i Peoria er operativt.
    • +
+

Reaksjoner

+
    +
  • Apple vil motta brikker fra TSMCs fabrikk i Arizona, men de må sendes tilbake til Taiwan for pakking på grunn av utilstrekkelige fasiliteter i USA. - Over 50 % av arbeidsstyrken ved fabrikken i Arizona er fra Taiwan, noe som indikerer et gap i USAs STEM-felt (vitenskap, teknologi, ingeniørfag og matematikk). - CHIPS Act-initiativet, som har som mål å styrke USAs halvlederproduksjon, står overfor utfordringer ettersom "Made in America"-merket blir stilt spørsmål ved på grunn av pakkeprosessen som skjer i Taiwan, med planer om amerikanske pakkemuligheter innen 2027.
    • +
+

43.000 færre sjåfører på veiene i Manhattan etter at veiprisene ble aktivert

+
    +
  • Na de invoering van tolheffing voor congestie was er een vermindering van 7,5% in het aantal bestuurders dat Manhattan onder 60th Street binnenreed, wat neerkomt op 43.000 minder bestuurders per weekdag.
    • +
  • De vermindering van het verkeer heeft de doorstroming verbeterd en de snelheid van bussen verhoogd, waarbij sommige snelbussen een hogere bezetting ervaren.
    • +
  • De Metropolitan Transportation Authority (MTA) gebruikt de tolinkomsten, geschat op $500 miljoen per jaar, voor verbeteringen in het openbaar vervoer, ondanks enige politieke tegenstand.
    • +
+

Reaksjoner

+
    +
  • De implementatie van congestieheffing in Manhattan heeft geresulteerd in 43.000 minder automobilisten, wat heeft geleid tot hogere bussnelheden en mogelijk betere responstijden voor nooddiensten.
    • +
  • Het beleid is ontworpen om verkeersopstoppingen te verminderen en de luchtkwaliteit te verbeteren, hoewel het debat heeft aangewakkerd over de impact ervan op mensen met een lager inkomen.
    • +
  • Voorstanders beweren dat de voordelen efficiënter openbaar vervoer en schonere lucht omvatten, terwijl de discussies doorgaan over het balanceren van deze voordelen met de behoeften van automobilisten.
    • +
+ + + + + +]]> + https://hn.cho.sh/nb/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Zelfrijdende Volvo uit 1993 met open piloot

-
    -
  • Een groep vrienden nam deel aan de Carbage Run 2025 Wintereditie, een 6-daagse rally door Zweden naar de poolcirkel en terug naar Helsinki, waarbij auto's minstens 20 jaar oud moesten zijn en een waarde van minder dan €1000 moesten hebben.
    • -
  • Ze hebben een Volvo 940 Estate uit 1993 omgebouwd tot een zelfrijdend voertuig met behulp van openpilot van comma.ai, waarbij ze moderne componenten zoals elektrische stuurbekrachtiging, een Bosch iBooster en een Tesla-radarsensor hebben geïntegreerd.
    • -
  • Toekomstige updates zullen details bevatten over bedrading, een aangepaste Engine Control Unit (ECU), en plannen om de code open-source te maken, waarbij de innovatieve benadering van het project om oudere voertuigen uit te rusten met autonome technologie wordt benadrukt.
    • -
-

Reaksjoner

-
    -
  • Een Volvo 940 uit 1993 werd uitgerust met OpenPilot, een zelfrijdende technologie, wat de kruising tussen klassiek autodesign en moderne technologie benadrukt.
    • -
  • Het project stond voor uitdagingen, waaronder het updaten van de rem- en stuursystemen, wat juridische en veiligheidsproblemen met zich meebracht, vooral bij doe-het-zelf-aanpassingen zoals het lassen van de stuurkolom.
    • -
  • De discussie breidde zich uit naar autoreglementen in Europa, de afname van hotrods in de VS en culturele verschillen in de vrijheid van autowijzigingen, waarbij het project werd gezien als een inspirerende doe-het-zelf-inspanning ondanks veiligheidszorgen.
    • -
-

VoxelSpace: Terrainterenderingsalgoritme i mindre enn 20 linjer med kode (2020)

-
    -
  • NovaLogics spill Comanche fra 1992 brukte Voxel Space-motoren, en 2.5D gjengivelsesteknikk basert på strålekasting, for å skape detaljerte terreng med skyggelegging og skygger.
    • -
  • De Voxel Space-motoren brukte høyde- og fargekart og en enkel gjengivelsesalgoritme, som tegnet vertikale linjer fra bak til front, noe som kunne optimaliseres for ytelse.
    • -
  • De code van motoren er tilgjengelig under MIT-lisensen, men teknologien kan fortsatt være patentert i visse regioner.
    • -
-

Reaksjoner

-
    -
  • VoxelSpace is een terreinrenderingsalgoritme dat opvalt door zijn eenvoud, met minder dan 20 regels code, en roept nostalgie op voor innovatieve spelontwikkeling tijdens hardware-beperkte tijdperken.
    • -
  • Moderne AAA-spill fokuserer på komplekse optimaliseringer og markedstrender, ofte på bekostning av originalitet, mens indie-spill og plattformer som PICO-8 gir mer kreativ frihet.
    • -
  • Ondanks technologische vooruitgang voelen sommige ontwikkelaars en spelers dat de 'magie' van oudere spellen ontbreekt, hoewel innovatieve projecten zoals voxel rendering creativiteit blijven inspireren.
    • -
-

Hoe teken je een omtrek in een videospel

-
    -
  • Het artikel bespreekt vijf technieken voor het weergeven van contouren in Unity, een populair platform voor game-ontwikkeling, en benadrukt hun gebruik in games zoals Sable en The Last of Us. - Technieken omvatten Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm en Edge Detection, elk met unieke voordelen en afwegingen op het gebied van prestaties en visuele kwaliteit. - Het artikel biedt inzichten in het balanceren van deze methoden voor optimale game-esthetiek en gameplay-ondersteuning, met aanvullende bronnen en credits voor 3D-modellen inbegrepen.
    • -
-

Reaksjoner

-
    -
  • Artikkelen utforsker avanserte teknikker for å tegne konturer i videospill, med vekt på effektiviteten til Jump Flood Algorithm (JFA) og Signed Distance Fields (SDFs) sammenlignet med tradisjonelle metoder. - Den går i dybden på stiliserte 3D-grafikk, diskuterer renderingsteknikker og den potensielle bruken av nevrale nettverk for belysning og styling. - Bidragsytere gir innsikt i den historiske utviklingen av cel shading i spill, som Jet Set Radio, og fremhever det stadig utviklende samspillet mellom teknologi og kunst i 3D-grafikk.
    • -
-

Ik stop bij de Washington Post

-

Reaksjoner

-
    -
  • De auteur forlater Washington Post på grunn av avisens manglende evne til å tilpasse seg det stadig skiftende medielandskapet og dens tilnærming til å presentere saker, som de mener er ineffektiv for kritiske emner som demokrati.
    • -
  • Traditionele media, met name lokale kranten, hebben het financieel moeilijk, wat leidt tot bevooroordeelde berichtgeving en een afname van het publieke vertrouwen, terwijl sociale media het rigoureuze werk van de journalistiek niet kunnen vervangen.
    • -
  • Er zijn bekymringer over innflytelsen fra velstående individer, som Jeff Bezos, på mediekanaler, og virkningen av bedriftsinteresser på medienes rolle i å holde makten ansvarlig.
    • -
-

Perplexity heeft advertenties gekregen

-

Reaksjoner

-
    -
  • Perplexity har introdusert annonser, noe som har ført til diskusjoner om uunngåeligheten av annonser i nettjenester på grunn av forbrukernes motvilje mot å betale for annonsefrie opplevelser. - Noen brukere finner annonser påtrengende og foretrekker abonnementsbaserte tjenester som Kagi, som tilbyr annonsefri søk, mens andre fortsetter å velge gratis, annonsebaserte alternativer. - Denne situasjonen understreker den pågående debatten mellom annonsebaserte og abonnementsbaserte modeller i digitale tjenester.
    • -
- - - - - -]]> - https://hn.cho.sh/nb/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/nl.xml b/static/rss/newsletter/nl.xml index 1133fc0b5..81975565a 100644 --- a/static/rss/newsletter/nl.xml +++ b/static/rss/newsletter/nl.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

En Snyk-sikkerhetsforsker distribuerer ondsinnede NPM-pakker rettet mot cursor.com

+
    +
  • En Snyk-sikkerhetsforsker ga ut ondsinnede NPM-pakker rettet mot Cursor.com, et AI-kodingsselskap, for å samle systemdata og sende dem til en angriperstyrt tjeneste.
    • +
  • Pakker, identifisert som "cursor-retrieval," "cursor-always-local," og "cursor-shadow-workspace," ble flagget av OpenSSF-pakkeanalyseskanneren, noe som resulterte i rådgivninger MAL-2025-27, MAL-2025-28, og MAL-2025-29.
    • +
  • Denne hendelsen understreker viktigheten av å granske NPM-pakker før installasjon for å unngå potensielle sikkerhetstrusler.
    • +
+

Reacties

+
    +
  • En Snyk-sikkerhetsforsker ga ut ondsinnede NPM (Node Package Manager) pakker rettet mot cursor.com, og fremhevet sårbarheter knyttet til avhengighetsforvirring. - Hendelsen har utløst en debatt om etikken i sikkerhetsforskning, spesielt med hensyn til offentlig eksponering av miljøvariabler. - Cursor.com presiserte at de ikke autoriserte handlingen, og Snyk har siden beklaget, noe som understreker utfordringene med å balansere offensiv sikkerhetsforskning med etiske standarder.
    • +
+

Jeg byttet til Firefox og har aldri sett meg tilbake

+
    +
  • Firefox blir rost for sin overlegne fanebehandling, innebygde Pocket-funksjon for å lagre lenker, og en personvernfokusert e-postvideresending, noe som gjør det til et sterkt alternativ til Chrome. - Ytterligere funksjoner som et brukervennlig skjermbildeverktøy, en ChatGPT-knapp, bilde-i-bilde, tilpassbare søkealternativer og jevn rulling forbedrer nettleseropplevelsen. - Selv om Firefox mangler Chromes webapp-funksjon, gjør dens gjennomtenkte design og reduserte ressurskrav det til et foretrukket valg for noen brukere.
    • +
+

Reacties

+
    +
  • Firefox-brukere møter utfordringer fra plattformer som YouTube, som kan med vilje forringe opplevelsen for ikke-Google-nettlesere eller brukere som benytter annonseblokkere. - Denne trenden vekker bekymring for brukernes autonomi, da den straffer de som velger en annonsefri og overvåkingsfri nettopplevelse. - Firefox tilbyr unike funksjoner, som containerfaner, som forbedrer personvern og brukervennlighet, noe som gjør det til et foretrukket valg for brukere som søker uavhengighet fra store selskapskontrollerte nettlesere.
    • +
+

Sonos-sjef går av etter appoppdateringsfiasko

+

Reacties

+
    +
  • Sonos-sjefen har trukket seg etter en kontroversiell appoppdatering som krevde at brukerne måtte erstatte kostbare lydsystemer, noe som førte til misnøye blant kundene. - Oppdateringen introduserte et skybasert system, som gikk bort fra det pålitelige Universal Plug and Play (UPnP), noe som førte til tilkoblingsproblemer og økt kompleksitet. - Denne situasjonen understreker konflikten mellom forretningsstrategier og opprettholdelse av kundetillit, ettersom administrerende direktør går over i en rådgivende rolle med en sluttpakke.
    • +
+

i magen til MrBeast

+

Reacties

+
    +
  • Essayet undersøker hvordan YouTubes algoritme påvirker innholdsskaping, ved å bruke MrBeast som en case-studie, og fremhever et skifte mot engasjementsdrevet snarere enn meningsfullt innhold. - Det diskuterer de bredere implikasjonene for mediekunnskap og den kulturelle påvirkningen av plattformer som YouTube og TikTok, og antyder en trend mot overfladisk og reaksjonært innhold. - Ulike perspektiver vurderes på algoritmenes rolle i å forme innhold og innflytelsen av populære skapere på kulturelle normer.
    • +
+

GitHub Git-operasjoner er nede

+
    +
  • GitHub opplevde et driftsavbrudd for Git-operasjoner den 13. januar 2025, på grunn av en konfigurasjonsendring som påvirket den interne lastbalansereren, og varte fra 23:35 til 00:24 UTC. - Problemet ble løst ved å tilbakestille konfigurasjonsendringen, og GitHub jobber med å forbedre overvåkings- og distribusjonsprosessene for å forhindre lignende hendelser. - Avbruddet påvirket også GitHubs Actions- og Pages-tjenester, noe som fremhever den sammenkoblede naturen til deres plattformtjenester.
    • +
+

Reacties

+
    +
  • GitHub opplevde et stort driftsavbrudd som påvirket git-operasjoner, noe som førte til forvirring blant utviklere som først mistenkte problemer med sine SSH-nøkler eller lokale konfigurasjoner. - Hendelsen understreket utfordringene ved å stole på sentraliserte tjenester, og førte til diskusjoner om fordelene med selvhosting og desentraliserte systemer. - Selv om problemet ble løst, fremhevet det bekymringer om GitHubs pålitelighet og risikoene ved å være avhengig av tredjepartsplattformer for viktige oppgaver.
    • +
+

ZFS 2.3 utgitt med ZFS raidz-utvidelse

+
    +
  • OpenZFS 2.3.0 is uitgebracht en introduceert belangrijke functies zoals RAIDZ-uitbreiding, snelle deduplicatie, directe invoer/uitvoer, JSON-uitvoer en ondersteuning voor lange bestandsnamen. - De release bevat essentiële bugfixes en prestatieverbeteringen, compatibel met Linux-kernels 4.18 - 6.12 en FreeBSD-versies 13.3, 14.0 - 14.2. - De update is een gezamenlijke inspanning van 134 bijdragers, met uitgebreide documentatie en een wijzigingslogboek beschikbaar voor inzage.
    • +
+

Reacties

+
    +
  • ZFS 2.3 is uitgebracht en introduceert functies zoals RAIDZ-uitbreiding, snelle deduplicatie, directe IO, JSON-uitvoer en ondersteuning voor lange bestandsnamen. - RAIDZ-uitbreiding is bijzonder opmerkelijk omdat het gebruikers in staat stelt om nieuwe apparaten toe te voegen aan een bestaande RAIDZ-pool zonder downtime, waardoor de opslagcapaciteit wordt vergroot. - De release wordt beschouwd als een belangrijke vooruitgang voor ZFS-gebruikers, met vergelijkingen met andere bestandssystemen zoals Btrfs en Windows Storage Spaces, ondanks enkele beperkingen zoals het onvermogen om pools te verkleinen.
    • +
+

Webtop – Alpine, Ubuntu, Fedora og Arch containere som inneholder komplette skrivebordsmiljøer

+
    +
  • Linuxserver/webtop tilbyr containere basert på Alpine, Ubuntu, Fedora og Arch med komplette skrivebordsmiljøer som er tilgjengelige gjennom nettlesere, og støtter både x86-64 og arm64 arkitekturer.
    • +
  • Brukere kan velge mellom ulike skrivebordsmiljøer som XFCE, KDE, MATE, i3, Openbox og IceWM ved å bruke spesifikke bildetagger, og få tilgang til Webtop via angitte URL-er.
    • +
  • SIkkershetsfunksjoner inkluderer Dockers seccomp-alternativ og autentiseringsoppsett, med tilpasningsmuligheter tilgjengelig gjennom miljøvariabler, og støtte for GPU-akselerasjon med åpen kildekode-drivere.
    • +
+

Reacties

+
    +
  • Webtop tilbyr containere med komplette skrivebordsmiljøer for Alpine, Ubuntu, Fedora og Arch, egnet for raske oppsett bak en VPN.
    • +
  • Brukere roser Webtop for hastigheten og brukervennligheten, spesielt når det brukes med Gluetun-containeren for sikre tilkoblinger, men advarer mot å eksponere containere for internett uten sikkerhetstiltak på grunn av manglende standardautentisering.
    • +
  • Prosjektet er verdsatt for å være åpen kildekode og fleksibelt, med brukere som deler konfigurasjoner, og alternativer som Kasm og Selkies er kjent for lignende formål.
    • +
+

1 av 5 nettbaserte stillingsannonser er enten falske eller aldri fylt, ifølge en studie

+
    +
  • En nylig studie indikerer at 20 % av nettbaserte stillingsannonser enten er falske eller forblir ubesatte, noe som øker frustrasjonen blant jobbsøkere. - Denne "spøkelsesjobb"-trenden kan være en taktikk for selskaper for å projisere et bilde av vekst. - Jobbplattformer som Greenhouse og LinkedIn har introdusert jobbverifiseringstjenester for å hjelpe brukere med å identifisere ekte jobbmuligheter.
    • +
+

Reacties

+
    +
  • En studie avslører at 20 % av nettbaserte stillingsannonser enten er falske eller forblir ubesatte, ofte fordi selskaper må overholde amerikanske immigrasjonsregler. - Selskaper kan også la stillingsannonser stå for å finne ideelle kandidater, endre krav eller ha forhåndsvalgte interne kandidater. - Arbeidsmarkedet er vanskelig for søkere, som ofte opplever ghosting og automatiserte avslag, noe som fører til krav om regulerende inngrep.
    • +
+

Å gjøre et veikryss utrygt for fotgjengere for å spare sekunder for bilister

+

Reacties

+
    +
  • Debatten dreier seg om hvorvidt kryss skal prioritere fotgjengersikkerhet eller sjåføreffektivitet, med noen som foretrekker lysregulerte kryss og fotgjengerfelt fremfor 4-veis stopp.
    • +
  • Meningen varierer om trafikklover og infrastrukturdesign, med diskusjoner om sikkerheten ved å krysse gaten utenfor gangfelt og risikoene forbundet med å svinge til høyre på rødt lys.
    • +
  • Enkelte taler for alternative løsninger som rundkjøringer eller å ta i bruk nederlandske trafikkingeniørstandarder for å forbedre både sikkerhet og effektivitet.
    • +
+

PostgreSQL er Database Management System of the Year 2024

+
    +
  • PostgreSQL har blitt tildelt prisen DBMS of the Year 2024 av DB-Engines, og oppnår denne anerkjennelsen for femte gang, og overgår 423 andre databasehåndteringssystemer.
    • +
  • PostgreSQL, med en historie som strekker seg over nesten 35 år, fortsetter å innovere, som sett i de nylige forbedringene av PostgreSQL 17, utgitt i september 2024.
    • +
  • Snowflake og Microsoft sikret seg henholdsvis andre og tredje plass, med Snowflake kjent for sin skybaserte datalagring og støtte for flere skyer, mens Microsoft tilbyr robuste administrerte relasjonsdatabaser gjennom Azure SQL Database og SQL Server.
    • +
+

Reacties

+
    +
  • PostgreSQL har blitt tildelt prisen for Database Management System of the Year 2024 av db-engines.com, noe som fremhever dens økende popularitet og anerkjennelse i bransjen.
    • +
  • Brukere vurderer å bytte fra Microsoft SQL Server til PostgreSQL på grunn av høye lisenskostnader og ressursbegrensninger, til tross for potensielle migrasjonsutfordringer.
    • +
  • PostgreSQL er foretrukket for sine robuste funksjoner og kostnadseffektivitet, noe som gjør det til et foretrukket valg for fremtidige prosjekter, selv om noen brukere utforsker alternativer som Babelfish for å redusere kostnader.
    • +
+

Googles OAuth-pålogging beskytter ikke mot kjøp av et mislykket oppstartsdomenenavn

+

Reacties

+
    +
  • Diskusjonen fremhever en sårbarhet i Googles OAuth-påloggingssystem når et mislykket oppstartsdomene blir kjøpt opp av en ny eier, noe som potensielt kan tillate uautorisert tilgang til tjenester.
    • +
  • Dette problemet oppstår fordi Google kanskje ikke skiller mellom de opprinnelige og nye domeneeierne, noe som påvirker ethvert system som bruker domenebasert autentisering.
    • +
  • En foreslått løsning er å bruke unike identifikatorer som forblir konstante over tid, selv om implementeringen av denne løsningen varierer blant identitetsleverandører.
    • +
+

Bruke kodingsevner for å tjene passiv inntekt

+
    +
  • Forfatteren gikk fra en CTO-rolle til å bli en soloprenør, og tjente suksessfullt mer gjennom en portefølje av programvareprodukter.
    • +
  • Viktige strategier inkluderer å fokusere på dypt arbeid, starte med små prosjekter, iterere raskt og dedikere tid til markedsføringsinnsats.
    • +
  • Reisen understreker motstandskraft på grunn av usikkerheter, men fremhever den uovertrufne autonomien og friheten i denne karriereveien, og oppmuntrer de med kodingferdigheter til å vurdere den for passiv inntekt.
    • +
+

Reacties

+
    +
  • En bruker beskrev hvordan de genererte passiv inntekt gjennom SEO-spam-nettsteder ved å bruke utløpende domenenavn, og tjente omtrent $30 000 årlig, til tross for etiske bekymringer og Googles eventuelle nedslag.
    • +
  • Innlegget utløste en debatt om passiv inntekt, der noen brukere hevdet at det ligner mer på å drive en virksomhet enn virkelig passive inntekter.
    • +
  • Deltakerne delte erfaringer og utfordringer i sideprosjekter, og fremhevet viktigheten av tid, motstandskraft og strategisk planlegging.
    • +
+

Spania foreslår 100 % skatt på boliger kjøpt av ikke-EU-bosatte

+
    +
  • Spania vurderer en 100 % skatt på eiendomskjøp av ikke-EU-bosatte, med mål om å løse boligkrisen og dempe spekulative kjøp.
    • +
  • Statsminister Pedro Sánchez sitt forslag inkluderer å utvide sosial boligbygging og regulere turistutleie for å takle forskjellen mellom boligpriser og inntekter.
    • +
  • Forslagets fremtid som lov er usikker, med noen analytikere som ser det som en avskrekkende faktor for utenlandske investorer snarere enn en garantert lovendring.
    • +
+

Reacties

+
    +
  • Spania vurderer en 100 % skatt på boliger kjøpt av ikke-EU-borgere for å takle problemer med boligoverkommelighet. - Kritikere antyder at utenlandske kjøpere ikke er den primære årsaken til høye boligpriser, og peker på treg byråkrati og reguleringslover som mer betydelige faktorer. - Forslaget har utløst en debatt om rollen til utenlandsk eierskap i boligmarkedene og dets effektivitet i å løse overkommelighetsproblemer.
    • +
+

Apple vil snart motta 'laget i Amerika'-brikker fra TSMCs fabrikk i Arizona

+
    +
  • Apple tester prosessorer fra TSMCs anlegg i Arizona, med planer om masseproduksjon innen første kvartal, og kan potensielt bli TSMCs første amerikanske kunde for lokalt produserte brikker. - Dette initiativet har som mål å styrke USAs silisiumuavhengighet, og redusere avhengigheten av Taiwan, som er sårbar for geopolitiske og naturlige risikoer. - TSMCs fabrikk i Arizona skal produsere avanserte 3nm og 2nm brikker, med pågående innsats for å forbedre lokal rekruttering og partnerskap med amerikanske universiteter, selv om pakking i utgangspunktet vil skje i Taiwan inntil anlegget i Peoria er operativt.
    • +
+

Reacties

+
    +
  • Apple vil motta brikker fra TSMCs anlegg i Arizona, men de må sendes tilbake til Taiwan for pakking på grunn av utilstrekkelige fasiliteter i USA. - Over 50 % av arbeidsstyrken ved anlegget i Arizona er fra Taiwan, noe som indikerer et gap i USAs STEM-felt (vitenskap, teknologi, ingeniørfag og matematikk). - CHIPS Act-initiativet, som har som mål å styrke USAs halvlederproduksjon, står overfor utfordringer ettersom "Made in America"-merket blir stilt spørsmål ved på grunn av pakkeprosessen som skjer i Taiwan, med planer om amerikanske pakkemuligheter innen 2027.
    • +
+

43 000 færre sjåfører på veiene i Manhattan etter at veiprisene ble aktivert

+
    +
  • Etter at veiprising ble implementert, var det en reduksjon på 7,5 % i antall sjåfører som kjørte inn i Manhattan sør for 60th Street, noe som tilsvarer 43 000 færre sjåfører hver ukedag.
    • +
  • Reduksjonen i trafikken har forbedret trafikkflyten og økt bussfartene, med noen ekspressbusser som opplever høyere passasjertall.
    • +
  • Metropolitan Transportation Authority (MTA) bruker inntektene fra bompenger, anslått til 500 millioner dollar årlig, til forbedringer av kollektivtransport, til tross for en viss politisk motstand.
    • +
+

Reacties

+
    +
  • Implementeringen av køprising i Manhattan har resultert i 43 000 færre sjåfører, noe som har ført til økte busshastigheter og potensielt bedre responstider for nødetatene.
    • +
  • Politikken er utformet for å redusere trafikkbelastning og forbedre luftkvaliteten, selv om den har utløst debatt om dens innvirkning på personer med lavere inntekt.
    • +
  • Forkjempere hevder at fordelene inkluderer mer effektiv kollektivtransport og renere luft, mens diskusjonene fortsetter om å balansere disse fordelene med behovene til sjåfører.
    • +
+ + + + + +]]> + https://hn.cho.sh/nl/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Selvkjørende 1993 Volvo med åpen pilot

-
    -
  • En gruppe venner deltok i Carbage Run 2025 Winter-utgaven, et 6-dagers rally gjennom Sverige til polarsirkelen og tilbake til Helsingfors, hvor bilene måtte være minst 20 år gamle og verdsatt til under €1000.
    • -
  • De transformeerden een Volvo 940 Estate uit 1993 in een zelfrijdend voertuig met behulp van openpilot van comma.ai, waarbij ze moderne componenten zoals elektrische stuurbekrachtiging, een Bosch iBooster en een Tesla-radarsensor integreerden.
    • -
  • Fremtidige oppdateringer vil inkludere detaljer om ledninger, en tilpasset motorstyringsenhet (ECU), og planer om å gjøre koden åpen kildekode, noe som fremhever prosjektets innovative tilnærming til å ettermontere eldre kjøretøy med autonom teknologi.
    • -
-

Reacties

-
    -
  • En Volvo 940 fra 1993 ble ettermontert med OpenPilot, en selvkjørende teknologi, som fremhever krysningen mellom klassisk bildesign og moderne teknologi.
    • -
  • Prosjektet sto overfor utfordringer, inkludert oppdatering av bremse- og styringssystemene, noe som reiste juridiske og sikkerhetsmessige bekymringer, spesielt med gjør-det-selv-modifikasjoner som sveising av rattstammen.
    • -
  • Diskusjonen utvidet seg til bilreguleringer i Europa, nedgangen av hotrods i USA, og kulturelle forskjeller i friheten til bilmodifikasjoner, med prosjektet sett på som en inspirerende DIY-innsats til tross for sikkerhetsbekymringer.
    • -
-

VoxelSpace: Terrenggjengivelsesalgoritme i mindre enn 20 linjer med kode (2020)

-
    -
  • NovaLogics spill Comanche fra 1992 brukte Voxel Space-motoren, en 2.5D-gjengivelsesteknikk basert på strålekasting, for å skape detaljerte terreng med skyggelegging og skygger.
    • -
  • Voxel Space-motoren brukte høyde- og fargekart og en enkel gjengivelsesalgoritme, som tegnet vertikale linjer fra bak til front, noe som kunne optimaliseres for ytelse.
    • -
  • Motorens kode er tilgjengelig under MIT-lisensen, men teknologien kan fortsatt være patentert i visse regioner.
    • -
-

Reacties

-
    -
  • VoxelSpace er en terrenggjengivelsesalgoritme kjent for sin enkelhet, som krever mindre enn 20 linjer med kode, og vekker nostalgi for innovativ spillutvikling i perioder med begrenset maskinvare.
    • -
  • Moderne AAA-spill fokuserer på komplekse optimaliseringer og markedstrender, ofte på bekostning av originalitet, mens indie-spill og plattformer som PICO-8 gir mer kreativ frihet.
    • -
  • Til tross for teknologiske fremskritt føler noen utviklere og spillere at "magien" fra eldre spill mangler, selv om innovative prosjekter som voxel-gjengivelse fortsetter å inspirere kreativitet.
    • -
-

Hvordan tegne en omriss i et videospill

-
    -
  • Artikkelen diskuterer fem teknikker for å gjengi konturer i Unity, en populær spillutviklingsplattform, og fremhever deres bruk i spill som Sable og The Last of Us. - Teknikker inkluderer Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm og Edge Detection, hver med unike fordeler og kompromisser når det gjelder ytelse og visuell kvalitet. - Artikkelen gir innsikt i å balansere disse metodene for optimal spillestetikk og spillstøtte, med tilleggsmateriale og kreditering for 3D-modeller inkludert.
    • -
-

Reacties

-
    -
  • Artikkelen utforsker avanserte teknikker for å tegne konturer i videospill, med vekt på effektiviteten til Jump Flood Algorithm (JFA) og Signed Distance Fields (SDFs) over tradisjonelle metoder. - Den går inn på stiliserte 3D-grafikk, diskuterer renderingsteknikker og den potensielle bruken av nevrale nettverk for belysning og styling. - Bidragsytere gir innsikt i den historiske utviklingen av cel shading i spill, som Jet Set Radio, og fremhever det stadig utviklende skjæringspunktet mellom teknologi og kunst i 3D-grafikk.
    • -
-

Jeg slutter i Washington Post

-

Reacties

-
    -
  • Forfatteren forlater Washington Post på grunn av avisens manglende evne til å tilpasse seg det stadig skiftende medielandskapet og dens tilnærming til å presentere saker, som de mener er ineffektiv for kritiske emner som demokrati.
    • -
  • Tradisjonelle medier, spesielt lokale aviser, sliter økonomisk, noe som fører til partisk rapportering og en nedgang i offentlig tillit, mens sosiale medier ikke kan erstatte det grundige arbeidet med journalistikk.
    • -
  • Bekymringer reises om innflytelsen til velstående individer, som Jeff Bezos, på mediekanaler, og virkningen av bedriftsinteresser på medienes rolle i å holde makten ansvarlig.
    • -
-

Perplexity har fått annonser

-

Reacties

-
    -
  • Perplexity har introdusert annonser, noe som har ført til diskusjoner om uunngåeligheten av annonser i nettjenester på grunn av forbrukernes motvilje mot å betale for annonsefrie opplevelser. - Noen brukere finner annonser påtrengende og foretrekker abonnementsbaserte tjenester som Kagi, som tilbyr annonsefri søk, mens andre fortsetter å velge gratis, annonsebaserte alternativer. - Denne situasjonen understreker den pågående debatten mellom annonsebaserte og abonnementsbaserte modeller i digitale tjenester.
    • -
- - - - - -]]> - https://hn.cho.sh/nl/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/pl.xml b/static/rss/newsletter/pl.xml index b1fb9473e..e0cf7f97d 100644 --- a/static/rss/newsletter/pl.xml +++ b/static/rss/newsletter/pl.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

„Badacz ds. bezpieczeństwa z firmy Snyk wdraża złośliwe pakiety NPM, które są wymierzone w cursor.com”

+
    +
  • „Badacz ds. bezpieczeństwa z firmy Snyk opublikował złośliwe pakiety NPM, które były wymierzone w Cursor.com, firmę zajmującą się kodowaniem AI, w celu zbierania danych systemowych i wysyłania ich do usługi kontrolowanej przez atakującego.”
    • +
  • „Pakiety, zidentyfikowane jako „cursor-retrieval”, „cursor-always-local” i „cursor-shadow-workspace”, zostały oznaczone przez skaner analizy pakietów OpenSSF, co skutkowało wydaniem ostrzeżeń MAL-2025-27, MAL-2025-28 i MAL-2025-29.”
    • +
  • „Ten incydent podkreśla znaczenie dokładnego sprawdzania pakietów NPM przed instalacją, aby uniknąć potencjalnych zagrożeń bezpieczeństwa.”
    • +
+

Reakcje

+
    +
  • „Badacz bezpieczeństwa z firmy Snyk opublikował złośliwe pakiety NPM (Node Package Manager) skierowane na cursor.com, podkreślając podatności związane z zamieszaniem w zależnościach. - Incydent wywołał debatę na temat etyki badań bezpieczeństwa, szczególnie w kontekście publicznego ujawniania zmiennych środowiskowych. - Cursor.com wyjaśniło, że nie autoryzowali tego działania, a Snyk przeprosił, podkreślając wyzwania związane z równoważeniem ofensywnych badań bezpieczeństwa z normami etycznymi.”
    • +
+

„Przeszedłem na Firefox i nigdy nie oglądałem się za siebie”

+
    +
  • „Firefox jest chwalony za doskonałe zarządzanie kartami, wbudowaną funkcję Pocket do zapisywania linków oraz skoncentrowany na prywatności przekaźnik e-mail, co czyni go silną alternatywą dla Chrome. - Dodatkowe funkcje, takie jak przyjazne dla użytkownika narzędzie do zrzutów ekranu, przycisk ChatGPT, tryb Picture-in-Picture, konfigurowalne opcje wyszukiwania i płynne przewijanie, poprawiają wrażenia z przeglądania. - Chociaż Firefox nie ma funkcji aplikacji internetowych Chrome, jego przemyślany design i zmniejszone zapotrzebowanie na zasoby sprawiają, że jest preferowanym wyborem dla niektórych użytkowników.”
    • +
+

Reakcje

+
    +
  • „Użytkownicy Firefoksa napotykają trudności ze strony platform takich jak YouTube, które mogą celowo pogarszać doświadczenie dla przeglądarek innych niż Google lub użytkowników korzystających z blokad reklam. - Ten trend budzi obawy dotyczące autonomii użytkowników, ponieważ karze tych, którzy wybierają internet bez reklam i nadzoru. - Firefox oferuje unikalne funkcje, takie jak karty kontenerowe, które zwiększają prywatność i użyteczność, czyniąc go ulubionym wyborem dla użytkowników poszukujących niezależności od przeglądarek kontrolowanych przez duże korporacje.”
    • +
+

„Dyrektor generalny Sonos rezygnuje po fiasku aktualizacji aplikacji”

+

Reakcje

+
    +
  • „CEO firmy Sonos zrezygnował po kontrowersyjnej aktualizacji aplikacji, która wymagała od użytkowników wymiany kosztownych systemów dźwiękowych, co spowodowało niezadowolenie klientów. - Aktualizacja wprowadziła system oparty na chmurze, odchodząc od niezawodnego Universal Plug and Play (UPnP), co doprowadziło do problemów z łącznością i zwiększonej złożoności. - Ta sytuacja podkreśla konflikt między strategiami biznesowymi a utrzymaniem zaufania klientów, gdy CEO przechodzi do roli doradczej z pakietem odprawowym.”
    • +
+

„W brzuchu MrBeast”

+

Reakcje

+
    +
  • „Esej bada, w jaki sposób algorytm YouTube wpływa na tworzenie treści, używając MrBeast jako studium przypadku, podkreślając przesunięcie w kierunku treści napędzanych zaangażowaniem, a nie znaczących. - Omawia szersze implikacje dla edukacji medialnej i wpływ kulturowy platform takich jak YouTube i TikTok, sugerując trend w kierunku powierzchownych i reakcyjnych treści. - Rozważane są różne perspektywy na temat roli algorytmów w kształtowaniu treści oraz wpływu popularnych twórców na normy kulturowe.”
    • +
+

„Operacje Git na GitHubie są niedostępne”

+
    +
  • „GitHub doświadczył awarii operacji Git 13 stycznia 2025 roku z powodu zmiany konfiguracji wpływającej na wewnętrzny load balancer, trwającej od 23:35 do 00:24 UTC. - Problem został rozwiązany poprzez cofnięcie zmiany konfiguracji, a GitHub pracuje nad poprawą procesów monitorowania i wdrażania, aby zapobiec podobnym incydentom. - Awaria wpłynęła również na usługi GitHub Actions i Pages, co podkreśla wzajemne powiązania ich usług platformowych.”
    • +
+

Reakcje

+
    +
  • „GitHub doświadczył poważnej awarii wpływającej na operacje git, co spowodowało zamieszanie wśród deweloperów, którzy początkowo podejrzewali problemy z kluczami SSH lub lokalnymi konfiguracjami. - Incydent ten podkreślił wyzwania związane z poleganiem na scentralizowanych usługach, wywołując dyskusje na temat zalet hostingu własnego i systemów zdecentralizowanych. - Chociaż problem został rozwiązany, uwydatnił obawy dotyczące niezawodności GitHub i ryzyka związanego z poleganiem na platformach zewnętrznych do wykonywania kluczowych zadań.”
    • +
+

„ZFS 2.3 wydany z rozszerzeniem ZFS raidz”

+
    +
  • „OpenZFS 2.3.0 został wydany, wprowadzając znaczące funkcje, takie jak rozszerzenie RAIDZ, szybka deduplikacja, bezpośrednie wejście/wyjście, wyjście w formacie JSON oraz obsługa długich nazw plików. - Wydanie zawiera istotne poprawki błędów i ulepszenia wydajności, kompatybilne z jądrami Linuxa 4.18 - 6.12 oraz wersjami FreeBSD 13.3, 14.0 - 14.2. - Aktualizacja jest wynikiem współpracy 134 współtwórców, z dostępną obszerną dokumentacją i dziennikiem zmian do wglądu.”
    • +
+

Reakcje

+
    +
  • „ZFS 2.3 został wydany, wprowadzając funkcje takie jak rozszerzenie RAIDZ, szybka deduplikacja, bezpośrednie IO, wyjście JSON i obsługa długich nazw plików. - Rozszerzenie RAIDZ jest szczególnie godne uwagi, ponieważ pozwala użytkownikom na dodawanie nowych urządzeń do istniejącej puli RAIDZ bez przestojów, zwiększając pojemność magazynową. - Wydanie to jest uważane za znaczący postęp dla użytkowników ZFS, porównywane z innymi systemami plików, takimi jak Btrfs i Windows Storage Spaces, pomimo pewnych ograniczeń, takich jak niemożność zmniejszenia puli.”
    • +
+

„Webtop – kontenery Alpine, Ubuntu, Fedora i Arch zawierające pełne środowiska desktopowe”

+
    +
  • „Linuxserver/webtop dostarcza kontenery oparte na Alpine, Ubuntu, Fedora i Arch z pełnymi środowiskami graficznymi dostępnymi przez przeglądarki internetowe, obsługującymi zarówno architektury x86-64, jak i arm64.”
    • +
  • „Użytkownicy mogą wybierać spośród różnych środowisk pulpitu, takich jak XFCE, KDE, MATE, i3, Openbox i IceWM, używając określonych tagów obrazów, oraz uzyskiwać dostęp do Webtop za pośrednictwem wyznaczonych adresów URL.”
    • +
  • „Funkcje zabezpieczeń obejmują opcję seccomp Dockera i konfigurację uwierzytelniania, z możliwością dostosowania poprzez zmienne środowiskowe oraz wsparcie dla akceleracji GPU z użyciem sterowników open-source.”
    • +
+

Reakcje

+
    +
  • „Webtop dostarcza kontenery z pełnymi środowiskami desktopowymi dla Alpine, Ubuntu, Fedora i Arch, odpowiednie do szybkich konfiguracji za VPN.”
    • +
  • „Użytkownicy chwalą Webtop za jego szybkość i łatwość obsługi, szczególnie w połączeniu z kontenerem Gluetun dla bezpiecznych połączeń, ale ostrzegają przed wystawianiem kontenerów na internet bez środków bezpieczeństwa z powodu braku domyślnego uwierzytelniania.”
    • +
  • „Projekt jest ceniony za to, że jest open-source i elastyczny, a użytkownicy dzielą się konfiguracjami, a alternatywy takie jak Kasm i Selkies są zauważane w podobnych celach.”
    • +
+

„1 na 5 ofert pracy online jest albo fałszywa, albo nigdy nie zostaje obsadzona, jak wynika z badania”

+
    +
  • „Niedawne badanie wskazuje, że 20% ofert pracy online jest albo fałszywych, albo pozostaje nieobsadzonych, co zwiększa frustrację osób poszukujących pracy. - Ten trend „widmowych ofert pracy” może być taktyką firm mającą na celu kreowanie wizerunku wzrostu. - Platformy pracy, takie jak Greenhouse i LinkedIn, wprowadziły usługi weryfikacji ofert pracy, aby pomóc użytkownikom w identyfikacji prawdziwych możliwości zatrudnienia.”
    • +
+

Reakcje

+
    +
  • „Badanie ujawnia, że 20% ofert pracy online jest albo fałszywych, albo pozostaje nieobsadzonych, często z powodu konieczności spełnienia przez firmy amerykańskich przepisów imigracyjnych. - Firmy mogą również pozostawiać oferty pracy, aby znaleźć idealnych kandydatów, zmieniać wymagania lub mieć wcześniej wybranych wewnętrznych kandydatów. - Rynek pracy jest trudny dla aplikantów, którzy często napotykają na brak odpowiedzi i automatyczne odrzucenia, co skłania do wezwania do interwencji regulacyjnej.”
    • +
+

„Uczynienie skrzyżowania niebezpiecznym dla pieszych, aby zaoszczędzić sekundy dla kierowców”

+

Reakcje

+
    +
  • „Debata koncentruje się wokół tego, czy skrzyżowania powinny priorytetowo traktować bezpieczeństwo pieszych czy efektywność kierowców, przy czym niektórzy preferują skrzyżowania z sygnalizacją świetlną i przejścia dla pieszych nad skrzyżowaniami z czterema znakami stopu.”
    • +
  • „Opinie na temat przepisów drogowych i projektowania infrastruktury są różne, a dyskusje dotyczą bezpieczeństwa przechodzenia na czerwonym świetle oraz ryzyka związanego z prawoskrętami na czerwonym świetle.”
    • +
  • „Niektórzy opowiadają się za alternatywnymi rozwiązaniami, takimi jak ronda lub przyjęcie holenderskich standardów inżynierii ruchu drogowego, aby zwiększyć zarówno bezpieczeństwo, jak i efektywność.”
    • +
+

„PostgreSQL jest Systemem Zarządzania Bazą Danych Roku 2024”

+
    +
  • „PostgreSQL został nagrodzony tytułem DBMS Roku 2024 przez DB-Engines, zdobywając to wyróżnienie po raz piąty, przewyższając 423 inne systemy zarządzania bazami danych.”
    • +
  • „PostgreSQL, z historią sięgającą niemal 35 lat, nadal wprowadza innowacje, co widać w ostatnich usprawnieniach PostgreSQL 17, wydanych we wrześniu 2024 roku.”
    • +
  • „Snowflake i Microsoft zajęły odpowiednio drugie i trzecie miejsce, przy czym Snowflake wyróżnia się magazynowaniem danych w chmurze i wsparciem dla wielu chmur, podczas gdy Microsoft oferuje solidne zarządzane relacyjne bazy danych za pośrednictwem Azure SQL Database i SQL Server.”
    • +
+

Reakcje

+
    +
  • „PostgreSQL został nagrodzony tytułem Systemu Zarządzania Bazą Danych Roku 2024 przez db-engines.com, co podkreśla jego rosnącą popularność i uznanie w branży.”
    • +
  • „Użytkownicy rozważają przejście z Microsoft SQL Server na PostgreSQL z powodu wysokich kosztów licencji i ograniczeń zasobów, pomimo potencjalnych wyzwań związanych z migracją.”
    • +
  • „PostgreSQL jest ceniony za swoje solidne funkcje i opłacalność, co czyni go preferowanym wyborem dla przyszłych projektów, chociaż niektórzy użytkownicy rozważają alternatywy, takie jak Babelfish, aby obniżyć koszty.”
    • +
+

„Logowanie OAuth Google nie chroni przed zakupem domeny upadłego startupu”

+

Reakcje

+
    +
  • „Dyskusja podkreśla lukę w systemie logowania OAuth Google, gdy domena nieudanej firmy startupowej zostaje przejęta przez nowego właściciela, co potencjalnie umożliwia nieautoryzowany dostęp do usług.”
    • +
  • „Ten problem pojawia się, ponieważ Google może nie rozróżniać między oryginalnymi a nowymi właścicielami domen, co wpływa na każdy system korzystający z uwierzytelniania opartego na domenie.”
    • +
  • „Proponowanym rozwiązaniem jest użycie unikalnych identyfikatorów, które pozostają niezmienne w czasie, chociaż wdrożenie tego rozwiązania różni się w zależności od dostawców tożsamości.”
    • +
+

„Wykorzystywanie umiejętności kodowania do generowania pasywnego dochodu”

+
    +
  • „Autor przeszedł z roli CTO do solopreneur, z powodzeniem zarabiając więcej dzięki portfolio produktów software'owych.”
    • +
  • „Kluczowe strategie obejmują skupienie się na głębokiej pracy, rozpoczynanie od małych projektów, szybkie iterowanie oraz poświęcanie czasu na działania marketingowe.”
    • +
  • „Podróż podkreśla odporność w obliczu niepewności, ale uwydatnia niezrównaną autonomię i wolność tej ścieżki kariery, zachęcając osoby z umiejętnościami kodowania do rozważenia jej jako źródła pasywnego dochodu.”
    • +
+

Reakcje

+
    +
  • „Użytkownik opisał generowanie pasywnego dochodu poprzez strony spamowe SEO, wykorzystując wygasające nazwy domen, zarabiając około 30 tys. dolarów rocznie, pomimo obaw etycznych i ostatecznego rozprawienia się Google.”
    • +
  • „Post wywołał debatę na temat dochodu pasywnego, z niektórymi użytkownikami argumentującymi, że jest to bardziej zbliżone do prowadzenia biznesu niż do prawdziwie pasywnych zarobków.”
    • +
  • „Uczestnicy dzielili się doświadczeniami i wyzwaniami związanymi z projektami pobocznymi, podkreślając znaczenie czasu, odporności i strategicznego planowania.”
    • +
+

„Hiszpania proponuje 100% podatek od domów kupowanych przez mieszkańców spoza UE”

+
    +
  • „Hiszpania rozważa wprowadzenie 100% podatku od zakupu nieruchomości przez mieszkańców spoza UE, mając na celu rozwiązanie kryzysu mieszkaniowego i ograniczenie spekulacyjnych zakupów.”
    • +
  • „Propozycja premiera Pedro Sáncheza obejmuje rozszerzenie zasobów mieszkań socjalnych oraz regulację wynajmu turystycznego w celu rozwiązania problemu dysproporcji między cenami mieszkań a dochodami.”
    • +
  • „Przyszłość propozycji jako prawa jest niepewna, a niektórzy analitycy postrzegają ją jako czynnik odstraszający zagranicznych inwestorów, a nie jako gwarantowaną zmianę legislacyjną.”
    • +
+

Reakcje

+
    +
  • „Hiszpania rozważa wprowadzenie 100% podatku na domy kupowane przez mieszkańców spoza UE, aby rozwiązać problemy z dostępnością mieszkań. - Krytycy sugerują, że zagraniczni nabywcy nie są główną przyczyną wysokich cen mieszkań, wskazując na powolną biurokrację i przepisy dotyczące zagospodarowania przestrzennego jako bardziej znaczące czynniki. - Propozycja wywołała debatę na temat roli zagranicznej własności na rynkach mieszkaniowych i jej skuteczności w rozwiązywaniu problemów z dostępnością.”
    • +
+

„Apple wkrótce otrzyma 'wyprodukowane w Ameryce' chipy z fabryki TSMC w Arizonie”

+
    +
  • „Apple testuje procesory z zakładu TSMC w Arizonie, planując masową produkcję do pierwszego kwartału, co może uczynić Apple pierwszym amerykańskim klientem TSMC dla lokalnie produkowanych chipów. - Inicjatywa ta ma na celu wzmocnienie niezależności USA w zakresie produkcji krzemu, zmniejszając zależność od Tajwanu, który jest narażony na ryzyko geopolityczne i naturalne. - Fabryka TSMC w Arizonie ma produkować zaawansowane chipy 3nm i 2nm, z trwającymi wysiłkami na rzecz zwiększenia lokalnej rekrutacji i współpracy z amerykańskimi uniwersytetami, chociaż pakowanie początkowo będzie odbywać się na Tajwanie, dopóki zakład w Peorii nie będzie operacyjny.”
    • +
+

Reakcje

+
    +
  • „Apple będzie otrzymywać chipy z fabryki TSMC w Arizonie, ale muszą one zostać odesłane do Tajwanu w celu pakowania z powodu niewystarczających amerykańskich obiektów. - Ponad 50% siły roboczej w fabryce w Arizonie pochodzi z Tajwanu, co wskazuje na lukę w amerykańskim sektorze STEM (nauka, technologia, inżynieria i matematyka). - Inicjatywa CHIPS Act, mająca na celu wzmocnienie amerykańskiej produkcji półprzewodników, napotyka wyzwania, ponieważ etykieta „Made in America” jest kwestionowana z powodu procesu pakowania odbywającego się na Tajwanie, z planami na amerykańskie możliwości pakowania do 2027 roku.”
    • +
+

„43 tysiące mniej kierowców na drogach Manhattanu po wprowadzeniu opłat za wjazd do centrum”

+
    +
  • „Po wprowadzeniu opłat za wjazd do centrum, liczba kierowców wjeżdżających do Manhattanu poniżej 60. ulicy zmniejszyła się o 7,5%, co oznacza 43 000 mniej kierowców każdego dnia roboczego.”
    • +
  • „Zmniejszenie ruchu poprawiło płynność ruchu i zwiększyło prędkości autobusów, a niektóre autobusy ekspresowe odnotowały większą liczbę pasażerów.”
    • +
  • „Metropolitan Transportation Authority (MTA) wykorzystuje wpływy z opłat drogowych, szacowane na 500 milionów dolarów rocznie, na poprawę transportu, pomimo pewnego sprzeciwu politycznego.”
    • +
+

Reakcje

+
    +
  • „Wprowadzenie opłat za wjazd do zatłoczonych obszarów na Manhattanie spowodowało zmniejszenie liczby kierowców o 43 000, co przyczyniło się do zwiększenia prędkości autobusów i potencjalnie lepszych czasów reakcji służb ratunkowych.”
    • +
  • „Polityka ta ma na celu zmniejszenie zatorów drogowych i poprawę jakości powietrza, choć wywołała debatę na temat jej wpływu na osoby o niższych dochodach.”
    • +
  • „Zwolennicy twierdzą, że korzyści obejmują bardziej efektywny transport publiczny i czystsze powietrze, podczas gdy trwają dyskusje na temat równoważenia tych zalet z potrzebami kierowców.”
    • +
+ + + + + +]]> + https://hn.cho.sh/pl/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

„Samochód Volvo z 1993 roku z autopilotem”

-
    -
  • „Grupa przyjaciół wzięła udział w zimowej edycji Carbage Run 2025, sześciodniowym rajdzie przez Szwecję do koła podbiegunowego i z powrotem do Helsinek, wymagającym, aby samochody miały co najmniej 20 lat i były warte mniej niż 1000 euro.”
    • -
  • „Przekształcili Volvo 940 Estate z 1993 roku w pojazd autonomiczny, wykorzystując openpilot od comma.ai, włączając nowoczesne komponenty, takie jak elektryczne wspomaganie kierownicy, Bosch iBooster i czujnik radarowy Tesli.”
    • -
  • „Przyszłe aktualizacje będą zawierały szczegóły dotyczące okablowania, niestandardowej jednostki sterującej silnikiem (ECU) oraz plany otwarcia kodu źródłowego, co podkreśla innowacyjne podejście projektu do modernizacji starszych pojazdów z technologią autonomiczną.”
    • -
-

Reakcje

-
    -
  • „Volvo 940 z 1993 roku zostało wyposażone w OpenPilot, technologię autonomicznej jazdy, co podkreśla połączenie klasycznego designu samochodów z nowoczesną technologią.”
    • -
  • „Projekt napotkał wyzwania, w tym aktualizację systemów hamulcowych i kierowniczych, co rodziło obawy prawne i bezpieczeństwa, zwłaszcza w przypadku modyfikacji typu „zrób to sam”, takich jak spawanie kolumny kierowniczej.”
    • -
  • „Dyskusja dotyczyła regulacji samochodowych w Europie, spadku popularności hotrodów w USA oraz różnic kulturowych w zakresie swobody modyfikacji samochodów, a projekt postrzegano jako inspirujące przedsięwzięcie DIY pomimo obaw o bezpieczeństwo.”
    • -
-

„VoxelSpace: Algorytm renderowania terenu w mniej niż 20 liniach kodu (2020)”

-
    -
  • „Gra Comanche z 1992 roku stworzona przez NovaLogic wykorzystywała silnik Voxel Space, technikę renderowania 2.5D opartą na ray castingu, aby tworzyć szczegółowe tereny z cieniowaniem i cieniami.”
    • -
  • „Silnik Voxel Space wykorzystywał mapy wysokości i koloru oraz prosty algorytm renderowania, rysując pionowe linie od tyłu do przodu, co można było zoptymalizować pod kątem wydajności.”
    • -
  • „Kod silnika jest dostępny na licencji MIT, ale technologia może być nadal opatentowana w niektórych regionach.”
    • -
-

Reakcje

-
    -
  • „VoxelSpace to algorytm renderowania terenu znany ze swojej prostoty, wymagający mniej niż 20 linii kodu, i budzi nostalgię za innowacyjnym rozwojem gier w czasach ograniczeń sprzętowych.”
    • -
  • „Współczesne gry AAA koncentrują się na skomplikowanych optymalizacjach i trendach rynkowych, często kosztem oryginalności, podczas gdy gry niezależne i platformy takie jak PICO-8 oferują większą swobodę twórczą.”
    • -
  • „Pomimo postępów technologicznych, niektórzy deweloperzy i gracze uważają, że „magia” starszych gier jest nieobecna, chociaż innowacyjne projekty, takie jak renderowanie wokseli, nadal inspirują kreatywność.”
    • -
-

„Jak narysować kontur w grze wideo”

-
    -
  • „Artykuł omawia pięć technik renderowania konturów w Unity, popularnej platformie do tworzenia gier, podkreślając ich zastosowanie w grach takich jak Sable i The Last of Us. - Techniki obejmują efekty krawędziowe, ekstruzję wierzchołków, rozmyty bufor, algorytm Jump Flood oraz wykrywanie krawędzi, z których każda ma unikalne zalety i kompromisy w zakresie wydajności i jakości wizualnej. - Artykuł dostarcza wglądu w równoważenie tych metod dla optymalnej estetyki gry i wsparcia rozgrywki, z dodatkowymi zasobami i podziękowaniami za modele 3D.”
    • -
-

Reakcje

-
    -
  • „Artykuł bada zaawansowane techniki rysowania konturów w grach wideo, podkreślając efektywność algorytmu Jump Flood (JFA) i pól odległości z podpisem (SDF) w porównaniu z tradycyjnymi metodami. - Zajmuje się stylizowaną grafiką 3D, omawiając techniki renderowania oraz potencjalne wykorzystanie sieci neuronowych do oświetlenia i stylizacji. - Współtwórcy dostarczają wgląd w historyczny rozwój cieniowania cel w grach, takich jak Jet Set Radio, podkreślając ewoluujące połączenie technologii i sztuki w grafice 3D.”
    • -
-

„Odchodzę z Washington Post”

-

Reakcje

-
    -
  • „Autor opuszcza Washington Post z powodu jego niezdolności do dostosowania się do zmieniającego się krajobrazu medialnego oraz podejścia do prezentowania problemów, które według nich jest nieskuteczne w przypadku kluczowych tematów, takich jak demokracja.”
    • -
  • „Tradycyjne media, zwłaszcza lokalne gazety, borykają się z problemami finansowymi, co prowadzi do stronniczości w raportowaniu i spadku zaufania publicznego, podczas gdy media społecznościowe nie mogą zastąpić rygorystycznej pracy dziennikarskiej.”
    • -
  • „Pojawiają się obawy dotyczące wpływu zamożnych osób, takich jak Jeff Bezos, na media oraz wpływu interesów korporacyjnych na rolę mediów w rozliczaniu władzy.”
    • -
-

„Perplexity ma reklamy”

-

Reakcje

-
    -
  • „Perplexity wprowadziło reklamy, co prowadzi do dyskusji na temat nieuchronności reklam w usługach online z powodu niechęci konsumentów do płacenia za doświadczenia bez reklam. - Niektórzy użytkownicy uważają reklamy za nachalne i wolą usługi subskrypcyjne, takie jak Kagi, które oferują wyszukiwanie bez reklam, podczas gdy inni nadal wybierają darmowe opcje wspierane reklamami. - Ta sytuacja podkreśla trwającą debatę między modelami wspieranymi reklamami a subskrypcyjnymi w usługach cyfrowych.”
    • -
- - - - - -]]> - https://hn.cho.sh/pl/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/pt.xml b/static/rss/newsletter/pt.xml index eb2193a0b..c585fe01e 100644 --- a/static/rss/newsletter/pt.xml +++ b/static/rss/newsletter/pt.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

Pesquisador de segurança da Snyk implanta pacotes NPM maliciosos visando cursor.com

+
    +
  • A Snyk, uma pesquisadora de segurança, lançou pacotes NPM maliciosos visando a Cursor.com, uma empresa de codificação de IA, para coletar dados do sistema e enviá-los para um serviço controlado por um atacante.
    • +
  • As pacotes, identificados como "cursor-retrieval", "cursor-always-local" e "cursor-shadow-workspace", foram sinalizados pelo scanner de análise de pacotes OpenSSF, resultando nos avisos MAL-2025-27, MAL-2025-28 e MAL-2025-29.
    • +
  • Este incidente destaca a importância de examinar os pacotes NPM antes da instalação para evitar potenciais ameaças à segurança.
    • +
+

Reações

+
    +
  • A Snyk, um pesquisador de segurança, lançou pacotes NPM (Node Package Manager) maliciosos direcionados ao cursor.com, destacando vulnerabilidades de confusão de dependência. - O incidente gerou um debate sobre a ética da pesquisa em segurança, especialmente no que diz respeito à exposição pública de variáveis de ambiente. - A Cursor.com esclareceu que não autorizou a ação, e a Snyk pediu desculpas, ressaltando os desafios de equilibrar a pesquisa de segurança ofensiva com os padrões éticos.
    • +
+

I Switched to Firefox and Never Looked Back

+
    +
  • Firefox é elogiado por seu gerenciamento superior de abas, recurso Pocket integrado para salvar links e um serviço de e-mail focado em privacidade, tornando-o uma forte alternativa ao Chrome. - Recursos adicionais como uma ferramenta de captura de tela fácil de usar, um botão ChatGPT, modo Picture-in-Picture, opções de pesquisa personalizáveis e rolagem suave melhoram a experiência de navegação. - Embora o Firefox não tenha o recurso de aplicativos da web do Chrome, seu design cuidadoso e menor demanda de recursos o tornam a escolha preferida para alguns usuários.
    • +
+

Reações

+
    +
  • Os usuários do Firefox enfrentam desafios de plataformas como o YouTube, que podem intencionalmente degradar a experiência para navegadores não-Google ou usuários que utilizam bloqueadores de anúncios. - Essa tendência levanta preocupações sobre a autonomia do usuário, pois penaliza aqueles que optam por uma experiência na web sem anúncios e sem vigilância. - O Firefox oferece recursos únicos, como abas de contêiner, que melhoram a privacidade e a usabilidade, tornando-o uma escolha preferida para usuários que buscam independência de navegadores controlados por grandes corporações.
    • +
+

CEO da Sonos renuncia após fiasco de atualização de aplicativo

+

Reações

+
    +
  • O CEO da Sonos renunciou após uma atualização controversa do aplicativo que exigia que os usuários substituíssem sistemas de som caros, causando insatisfação entre os clientes. - A atualização introduziu um sistema baseado em nuvem, afastando-se do confiável Universal Plug and Play (UPnP), o que levou a problemas de conectividade e aumento da complexidade. - Esta situação destaca o conflito entre estratégias de negócios e a manutenção da confiança do cliente, enquanto o CEO transita para um papel consultivo com um pacote de indenização.
    • +
+

Na barriga do MrBeast

+

Reações

+
    +
  • O ensaio examina como o algoritmo do YouTube influencia a criação de conteúdo, usando MrBeast como estudo de caso, destacando uma mudança em direção a um conteúdo impulsionado pelo engajamento em vez de significativo. - Discute as implicações mais amplas para a alfabetização midiática e o impacto cultural de plataformas como YouTube e TikTok, sugerindo uma tendência para conteúdos superficiais e reacionários. - Diversas perspectivas são consideradas sobre o papel dos algoritmos na formação de conteúdo e a influência de criadores populares nas normas culturais.
    • +
+

Operações do Git no GitHub estão fora do ar

+
    +
  • GitHub enfrentou uma interrupção nas operações do Git em 13 de janeiro de 2025, devido a uma alteração de configuração que afetou o balanceador de carga interno, durando das 23:35 às 00:24 UTC. - O problema foi resolvido revertendo a alteração de configuração, e o GitHub está trabalhando para melhorar os processos de monitoramento e implantação para evitar incidentes semelhantes. - A interrupção também afetou os serviços Actions e Pages do GitHub, destacando a natureza interconectada de seus serviços de plataforma.
    • +
+

Reações

+
    +
  • GitHub enfrentou uma grande interrupção que impactou as operações de git, levando à confusão entre os desenvolvedores que inicialmente suspeitaram de problemas com suas chaves SSH ou configurações locais. - O incidente destacou os desafios de depender de serviços centralizados, provocando discussões sobre as vantagens de auto-hospedagem e sistemas descentralizados. - Embora o problema tenha sido resolvido, ele ressaltou preocupações sobre a confiabilidade do GitHub e os riscos de depender de plataformas de terceiros para tarefas essenciais.
    • +
+

ZFS 2.3 lançado com expansão ZFS raidz

+
    +
  • OpenZFS 2.3.0 foi lançado, introduzindo recursos significativos como Expansão RAIDZ, Desduplicação Rápida, Entrada/Saída Direta, saída em JSON e suporte para nomes de arquivos longos. - O lançamento inclui correções de bugs essenciais e melhorias de desempenho, compatível com kernels Linux 4.18 - 6.12 e versões FreeBSD 13.3, 14.0 - 14.2. - A atualização é um esforço colaborativo de 134 colaboradores, com documentação abrangente e um registro de alterações disponível para revisão.
    • +
+

Reações

+
    +
  • ZFS 2.3 foi lançado, introduzindo recursos como expansão RAIDZ, desduplicação rápida, IO direto, saída JSON e suporte para nomes de arquivos longos. - A expansão RAIDZ é particularmente notável, pois permite que os usuários adicionem novos dispositivos a um pool RAIDZ existente sem tempo de inatividade, aumentando a capacidade de armazenamento. - O lançamento é considerado um avanço significativo para os usuários de ZFS, sendo comparado a outros sistemas de arquivos como Btrfs e Windows Storage Spaces, apesar de algumas limitações, como a incapacidade de reduzir pools.
    • +
+

Webtop – Contêineres Alpine, Ubuntu, Fedora e Arch contendo ambientes de desktop completos

+
    +
  • Linuxserver/webtop fornece contêineres baseados em Alpine, Ubuntu, Fedora e Arch com ambientes de desktop completos acessíveis através de navegadores web, suportando as arquiteturas x86-64 e arm64.
    • +
  • Os usuários podem selecionar entre vários ambientes de desktop, como XFCE, KDE, MATE, i3, Openbox e IceWM, usando tags de imagem específicas e acessar o Webtop por meio de URLs designados.
    • +
  • Os recursos de segurança incluem a opção seccomp do Docker e a configuração de autenticação, com opções de personalização disponíveis através de variáveis de ambiente, além de suporte para aceleração de GPU com drivers de código aberto.
    • +
+

Reações

+
    +
  • Webtop fornece contêineres com ambientes de desktop completos para Alpine, Ubuntu, Fedora e Arch, adequados para configurações rápidas por trás de uma VPN.
    • +
  • Os usuários elogiam o Webtop por sua velocidade e facilidade de uso, especialmente quando utilizado com o contêiner Gluetun para conexões seguras, mas alertam contra a exposição de contêineres à internet sem medidas de segurança devido à falta de autenticação padrão.
    • +
  • O projeto é valorizado por ser de código aberto e flexível, com usuários compartilhando configurações, e alternativas como Kasm e Selkies são destacadas para propósitos semelhantes.
    • +
+

1 em cada 5 anúncios de emprego online são falsos ou nunca são preenchidos, aponta estudo

+
    +
  • A recent study indicates that 20% of online job postings are either fake or remain unfilled, adding to job seekers' frustration. - This "ghost job" trend might be a tactic for companies to project an image of growth. - Job platforms such as Greenhouse and LinkedIn have introduced job verification services to assist users in identifying genuine job opportunities.
    • +
+

Reações

+
    +
  • Um estudo revela que 20% das vagas de emprego online são falsas ou permanecem não preenchidas, muitas vezes devido à necessidade das empresas de cumprir com as políticas de imigração dos EUA. - As empresas também podem manter as vagas abertas para encontrar candidatos ideais, alterar requisitos ou já terem candidatos internos pré-selecionados. - O mercado de trabalho é difícil para os candidatos, que frequentemente enfrentam o desaparecimento das empresas e rejeições automatizadas, o que leva a pedidos por intervenção regulatória.
    • +
+

Transformar um cruzamento em um local inseguro para pedestres para economizar segundos para motoristas

+

Reações

+
    +
  • O debate gira em torno de se os cruzamentos devem priorizar a segurança dos pedestres ou a eficiência dos motoristas, com alguns preferindo cruzamentos controlados por semáforos e travessias diagonais para pedestres em vez de paradas de 4 vias.
    • +
  • Opiniões variam sobre leis de trânsito e design de infraestrutura, com discussões sobre a segurança de atravessar fora da faixa e os riscos associados a conversões à direita no sinal vermelho.
    • +
  • Alguns defendem soluções alternativas, como rotatórias ou a adoção de padrões de engenharia de tráfego holandeses, para melhorar tanto a segurança quanto a eficiência.
    • +
+

PostgreSQL é o Sistema de Gerenciamento de Banco de Dados do Ano de 2024

+
    +
  • PostgreSQL foi premiado como DBMS do Ano 2024 pela DB-Engines, alcançando esse reconhecimento pela quinta vez, superando 423 outros sistemas de gerenciamento de banco de dados.
    • +
  • PostgreSQL, com uma história que se estende por quase 35 anos, continua a inovar, como visto nas melhorias recentes do PostgreSQL 17, lançado em setembro de 2024.
    • +
  • Snowflake e Microsoft garantiram o segundo e terceiro lugares, respectivamente, com a Snowflake sendo destacada por seu armazenamento de dados baseado em nuvem e suporte multi-nuvem, enquanto a Microsoft oferece bancos de dados relacionais gerenciados robustos através do Azure SQL Database e SQL Server.
    • +
+

Reações

+
    +
  • PostgreSQL foi premiado como Sistema de Gerenciamento de Banco de Dados do Ano 2024 pelo db-engines.com, destacando sua crescente popularidade e reconhecimento na indústria.
    • +
  • Os usuários estão considerando mudar do Microsoft SQL Server para o PostgreSQL devido aos altos custos de licenciamento e limitações de recursos, apesar dos potenciais desafios de migração.
    • +
  • PostgreSQL é favorecido por seus recursos robustos e custo-benefício, tornando-o uma escolha preferida para projetos futuros, embora alguns usuários explorem alternativas como Babelfish para reduzir custos.
    • +
+

Login OAuth do Google não protege contra a compra de um domínio de startup falida

+

Reações

+
    +
  • A discussão destaca uma vulnerabilidade no sistema de login OAuth do Google quando o domínio de uma startup falida é adquirido por um novo proprietário, potencialmente permitindo acesso não autorizado a serviços.
    • +
  • Esse problema surge porque o Google pode não distinguir entre os proprietários originais e novos do domínio, afetando qualquer sistema que use autenticação baseada em domínio.
    • +
  • A solução proposta é usar identificadores únicos que permanecem constantes ao longo do tempo, embora a implementação dessa solução varie entre os provedores de identidade.
    • +
+

Usando habilidades de codificação para gerar renda passiva

+
    +
  • O autor fez a transição de um cargo de CTO para solopreneur, conseguindo ganhar mais por meio de um portfólio de produtos de software.
    • +
  • Principais estratégias incluem focar em trabalho profundo, começar com pequenos projetos, iterar rapidamente e dedicar tempo aos esforços de marketing.
    • +
  • A jornada enfatiza a resiliência devido às incertezas, mas destaca a autonomia e liberdade incomparáveis deste caminho de carreira, encorajando aqueles com habilidades de codificação a considerá-lo para renda passiva.
    • +
+

Reações

+
    +
  • Um usuário descreveu a geração de renda passiva por meio de sites de spam de SEO usando nomes de domínio expirantes, ganhando aproximadamente $30 mil anualmente, apesar das preocupações éticas e da eventual repressão do Google.
    • +
  • O post gerou um debate sobre renda passiva, com alguns usuários argumentando que é mais parecido com administrar um negócio do que realmente ganhos passivos.
    • +
  • Os participantes compartilharam experiências e desafios em projetos paralelos, destacando a importância do tempo, resiliência e planejamento estratégico.
    • +
+

Proposta da Espanha: imposto de 100% sobre casas compradas por residentes fora da UE

+
    +
  • Considerando a crise habitacional e a necessidade de conter a compra especulativa, a Espanha está avaliando a implementação de um imposto de 100% sobre aquisições de imóveis por residentes de fora da UE.
    • +
  • Proposta do Primeiro-Ministro Pedro Sánchez inclui a expansão da habitação social e a regulamentação dos aluguéis turísticos para enfrentar a disparidade entre os preços das habitações e os rendimentos.
    • +
  • A futura transformação da proposta em lei é incerta, com alguns analistas vendo-a como um impedimento para investidores estrangeiros, em vez de uma mudança legislativa garantida.
    • +
+

Reações

+
    +
  • Está sendo considerado na Espanha um imposto de 100% sobre casas compradas por residentes de fora da UE para enfrentar problemas de acessibilidade à moradia. - Críticos sugerem que compradores estrangeiros não são a principal causa dos altos preços das habitações, citando a burocracia lenta e as leis de zoneamento como fatores mais significativos. - A proposta gerou um debate sobre o papel da propriedade estrangeira nos mercados imobiliários e sua eficácia na resolução de questões de acessibilidade.
    • +
+

Em breve, a Apple receberá chips 'feitos na América' da fábrica da TSMC no Arizona

+
    +
  • Apple está testando processadores da instalação da TSMC no Arizona, com planos para produção em massa até o primeiro trimestre, potencialmente se tornando o primeiro cliente dos EUA da TSMC para chips fabricados localmente. - Esta iniciativa visa fortalecer a independência de silício dos EUA, reduzindo a dependência de Taiwan, que é vulnerável a riscos geopolíticos e naturais. - A fábrica da TSMC no Arizona está programada para produzir chips avançados de 3nm e 2nm, com esforços contínuos para melhorar o recrutamento local e parcerias com universidades dos EUA, embora a embalagem ocorra inicialmente em Taiwan até que a instalação de Peoria esteja operacional.
    • +
+

Reações

+
    +
  • Apple receberá chips da fábrica da TSMC no Arizona, mas eles precisam ser enviados de volta para Taiwan para embalagem devido à insuficiência de instalações nos EUA. - Mais de 50% da força de trabalho na fábrica do Arizona é de Taiwan, indicando uma lacuna no campo de STEM (Ciência, Tecnologia, Engenharia e Matemática) nos EUA. - A iniciativa do CHIPS Act, destinada a melhorar a fabricação de semicondutores nos EUA, enfrenta desafios, pois o rótulo "Feito na América" é questionado devido ao processo de embalagem ocorrer em Taiwan, com planos para capacidades de embalagem nos EUA até 2027.
    • +
+

43 mil motoristas a menos nas estradas de Manhattan após a ativação da precificação de congestionamento

+
    +
  • Após a implementação da precificação de congestionamento, houve uma redução de 7,5% no número de motoristas entrando em Manhattan abaixo da 60th Street, o que equivale a 43.000 motoristas a menos a cada dia útil.
    • +
  • A redução no tráfego melhorou o fluxo de trânsito e aumentou a velocidade dos ônibus, com alguns ônibus expressos experimentando um aumento no número de passageiros.
    • +
  • O Metropolitan Transportation Authority (MTA) utiliza a receita de pedágio, estimada em $500 milhões anualmente, para melhorias no transporte, apesar de alguma oposição política.
    • +
+

Reações

+
    +
  • A implementação da precificação de congestionamento em Manhattan resultou em 43.000 motoristas a menos, levando a um aumento na velocidade dos ônibus e, potencialmente, a melhores tempos de resposta em emergências.
    • +
  • A política é projetada para reduzir a congestão do tráfego e melhorar a qualidade do ar, embora tenha gerado debate sobre seu impacto em indivíduos de baixa renda.
    • +
  • Os defensores argumentam que os benefícios incluem um transporte público mais eficiente e ar mais limpo, enquanto as discussões continuam sobre como equilibrar essas vantagens com as necessidades dos motoristas.
    • +
+ + + + + +]]> + https://hn.cho.sh/pt/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Volvo 1993 autônomo com piloto aberto

-
    -
  • A group of friends participated in the Carbage Run 2025 Winter edition, a 6-day rally through Sweden to the polar circle and back to Helsinki, requiring cars to be at least 20 years old and valued under €1000.
    • -
  • Transformaram um Volvo 940 Estate de 1993 em um veículo autônomo usando o openpilot da comma.ai, incorporando componentes modernos como direção elétrica, um Bosch iBooster e um sensor de radar da Tesla.
    • -
  • Atualizações futuras incluirão detalhes sobre a fiação, uma Unidade de Controle do Motor (ECU) personalizada e planos para tornar o código de código aberto, destacando a abordagem inovadora do projeto para adaptar veículos mais antigos com tecnologia autônoma.
    • -
-

Reações

-
    -
  • A Volvo 940 de 1993 foi adaptada com OpenPilot, uma tecnologia de direção autônoma, destacando a interseção entre o design clássico de automóveis e a tecnologia moderna.
    • -
  • O projeto enfrentou desafios, incluindo a atualização dos sistemas de freio e direção, levantando preocupações legais e de segurança, especialmente com modificações DIY como a soldagem da coluna de direção.
    • -
  • A discussão se estendeu às regulamentações de carros na Europa, ao declínio dos hot rods nos EUA e às diferenças culturais nas liberdades de modificação de carros, com o projeto sendo visto como um esforço DIY inspirador, apesar das preocupações com a segurança.
    • -
-

VoxelSpace: Algoritmo de renderização de terreno em menos de 20 linhas de código (2020)

-
    -
  • Comanche, o jogo de 1992 da NovaLogic, utilizou o motor Voxel Space, uma técnica de renderização 2.5D baseada em ray casting, para criar terrenos detalhados com sombreamento e sombras.
    • -
  • O motor Voxel Space usava mapas de altura e cor e um algoritmo de renderização simples, desenhando linhas verticais de trás para frente, o que poderia ser otimizado para desempenho.
    • -
  • O código do motor está disponível sob a licença MIT, mas a tecnologia ainda pode estar patenteada em certas regiões.
    • -
-

Reações

-
    -
  • VoxelSpace é um algoritmo de renderização de terreno notável por sua simplicidade, exigindo menos de 20 linhas de código, e evoca nostalgia pelo desenvolvimento inovador de jogos durante eras com limitações de hardware.
    • -
  • Os jogos AAA modernos concentram-se em otimizações complexas e tendências de mercado, muitas vezes em detrimento da originalidade, enquanto jogos independentes e plataformas como PICO-8 oferecem mais liberdade criativa.
    • -
  • Apesar dos avanços tecnológicos, alguns desenvolvedores e jogadores sentem que a 'magia' dos jogos mais antigos está ausente, embora projetos inovadores como a renderização de voxel continuem a inspirar a criatividade.
    • -
-

Como desenhar um contorno em um videogame

-
    -
  • O artigo discute cinco técnicas para renderizar contornos no Unity, uma popular plataforma de desenvolvimento de jogos, destacando seu uso em jogos como Sable e The Last of Us. - As técnicas incluem Efeitos de Borda, Extrusão de Vértice, Buffer Desfocado, Algoritmo de Jump Flood e Detecção de Bordas, cada uma com vantagens e desvantagens únicas em termos de desempenho e qualidade visual. - O artigo oferece insights sobre como equilibrar esses métodos para uma estética de jogo ideal e suporte à jogabilidade, com recursos adicionais e créditos para modelos 3D incluídos.
    • -
-

Reações

-
    -
  • O artigo explora técnicas avançadas para desenhar contornos em videogames, enfatizando a eficiência do Algoritmo de Salto de Inundação (JFA) e Campos de Distância Assinada (SDFs) em relação aos métodos tradicionais. - Ele se aprofunda em gráficos 3D estilizados, discutindo técnicas de renderização e o uso potencial de redes neurais para iluminação e estilo. - Os colaboradores fornecem insights sobre o desenvolvimento histórico do sombreamento cel em jogos, como Jet Set Radio, destacando a interseção evolutiva da tecnologia e arte em gráficos 3D.
    • -
-

Estou saindo do Washington Post

-

Reações

-
    -
  • O autor está deixando o Washington Post devido à sua falha em se adaptar ao cenário midiático em evolução e à sua abordagem na apresentação de questões, que eles acreditam ser ineficaz para tópicos críticos como a democracia.
    • -
  • Os meios de comunicação tradicionais, particularmente os jornais locais, estão enfrentando dificuldades financeiras, o que leva a reportagens tendenciosas e a um declínio na confiança pública, enquanto as redes sociais não podem substituir o trabalho rigoroso do jornalismo.
    • -
  • Preocupações são levantadas sobre a influência de indivíduos ricos, como Jeff Bezos, em veículos de comunicação, e o impacto dos interesses corporativos no papel da mídia em responsabilizar o poder.
    • -
-

Perplexity tem anúncios

-

Reações

-
    -
  • Perplexity introduziu anúncios, levando a discussões sobre a inevitabilidade de anúncios em serviços online devido à relutância dos consumidores em pagar por experiências sem anúncios. - Alguns usuários acham os anúncios intrusivos e preferem serviços baseados em assinatura como o Kagi, que oferecem busca sem anúncios, enquanto outros continuam a escolher opções gratuitas com suporte de anúncios. - Esta situação destaca o debate contínuo entre modelos suportados por anúncios e baseados em assinatura em serviços digitais.
    • -
- - - - - -]]> - https://hn.cho.sh/pt/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/ro.xml b/static/rss/newsletter/ro.xml index d19db87cd..5baa943bc 100644 --- a/static/rss/newsletter/ro.xml +++ b/static/rss/newsletter/ro.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

„Cercetătorul de securitate Snyk lansează pachete NPM malițioase care vizează cursor.com”

+
    +
  • „Un cercetător în securitate de la Snyk a lansat pachete NPM malițioase care vizează Cursor.com, o companie de codare AI, pentru a colecta date de sistem și a le trimite către un serviciu controlat de atacator.”
    • +
  • „Pachetele, identificate ca „cursor-retrieval”, „cursor-always-local” și „cursor-shadow-workspace”, au fost semnalate de scannerul de analiză a pachetelor OpenSSF, rezultând în avizele MAL-2025-27, MAL-2025-28 și MAL-2025-29.”
    • +
  • „Acest incident subliniază importanța examinării atente a pachetelor NPM înainte de instalare pentru a evita potențialele amenințări de securitate.”
    • +
+

Reacții

+
    +
  • „Un cercetător în securitate de la Snyk a lansat pachete NPM (Node Package Manager) malițioase care vizau cursor.com, evidențiind vulnerabilitățile de confuzie a dependențelor. - Incidentul a declanșat o dezbatere privind etica cercetării în securitate, în special în ceea ce privește expunerea publică a variabilelor de mediu. - Cursor.com a clarificat că nu au autorizat acțiunea, iar Snyk și-a cerut scuze ulterior, subliniind provocările în echilibrarea cercetării ofensive în securitate cu standardele etice.”
    • +
+

„Am trecut la Firefox și nu m-am mai uitat înapoi”

+
    +
  • „Firefox este lăudat pentru gestionarea superioară a filelor, funcția Pocket integrată pentru salvarea linkurilor și un serviciu de redirecționare a e-mailurilor axat pe confidențialitate, făcându-l o alternativă puternică la Chrome. - Funcții suplimentare precum un instrument de captură de ecran ușor de utilizat, un buton ChatGPT, funcția Picture-in-Picture, opțiuni de căutare personalizabile și derularea lină îmbunătățesc experiența de navigare. - Deși Firefox nu dispune de funcția de aplicație web a Chrome, designul său atent și cerințele reduse de resurse îl fac o alegere preferată pentru unii utilizatori.”
    • +
+

Reacții

+
    +
  • „Utilizatorii Firefox se confruntă cu provocări din partea platformelor precum YouTube, care pot degrada intenționat experiența pentru browserele non-Google sau utilizatorii care folosesc adblockere. - Această tendință ridică îngrijorări cu privire la autonomia utilizatorilor, deoarece penalizează pe cei care optează pentru o experiență web fără reclame și supraveghere. - Firefox oferă caracteristici unice, cum ar fi filele container, care îmbunătățesc confidențialitatea și utilizabilitatea, făcându-l o alegere preferată pentru utilizatorii care caută independență față de browserele controlate de mari corporații.”
    • +
+

„CEO-ul Sonos demisionează după fiasco-ul actualizării aplicației”

+

Reacții

+
    +
  • „CEO-ul Sonos a demisionat în urma unei actualizări controversate a aplicației care a cerut utilizatorilor să înlocuiască sisteme audio costisitoare, provocând nemulțumirea clienților. - Actualizarea a introdus un sistem bazat pe cloud, renunțând la Universal Plug and Play (UPnP) fiabil, ceea ce a dus la probleme de conectivitate și complexitate crescută. - Această situație subliniază conflictul dintre strategiile de afaceri și menținerea încrederii clienților, pe măsură ce CEO-ul trece la un rol de consilier cu un pachet de compensații.”
    • +
+

„În burta lui MrBeast”

+

Reacții

+
    +
  • „Eseul examinează modul în care algoritmul YouTube influențează crearea de conținut, folosindu-l pe MrBeast ca studiu de caz, evidențiind o schimbare către un conținut axat pe angajament mai degrabă decât pe semnificație. - Se discută implicațiile mai largi pentru alfabetizarea media și impactul cultural al platformelor precum YouTube și TikTok, sugerând o tendință către conținut superficial și reacționar. - Sunt luate în considerare diverse perspective asupra rolului algoritmilor în modelarea conținutului și influența creatorilor populari asupra normelor culturale.”
    • +
+

„Operațiunile Git de pe GitHub sunt indisponibile”

+
    +
  • „GitHub a întâmpinat o întrerupere a operațiunilor Git pe 13 ianuarie 2025, din cauza unei modificări de configurare care a afectat echilibratorul de sarcină intern, durând de la 23:35 la 00:24 UTC. - Problema a fost rezolvată prin revenirea la modificarea de configurare, iar GitHub lucrează la îmbunătățirea proceselor de monitorizare și implementare pentru a preveni incidente similare. - Întreruperea a afectat, de asemenea, serviciile Actions și Pages ale GitHub, evidențiind natura interconectată a serviciilor platformei lor.”
    • +
+

Reacții

+
    +
  • „GitHub a întâmpinat o întrerupere majoră care a afectat operațiunile git, ceea ce a dus la confuzie în rândul dezvoltatorilor care inițial au suspectat probleme cu cheile lor SSH sau cu configurațiile locale. - Incidentul a subliniat provocările de a se baza pe servicii centralizate, determinând discuții despre avantajele găzduirii proprii și a sistemelor descentralizate. - Deși problema a fost rezolvată, aceasta a evidențiat preocupările legate de fiabilitatea GitHub și riscurile de a depinde de platforme terțe pentru sarcini esențiale.”
    • +
+

„ZFS 2.3 lansat cu extinderea ZFS raidz”

+
    +
  • „OpenZFS 2.3.0 a fost lansat, introducând caracteristici semnificative precum extinderea RAIDZ, deduplicarea rapidă, intrare/ieșire directă, ieșire JSON și suport pentru nume de fișiere lungi. - Lansarea include corecții esențiale de erori și îmbunătățiri de performanță, compatibile cu nucleele Linux 4.18 - 6.12 și versiunile FreeBSD 13.3, 14.0 - 14.2. - Actualizarea este un efort colaborativ al 134 de contribuitori, cu documentație cuprinzătoare și un jurnal de modificări disponibil pentru revizuire.”
    • +
+

Reacții

+
    +
  • „ZFS 2.3 a fost lansat, introducând caracteristici precum extinderea RAIDZ, deduplicarea rapidă, IO direct, ieșire JSON și suport pentru nume de fișiere lungi. - Extinderea RAIDZ este deosebit de remarcabilă, deoarece permite utilizatorilor să adauge noi dispozitive la un pool RAIDZ existent fără timp de nefuncționare, sporind capacitatea de stocare. - Lansarea este considerată un avans semnificativ pentru utilizatorii ZFS, fiind comparată cu alte sisteme de fișiere precum Btrfs și Windows Storage Spaces, în ciuda unor limitări, cum ar fi incapacitatea de a micșora pool-urile.”
    • +
+

„Webtop – Containere Alpine, Ubuntu, Fedora și Arch care conțin medii desktop complete”

+
    +
  • „Linuxserver/webtop oferă containere bazate pe Alpine, Ubuntu, Fedora și Arch cu medii desktop complete accesibile prin browsere web, suportând atât arhitecturile x86-64, cât și arm64.”
    • +
  • „Utilizatorii pot selecta din diverse medii desktop, cum ar fi XFCE, KDE, MATE, i3, Openbox și IceWM, folosind etichete de imagine specifice și pot accesa Webtop prin URL-uri desemnate.”
    • +
  • „Caracteristicile de securitate includ opțiunea seccomp a Docker și configurarea autentificării, cu opțiuni de personalizare disponibile prin variabile de mediu, și suport pentru accelerarea GPU cu drivere open-source.”
    • +
+

Reacții

+
    +
  • „Webtop oferă containere cu medii desktop complete pentru Alpine, Ubuntu, Fedora și Arch, potrivite pentru configurări rapide în spatele unui VPN.”
    • +
  • „Utilizatorii laudă Webtop pentru viteza și ușurința sa de utilizare, în special atunci când este utilizat cu containerul Gluetun pentru conexiuni securizate, dar avertizează împotriva expunerii containerelor la internet fără măsuri de securitate din cauza lipsei autentificării implicite.”
    • +
  • „Proiectul este apreciat pentru faptul că este open-source și flexibil, utilizatorii împărtășind configurații, iar alternative precum Kasm și Selkies sunt remarcate pentru scopuri similare.”
    • +
+

„1 din 5 anunțuri de locuri de muncă online sunt fie false, fie nu sunt niciodată ocupate, arată un studiu”

+
    +
  • „Un studiu recent indică faptul că 20% dintre anunțurile de locuri de muncă online sunt fie false, fie rămân neocupate, adăugând la frustrarea celor care caută un loc de muncă. - Această tendință de „locuri de muncă fantomă” ar putea fi o tactică a companiilor de a proiecta o imagine de creștere. - Platforme de locuri de muncă precum Greenhouse și LinkedIn au introdus servicii de verificare a locurilor de muncă pentru a ajuta utilizatorii să identifice oportunitățile de muncă autentice.”
    • +
+

Reacții

+
    +
  • „Un studiu relevă că 20% dintre anunțurile de locuri de muncă online sunt fie false, fie rămân neocupate, adesea din cauza necesității companiilor de a respecta politicile de imigrație din SUA. - Companiile pot, de asemenea, să lase anunțurile de locuri de muncă active pentru a găsi candidați ideali, a schimba cerințele sau a avea candidați interni preselectați. - Piața muncii este dificilă pentru solicitanți, care întâlnesc frecvent lipsa de răspuns și respingeri automate, ceea ce determină apeluri pentru intervenții de reglementare.”
    • +
+

„Transformarea unei intersecții într-un loc nesigur pentru pietoni pentru a economisi câteva secunde pentru șoferi”

+

Reacții

+
    +
  • „Dezbaterea se concentrează pe faptul dacă intersecțiile ar trebui să prioritizeze siguranța pietonilor sau eficiența șoferilor, unii favorizând intersecțiile controlate de semafoare și traversările pietonale simultane în detrimentul opririlor în patru direcții.”
    • +
  • „Opiniile variază cu privire la legile de circulație și designul infrastructurii, cu discuții despre siguranța traversării neregulamentare și riscurile asociate cu virajele la dreapta pe roșu.”
    • +
  • „Unii susțin soluții alternative, cum ar fi sensurile giratorii sau adoptarea standardelor olandeze de inginerie a traficului, pentru a îmbunătăți atât siguranța, cât și eficiența.”
    • +
+

„PostgreSQL este Sistemul de Management al Bazelor de Date al Anului 2024”

+
    +
  • „PostgreSQL a fost desemnat DBMS-ul Anului 2024 de către DB-Engines, obținând această recunoaștere pentru a cincea oară, depășind alte 423 de sisteme de gestionare a bazelor de date.”
    • +
  • „PostgreSQL, cu o istorie de aproape 35 de ani, continuă să inoveze, așa cum se vede în îmbunătățirile recente ale PostgreSQL 17, lansat în septembrie 2024.”
    • +
  • „Snowflake și Microsoft au obținut locurile doi și trei, respectiv, cu Snowflake remarcat pentru depozitarea de date bazată pe cloud și suportul multi-cloud, în timp ce Microsoft oferă baze de date relaționale gestionate robust prin Azure SQL Database și SQL Server.”
    • +
+

Reacții

+
    +
  • „PostgreSQL a fost desemnat Sistemul de Management al Bazelor de Date al Anului 2024 de către db-engines.com, evidențiind popularitatea și recunoașterea sa în creștere în industrie.”
    • +
  • „Utilizatorii iau în considerare trecerea de la Microsoft SQL Server la PostgreSQL din cauza costurilor ridicate de licențiere și a limitărilor de resurse, în ciuda provocărilor potențiale de migrare.”
    • +
  • „PostgreSQL este preferat pentru caracteristicile sale robuste și rentabilitatea sa, ceea ce îl face o alegere preferată pentru proiectele viitoare, deși unii utilizatori explorează alternative precum Babelfish pentru a reduce costurile.”
    • +
+

„Conectarea OAuth de la Google nu protejează împotriva achiziționării unui domeniu al unei startup-uri eșuate”

+

Reacții

+
    +
  • „Discuția evidențiază o vulnerabilitate în sistemul de autentificare OAuth al Google atunci când domeniul unei startup eșuate este achiziționat de un nou proprietar, permițând potențial accesul neautorizat la servicii.”
    • +
  • „Această problemă apare deoarece Google s-ar putea să nu facă distincția între proprietarii originali și noii proprietari ai domeniului, afectând orice sistem care utilizează autentificarea bazată pe domeniu.”
    • +
  • „O soluție propusă este utilizarea identificatorilor unici care rămân constanți în timp, deși implementarea acestei soluții variază între furnizorii de identitate.”
    • +
+

„Folosirea abilităților de programare pentru a obține venituri pasive”

+
    +
  • „Autorul a făcut tranziția de la rolul de CTO la soloprenor, reușind să câștige mai mult printr-un portofoliu de produse software.”
    • +
  • „Strategiile cheie includ concentrarea pe munca profundă, începerea cu proiecte mici, iterarea rapidă și dedicarea timpului pentru eforturile de marketing.”
    • +
  • „Călătoria subliniază reziliența în fața incertitudinilor, dar evidențiază autonomia și libertatea de neegalat ale acestui parcurs profesional, încurajându-i pe cei cu abilități de programare să îl considere pentru venituri pasive.”
    • +
+

Reacții

+
    +
  • „Un utilizator a descris generarea de venituri pasive prin site-uri web de tip spam SEO folosind nume de domenii care expiră, câștigând aproximativ 30.000 de dolari anual, în ciuda preocupărilor etice și a represaliilor ulterioare din partea Google.”
    • +
  • „Postarea a stârnit o dezbatere despre veniturile pasive, unii utilizatori susținând că este mai degrabă asemănătoare cu administrarea unei afaceri decât cu câștigurile cu adevărat pasive.”
    • +
  • „Participanții au împărtășit experiențe și provocări în proiectele secundare, subliniind importanța timpului, rezilienței și planificării strategice.”
    • +
+

„Spania propune un impozit de 100% pe locuințele cumpărate de rezidenți din afara UE”

+
    +
  • „Spania ia în considerare un impozit de 100% pe achizițiile imobiliare de către rezidenții din afara UE, având ca scop abordarea crizei locuințelor și limitarea achizițiilor speculative.”
    • +
  • „Propunerea prim-ministrului Pedro Sánchez include extinderea locuințelor sociale și reglementarea închirierilor turistice pentru a aborda disparitatea dintre prețurile locuințelor și venituri.”
    • +
  • „Viitorul propunerii ca lege este incert, unii analiști considerând-o mai degrabă un factor de descurajare pentru investitorii străini decât o schimbare legislativă garantată.”
    • +
+

Reacții

+
    +
  • „Spania ia în considerare un impozit de 100% pe locuințele achiziționate de rezidenți din afara UE pentru a aborda problemele de accesibilitate a locuințelor. - Criticii sugerează că cumpărătorii străini nu sunt cauza principală a prețurilor ridicate ale locuințelor, menționând birocrația lentă și legile de zonare ca factori mai semnificativi. - Propunerea a declanșat o dezbatere cu privire la rolul proprietății străine pe piețele imobiliare și eficacitatea acesteia în rezolvarea problemelor de accesibilitate.”
    • +
+

„Apple va primi în curând cipuri 'fabricate în America' de la fabrica TSMC din Arizona”

+
    +
  • „Apple testează procesoare de la fabrica TSMC din Arizona, cu planuri de producție în masă până în primul trimestru, devenind potențial primul client american al TSMC pentru cipuri fabricate local. - Această inițiativă are ca scop consolidarea independenței siliconului în SUA, reducând dependența de Taiwan, care este vulnerabil la riscuri geopolitice și naturale. - Fabrica TSMC din Arizona este pregătită să producă cipuri avansate de 3nm și 2nm, cu eforturi continue de a îmbunătăți recrutarea locală și parteneriatele cu universitățile americane, deși ambalarea va avea loc inițial în Taiwan până când facilitatea din Peoria va fi operațională.”
    • +
+

Reacții

+
    +
  • „Apple va primi cipuri de la fabrica TSMC din Arizona, dar acestea trebuie trimise înapoi în Taiwan pentru ambalare din cauza insuficienței facilităților din SUA. - Peste 50% din forța de muncă de la fabrica din Arizona provine din Taiwan, indicând un decalaj în domeniul STEM (Știință, Tehnologie, Inginerie și Matematică) din SUA. - Inițiativa CHIPS Act, care vizează îmbunătățirea producției de semiconductori în SUA, se confruntă cu provocări, deoarece eticheta „Fabricat în America” este pusă sub semnul întrebării din cauza procesului de ambalare care are loc în Taiwan, cu planuri pentru capacități de ambalare în SUA până în 2027.”
    • +
+

„Cu 43.000 de șoferi mai puțin pe drumurile din Manhattan după ce a fost activată taxarea pentru congestionare”

+
    +
  • „După implementarea taxării pentru congestionare, a existat o reducere de 7,5% a șoferilor care intră în Manhattan sub strada 60, ceea ce echivalează cu 43.000 de șoferi mai puțini în fiecare zi lucrătoare.”
    • +
  • „Reducerea traficului a îmbunătățit fluxul de trafic și a crescut viteza autobuzelor, unele autobuze expres înregistrând o creștere a numărului de pasageri.”
    • +
  • „Autoritatea Metropolitană de Transport (MTA) folosește veniturile din taxe, estimate la 500 de milioane de dolari anual, pentru îmbunătățiri ale transportului, în ciuda unei anumite opoziții politice.”
    • +
+

Reacții

+
    +
  • „Implementarea taxării pentru congestionare în Manhattan a dus la reducerea cu 43.000 a numărului de șoferi, ceea ce a condus la creșterea vitezei autobuzelor și, posibil, la îmbunătățirea timpilor de răspuns pentru situațiile de urgență.”
    • +
  • „Politica este concepută pentru a reduce congestionarea traficului și a îmbunătăți calitatea aerului, deși a stârnit dezbateri cu privire la impactul său asupra persoanelor cu venituri mai mici.”
    • +
  • „Susținătorii susțin că beneficiile includ un transport public mai eficient și un aer mai curat, în timp ce discuțiile continuă asupra echilibrării acestor avantaje cu nevoile șoferilor.”
    • +
+ + + + + +]]> + https://hn.cho.sh/ro/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

„Volvo 1993 cu autopilot”

-
    -
  • „Un grup de prieteni a participat la ediția de iarnă Carbage Run 2025, un raliu de 6 zile prin Suedia până la cercul polar și înapoi la Helsinki, care necesită ca mașinile să aibă cel puțin 20 de ani vechime și să fie evaluate sub 1000 €.”
    • -
  • „Au transformat un Volvo 940 Estate din 1993 într-un vehicul autonom folosind openpilot de la comma.ai, încorporând componente moderne precum direcția asistată electric, un iBooster Bosch și un senzor radar Tesla.”
    • -
  • „Actualizările viitoare vor include detalii despre cablaj, o unitate de control a motorului (ECU) personalizată și planuri de a face codul open-source, evidențiind abordarea inovatoare a proiectului de a echipa vehiculele mai vechi cu tehnologie autonomă.”
    • -
-

Reacții

-
    -
  • „Un Volvo 940 din 1993 a fost echipat cu OpenPilot, o tehnologie de conducere autonomă, evidențiind intersecția dintre designul clasic al mașinilor și tehnologia modernă.”
    • -
  • „Proiectul s-a confruntat cu provocări, inclusiv actualizarea sistemelor de frânare și direcție, ridicând preocupări legale și de siguranță, în special cu modificările DIY, cum ar fi sudarea coloanei de direcție.”
    • -
  • „Discuția s-a extins la reglementările auto din Europa, declinul hotrod-urilor în SUA și diferențele culturale în libertățile de modificare a mașinilor, proiectul fiind văzut ca un efort DIY inspirator, în ciuda preocupărilor legate de siguranță.”
    • -
-

„VoxelSpace: Algoritm de randare a terenului în mai puțin de 20 de linii de cod (2020)”

-
    -
  • „Jocul Comanche din 1992 al companiei NovaLogic a utilizat motorul Voxel Space, o tehnică de redare 2.5D bazată pe ray casting, pentru a crea terenuri detaliate cu umbre și umbrire.”
    • -
  • „Motorul Voxel Space folosea hărți de înălțime și culoare și un algoritm simplu de randare, desenând linii verticale de la spate la față, care puteau fi optimizate pentru performanță.”
    • -
  • „Codul motorului este disponibil sub licența MIT, dar tehnologia poate fi încă brevetată în anumite regiuni.”
    • -
-

Reacții

-
    -
  • „VoxelSpace este un algoritm de redare a terenului remarcabil pentru simplitatea sa, necesitând mai puțin de 20 de linii de cod, și evocă nostalgie pentru dezvoltarea inovatoare de jocuri în perioadele cu limitări hardware.”
    • -
  • „Jocurile AAA moderne se concentrează pe optimizări complexe și tendințe de piață, adesea în detrimentul originalității, în timp ce jocurile indie și platformele precum PICO-8 oferă mai multă libertate creativă.”
    • -
  • „În ciuda progreselor tehnologice, unii dezvoltatori și jucători simt că „magia” jocurilor mai vechi lipsește, deși proiecte inovatoare precum redarea voxel continuă să inspire creativitatea.”
    • -
-

„Cum să desenezi un contur într-un joc video”

-
    -
  • „Articolul discută cinci tehnici pentru redarea contururilor în Unity, o platformă populară de dezvoltare a jocurilor, evidențiind utilizarea lor în jocuri precum Sable și The Last of Us. - Tehnicile includ efecte de margine, extrudare de vârfuri, tampon blurat, algoritmul de salt și detectarea marginilor, fiecare având avantaje și compromisuri unice în ceea ce privește performanța și calitatea vizuală. - Articolul oferă perspective asupra echilibrării acestor metode pentru estetica optimă a jocului și suportul pentru gameplay, cu resurse suplimentare și credite pentru modelele 3D incluse.”
    • -
-

Reacții

-
    -
  • „Articolul explorează tehnici avansate pentru trasarea contururilor în jocurile video, subliniind eficiența algoritmului Jump Flood (JFA) și a câmpurilor de distanță semnate (SDF) față de metodele tradiționale. - Se aprofundează în grafica 3D stilizată, discutând tehnici de randare și utilizarea potențială a rețelelor neuronale pentru iluminare și stilizare. - Contribuitorii oferă perspective asupra dezvoltării istorice a cel shading-ului în jocuri, cum ar fi Jet Set Radio, evidențiind intersecția în evoluție dintre tehnologie și artă în grafica 3D.”
    • -
-

„Renunț la Washington Post”

-

Reacții

-
    -
  • „Autorul părăsește Washington Post din cauza eșecului acestuia de a se adapta la peisajul media în continuă evoluție și a abordării sale în prezentarea problemelor, pe care o consideră ineficientă pentru subiecte critice precum democrația.”
    • -
  • „Mass-media tradițională, în special ziarele locale, se confruntă cu dificultăți financiare, ceea ce duce la raportări părtinitoare și la o scădere a încrederii publicului, în timp ce rețelele sociale nu pot înlocui munca riguroasă a jurnalismului.”
    • -
  • „Sunt ridicate îngrijorări cu privire la influența indivizilor bogați, precum Jeff Bezos, asupra instituțiilor media și impactul intereselor corporative asupra rolului mass-media de a trage la răspundere puterea.”
    • -
-

„Perplexity are reclame”

-

Reacții

-
    -
  • „Perplexity a introdus reclame, ceea ce a dus la discuții despre inevitabilitatea reclamelor în serviciile online din cauza reticenței consumatorilor de a plăti pentru experiențe fără reclame. - Unii utilizatori consideră reclamele intruzive și preferă serviciile pe bază de abonament, cum ar fi Kagi, care oferă căutări fără reclame, în timp ce alții continuă să aleagă opțiuni gratuite, susținute de reclame. - Această situație subliniază dezbaterea continuă între modelele susținute de reclame și cele pe bază de abonament în serviciile digitale.”
    • -
- - - - - -]]> - https://hn.cho.sh/ro/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/ru.xml b/static/rss/newsletter/ru.xml index 9d8d09324..92633a4d7 100644 --- a/static/rss/newsletter/ru.xml +++ b/static/rss/newsletter/ru.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

Исследователь безопасности Snyk разворачивает вредоносные пакеты NPM, нацеленные на cursor.com

+
    +
  • Исследователь безопасности из Snyk выпустил вредоносные пакеты NPM, нацеленные на Cursor.com, компанию, занимающуюся AI-кодированием, чтобы собирать системные данные и отправлять их на сервис, контролируемый злоумышленником.
    • +
  • Пакеты, идентифицированные как "cursor-retrieval", "cursor-always-local" и "cursor-shadow-workspace", были отмечены сканером анализа пакетов OpenSSF, что привело к предупреждениям MAL-2025-27, MAL-2025-28 и MAL-2025-29.
    • +
  • Этот инцидент подчеркивает важность тщательной проверки пакетов NPM перед установкой, чтобы избежать потенциальных угроз безопасности.
    • +
+

Реакции

+
    +
  • Исследователь безопасности из Snyk выпустил вредоносные пакеты NPM (Node Package Manager), нацеленные на cursor.com, подчеркивая уязвимости путаницы зависимостей. - Инцидент вызвал дебаты об этике исследований безопасности, особенно в отношении публичного раскрытия переменных окружения. - Cursor.com уточнили, что они не санкционировали это действие, и Snyk с тех пор извинились, подчеркивая трудности в балансировании наступательных исследований безопасности с этическими стандартами.
    • +
+

Я перешел на Firefox и никогда не оглядывался назад

+
    +
  • Firefox хвалят за превосходное управление вкладками, встроенную функцию Pocket для сохранения ссылок и ориентированную на конфиденциальность функцию пересылки электронной почты, что делает его сильной альтернативой Chrome. - Дополнительные функции, такие как удобный инструмент для создания скриншотов, кнопка ChatGPT, режим "картинка в картинке", настраиваемые параметры поиска и плавная прокрутка, улучшают впечатления от просмотра. - Хотя Firefox не имеет функции веб-приложений, как у Chrome, его продуманный дизайн и сниженные требования к ресурсам делают его предпочтительным выбором для некоторых пользователей.
    • +
+

Реакции

+
    +
  • Пользователи Firefox сталкиваются с трудностями на платформах, таких как YouTube, которые могут намеренно ухудшать опыт для пользователей не-Google браузеров или тех, кто использует блокировщики рекламы. - Эта тенденция вызывает обеспокоенность по поводу автономии пользователей, так как она наказывает тех, кто выбирает веб-опыт без рекламы и слежки. - Firefox предлагает уникальные функции, такие как контейнерные вкладки, которые улучшают конфиденциальность и удобство использования, делая его предпочтительным выбором для пользователей, стремящихся к независимости от браузеров, контролируемых крупными корпорациями.
    • +
+

Генеральный директор Sonos уходит в отставку после неудачного обновления приложения

+

Реакции

+
    +
  • Генеральный директор Sonos ушел в отставку после спорного обновления приложения, которое требовало от пользователей замены дорогостоящих звуковых систем, что вызвало недовольство клиентов. - Обновление ввело облачную систему, отказавшись от надежной технологии Universal Plug and Play (UPnP), что привело к проблемам с подключением и увеличению сложности. - Эта ситуация подчеркивает конфликт между бизнес-стратегиями и поддержанием доверия клиентов, так как генеральный директор переходит на консультативную роль с выходным пособием.
    • +
+

В чреве MrBeast

+

Реакции

+
    +
  • Эссе исследует, как алгоритм YouTube влияет на создание контента, используя MrBeast в качестве примера, подчеркивая сдвиг в сторону контента, ориентированного на вовлеченность, а не на значимость. - Обсуждаются более широкие последствия для медиаграмотности и культурное влияние таких платформ, как YouTube и TikTok, предполагая тенденцию к поверхностному и реакционному контенту. - Рассматриваются различные точки зрения на роль алгоритмов в формировании контента и влияние популярных создателей на культурные нормы.
    • +
+

Операции Git на GitHub не работают

+
    +
  • GitHub столкнулся с сбоем операций Git 13 января 2025 года из-за изменения конфигурации, повлиявшего на внутренний балансировщик нагрузки, который длился с 23:35 до 00:24 по UTC. - Проблема была решена путем отмены изменения конфигурации, и GitHub работает над улучшением процессов мониторинга и развертывания, чтобы предотвратить подобные инциденты. - Сбой также затронул сервисы GitHub Actions и Pages, что подчеркивает взаимосвязанную природу их платформенных сервисов.
    • +
+

Реакции

+
    +
  • GitHub столкнулся с серьезным сбоем, который повлиял на операции с git, вызвав замешательство среди разработчиков, которые первоначально подозревали проблемы с их SSH-ключами или локальными конфигурациями. - Инцидент подчеркнул трудности, связанные с зависимостью от централизованных сервисов, вызвав обсуждения о преимуществах самохостинга и децентрализованных систем. - Хотя проблема была решена, она подчеркнула обеспокоенность по поводу надежности GitHub и рисков, связанных с зависимостью от сторонних платформ для выполнения важных задач.
    • +
+

Выпущен ZFS 2.3 с расширением ZFS raidz

+
    +
  • OpenZFS 2.3.0 выпущен, представляя значительные функции, такие как расширение RAIDZ, быстрая дедупликация, прямой ввод/вывод, вывод в формате JSON и поддержка длинных имен файлов. - Выпуск включает в себя важные исправления ошибок и улучшения производительности, совместимые с ядрами Linux 4.18 - 6.12 и версиями FreeBSD 13.3, 14.0 - 14.2. - Обновление является совместной работой 134 участников, с доступной для ознакомления полной документацией и журналом изменений.
    • +
+

Реакции

+
    +
  • ZFS 2.3 был выпущен, представив такие функции, как расширение RAIDZ, быстрая дедупликация, прямой ввод-вывод, вывод в формате JSON и поддержка длинных имен файлов. - Расширение RAIDZ особенно примечательно, так как позволяет пользователям добавлять новые устройства в существующий пул RAIDZ без простоя, увеличивая емкость хранилища. - Выпуск считается значительным достижением для пользователей ZFS, вызывая сравнения с другими файловыми системами, такими как Btrfs и Windows Storage Spaces, несмотря на некоторые ограничения, такие как невозможность уменьшения пулов.
    • +
+

Webtop – контейнеры Alpine, Ubuntu, Fedora и Arch, содержащие полные настольные среды

+
    +
  • Linuxserver/webtop предоставляет контейнеры на основе Alpine, Ubuntu, Fedora и Arch с полными настольными окружениями, доступными через веб-браузеры, поддерживая архитектуры x86-64 и arm64.
    • +
  • Пользователи могут выбирать из различных настольных сред, таких как XFCE, KDE, MATE, i3, Openbox и IceWM, используя определенные теги изображений, и получать доступ к Webtop через указанные URL-адреса.
    • +
  • Функции безопасности включают в себя опцию seccomp Docker и настройку аутентификации, с возможностью настройки через переменные окружения, а также поддержку ускорения GPU с использованием драйверов с открытым исходным кодом.
    • +
+

Реакции

+
    +
  • Webtop предоставляет контейнеры с полными рабочими столами для Alpine, Ubuntu, Fedora и Arch, подходящие для быстрой настройки за VPN.
    • +
  • Пользователи хвалят Webtop за его скорость и простоту использования, особенно при использовании с контейнером Gluetun для безопасных подключений, но предостерегают от вывода контейнеров в интернет без мер безопасности из-за отсутствия аутентификации по умолчанию.
    • +
  • Проект ценится за то, что он является открытым и гибким, пользователи делятся конфигурациями, а такие альтернативы, как Kasm и Selkies, отмечены для схожих целей.
    • +
+

1 из 5 онлайн-вакансий либо фальшивые, либо никогда не заполняются, как показало исследование.

+
    +
  • Недавнее исследование показывает, что 20% онлайн-вакансий либо фальшивые, либо остаются незаполненными, что добавляет разочарования соискателям. - Эта тенденция "призрачных вакансий" может быть тактикой компаний для создания образа роста. - Платформы для поиска работы, такие как Greenhouse и LinkedIn, внедрили услуги проверки вакансий, чтобы помочь пользователям в идентификации подлинных возможностей трудоустройства.
    • +
+

Реакции

+
    +
  • Исследование показывает, что 20% онлайн-вакансий либо фальшивые, либо остаются незаполненными, часто из-за необходимости компаний соблюдать иммиграционные политики США. - Компании также могут оставлять вакансии открытыми, чтобы найти идеальных кандидатов, изменить требования или иметь заранее выбранных внутренних кандидатов. - Рынок труда сложен для соискателей, которые часто сталкиваются с игнорированием и автоматическими отказами, что вызывает призывы к регуляторному вмешательству.
    • +
+

Делать перекресток небезопасным для пешеходов, чтобы сэкономить секунды для водителей

+

Реакции

+
    +
  • Дебаты сосредоточены на том, должны ли перекрестки отдавать приоритет безопасности пешеходов или эффективности водителей, причем некоторые предпочитают перекрестки с светофорами и пешеходные переходы вместо перекрестков с четырьмя стопами.
    • +
  • Мнения расходятся по поводу законов о дорожном движении и проектирования инфраструктуры, обсуждаются вопросы безопасности перехода улицы в неположенном месте и риски, связанные с поворотом направо на красный свет.
    • +
  • Некоторые выступают за альтернативные решения, такие как круговые перекрестки или принятие голландских стандартов дорожного проектирования для повышения как безопасности, так и эффективности.
    • +
+

PostgreSQL - это система управления базами данных года 2024

+
    +
  • PostgreSQL был удостоен звания СУБД года 2024 по версии DB-Engines, получив это признание в пятый раз, обойдя 423 другие системы управления базами данных.
    • +
  • PostgreSQL, с историей, охватывающей почти 35 лет, продолжает внедрять инновации, что видно на примере последних улучшений PostgreSQL 17, выпущенного в сентябре 2024 года.
    • +
  • Snowflake и Microsoft заняли второе и третье места соответственно, при этом Snowflake отмечен за свои облачные хранилища данных и поддержку мультиоблачности, в то время как Microsoft предлагает надежные управляемые реляционные базы данных через Azure SQL Database и SQL Server.
    • +
+

Реакции

+
    +
  • PostgreSQL был удостоен звания Система управления базами данных года 2024 по версии db-engines.com, что подчеркивает его растущую популярность и признание в отрасли.
    • +
  • Пользователи рассматривают возможность перехода с Microsoft SQL Server на PostgreSQL из-за высоких затрат на лицензирование и ограничений ресурсов, несмотря на возможные трудности с миграцией.
    • +
  • PostgreSQL пользуется популярностью благодаря своим надежным функциям и экономической эффективности, что делает его предпочтительным выбором для будущих проектов, хотя некоторые пользователи рассматривают альтернативы, такие как Babelfish, чтобы снизить затраты.
    • +
+

OAuth-авторизация Google не защищает от покупки домена неудавшегося стартапа.

+

Реакции

+
    +
  • Обсуждение подчеркивает уязвимость в системе входа Google OAuth, когда домен неудавшегося стартапа приобретает новый владелец, что потенциально позволяет несанкционированный доступ к сервисам.
    • +
  • Эта проблема возникает, потому что Google может не различать оригинальных и новых владельцев домена, что влияет на любую систему, использующую аутентификацию на основе домена.
    • +
  • Предлагаемое решение заключается в использовании уникальных идентификаторов, которые остаются постоянными с течением времени, хотя реализация этого решения варьируется среди поставщиков идентификационных услуг.
    • +
+

Использование навыков программирования для получения пассивного дохода

+
    +
  • Автор перешел с должности технического директора на путь солопредпринимателя, успешно зарабатывая больше благодаря портфелю программных продуктов.
    • +
  • Ключевые стратегии включают в себя сосредоточение на глубокой работе, начало с небольших проектов, быструю итерацию и выделение времени на маркетинговые усилия.
    • +
  • Путешествие подчеркивает стойкость перед лицом неопределенностей, но выделяет несравненную автономию и свободу этого карьерного пути, побуждая тех, кто обладает навыками программирования, рассмотреть его для получения пассивного дохода.
    • +
+

Реакции

+
    +
  • Пользователь описал создание пассивного дохода через SEO-спам-сайты, используя истекающие доменные имена, зарабатывая примерно $30k в год, несмотря на этические проблемы и последующее вмешательство Google.
    • +
  • Публикация вызвала дебаты о пассивном доходе, при этом некоторые пользователи утверждают, что это больше похоже на ведение бизнеса, чем на действительно пассивный заработок.
    • +
  • Участники поделились опытом и трудностями в побочных проектах, подчеркнув важность времени, устойчивости и стратегического планирования.
    • +
+

Испания предлагает 100% налог на дома, купленные резидентами, не входящими в ЕС

+
    +
  • Испания рассматривает возможность введения 100% налога на покупку недвижимости для нерезидентов ЕС, стремясь решить жилищный кризис и ограничить спекулятивные покупки.
    • +
  • Предложение премьер-министра Педро Санчеса включает расширение социального жилья и регулирование туристической аренды для решения проблемы несоответствия между ценами на жилье и доходами.
    • +
  • Будущее предложения как закона остается неопределенным, и некоторые аналитики рассматривают его скорее как сдерживающий фактор для иностранных инвесторов, чем как гарантированное законодательное изменение.
    • +
+

Реакции

+
    +
  • Испания рассматривает возможность введения 100% налога на дома, приобретаемые резидентами, не входящими в ЕС, чтобы решить проблемы доступности жилья. - Критики утверждают, что иностранные покупатели не являются основной причиной высоких цен на жилье, указывая на медлительность бюрократии и законы о зонировании как на более значительные факторы. - Это предложение вызвало дебаты о роли иностранной собственности на рынке жилья и ее эффективности в решении проблем доступности.
    • +
+

Apple вскоре получит чипы 'сделано в Америке' с фабрики TSMC в Аризоне.

+
    +
  • Apple тестирует процессоры из аризонского завода TSMC, планируя массовое производство к первому кварталу, что потенциально делает её первым клиентом TSMC в США для локально произведённых чипов. - Эта инициатива направлена на укрепление независимости США в области кремния, снижая зависимость от Тайваня, который уязвим к геополитическим и природным рискам. - Аризонский завод TSMC будет производить передовые чипы 3нм и 2нм, с продолжающимися усилиями по улучшению местного набора сотрудников и партнёрств с американскими университетами, хотя упаковка изначально будет происходить на Тайване, пока объект в Пеории не станет операционным.
    • +
+

Реакции

+
    +
  • Apple будет получать чипы с завода TSMC в Аризоне, но их необходимо отправлять обратно на Тайвань для упаковки из-за недостатка соответствующих мощностей в США. - Более 50% рабочей силы на заводе в Аризоне составляют сотрудники из Тайваня, что указывает на пробел в области STEM (наука, технологии, инженерия и математика) в США. - Инициатива CHIPS Act, направленная на усиление производства полупроводников в США, сталкивается с трудностями, так как маркировка "Сделано в Америке" ставится под сомнение из-за процесса упаковки, происходящего на Тайване, с планами по созданию возможностей для упаковки в США к 2027 году.
    • +
+

На дорогах Манхэттена стало на 43 тысячи водителей меньше после введения платы за въезд в зону с высокой загруженностью.

+
    +
  • После внедрения системы платного въезда количество водителей, въезжающих в Манхэттен ниже 60-й улицы, сократилось на 7,5%, что эквивалентно 43 000 водителей меньше каждый будний день.
    • +
  • Снижение трафика улучшило поток движения и увеличило скорость автобусов, при этом некоторые экспресс-автобусы испытывают рост числа пассажиров.
    • +
  • Метрополитенское транспортное управление (MTA) использует доходы от сборов, оцениваемые в 500 миллионов долларов в год, для улучшения транспорта, несмотря на некоторое политическое сопротивление.
    • +
+

Реакции

+
    +
  • Введение платы за въезд в Манхэттен привело к сокращению числа водителей на 43 000, что способствовало увеличению скорости движения автобусов и, возможно, улучшению времени реагирования экстренных служб.
    • +
  • Политика направлена на снижение заторов на дорогах и улучшение качества воздуха, хотя она вызвала дебаты по поводу ее влияния на людей с низким доходом.
    • +
  • Сторонники утверждают, что преимущества включают более эффективный общественный транспорт и более чистый воздух, в то время как продолжаются обсуждения о том, как сбалансировать эти преимущества с потребностями водителей.
    • +
+ + + + + +]]> + https://hn.cho.sh/ru/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Самоуправляемый Volvo 1993 года с открытым пилотом

-
    -
  • Группа друзей приняла участие в зимнем издании Carbage Run 2025, шестидневном ралли через Швецию до полярного круга и обратно в Хельсинки, требующем, чтобы автомобили были не моложе 20 лет и оценивались менее чем в 1000 евро.
    • -
  • Они превратили Volvo 940 Estate 1993 года в автономное транспортное средство, используя openpilot от comma.ai, интегрировав современные компоненты, такие как электрический усилитель руля, Bosch iBooster и радарный датчик Tesla.
    • -
  • Будущие обновления будут включать детали по проводке, специальный блок управления двигателем (ECU) и планы по открытию исходного кода, подчеркивая инновационный подход проекта к модернизации старых автомобилей с использованием автономных технологий.
    • -
-

Реакции

-
    -
  • В 1993 году Volvo 940 была переоборудована с использованием OpenPilot, технологии для автономного вождения, что подчеркивает пересечение классического автомобильного дизайна и современных технологий.
    • -
  • Проект столкнулся с трудностями, включая обновление тормозной и рулевой систем, что вызвало юридические и вопросы безопасности, особенно с самодельными модификациями, такими как сварка рулевой колонки.
    • -
  • Обсуждение затронуло автомобильные регламенты в Европе, снижение популярности хот-родов в США и культурные различия в свободе модификации автомобилей, при этом проект рассматривался как вдохновляющее усилие своими руками, несмотря на опасения по поводу безопасности.
    • -
-

VoxelSpace: Алгоритм рендеринга ландшафта менее чем в 20 строках кода (2020)

-
    -
  • Игра Comanche от NovaLogic, выпущенная в 1992 году, использовала движок Voxel Space, технику рендеринга 2.5D, основанную на трассировке лучей, для создания детализированных ландшафтов с тенями и затенением.
    • -
  • Движок Voxel Space использовал карты высот и цвета, а также простой алгоритм рендеринга, рисуя вертикальные линии от заднего плана к переднему, что могло быть оптимизировано для повышения производительности.
    • -
  • Код двигателя доступен по лицензии MIT, но технология все еще может быть запатентована в некоторых регионах.
    • -
-

Реакции

-
    -
  • VoxelSpace — это алгоритм рендеринга ландшафта, примечательный своей простотой, требующий менее 20 строк кода, и вызывающий ностальгию по инновационной разработке игр в эпохи с ограниченными аппаратными возможностями.
    • -
  • Современные AAA-игры сосредоточены на сложных оптимизациях и рыночных тенденциях, часто в ущерб оригинальности, тогда как инди-игры и платформы, такие как PICO-8, предоставляют больше творческой свободы.
    • -
  • Несмотря на технологические достижения, некоторые разработчики и игроки считают, что «магия» старых игр отсутствует, хотя инновационные проекты, такие как воксельный рендеринг, продолжают вдохновлять на творчество.
    • -
-

Как нарисовать контур в видеоигре

-
    -
  • Статья обсуждает пять техник для рендеринга контуров в Unity, популярной платформе для разработки игр, подчеркивая их использование в таких играх, как Sable и The Last of Us. - Техники включают эффекты ободка, экструзию вершин, размытие буфера, алгоритм Jump Flood и обнаружение краев, каждая из которых имеет уникальные преимущества и компромиссы с точки зрения производительности и визуального качества. - Статья предоставляет информацию о том, как сбалансировать эти методы для оптимальной эстетики игры и поддержки игрового процесса, с дополнительными ресурсами и кредитами для 3D-моделей.
    • -
-

Реакции

-
    -
  • Статья исследует передовые методы создания контуров в видеоиграх, подчеркивая эффективность алгоритма Jump Flood (JFA) и полей подписанных расстояний (SDF) по сравнению с традиционными методами. - Она углубляется в стилизованную 3D-графику, обсуждая методы рендеринга и потенциальное использование нейронных сетей для освещения и стилизации. - Участники предоставляют информацию о историческом развитии цел-шейдинга в играх, таких как Jet Set Radio, подчеркивая развивающееся пересечение технологий и искусства в 3D-графике.
    • -
-

Я ухожу из Washington Post

-

Реакции

-
    -
  • Автор покидает Washington Post из-за неспособности издания адаптироваться к изменяющемуся медийному ландшафту и его подходу к освещению проблем, который, по их мнению, неэффективен для критических тем, таких как демократия.
    • -
  • Традиционные СМИ, особенно местные газеты, испытывают финансовые трудности, что приводит к предвзятой подаче новостей и снижению доверия общественности, в то время как социальные сети не могут заменить тщательную работу журналистики.
    • -
  • Выражаются опасения по поводу влияния состоятельных лиц, таких как Джефф Безос, на средства массовой информации и воздействия корпоративных интересов на роль СМИ в привлечении власти к ответственности.
    • -
-

Perplexity получила рекламу

-

Реакции

-
    -
  • Perplexity ввела рекламу, что привело к обсуждениям о неизбежности рекламы в онлайн-сервисах из-за нежелания потребителей платить за опыт без рекламы. - Некоторые пользователи считают рекламу навязчивой и предпочитают подписные сервисы, такие как Kagi, которые предлагают поиск без рекламы, в то время как другие продолжают выбирать бесплатные, поддерживаемые рекламой варианты. - Эта ситуация подчеркивает продолжающуюся дискуссию между моделями, поддерживаемыми рекламой, и подписными моделями в цифровых сервисах.
    • -
- - - - - -]]> - https://hn.cho.sh/ru/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/sk.xml b/static/rss/newsletter/sk.xml index f8f12e4e0..7f414d448 100644 --- a/static/rss/newsletter/sk.xml +++ b/static/rss/newsletter/sk.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

„Výskumník bezpečnosti Snyk nasadzuje škodlivé balíky NPM zamerané na cursor.com“

+
    +
  • „Bezpečnostný výskumník zo spoločnosti Snyk vydal škodlivé NPM balíčky zamerané na Cursor.com, spoločnosť zaoberajúcu sa AI kódovaním, s cieľom zhromažďovať systémové údaje a posielať ich na službu kontrolovanú útočníkom.“
    • +
  • „Balíky, identifikované ako „cursor-retrieval“, „cursor-always-local“ a „cursor-shadow-workspace“, boli označené skenerom analýzy balíkov OpenSSF, čo viedlo k upozorneniam MAL-2025-27, MAL-2025-28 a MAL-2025-29.“
    • +
  • „Tento incident zdôrazňuje dôležitosť dôkladného preskúmania NPM balíkov pred ich inštaláciou, aby sa predišlo potenciálnym bezpečnostným hrozbám.“
    • +
+

Reakcie

+
    +
  • „Bezpečnostný výskumník zo spoločnosti Snyk zverejnil škodlivé balíčky NPM (Node Package Manager) zamerané na cursor.com, čím poukázal na zraniteľnosti spôsobené zmätkom v závislostiach. - Tento incident vyvolal diskusiu o etike bezpečnostného výskumu, najmä pokiaľ ide o verejné zverejňovanie premenných prostredia. - Cursor.com objasnil, že túto akciu neautorizovali, a Snyk sa odvtedy ospravedlnil, čím zdôraznil výzvy pri vyvažovaní ofenzívneho bezpečnostného výskumu s etickými normami.“
    • +
+

„Prešiel som na Firefox a nikdy som sa neobzrel späť“

+
    +
  • „Firefox je chválený za svoju vynikajúcu správu kariet, vstavanú funkciu Pocket na ukladanie odkazov a súkromie zameraný emailový relé, čo z neho robí silnú alternatívu k Chrome. - Ďalšie funkcie ako užívateľsky prívetivý nástroj na snímanie obrazovky, tlačidlo ChatGPT, funkcia Obraz v obraze, prispôsobiteľné možnosti vyhľadávania a plynulé posúvanie zlepšujú zážitok z prehliadania. - Aj keď Firefox nemá funkciu webových aplikácií ako Chrome, jeho premyslený dizajn a znížené nároky na zdroje ho robia preferovanou voľbou pre niektorých používateľov.“
    • +
+

Reakcie

+
    +
  • „Používatelia Firefoxu čelia výzvam zo strany platforiem ako YouTube, ktoré môžu úmyselne zhoršovať zážitok pre používateľov ne-Google prehliadačov alebo tých, ktorí používajú blokovače reklám. - Tento trend vyvoláva obavy o autonómiu používateľov, pretože penalizuje tých, ktorí sa rozhodnú pre web bez reklám a sledovania. - Firefox ponúka jedinečné funkcie, ako sú kontajnerové karty, ktoré zvyšujú súkromie a použiteľnosť, čo z neho robí obľúbenú voľbu pre používateľov hľadajúcich nezávislosť od veľkých korporátne kontrolovaných prehliadačov.“
    • +
+

„Generálny riaditeľ spoločnosti Sonos odstupuje po fiasku s aktualizáciou aplikácie“

+

Reakcie

+
    +
  • „Generálny riaditeľ spoločnosti Sonos rezignoval po kontroverznej aktualizácii aplikácie, ktorá vyžadovala, aby používatelia nahradili drahé zvukové systémy, čo spôsobilo nespokojnosť zákazníkov. - Aktualizácia zaviedla systém založený na cloude, čím sa vzdialila od spoľahlivého Universal Plug and Play (UPnP), čo viedlo k problémom s pripojením a zvýšenej zložitosti. - Táto situácia zdôrazňuje konflikt medzi obchodnými stratégiami a udržiavaním dôvery zákazníkov, keďže generálny riaditeľ prechádza do poradenskej úlohy s odstupným balíkom.“
    • +
+

„V bruchu MrBeasta“

+

Reakcie

+
    +
  • „Esej skúma, ako YouTube algoritmus ovplyvňuje tvorbu obsahu, pričom ako prípadovú štúdiu používa MrBeasta, a zdôrazňuje posun smerom k obsahu zameranému na zapojenie skôr než na zmysluplný obsah. - Diskutuje o širších dôsledkoch pre mediálnu gramotnosť a kultúrny vplyv platforiem ako YouTube a TikTok, naznačujúc trend smerom k povrchnému a reakčnému obsahu. - Zvažujú sa rôzne perspektívy o úlohe algoritmov pri formovaní obsahu a vplyve populárnych tvorcov na kultúrne normy.“
    • +
+

„Operácie Git na GitHube sú nefunkčné“

+
    +
  • „GitHub čelil výpadku operácií Git 13. januára 2025 kvôli zmene konfigurácie, ktorá ovplyvnila interný vyvažovač záťaže, a trval od 23:35 do 00:24 UTC. - Problém bol vyriešený návratom k pôvodnej konfigurácii a GitHub pracuje na zlepšení monitorovacích a nasadzovacích procesov, aby sa predišlo podobným incidentom. - Výpadok tiež ovplyvnil služby GitHub Actions a Pages, čo poukazuje na prepojenú povahu ich platformových služieb.“
    • +
+

Reakcie

+
    +
  • „GitHub čelil veľkému výpadku, ktorý ovplyvnil git operácie, čo viedlo k zmätku medzi vývojármi, ktorí spočiatku podozrievali problémy so svojimi SSH kľúčmi alebo lokálnymi konfiguráciami. - Incident zdôraznil výzvy spojené so spoliehaním sa na centralizované služby, čo podnietilo diskusie o výhodách samohostovania a decentralizovaných systémov. - Hoci bol problém vyriešený, poukázal na obavy o spoľahlivosť GitHubu a riziká spoliehania sa na platformy tretích strán pre základné úlohy.“
    • +
+

„ZFS 2.3 vydaný s rozšírením ZFS raidz“

+
    +
  • „OpenZFS 2.3.0 bol vydaný a prináša významné funkcie ako rozšírenie RAIDZ, rýchlu deduplikáciu, priamy vstup/výstup, výstup vo formáte JSON a podporu pre dlhé názvy súborov. - Vydanie zahŕňa dôležité opravy chýb a vylepšenia výkonu, kompatibilné s jadrami Linuxu 4.18 - 6.12 a verziami FreeBSD 13.3, 14.0 - 14.2. - Aktualizácia je výsledkom spolupráce 134 prispievateľov, s dostupnou komplexnou dokumentáciou a záznamom zmien na preštudovanie.“
    • +
+

Reakcie

+
    +
  • „ZFS 2.3 bol vydaný, prinášajúc funkcie ako rozšírenie RAIDZ, rýchlu deduplikáciu, priamy IO, výstup v JSON a podporu pre dlhé názvy súborov. - Rozšírenie RAIDZ je obzvlášť pozoruhodné, pretože umožňuje používateľom pridávať nové zariadenia do existujúceho RAIDZ poolu bez prestojov, čím zvyšuje kapacitu úložiska. - Vydanie je považované za významný pokrok pre používateľov ZFS, pričom sa porovnáva s inými súborovými systémami ako Btrfs a Windows Storage Spaces, napriek niektorým obmedzeniam, ako je neschopnosť zmenšiť pooly.“
    • +
+

„Webtop – kontajnery Alpine, Ubuntu, Fedora a Arch obsahujúce plné desktopové prostredia“

+
    +
  • „Linuxserver/webtop poskytuje kontajnery založené na Alpine, Ubuntu, Fedora a Arch s plnými desktopovými prostrediami prístupnými cez webové prehliadače, podporujúcimi architektúry x86-64 aj arm64.“
    • +
  • „Používatelia si môžu vybrať z rôznych desktopových prostredí, ako sú XFCE, KDE, MATE, i3, Openbox a IceWM, pomocou špecifických značiek obrázkov a pristupovať k Webtopu prostredníctvom určených URL adries.“
    • +
  • „Bezpečnostné funkcie zahŕňajú možnosť seccomp v Dockeri a nastavenie autentifikácie, s možnosťami prispôsobenia prostredníctvom premenných prostredia a podporou akcelerácie GPU s open-source ovládačmi.“
    • +
+

Reakcie

+
    +
  • „Webtop poskytuje kontajnery s plnými desktopovými prostrediami pre Alpine, Ubuntu, Fedora a Arch, vhodné pre rýchle nastavenia za VPN.“
    • +
  • „Používatelia chvália Webtop za jeho rýchlosť a jednoduchosť použitia, najmä keď sa používa s kontajnerom Gluetun pre zabezpečené pripojenia, ale varujú pred vystavením kontajnerov internetu bez bezpečnostných opatrení kvôli absencii predvolenej autentifikácie.“
    • +
  • „Projekt je cenený za to, že je open-source a flexibilný, pričom používatelia zdieľajú konfigurácie, a alternatívy ako Kasm a Selkies sú známe pre podobné účely.“
    • +
+

„1 z 5 online pracovných ponúk je buď falošná, alebo nikdy nie je obsadená, zistila štúdia“

+
    +
  • „Nedávna štúdia naznačuje, že 20 % online pracovných ponúk je buď falošných, alebo zostáva neobsadených, čo pridáva k frustrácii uchádzačov o zamestnanie. - Tento trend „duchovných pracovných miest“ môže byť taktikou spoločností na projekciu obrazu rastu. - Pracovné platformy ako Greenhouse a LinkedIn zaviedli služby overovania pracovných miest, aby pomohli používateľom identifikovať skutočné pracovné príležitosti.“
    • +
+

Reakcie

+
    +
  • „Štúdia odhaľuje, že 20 % online pracovných ponúk je buď falošných, alebo zostáva neobsadených, často kvôli tomu, že spoločnosti musia dodržiavať imigračné politiky USA. - Spoločnosti môžu tiež ponechať pracovné ponuky zverejnené, aby našli ideálnych kandidátov, zmenili požiadavky alebo mali vopred vybraných interných kandidátov. - Trh práce je pre uchádzačov náročný, často sa stretávajú s ignorovaním a automatizovanými odmietnutiami, čo vyvoláva výzvy na regulačné zásahy.“
    • +
+

„Urobiť križovatku nebezpečnou pre chodcov, aby sa ušetrili sekundy pre vodičov“

+

Reakcie

+
    +
  • „Debata sa sústreďuje na to, či by križovatky mali uprednostňovať bezpečnosť chodcov alebo efektívnosť vodičov, pričom niektorí uprednostňujú svetelne riadené križovatky a prechody pre chodcov pred štvorcestnými zastaveniami.“
    • +
  • „Názory na dopravné zákony a návrh infraštruktúry sa líšia, pričom sa diskutuje o bezpečnosti prechádzania mimo priechodu a rizikách spojených s odbočovaním doprava na červenú.“
    • +
  • „Niektorí obhajujú alternatívne riešenia, ako sú kruhové objazdy alebo prijatie holandských štandardov dopravného inžinierstva na zvýšenie bezpečnosti a efektívnosti.“
    • +
+

„PostgreSQL je systém na správu databáz roka 2024“

+
    +
  • „PostgreSQL získal ocenenie DBMS roka 2024 od DB-Engines, čím dosiahol toto uznanie už piatykrát, prekonávajúc 423 ďalších systémov na správu databáz.“
    • +
  • „PostgreSQL, s históriou trvajúcou takmer 35 rokov, naďalej inovuje, čo je vidieť na nedávnych vylepšeniach PostgreSQL 17, vydaných v septembri 2024.“
    • +
  • „Snowflake a Microsoft si zabezpečili druhé a tretie miesto, pričom Snowflake je známy svojím cloudovým dátovým skladovaním a podporou viacerých cloudov, zatiaľ čo Microsoft ponúka robustné spravované relačné databázy prostredníctvom Azure SQL Database a SQL Server.“
    • +
+

Reakcie

+
    +
  • „PostgreSQL bol ocenený ako Systém na správu databáz roka 2024 podľa db-engines.com, čo zdôrazňuje jeho rastúcu popularitu a uznanie v priemysle.“
    • +
  • „Používatelia zvažujú prechod z Microsoft SQL Server na PostgreSQL kvôli vysokým licenčným nákladom a obmedzeniam zdrojov, napriek potenciálnym výzvam pri migrácii.“
    • +
  • „PostgreSQL je obľúbený pre svoje robustné funkcie a nákladovú efektívnosť, čo z neho robí preferovanú voľbu pre budúce projekty, hoci niektorí používatelia skúmajú alternatívy ako Babelfish na zníženie nákladov.“
    • +
+

„Google OAuth prihlásenie nechráni pred kúpou domény neúspešného startupu“

+

Reakcie

+
    +
  • „Diskusia poukazuje na zraniteľnosť v systéme prihlásenia Google OAuth, keď doménu neúspešného startupu získa nový vlastník, čo môže potenciálne umožniť neoprávnený prístup k službám.“
    • +
  • „Tento problém vzniká, pretože Google nemusí rozlišovať medzi pôvodnými a novými vlastníkmi domény, čo ovplyvňuje akýkoľvek systém, ktorý používa autentifikáciu založenú na doméne.“
    • +
  • „Navrhovaným riešením je použitie jedinečných identifikátorov, ktoré zostávajú konštantné v priebehu času, hoci implementácia tohto riešenia sa líši medzi poskytovateľmi identity.“
    • +
+

„Používanie programovacích zručností na vytváranie pasívneho príjmu“

+
    +
  • „Autor prešiel z pozície CTO na solopodnikateľa a úspešne zarába viac prostredníctvom portfólia softvérových produktov.“
    • +
  • „Kľúčové stratégie zahŕňajú zameranie sa na hlbokú prácu, začínanie s malými projektmi, rýchle iterovanie a venovanie času marketingovým aktivitám.“
    • +
  • „Cesta zdôrazňuje odolnosť kvôli neistotám, ale vyzdvihuje neprekonateľnú autonómiu a slobodu tejto kariérnej cesty, čím povzbudzuje tých, ktorí majú zručnosti v kódovaní, aby ju zvážili ako pasívny príjem.“
    • +
+

Reakcie

+
    +
  • „Používateľ opísal generovanie pasívneho príjmu prostredníctvom SEO spamových webových stránok pomocou expirovaných doménových mien, pričom zarábal približne 30 tisíc dolárov ročne, napriek etickým obavám a následnému zásahu zo strany Googlu.“
    • +
  • „Príspevok vyvolal diskusiu o pasívnom príjme, pričom niektorí používatelia tvrdili, že je to skôr podobné vedeniu podnikania než skutočne pasívnym zárobkom.“
    • +
  • „Účastníci sa podelili o skúsenosti a výzvy v bočných projektoch, pričom zdôraznili dôležitosť času, odolnosti a strategického plánovania.“
    • +
+

„Španielsko navrhuje 100% daň na domy kúpené obyvateľmi mimo EÚ“

+
    +
  • „Španielsko zvažuje 100% daň na nákupy nehnuteľností obyvateľmi mimo EÚ, s cieľom riešiť krízu bývania a obmedziť špekulatívne nákupy.“
    • +
  • „Návrh premiéra Pedra Sáncheza zahŕňa rozšírenie sociálneho bývania a reguláciu turistických prenájmov na riešenie rozdielu medzi cenami bývania a príjmami.“
    • +
  • „Budúcnosť návrhu ako zákona je neistá, pričom niektorí analytici ho vnímajú skôr ako odstrašujúci prostriedok pre zahraničných investorov než ako zaručenú legislatívnu zmenu.“
    • +
+

Reakcie

+
    +
  • „Španielsko zvažuje 100% daň na domy kúpené obyvateľmi mimo EÚ, aby riešilo problémy s dostupnosťou bývania. - Kritici naznačujú, že zahraniční kupci nie sú hlavnou príčinou vysokých cien bývania, pričom ako významnejšie faktory uvádzajú pomalú byrokraciu a územné zákony. - Návrh vyvolal diskusiu o úlohe zahraničného vlastníctva na trhoch s bývaním a jeho účinnosti pri riešení problémov s dostupnosťou.“
    • +
+

„Apple čoskoro dostane čipy 'vyrobené v Amerike' z továrne TSMC v Arizone“

+
    +
  • „Apple testuje procesory z arizonského závodu TSMC s plánmi na hromadnú výrobu do prvého štvrťroka, pričom by sa mohol stať prvým americkým zákazníkom TSMC pre lokálne vyrábané čipy. - Táto iniciatíva má za cieľ posilniť americkú nezávislosť na silikóne, čím sa zníži závislosť na Taiwane, ktorý je zraniteľný voči geopolitickým a prírodným rizikám. - Arizonská továreň TSMC má vyrábať pokročilé 3nm a 2nm čipy, pričom prebiehajú snahy o zlepšenie miestneho náboru a partnerstiev s americkými univerzitami, hoci balenie sa spočiatku bude vykonávať na Taiwane, kým nebude prevádzková továreň v Peorii.“
    • +
+

Reakcie

+
    +
  • „Apple dostane čipy z arizonskej továrne TSMC, ale musia byť poslané späť na Taiwan na balenie kvôli nedostatočným zariadeniam v USA. - Viac ako 50 % pracovnej sily v arizonskej továrni pochádza z Taiwanu, čo naznačuje medzeru v oblasti STEM (veda, technológia, inžinierstvo a matematika) v USA. - Iniciatíva CHIPS Act, zameraná na posilnenie výroby polovodičov v USA, čelí výzvam, pretože označenie „Vyrobené v Amerike“ je spochybňované kvôli procesu balenia prebiehajúcemu na Taiwane, s plánmi na americké baliace kapacity do roku 2027.“
    • +
+

„O 43 tisíc menej vodičov na cestách v Manhattane po zavedení poplatkov za preťaženie dopravy“

+
    +
  • „Po zavedení poplatkov za preťaženie došlo k zníženiu počtu vodičov vstupujúcich do Manhattanu pod 60. ulicou o 7,5 %, čo predstavuje o 43 000 menej vodičov každý pracovný deň.“
    • +
  • „Zníženie premávky zlepšilo plynulosť dopravy a zvýšilo rýchlosť autobusov, pričom niektoré expresné autobusy zaznamenali vyšší počet cestujúcich.“
    • +
  • „Metropolitný dopravný úrad (MTA) využíva príjmy z mýta, odhadované na 500 miliónov dolárov ročne, na zlepšenie dopravy, napriek určitému politickému odporu.“
    • +
+

Reakcie

+
    +
  • „Zavedenie poplatkov za preťaženie dopravy na Manhattane viedlo k zníženiu počtu vodičov o 43 000, čo viedlo k zvýšeniu rýchlosti autobusov a potenciálne lepším časom reakcie záchranných služieb.“
    • +
  • „Politika je navrhnutá tak, aby znížila dopravné zápchy a zlepšila kvalitu ovzdušia, hoci vyvolala diskusiu o jej dopade na osoby s nižšími príjmami.“
    • +
  • „Zástancovia tvrdia, že výhody zahŕňajú efektívnejšiu verejnú dopravu a čistejší vzduch, zatiaľ čo diskusie pokračujú o vyvážení týchto výhod s potrebami vodičov.“
    • +
+ + + + + +]]> + https://hn.cho.sh/sk/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

„Samojazdiace Volvo z roku 1993 s otvoreným pilotom“

-
    -
  • „Skupina priateľov sa zúčastnila zimnej edície Carbage Run 2025, 6-dňovej rally cez Švédsko k polárnemu kruhu a späť do Helsínk, pričom autá museli byť staré aspoň 20 rokov a ich hodnota nesmela presiahnuť 1000 €.“
    • -
  • „Premenili Volvo 940 Estate z roku 1993 na samojazdiace vozidlo pomocou openpilot od comma.ai, pričom začlenili moderné komponenty ako elektrické posilňovače riadenia, Bosch iBooster a radarový senzor Tesla.“
    • -
  • „Budúce aktualizácie budú obsahovať podrobnosti o elektroinštalácii, vlastnej riadiacej jednotke motora (ECU) a plány na otvorenie zdrojového kódu, čím sa zdôrazní inovatívny prístup projektu k modernizácii starších vozidiel autonómnou technológiou.“
    • -
-

Reakcie

-
    -
  • „V roku 1993 bol model Volvo 940 vybavený technológiou OpenPilot, čo je technológia pre autonómne riadenie, čím sa zdôrazňuje prepojenie klasického dizajnu automobilov s modernou technológiou.“
    • -
  • „Projekt čelil výzvam, vrátane aktualizácie brzdových a riadiacich systémov, čo vyvolalo právne a bezpečnostné obavy, najmä pri úpravách typu „urob si sám“, ako je zváranie riadiaceho stĺpika.“
    • -
  • „Diskusia sa rozšírila na regulácie automobilov v Európe, úpadok hotrodov v USA a kultúrne rozdiely v slobode úprav automobilov, pričom projekt bol považovaný za inšpiratívne DIY úsilie napriek obavám o bezpečnosť.“
    • -
-

„VoxelSpace: Algoritmus vykresľovania terénu v menej ako 20 riadkoch kódu (2020)“

-
    -
  • „Hra Comanche od spoločnosti NovaLogic z roku 1992 využívala engine Voxel Space, techniku 2.5D renderovania založenú na ray castingu, na vytvorenie detailných terénov s tieňovaním a tieňmi.“
    • -
  • „Voxelský engine používal výškové a farebné mapy a jednoduchý renderovací algoritmus, ktorý kreslil vertikálne čiary od zadnej časti dopredu, čo mohlo byť optimalizované pre výkon.“
    • -
  • „Kód motora je dostupný pod licenciou MIT, ale technológia môže byť stále patentovaná v niektorých regiónoch.“
    • -
-

Reakcie

-
    -
  • „VoxelSpace je algoritmus na vykresľovanie terénu, ktorý je pozoruhodný svojou jednoduchosťou, vyžaduje menej ako 20 riadkov kódu a vyvoláva nostalgiu za inovatívnym vývojom hier počas období s obmedzeným hardvérom.“
    • -
  • „Moderné AAA hry sa zameriavajú na zložité optimalizácie a trhové trendy, často na úkor originality, zatiaľ čo nezávislé hry a platformy ako PICO-8 poskytujú viac tvorivej slobody.“
    • -
  • „Napriek technologickým pokrokom niektorí vývojári a hráči cítia, že „kúzlo“ starších hier chýba, hoci inovatívne projekty ako voxelové renderovanie naďalej inšpirujú kreativitu.“
    • -
-

„Ako nakresliť obrys v počítačovej hre“

-
    -
  • „Článok sa zaoberá piatimi technikami pre vykresľovanie obrysov v Unity, populárnej platforme na vývoj hier, pričom zdôrazňuje ich použitie v hrách ako Sable a The Last of Us. - Techniky zahŕňajú Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm a Edge Detection, pričom každá má jedinečné výhody a kompromisy z hľadiska výkonu a vizuálnej kvality. - Článok poskytuje pohľad na vyváženie týchto metód pre optimálnu estetiku hier a podporu hrateľnosti, s ďalšími zdrojmi a kreditmi pre 3D modely zahrnuté.“
    • -
-

Reakcie

-
    -
  • „Článok skúma pokročilé techniky kreslenia obrysov vo videohrách, pričom zdôrazňuje efektívnosť algoritmu Jump Flood (JFA) a podpísaných vzdialenostných polí (SDF) oproti tradičným metódam. - Ponára sa do štýlizovanej 3D grafiky, diskutuje o technikách renderovania a potenciálnom využití neurónových sietí na osvetlenie a štýlovanie. - Prispievatelia poskytujú pohľady na historický vývoj cel-shadingu v hrách, ako je Jet Set Radio, pričom zdôrazňujú vyvíjajúci sa prienik technológie a umenia v 3D grafike.“
    • -
-

„Odchádzam z Washington Post“

-

Reakcie

-
    -
  • „Autor opúšťa Washington Post kvôli jeho neschopnosti prispôsobiť sa vyvíjajúcemu sa mediálnemu prostrediu a jeho prístupu k prezentovaniu problémov, ktorý považujú za neúčinný pre kritické témy ako demokracia.“
    • -
  • „Tradičné médiá, najmä miestne noviny, zápasia s finančnými problémami, čo vedie k zaujatému spravodajstvu a poklesu dôvery verejnosti, zatiaľ čo sociálne médiá nemôžu nahradiť dôkladnú prácu žurnalistiky.“
    • -
  • „Vznikajú obavy o vplyv bohatých jednotlivcov, ako je Jeff Bezos, na mediálne kanály a o vplyv korporátnych záujmov na úlohu médií pri zodpovednosti moci.“
    • -
-

„Perplexity má reklamy“

-

Reakcie

-
    -
  • „Perplexity zaviedla reklamy, čo viedlo k diskusiám o nevyhnutnosti reklám v online službách kvôli neochote spotrebiteľov platiť za zážitky bez reklám. - Niektorí používatelia považujú reklamy za rušivé a uprednostňujú služby na báze predplatného, ako je Kagi, ktoré ponúkajú vyhľadávanie bez reklám, zatiaľ čo iní naďalej volia bezplatné možnosti podporované reklamami. - Táto situácia zdôrazňuje prebiehajúcu diskusiu medzi modelmi podporovanými reklamami a modelmi na báze predplatného v digitálnych službách.“
    • -
- - - - - -]]> - https://hn.cho.sh/sk/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/sv.xml b/static/rss/newsletter/sv.xml index f9dc8f2dc..fcb801588 100644 --- a/static/rss/newsletter/sv.xml +++ b/static/rss/newsletter/sv.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

En säkerhetsforskare från Snyk distribuerar skadliga NPM-paket som riktar sig mot cursor.com

+
    +
  • En säkerhetsforskare från Snyk släppte skadliga NPM-paket som riktade sig mot Cursor.com, ett AI-kodningsföretag, för att samla in systemdata och skicka den till en tjänst kontrollerad av angriparen.
    • +
  • Paketen, identifierade som "cursor-retrieval", "cursor-always-local" och "cursor-shadow-workspace", flaggades av OpenSSF:s paketanalysverktyg, vilket resulterade i rådgivningar MAL-2025-27, MAL-2025-28 och MAL-2025-29.
    • +
  • Denna incident belyser vikten av att granska NPM-paket innan installation för att undvika potentiella säkerhetshot.
    • +
+

Reaktioner

+
    +
  • En säkerhetsforskare från Snyk släppte skadliga NPM (Node Package Manager) paket riktade mot cursor.com, vilket belyser sårbarheter i beroendekonfusion. - Händelsen har väckt en debatt om etiken inom säkerhetsforskning, särskilt när det gäller offentlig exponering av miljövariabler. - Cursor.com klargjorde att de inte godkände åtgärden, och Snyk har sedan dess bett om ursäkt, vilket understryker utmaningarna i att balansera offensiv säkerhetsforskning med etiska standarder.
    • +
+

Jag bytte till Firefox och har aldrig sett tillbaka

+
    +
  • Firefox beröms för sin överlägsna flikhantering, inbyggda Pocket-funktion för att spara länkar och en integritetsfokuserad e-postrelä, vilket gör det till ett starkt alternativ till Chrome. - Ytterligare funktioner som ett användarvänligt skärmdumpsverktyg, en ChatGPT-knapp, Bild-i-bild, anpassningsbara sökalternativ och smidig rullning förbättrar surfupplevelsen. - Även om Firefox saknar Chromes webbappfunktion, gör dess genomtänkta design och minskade resurskrav det till ett föredraget val för vissa användare.
    • +
+

Reaktioner

+
    +
  • Firefox-användare står inför utmaningar från plattformar som YouTube, som kan avsiktligt försämra upplevelsen för icke-Google-webbläsare eller användare som använder annonsblockerare. - Denna trend väcker oro över användarens autonomi, eftersom den straffar dem som väljer en annonsfri och övervakningsfri webbupplevelse. - Firefox erbjuder unika funktioner, såsom containerflikar, som förbättrar integritet och användbarhet, vilket gör det till ett föredraget val för användare som söker oberoende från stora företagskontrollerade webbläsare.
    • +
+

Sonos VD avgår efter appuppdateringsfiasko

+

Reaktioner

+
    +
  • Sonos VD har avgått efter en kontroversiell appuppdatering som krävde att användare ersatte kostsamma ljudsystem, vilket orsakade kundmissnöje. - Uppdateringen introducerade ett molnbaserat system, vilket innebar en övergång från det pålitliga Universal Plug and Play (UPnP), vilket ledde till anslutningsproblem och ökad komplexitet. - Denna situation understryker konflikten mellan affärsstrategier och att upprätthålla kundförtroende, då VD:n övergår till en rådgivande roll med ett avgångsvederlag.
    • +
+

I magen på MrBeast

+

Reaktioner

+
    +
  • Uppsatsen undersöker hur YouTubes algoritm påverkar innehållsskapande, med MrBeast som ett fallstudieexempel, och belyser en förskjutning mot engagemangsdrivet snarare än meningsfullt innehåll. - Den diskuterar de bredare konsekvenserna för medieläskunnighet och den kulturella påverkan av plattformar som YouTube och TikTok, och föreslår en trend mot ytligt och reaktionärt innehåll. - Olika perspektiv beaktas på algoritmers roll i att forma innehåll och populära skapares inflytande på kulturella normer.
    • +
+

GitHub Git-operationer är nere

+
    +
  • GitHub drabbades av ett avbrott i Git-operationer den 13 januari 2025 på grund av en konfigurationsändring som påverkade den interna lastbalanseraren, vilket varade från 23:35 till 00:24 UTC. - Problemet löstes genom att återställa konfigurationsändringen, och GitHub arbetar på att förbättra övervaknings- och distributionsprocesser för att förhindra liknande incidenter. - Avbrottet påverkade även GitHubs Actions- och Pages-tjänster, vilket belyser den sammanlänkade naturen hos deras plattformstjänster.
    • +
+

Reaktioner

+
    +
  • GitHub drabbades av ett stort avbrott som påverkade git-operationer, vilket ledde till förvirring bland utvecklare som initialt misstänkte problem med sina SSH-nycklar eller lokala konfigurationer. - Händelsen betonade utmaningarna med att förlita sig på centraliserade tjänster och ledde till diskussioner om fördelarna med egen hosting och decentraliserade system. - Även om problemet löstes, belyste det oro över GitHubs tillförlitlighet och riskerna med att vara beroende av tredjepartsplattformar för viktiga uppgifter.
    • +
+

ZFS 2.3 släppt med ZFS raidz-expansion

+
    +
  • OpenZFS 2.3.0 har släppts och introducerar betydande funktioner som RAIDZ Expansion, snabb deduplicering, direkt in-/utmatning, JSON-utmatning och stöd för långa filnamn. - Utgåvan inkluderar viktiga buggfixar och prestandaförbättringar, kompatibel med Linux-kärnor 4.18 - 6.12 och FreeBSD-versioner 13.3, 14.0 - 14.2. - Uppdateringen är ett samarbetsprojekt från 134 bidragsgivare, med omfattande dokumentation och en ändringslogg tillgänglig för granskning.
    • +
+

Reaktioner

+
    +
  • ZFS 2.3 har släppts och introducerar funktioner som RAIDZ-expansion, snabb deduplicering, direkt IO, JSON-utdata och stöd för långa filnamn. - RAIDZ-expansion är särskilt anmärkningsvärd eftersom den tillåter användare att lägga till nya enheter till en befintlig RAIDZ-pool utan driftstopp, vilket ökar lagringskapaciteten. - Utgåvan anses vara ett betydande framsteg för ZFS-användare och jämförs med andra filsystem som Btrfs och Windows Storage Spaces, trots vissa begränsningar som oförmågan att krympa pooler.
    • +
+

Webtop – Alpine, Ubuntu, Fedora och Arch-containrar som innehåller fullständiga skrivbordsmiljöer

+
    +
  • Linuxserver/webtop tillhandahåller containrar baserade på Alpine, Ubuntu, Fedora och Arch med fullständiga skrivbordsmiljöer som är tillgängliga via webbläsare, och stöder både x86-64 och arm64-arkitekturer.
    • +
  • Användare kan välja mellan olika skrivbordsmiljöer som XFCE, KDE, MATE, i3, Openbox och IceWM genom att använda specifika bildtaggar, och få tillgång till Webtop via angivna URL:er.
    • +
  • Till säkerhetsfunktionerna hör Dockers seccomp-alternativ och autentiseringsinställningar, med anpassningsmöjligheter tillgängliga via miljövariabler, samt stöd för GPU-acceleration med öppen källkod-drivrutiner.
    • +
+

Reaktioner

+
    +
  • Webtop tillhandahåller containrar med fullständiga skrivbordsmiljöer för Alpine, Ubuntu, Fedora och Arch, lämpliga för snabba installationer bakom en VPN.
    • +
  • Användare berömmer Webtop för dess snabbhet och användarvänlighet, särskilt när det används med Gluetun-containern för säkra anslutningar, men varnar för att exponera containrar för internet utan säkerhetsåtgärder på grund av brist på standardautentisering.
    • +
  • Projektet värderas för att vara öppen källkod och flexibelt, med användare som delar konfigurationer, och alternativ som Kasm och Selkies noteras för liknande ändamål.
    • +
+

1 av 5 jobbannonser online är antingen falska eller aldrig tillsatta, enligt en studie.

+
    +
  • En nyligen genomförd studie visar att 20% av online-jobbannonser antingen är falska eller förblir obesatta, vilket ökar frustrationen hos arbetssökande. - Denna trend med "spökjobb" kan vara en taktik för företag att projicera en bild av tillväxt. - Jobbplattformar som Greenhouse och LinkedIn har infört tjänster för jobbverifiering för att hjälpa användare att identifiera äkta jobbmöjligheter.
    • +
+

Reaktioner

+
    +
  • En studie avslöjar att 20% av onlinejobbannonser antingen är falska eller förblir obesatta, ofta på grund av att företag behöver följa amerikanska immigrationsregler. - Företag kan också låta jobbannonser vara kvar för att hitta idealiska kandidater, ändra krav eller ha förvalda interna kandidater. - Arbetsmarknaden är svår för sökande, som ofta stöter på ghosting och automatiserade avslag, vilket leder till krav på reglerande ingripanden.
    • +
+

Att göra en korsning osäker för fotgängare för att spara sekunder för bilister

+

Reaktioner

+
    +
  • Debatten kretsar kring huruvida korsningar bör prioritera fotgängarsäkerhet eller förarens effektivitet, där vissa föredrar ljusreglerade korsningar och fotgängarövergångar framför fyrvägsstopp.
    • +
  • Åsikterna varierar om trafiklagar och infrastrukturdesign, med diskussioner om säkerheten vid att gå mot röd gubbe och riskerna förknippade med högersvängar vid rött ljus.
    • +
  • Vissa förespråkar alternativa lösningar som rondeller eller att anta nederländska trafikingenjörsstandarder för att förbättra både säkerhet och effektivitet.
    • +
+

PostgreSQL är Årets Databashanteringssystem 2024

+
    +
  • PostgreSQL har tilldelats utmärkelsen DBMS of the Year 2024 av DB-Engines, och har därmed uppnått denna erkänsla för femte gången, vilket överträffar 423 andra databashanteringssystem.
    • +
  • PostgreSQL, med en historia som sträcker sig över nästan 35 år, fortsätter att förnya sig, vilket ses i de senaste förbättringarna av PostgreSQL 17, som släpptes i september 2024.
    • +
  • Snowflake och Microsoft säkrade andra respektive tredje plats, där Snowflake noterades för sin molnbaserade datalagring och stöd för flera moln, medan Microsoft erbjuder robusta hanterade relationsdatabaser genom Azure SQL Database och SQL Server.
    • +
+

Reaktioner

+
    +
  • PostgreSQL har tilldelats utmärkelsen Årets Databashanteringssystem 2024 av db-engines.com, vilket understryker dess växande popularitet och erkännande inom branschen.
    • +
  • Användare överväger att byta från Microsoft SQL Server till PostgreSQL på grund av höga licenskostnader och resursbegränsningar, trots potentiella migrationsutmaningar.
    • +
  • PostgreSQL är omtyckt för sina robusta funktioner och kostnadseffektivitet, vilket gör det till ett föredraget val för framtida projekt, även om vissa användare utforskar alternativ som Babelfish för att minska kostnaderna.
    • +
+

Googles OAuth-inloggning skyddar inte mot att köpa en misslyckad startup-domän

+

Reaktioner

+
    +
  • Diskussionen belyser en sårbarhet i Googles OAuth-inloggningssystem när en misslyckad startups domän förvärvas av en ny ägare, vilket potentiellt kan tillåta obehörig åtkomst till tjänster.
    • +
  • Detta problem uppstår eftersom Google kanske inte kan skilja mellan de ursprungliga och nya domänägarna, vilket påverkar alla system som använder domänbaserad autentisering.
    • +
  • En föreslagen lösning är att använda unika identifierare som förblir konstanta över tid, även om implementeringen av denna lösning varierar mellan olika identitetsleverantörer.
    • +
+

Använda kodningsfärdigheter för att skapa passiv inkomst

+
    +
  • Författaren övergick från en CTO-roll till att bli soloprenör och tjänade framgångsrikt mer genom en portfölj av mjukvaruprodukter.
    • +
  • Nyckelstrategier inkluderar att fokusera på djupt arbete, börja med små projekt, iterera snabbt och ägna tid åt marknadsföringsinsatser.
    • +
  • Resan betonar motståndskraft på grund av osäkerheter, men framhäver den oöverträffade autonomin och friheten i denna karriärväg, vilket uppmuntrar dem med kodningsfärdigheter att överväga den för passiv inkomst.
    • +
+

Reaktioner

+
    +
  • En användare beskrev hur de genererade passiv inkomst genom SEO-spamwebbplatser med hjälp av utgående domännamn, och tjänade cirka 30 000 dollar årligen, trots etiska betänkligheter och Googles slutliga nedslag.
    • +
  • Det inlägget väckte en debatt om passiv inkomst, där vissa användare hävdade att det liknar mer att driva ett företag än verkligt passiva intäkter.
    • +
  • Deltagarna delade med sig av erfarenheter och utmaningar i sidoprojekt, och betonade vikten av tid, motståndskraft och strategisk planering.
    • +
+

Spanien föreslår 100% skatt på bostäder köpta av icke-EU-invånare

+
    +
  • Spanien överväger en 100% skatt på fastighetsköp av icke-EU-invånare, med målet att hantera bostadskrisen och begränsa spekulativa köp.
    • +
  • Premiärminister Pedro Sánchez förslag inkluderar att utöka socialt boende och reglera turistuthyrning för att hantera skillnaden mellan bostadspriser och inkomster.
    • +
  • Förslagets framtid som lag är osäker, med vissa analytiker som ser det som en avskräckande faktor för utländska investerare snarare än en garanterad lagändring.
    • +
+

Reaktioner

+
    +
  • Spanien överväger en 100% skatt på bostäder köpta av icke-EU-invånare för att hantera problem med bostadspriser. - Kritiker menar att utländska köpare inte är den främsta orsaken till höga bostadspriser och pekar på långsam byråkrati och zonindelningar som mer betydande faktorer. - Förslaget har väckt en debatt om utländskt ägandes roll på bostadsmarknaderna och dess effektivitet i att lösa prisfrågor.
    • +
+

Apple kommer snart att få 'tillverkade i Amerika' chips från TSMC:s fabrik i Arizona

+
    +
  • Apple testar processorer från TSMC:s anläggning i Arizona, med planer på massproduktion under första kvartalet, vilket potentiellt gör dem till TSMC:s första amerikanska kund för lokalt tillverkade chip. - Detta initiativ syftar till att stärka USA:s kiseloberoende och minska beroendet av Taiwan, som är sårbart för geopolitiska och naturliga risker. - TSMC:s fabrik i Arizona ska producera avancerade 3nm och 2nm chip, med pågående ansträngningar för att förbättra lokal rekrytering och samarbeten med amerikanska universitet, även om förpackning initialt kommer att ske i Taiwan tills anläggningen i Peoria är i drift.
    • +
+

Reaktioner

+
    +
  • Apple kommer att få chips från TSMC:s fabrik i Arizona, men de måste skickas tillbaka till Taiwan för förpackning på grund av otillräckliga anläggningar i USA. - Över 50 % av arbetskraften vid fabriken i Arizona kommer från Taiwan, vilket indikerar en brist inom det amerikanska STEM-området (vetenskap, teknik, ingenjörskonst och matematik). - CHIPS Act-initiativet, som syftar till att förbättra den amerikanska halvledartillverkningen, står inför utmaningar då "Made in America"-märkningen ifrågasätts på grund av att förpackningsprocessen sker i Taiwan, med planer på amerikanska förpackningsmöjligheter till 2027.
    • +
+

43 000 färre förare på Manhattans vägar efter att trängselavgifter införts

+
    +
  • Efter att trängselavgifter infördes minskade antalet förare som körde in i Manhattan söder om 60:e gatan med 7,5 %, vilket motsvarar 43 000 färre förare varje vardag.
    • +
  • Den minskade trafiken har förbättrat trafikflödet och ökat bussarnas hastighet, med vissa expressbussar som upplever högre passagerarantal.
    • +
  • Metropolitan Transportation Authority (MTA) använder intäkterna från vägtullar, uppskattade till 500 miljoner dollar årligen, för förbättringar av kollektivtrafiken, trots viss politisk opposition.
    • +
+

Reaktioner

+
    +
  • Införandet av trängselavgifter på Manhattan har resulterat i 43 000 färre bilister, vilket har lett till ökad busshastighet och potentiellt bättre responstider för räddningstjänsten.
    • +
  • Policyn är utformad för att minska trafikstockningar och förbättra luftkvaliteten, även om den har väckt debatt om dess påverkan på låginkomsttagare.
    • +
  • Förespråkare hävdar att fördelarna inkluderar mer effektiv kollektivtrafik och renare luft, medan diskussioner fortsätter om att balansera dessa fördelar med förarnas behov.
    • +
+ + + + + +]]> + https://hn.cho.sh/sv/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Självkörande 1993 Volvo med open pilot

-
    -
  • Ett kompisgäng deltog i Carbage Run 2025 Winter edition, en 6-dagars rally genom Sverige till polcirkeln och tillbaka till Helsingfors, där bilarna måste vara minst 20 år gamla och värderade under 1000 €.
    • -
  • De förvandlade en Volvo 940 Estate från 1993 till ett självkörande fordon med hjälp av openpilot från comma.ai, och integrerade moderna komponenter som elektrisk servostyrning, en Bosch iBooster och en Tesla radarsensor.
    • -
  • Framtida uppdateringar kommer att inkludera detaljer om kablage, en anpassad motorstyrningsenhet (ECU) och planer på att göra koden öppen källkod, vilket belyser projektets innovativa tillvägagångssätt för att eftermontera äldre fordon med autonom teknik.
    • -
-

Reaktioner

-
    -
  • En Volvo 940 från 1993 utrustades med OpenPilot, en självkörande teknik, vilket belyser korsningen mellan klassisk bildesign och modern teknik.
    • -
  • Projektet stötte på utmaningar, inklusive uppdatering av broms- och styrsystemen, vilket väckte juridiska och säkerhetsmässiga bekymmer, särskilt med gör-det-själv-modifikationer som att svetsa styrkolonnen.
    • -
  • Diskussionen utvidgades till bilregleringar i Europa, minskningen av hotrods i USA och kulturella skillnader i friheten att modifiera bilar, med projektet betraktat som en inspirerande gör-det-själv-insats trots säkerhetsbekymmer.
    • -
-

VoxelSpace: Terrängrenderingsalgoritm på mindre än 20 rader kod (2020)

-
    -
  • NovaLogics spel Comanche från 1992 använde Voxel Space-motorn, en 2.5D-renderingsteknik baserad på ray casting, för att skapa detaljerade terränger med skuggning och skuggor.
    • -
  • Voxel Space-motorn använde höjd- och färgkartor samt en enkel renderingsalgoritm, som ritade vertikala linjer från bak till fram, vilket kunde optimeras för prestanda.
    • -
  • Motorns kod är tillgänglig under MIT-licensen, men teknologin kan fortfarande vara patenterad i vissa regioner.
    • -
-

Reaktioner

-
    -
  • VoxelSpace är en terrängrenderingsalgoritm som är anmärkningsvärd för sin enkelhet, kräver mindre än 20 rader kod, och väcker nostalgi för innovativ spelutveckling under hårdvarubegränsade epoker.
    • -
  • Moderna AAA-spel fokuserar på komplexa optimeringar och marknadstrender, ofta på bekostnad av originalitet, medan indiespel och plattformar som PICO-8 erbjuder mer kreativ frihet.
    • -
  • Trots teknologiska framsteg känner vissa utvecklare och spelare att den "magi" som fanns i äldre spel saknas, även om innovativa projekt som voxelrendering fortsätter att inspirera kreativitet.
    • -
-

Så ritar du en kontur i ett videospel

-
    -
  • Artikeln diskuterar fem tekniker för att rendera konturer i Unity, en populär plattform för spelutveckling, och lyfter fram deras användning i spel som Sable och The Last of Us. - Teknikerna inkluderar Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm och Edge Detection, var och en med unika fördelar och kompromisser när det gäller prestanda och visuell kvalitet. - Artikeln ger insikter i hur man balanserar dessa metoder för optimal spelestetik och spelstöd, med ytterligare resurser och krediter för 3D-modeller inkluderade.
    • -
-

Reaktioner

-
    -
  • Artikeln utforskar avancerade tekniker för att rita konturer i videospel, med betoning på effektiviteten hos Jump Flood Algorithm (JFA) och Signed Distance Fields (SDFs) jämfört med traditionella metoder. - Den fördjupar sig i stiliserad 3D-grafik, diskuterar renderingstekniker och den potentiella användningen av neurala nätverk för belysning och styling. - Bidragsgivare ger insikter i den historiska utvecklingen av cel shading i spel, såsom Jet Set Radio, och belyser den ständigt utvecklande korsningen mellan teknik och konst i 3D-grafik.
    • -
-

Jag slutar på Washington Post

-

Reaktioner

-
    -
  • Författaren lämnar Washington Post på grund av dess oförmåga att anpassa sig till det föränderliga medielandskapet och dess sätt att presentera frågor, vilket de anser är ineffektivt för kritiska ämnen som demokrati.
    • -
  • Traditionella medier, särskilt lokala tidningar, kämpar ekonomiskt, vilket leder till partisk rapportering och en minskning av allmänhetens förtroende, medan sociala medier inte kan ersätta det noggranna arbetet inom journalistik.
    • -
  • Det uttrycks oro över inflytandet från förmögna individer, såsom Jeff Bezos, på mediekanaler, och effekten av företagsintressen på mediernas roll i att hålla makten ansvarig.
    • -
-

Perplexity har fått annonser

-

Reaktioner

-
    -
  • Perplexity har infört annonser, vilket har lett till diskussioner om oundvikligheten av annonser i onlinetjänster på grund av konsumenters ovilja att betala för annonsfria upplevelser. - Vissa användare tycker att annonser är påträngande och föredrar prenumerationsbaserade tjänster som Kagi, som erbjuder annonsfri sökning, medan andra fortsätter att välja gratis, annonsstödda alternativ. - Denna situation understryker den pågående debatten mellan annonsstödda och prenumerationsbaserade modeller i digitala tjänster.
    • -
- - - - - -]]> - https://hn.cho.sh/sv/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/ta.xml b/static/rss/newsletter/ta.xml index 9a9b429fc..4bf3228ff 100644 --- a/static/rss/newsletter/ta.xml +++ b/static/rss/newsletter/ta.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

ச்னிக் பாதுகாப்பு ஆராய்ச்சியாளர் cursor.com ஐ இலக்காகக் கொண்ட தீங்கிழைக்கும் NPM தொகுப்புகளைப் பரப்புகிறார்

+
    +
  • ஒரு Snyk பாதுகாப்பு ஆராய்ச்சியாளர் Cursor.com என்ற AI குறியீட்டு நிறுவனத்தை இலக்காகக் கொண்ட தீங்கிழைக்கும் NPM தொகுப்புகளை வெளியிட்டு, கணினி தரவுகளை சேகரித்து, அதை தாக்குதலாளி கட்டுப்பாட்டில் உள்ள சேவைக்கு அனுப்பினார்.
    • +
  • பொதியங்கள், "கர்சர்-மீட்டெடுப்பு," "கர்சர்-எப்போதும்-உள்ளூர்," மற்றும் "கர்சர்-நிழல்-வேலைநிலம்" என அடையாளம் காணப்பட்டன, OpenSSF பொதிய பகுப்பாய்வு ஸ்கேனர் மூலம் குறிக்கப்படுவதால், MAL-2025-27, MAL-2025-28, மற்றும் MAL-2025-29 என அறிவுறுத்தல்கள் வெளியிடப்பட்டன.
    • +
  • இந்த நிகழ்வு, சாத்தியமான பாதுகாப்பு அச்சுறுத்தல்களை தவிர்க்க, நிறுவுவதற்கு முன் NPM தொகுப்புகளை ஆராய்வதின் முக்கியத்துவத்தை வெளிப்படுத்துகிறது.
    • +
+

எதிர்வினைகள்

+
    +
  • ஒரு Snyk பாதுகாப்பு ஆராய்ச்சியாளர் cursor.com-ஐ குறிவைத்து தீங்கிழைக்கும் NPM (Node Package Manager) தொகுப்புகளை வெளியிட்டார், சார்பு குழப்பம் பாதிப்புகளை வெளிப்படுத்தினார். - இந்த சம்பவம் பாதுகாப்பு ஆராய்ச்சியின் நெறிமுறைகள் குறித்து விவாதத்தை தூண்டியுள்ளது, குறிப்பாக சூழல் மாறிலிகளை பொது வெளியில் வெளிப்படுத்துவது தொடர்பாக. - Cursor.com அவர்கள் இந்த நடவடிக்கையை அங்கீகரிக்கவில்லை என்று தெளிவுபடுத்தியது, மேலும் Snyk மன்னிப்பு கேட்டுள்ளது, நெறிமுறைகள் மற்றும் தாக்குதல் பாதுகாப்பு ஆராய்ச்சியை சமநிலைப்படுத்துவதில் உள்ள சவால்களை வலியுறுத்துகிறது.
    • +
+

நான் ஃபயர்பாக்ஸுக்கு மாறினேன் மற்றும் மீண்டும் ஒருபோதும் திரும்பிப் பார்க்கவில்லை

+
    +
  • Firefox அதன் மேம்பட்ட தாவல் மேலாண்மை, இணைக்கப்பட்ட பாக்கெட் அம்சம் மூலம் இணைப்புகளை சேமிக்க, மற்றும் தனியுரிமை மையமாகிய மின்னஞ்சல் ரிலே ஆகியவற்றிற்காக பாராட்டப்படுகிறது, இதனால் இது Chrome க்கு ஒரு வலுவான மாற்றாக உள்ளது. - பயனர் நட்பு ஸ்கிரீன்ஷாட் கருவி, ChatGPT பொத்தான், படம்-இன்-படம், தனிப்பயனாக்கக்கூடிய தேடல் விருப்பங்கள், மற்றும் மென்மையான ஸ்க்ரோலிங் போன்ற கூடுதல் அம்சங்கள் உலாவல் அனுபவத்தை மேம்படுத்துகின்றன. - Firefox Chrome இன் வலை பயன்பாட்டு அம்சத்தை கொண்டிருக்கவில்லை என்றாலும், அதன் சிந்தனையுடன் வடிவமைப்பு மற்றும் குறைந்த வள தேவைகள் சில பயனர்களுக்கு விருப்பமான தேர்வாக இதை மாற்றுகின்றன.
    • +
+

எதிர்வினைகள்

+
    +
  • பயன்பாட்டாளர்கள், யூடியூப் போன்ற தளங்களால் எதிர்கொள்ளும் சவால்கள், குறிப்பாக கூகிள் அல்லாத உலாவிகள் அல்லது விளம்பர தடுப்பிகளை பயன்படுத்தும் பயனர்களுக்கு அனுபவத்தை குறைக்கலாம். - இந்த போக்கு பயனர் சுயாதீனத்திற்கான கவலைகளை எழுப்புகிறது, ஏனெனில் இது விளம்பரமற்ற மற்றும் கண்காணிப்பற்ற இணைய அனுபவத்தை தேர்ந்தெடுக்கும் பயனர்களை தண்டிக்கிறது. - பயனர் சுயாதீனத்திற்காக பெரும் நிறுவனங்களால் கட்டுப்படுத்தப்படும் உலாவிகளில் இருந்து விடுபட விரும்பும் பயனர்களுக்கு, பிரத்தியேக தன்மை மற்றும் பயன்பாட்டை மேம்படுத்தும் கொண்டெய்னர் டேப்கள் போன்ற தனித்துவமான அம்சங்களை வழங்குவதால், ஃபயர்பாக்ஸ் ஒரு விருப்பமான தேர்வாக உள்ளது.
    • +
+

சோனோஸ் தலைமை நிர்வாக அதிகாரி செயலி புதுப்பிப்பு சிக்கலுக்குப் பிறகு பதவி விலகினார்

+

எதிர்வினைகள்

+
    +
  • சோனோஸ் நிறுவனத்தின் தலைமை நிர்வாக அதிகாரி, வாடிக்கையாளர்களின் அதிருப்தியை ஏற்படுத்திய விலையுயர்ந்த ஒலிக்கருவிகளை மாற்ற வலியுறுத்திய சர்ச்சைக்குரிய செயலி புதுப்பிப்பைத் தொடர்ந்து ராஜினாமா செய்துள்ளார். - இந்த புதுப்பிப்பு மேக அடிப்படையிலான அமைப்பை அறிமுகப்படுத்தியது, நம்பகமான யுனிவர்சல் பிளக் அண்ட் பிளே (UPnP) முறையிலிருந்து விலகியது, இது இணைப்பு சிக்கல்களை மற்றும் அதிகரித்த சிக்கல்களை ஏற்படுத்தியது. - இந்த நிலைமை வணிக உத்திகள் மற்றும் வாடிக்கையாளர் நம்பிக்கையை பராமரிப்பதற்கிடையிலான மோதலை வலியுறுத்துகிறது, ஏனெனில் தலைமை நிர்வாக அதிகாரி ஒரு ஆலோசனைப் பங்கிற்கு மாற்றம் செய்யப்படுகிறார் மற்றும் ஒரு பிரிவு தொகுப்புடன்.
    • +
+

MrBeast என்பவரின் வயிற்றில்

+

எதிர்வினைகள்

+
    +
  • கட்டுரை YouTube இன் ஆல்கொரிதம் உள்ளடக்க உருவாக்கத்தை எவ்வாறு பாதிக்கிறது என்பதை ஆய்வு செய்கிறது, MrBeast ஐ ஒரு வழக்குக் கற்பிதமாகக் கொண்டு, ஈர்ப்பை மையமாகக் கொண்ட உள்ளடக்கத்திற்கேற்ற மாற்றத்தை வெளிப்படுத்துகிறது. - இது ஊடக கல்வி மற்றும் YouTube மற்றும் TikTok போன்ற தளங்களின் கலாச்சார தாக்கம் பற்றிய பரந்த விளைவுகளை விவரிக்கிறது, மேற்பரப்பான மற்றும் எதிர்வினை உள்ளடக்கத்திற்கான ஒரு போக்கை முன்மொழிகிறது. - ஆல்கொரிதங்கள் உள்ளடக்கத்தை வடிவமைப்பதில் மற்றும் பிரபலமான உருவாக்குநர்கள் கலாச்சார நெறிமுறைகளில் ஏற்படுத்தும் தாக்கத்தில் பல்வேறு பார்வைகள் பரிசீலிக்கப்படுகின்றன.
    • +
+

GitHub Git செயல்பாடுகள் செயலிழந்துள்ளன

+
    +
  • GitHub, ஜனவரி 13, 2025 அன்று, உள்துறை சுமை சமநிலை மாற்றத்தை பாதித்த ஒரு கட்டமைப்பு மாற்றம் காரணமாக Git செயல்பாடுகள் தடை ஏற்பட்டது, இது 23:35 முதல் 00:24 UTC வரை நீடித்தது. - இந்த பிரச்சினை கட்டமைப்பு மாற்றத்தை மாற்றுவதன் மூலம் தீர்க்கப்பட்டது, மேலும் இதுபோன்ற சம்பவங்களைத் தடுக்க கண்காணிப்பு மற்றும் பிரசாரம் செயல்முறைகளை மேம்படுத்த GitHub பணியாற்றி வருகிறது. - இந்த தடை GitHub இன் Actions மற்றும் Pages சேவைகளையும் பாதித்தது, அவர்களின் தள சேவைகளின் பரஸ்பர இணைந்த தன்மையை வெளிப்படுத்தியது.
    • +
+

எதிர்வினைகள்

+
    +
  • GitHub ஒரு முக்கியமான சேவையின்மை பிரச்சினையை எதிர்கொண்டது, இது git செயல்பாடுகளை பாதித்தது, இதனால் முதலில் தங்கள் SSH விசைகள் அல்லது உள்ளூர் கட்டமைப்புகளுடன் பிரச்சினைகள் உள்ளன என்று சந்தேகித்த டெவலப்பர்களுக்கு குழப்பம் ஏற்பட்டது. - இந்த சம்பவம் மையமயமாக்கப்பட்ட சேவைகளின் மீது நம்பிக்கை வைப்பதன் சவால்களை வலியுறுத்தியது, சுய-ஹோஸ்டிங் மற்றும் மையமற்ற அமைப்புகளின் நன்மைகள் பற்றிய விவாதங்களைத் தூண்டியது. - பிரச்சினை தீர்க்கப்பட்டாலும், GitHub இன் நம்பகத்தன்மை மற்றும் முக்கிய பணிகளுக்காக மூன்றாம் தரப்பு தளங்களின் மீது நம்பிக்கை வைப்பதன் அபாயங்களைப் பற்றிய கவலைகளை இது வெளிப்படுத்தியது.
    • +
+

ZFS 2.3 வெளியிடப்பட்டது ZFS raidz விரிவாக்கத்துடன்

+
    +
  • TEXT: OpenZFS 2.3.0 வெளியிடப்பட்டுள்ளது, RAIDZ விரிவாக்கம், வேகமான Deduplication, நேரடி உள்ளீடு/வெளியீடு, JSON வெளியீடு மற்றும் நீண்ட கோப்பு பெயர்களுக்கு ஆதரவு போன்ற முக்கிய அம்சங்களை அறிமுகப்படுத்துகிறது. - இந்த வெளியீடு முக்கிய பிழை திருத்தங்கள் மற்றும் செயல்திறன் மேம்பாடுகளை உள்ளடக்கியது, Linux kernels 4.18 - 6.12 மற்றும் FreeBSD பதிப்புகள் 13.3, 14.0 - 14.2 உடன் இணக்கமானது. - இந்த புதுப்பிப்பு 134 பங்களிப்பாளர்களின் கூட்டாண்மை முயற்சியாகும், விரிவான ஆவணங்கள் மற்றும் மாற்றம் பதிவு மதிப்பீட்டிற்காக கிடைக்கின்றன.
    • +
+

எதிர்வினைகள்

+
    +
  • ZFS 2.3 வெளியிடப்பட்டுள்ளது, RAIDZ விரிவாக்கம், வேகமான டிடுப்ளிகேஷன், நேரடி IO, JSON வெளியீடு, நீண்ட கோப்பு பெயர்களுக்கு ஆதரவு போன்ற அம்சங்களை அறிமுகப்படுத்துகிறது. - RAIDZ விரிவாக்கம் குறிப்பாக குறிப்பிடத்தக்கது, ஏனெனில் இது பயனர்களுக்கு எந்த இடையூறும் இல்லாமல் உள்ள RAIDZ குளத்தில் புதிய சாதனங்களைச் சேர்க்க அனுமதிக்கிறது, சேமிப்பு திறனை மேம்படுத்துகிறது. - இந்த வெளியீடு ZFS பயனர்களுக்கு ஒரு முக்கிய முன்னேற்றமாகக் கருதப்படுகிறது, Btrfs மற்றும் Windows Storage Spaces போன்ற பிற கோப்பக அமைப்புகளுடன் ஒப்பிடப்படுகிறது, குளங்களைச் சுருக்க முடியாதது போன்ற சில வரம்புகள் இருந்தாலும்.
    • +
+

வலைமேடை – முழுமையான டெஸ்க்டாப் சூழல்களைக் கொண்ட ஆல்பைன், உபுண்டு, ஃபெடோரா மற்றும் ஆர்ச் கண்டெய்னர்கள்

+
    +
  • Linuxserver/webtop ஆனது Alpine, Ubuntu, Fedora, மற்றும் Arch அடிப்படையிலான கன்டெய்னர்களை வழங்குகிறது, அவை முழுமையான டெஸ்க்டாப் சூழல்களை வலை உலாவிகளின் மூலம் அணுகக்கூடியவாறு செய்கின்றன, மேலும் x86-64 மற்றும் arm64 கட்டமைப்புகளையும் ஆதரிக்கின்றன.
    • +
  • பயனர்கள் XFCE, KDE, MATE, i3, Openbox, மற்றும் IceWM போன்ற பல்வேறு டெஸ்க்டாப் சூழல்களில் இருந்து தேர்வு செய்யலாம், குறிப்பிட்ட படக்குறிகளைப் பயன்படுத்தி, குறிப்பிட்ட URLகளின் மூலம் வலைமேடையை அணுகலாம்.
    • +
  • பாதுகாப்பு அம்சங்களில் Docker இன் seccomp விருப்பம் மற்றும் அங்கீகார அமைப்பு அடங்கும், சூழல் மாறிகள் மூலம் தனிப்பயனாக்கல் விருப்பங்கள் கிடைக்கின்றன, மேலும் திறந்த மூல இயக்கிகள் மூலம் GPU வேகப்படுத்தலுக்கான ஆதரவு உள்ளது.
    • +
+

எதிர்வினைகள்

+
    +
  • Webtop, Alpine, Ubuntu, Fedora, மற்றும் Arch ஆகியவற்றிற்கான முழுமையான டெஸ்க்டாப் சூழல்களுடன் கொண்டெய்னர்களை வழங்குகிறது, இது VPN பின்னால் விரைவான அமைப்புகளுக்கு ஏற்றதாகும்.
    • +
  • பயனர்கள் Webtop ஐ அதன் வேகம் மற்றும் பயன்படுத்த எளிமையான தன்மைக்காக பாராட்டுகின்றனர், குறிப்பாக Gluetun கொண்டெய்னருடன் பாதுகாப்பான இணைப்புகளுக்கு பயன்படுத்தும்போது, ஆனால் இயல்புநிலை அங்கீகாரம் இல்லாததால் பாதுகாப்பு நடவடிக்கைகள் இல்லாமல் கொண்டெய்னர்களை இணையத்துடன் வெளிப்படுத்துவதை எச்சரிக்கின்றனர்.
    • +
  • தமிழில் எழுத வேண்டும். இந்த திட்டம் திறந்த மூலமாகவும், நெகிழ்வானதாகவும் மதிக்கப்படுகிறது, பயனர்கள் கட்டமைப்புகளை பகிர்ந்து கொள்கின்றனர், மேலும் Kasm மற்றும் Selkies போன்ற மாற்றுகள் இதே போன்ற நோக்கங்களுக்காக குறிப்பிடப்படுகின்றன.
    • +
+

ஆன்லைன் வேலைவாய்ப்பு விளம்பரங்களில் 5 இல் 1 என்பது போலியானது அல்லது ஒருபோதும் நிரப்பப்படாதது என்று ஆய்வு கண்டறிந்துள்ளது

+
    +
  • சமீபத்திய ஆய்வு ஒன்று, ஆன்லைன் வேலைவாய்ப்பு அறிவிப்புகளில் 20% போலியானவையாகவோ அல்லது நிரப்பப்படாதவையாகவோ உள்ளன என்று காட்டுகிறது, இது வேலை தேடுபவர்களின் ஏமாற்றத்தை அதிகரிக்கிறது. - இந்த "பேய் வேலை" போக்கு, நிறுவனங்கள் வளர்ச்சி படத்தை வெளிப்படுத்தும் உத்தியாக இருக்கலாம். - கிரீன்ஹவுஸ் மற்றும் லிங்க்ட்இன் போன்ற வேலைவாய்ப்பு தளங்கள், பயனர்களுக்கு உண்மையான வேலை வாய்ப்புகளை அடையாளம் காண உதவ வேலை சரிபார்ப்பு சேவைகளை அறிமுகப்படுத்தியுள்ளன.
    • +
+

எதிர்வினைகள்

+
    +
  • தமிழில் எழுத வேண்டும். ஒரு ஆய்வு தெரிவிக்கிறது, ஆன்லைன் வேலைவாய்ப்பு அறிவிப்புகளில் 20% போலியானவையாகவோ அல்லது நிரப்பப்படாதவையாகவோ உள்ளன, பெரும்பாலும் அமெரிக்க குடியேற்றக் கொள்கைகளை பின்பற்ற நிறுவனங்கள் தேவைப்படும் காரணத்தினால். - நிறுவனங்கள் கூடுதல் நேரத்திற்காக வேலைவாய்ப்பு அறிவிப்புகளை வைத்திருக்கலாம், சிறந்த வேட்பாளர்களைத் தேட, தேவைகளை மாற்ற, அல்லது முன்பே தேர்ந்தெடுக்கப்பட்ட உள்நாட்டு வேட்பாளர்களை வைத்திருக்கலாம். - வேலை சந்தை விண்ணப்பதாரர்களுக்கு கடினமாக உள்ளது, அவர்கள் அடிக்கடி 'கோஸ்டிங்' மற்றும் தானியங்கி மறுப்புகளை சந்திக்கின்றனர், இது ஒழுங்குமுறை தலையீட்டை கோருகிறது.
    • +
+

வாகன ஓட்டிகளுக்காக விநாடிகளை சேமிக்க பாதசாரிகளுக்கு ஒரு சந்திப்பை பாதுகாப்பற்றதாக மாற்றுதல்

+

எதிர்வினைகள்

+
    +
  • தமிழில் எழுத வேண்டும். விவாதம் சந்திப்புகளில் பாதசாரி பாதுகாப்பை முன்னுரிமைப்படுத்த வேண்டுமா அல்லது வாகன ஓட்டுநரின் செயல்திறனை முன்னுரிமைப்படுத்த வேண்டுமா என்பதைக் குறிக்கிறது, சிலர் ஒளி கட்டுப்பாட்டிலான சந்திப்புகள் மற்றும் பாதசாரி சறுக்கல்களை 4 வழி நிறுத்தங்களுக்குப் பதிலாக ஆதரிக்கின்றனர்.
    • +
  • பாதுகாப்பற்ற இடங்களில் சாலையை கடக்குதல் மற்றும் சிவப்பு விளக்கில் வலதுபுறம் திரும்புவதால் ஏற்படும் அபாயங்கள் குறித்து போக்குவரத்து சட்டங்கள் மற்றும் உள்கட்டமைப்பு வடிவமைப்பில் கருத்துக்கள் மாறுபடுகின்றன.
    • +
  • தமிழில் எழுத வேண்டும்: சிலர் பாதுகாப்பையும் செயல்திறனையும் மேம்படுத்துவதற்காக சுற்றுச்சாலை அல்லது டச்சு போக்குவரத்து பொறியியல் தரநிலைகளை ஏற்கும் மாற்று தீர்வுகளை ஆதரிக்கின்றனர்.
    • +
+

PostgreSQL 2024 ஆம் ஆண்டின் தரவுத்தள மேலாண்மை அமைப்பாகும்

+
    +
  • PostgreSQL, 2024 ஆம் ஆண்டிற்கான DBMS ஆஃப் தி இயர் விருதை DB-Engines மூலம் பெற்றுள்ளது, 423 பிற தரவுத்தள மேலாண்மை அமைப்புகளை முந்தி, ஐந்தாவது முறையாக இந்த அங்கீகாரத்தை பெற்றுள்ளது.
    • +
  • PostgreSQL, 35 ஆண்டுகளுக்கு மேல் நீடிக்கும் வரலாற்றுடன், 2024 செப்டம்பரில் வெளியிடப்பட்ட PostgreSQL 17 இன் சமீபத்திய மேம்பாடுகளில் காணப்படும் புதிய முயற்சிகளை தொடர்ந்து மேற்கொள்கிறது.
    • +
  • Snowflake மற்றும் Microsoft முறையே இரண்டாம் மற்றும் மூன்றாம் இடங்களைப் பெற்றன, Snowflake அதன் மேக அடிப்படையிலான தரவுத்தொகுப்பு மற்றும் பல மேக ஆதரவுக்காக குறிப்பிடப்பட்டது, அதேசமயம் Microsoft Azure SQL Database மற்றும் SQL Server மூலம் வலுவான மேலாண்மை செய்யப்பட்ட தொடர்பு தரவுத்தொகுப்புகளை வழங்குகிறது.
    • +
+

எதிர்வினைகள்

+
    +
  • PostgreSQL 2024 ஆம் ஆண்டிற்கான தரவுத்தள மேலாண்மை அமைப்பு விருதை db-engines.com மூலம் பெற்றுள்ளது, இது அதன் வளர்ந்து வரும் பிரபலத்தையும், தொழில்துறையில் கிடைக்கும் அங்கீகாரத்தையும் வெளிப்படுத்துகிறது.
    • +
  • பயனர்கள் மைக்ரோசாஃப்ட் SQL சர்வர் இருந்து PostgreSQL க்கு மாறுவதைக் கருதுகின்றனர், அதிக உரிமம் செலவுகள் மற்றும் வளக் கட்டுப்பாடுகள் காரணமாக, இடமாற்ற சவால்கள் இருந்தாலும்.
    • +
  • PostgreSQL அதன் வலுவான அம்சங்கள் மற்றும் செலவுக் குறைவுக்காக விரும்பப்படுகிறது, இது எதிர்கால திட்டங்களுக்கு விருப்பமான தேர்வாக இருக்கிறது, ஆனால் சில பயனர்கள் செலவுகளை குறைக்க Babelfish போன்ற மாற்றங்களை ஆராய்கிறார்கள்.
    • +
+

Google இன் OAuth உள்நுழைவு ஒரு தோல்வியுற்ற ஸ்டார்ட்அப் டொமைனை வாங்குவதிலிருந்து பாதுகாக்காது

+

எதிர்வினைகள்

+
    +
  • இந்த விவாதம், தோல்வியடைந்த ஸ்டார்ட்அப்பின் டொமைன் புதிய உரிமையாளரால் கைப்பற்றப்படும் போது, கூகிளின் OAuth உள்நுழைவு அமைப்பில் உள்ள ஒரு பாதிப்பை வெளிப்படுத்துகிறது, இது அனுமதியற்ற அணுகலை சேவைகளுக்கு அனுமதிக்கக்கூடும்.
    • +
  • இந்த பிரச்சனை உருவாகிறது, ஏனெனில் கூகுள் அசல் மற்றும் புதிய டொமைன் உரிமையாளர்களை வேறுபடுத்தாமல் இருக்கலாம், இது டொமைன் அடிப்படையிலான அங்கீகாரத்தைப் பயன்படுத்தும் எந்தவொரு அமைப்பையும் பாதிக்கக்கூடும்.
    • +
  • ஒரு பரிந்துரைக்கப்பட்ட தீர்வு என்பது காலப்போக்கில் மாறாத தனித்துவமான அடையாளங்களைப் பயன்படுத்துவது, ஆனால் இந்த தீர்வின் செயலாக்கம் அடையாள வழங்குநர்களிடையே மாறுபடுகிறது.
    • +
+

கோடிங் திறன்களை பயன்படுத்தி பாசிவ் வருமானம் பெறுதல்

+
    +
  • TEXT: ஆசிரியர் CTO பங்கிலிருந்து தனியார் தொழில்முனைவோராக மாறி, மென்பொருள் தயாரிப்புகளின் தொகுப்பின் மூலம் அதிக வருமானம் ஈட்டினார். TEXT:
    • +
  • முக்கிய உத்திகள் ஆழமான பணியில் கவனம் செலுத்துவது, சிறிய திட்டங்களுடன் தொடங்குவது, விரைவாக திருத்துவது மற்றும் சந்தைப்படுத்தல் முயற்சிகளுக்கு நேரத்தை ஒதுக்குவது ஆகியவற்றை உள்ளடக்கியவை.
    • +
  • இந்த பயணம் நிச்சயமற்ற தன்மையால் பொறுமையை வலியுறுத்துகிறது, ஆனால் இந்த தொழில் பாதையின் ஒப்பற்ற சுயாதீனத்தையும் சுதந்திரத்தையும் சிறப்பிக்கிறது, குறியீட்டு திறன்களைக் கொண்டவர்களை இதை பாசிவ் வருமானத்திற்காக பரிசீலிக்க ஊக்குவிக்கிறது.
    • +
+

எதிர்வினைகள்

+
    +
  • ஒரு பயனர், முடிவடையும் டொமைன் பெயர்களைப் பயன்படுத்தி SEO ஸ்பாம் வலைத்தளங்கள் மூலம் பாசிவ் வருமானத்தை உருவாக்கி, ஆண்டுக்கு சுமார் $30k சம்பாதிப்பதாக, நெறிமுறைக் கவலைகள் மற்றும் கூகிளின் இறுதியில் நடவடிக்கை எடுப்பதைப் பொருட்படுத்தாமல் விவரித்தார்.
    • +
  • TEXT: இந்த பதிவு, சில பயனர்கள் உண்மையில் பாசிவ் வருமானத்தை விட ஒரு வணிகத்தை நடத்துவது போன்றது என்று வாதிடுவதால், பாசிவ் வருமானம் குறித்த விவாதத்தை தூண்டியது. TEXT:
    • +
  • TEXT: பங்கேற்பாளர்கள் பக்கத் திட்டங்களில் அனுபவங்களையும் சவால்களையும் பகிர்ந்து கொண்டனர், நேரம், பொறுமை மற்றும் மூலோபாய திட்டமிடலின் முக்கியத்துவத்தை வலியுறுத்தினர்.
    • +
+

ஸ்பெயின், ஐரோப்பிய ஒன்றியத்திற்கு வெளியே உள்ள குடியிருப்பாளர்களால் வாங்கப்படும் வீடுகளுக்கு 100% வரி விதிக்க முன்மொழிகிறது

+
    +
  • ஸ்பெயின், வீட்டு வசதி நெருக்கடியை சமாளிக்கவும், ஊக வணிகத்தை கட்டுப்படுத்தவும் நோக்கி, ஐரோப்பிய ஒன்றியத்திற்கு வெளியே உள்ள குடியிருப்பாளர்களால் செய்யப்படும் நில விற்பனை வாங்குதல்களுக்கு 100% வரி விதிப்பதை பரிசீலிக்கிறது.
    • +
  • பிரதமர் பெட்ரோ சாஞ்சஸ் முன்மொழிந்த திட்டம் சமூக வீடுகளை விரிவுபடுத்துவதையும், வீட்டு விலை மற்றும் வருமானங்களுக்கிடையேயான வேறுபாட்டை சமாளிக்க சுற்றுலா வாடகைகளை ஒழுங்குபடுத்துவதையும் உள்ளடக்கியது.
    • +
  • தமிழில் எழுத வேண்டும். சில பகுப்பாய்வாளர்கள் இதை ஒரு உறுதியான சட்ட மாற்றமாக அல்லாமல், வெளிநாட்டு முதலீட்டாளர்களுக்கு தடையாகக் காண்கிறார்கள் என்பதால், அந்த முன்மொழிவின் சட்டமாக்கலின் எதிர்காலம் நிச்சயமற்றதாக உள்ளது.
    • +
+

எதிர்வினைகள்

+
    +
  • ஸ்பெயின், இல்லத்திற்கான விலை ஏற்றத்தை சமாளிக்க, ஐரோப்பிய ஒன்றியத்திற்கு வெளியே உள்ள குடியிருப்பாளர்களால் வாங்கப்படும் வீடுகளுக்கு 100% வரி விதிக்க பரிசீலிக்கிறது. - விமர்சகர்கள், வெளிநாட்டு வாங்குபவர்கள் இல்லத்திற்கான விலை உயர்வின் முதன்மை காரணம் அல்ல என்று கூறி, மந்தமான நிர்வாகம் மற்றும் மண்டல சட்டங்கள் போன்றவை முக்கியமான காரணிகள் எனக் குறிப்பிடுகின்றனர். - இந்த முன்மொழிவு, வீட்டு சந்தைகளில் வெளிநாட்டு சொந்தக்காரர்களின் பங்கு மற்றும் விலை ஏற்றத்தை தீர்க்க அதன் பயன்தன்மை குறித்து விவாதத்தை தூண்டியுள்ளது.
    • +
+

ஆப்பிள் விரைவில் TSMC இன் அரிசோனா தொழிற்சாலையில் இருந்து 'அமெரிக்காவில் தயாரிக்கப்பட்ட' சிப்களை பெறும்

+
    +
  • உரை: ஆப்பிள் TSMC இன் அரிசோனா தொழிற்சாலையில் இருந்து செயலிகளை சோதித்து வருகிறது, முதல் காலாண்டிற்குள் பெருமளவில் உற்பத்தி செய்ய திட்டமிட்டுள்ளது, இது உள்ளூர் தயாரிக்கப்பட்ட சிப்களுக்கான TSMC இன் முதல் அமெரிக்க வாடிக்கையாளராக ஆப்பிள் மாறக்கூடும். - இந்த முயற்சி அமெரிக்காவின் சிலிகான் சுயாதீனத்தை வலுப்படுத்துவதற்காக, புவியியல் மற்றும் இயற்கை அபாயங்களுக்கு ஆளாகக்கூடிய தைவானின் மீது சார்பை குறைப்பதற்காக மேற்கொள்ளப்படுகிறது. - TSMC இன் அரிசோனா தொழிற்சாலை மேம்பட்ட 3nm மற்றும் 2nm சிப்களை தயாரிக்க அமைக்கப்பட்டுள்ளது, உள்ளூர் ஆட்சேர்ப்பு மற்றும் அமெரிக்க பல்கலைக்கழகங்களுடன் கூட்டாண்மைகளை மேம்படுத்தும் முயற்சிகள் நடைபெற்று வருகின்றன, ஆனால் பேக்கேஜிங் ஆரம்பத்தில் தைவானில் நடைபெறும், பியோரியா தொழிற்சாலை செயல்பாட்டுக்கு வரும்வரை.
    • +
+

எதிர்வினைகள்

+
    +
  • உரை: ஆப்பிள் TSMC இன் அரிசோனா ஆலையிலிருந்து சிப்களைப் பெறும், ஆனால் போதுமான அமெரிக்க வசதிகள் இல்லாததால் அவற்றை திருப்பி தைவானுக்கு அனுப்பி மூடுவதற்குத் தேவையாகிறது. - அரிசோனா ஆலையில் பணிபுரியும் பணியாளர்களில் 50% க்கும் மேற்பட்டோர் தைவானிலிருந்து வந்தவர்கள், இது அமெரிக்காவின் STEM (அறிவியல், தொழில்நுட்பம், பொறியியல் மற்றும் கணிதம்) துறையில் ஒரு இடைவெளியைக் குறிக்கிறது. - அமெரிக்க அரைக்கட்டமைப்பு உற்பத்தியை மேம்படுத்தும் நோக்கில் CHIPS சட்டம் முயற்சி சவால்களை எதிர்கொள்கிறது, ஏனெனில் "அமெரிக்காவில் தயாரிக்கப்பட்டது" என்ற லேபிள் கேள்விக்குறியாகிறது, மூடுதல் செயல்முறை தைவானில் நடைபெறுவதால், 2027 ஆம் ஆண்டுக்குள் அமெரிக்க மூடுதல் திறன்களை உருவாக்கும் திட்டங்களுடன்.
    • +
+

மெருகூட்டல் கட்டணம் செயல்படுத்தப்பட்ட பிறகு மான்ஹாட்டன் சாலைகளில் 43,000 ஓட்டுநர்கள் குறைந்துள்ளனர்

+
    +
  • கூட்ட நெரிசல் விலை நிர்ணயம் செயல்படுத்தப்பட்ட பிறகு, 60வது தெருவுக்கு கீழே மான்ஹாட்டனில் நுழையும் வாகன ஓட்டிகளின் எண்ணிக்கை 7.5% குறைந்தது, இது வாரத்தின் ஒவ்வொரு வேலை நாளிலும் 43,000 வாகன ஓட்டிகள் குறைவாக உள்ளனர் என்பதற்கு சமமாகும்.
    • +
  • பேருந்து போக்குவரத்து குறைந்ததன் காரணமாக போக்குவரத்து ஓட்டம் மேம்பட்டுள்ளது மற்றும் பேருந்து வேகங்கள் அதிகரித்துள்ளன, சில விரைவு பேருந்துகளில் பயணிகள் எண்ணிக்கை அதிகரித்துள்ளது.
    • +
  • மெட்ரோபாலிடன் போக்குவரத்து ஆணையம் (MTA) ஆண்டுக்கு $500 மில்லியன் என மதிப்பிடப்பட்ட சுங்க வருவாயை, சில அரசியல் எதிர்ப்புகள் இருந்தபோதிலும், போக்குவரத்து மேம்பாடுகளுக்காக பயன்படுத்துகிறது.
    • +
+

எதிர்வினைகள்

+
    +
  • மஹாட்டனில் நெரிசல் கட்டணத்தை நடைமுறைப்படுத்துவதன் மூலம் 43,000 கார் ஓட்டிகள் குறைந்துள்ளனர், இது பேருந்து வேகங்களை அதிகரிக்கவும், அவசர சேவை நேரங்களை மேம்படுத்தவும் வழிவகுக்கிறது.
    • +
  • கொள்கை போக்குவரத்து நெரிசலை குறைத்து காற்றின் தரத்தை மேம்படுத்த வடிவமைக்கப்பட்டுள்ளது, ஆனால் இது குறைந்த வருமானம் கொண்ட நபர்களின் மீது அதன் தாக்கம் குறித்து விவாதத்தை ஏற்படுத்தியுள்ளது.
    • +
  • ஆதரவாளர்கள், அதிக செயல்திறன் கொண்ட பொது போக்குவரத்து மற்றும் சுத்தமான காற்று போன்ற நன்மைகளை உள்ளடக்கியதாக வாதிடுகின்றனர், அதே நேரத்தில் இவை சாரதிகளின் தேவைகளுடன் சமநிலைப்படுத்துவது பற்றிய விவாதங்கள் தொடர்கின்றன.
    • +
+ + + + + +]]> + https://hn.cho.sh/ta/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

1993 வோல்வோ சுய இயக்கம் திறந்த பைலட்டுடன்

-
    -
  • ஒரு நண்பர்கள் குழு 2025 குளிர்கால பதிப்பில் Carbage Run இல் பங்கேற்றனர், இது ஸ்வீடனின் வழியாக துருவ வட்டத்திற்கு சென்று ஹெல்சிங்கிக்கு திரும்பும் 6 நாள் ராலி ஆகும், இதில் கார்கள் குறைந்தது 20 ஆண்டுகள் பழமையானவை மற்றும் மதிப்பு €1000 க்குக் குறைவாக இருக்க வேண்டும்.
    • -
  • அவர்கள் 1993 ஆம் ஆண்டின் வோல்வோ 940 எஸ்டேட்டை சுய இயக்க வாகனமாக மாற்றினர், comma.ai இன் openpilot ஐ பயன்படுத்தி, மின்சார ஸ்டியரிங், Bosch iBooster, மற்றும் டெஸ்லா ரேடார் சென்சார் போன்ற நவீன கூறுகளை இணைத்து.
    • -
  • எதிர்கால புதுப்பிப்புகளில் வயரிங் விவரங்கள், தனிப்பயன் என்ஜின் கட்டுப்பாட்டு அலகு (ECU), மற்றும் குறியீட்டு திறந்த மூலமாக்கல் திட்டங்கள் அடங்கும், பழைய வாகனங்களை தானியங்கி தொழில்நுட்பத்துடன் புதுப்பித்தல் தொடர்பான திட்டத்தின் புதுமையான அணுகுமுறையை வெளிப்படுத்துகிறது.
    • -
-

எதிர்வினைகள்

-
    -
  • தமிழில் எழுத வேண்டும். 1993 ஆம் ஆண்டின் வோல்வோ 940 கார் ஓபன் பைலட் எனும் தானியங்கி ஓட்டுநர் தொழில்நுட்பத்துடன் மாற்றியமைக்கப்பட்டது, இது பாரம்பரிய கார் வடிவமைப்பு மற்றும் நவீன தொழில்நுட்பத்தின் சந்திப்பை வெளிப்படுத்துகிறது.
    • -
  • TEXT: இந்த திட்டம் சவால்களை எதிர்கொண்டது, அதில் பிரேக் மற்றும் ஸ்டீரிங் அமைப்புகளை புதுப்பித்தல், சட்ட மற்றும் பாதுகாப்பு கவலைகளை எழுப்பியது, குறிப்பாக ஸ்டீரிங் கம்பத்தை வெல்டிங் செய்வது போன்ற தானியங்கி மாற்றங்களுடன். TEXT:
    • -
  • தமிழில் எழுத வேண்டும். சர்ச்சை ஐரோப்பாவில் கார் விதிமுறைகள், அமெரிக்காவில் ஹாட்ரோட்களின் சரிவு மற்றும் கார் மாற்ற சுதந்திரங்களில் கலாச்சார வேறுபாடுகள் ஆகியவற்றிற்கு விரிவடைந்தது, பாதுகாப்பு கவலைகளுக்கு மத்தியில் ஒரு ஊக்கமளிக்கும் தானியங்கி முயற்சியாக திட்டம் பார்க்கப்பட்டது.
    • -
-

வோக்சல் ஸ்பேஸ்: 20 வரிகளுக்குள் குறைவான குறியீட்டில் நிலப்பரப்பு காட்சிப்படுத்தும் அல்காரிதம் (2020)

-
    -
  • NovaLogic இன் 1992 ஆம் ஆண்டின் Comanche விளையாட்டு, Voxel Space என்ஜினை பயன்படுத்தியது, இது கதிர் வீச்சு அடிப்படையிலான 2.5D காட்சிப்படுத்தல் நுட்பமாகும், இது நிழல்களுடன் கூடிய விரிவான நிலப்பரப்புகளை உருவாக்கியது.
    • -
  • Voxel Space என்ஜின் உயரம் மற்றும் நிற வரைபடங்களை மற்றும் எளிய ரெண்டரிங் அல்காரிதத்தை பயன்படுத்தியது, இது பின்புறத்திலிருந்து முன்னோக்கி செங்குத்து கோடுகளை வரைவதைக் கொண்டிருந்தது, இது செயல்திறனை மேம்படுத்துவதற்காக மேம்படுத்தப்படலாம்.
    • -
  • எஞ்சின் குறியீடு MIT உரிமத்தின் கீழ் கிடைக்கிறது, ஆனால் அந்த தொழில்நுட்பம் சில பகுதிகளில் இன்னும் காப்புரிமை பெற்றிருக்கலாம்.
    • -
-

எதிர்வினைகள்

-
    -
  • VoxelSpace என்பது ஒரு நிலப்பரப்பு காட்சிப்படுத்தும் அல்காரிதம் ஆகும், இது அதன் எளிமைக்காக குறிப்பிடத்தக்கது, 20 வரிகளுக்கும் குறைவான குறியீடுகளை தேவைப்படுத்துகிறது, மேலும் இது வன்பொருள் வரையறுக்கப்பட்ட காலங்களில் புதுமையான விளையாட்டு மேம்பாட்டிற்கான நினைவுகளை தூண்டுகிறது.
    • -
  • நவீன AAA விளையாட்டுகள் சிக்கலான மேம்பாடுகள் மற்றும் சந்தை போக்குகளை மையமாகக் கொண்டு, பெரும்பாலும் தனித்துவத்தை இழந்து செல்கின்றன, ஆனால் PICO-8 போன்ற சுயாதீன விளையாட்டுகள் மற்றும் தளங்கள் அதிகமான படைப்பாற்றல் சுதந்திரத்தை வழங்குகின்றன.
    • -
  • தொழில்நுட்ப முன்னேற்றங்களுக்குப் பிறகும், சில டெவலப்பர்கள் மற்றும் வீரர்கள் பழைய விளையாட்டுகளின் "மந்திரம்" காணாமல் போய்விட்டதாக உணர்கிறார்கள், ஆனால் வோக்சல் ரெண்டரிங் போன்ற புதுமையான திட்டங்கள் படைப்பாற்றலைத் தூண்டுவதில் தொடர்ந்து ஈடுபடுகின்றன.
    • -
-

வீடியோ கேமில் ஒரு வெளிப்புற கோட்டை எவ்வாறு வரைய வேண்டும்

-
    -
  • கட்டுரை Unity எனும் பிரபலமான விளையாட்டு மேம்பாட்டு தளத்தில் வெளிப்புற கோடுகளை உருவாக்குவதற்கான ஐந்து நுட்பங்களை விவரிக்கிறது, அவற்றின் பயன்பாட்டை Sable மற்றும் The Last of Us போன்ற விளையாட்டுகளில் விளக்குகிறது. - நுட்பங்களில் Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm, மற்றும் Edge Detection ஆகியவை அடங்கும், ஒவ்வொன்றும் செயல்திறன் மற்றும் காட்சித் தரம் ஆகியவற்றில் தனித்தன்மையான நன்மைகள் மற்றும் மாற்றங்களைக் கொண்டுள்ளன. - இந்த முறைகளை சமநிலைப்படுத்தி சிறந்த விளையாட்டு அழகியல் மற்றும் விளையாட்டு ஆதரவைப் பெறுவதற்கான பார்வைகளை கட்டுரை வழங்குகிறது, மேலும் 3D மாதிரிகளுக்கான கூடுதல் வளங்கள் மற்றும் கிரெடிட்களும் சேர்க்கப்பட்டுள்ளன.
    • -
-

எதிர்வினைகள்

-
    -
  • கட்டுரை வீடியோ கேம்களில் வெளிப்புற கோடுகளை வரைவதற்கான மேம்பட்ட நுட்பங்களை ஆராய்கிறது, பாரம்பரிய முறைகளைக் காட்டிலும் ஜம்ப் ப்ளட் ஆல்காரிதம் (JFA) மற்றும் கையொப்பம் செய்யப்பட்ட தூரம் புலங்கள் (SDFs) ஆகியவற்றின் திறனை வலியுறுத்துகிறது. - இது ஸ்டைலிஷ் 3D கிராஃபிக்ஸில் ஆழமாகப் பேசுகிறது, ரெண்டரிங் நுட்பங்கள் மற்றும் ஒளி மற்றும் ஸ்டைலிங்கிற்கான நரம்பு வலையமைப்புகளின் சாத்தியமான பயன்பாட்டைப் பற்றி விவாதிக்கிறது. - பங்களிப்பாளர்கள் ஜெட் செட் ரேடியோ போன்ற கேம்களில் செல்ஷேடிங் வரலாற்று வளர்ச்சியைப் பற்றிய பார்வைகளை வழங்குகின்றனர், 3D கிராஃபிக்ஸில் தொழில்நுட்பம் மற்றும் கலை ஆகியவற்றின் பரிணாம சந்திப்பை வெளிப்படுத்துகின்றனர்.
    • -
-

நான் வாஷிங்டன் போஸ்டை விட்டு வெளியேறுகிறேன்

-

எதிர்வினைகள்

-
    -
  • ஆசிரியர் வாஷிங்டன் போஸ்டை விட்டு வெளியேறுகிறார், ஏனெனில் அது மாறிவரும் ஊடக சூழலுக்கு ஏற்ப மாறுவதில் தோல்வியடைந்தது மற்றும் பிரச்சினைகளை வழங்கும் அதன் அணுகுமுறை, ஜனநாயகம் போன்ற முக்கிய தலைப்புகளுக்கு பயனற்றது என்று அவர்கள் நம்புகிறார்கள்.
    • -
  • பாரம்பரிய ஊடகங்கள், குறிப்பாக உள்ளூர் செய்தித்தாள்கள், நிதி சிக்கல்களை எதிர்கொண்டு வருகின்றன, இது பாகுபாடு கொண்ட செய்தியளிப்பை ஏற்படுத்தி, பொது நம்பிக்கையின் குறைவுக்கு வழிவகுக்கிறது, அதே நேரத்தில் சமூக ஊடகங்கள் பத்திரிகையாளர் பணியின் கடுமையான பணியை மாற்ற முடியாது.
    • -
  • செல்வந்தர்களின், குறிப்பாக ஜெஃப் பெசோஸ் போன்றவர்களின், ஊடக நிறுவனங்களின் மீது உள்ள செல்வாக்கு மற்றும் அதிகாரத்தை பொறுப்புக்கூறச் செய்யும் ஊடகத்தின் பங்கில் நிறுவன நலன்களின் தாக்கம் குறித்து கவலைகள் எழுப்பப்படுகின்றன.
    • -
-

பெர்ப்ளெக்சிட்டிக்கு விளம்பரங்கள் கிடைத்தன

-

எதிர்வினைகள்

-
    -
  • தமிழில் எழுத வேண்டும். Perplexity விளம்பரங்களை அறிமுகப்படுத்தியுள்ளது, இதனால் ஆன்லைன் சேவைகளில் விளம்பரங்கள் தவிர்க்க முடியாதவை என்ற விவாதங்கள் எழுந்துள்ளன, ஏனெனில் பயனர்கள் விளம்பரமற்ற அனுபவங்களுக்கு பணம் செலுத்துவதற்கு தயங்குகிறார்கள். - சில பயனர்கள் விளம்பரங்களை தலையீடு செய்பவை எனக் கருதுகின்றனர் மற்றும் Kagi போன்ற சந்தா அடிப்படையிலான சேவைகளை விரும்புகின்றனர், அவை விளம்பரமற்ற தேடலை வழங்குகின்றன, அதே நேரத்தில் மற்றவர்கள் இலவச, விளம்பர ஆதரவு கொண்ட விருப்பங்களைத் தொடர்ந்தும் தேர்வு செய்கின்றனர். - இந்த நிலைமை டிஜிட்டல் சேவைகளில் விளம்பர ஆதரவு மற்றும் சந்தா அடிப்படையிலான மாதிரிகளுக்கு இடையிலான தொடர்ச்சியான விவாதத்தை வலியுறுத்துகிறது.
    • -
- - - - - -]]> - https://hn.cho.sh/ta/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/th.xml b/static/rss/newsletter/th.xml index 595982559..eb9891c85 100644 --- a/static/rss/newsletter/th.xml +++ b/static/rss/newsletter/th.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

นักวิจัยด้านความปลอดภัยของ Snyk ปล่อยแพ็กเกจ NPM ที่เป็นอันตรายโดยมีเป้าหมายที่ cursor.com

+
    +
  • นักวิจัยด้านความปลอดภัยจาก Snyk ได้ปล่อยแพ็กเกจ NPM ที่เป็นอันตรายซึ่งมุ่งเป้าไปที่ Cursor.com ซึ่งเป็นบริษัทเขียนโค้ด AI เพื่อรวบรวมข้อมูลระบบและส่งไปยังบริการที่ผู้โจมตีควบคุม
    • +
  • แพ็กเกจที่ถูกระบุว่าเป็น "cursor-retrieval," "cursor-always-local," และ "cursor-shadow-workspace" ถูกตั้งค่าสถานะโดยเครื่องสแกนการวิเคราะห์แพ็กเกจของ OpenSSF ส่งผลให้มีคำแนะนำ MAL-2025-27, MAL-2025-28, และ MAL-2025-29
    • +
  • เหตุการณ์นี้เน้นย้ำถึงความสำคัญของการตรวจสอบแพ็กเกจ NPM ก่อนการติดตั้งเพื่อหลีกเลี่ยงภัยคุกคามด้านความปลอดภัยที่อาจเกิดขึ้น
    • +
+

ปฏิกิริยา

+
    +
  • นักวิจัยด้านความปลอดภัยจาก Snyk ได้ปล่อยแพ็กเกจ NPM (Node Package Manager) ที่เป็นอันตรายซึ่งมุ่งเป้าไปที่ cursor.com โดยเน้นถึงช่องโหว่ของการสับสนในความพึ่งพา - เหตุการณ์นี้ได้จุดประกายการถกเถียงเกี่ยวกับจริยธรรมของการวิจัยด้านความปลอดภัย โดยเฉพาะอย่างยิ่งเกี่ยวกับการเปิดเผยตัวแปรสภาพแวดล้อมต่อสาธารณะ - Cursor.com ได้ชี้แจงว่าพวกเขาไม่ได้อนุญาตให้ดำเนินการดังกล่าว และ Snyk ได้ขอโทษในภายหลัง โดยเน้นถึงความท้าทายในการสร้างสมดุลระหว่างการวิจัยด้านความปลอดภัยเชิงรุกกับมาตรฐานทางจริยธรรม
    • +
+

ฉันเปลี่ยนไปใช้ Firefox และไม่เคยหันกลับไปมองอีกเลย

+
    +
  • Firefox ได้รับการยกย่องในเรื่องการจัดการแท็บที่ยอดเยี่ยม ฟีเจอร์ Pocket ในตัวสำหรับบันทึกลิงก์ และการส่งต่ออีเมลที่เน้นความเป็นส่วนตัว ทำให้เป็นทางเลือกที่แข็งแกร่งสำหรับ Chrome - ฟีเจอร์เพิ่มเติมเช่น เครื่องมือจับภาพหน้าจอที่ใช้งานง่าย ปุ่ม ChatGPT โหมด Picture-in-Picture ตัวเลือกการค้นหาที่ปรับแต่งได้ และการเลื่อนที่ราบรื่น ช่วยเพิ่มประสบการณ์การท่องเว็บ - แม้ว่า Firefox จะขาดฟีเจอร์แอปเว็บของ Chrome แต่การออกแบบที่รอบคอบและการใช้ทรัพยากรที่ลดลงทำให้เป็นตัวเลือกที่ผู้ใช้บางคนชื่นชอบ
    • +
+

ปฏิกิริยา

+
    +
  • ผู้ใช้ Firefox เผชิญกับความท้าทายจากแพลตฟอร์มอย่าง YouTube ซึ่งอาจจงใจลดประสบการณ์การใช้งานสำหรับเบราว์เซอร์ที่ไม่ใช่ของ Google หรือผู้ใช้ที่ใช้ตัวบล็อกโฆษณา - แนวโน้มนี้ก่อให้เกิดความกังวลเกี่ยวกับความเป็นอิสระของผู้ใช้ เนื่องจากเป็นการลงโทษผู้ที่เลือกใช้งานเว็บที่ปราศจากโฆษณาและการสอดส่อง - Firefox มีคุณสมบัติเฉพาะ เช่น แท็บคอนเทนเนอร์ ซึ่งช่วยเพิ่มความเป็นส่วนตัวและการใช้งาน ทำให้เป็นตัวเลือกที่ผู้ใช้ที่ต้องการความเป็นอิสระจากเบราว์เซอร์ที่ถูกควบคุมโดยบริษัทใหญ่ๆ นิยมใช้
    • +
+

ซีอีโอของ Sonos ลาออกหลังจากปัญหาการอัปเดตแอป

+

ปฏิกิริยา

+
    +
  • ซีอีโอของ Sonos ได้ลาออกหลังจากการอัปเดตแอปที่เป็นที่ถกเถียงซึ่งบังคับให้ผู้ใช้ต้องเปลี่ยนระบบเสียงที่มีราคาแพง ทำให้เกิดความไม่พอใจในหมู่ลูกค้า - การอัปเดตนี้ได้แนะนำระบบที่ใช้คลาวด์ แทนที่ระบบ Universal Plug and Play (UPnP) ที่เชื่อถือได้ ซึ่งนำไปสู่ปัญหาการเชื่อมต่อและความซับซ้อนที่เพิ่มขึ้น - สถานการณ์นี้เน้นย้ำถึงความขัดแย้งระหว่างกลยุทธ์ทางธุรกิจกับการรักษาความไว้วางใจของลูกค้า ในขณะที่ซีอีโอเปลี่ยนไปสู่บทบาทที่ปรึกษาพร้อมกับแพ็คเกจชดเชย
    • +
+

ในท้องของ MrBeast

+

ปฏิกิริยา

+
    +
  • บทความนี้ตรวจสอบว่าอัลกอริทึมของ YouTube มีอิทธิพลต่อการสร้างเนื้อหาอย่างไร โดยใช้ MrBeast เป็นกรณีศึกษา เน้นการเปลี่ยนแปลงไปสู่เนื้อหาที่ขับเคลื่อนด้วยการมีส่วนร่วมมากกว่าเนื้อหาที่มีความหมาย - มีการอภิปรายถึงผลกระทบที่กว้างขึ้นต่อการรู้เท่าทันสื่อและผลกระทบทางวัฒนธรรมของแพลตฟอร์มอย่าง YouTube และ TikTok โดยเสนอแนวโน้มไปสู่เนื้อหาที่ผิวเผินและตอบโต้ - มีการพิจารณามุมมองต่างๆ เกี่ยวกับบทบาทของอัลกอริทึมในการกำหนดเนื้อหาและอิทธิพลของผู้สร้างยอดนิยมต่อบรรทัดฐานทางวัฒนธรรม
    • +
+

การดำเนินการ Git บน GitHub หยุดทำงาน

+
    +
  • GitHub ประสบปัญหาการหยุดชะงักของการดำเนินการ Git เมื่อวันที่ 13 มกราคม 2025 เนื่องจากการเปลี่ยนแปลงการกำหนดค่าที่ส่งผลกระทบต่อโหลดบาลานเซอร์ภายใน ซึ่งกินเวลาตั้งแต่ 23:35 ถึง 00:24 UTC - ปัญหาได้รับการแก้ไขโดยการย้อนกลับการเปลี่ยนแปลงการกำหนดค่า และ GitHub กำลังทำงานเพื่อปรับปรุงกระบวนการตรวจสอบและการปรับใช้เพื่อป้องกันเหตุการณ์ที่คล้ายกัน - การหยุดชะงักยังส่งผลกระทบต่อบริการ Actions และ Pages ของ GitHub ซึ่งเน้นถึงธรรมชาติที่เชื่อมโยงกันของบริการแพลตฟอร์มของพวกเขา
    • +
+

ปฏิกิริยา

+
    +
  • GitHub ประสบปัญหาการหยุดทำงานครั้งใหญ่ที่ส่งผลกระทบต่อการดำเนินการของ git ทำให้นักพัฒนาสับสนในตอนแรกที่สงสัยว่ามีปัญหากับคีย์ SSH หรือการตั้งค่าท้องถิ่นของพวกเขา - เหตุการณ์นี้เน้นย้ำถึงความท้าทายของการพึ่งพาบริการแบบรวมศูนย์ กระตุ้นให้เกิดการสนทนาเกี่ยวกับข้อดีของการโฮสต์เองและระบบแบบกระจาย - แม้ว่าปัญหาจะได้รับการแก้ไขแล้ว แต่ก็ได้เน้นย้ำถึงความกังวลเกี่ยวกับความน่าเชื่อถือของ GitHub และความเสี่ยงของการพึ่งพาแพลตฟอร์มของบุคคลที่สามสำหรับงานที่จำเป็น
    • +
+

ZFS 2.3 เปิดตัวพร้อมกับการขยาย ZFS raidz

+
    +
  • OpenZFS 2.3.0 ได้รับการเปิดตัวแล้ว โดยมีการแนะนำฟีเจอร์สำคัญเช่น RAIDZ Expansion, Fast Deduplication, Direct Input/Output, การแสดงผลแบบ JSON และการรองรับชื่อไฟล์ที่ยาว - การเปิดตัวนี้รวมถึงการแก้ไขบั๊กที่สำคัญและการปรับปรุงประสิทธิภาพ ซึ่งสามารถใช้งานร่วมกับเคอร์เนล Linux เวอร์ชัน 4.18 - 6.12 และ FreeBSD เวอร์ชัน 13.3, 14.0 - 14.2 - การอัปเดตนี้เป็นความร่วมมือจากผู้ร่วมพัฒนา 134 คน พร้อมด้วยเอกสารประกอบและบันทึกการเปลี่ยนแปลงที่สามารถตรวจสอบได้
    • +
+

ปฏิกิริยา

+
    +
  • ZFS 2.3 ได้รับการเปิดตัวแล้ว โดยมีการแนะนำฟีเจอร์ต่างๆ เช่น การขยาย RAIDZ, การลดข้อมูลซ้ำอย่างรวดเร็ว, การใช้งาน IO โดยตรง, การแสดงผล JSON และการรองรับชื่อไฟล์ที่ยาว - การขยาย RAIDZ นั้นโดดเด่นเป็นพิเศษเนื่องจากช่วยให้ผู้ใช้สามารถเพิ่มอุปกรณ์ใหม่ลงใน RAIDZ pool ที่มีอยู่โดยไม่ต้องหยุดทำงาน เพิ่มความจุในการจัดเก็บข้อมูล - การเปิดตัวนี้ถือเป็นความก้าวหน้าที่สำคัญสำหรับผู้ใช้ ZFS โดยมีการเปรียบเทียบกับระบบไฟล์อื่นๆ เช่น Btrfs และ Windows Storage Spaces แม้ว่าจะมีข้อจำกัดบางประการ เช่น การไม่สามารถลดขนาด pool ได้
    • +
+

Webtop – คอนเทนเนอร์ Alpine, Ubuntu, Fedora และ Arch ที่มีสภาพแวดล้อมเดสก์ท็อปแบบเต็มรูปแบบ

+
    +
  • Linuxserver/webtop ให้บริการคอนเทนเนอร์ที่มีพื้นฐานจาก Alpine, Ubuntu, Fedora, และ Arch พร้อมด้วยสภาพแวดล้อมเดสก์ท็อปเต็มรูปแบบที่สามารถเข้าถึงได้ผ่านเว็บเบราว์เซอร์ รองรับทั้งสถาปัตยกรรม x86-64 และ arm64
    • +
  • ผู้ใช้สามารถเลือกจากสภาพแวดล้อมเดสก์ท็อปต่าง ๆ เช่น XFCE, KDE, MATE, i3, Openbox และ IceWM โดยใช้แท็กภาพเฉพาะ และเข้าถึง Webtop ผ่าน URL ที่กำหนด
    • +
  • คุณสมบัติด้านความปลอดภัยประกอบด้วยตัวเลือก seccomp ของ Docker และการตั้งค่าการยืนยันตัวตน พร้อมตัวเลือกการปรับแต่งที่สามารถทำได้ผ่านตัวแปรสภาพแวดล้อม และรองรับการเร่งความเร็ว GPU ด้วยไดรเวอร์โอเพ่นซอร์ส
    • +
+

ปฏิกิริยา

+
    +
  • Webtop ให้บริการคอนเทนเนอร์ที่มีสภาพแวดล้อมเดสก์ท็อปเต็มรูปแบบสำหรับ Alpine, Ubuntu, Fedora, และ Arch ซึ่งเหมาะสำหรับการตั้งค่าอย่างรวดเร็วหลัง VPN
    • +
  • ผู้ใช้ชื่นชม Webtop ในเรื่องความเร็วและความง่ายในการใช้งาน โดยเฉพาะเมื่อใช้ร่วมกับ Gluetun container เพื่อการเชื่อมต่อที่ปลอดภัย แต่เตือนให้ระวังการเปิดเผย container สู่อินเทอร์เน็ตโดยไม่มีมาตรการรักษาความปลอดภัย เนื่องจากขาดการยืนยันตัวตนเริ่มต้น
    • +
  • โครงการนี้มีคุณค่าสำหรับการเป็นโอเพ่นซอร์สและยืดหยุ่น โดยผู้ใช้สามารถแบ่งปันการตั้งค่าได้ และทางเลือกอื่น ๆ เช่น Kasm และ Selkies ก็ถูกกล่าวถึงเพื่อวัตถุประสงค์ที่คล้ายกัน
    • +
+

1 ใน 5 ของประกาศรับสมัครงานออนไลน์เป็นของปลอมหรือไม่เคยมีการจ้างงานจริง, การศึกษาพบ

+
    +
  • การศึกษาล่าสุดระบุว่า 20% ของประกาศรับสมัครงานออนไลน์เป็นของปลอมหรือยังไม่ได้รับการเติมเต็ม ซึ่งเพิ่มความหงุดหงิดให้กับผู้หางาน - แนวโน้ม "งานผี" นี้อาจเป็นกลยุทธ์ของบริษัทในการสร้างภาพลักษณ์ของการเติบโต - แพลตฟอร์มงานเช่น Greenhouse และ LinkedIn ได้แนะนำบริการตรวจสอบงานเพื่อช่วยผู้ใช้ในการระบุโอกาสงานที่แท้จริง
    • +
+

ปฏิกิริยา

+
    +
  • การศึกษาพบว่า 20% ของประกาศรับสมัครงานออนไลน์เป็นประกาศปลอมหรือยังไม่ได้รับการเติมเต็ม ซึ่งมักเกิดจากบริษัทที่ต้องปฏิบัติตามนโยบายการย้ายถิ่นฐานของสหรัฐฯ - บริษัทอาจปล่อยประกาศรับสมัครงานไว้เพื่อหาผู้สมัครที่เหมาะสม เปลี่ยนแปลงข้อกำหนด หรือมีผู้สมัครภายในที่ได้รับการคัดเลือกไว้ล่วงหน้า - ตลาดงานเป็นเรื่องยากสำหรับผู้สมัคร ที่มักพบกับการถูกเมินเฉยและการปฏิเสธอัตโนมัติ ทำให้เกิดการเรียกร้องให้มีการแทรกแซงด้านกฎระเบียบ
    • +
+

ทำให้ทางแยกไม่ปลอดภัยสำหรับคนเดินเท้าเพื่อประหยัดเวลาไม่กี่วินาทีสำหรับผู้ขับขี่

+

ปฏิกิริยา

+
    +
  • การอภิปรายมุ่งเน้นไปที่ว่าทางแยกควรให้ความสำคัญกับความปลอดภัยของคนเดินเท้าหรือประสิทธิภาพของผู้ขับขี่ โดยบางคนสนับสนุนทางแยกที่ควบคุมด้วยสัญญาณไฟและการข้ามถนนของคนเดินเท้าแทนที่จะใช้จุดหยุด 4 ทาง
    • +
  • ความคิดเห็นเกี่ยวกับกฎหมายจราจรและการออกแบบโครงสร้างพื้นฐานมีความหลากหลาย โดยมีการอภิปรายเกี่ยวกับความปลอดภัยของการเดินข้ามถนนในที่ห้ามและความเสี่ยงที่เกี่ยวข้องกับการเลี้ยวขวาเมื่อสัญญาณไฟแดง
    • +
  • บางคนสนับสนุนทางเลือกอื่น เช่น วงเวียน หรือการนำมาตรฐานวิศวกรรมจราจรของเนเธอร์แลนด์มาใช้เพื่อเพิ่มความปลอดภัยและประสิทธิภาพ
    • +
+

PostgreSQL เป็นระบบจัดการฐานข้อมูลแห่งปี 2024

+
    +
  • PostgreSQL ได้รับรางวัล DBMS of the Year 2024 จาก DB-Engines โดยได้รับการยอมรับนี้เป็นครั้งที่ห้า แซงหน้า 423 ระบบจัดการฐานข้อมูลอื่น ๆ
    • +
  • PostgreSQL ซึ่งมีประวัติยาวนานเกือบ 35 ปี ยังคงสร้างสรรค์นวัตกรรมใหม่ ๆ ดังที่เห็นได้จากการปรับปรุงล่าสุดของ PostgreSQL 17 ที่เปิดตัวในเดือนกันยายน 2024
    • +
  • Snowflake และ Microsoft ได้รับตำแหน่งที่สองและสามตามลำดับ โดย Snowflake มีความโดดเด่นในด้านการจัดเก็บข้อมูลบนคลาวด์และการสนับสนุนหลายคลาวด์ ในขณะที่ Microsoft มีการจัดการฐานข้อมูลเชิงสัมพันธ์ที่แข็งแกร่งผ่าน Azure SQL Database และ SQL Server
    • +
+

ปฏิกิริยา

+
    +
  • PostgreSQL ได้รับรางวัลระบบจัดการฐานข้อมูลแห่งปี 2024 จาก db-engines.com ซึ่งเน้นย้ำถึงความนิยมที่เพิ่มขึ้นและการยอมรับในอุตสาหกรรม
    • +
  • ผู้ใช้กำลังพิจารณาเปลี่ยนจาก Microsoft SQL Server ไปเป็น PostgreSQL เนื่องจากค่าใช้จ่ายในการออกใบอนุญาตที่สูงและข้อจำกัดด้านทรัพยากร แม้ว่าจะมีความท้าทายในการย้ายข้อมูลก็ตาม
    • +
  • PostgreSQL ได้รับความนิยมเนื่องจากมีฟีเจอร์ที่แข็งแกร่งและคุ้มค่า ทำให้เป็นตัวเลือกที่นิยมสำหรับโครงการในอนาคต แม้ว่าผู้ใช้บางรายจะสำรวจทางเลือกอื่นเช่น Babelfish เพื่อลดค่าใช้จ่าย
    • +
+

การเข้าสู่ระบบ OAuth ของ Google ไม่ได้ป้องกันการซื้อโดเมนของสตาร์ทอัพที่ล้มเหลว

+

ปฏิกิริยา

+
    +
  • การอภิปรายเน้นถึงช่องโหว่ในระบบล็อกอิน OAuth ของ Google เมื่อโดเมนของสตาร์ทอัพที่ล้มเหลวถูกซื้อโดยเจ้าของใหม่ ซึ่งอาจทำให้เกิดการเข้าถึงบริการโดยไม่ได้รับอนุญาต
    • +
  • ปัญหานี้เกิดขึ้นเนื่องจาก Google อาจไม่สามารถแยกแยะระหว่างเจ้าของโดเมนเดิมและเจ้าของโดเมนใหม่ได้ ซึ่งส่งผลกระทบต่อระบบใด ๆ ที่ใช้การยืนยันตัวตนตามโดเมน
    • +
  • วิธีแก้ปัญหาที่เสนอคือการใช้ตัวระบุที่ไม่ซ้ำกันซึ่งคงที่ตลอดเวลา แม้ว่าการนำวิธีแก้ปัญหานี้ไปใช้จะแตกต่างกันไปในหมู่ผู้ให้บริการระบุตัวตน
    • +
+

การใช้ทักษะการเขียนโค้ดเพื่อสร้างรายได้แบบพาสซีฟ

+
    +
  • ผู้เขียนเปลี่ยนจากบทบาท CTO มาเป็นผู้ประกอบการเดี่ยว โดยประสบความสำเร็จในการสร้างรายได้มากขึ้นผ่านพอร์ตโฟลิโอของผลิตภัณฑ์ซอฟต์แวร์
    • +
  • กลยุทธ์หลักประกอบด้วยการมุ่งเน้นที่การทำงานอย่างลึกซึ้ง เริ่มต้นด้วยโครงการขนาดเล็ก ทำซ้ำอย่างรวดเร็ว และทุ่มเทเวลาให้กับความพยายามทางการตลาด
    • +
  • การเดินทางนี้เน้นย้ำถึงความยืดหยุ่นเนื่องจากความไม่แน่นอน แต่ยังชี้ให้เห็นถึงความเป็นอิสระและเสรีภาพที่ไม่มีใครเทียบได้ของเส้นทางอาชีพนี้ โดยกระตุ้นให้ผู้ที่มีทักษะการเขียนโค้ดพิจารณาเพื่อรายได้แบบพาสซีฟ
    • +
+

ปฏิกิริยา

+
    +
  • ผู้ใช้คนหนึ่งได้อธิบายถึงการสร้างรายได้แบบพาสซีฟผ่านเว็บไซต์สแปม SEO โดยใช้ชื่อโดเมนที่กำลังจะหมดอายุ ทำรายได้ประมาณ $30,000 ต่อปี แม้ว่าจะมีข้อกังวลด้านจริยธรรมและการปราบปรามของ Google ในที่สุด
    • +
  • โพสต์ดังกล่าวจุดประกายการถกเถียงเกี่ยวกับรายได้แบบพาสซีฟ โดยมีผู้ใช้บางคนโต้แย้งว่ามันคล้ายกับการดำเนินธุรกิจมากกว่าที่จะเป็นรายได้แบบพาสซีฟอย่างแท้จริง
    • +
  • ผู้เข้าร่วมได้แบ่งปันประสบการณ์และความท้าทายในการทำโครงการเสริม โดยเน้นถึงความสำคัญของเวลา ความยืดหยุ่น และการวางแผนเชิงกลยุทธ์
    • +
+

สเปนเสนอภาษี 100% สำหรับบ้านที่ซื้อโดยผู้อยู่อาศัยนอกสหภาพยุโรป

+
    +
  • สเปนกำลังพิจารณาภาษี 100% สำหรับการซื้ออสังหาริมทรัพย์โดยผู้ที่ไม่ใช่ผู้อยู่อาศัยในสหภาพยุโรป โดยมีเป้าหมายเพื่อแก้ไขปัญหาวิกฤตที่อยู่อาศัยและควบคุมการซื้อเพื่อเก็งกำไร
    • +
  • ข้อเสนอของนายกรัฐมนตรีเปโดร ซานเชซ รวมถึงการขยายที่อยู่อาศัยสังคมและการควบคุมการเช่าที่พักสำหรับนักท่องเที่ยวเพื่อแก้ไขความไม่สมดุลระหว่างราคาที่อยู่อาศัยและรายได้
    • +
  • อนาคตของข้อเสนอนี้ในฐานะกฎหมายยังไม่แน่นอน โดยนักวิเคราะห์บางคนมองว่าเป็นการขัดขวางนักลงทุนต่างชาติมากกว่าการเปลี่ยนแปลงทางกฎหมายที่รับประกันได้
    • +
+

ปฏิกิริยา

+
    +
  • สเปนกำลังพิจารณาภาษี 100% สำหรับบ้านที่ซื้อโดยผู้ที่ไม่ใช่ผู้อยู่อาศัยในสหภาพยุโรปเพื่อแก้ปัญหาความสามารถในการซื้อที่อยู่อาศัย - นักวิจารณ์แนะนำว่าผู้ซื้อชาวต่างชาติไม่ใช่สาเหตุหลักของราคาที่อยู่อาศัยสูง โดยอ้างถึงระบบราชการที่ล่าช้าและกฎหมายการแบ่งเขตว่าเป็นปัจจัยที่สำคัญกว่า - ข้อเสนอนี้ได้จุดประกายการถกเถียงเกี่ยวกับบทบาทของการเป็นเจ้าของโดยชาวต่างชาติในตลาดที่อยู่อาศัยและประสิทธิภาพของมันในการแก้ไขปัญหาความสามารถในการซื้อ
    • +
+

แอปเปิลจะได้รับชิป 'ผลิตในอเมริกา' จากโรงงานของ TSMC ในรัฐแอริโซนาในไม่ช้า

+
    +
  • Apple กำลังทดสอบโปรเซสเซอร์จากโรงงานของ TSMC ในรัฐแอริโซนา โดยมีแผนที่จะผลิตในปริมาณมากภายในไตรมาสแรก ซึ่งอาจทำให้ Apple กลายเป็นลูกค้ารายแรกของ TSMC ในสหรัฐฯ สำหรับชิปที่ผลิตในท้องถิ่น - โครงการนี้มีเป้าหมายเพื่อเสริมสร้างความเป็นอิสระด้านซิลิคอนของสหรัฐฯ ลดการพึ่งพาไต้หวันซึ่งมีความเสี่ยงต่อปัญหาทางภูมิรัฐศาสตร์และธรรมชาติ - โรงงานของ TSMC ในแอริโซนามีกำหนดจะผลิตชิปขั้นสูงขนาด 3nm และ 2nm โดยมีความพยายามอย่างต่อเนื่องในการเพิ่มการสรรหาบุคลากรในท้องถิ่นและความร่วมมือกับมหาวิทยาลัยในสหรัฐฯ แม้ว่าการบรรจุหีบห่อจะเกิดขึ้นในไต้หวันในช่วงแรกจนกว่าโรงงานใน Peoria จะเริ่มดำเนินการ
    • +
+

ปฏิกิริยา

+
    +
  • แอปเปิลจะได้รับชิปจากโรงงานของ TSMC ในรัฐแอริโซนา แต่จำเป็นต้องส่งกลับไปยังไต้หวันเพื่อบรรจุภัณฑ์เนื่องจากสิ่งอำนวยความสะดวกในสหรัฐฯ ไม่เพียงพอ - กว่า 50% ของแรงงานที่โรงงานในแอริโซนามาจากไต้หวัน ซึ่งบ่งชี้ถึงช่องว่างในสาขา STEM (วิทยาศาสตร์ เทคโนโลยี วิศวกรรมศาสตร์ และคณิตศาสตร์) ของสหรัฐฯ - โครงการ CHIPS Act ที่มุ่งเสริมสร้างการผลิตเซมิคอนดักเตอร์ในสหรัฐฯ เผชิญกับความท้าทายเนื่องจากป้าย "ผลิตในอเมริกา" ถูกตั้งคำถามเนื่องจากกระบวนการบรรจุภัณฑ์เกิดขึ้นในไต้หวัน โดยมีแผนสำหรับความสามารถในการบรรจุภัณฑ์ในสหรัฐฯ ภายในปี 2027
    • +
+

มีผู้ขับขี่น้อยลง 43,000 คนบนถนนในแมนฮัตตันหลังจากการเปิดใช้งานการคิดค่าผ่านทางตามความหนาแน่นของการจราจร

+
    +
  • หลังจากการใช้ระบบการคิดค่าธรรมเนียมการจราจร มีการลดลงของผู้ขับขี่ที่เข้าสู่แมนฮัตตันใต้ถนนที่ 60 ลง 7.5% ซึ่งเท่ากับมีผู้ขับขี่น้อยลง 43,000 คนในแต่ละวันธรรมดา
    • +
  • การลดลงของการจราจรได้ปรับปรุงการไหลของการจราจรและเพิ่มความเร็วของรถบัส โดยมีรถบัสด่วนบางสายที่มีจำนวนผู้โดยสารเพิ่มขึ้น
    • +
  • การขนส่งมวลชนมหานคร (MTA) ใช้รายได้จากค่าผ่านทาง ซึ่งประมาณการไว้ที่ 500 ล้านดอลลาร์ต่อปี สำหรับการปรับปรุงระบบขนส่ง แม้ว่าจะมีการคัดค้านทางการเมืองอยู่บ้าง
    • +
+

ปฏิกิริยา

+
    +
  • การนำระบบการคิดค่าธรรมเนียมการจราจรติดขัดมาใช้ในแมนฮัตตันส่งผลให้มีผู้ขับขี่รถยนต์น้อยลง 43,000 คน นำไปสู่ความเร็วของรถโดยสารที่เพิ่มขึ้นและอาจทำให้เวลาตอบสนองฉุกเฉินดีขึ้น
    • +
  • นโยบายนี้ถูกออกแบบมาเพื่อลดความแออัดของการจราจรและปรับปรุงคุณภาพอากาศ แม้ว่าจะก่อให้เกิดการถกเถียงเกี่ยวกับผลกระทบต่อบุคคลที่มีรายได้น้อย
    • +
  • ผู้สนับสนุนโต้แย้งว่าประโยชน์รวมถึงระบบขนส่งสาธารณะที่มีประสิทธิภาพมากขึ้นและอากาศที่สะอาดขึ้น ในขณะที่การอภิปรายยังคงดำเนินต่อไปเกี่ยวกับการสร้างสมดุลระหว่างข้อดีเหล่านี้กับความต้องการของผู้ขับขี่
    • +
+ + + + + +]]> + https://hn.cho.sh/th/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

รถวอลโว่ปี 1993 ที่ขับเคลื่อนด้วยตัวเองพร้อมระบบโอเพ่นไพลอต

-
    -
  • กลุ่มเพื่อนกลุ่มหนึ่งได้เข้าร่วมการแข่งขัน Carbage Run 2025 ฉบับฤดูหนาว ซึ่งเป็นการแข่งรถ 6 วันผ่านสวีเดนไปยังวงกลมขั้วโลกและกลับมาที่เฮลซิงกิ โดยมีข้อกำหนดว่ารถต้องมีอายุอย่างน้อย 20 ปีและมีมูลค่าต่ำกว่า €1000
    • -
  • พวกเขาได้เปลี่ยน Volvo 940 Estate ปี 1993 ให้กลายเป็นยานพาหนะขับเคลื่อนอัตโนมัติโดยใช้ openpilot จาก comma.ai รวมถึงการติดตั้งส่วนประกอบสมัยใหม่ เช่น พวงมาลัยไฟฟ้า Bosch iBooster และเซ็นเซอร์เรดาร์ของ Tesla
    • -
  • การอัปเดตในอนาคตจะรวมถึงรายละเอียดเกี่ยวกับการเดินสายไฟ, หน่วยควบคุมเครื่องยนต์ (ECU) ที่ปรับแต่งเอง, และแผนการเปิดซอร์สโค้ด ซึ่งเน้นย้ำถึงแนวทางที่เป็นนวัตกรรมของโครงการในการปรับปรุงยานพาหนะรุ่นเก่าด้วยเทคโนโลยีอัตโนมัติ
    • -
-

ปฏิกิริยา

-
    -
  • รถ Volvo 940 ปี 1993 ได้รับการติดตั้ง OpenPilot ซึ่งเป็นเทคโนโลยีขับเคลื่อนอัตโนมัติ แสดงให้เห็นถึงการผสมผสานระหว่างการออกแบบรถคลาสสิกกับเทคโนโลยีสมัยใหม่
    • -
  • โครงการนี้เผชิญกับความท้าทาย รวมถึงการอัปเดตระบบเบรกและพวงมาลัย ซึ่งก่อให้เกิดความกังวลด้านกฎหมายและความปลอดภัย โดยเฉพาะอย่างยิ่งกับการดัดแปลงด้วยตนเอง เช่น การเชื่อมคอพวงมาลัย
    • -
  • การสนทนาขยายไปถึงกฎระเบียบเกี่ยวกับรถยนต์ในยุโรป การลดลงของรถฮ็อตร็อดในสหรัฐอเมริกา และความแตกต่างทางวัฒนธรรมในเสรีภาพในการดัดแปลงรถยนต์ โดยโครงการนี้ถูกมองว่าเป็นความพยายาม DIY ที่สร้างแรงบันดาลใจแม้จะมีความกังวลด้านความปลอดภัยก็ตาม
    • -
-

VoxelSpace: อัลกอริทึมการเรนเดอร์ภูมิประเทศในโค้ดน้อยกว่า 20 บรรทัด (2020)

-
    -
  • เกม Comanche ของ NovaLogic ในปี 1992 ใช้เอนจิน Voxel Space ซึ่งเป็นเทคนิคการเรนเดอร์แบบ 2.5D ที่อิงจากการแคสต์เรย์ เพื่อสร้างภูมิประเทศที่มีรายละเอียดพร้อมการแรเงาและเงา
    • -
  • เอนจิน Voxel Space ใช้แผนที่ความสูงและสีพร้อมกับอัลกอริธึมการเรนเดอร์แบบง่าย ๆ โดยการวาดเส้นแนวตั้งจากด้านหลังไปด้านหน้า ซึ่งสามารถปรับแต่งเพื่อเพิ่มประสิทธิภาพได้
    • -
  • โค้ดของเครื่องยนต์มีให้ใช้งานภายใต้ใบอนุญาต MIT แต่เทคโนโลยีอาจยังคงได้รับการจดสิทธิบัตรในบางภูมิภาค
    • -
-

ปฏิกิริยา

-
    -
  • VoxelSpace เป็นอัลกอริธึมการเรนเดอร์ภูมิประเทศที่โดดเด่นในด้านความเรียบง่าย โดยต้องการโค้ดน้อยกว่า 20 บรรทัด และกระตุ้นความคิดถึงสำหรับการพัฒนาเกมที่สร้างสรรค์ในยุคที่ฮาร์ดแวร์มีข้อจำกัด
    • -
  • เกม AAA สมัยใหม่มุ่งเน้นไปที่การปรับแต่งที่ซับซ้อนและแนวโน้มตลาด ซึ่งมักจะแลกมาด้วยความแปลกใหม่ ในขณะที่เกมอินดี้และแพลตฟอร์มอย่าง PICO-8 มอบอิสระในการสร้างสรรค์มากกว่า
    • -
  • แม้จะมีความก้าวหน้าทางเทคโนโลยี แต่บางนักพัฒนาและผู้เล่นรู้สึกว่า "มนต์เสน่ห์" ของเกมเก่าหายไป แม้ว่าโครงการนวัตกรรมอย่างการเรนเดอร์แบบ voxel ยังคงสร้างแรงบันดาลใจให้กับความคิดสร้างสรรค์
    • -
-

วิธีการวาดเส้นขอบในวิดีโอเกม

-
    -
  • บทความนี้กล่าวถึงเทคนิคห้าอย่างในการสร้างเส้นขอบใน Unity ซึ่งเป็นแพลตฟอร์มพัฒนาเกมยอดนิยม โดยเน้นการใช้งานในเกมอย่าง Sable และ The Last of Us - เทคนิคต่างๆ ประกอบด้วย Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm และ Edge Detection ซึ่งแต่ละเทคนิคมีข้อดีและข้อเสียเฉพาะตัวในแง่ของประสิทธิภาพและคุณภาพภาพ - บทความนี้ให้ข้อมูลเชิงลึกเกี่ยวกับการปรับสมดุลวิธีการเหล่านี้เพื่อความสวยงามของเกมและการสนับสนุนการเล่นเกมที่เหมาะสม พร้อมทั้งมีแหล่งข้อมูลเพิ่มเติมและเครดิตสำหรับโมเดล 3D ที่รวมอยู่ด้วย
    • -
-

ปฏิกิริยา

-
    -
  • บทความนี้สำรวจเทคนิคขั้นสูงในการวาดเส้นขอบในวิดีโอเกม โดยเน้นถึงประสิทธิภาพของอัลกอริทึม Jump Flood (JFA) และ Signed Distance Fields (SDFs) เมื่อเทียบกับวิธีการแบบดั้งเดิม - มันเจาะลึกถึงกราฟิก 3D แบบสไตล์ โดยพูดคุยเกี่ยวกับเทคนิคการเรนเดอร์และการใช้เครือข่ายประสาทเทียมที่มีศักยภาพสำหรับการจัดแสงและการสไตล์ - ผู้ร่วมเขียนให้ข้อมูลเชิงลึกเกี่ยวกับการพัฒนาประวัติศาสตร์ของ cel shading ในเกม เช่น Jet Set Radio โดยเน้นถึงการบรรจบกันที่พัฒนาไปของเทคโนโลยีและศิลปะในกราฟิก 3D
    • -
-

ฉันกำลังลาออกจากวอชิงตันโพสต์

-

ปฏิกิริยา

-
    -
  • ผู้เขียนกำลังจะออกจาก Washington Post เนื่องจากความล้มเหลวในการปรับตัวให้เข้ากับภูมิทัศน์สื่อที่เปลี่ยนแปลงและวิธีการนำเสนอประเด็นต่าง ๆ ซึ่งพวกเขาเชื่อว่าไม่มีประสิทธิภาพสำหรับหัวข้อสำคัญเช่นประชาธิปไตย
    • -
  • สื่อดั้งเดิม โดยเฉพาะหนังสือพิมพ์ท้องถิ่น กำลังประสบปัญหาทางการเงิน ซึ่งนำไปสู่การรายงานข่าวที่มีอคติและความเชื่อมั่นของสาธารณชนที่ลดลง ในขณะที่สื่อสังคมออนไลน์ไม่สามารถทดแทนงานที่เข้มงวดของการสื่อสารมวลชนได้
    • -
  • มีความกังวลเกี่ยวกับอิทธิพลของบุคคลที่ร่ำรวย เช่น เจฟฟ์ เบโซส ต่อสื่อมวลชน และผลกระทบของผลประโยชน์ทางธุรกิจต่อบทบาทของสื่อในการตรวจสอบอำนาจ
    • -
-

Perplexity มีโฆษณา

-

ปฏิกิริยา

-
    -
  • Perplexity ได้แนะนำโฆษณา ซึ่งนำไปสู่การอภิปรายเกี่ยวกับความหลีกเลี่ยงไม่ได้ของโฆษณาในบริการออนไลน์เนื่องจากผู้บริโภคไม่เต็มใจที่จะจ่ายเงินเพื่อประสบการณ์ที่ไม่มีโฆษณา - ผู้ใช้บางคนพบว่าโฆษณารบกวนและชอบบริการที่มีการสมัครสมาชิกเช่น Kagi ซึ่งเสนอการค้นหาแบบไม่มีโฆษณา ในขณะที่คนอื่น ๆ ยังคงเลือกตัวเลือกที่ฟรีและมีโฆษณาสนับสนุน - สถานการณ์นี้เน้นย้ำถึงการถกเถียงอย่างต่อเนื่องระหว่างโมเดลที่มีโฆษณาสนับสนุนและโมเดลที่มีการสมัครสมาชิกในบริการดิจิทัล
    • -
- - - - - -]]> - https://hn.cho.sh/th/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/tr.xml b/static/rss/newsletter/tr.xml index 73dfebe4c..d66e294d8 100644 --- a/static/rss/newsletter/tr.xml +++ b/static/rss/newsletter/tr.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

Bir Snyk güvenlik araştırmacısı, cursor.com'u hedef alan kötü niyetli NPM paketleri dağıtıyor.

+
    +
  • Bir Snyk güvenlik araştırmacısı, sistem verilerini toplamak ve saldırgan kontrolündeki bir hizmete göndermek amacıyla, bir yapay zeka kodlama şirketi olan Cursor.com'u hedef alan kötü niyetli NPM paketleri yayımladı.
    • +
  • Bu paketler, "cursor-retrieval," "cursor-always-local" ve "cursor-shadow-workspace" olarak tanımlandı ve OpenSSF paket analiz tarayıcısı tarafından işaretlenerek MAL-2025-27, MAL-2025-28 ve MAL-2025-29 uyarılarına yol açtı.
    • +
  • Bu olay, potansiyel güvenlik tehditlerinden kaçınmak için NPM paketlerini yüklemeden önce dikkatlice incelemenin önemini vurgulamaktadır.
    • +
+

Tepkiler

+
    +
  • Snyk güvenlik araştırmacısı, cursor.com'u hedef alan kötü amaçlı NPM (Node Package Manager) paketlerini yayınlayarak bağımlılık karışıklığı açıklarını vurguladı. - Olay, özellikle ortam değişkenlerinin kamuya açıklanması konusunda güvenlik araştırmalarının etiği üzerine bir tartışma başlattı. - Cursor.com, bu eylemi yetkilendirmediklerini açıkladı ve Snyk, saldırgan güvenlik araştırmalarını etik standartlarla dengelemenin zorluklarını vurgulayarak özür diledi.
    • +
+

Firefox'a Geçtim ve Bir Daha Asla Geriye Bakmadım

+
    +
  • Firefox, üstün sekme yönetimi, bağlantıları kaydetmek için yerleşik Pocket özelliği ve gizlilik odaklı e-posta yönlendirmesi ile övülmekte olup, Chrome'a güçlü bir alternatif oluşturmaktadır. - Kullanıcı dostu ekran görüntüsü aracı, ChatGPT düğmesi, Resim içinde Resim, özelleştirilebilir arama seçenekleri ve akıcı kaydırma gibi ek özellikler, gezinme deneyimini geliştirmektedir. - Firefox, Chrome'un web uygulama özelliğinden yoksun olsa da, düşünceli tasarımı ve azaltılmış kaynak talepleri, bazı kullanıcılar için tercih edilen bir seçenek haline getirmektedir.
    • +
+

Tepkiler

+
    +
  • Firefox kullanıcıları, YouTube gibi platformlardan, özellikle Google dışı tarayıcılar veya reklam engelleyiciler kullanan kullanıcılar için deneyimi kasıtlı olarak kötüleştirebilecek zorluklarla karşı karşıya kalıyor. - Bu eğilim, reklamsız ve gözetimsiz bir web deneyimi tercih edenleri cezalandırdığı için kullanıcı özerkliği konusunda endişeleri artırıyor. - Firefox, gizliliği ve kullanılabilirliği artıran konteyner sekmeleri gibi benzersiz özellikler sunarak, büyük şirketlerin kontrolündeki tarayıcılardan bağımsızlık arayan kullanıcılar için tercih edilen bir seçenek haline geliyor.
    • +
+

Sonos CEO'su, uygulama güncelleme fiyaskosunun ardından istifa etti

+

Tepkiler

+
    +
  • Sonos CEO'su, kullanıcıların pahalı ses sistemlerini değiştirmesini gerektiren tartışmalı bir uygulama güncellemesinin ardından istifa etti ve bu durum müşteri memnuniyetsizliğine yol açtı. - Güncelleme, güvenilir Universal Plug and Play (UPnP) sisteminden uzaklaşarak bulut tabanlı bir sistem tanıttı ve bu da bağlantı sorunlarına ve artan karmaşıklığa neden oldu. - Bu durum, iş stratejileri ile müşteri güvenini sürdürme arasındaki çatışmayı vurgularken, CEO bir kıdem tazminatı paketi ile danışmanlık rolüne geçiş yapıyor.
    • +
+

MrBeast'in karnında

+

Tepkiler

+
    +
  • Makale, YouTube'un algoritmasının içerik oluşturmayı nasıl etkilediğini inceliyor ve MrBeast'i bir vaka çalışması olarak kullanarak, anlamlı içerikten ziyade etkileşim odaklı bir kaymaya dikkat çekiyor. - Medya okuryazarlığı ve YouTube ile TikTok gibi platformların kültürel etkileri için daha geniş sonuçları tartışıyor ve yüzeysel ve tepkisel içeriğe doğru bir eğilim öneriyor. - Algoritmaların içeriği şekillendirmedeki rolü ve popüler içerik oluşturucuların kültürel normlar üzerindeki etkisi hakkında çeşitli bakış açıları ele alınıyor.
    • +
+

GithHub Git İşlemleri Çalışmıyor

+
    +
  • GitHub, 13 Ocak 2025'te, iç yük dengeleyicisini etkileyen bir yapılandırma değişikliği nedeniyle 23:35'ten 00:24 UTC'ye kadar süren bir Git operasyonları kesintisi yaşadı. - Sorun, yapılandırma değişikliğinin geri alınmasıyla çözüldü ve GitHub, benzer olayları önlemek için izleme ve dağıtım süreçlerini iyileştirmeye çalışıyor. - Kesinti, GitHub'ın Actions ve Pages hizmetlerini de etkiledi ve platform hizmetlerinin birbirine bağlı doğasını vurguladı.
    • +
+

Tepkiler

+
    +
  • GitHub, git işlemlerini etkileyen büyük bir kesinti yaşadı ve bu durum, başlangıçta SSH anahtarları veya yerel yapılandırmalarla ilgili sorunlar olduğunu düşünen geliştiriciler arasında kafa karışıklığına neden oldu. - Olay, merkezi hizmetlere güvenmenin zorluklarını vurguladı ve kendi kendine barındırma ve merkezi olmayan sistemlerin avantajları üzerine tartışmaları tetikledi. - Sorun çözülmüş olmasına rağmen, GitHub'ın güvenilirliği ve temel görevler için üçüncü taraf platformlara bağımlılığın riskleri konusundaki endişeleri gündeme getirdi.
    • +
+

ZFS 2.3, ZFS raidz genişletmesi ile yayınlandı

+
    +
  • OpenZFS 2.3.0, RAIDZ Genişletme, Hızlı Tekilleştirme, Doğrudan Giriş/Çıkış, JSON çıktısı ve uzun dosya adları desteği gibi önemli özellikler sunarak yayınlandı. - Sürüm, Linux çekirdekleri 4.18 - 6.12 ve FreeBSD sürümleri 13.3, 14.0 - 14.2 ile uyumlu olan temel hata düzeltmeleri ve performans iyileştirmelerini içeriyor. - Güncelleme, 134 katkıda bulunanın işbirliğiyle hazırlandı ve incelenmek üzere kapsamlı bir dokümantasyon ve değişiklik günlüğü mevcut.
    • +
+

Tepkiler

+
    +
  • ZFS 2.3, RAIDZ genişletme, hızlı veri tekilleştirme, doğrudan IO, JSON çıktısı ve uzun dosya adları desteği gibi özellikler sunarak piyasaya sürüldü. - RAIDZ genişletme, özellikle dikkat çekicidir çünkü kullanıcıların mevcut bir RAIDZ havuzuna yeni cihazlar eklemesine olanak tanır ve bu da depolama kapasitesini artırırken kesinti süresi olmadan yapılabilir. - Bu sürüm, ZFS kullanıcıları için önemli bir ilerleme olarak kabul edilir ve Btrfs ve Windows Storage Spaces gibi diğer dosya sistemleriyle karşılaştırmalar yapılır, havuzları küçültme yeteneği gibi bazı sınırlamalar olmasına rağmen.
    • +
+

Webtop – Tam masaüstü ortamları içeren Alpine, Ubuntu, Fedora ve Arch konteynerleri

+
    +
  • Linuxserver/webtop, web tarayıcılar aracılığıyla erişilebilen tam masaüstü ortamları sunan, Alpine, Ubuntu, Fedora ve Arch tabanlı konteynerler sağlar ve hem x86-64 hem de arm64 mimarilerini destekler.
    • +
  • Kullanıcılar, belirli imaj etiketlerini kullanarak XFCE, KDE, MATE, i3, Openbox ve IceWM gibi çeşitli masaüstü ortamlarından seçim yapabilir ve belirlenmiş URL'ler aracılığıyla Webtop'a erişebilirler.
    • +
  • Metin: Güvenlik özellikleri arasında Docker'ın seccomp seçeneği ve kimlik doğrulama kurulumu bulunur, ortam değişkenleri aracılığıyla özelleştirme seçenekleri mevcuttur ve açık kaynak sürücülerle GPU hızlandırma desteği sunulmaktadır.
    • +
+

Tepkiler

+
    +
  • Webtop, Alpine, Ubuntu, Fedora ve Arch için tam masaüstü ortamlarına sahip konteynerler sunar ve bir VPN arkasında hızlı kurulumlar için uygundur.
    • +
  • Kullanıcılar, Webtop'un hızını ve kullanım kolaylığını, özellikle güvenli bağlantılar için Gluetun konteyneri ile kullanıldığında övüyorlar, ancak varsayılan kimlik doğrulama eksikliği nedeniyle konteynerleri internete güvenlik önlemleri olmadan açma konusunda uyarıda bulunuyorlar.
    • +
  • Proje, açık kaynaklı ve esnek olması nedeniyle değerli bulunmakta, kullanıcılar yapılandırmaları paylaşmakta ve Kasm ile Selkies gibi alternatifler benzer amaçlar için belirtilmektedir.
    • +
+

Çalışma, çevrimiçi iş ilanlarının 5'te 1'inin ya sahte olduğunu ya da hiç doldurulmadığını ortaya koyuyor.

+
    +
  • Son yapılan bir çalışma, çevrimiçi iş ilanlarının %20'sinin ya sahte olduğunu ya da doldurulmadığını, bu durumun iş arayanların hayal kırıklığını artırdığını gösteriyor. - Bu "hayalet iş" trendi, şirketlerin büyüme imajı yansıtmak için bir taktik olabilir. - Greenhouse ve LinkedIn gibi iş platformları, kullanıcıların gerçek iş fırsatlarını belirlemelerine yardımcı olmak için iş doğrulama hizmetleri sunmaya başladı.
    • +
+

Tepkiler

+
    +
  • Bir çalışma, çevrimiçi iş ilanlarının %20'sinin ya sahte olduğunu ya da doldurulmadığını, bunun genellikle şirketlerin ABD göçmenlik politikalarına uyması gerektiğinden kaynaklandığını ortaya koyuyor. - Şirketler ayrıca ideal adayları bulmak, gereksinimleri değiştirmek veya önceden seçilmiş iç adaylara sahip olmak için iş ilanlarını açık bırakabilir. - İş piyasası, sık sık hayalet muamele ve otomatik reddedilme ile karşılaşan başvuru sahipleri için zordur ve bu durum düzenleyici müdahale çağrılarına yol açmaktadır.
    • +
+

Yayalar için bir kavşağı güvensiz hale getirerek sürücüler için saniyeler kazanmak

+

Tepkiler

+
    +
  • Bu tartışma, kavşakların yaya güvenliğini mi yoksa sürücü verimliliğini mi önceliklendirmesi gerektiği etrafında dönüyor; bazıları ışık kontrollü kavşakları ve yaya geçitlerini 4 yönlü duraklara tercih ediyor.
    • +
  • Fikirler, trafik yasaları ve altyapı tasarımı konusunda farklılık göstermektedir; bu, yaya geçidi olmayan yerlerde karşıdan karşıya geçmenin güvenliği ve kırmızı ışıkta sağa dönüşle ilgili riskler üzerine tartışmaları içermektedir.
    • +
  • Kimileri, hem güvenliği hem de verimliliği artırmak için dönel kavşaklar veya Hollanda trafik mühendisliği standartlarının benimsenmesi gibi alternatif çözümleri savunuyor.
    • +
+

PostgreSQL, 2024 Yılının Veritabanı Yönetim Sistemi oldu.

+
    +
  • PostgreSQL, 423 diğer veritabanı yönetim sistemini geride bırakarak, DB-Engines tarafından 2024 Yılının DBMS'si ödülüne layık görüldü ve bu tanınırlığı beşinci kez elde etti.
    • +
  • PostgreSQL, neredeyse 35 yıllık bir geçmişe sahip olup, Eylül 2024'te piyasaya sürülen PostgreSQL 17'nin son geliştirmelerinde görüldüğü gibi yenilik yapmaya devam ediyor.
    • +
  • Snowflake ve Microsoft sırasıyla ikinci ve üçüncü sırayı aldı; Snowflake bulut tabanlı veri ambarı ve çoklu bulut desteği ile dikkat çekerken, Microsoft Azure SQL Veritabanı ve SQL Server aracılığıyla güçlü yönetilen ilişkisel veritabanları sunuyor.
    • +
+

Tepkiler

+
    +
  • PostgreSQL, db-engines.com tarafından 2024 Yılının Veritabanı Yönetim Sistemi ödülüne layık görüldü ve bu, endüstrideki artan popülaritesini ve tanınırlığını vurguluyor.
    • +
  • Kullanıcılar, olası geçiş zorluklarına rağmen yüksek lisans maliyetleri ve kaynak sınırlamaları nedeniyle Microsoft SQL Server'dan PostgreSQL'e geçmeyi düşünüyor.
    • +
  • PostgreSQL, sağlam özellikleri ve maliyet etkinliği nedeniyle gelecekteki projeler için tercih edilen bir seçenek olup, bazı kullanıcılar maliyetleri azaltmak için Babelfish gibi alternatifleri de araştırmaktadır.
    • +
+

Google’ın OAuth girişi, başarısız bir girişim alan adının satın alınmasına karşı koruma sağlamaz.

+

Tepkiler

+
    +
  • Bu tartışma, başarısız bir girişimin alan adının yeni bir sahip tarafından satın alındığında, Google'ın OAuth giriş sisteminde yetkisiz erişime izin verebilecek bir güvenlik açığını vurgulamaktadır.
    • +
  • Bu sorun, Google'ın orijinal ve yeni alan adı sahiplerini ayırt edememesi nedeniyle ortaya çıkar ve alan adı tabanlı kimlik doğrulama kullanan herhangi bir sistemi etkileyebilir.
    • +
  • Önerilen bir çözüm, zamanla sabit kalan benzersiz tanımlayıcılar kullanmaktır, ancak bu çözümün uygulanması kimlik sağlayıcıları arasında farklılık göstermektedir.
    • +
+

Pasif gelir elde etmek için kodlama becerilerini kullanma

+
    +
  • Yazar, CTO rolünden soloprenörlüğe geçiş yaparak, bir dizi yazılım ürünü aracılığıyla daha fazla kazanç elde etti.
    • +
  • Temel stratejiler arasında derin çalışmaya odaklanmak, küçük projelerle başlamak, hızlı bir şekilde yinelemek ve pazarlama çabalarına zaman ayırmak yer alır.
    • +
  • Yolculuk, belirsizlikler nedeniyle dayanıklılığı vurgularken, bu kariyer yolunun eşsiz özerklik ve özgürlüğünü öne çıkarıyor ve kodlama becerilerine sahip olanları pasif gelir için bunu düşünmeye teşvik ediyor.
    • +
+

Tepkiler

+
    +
  • Kullanıcı, etik kaygılara ve Google'ın nihai baskısına rağmen, sona eren alan adlarını kullanarak SEO spam web siteleri aracılığıyla pasif gelir elde etmeyi ve yıllık yaklaşık 30 bin dolar kazanmayı tarif etti.
    • +
  • Bu gönderi, pasif gelir konusunda bir tartışma başlattı ve bazı kullanıcılar bunun gerçekten pasif kazançlardan ziyade bir iş yürütmeye daha çok benzediğini savundu.
    • +
  • Katılımcılar, yan projelerdeki deneyimlerini ve zorluklarını paylaşarak zamanın, dayanıklılığın ve stratejik planlamanın önemini vurguladılar.
    • +
+

İspanya, AB üyesi olmayan sakinler tarafından satın alınan evlere %100 vergi öneriyor

+
    +
  • İspanya, konut krizini ele almak ve spekülatif alımları sınırlamak amacıyla AB üyesi olmayan sakinler tarafından yapılan gayrimenkul alımlarına %100 vergi getirmeyi düşünüyor.
    • +
  • Başbakan Pedro Sánchez'in teklifi, konut fiyatları ile gelirler arasındaki eşitsizliği ele almak için sosyal konutların genişletilmesini ve turistik kiralamaların düzenlenmesini içeriyor.
    • +
  • Teklifin yasa olarak geleceği belirsiz, bazı analistler bunu kesin bir yasal değişiklikten ziyade yabancı yatırımcılar için bir caydırıcı olarak görüyor.
    • +
+

Tepkiler

+
    +
  • İspanya, konutların uygun fiyatlı olma sorunlarını ele almak için AB dışı sakinler tarafından satın alınan evlere %100 vergi getirmeyi düşünüyor. - Eleştirmenler, yabancı alıcıların yüksek konut fiyatlarının birincil nedeni olmadığını, yavaş bürokrasi ve imar yasalarının daha önemli faktörler olduğunu öne sürüyor. - Öneri, konut piyasalarında yabancı mülkiyetin rolü ve uygun fiyatlılık sorunlarını çözmedeki etkinliği konusunda bir tartışma başlattı.
    • +
+

Apple yakında TSMC'nin Arizona fabrikasından 'Amerika'da üretilmiş' çipler alacak

+
    +
  • Apple, TSMC'nin Arizona tesisinden işlemcileri test ediyor ve ilk çeyrekte seri üretime geçmeyi planlıyor, bu da TSMC'nin yerel olarak üretilen çipler için ilk ABD müşterisi olma potansiyelini taşıyor. - Bu girişim, ABD'nin silikon bağımsızlığını güçlendirmeyi, jeopolitik ve doğal risklere karşı savunmasız olan Tayvan'a bağımlılığı azaltmayı amaçlıyor. - TSMC'nin Arizona fabrikası, gelişmiş 3nm ve 2nm çipler üretecek ve yerel işe alım ile ABD üniversiteleriyle ortaklıkları geliştirme çabaları devam ediyor, ancak paketleme başlangıçta Tayvan'da gerçekleşecek ve Peoria tesisi faaliyete geçene kadar bu durum sürecek.
    • +
+

Tepkiler

+
    +
  • Apple, TSMC'nin Arizona tesisinden çip alacak, ancak ABD'deki yetersiz tesisler nedeniyle paketleme için Tayvan'a geri gönderilmeleri gerekiyor. - Arizona tesisindeki iş gücünün %50'den fazlası Tayvan'dan, bu da ABD'nin STEM (Bilim, Teknoloji, Mühendislik ve Matematik) alanında bir boşluk olduğunu gösteriyor. - ABD yarı iletken üretimini artırmayı amaçlayan CHIPS Yasası girişimi, paketleme sürecinin Tayvan'da gerçekleşmesi nedeniyle "Amerika'da Üretildi" etiketinin sorgulanmasıyla zorluklarla karşılaşıyor, 2027 yılına kadar ABD'de paketleme yetenekleri için planlar yapılıyor.
    • +
+

Yoğunluk fiyatlandırması devreye girdikten sonra Manhattan yollarında 43 bin daha az sürücü var.

+
    +
  • Yoğunluk fiyatlandırması uygulandıktan sonra, 60. Cadde'nin altındaki Manhattan'a giren sürücülerde %7,5'lik bir azalma oldu, bu da her hafta içi 43.000 daha az sürücüye eşdeğer.
    • +
  • Trafikteki azalma, trafik akışını iyileştirmiş ve otobüs hızlarını artırmıştır, bazı ekspres otobüsler daha yüksek yolcu sayısı yaşamaktadır.
    • +
  • MTA, bazı siyasi muhalefetlere rağmen, yıllık yaklaşık 500 milyon dolar olarak tahmin edilen geçiş ücreti gelirini ulaşım iyileştirmeleri için kullanıyor.
    • +
+

Tepkiler

+
    +
  • Manhattan'da tıkanıklık fiyatlandırmasının uygulanması, 43.000 daha az sürücüye yol açarak otobüs hızlarının artmasına ve potansiyel olarak daha iyi acil durum müdahale sürelerine neden oldu.
    • +
  • Politika, trafik sıkışıklığını azaltmak ve hava kalitesini iyileştirmek için tasarlanmıştır, ancak düşük gelirli bireyler üzerindeki etkisi konusunda tartışmalara yol açmıştır.
    • +
  • Destekleyenler, faydalar arasında daha verimli toplu taşıma ve daha temiz hava olduğunu savunurken, bu avantajların sürücülerin ihtiyaçlarıyla nasıl dengeleneceği konusunda tartışmalar devam ediyor.
    • +
+ + + + + +]]> + https://hn.cho.sh/tr/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

1993 model kendi kendine giden Volvo, açık pilot ile

-
    -
  • Bir grup arkadaş, 2025 Kış edisyonu Carbage Run'a katıldı; bu, İsveç üzerinden kutup dairesine ve ardından Helsinki'ye geri dönen, arabaların en az 20 yaşında ve değeri 1000 €'nun altında olmasını gerektiren 6 günlük bir rallidir.
    • -
  • 1993 model bir Volvo 940 Estate'i, comma.ai'den openpilot kullanarak kendi kendine giden bir araca dönüştürdüler ve elektrikli direksiyon, Bosch iBooster ve Tesla radar sensörü gibi modern bileşenler eklediler.
    • -
  • Gelecekteki güncellemeler, kablolama detayları, özel bir Motor Kontrol Ünitesi (ECU) ve kodu açık kaynak yapma planlarını içerecek, projenin eski araçları otonom teknoloji ile donatma konusundaki yenilikçi yaklaşımını vurgulayacak.
    • -
-

Tepkiler

-
    -
  • 1993 model bir Volvo 940, klasik otomobil tasarımı ile modern teknolojinin kesişimini vurgulayan bir otonom sürüş teknolojisi olan OpenPilot ile donatıldı.
    • -
  • Proje, direksiyon kolonunun kaynakla birleştirilmesi gibi kendin yap (DIY) modifikasyonlarıyla ilgili yasal ve güvenlik endişelerini artıran fren ve direksiyon sistemlerinin güncellenmesi de dahil olmak üzere zorluklarla karşılaştı.
    • -
  • Avrupa'daki araba düzenlemeleri, ABD'de hotrodların azalması ve araba modifikasyonu özgürlüklerindeki kültürel farklılıklar üzerine tartışma genişledi, proje güvenlik endişelerine rağmen ilham verici bir DIY çabası olarak görüldü.
    • -
-

VoxelSpace: 20 satırdan daha az kodla arazi işleme algoritması (2020)

-
    -
  • NovaLogic'in 1992 yapımı Comanche oyunu, gölgelendirme ve gölgelerle detaylı araziler oluşturmak için ışın dökümüne dayanan 2.5D bir işleme tekniği olan Voxel Space motorunu kullandı.
    • -
  • Voxel Space motoru, yükseklik ve renk haritalarını ve basit bir işleme algoritmasını kullanarak, performans için optimize edilebilecek şekilde arkadan öne doğru dikey çizgiler çiziyordu.
    • -
  • Motorun kodu MIT lisansı altında mevcuttur, ancak teknoloji belirli bölgelerde hala patentli olabilir.
    • -
-

Tepkiler

-
    -
  • VoxelSpace, 20 satırdan az kod gerektiren sadeliğiyle dikkat çeken bir arazi işleme algoritmasıdır ve donanımın sınırlı olduğu dönemlerdeki yenilikçi oyun geliştirme çalışmalarına nostalji uyandırır.
    • -
  • Modern AAA oyunlar, genellikle özgünlük pahasına karmaşık optimizasyonlara ve pazar trendlerine odaklanırken, bağımsız oyunlar ve PICO-8 gibi platformlar daha fazla yaratıcı özgürlük sunar.
    • -
  • Teknolojik ilerlemelere rağmen, bazı geliştiriciler ve oyuncular eski oyunların "büyüsünün" eksik olduğunu hissediyor, ancak voxel renderleme gibi yenilikçi projeler yaratıcılığı ilham vermeye devam ediyor.
    • -
-

Bir video oyununda ana hat nasıl çizilir

-
    -
  • Makale, popüler bir oyun geliştirme platformu olan Unity'de dış hatları oluşturmak için beş tekniği tartışıyor ve bunların Sable ve The Last of Us gibi oyunlarda kullanımını vurguluyor. - Teknikler arasında Kenar Efektleri, Vertex Ekstrüzyonu, Bulanık Tampon, Sıçrama Taşkın Algoritması ve Kenar Algılama yer alıyor ve her biri performans ve görsel kalite açısından benzersiz avantajlar ve ödünleşimler sunuyor. - Makale, bu yöntemleri optimal oyun estetiği ve oyun desteği için dengeleme konusunda içgörüler sağlıyor ve ek kaynaklar ile 3D modeller için krediler içeriyor.
    • -
-

Tepkiler

-
    -
  • Makale, video oyunlarında dış hatları çizmek için gelişmiş teknikleri araştırıyor ve Geleneksel yöntemlere göre Jump Flood Algoritması (JFA) ve İmzalı Mesafe Alanlarının (SDF'ler) verimliliğini vurguluyor. - Stilize 3D grafiklere dalarak, render tekniklerini ve aydınlatma ve stil için sinir ağlarının potansiyel kullanımını tartışıyor. - Katkıda bulunanlar, Jet Set Radio gibi oyunlarda cel gölgelemenin tarihsel gelişimine dair içgörüler sunarak, 3D grafiklerde teknolojinin ve sanatın gelişen kesişimini vurguluyor.
    • -
-

Washington Post'tan ayrılıyorum

-

Tepkiler

-
    -
  • Yazar, Washington Post'tan ayrılıyor çünkü gazetenin gelişen medya ortamına uyum sağlayamaması ve konuları sunma yaklaşımının demokrasi gibi kritik konular için etkisiz olduğuna inanıyor.
    • -
  • Yerel gazeteler başta olmak üzere geleneksel medya mali açıdan zorlanıyor, bu da taraflı haberciliğe ve kamu güveninde azalmaya yol açıyor, oysa sosyal medya gazeteciliğin titiz çalışmasının yerini alamaz.
    • -
  • Zengin bireylerin, örneğin Jeff Bezos gibi, medya kuruluşları üzerindeki etkisi ve kurumsal çıkarların medyanın gücü hesap verme sorumluluğuna tabi tutma rolü üzerindeki etkisi hakkında endişeler dile getirilmektedir.
    • -
-

Perplexity reklam aldı

-

Tepkiler

-
    -
  • Perplexity, reklamlara yer vermeye başladı ve bu durum, çevrimiçi hizmetlerde reklamsız deneyimler için ödeme yapma konusundaki tüketici isteksizliği nedeniyle reklamların kaçınılmazlığı hakkında tartışmalara yol açtı. - Bazı kullanıcılar reklamları rahatsız edici buluyor ve reklamsız arama sunan Kagi gibi abonelik tabanlı hizmetleri tercih ediyor, diğerleri ise ücretsiz, reklam destekli seçenekleri tercih etmeye devam ediyor. - Bu durum, dijital hizmetlerde reklam destekli ve abonelik tabanlı modeller arasındaki süregelen tartışmayı vurguluyor.
    • -
- - - - - -]]> - https://hn.cho.sh/tr/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/vi.xml b/static/rss/newsletter/vi.xml index c6dccbb64..c6615d836 100644 --- a/static/rss/newsletter/vi.xml +++ b/static/rss/newsletter/vi.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

Snyk nhà nghiên cứu bảo mật triển khai các gói NPM độc hại nhắm mục tiêu vào cursor.com

+
    +
  • Một nhà nghiên cứu bảo mật của Snyk đã phát hành các gói NPM độc hại nhắm vào Cursor.com, một công ty mã hóa AI, để thu thập dữ liệu hệ thống và gửi nó đến một dịch vụ do kẻ tấn công kiểm soát.
    • +
  • Những gói này, được xác định là "cursor-retrieval," "cursor-always-local," và "cursor-shadow-workspace," đã bị gắn cờ bởi máy quét phân tích gói OpenSSF, dẫn đến các khuyến cáo MAL-2025-27, MAL-2025-28, và MAL-2025-29.
    • +
  • Vụ việc này nhấn mạnh tầm quan trọng của việc kiểm tra kỹ lưỡng các gói NPM trước khi cài đặt để tránh các mối đe dọa an ninh tiềm ẩn.
    • +
+

phản ứng

+
    +
  • Ai nghiên cứu bảo mật của Snyk đã phát hành các gói NPM (Node Package Manager) độc hại nhắm vào cursor.com, làm nổi bật các lỗ hổng nhầm lẫn phụ thuộc. - Sự cố này đã gây ra một cuộc tranh luận về đạo đức trong nghiên cứu bảo mật, đặc biệt là liên quan đến việc công khai các biến môi trường. - Cursor.com đã làm rõ rằng họ không ủy quyền cho hành động này, và Snyk đã xin lỗi kể từ đó, nhấn mạnh những thách thức trong việc cân bằng nghiên cứu bảo mật tấn công với các tiêu chuẩn đạo đức.
    • +
+

Tôi đã chuyển sang Firefox và không bao giờ nhìn lại

+
    +
  • Firefox được khen ngợi vì khả năng quản lý tab vượt trội, tính năng Pocket tích hợp để lưu liên kết và dịch vụ chuyển tiếp email tập trung vào quyền riêng tư, làm cho nó trở thành một lựa chọn thay thế mạnh mẽ cho Chrome. - Các tính năng bổ sung như công cụ chụp màn hình thân thiện với người dùng, nút ChatGPT, chế độ Picture-in-Picture, tùy chọn tìm kiếm có thể tùy chỉnh và cuộn mượt mà nâng cao trải nghiệm duyệt web. - Mặc dù Firefox thiếu tính năng ứng dụng web của Chrome, thiết kế chu đáo và yêu cầu tài nguyên giảm khiến nó trở thành lựa chọn ưa thích của một số người dùng.
    • +
+

phản ứng

+
    +
  • Người dùng Firefox đối mặt với thách thức từ các nền tảng như YouTube, có thể cố ý làm giảm trải nghiệm cho các trình duyệt không phải của Google hoặc người dùng sử dụng trình chặn quảng cáo. - Xu hướng này gây lo ngại về quyền tự chủ của người dùng, vì nó trừng phạt những người chọn trải nghiệm web không có quảng cáo và giám sát. - Firefox cung cấp các tính năng độc đáo, như tab container, giúp tăng cường quyền riêng tư và khả năng sử dụng, làm cho nó trở thành lựa chọn ưa thích cho những người dùng tìm kiếm sự độc lập khỏi các trình duyệt do các tập đoàn lớn kiểm soát.
    • +
+

CEO của Sonos từ chức sau vụ bê bối cập nhật ứng dụng

+

phản ứng

+
    +
  • Theo thông tin, CEO của Sonos đã từ chức sau khi có một bản cập nhật ứng dụng gây tranh cãi, yêu cầu người dùng thay thế các hệ thống âm thanh đắt tiền, dẫn đến sự không hài lòng của khách hàng. - Bản cập nhật này đã giới thiệu một hệ thống dựa trên đám mây, chuyển từ hệ thống Universal Plug and Play (UPnP) đáng tin cậy, dẫn đến các vấn đề kết nối và tăng độ phức tạp. - Tình huống này nhấn mạnh mâu thuẫn giữa chiến lược kinh doanh và duy trì niềm tin của khách hàng, khi CEO chuyển sang vai trò cố vấn với một gói trợ cấp thôi việc.
    • +
+

Trong bụng của MrBeast

+

phản ứng

+
    +
  • Theo bài tiểu luận, thuật toán của YouTube ảnh hưởng đến việc tạo nội dung như thế nào, sử dụng MrBeast làm trường hợp nghiên cứu, nhấn mạnh sự chuyển dịch hướng tới nội dung dựa trên sự tương tác hơn là nội dung có ý nghĩa. - Nó thảo luận về những tác động rộng lớn hơn đối với khả năng hiểu biết về truyền thông và ảnh hưởng văn hóa của các nền tảng như YouTube và TikTok, gợi ý một xu hướng hướng tới nội dung hời hợt và phản ứng. - Nhiều quan điểm khác nhau được xem xét về vai trò của thuật toán trong việc định hình nội dung và ảnh hưởng của những người sáng tạo nổi tiếng đối với các chuẩn mực văn hóa.
    • +
+

Hoạt động Git trên GitHub đang gặp sự cố

+
    +
  • GitHub đã gặp sự cố gián đoạn hoạt động Git vào ngày 13 tháng 1 năm 2025, do thay đổi cấu hình ảnh hưởng đến bộ cân bằng tải nội bộ, kéo dài từ 23:35 đến 00:24 UTC. - Vấn đề đã được giải quyết bằng cách hoàn nguyên thay đổi cấu hình, và GitHub đang làm việc để cải thiện quy trình giám sát và triển khai nhằm ngăn chặn các sự cố tương tự. - Sự cố gián đoạn cũng ảnh hưởng đến các dịch vụ Actions và Pages của GitHub, làm nổi bật tính chất liên kết của các dịch vụ nền tảng của họ.
    • +
+

phản ứng

+
    +
  • GitHub đã gặp phải một sự cố lớn ảnh hưởng đến các hoạt động git, dẫn đến sự nhầm lẫn trong cộng đồng phát triển khi ban đầu họ nghi ngờ có vấn đề với các khóa SSH hoặc cấu hình cục bộ của mình. - Sự cố này nhấn mạnh những thách thức của việc phụ thuộc vào các dịch vụ tập trung, thúc đẩy các cuộc thảo luận về lợi ích của việc tự lưu trữ và các hệ thống phi tập trung. - Mặc dù vấn đề đã được giải quyết, nhưng nó đã làm nổi bật những lo ngại về độ tin cậy của GitHub và những rủi ro khi phụ thuộc vào các nền tảng bên thứ ba cho các nhiệm vụ quan trọng.
    • +
+

ZFS 2.3 phát hành với mở rộng ZFS raidz

+
    +
  • OpenZFS 2.3.0 đã được phát hành, giới thiệu các tính năng quan trọng như Mở rộng RAIDZ, Khử trùng lặp Nhanh, Đầu vào/Đầu ra Trực tiếp, đầu ra JSON và hỗ trợ tên tệp dài. - Bản phát hành bao gồm các bản sửa lỗi quan trọng và cải tiến hiệu suất, tương thích với các nhân Linux từ 4.18 đến 6.12 và các phiên bản FreeBSD 13.3, 14.0 - 14.2. - Bản cập nhật là nỗ lực hợp tác từ 134 người đóng góp, với tài liệu đầy đủ và nhật ký thay đổi có sẵn để xem xét.
    • +
+

phản ứng

+
    +
  • ZFS 2.3 đã được phát hành, giới thiệu các tính năng như mở rộng RAIDZ, khử trùng lặp nhanh, IO trực tiếp, đầu ra JSON và hỗ trợ tên tệp dài. - Mở rộng RAIDZ đặc biệt đáng chú ý vì nó cho phép người dùng thêm thiết bị mới vào một pool RAIDZ hiện có mà không cần thời gian ngừng hoạt động, tăng cường khả năng lưu trữ. - Bản phát hành này được coi là một bước tiến đáng kể cho người dùng ZFS, được so sánh với các hệ thống tệp khác như Btrfs và Windows Storage Spaces, mặc dù có một số hạn chế như không thể thu nhỏ pool.
    • +
+

Webtop – Các container Alpine, Ubuntu, Fedora và Arch chứa các môi trường desktop đầy đủ

+
    +
  • Linuxserver/webtop cung cấp các container dựa trên Alpine, Ubuntu, Fedora và Arch với các môi trường desktop đầy đủ có thể truy cập thông qua trình duyệt web, hỗ trợ cả kiến trúc x86-64 và arm64.
    • +
  • Người dùng có thể chọn từ nhiều môi trường desktop khác nhau như XFCE, KDE, MATE, i3, Openbox và IceWM bằng cách sử dụng các thẻ hình ảnh cụ thể, và truy cập Webtop thông qua các URL được chỉ định.
    • +
  • Những tính năng bảo mật bao gồm tùy chọn seccomp của Docker và thiết lập xác thực, với các tùy chọn tùy chỉnh có sẵn thông qua các biến môi trường, và hỗ trợ tăng tốc GPU với các trình điều khiển mã nguồn mở.
    • +
+

phản ứng

+
    +
  • Webtop cung cấp các container với môi trường desktop đầy đủ cho Alpine, Ubuntu, Fedora và Arch, phù hợp cho các thiết lập nhanh chóng đằng sau một VPN.
    • +
  • Người dùng khen ngợi Webtop vì tốc độ và dễ sử dụng, đặc biệt khi sử dụng với container Gluetun để kết nối an toàn, nhưng cảnh báo không nên để lộ các container ra internet mà không có biện pháp bảo mật do thiếu xác thực mặc định.
    • +
  • Đề án được đánh giá cao vì là mã nguồn mở và linh hoạt, với người dùng chia sẻ các cấu hình, và các lựa chọn thay thế như Kasm và Selkies được ghi nhận cho các mục đích tương tự.
    • +
+

1 trong 5 tin tuyển dụng trực tuyến là giả hoặc không bao giờ được lấp đầy, nghiên cứu cho thấy

+
    +
  • Một nghiên cứu gần đây chỉ ra rằng 20% các bài đăng tuyển dụng trực tuyến là giả mạo hoặc không được lấp đầy, làm tăng thêm sự thất vọng của người tìm việc. - Xu hướng "công việc ma" này có thể là một chiến thuật của các công ty để tạo ra hình ảnh phát triển. - Các nền tảng việc làm như Greenhouse và LinkedIn đã giới thiệu các dịch vụ xác minh công việc để hỗ trợ người dùng nhận diện các cơ hội việc làm thực sự.
    • +
+

phản ứng

+
    +
  • Một nghiên cứu tiết lộ rằng 20% các tin tuyển dụng trực tuyến là giả hoặc không được lấp đầy, thường do các công ty cần tuân thủ các chính sách nhập cư của Mỹ. - Các công ty cũng có thể để lại các tin tuyển dụng để tìm ứng viên lý tưởng, thay đổi yêu cầu, hoặc đã có sẵn ứng viên nội bộ được chọn trước. - Thị trường việc làm khó khăn cho các ứng viên, những người thường xuyên gặp phải tình trạng bị bỏ rơi và từ chối tự động, dẫn đến những lời kêu gọi can thiệp quy định.
    • +
+

Biến một giao lộ trở nên không an toàn cho người đi bộ để tiết kiệm vài giây cho người lái xe

+

phản ứng

+
    +
  • Cuộc tranh luận xoay quanh việc liệu các giao lộ nên ưu tiên an toàn cho người đi bộ hay hiệu quả cho người lái xe, với một số người ủng hộ các giao lộ có đèn điều khiển và lối đi bộ chéo thay vì dừng 4 chiều.
    • +
  • Ý kiến khác nhau về luật giao thông và thiết kế cơ sở hạ tầng, với các cuộc thảo luận về sự an toàn của việc đi bộ không đúng luật và những rủi ro liên quan đến việc rẽ phải khi đèn đỏ.
    • +
  • Một số người ủng hộ các giải pháp thay thế như vòng xuyến hoặc áp dụng các tiêu chuẩn kỹ thuật giao thông của Hà Lan để nâng cao cả an toàn và hiệu quả.
    • +
+

PostgreSQL là Hệ quản trị cơ sở dữ liệu của năm 2024

+
    +
  • PostgreSQL đã được trao giải DBMS của năm 2024 bởi DB-Engines, đạt được sự công nhận này lần thứ năm, vượt qua 423 hệ thống quản lý cơ sở dữ liệu khác.
    • +
  • PostgreSQL, với lịch sử kéo dài gần 35 năm, tiếp tục đổi mới, như được thấy trong những cải tiến gần đây của PostgreSQL 17, phát hành vào tháng 9 năm 2024.
    • +
  • Snowflake và Microsoft lần lượt giành vị trí thứ hai và thứ ba, với Snowflake được ghi nhận nhờ kho dữ liệu dựa trên đám mây và hỗ trợ đa đám mây, trong khi Microsoft cung cấp các cơ sở dữ liệu quan hệ được quản lý mạnh mẽ thông qua Azure SQL Database và SQL Server.
    • +
+

phản ứng

+
    +
  • PostgreSQL đã được trao giải Hệ thống Quản lý Cơ sở Dữ liệu của Năm 2024 bởi db-engines.com, nhấn mạnh sự phổ biến ngày càng tăng và sự công nhận trong ngành.
    • +
  • Người dùng đang cân nhắc chuyển từ Microsoft SQL Server sang PostgreSQL do chi phí cấp phép cao và hạn chế về tài nguyên, mặc dù có thể gặp phải những thách thức trong quá trình di chuyển.
    • +
  • PostgreSQL được ưa chuộng nhờ các tính năng mạnh mẽ và hiệu quả về chi phí, khiến nó trở thành lựa chọn ưu tiên cho các dự án trong tương lai, mặc dù một số người dùng tìm kiếm các giải pháp thay thế như Babelfish để giảm chi phí.
    • +
+

Đăng nhập OAuth của Google không bảo vệ chống lại việc mua một tên miền của startup thất bại

+

phản ứng

+
    +
  • Cuộc thảo luận nêu bật một lỗ hổng trong hệ thống đăng nhập OAuth của Google khi tên miền của một công ty khởi nghiệp thất bại được chủ sở hữu mới mua lại, có thể cho phép truy cập trái phép vào các dịch vụ.
    • +
  • Vấn đề này phát sinh vì Google có thể không phân biệt giữa chủ sở hữu tên miền gốc và mới, ảnh hưởng đến bất kỳ hệ thống nào sử dụng xác thực dựa trên tên miền.
    • +
  • Một giải pháp đề xuất là sử dụng các định danh duy nhất không thay đổi theo thời gian, mặc dù việc triển khai giải pháp này khác nhau giữa các nhà cung cấp danh tính.
    • +
+

Kiếm thu nhập thụ động bằng cách sử dụng kỹ năng lập trình

+
    +
  • Người tác giả đã chuyển từ vai trò CTO sang làm một doanh nhân độc lập, thành công kiếm được nhiều hơn thông qua một danh mục các sản phẩm phần mềm.
    • +
  • Những chiến lược chính bao gồm tập trung vào công việc sâu, bắt đầu với các dự án nhỏ, lặp lại nhanh chóng và dành thời gian cho các nỗ lực tiếp thị.
    • +
  • Chuyến hành trình nhấn mạnh sự kiên cường do những bất định, nhưng làm nổi bật sự tự chủ và tự do vô song của con đường sự nghiệp này, khuyến khích những người có kỹ năng lập trình nên cân nhắc nó để có thu nhập thụ động.
    • +
+

phản ứng

+
    +
  • Một người dùng đã mô tả việc tạo thu nhập thụ động thông qua các trang web spam SEO bằng cách sử dụng tên miền sắp hết hạn, kiếm được khoảng 30 nghìn đô la hàng năm, mặc dù có những lo ngại về đạo đức và việc Google cuối cùng sẽ trấn áp.
    • +
  • Đoạn đăng đã gây ra một cuộc tranh luận về thu nhập thụ động, với một số người dùng cho rằng nó giống như điều hành một doanh nghiệp hơn là thu nhập thực sự thụ động.
    • +
  • Những người tham gia đã chia sẻ kinh nghiệm và thách thức trong các dự án phụ, nhấn mạnh tầm quan trọng của thời gian, sự kiên cường và lập kế hoạch chiến lược.
    • +
+

Tây Ban Nha đề xuất thuế 100% đối với nhà ở được mua bởi cư dân không thuộc EU

+
    +
  • Tây Ban Nha đang xem xét áp dụng thuế 100% đối với việc mua bất động sản bởi các cư dân không thuộc EU, nhằm giải quyết cuộc khủng hoảng nhà ở và hạn chế việc mua bán mang tính đầu cơ.
    • +
  • Đề xuất của Thủ tướng Pedro Sánchez bao gồm việc mở rộng nhà ở xã hội và điều chỉnh cho thuê du lịch để giải quyết sự chênh lệch giữa giá nhà và thu nhập.
    • +
  • Việc đề xuất này trở thành luật trong tương lai là không chắc chắn, với một số nhà phân tích coi nó như một biện pháp ngăn cản các nhà đầu tư nước ngoài hơn là một sự thay đổi lập pháp được đảm bảo.
    • +
+

phản ứng

+
    +
  • Tây Ban Nha đang xem xét áp dụng thuế 100% đối với các ngôi nhà được mua bởi cư dân ngoài EU để giải quyết vấn đề khả năng chi trả nhà ở. - Những người chỉ trích cho rằng người mua nước ngoài không phải là nguyên nhân chính gây ra giá nhà cao, mà thay vào đó là do thủ tục hành chính chậm chạp và luật quy hoạch. - Đề xuất này đã khơi dậy một cuộc tranh luận về vai trò của quyền sở hữu nước ngoài trong thị trường nhà ở và hiệu quả của nó trong việc giải quyết các vấn đề về khả năng chi trả.
    • +
+

Apple sẽ sớm nhận được chip 'sản xuất tại Mỹ' từ nhà máy của TSMC ở Arizona

+
    +
  • Apple đang thử nghiệm các bộ vi xử lý từ cơ sở của TSMC tại Arizona, với kế hoạch sản xuất hàng loạt vào quý đầu tiên, có thể trở thành khách hàng đầu tiên của TSMC tại Mỹ cho các chip sản xuất trong nước. - Sáng kiến này nhằm tăng cường sự độc lập về silicon của Mỹ, giảm sự phụ thuộc vào Đài Loan, nơi dễ bị tổn thương trước các rủi ro địa chính trị và thiên nhiên. - Nhà máy của TSMC tại Arizona dự kiến sẽ sản xuất các chip tiên tiến 3nm và 2nm, với nỗ lực liên tục để tăng cường tuyển dụng địa phương và hợp tác với các trường đại học Mỹ, mặc dù việc đóng gói ban đầu sẽ diễn ra tại Đài Loan cho đến khi cơ sở Peoria đi vào hoạt động.
    • +
+

phản ứng

+
    +
  • Apple sẽ nhận chip từ nhà máy của TSMC ở Arizona, nhưng chúng cần được gửi lại Đài Loan để đóng gói do thiếu cơ sở ở Mỹ. - Hơn 50% lực lượng lao động tại nhà máy Arizona đến từ Đài Loan, cho thấy một khoảng trống trong lĩnh vực STEM (Khoa học, Công nghệ, Kỹ thuật và Toán học) của Mỹ. - Sáng kiến Đạo luật CHIPS, nhằm tăng cường sản xuất chất bán dẫn của Mỹ, đang đối mặt với thách thức khi nhãn "Sản xuất tại Mỹ" bị đặt câu hỏi do quá trình đóng gói diễn ra ở Đài Loan, với kế hoạch cho khả năng đóng gói tại Mỹ vào năm 2027.
    • +
+

43 nghìn tài xế ít hơn trên các con đường ở Manhattan sau khi thu phí tắc nghẽn được kích hoạt

+
    +
  • Sau khi áp dụng giá cước tắc nghẽn, đã có sự giảm 7,5% số lượng tài xế vào Manhattan dưới phố 60, tương đương với 43.000 tài xế ít hơn mỗi ngày trong tuần.
    • +
  • Việc giảm lưu lượng giao thông đã cải thiện dòng chảy giao thông và tăng tốc độ xe buýt, với một số xe buýt nhanh có lượng hành khách tăng cao hơn.
    • +
  • Mặc dù có một số phản đối chính trị, Cơ quan Giao thông Vận tải Đô thị (MTA) sử dụng doanh thu từ phí cầu đường, ước tính khoảng 500 triệu đô la hàng năm, để cải thiện hệ thống giao thông.
    • +
+

phản ứng

+
    +
  • Việc thực hiện giá cước tắc nghẽn ở Manhattan đã dẫn đến việc giảm 43.000 tài xế, làm tăng tốc độ xe buýt và có thể cải thiện thời gian phản ứng khẩn cấp.
    • +
  • Chính sách này được thiết kế để giảm tắc nghẽn giao thông và cải thiện chất lượng không khí, mặc dù nó đã gây ra tranh luận về tác động của nó đối với những người có thu nhập thấp hơn.
    • +
  • Những người ủng hộ lập luận rằng lợi ích bao gồm giao thông công cộng hiệu quả hơn và không khí sạch hơn, trong khi các cuộc thảo luận tiếp tục về việc cân bằng những lợi ích này với nhu cầu của người lái xe.
    • +
+ + + + + +]]> + https://hn.cho.sh/vi/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

Xe Volvo tự lái 1993 với hệ thống lái mở

-
    -
  • Một nhóm bạn đã tham gia Carbage Run 2025 phiên bản mùa đông, một cuộc đua kéo dài 6 ngày qua Thụy Điển đến vòng cực và trở lại Helsinki, yêu cầu các xe phải ít nhất 20 năm tuổi và có giá trị dưới 1000 €.
    • -
  • Họ đã biến đổi một chiếc Volvo 940 Estate năm 1993 thành một phương tiện tự lái bằng cách sử dụng openpilot từ comma.ai, tích hợp các thành phần hiện đại như hệ thống lái trợ lực điện, Bosch iBooster và cảm biến radar của Tesla.
    • -
  • Những cập nhật trong tương lai sẽ bao gồm chi tiết về hệ thống dây điện, một Bộ Điều Khiển Động Cơ (ECU) tùy chỉnh, và kế hoạch mã nguồn mở, nhấn mạnh cách tiếp cận sáng tạo của dự án trong việc trang bị công nghệ tự động cho các phương tiện cũ.
    • -
-

phản ứng

-
    -
  • Một chiếc Volvo 940 năm 1993 đã được trang bị OpenPilot, một công nghệ tự lái, làm nổi bật sự giao thoa giữa thiết kế xe cổ điển và công nghệ hiện đại.
    • -
  • Theo dự án đã gặp phải những thách thức, bao gồm việc cập nhật hệ thống phanh và lái, làm dấy lên những lo ngại về pháp lý và an toàn, đặc biệt là với các sửa đổi tự làm như hàn cột lái.
    • -
  • Cuộc thảo luận mở rộng đến các quy định về ô tô ở châu Âu, sự suy giảm của hotrods ở Mỹ, và sự khác biệt văn hóa trong tự do sửa đổi ô tô, với dự án được xem như một nỗ lực DIY đầy cảm hứng mặc dù có những lo ngại về an toàn.
    • -
-

VoxelSpace: Thuật toán kết xuất địa hình trong chưa đầy 20 dòng mã (2020)

-
    -
  • Trò chơi Comanche của NovaLogic năm 1992 đã sử dụng công cụ Voxel Space, một kỹ thuật dựng hình 2.5D dựa trên ray casting, để tạo ra các địa hình chi tiết với đổ bóng và bóng đổ.
    • -
  • Động cơ Voxel Space sử dụng bản đồ độ cao và màu sắc cùng với một thuật toán kết xuất đơn giản, vẽ các đường thẳng đứng từ sau ra trước, có thể được tối ưu hóa để cải thiện hiệu suất.
    • -
  • Đoạn mã của động cơ có sẵn theo giấy phép MIT, nhưng công nghệ này có thể vẫn được cấp bằng sáng chế ở một số khu vực nhất định.
    • -
-

phản ứng

-
    -
  • VoxelSpace là một thuật toán dựng địa hình nổi bật với sự đơn giản của nó, chỉ cần chưa đến 20 dòng mã, và gợi nhớ về sự phát triển trò chơi sáng tạo trong những thời kỳ phần cứng bị giới hạn.
    • -
  • Những trò chơi AAA hiện đại tập trung vào tối ưu hóa phức tạp và xu hướng thị trường, thường là đánh đổi sự độc đáo, trong khi các trò chơi indie và các nền tảng như PICO-8 mang lại nhiều tự do sáng tạo hơn.
    • -
  • Mặc dù có những tiến bộ công nghệ, một số nhà phát triển và người chơi cảm thấy rằng "phép màu" của các trò chơi cũ đang thiếu, mặc dù các dự án sáng tạo như kết xuất voxel tiếp tục truyền cảm hứng cho sự sáng tạo.
    • -
-

Vẽ một đường viền trong trò chơi điện tử như thế nào

-
    -
  • Theo bài viết, có năm kỹ thuật để tạo đường viền trong Unity, một nền tảng phát triển game phổ biến, được sử dụng trong các trò chơi như Sable và The Last of Us. - Các kỹ thuật bao gồm Hiệu ứng Vành, Đùn Đỉnh, Bộ đệm Mờ, Thuật toán Lũ Nhảy, và Phát hiện Cạnh, mỗi kỹ thuật có những ưu điểm và nhược điểm riêng về hiệu suất và chất lượng hình ảnh. - Bài viết cung cấp cái nhìn sâu sắc về việc cân bằng các phương pháp này để đạt được thẩm mỹ trò chơi tối ưu và hỗ trợ lối chơi, kèm theo các tài nguyên bổ sung và ghi nhận cho các mô hình 3D.
    • -
-

phản ứng

-
    -
  • Theo bài viết, các kỹ thuật tiên tiến để vẽ đường viền trong trò chơi điện tử được khám phá, nhấn mạnh sự hiệu quả của Thuật toán Jump Flood (JFA) và Trường Khoảng Cách Có Dấu (SDFs) so với các phương pháp truyền thống. - Bài viết đi sâu vào đồ họa 3D phong cách, thảo luận về các kỹ thuật kết xuất và tiềm năng sử dụng mạng nơ-ron cho ánh sáng và phong cách. - Các cộng tác viên cung cấp cái nhìn sâu sắc về sự phát triển lịch sử của cel shading trong trò chơi, như Jet Set Radio, làm nổi bật sự giao thoa đang phát triển giữa công nghệ và nghệ thuật trong đồ họa 3D.
    • -
-

Tôi sẽ nghỉ việc tại Washington Post

-

phản ứng

-
    -
  • Người viết đang rời khỏi Washington Post do tờ báo này không thể thích nghi với bối cảnh truyền thông đang phát triển và cách tiếp cận trong việc trình bày các vấn đề, mà họ cho là không hiệu quả đối với các chủ đề quan trọng như dân chủ.
    • -
  • Truyền thông truyền thống, đặc biệt là các tờ báo địa phương, đang gặp khó khăn về tài chính, dẫn đến việc đưa tin thiên lệch và sự suy giảm niềm tin của công chúng, trong khi mạng xã hội không thể thay thế công việc nghiêm túc của báo chí.
    • -
  • Những lo ngại được nêu ra về ảnh hưởng của các cá nhân giàu có, như Jeff Bezos, đối với các cơ quan truyền thông, và tác động của lợi ích doanh nghiệp đến vai trò của truyền thông trong việc buộc quyền lực phải chịu trách nhiệm.
    • -
-

Perplexity có quảng cáo

-

phản ứng

-
    -
  • Perplexity đã giới thiệu quảng cáo, dẫn đến các cuộc thảo luận về sự tất yếu của quảng cáo trong các dịch vụ trực tuyến do người tiêu dùng không muốn trả tiền cho trải nghiệm không có quảng cáo. - Một số người dùng thấy quảng cáo gây phiền nhiễu và thích các dịch vụ dựa trên đăng ký như Kagi, cung cấp tìm kiếm không có quảng cáo, trong khi những người khác tiếp tục chọn các tùy chọn miễn phí có hỗ trợ quảng cáo. - Tình huống này nhấn mạnh cuộc tranh luận đang diễn ra giữa các mô hình hỗ trợ quảng cáo và dựa trên đăng ký trong các dịch vụ kỹ thuật số.
    • -
- - - - - -]]> - https://hn.cho.sh/vi/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/zh-Hans.xml b/static/rss/newsletter/zh-Hans.xml index ec04a7601..7d0a6ef70 100644 --- a/static/rss/newsletter/zh-Hans.xml +++ b/static/rss/newsletter/zh-Hans.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

“思客安全研究员部署恶意NPM包,目标是cursor.com”

+
    +
  • “一个 Snyk 安全研究员发布了针对 AI 编码公司 Cursor.com 的恶意 NPM 包,以收集系统数据并将其发送到攻击者控制的服务。”
    • +
  • “这些被标识为“cursor-retrieval”、“cursor-always-local”和“cursor-shadow-workspace”的软件包被OpenSSF软件包分析扫描器标记,导致发布了MAL-2025-27、MAL-2025-28和MAL-2025-29的建议。”
    • +
  • “此事件突显了在安装之前仔细审查NPM包以避免潜在安全威胁的重要性。”
    • +
+

反应

+
    +
  • “一个 Snyk 安全研究员发布了针对 cursor.com 的恶意 NPM(Node Package Manager)包,突显了依赖混淆漏洞。- 这一事件引发了关于安全研究伦理的辩论,特别是关于环境变量的公开暴露。- Cursor.com 澄清他们并未授权此行为,Snyk 随后道歉,强调了在平衡攻击性安全研究与伦理标准方面的挑战。”
    • +
+

“我切换到 Firefox 后再也没有回头”

+
    +
  • Firefox因其出色的标签管理、内置的Pocket功能用于保存链接以及注重隐私的电子邮件中继而受到赞誉,使其成为Chrome的强大替代品。- 其他功能如用户友好的截图工具、ChatGPT按钮、画中画、自定义搜索选项和流畅的滚动增强了浏览体验。- 尽管Firefox缺乏Chrome的网络应用功能,但其周到的设计和较低的资源需求使其成为一些用户的首选。
    • +
+

反应

+
    +
  • “Firefox用户面临来自YouTube等平台的挑战,这些平台可能故意降低非谷歌浏览器或使用广告拦截器用户的体验。- 这一趋势引发了对用户自主权的担忧,因为它惩罚了那些选择无广告和无监控网络体验的用户。- Firefox提供了独特的功能,如容器标签,增强了隐私和可用性,使其成为寻求独立于大型企业控制浏览器的用户的首选。”
    • +
+

“Sonos首席执行官在应用程序更新风波后辞职”

+

反应

+
    +
  • “Sonos首席执行官因一项有争议的应用程序更新而辞职,该更新要求用户更换昂贵的音响系统,导致客户不满。- 该更新引入了基于云的系统,放弃了可靠的通用即插即用(UPnP),导致连接问题和复杂性增加。- 这一情况突显了商业策略与维护客户信任之间的冲突,因为首席执行官将过渡到顾问角色,并获得遣散费。”
    • +
+

“在MrBeast的腹中”

+

反应

+
    +
  • “这篇文章探讨了YouTube的算法如何影响内容创作,以MrBeast为案例研究,强调了一种向以参与度为导向而非有意义内容的转变。- 它讨论了对媒体素养的更广泛影响以及像YouTube和TikTok这样的平台的文化影响,暗示了一种趋向于肤浅和反应性内容的趋势。- 文章考虑了各种观点,探讨了算法在塑造内容中的作用以及流行创作者对文化规范的影响。”
    • +
+

“GitHub Git 操作已中断”

+
    +
  • “GitHub在2025年1月13日因配置更改影响内部负载均衡器而面临Git操作中断,从23:35持续到00:24(UTC)。- 通过恢复配置更改解决了该问题,GitHub正在努力改进监控和部署流程以防止类似事件。- 此次中断还影响了GitHub的Actions和Pages服务,突显了其平台服务的互联性质。”
    • +
+

反应

+
    +
  • “GitHub遭遇了一次重大故障,影响了git操作,导致开发者们最初怀疑是他们的SSH密钥或本地配置出现了问题。- 这一事件突显了依赖集中式服务的挑战,引发了关于自托管和去中心化系统优势的讨论。- 尽管问题已得到解决,但它突显了对GitHub可靠性的担忧以及依赖第三方平台处理关键任务的风险。”
    • +
+

“ZFS 2.3发布,支持ZFS raidz扩展”

+
    +
  • “OpenZFS 2.3.0 已发布,引入了重要功能,如 RAIDZ 扩展、快速重复数据删除、直接输入/输出、JSON 输出和对长文件名的支持。- 此版本包括基本的错误修复和性能增强,兼容 Linux 内核 4.18 - 6.12 和 FreeBSD 版本 13.3, 14.0 - 14.2。- 此更新是由 134 位贡献者共同努力的成果,提供了全面的文档和变更日志供审阅。”
    • +
+

反应

+
    +
  • “ZFS 2.3 已发布,推出了诸如 RAIDZ 扩展、快速重复数据删除、直接 IO、JSON 输出和对长文件名的支持等功能。- RAIDZ 扩展尤其值得注意,因为它允许用户在不中断的情况下向现有的 RAIDZ 池添加新设备,从而增强存储容量。- 尽管存在一些限制,如无法缩小池,但此次发布被认为是 ZFS 用户的重大进步,与其他文件系统如 Btrfs 和 Windows Storage Spaces 相比备受关注。”
    • +
+

“Webtop – Alpine、Ubuntu、Fedora 和 Arch 容器包含完整的桌面环境”

+
    +
  • “Linuxserver/webtop 提供基于 Alpine、Ubuntu、Fedora 和 Arch 的容器,这些容器具有可通过网络浏览器访问的完整桌面环境,支持 x86-64 和 arm64 架构。”
    • +
  • “用户可以通过使用特定的镜像标签,从各种桌面环境中进行选择,如XFCE、KDE、MATE、i3、Openbox和IceWM,并通过指定的URL访问Webtop。”
    • +
  • “安全功能包括 Docker 的 seccomp 选项和身份验证设置,通过环境变量提供自定义选项,并支持使用开源驱动程序进行 GPU 加速。”
    • +
+

反应

+
    +
  • “Webtop 提供带有完整桌面环境的容器,适用于 Alpine、Ubuntu、Fedora 和 Arch,适合在 VPN 后快速设置。”
    • +
  • “用户称赞 Webtop 的速度和易用性,特别是在与 Gluetun 容器一起使用以实现安全连接时,但警告不要在没有安全措施的情况下将容器暴露在互联网上,因为缺乏默认身份验证。”
    • +
  • “该项目因其开源和灵活性而受到重视,用户可以共享配置,类似的替代方案如 Kasm 和 Selkies 也因类似用途而受到关注。”
    • +
+

“研究发现,五分之一的在线招聘信息要么是假的,要么从未被填补。”

+
    +
  • “最近的一项研究表明,20%的在线招聘信息要么是假的,要么无人填补,这增加了求职者的挫败感。- 这种“幽灵职位”趋势可能是公司为了展示增长形象而采取的一种策略。- Greenhouse和LinkedIn等招聘平台已经推出了职位验证服务,以帮助用户识别真实的就业机会。”
    • +
+

反应

+
    +
  • “研究显示,20%的在线招聘信息要么是假的,要么未被填补,这通常是因为公司需要遵守美国移民政策。- 公司也可能会保留招聘信息以寻找理想的候选人、更改要求,或已有预选的内部候选人。- 对于求职者来说,求职市场很困难,他们经常遇到失联和自动拒绝,这促使人们呼吁进行监管干预。”
    • +
+

“为了给司机节省几秒钟而使行人交叉路口变得不安全”

+

反应

+
    +
  • “辩论的焦点在于十字路口应优先考虑行人安全还是驾驶员效率,一些人倾向于使用灯控十字路口和行人专用过街道而不是四向停车。”
    • +
  • “关于交通法规和基础设施设计的意见各不相同,其中包括对乱穿马路的安全性以及红灯右转所带来的风险的讨论。”
    • +
  • “有些人提倡采用替代方案,如环形交叉路口或采用荷兰交通工程标准,以提高安全性和效率。”
    • +
+

PostgreSQL是2024年度数据库管理系统

+
    +
  • PostgreSQL被DB-Engines评为2024年度数据库管理系统(DBMS),这是其第五次获得此殊荣,超过了其他423个数据库管理系统。
    • +
  • “PostgreSQL 拥有近 35 年的历史,仍在不断创新,这在 2024 年 9 月发布的 PostgreSQL 17 的最新增强功能中得到了体现。”
    • +
  • “雪花公司和微软分别获得了第二和第三名,雪花公司因其基于云的数据仓库和多云支持而受到关注,而微软则通过 Azure SQL 数据库和 SQL 服务器提供强大的托管关系数据库。”
    • +
+

反应

+
    +
  • PostgreSQL被db-engines.com评为2024年度数据库管理系统,突显其在行业中的日益普及和认可。
    • +
  • “用户正在考虑从 Microsoft SQL Server 切换到 PostgreSQL,原因是高昂的许可费用和资源限制,尽管可能面临迁移挑战。”
    • +
  • “PostgreSQL因其强大的功能和成本效益而受到青睐,使其成为未来项目的首选,尽管一些用户会探索像Babelfish这样的替代方案以降低成本。”
    • +
+

“Google 的 OAuth 登录无法防止购买失败初创公司的域名”

+

反应

+
    +
  • “讨论指出,当一个失败的初创公司的域名被新所有者收购时,谷歌的OAuth登录系统存在一个漏洞,这可能允许未经授权的访问服务。”
    • +
  • “此问题的出现是因为谷歌可能无法区分原始域名所有者和新域名所有者,从而影响任何使用基于域名认证的系统。”
    • +
  • “一个建议的解决方案是使用在时间上保持不变的唯一标识符,尽管这一解决方案的实施在不同的身份提供者之间有所不同。”
    • +
+

“利用编程技能赚取被动收入”

+
    +
  • “作者从首席技术官的角色转变为独立创业者,通过一系列软件产品成功赚取了更多收入。”
    • +
  • “关键策略包括专注于深度工作,从小项目开始,快速迭代,并投入时间进行营销工作。”
    • +
  • “这段旅程强调了由于不确定性而需要的韧性,但同时突出了这一职业道路无与伦比的自主性和自由,鼓励那些拥有编码技能的人考虑将其作为被动收入的来源。”
    • +
+

反应

+
    +
  • “有用户描述了通过使用即将过期的域名创建SEO垃圾网站来产生被动收入,尽管存在道德问题和谷歌最终的打击,但每年仍能赚取大约3万美元。”
    • +
  • “这篇帖子引发了关于被动收入的辩论,一些用户认为这更像是经营一项业务,而不是真正的被动收入。”
    • +
  • “参与者分享了在副项目中的经验和挑战,强调了时间、韧性和战略规划的重要性。”
    • +
+

西班牙提议对非欧盟居民购买的房屋征收100%税

+
    +
  • “西班牙正在考虑对非欧盟居民的房地产购买征收100%的税,以解决住房危机并遏制投机性购买。”
    • +
  • “首相佩德罗·桑切斯的提议包括扩大社会住房和规范旅游租赁,以解决房价与收入之间的差距。”
    • +
  • “该提案作为法律的未来尚不确定,一些分析人士认为它更像是对外国投资者的威慑,而不是一项有保障的立法变更。”
    • +
+

反应

+
    +
  • 西班牙正在考虑对非欧盟居民购买的房屋征收100%的税,以解决住房负担能力问题。- 批评者认为,外国买家并不是高房价的主要原因,缓慢的官僚程序和分区法才是更重要的因素。- 这一提议引发了关于外国所有权在住房市场中的作用及其在解决负担能力问题上的有效性的辩论。
    • +
+

“苹果将很快从台积电的亚利桑那州工厂收到‘美国制造’的芯片。”

+
    +
  • “苹果正在测试来自台积电亚利桑那工厂的处理器,计划在第一季度实现量产,可能成为台积电首个使用本地制造芯片的美国客户。- 这一举措旨在增强美国的硅独立性,减少对台湾的依赖,因为台湾易受地缘政治和自然风险的影响。- 台积电的亚利桑那工厂计划生产先进的3纳米和2纳米芯片,并正在努力加强本地招聘和与美国大学的合作,尽管封装工作最初将在台湾进行,直到皮奥里亚工厂投入运营。”
    • +
+

反应

+
    +
  • “苹果将从台积电的亚利桑那工厂接收芯片,但由于美国设施不足,这些芯片需要送回台湾进行封装。- 亚利桑那工厂超过50%的员工来自台湾,这表明美国在STEM(科学、技术、工程和数学)领域存在差距。- 《芯片法案》旨在提升美国半导体制造能力,但由于封装过程在台湾进行,“美国制造”标签受到质疑,计划到2027年在美国建立封装能力。”
    • +
+

“拥堵收费启动后,曼哈顿道路上的司机减少了4.3万人。”

+
    +
  • “在实施拥堵收费后,进入曼哈顿60街以下地区的司机减少了7.5%,相当于每个工作日减少了43,000名司机。”
    • +
  • “交通量的减少改善了交通流量并提高了公交车速度,一些快速公交的乘客量有所增加。”
    • +
  • “尽管存在一些政治反对意见,大都会运输署(MTA)将估计每年5亿美元的收费收入用于交通改善。”
    • +
+

反应

+
    +
  • “在曼哈顿实施拥堵收费后,司机数量减少了43,000人,这导致公交车速度加快,并可能改善紧急响应时间。”
    • +
  • “该政策旨在减少交通拥堵并改善空气质量,尽管它引发了关于其对低收入人群影响的争论。”
    • +
  • “支持者认为,优点包括更高效的公共交通和更清洁的空气,同时关于如何平衡这些优势与司机需求的讨论仍在继续。”
    • +
+ + + + + +]]> + https://hn.cho.sh/zh/Hans/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

“1993年沃尔沃自动驾驶汽车,配备开放式驾驶员”

-
    -
  • “ 一群朋友参加了2025年冬季版的Carbage Run,这是一场为期6天的拉力赛,穿越瑞典到达北极圈,然后返回赫尔辛基,要求参赛车辆至少有20年车龄且价值低于1000欧元。”
    • -
  • “他们将一辆1993年的沃尔沃940旅行车改装成一辆自动驾驶汽车,使用了comma.ai的openpilot,并结合了现代组件,如电动助力转向、博世iBooster和特斯拉雷达传感器。”
    • -
  • “未来的更新将包括有关布线、定制发动机控制单元(ECU)的详细信息,以及开源代码的计划,突显出该项目在为旧车辆配备自动驾驶技术方面的创新方法。”
    • -
-

反应

-
    -
  • “1993年的沃尔沃940被改装为配备OpenPilot自动驾驶技术,突显了经典汽车设计与现代技术的交汇。”
    • -
  • “该项目面临挑战,包括更新刹车和转向系统,提出了法律和安全方面的担忧,特别是像焊接转向柱这样的DIY改装。”
    • -
  • “讨论扩展到欧洲的汽车法规、美国热棒车的衰退以及汽车改装自由的文化差异,尽管存在安全问题,该项目仍被视为一个鼓舞人心的DIY努力。”
    • -
-

“VoxelSpace:地形渲染算法少于20行代码(2020)”

-
    -
  • “NovaLogic的1992年游戏《Comanche》使用了Voxel Space引擎,这是一种基于光线投射的2.5D渲染技术,用于创建具有阴影和阴影的详细地形。”
    • -
  • “Voxel Space引擎使用高度和颜色地图以及一个简单的渲染算法,从后到前绘制垂直线,这可以优化性能。”
    • -
  • “引擎的代码在 MIT 许可证下可用,但该技术在某些地区可能仍然受到专利保护。”
    • -
-

反应

-
    -
  • “VoxelSpace 是一种地形渲染算法,以其简单性而著称,仅需不到 20 行代码,并唤起了对硬件受限时代创新游戏开发的怀旧之情。”
    • -
  • “现代AAA游戏专注于复杂的优化和市场趋势,往往以牺牲原创性为代价,而独立游戏和像PICO-8这样的平台则提供了更多的创作自由。”
    • -
  • “尽管技术不断进步,一些开发者和玩家仍然觉得老游戏的‘魔力’不复存在,尽管像体素渲染这样的创新项目继续激发创造力。”
    • -
-

“如何在电子游戏中绘制轮廓”

-
    -
  • “文章讨论了在Unity这一流行的游戏开发平台中渲染轮廓的五种技术,强调了它们在《Sable》和《最后生还者》等游戏中的应用。- 技术包括边缘效果、顶点挤出、模糊缓冲、跳跃泛洪算法和边缘检测,每种技术在性能和视觉质量方面都有其独特的优势和权衡。- 文章提供了关于如何平衡这些方法以实现最佳游戏美学和游戏支持的见解,并附有额外的资源和3D模型的鸣谢。”
    • -
-

反应

-
    -
  • “这篇文章探讨了在视频游戏中绘制轮廓的高级技术,强调了跳跃泛洪算法(JFA)和签名距离场(SDFs)相较于传统方法的效率。- 它深入研究了风格化的3D图形,讨论了渲染技术以及神经网络在照明和风格化中的潜在应用。- 贡献者提供了关于游戏中赛璐珞着色历史发展的见解,如《喷射战士》,突出了技术与艺术在3D图形中的不断交汇。”
    • -
-

“我将辞去《华盛顿邮报》的工作”

-

反应

-
    -
  • “作者正在离开《华盛顿邮报》,因为该报未能适应不断变化的媒体环境及其处理问题的方式,他们认为这种方式对于像民主这样的重要议题是无效的。”
    • -
  • “传统媒体,尤其是地方报纸,正面临财务困境,导致报道偏颇和公众信任度下降,而社交媒体无法替代新闻工作的严谨性。”
    • -
  • “人们对富有个人(如杰夫·贝索斯)对媒体机构的影响以及企业利益对媒体在追究权力责任方面的作用产生了担忧。”
    • -
-

“Perplexity有广告”

-

反应

-
    -
  • “困惑引入了广告,这引发了关于在线服务中广告不可避免性的讨论,因为消费者不愿意为无广告体验付费。- 一些用户认为广告具有侵扰性,更喜欢像Kagi这样的订阅服务,提供无广告搜索,而其他人则继续选择免费的广告支持选项。- 这种情况强调了数字服务中广告支持和订阅模式之间的持续争论。”
    • -
- - - - - -]]> - https://hn.cho.sh/zh/Hans/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/newsletter/zh-Hant.xml b/static/rss/newsletter/zh-Hant.xml index 03667b622..75f85fbaf 100644 --- a/static/rss/newsletter/zh-Hant.xml +++ b/static/rss/newsletter/zh-Hant.xml @@ -15,12 +15,160 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[2025-01-14]]> + +

slug: '/2025/01/14'

+

2025-01-14

+

「Snyk 資安研究員部署惡意 NPM 套件以攻擊 cursor.com」

+
    +
  • 「一位 Snyk 的安全研究員發布了針對 AI 編碼公司 Cursor.com 的惡意 NPM 套件,以收集系統數據並將其發送到由攻擊者控制的服務。」
    • +
  • 「這些套件被標識為“cursor-retrieval”、“cursor-always-local”和“cursor-shadow-workspace”,並被 OpenSSF 套件分析掃描器標記,導致發出建議 MAL-2025-27、MAL-2025-28 和 MAL-2025-29。」
    • +
  • 此事件突顯了在安裝前仔細檢查 NPM 套件以避免潛在安全威脅的重要性。
    • +
+

評論

+
    +
  • 「一位 Snyk 的安全研究員發布了針對 cursor.com 的惡意 NPM(Node Package Manager)套件,突顯了依賴混淆漏洞。此事件引發了關於安全研究倫理的辯論,特別是涉及環境變數公開的問題。Cursor.com 澄清他們並未授權此行為,而 Snyk 也已道歉,強調在攻擊性安全研究與倫理標準之間取得平衡的挑戰。」
    • +
+

「我改用 Firefox 後就再也沒有回頭過」

+
    +
  • Firefox 因其優越的分頁管理、內建的 Pocket 功能用於儲存連結,以及注重隱私的電子郵件中繼功能而受到讚譽,使其成為 Chrome 的強大替代品。- 其他功能如使用者友好的截圖工具、ChatGPT 按鈕、畫中畫、可自訂的搜尋選項和流暢的滾動效果,提升了瀏覽體驗。- 雖然 Firefox 缺乏 Chrome 的網頁應用程式功能,但其周到的設計和較低的資源需求使其成為某些使用者的首選。
    • +
+

評論

+
    +
  • 「Firefox 使用者面臨來自 YouTube 等平台的挑戰,這些平台可能故意降低非 Google 瀏覽器或使用廣告攔截器的用戶的體驗。這一趨勢引發了對用戶自主權的擔憂,因為它懲罰了那些選擇無廣告和無監控網路體驗的人。Firefox 提供了獨特的功能,例如容器分頁,這些功能增強了隱私和可用性,使其成為尋求擺脫大型企業控制的瀏覽器的用戶的首選。」
    • +
+

Sonos 執行長在應用程式更新風波後辭職

+

評論

+
    +
  • 「Sonos 的執行長在一項具爭議的應用程式更新後辭職,該更新要求用戶更換昂貴的音響系統,導致顧客不滿。- 此次更新引入了一個基於雲端的系統,捨棄了可靠的通用即插即用(UPnP),這導致了連接問題和複雜度增加。- 這種情況突顯了商業策略與維持顧客信任之間的衝突,執行長將轉任顧問角色並獲得遣散費。」
    • +
+

「在 MrBeast 的肚子裡」

+

評論

+
    +
  • 這篇文章探討了 YouTube 的演算法如何影響內容創作,並以 MrBeast 作為案例研究,強調了一種從有意義內容轉向以互動為驅動的內容的轉變。- 它討論了對媒體素養的更廣泛影響以及像 YouTube 和 TikTok 這樣的平台對文化的影響,指出了一種趨勢,即內容變得表面化和反應性。- 各種觀點被考慮在內,討論了演算法在塑造內容中的角色以及受歡迎的創作者對文化規範的影響。
    • +
+

「GitHub Git 操作暫時無法使用」

+
    +
  • 「GitHub 在 2025 年 1 月 13 日因為一項影響內部負載平衡器的配置變更而遭遇 Git 操作中斷,持續時間從 UTC 時間 23:35 到 00:24。- 問題通過恢復配置變更得到解決,GitHub 正在努力改進監控和部署流程以防止類似事件發生。- 此次中斷也影響了 GitHub 的 Actions 和 Pages 服務,突顯了其平台服務的互聯性。」
    • +
+

評論

+
    +
  • GitHub 遭遇了一次重大故障,影響了 git 操作,導致開發者感到困惑,最初懷疑是他們的 SSH 金鑰或本地配置出了問題。- 這次事件突顯了依賴集中式服務的挑戰,促使人們討論自我託管和去中心化系統的優勢。- 雖然問題已經解決,但這次事件突顯了對 GitHub 可靠性的擔憂,以及依賴第三方平台進行重要任務的風險。
    • +
+

「ZFS 2.3 發佈,新增 ZFS raidz 擴展功能」

+
    +
  • 「OpenZFS 2.3.0 已經發布,推出了重要功能,如 RAIDZ 擴展、快速重複資料刪除、直接輸入/輸出、JSON 輸出以及對長檔名的支援。此版本包含了基本的錯誤修正和效能增強,與 Linux 核心 4.18 - 6.12 和 FreeBSD 版本 13.3、14.0 - 14.2 相容。這次更新是由 134 位貢獻者共同努力的成果,並提供了完整的文件和變更記錄供檢閱。」
    • +
+

評論

+
    +
  • 「ZFS 2.3 已經發布,推出了 RAIDZ 擴展、快速重複資料刪除、直接 IO、JSON 輸出以及對長檔名的支援等功能。- RAIDZ 擴展尤其值得注意,因為它允許使用者在不需要停機的情況下,將新設備添加到現有的 RAIDZ 磁碟陣列中,從而提升儲存容量。- 此次發布被認為是 ZFS 使用者的一項重大進展,儘管存在一些限制,例如無法縮小磁碟陣列,但仍被拿來與其他檔案系統如 Btrfs 和 Windows Storage Spaces 相提並論。」
    • +
+

Webtop-包含完整桌面環境的 Alpine、Ubuntu、Fedora 和 Arch 容器

+
    +
  • Linuxserver/webtop 提供基於 Alpine、Ubuntu、Fedora 和 Arch 的容器,這些容器具有完整的桌面環境,可透過網頁瀏覽器存取,並支援 x86-64 和 arm64 架構。
    • +
  • 使用者可以透過特定的映像標籤選擇各種桌面環境,例如 XFCE、KDE、MATE、i3、Openbox 和 IceWM,並透過指定的 URL 存取 Webtop。
    • +
  • 安全功能包括 Docker 的 seccomp 選項和身份驗證設置,並可透過環境變數進行自訂,且支援使用開源驅動程式的 GPU 加速。
    • +
+

評論

+
    +
  • Webtop 提供包含完整桌面環境的容器,適用於 Alpine、Ubuntu、Fedora 和 Arch,適合在 VPN 後快速設置。
    • +
  • 使用者讚揚 Webtop 的速度和易用性,特別是在與 Gluetun 容器搭配使用以確保連線安全時,但警告不要在沒有安全措施的情況下將容器暴露在網際網路上,因為缺乏預設的身份驗證。
    • +
  • 「該專案因其開源和靈活性而受到重視,使用者可以分享配置,並且像 Kasm 和 Selkies 這樣的替代方案也因類似用途而受到關注。」
    • +
+

研究發現,每五個線上職缺中就有一個是假的或從未被填補。

+
    +
  • 「一項最近的研究顯示,20% 的線上職缺要麼是假的,要麼是未填補的,這增加了求職者的挫折感。這種“幽靈職缺”趨勢可能是公司用來展示成長形象的一種策略。像 Greenhouse 和 LinkedIn 這樣的求職平台已經推出了職缺驗證服務,以協助用戶識別真實的工作機會。」
    • +
+

評論

+
    +
  • 「一項研究顯示,20% 的線上職缺要麼是假的,要麼未被填補,這通常是因為公司需要遵守美國的移民政策。- 公司也可能會保留職缺以尋找理想的候選人、更改要求,或已經預先選定內部候選人。- 對於求職者來說,求職市場是困難的,他們經常遇到音訊全無和自動拒絕,這引發了對監管干預的呼籲。」
    • +
+

為了讓駕駛節省幾秒鐘而使行人穿越道變得不安全

+

評論

+
    +
  • 辯論的焦點在於十字路口應優先考慮行人安全還是駕駛效率,有些人偏好使用紅綠燈控制的路口和行人專用交叉道,而非四向停車標誌。
    • +
  • 對於交通法規和基礎設施設計的看法各異,討論包括闖紅燈的安全性以及紅燈右轉所帶來的風險。
    • +
  • 有些人主張採用替代方案,如圓環或採用荷蘭交通工程標準,以提升安全性和效率。
    • +
+

PostgreSQL 是 2024 年度的資料庫管理系統

+
    +
  • PostgreSQL 獲得了 DB-Engines 頒發的 2024 年度資料庫管理系統獎,這是它第五次獲得此殊榮,超越了其他 423 種資料庫管理系統。
    • +
  • PostgreSQL 擁有近 35 年的歷史,持續創新,這在 2024 年 9 月發布的 PostgreSQL 17 的最新增強功能中可見一斑。
    • +
  • 「Snowflake 和 Microsoft 分別獲得第二和第三名,Snowflake 因其雲端資料倉儲和多雲支援而受到讚譽,而 Microsoft 則透過 Azure SQL Database 和 SQL Server 提供強大的託管關聯式資料庫。」
    • +
+

評論

+
    +
  • PostgreSQL 獲得了 db-engines.com 頒發的 2024 年度資料庫管理系統獎,這突顯了其在業界日益增長的受歡迎程度和認可度。
    • +
  • 儘管可能面臨遷移挑戰,使用者正在考慮從 Microsoft SQL Server 轉換到 PostgreSQL,原因是高昂的授權費用和資源限制。
    • +
  • PostgreSQL 因其強大的功能和成本效益而受到青睞,使其成為未來專案的首選,儘管有些使用者會探索像 Babelfish 這樣的替代方案以降低成本。
    • +
+

「Google 的 OAuth 登入無法防止購買失敗的新創公司網域」

+

評論

+
    +
  • 「討論強調了 Google 的 OAuth 登入系統中的一個漏洞,當一個失敗的初創公司的網域被新擁有者收購時,可能會允許未經授權的服務存取。」
    • +
  • 「此問題的產生是因為 Google 可能無法區分原始域名擁有者和新域名擁有者,從而影響任何使用基於域名驗證的系統。」
    • +
  • 「一個建議的解決方案是使用隨時間保持不變的唯一識別碼,儘管此解決方案的實施在不同的身份提供者之間有所不同。」
    • +
+

利用程式設計技能賺取被動收入

+
    +
  • 作者從首席技術官的職位轉型為個人創業者,透過一系列軟體產品成功賺取更多收入。
    • +
  • 關鍵策略包括專注於深度工作、從小型專案開始、快速迭代,以及投入時間於行銷工作。
    • +
  • 這段旅程強調了因不確定性而需要的韌性,但也突顯了這條職業道路無與倫比的自主性和自由,鼓勵擁有程式設計技能的人考慮將其作為被動收入的來源。
    • +
+

評論

+
    +
  • 有一位使用者描述了透過 SEO 垃圾網站來產生被動收入的方法,這些網站使用即將到期的網域名稱,儘管存在道德上的顧慮以及 Google 最終的打擊行動,他每年仍能賺取約 3 萬美元。
    • +
  • 「這篇文章引發了關於被動收入的辯論,一些使用者認為這更像是經營一門生意,而非真正的被動收入。」
    • +
  • 「參與者分享了在副業專案中的經驗和挑戰,強調了時間、韌性和策略規劃的重要性。」
    • +
+

西班牙提議對非歐盟居民購買的房屋徵收100%稅

+
    +
  • 西班牙正在考慮對非歐盟居民的房地產購買徵收100%的稅,旨在解決住房危機並抑制投機性購買。
    • +
  • 首相佩德羅·桑切斯的提議包括擴大社會住宅和規範旅遊租賃,以解決房價與收入之間的差距。
    • +
  • 該提案作為法律的未來尚不確定,一些分析師認為它更像是對外國投資者的威懾,而不是一項保證的立法變革。
    • +
+

評論

+
    +
  • 西班牙正在考慮對非歐盟居民購買的房屋徵收 100% 的稅,以解決住房負擔能力問題。- 批評者認為,外國買家並不是房價高漲的主要原因,並指出緩慢的官僚程序和分區法規是更重要的因素。- 這項提案引發了關於外國擁有權在住房市場中的角色及其在解決負擔能力問題上的有效性的辯論。
    • +
+

蘋果即將從台積電位於亞利桑那州的工廠獲得「美國製造」的晶片

+
    +
  • 蘋果正在測試來自台積電亞利桑那廠的處理器,計劃在第一季度開始量產,可能成為台積電首位使用美國本地製造晶片的客戶。此舉旨在加強美國的矽獨立性,減少對台灣的依賴,因為台灣易受地緣政治和自然風險的影響。台積電的亞利桑那廠將生產先進的3奈米和2奈米晶片,並持續努力增強當地的招聘和與美國大學的合作,儘管封裝工作將在台灣進行,直到皮奧里亞設施投入運營。
    • +
+

評論

+
    +
  • 蘋果將從台積電的亞利桑那州工廠獲得晶片,但由於美國設施不足,這些晶片需要送回台灣進行封裝。- 亞利桑那州工廠超過50%的勞動力來自台灣,顯示出美國在STEM(科學、技術、工程和數學)領域的差距。- 《晶片法案》計畫旨在增強美國半導體製造能力,但由於封裝過程在台灣進行,導致「美國製造」標籤受到質疑,並計畫在2027年前提升美國的封裝能力。
    • +
+

在擁擠收費啟用後,曼哈頓道路上的駕駛人數減少了43,000人

+
    +
  • 「在實施擁擠收費後,進入曼哈頓60街以下的駕駛人數減少了7.5%,相當於每個工作日減少了43,000名駕駛。」
    • +
  • 交通量的減少改善了交通流量並提高了公車速度,部分快捷公車的乘客量有所增加。
    • +
  • 大都會運輸署(MTA)將估計每年5億美元的通行費收入用於交通改善,儘管面臨一些政治反對。
    • +
+

評論

+
    +
  • 在曼哈頓實施擁擠收費政策後,駕駛人數減少了43,000人,這導致公車速度加快,並可能改善緊急應變時間。
    • +
  • 該政策旨在減少交通擁擠並改善空氣品質,儘管它引發了關於其對低收入者影響的辯論。
    • +
  • 支持者認為,這些好處包括更高效的公共交通和更清潔的空氣,同時討論仍在繼續,以平衡這些優勢與駕駛者需求之間的關係。
    • +
+ + + + + +]]> + https://hn.cho.sh/zh/Hant/2025/01/14 + 2025-01-14T00:00:00.000Z + Tue, 14 Jan 2025 00:00:00 GMT + <![CDATA[2025-01-13]]> 2025-01-05T00:00:00.000Z Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[2025-01-04]]> - -

slug: '/2025/01/04'

-

2025-01-04

-

1993 年的 Volvo 自駕車搭載 Open Pilot 系統

-
    -
  • 「一群朋友參加了 2025 年冬季版的 Carbage Run,這是一場為期 6 天的拉力賽,從瑞典出發到達北極圈,然後返回赫爾辛基,參賽車輛必須至少有 20 年車齡且價值低於 1000 歐元。」
    • -
  • 他們將一輛1993年的Volvo 940 Estate改裝成自駕車,使用來自comma.ai的openpilot,並整合了現代化的元件,如電動助力轉向、Bosch iBooster和Tesla雷達感測器。
    • -
  • 未來的更新將包括有關配線、自訂引擎控制單元(ECU)的詳細資訊,以及開源代碼的計劃,突顯出該專案在為舊款車輛改裝自動駕駛技術方面的創新方法。
    • -
-

評論

-
    -
  • 「一輛1993年的 Volvo 940 被改裝為搭載 OpenPilot 自駕技術,突顯了經典汽車設計與現代科技的交會。」
    • -
  • 該專案面臨挑戰,包括更新煞車和轉向系統,這引發了法律和安全方面的顧慮,特別是像焊接方向柱這類的 DIY 改裝。
    • -
  • 討論延伸到歐洲的汽車法規、美國熱棒車的衰退,以及汽車改裝自由的文化差異,儘管存在安全顧慮,該專案仍被視為一個激勵人心的 DIY 努力。
    • -
-

VoxelSpace:地形渲染演算法在不到 20 行程式碼中實現 (2020)

-
    -
  • NovaLogic 於 1992 年推出的遊戲《Comanche》使用了 Voxel Space 引擎,這是一種基於光線投射的 2.5D 渲染技術,用於創建具有陰影和陰影效果的詳細地形。
    • -
  • Voxel Space 引擎使用高度圖和色彩圖以及一個簡單的渲染算法,從後到前繪製垂直線,這可以進行效能優化。
    • -
  • 「引擎的程式碼是以 MIT 授權條款提供,但該技術在某些地區可能仍然受到專利保護。」
    • -
-

評論

-
    -
  • VoxelSpace 是一種地形渲染演算法,以其簡單性著稱,僅需不到 20 行程式碼,並喚起了對硬體受限時代創新遊戲開發的懷舊之情。
    • -
  • 現代 AAA 遊戲專注於複雜的優化和市場趨勢,往往以犧牲原創性為代價,而獨立遊戲和像 PICO-8 這樣的平台則提供更多創作自由。
    • -
  • 儘管科技進步,一些開發者和玩家仍覺得舊遊戲的「魔力」不復存在,然而像體素渲染這樣的創新專案仍然激發著創意。
    • -
-

「如何在電子遊戲中繪製輪廓」

-
    -
  • 「這篇文章討論了在 Unity 這個受歡迎的遊戲開發平台中渲染輪廓的五種技術,並強調它們在《Sable》和《最後生還者》等遊戲中的應用。- 技術包括邊緣效果、頂點擠出、模糊緩衝區、跳躍洪水演算法和邊緣檢測,每種技術在效能和視覺品質方面都有其獨特的優勢和取捨。- 文章提供了如何平衡這些方法以達到最佳遊戲美學和遊戲性支持的見解,並附上了額外的資源和 3D 模型的來源。」
    • -
-

評論

-
    -
  • 這篇文章探討了在電子遊戲中繪製輪廓的先進技術,強調跳躍洪流演算法(JFA)和簽名距離場(SDFs)相較於傳統方法的效率。- 它深入研究了風格化的 3D 圖形,討論了渲染技術以及神經網絡在照明和風格化中的潛在應用。- 貢獻者提供了對遊戲中賽璐珞著色歷史發展的見解,例如《Jet Set Radio》,強調了技術與藝術在 3D 圖形中不斷演變的交集。
    • -
-

我將辭去《華盛頓郵報》的工作

-

評論

-
    -
  • 作者因《華盛頓郵報》未能適應不斷演變的媒體環境及其處理議題的方式而決定離開,因為他們認為這種方式對於像民主這樣的重要議題是無效的。
    • -
  • 傳統媒體,特別是地方報紙,正面臨財務困境,導致報導偏頗及公眾信任度下降,而社群媒體無法取代新聞工作的嚴謹性。
    • -
  • 人們對於富有個人(如 Jeff Bezos)對媒體機構的影響,以及企業利益對媒體在監督權力方面角色的影響,表示擔憂。
    • -
-

Perplexity 有廣告了

-

評論

-
    -
  • Perplexity 已經引入廣告,這引發了關於由於消費者不願意為無廣告體驗付費而導致線上服務廣告不可避免的討論。- 一些使用者認為廣告具有侵入性,並偏好像 Kagi 這樣提供無廣告搜尋的訂閱制服務,而其他人則繼續選擇免費的廣告支持選項。- 這種情況強調了數位服務中廣告支持與訂閱制模式之間的持續辯論。
    • -
- - - - - -]]> - https://hn.cho.sh/zh/Hant/2025/01/04 - 2025-01-04T00:00:00.000Z - Sat, 04 Jan 2025 00:00:00 GMT - diff --git a/static/rss/story/ar.xml b/static/rss/story/ar.xml index 1a56999f3..5a7de0c6e 100644 --- a/static/rss/story/ar.xml +++ b/static/rss/story/ar.xml @@ -15,11 +15,199 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[باحث أمني في Snyk ينشر حزم NPM خبيثة تستهدف cursor.com]]> + +
  • أصدر باحث أمني من شركة Snyk حزم NPM خبيثة تستهدف موقع Cursor.com، وهي شركة متخصصة في البرمجة بالذكاء الاصطناعي، لجمع بيانات النظام وإرسالها إلى خدمة يتحكم فيها المهاجم.
    • +
  • تم تحديد الحزم المسماة "cursor-retrieval"، "cursor-always-local"، و"cursor-shadow-workspace" بواسطة ماسح تحليل الحزم OpenSSF، مما أدى إلى إصدار التحذيرات MAL-2025-27، MAL-2025-28، وMAL-2025-29.
    • +
  • تسلط هذه الحادثة الضوء على أهمية فحص حزم NPM قبل التثبيت لتجنب التهديدات الأمنية المحتملة.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Zباحث أمني في Snyk ينشر حزم NPM خبيثة تستهدف cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[لقد انتقلت إلى فايرفوكس ولم أنظر إلى الوراء أبدًا]]> + +
  • يُشاد بمتصفح فايرفوكس لإدارته الفائقة للتبويبات وميزة Pocket المدمجة لحفظ الروابط وميزة البريد الإلكتروني التي تركز على الخصوصية، مما يجعله بديلاً قوياً لمتصفح كروم. - ميزات إضافية مثل أداة لقطة الشاشة سهلة الاستخدام، زر ChatGPT، وضع الصورة داخل الصورة، خيارات البحث القابلة للتخصيص، والتمرير السلس تعزز تجربة التصفح. - على الرغم من أن فايرفوكس يفتقر إلى ميزة تطبيقات الويب الخاصة بكروم، إلا أن تصميمه المدروس ومتطلباته المنخفضة للموارد تجعله الخيار المفضل لبعض المستخدمين.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Zلقد انتقلت إلى فايرفوكس ولم أنظر إلى الوراء أبدًا + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[الرئيس التنفيذي لشركة سونوس يتنحى بعد فضيحة تحديث التطبيق]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Zالرئيس التنفيذي لشركة سونوس يتنحى بعد فضيحة تحديث التطبيق + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[في بطن مستر بيست]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Zفي بطن مستر بيست + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[عمليات Git على GitHub متوقفة]]> + +
  • واجهت GitHub انقطاعًا في عمليات Git في 13 يناير 2025 بسبب تغيير في التكوين أثر على موازن التحميل الداخلي، واستمر من الساعة 23:35 حتى 00:24 بالتوقيت العالمي. - تم حل المشكلة عن طريق التراجع عن تغيير التكوين، وتعمل GitHub على تحسين عمليات المراقبة والنشر لمنع حوادث مماثلة. - أثر الانقطاع أيضًا على خدمات Actions وPages في GitHub، مما يبرز الطبيعة المترابطة لخدمات منصتهم.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000Zعمليات Git على GitHub متوقفة + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[تم إصدار ZFS 2.3 مع توسيع ZFS raidz]]> + +
  • تم إصدار OpenZFS 2.3.0، حيث تم تقديم ميزات هامة مثل توسيع RAIDZ، وإزالة التكرار السريع، والإدخال/الإخراج المباشر، وإخراج JSON، ودعم الأسماء الطويلة للملفات. - يتضمن الإصدار إصلاحات أساسية للأخطاء وتحسينات في الأداء، وهو متوافق مع نوى لينكس من 4.18 إلى 6.12 وإصدارات FreeBSD من 13.3 إلى 14.0 - 14.2. - التحديث هو جهد تعاوني من 134 مساهمًا، مع توفر وثائق شاملة وسجل تغييرات للمراجعة.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000Zتم إصدار ZFS 2.3 مع توسيع ZFS raidz + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ويب توب - حاويات ألباين، أوبونتو، فيدورا، وآرتش تحتوي على بيئات سطح مكتب كاملة]]> + +
  • يوفر Linuxserver/webtop حاويات تعتمد على أنظمة Alpine وUbuntu وFedora وArch مع بيئات سطح مكتب كاملة يمكن الوصول إليها عبر متصفحات الويب، وتدعم كل من معماريات x86-64 وarm64.
    • +
  • يمكن للمستخدمين اختيار بيئات سطح المكتب المختلفة مثل XFCE وKDE وMATE وi3 وOpenbox وIceWM باستخدام علامات الصور المحددة، والوصول إلى Webtop عبر عناوين URL المخصصة.
    • +
  • تشمل ميزات الأمان خيار seccomp في Docker وإعداد المصادقة، مع توفر خيارات التخصيص من خلال متغيرات البيئة، ودعم تسريع GPU باستخدام برامج تشغيل مفتوحة المصدر.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000Zويب توب - حاويات ألباين، أوبونتو، فيدورا، وآرتش تحتوي على بيئات سطح مكتب كاملة + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[وجدت دراسة أن 1 من كل 5 إعلانات وظائف عبر الإنترنت إما مزيفة أو لم يتم شغلها أبدًا]]> + +
  • تشير دراسة حديثة إلى أن 20% من إعلانات الوظائف عبر الإنترنت إما زائفة أو تبقى شاغرة، مما يزيد من إحباط الباحثين عن عمل. - قد تكون هذه الظاهرة المعروفة بـ"الوظائف الشبحية" تكتيكًا تستخدمه الشركات لإظهار صورة عن النمو. - وقد قدمت منصات التوظيف مثل Greenhouse وLinkedIn خدمات تحقق من الوظائف لمساعدة المستخدمين في التعرف على فرص العمل الحقيقية.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Zوجدت دراسة أن 1 من كل 5 إعلانات وظائف عبر الإنترنت إما مزيفة أو لم يتم شغلها أبدًا + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[جعل التقاطع غير آمن للمشاة لتوفير ثوانٍ للسائقين]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Zجعل التقاطع غير آمن للمشاة لتوفير ثوانٍ للسائقين + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL هو نظام إدارة قواعد البيانات لعام 2024]]> + +
  • تم منح PostgreSQL جائزة نظام إدارة قواعد البيانات لعام 2024 من قبل DB-Engines، محققًا هذا الاعتراف للمرة الخامسة، متفوقًا على 423 نظامًا آخر لإدارة قواعد البيانات.
    • +
  • يواصل PostgreSQL الابتكار بعد تاريخ يمتد لأكثر من 35 عامًا، كما يتضح من التحسينات الأخيرة في PostgreSQL 17، الذي تم إصداره في سبتمبر 2024.
    • +
  • احتلت Snowflake وMicrosoft المركزين الثاني والثالث على التوالي، حيث تميزت Snowflake بتخزين البيانات السحابي ودعم السحابة المتعددة، بينما تقدم Microsoft قواعد بيانات علائقية مُدارة قوية من خلال Azure SQL Database وSQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL هو نظام إدارة قواعد البيانات لعام 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[تسجيل الدخول باستخدام OAuth من جوجل لا يحمي من شراء نطاق شركة ناشئة فاشلة]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Zتسجيل الدخول باستخدام OAuth من جوجل لا يحمي من شراء نطاق شركة ناشئة فاشلة + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[استخدام مهارات البرمجة لتحقيق دخل سلبي]]> + +
  • انتقل المؤلف من دور مدير التكنولوجيا التنفيذي إلى العمل كريادي منفرد، ونجح في كسب المزيد من خلال مجموعة من المنتجات البرمجية.
    • +
  • تشمل الاستراتيجيات الرئيسية التركيز على العمل العميق، والبدء بمشاريع صغيرة، والتكرار بسرعة، وتخصيص الوقت للجهود التسويقية.
    • +
  • تؤكد الرحلة على المرونة بسبب عدم اليقين، لكنها تسلط الضوء على الاستقلالية والحرية التي لا مثيل لها في هذا المسار الوظيفي، مما يشجع أولئك الذين يمتلكون مهارات البرمجة على التفكير فيه كمصدر دخل سلبي.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Zاستخدام مهارات البرمجة لتحقيق دخل سلبي + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[إسبانيا تقترح ضريبة بنسبة 100% على المنازل التي يشتريها المقيمون من خارج الاتحاد الأوروبي]]> + +
  • تدرس إسبانيا فرض ضريبة بنسبة 100% على شراء العقارات من قبل المقيمين من خارج الاتحاد الأوروبي، بهدف معالجة أزمة الإسكان والحد من الشراء المضاربي.
    • +
  • تشمل اقتراحات رئيس الوزراء بيدرو سانشيز توسيع الإسكان الاجتماعي وتنظيم الإيجارات السياحية لمعالجة التفاوت بين أسعار المساكن والدخول.
    • +
  • مستقبل الاقتراح كقانون غير مؤكد، حيث يرى بعض المحللين أنه يشكل رادعًا للمستثمرين الأجانب بدلاً من أن يكون تغييرًا تشريعيًا مضمونًا.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Zإسبانيا تقترح ضريبة بنسبة 100% على المنازل التي يشتريها المقيمون من خارج الاتحاد الأوروبي + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ستتلقى شركة آبل قريبًا رقائق 'صُنعت في أمريكا' من مصنع TSMC في أريزونا]]> + +
  • تختبر شركة آبل معالجات من منشأة TSMC في أريزونا، مع خطط للإنتاج الضخم بحلول الربع الأول، مما قد يجعلها أول عميل لـ TSMC في الولايات المتحدة للرقائق المصنعة محليًا. - تهدف هذه المبادرة إلى تعزيز استقلالية السيليكون في الولايات المتحدة، وتقليل الاعتماد على تايوان، التي تعتبر عرضة للمخاطر الجيوسياسية والطبيعية. - من المقرر أن تنتج منشأة TSMC في أريزونا رقائق متقدمة بحجم 3 نانومتر و2 نانومتر، مع جهود مستمرة لتعزيز التوظيف المحلي والشراكات مع الجامعات الأمريكية، على الرغم من أن التغليف سيتم في البداية في تايوان حتى تصبح منشأة بيوريا جاهزة للعمل.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Zستتلقى شركة آبل قريبًا رقائق 'صُنعت في أمريكا' من مصنع TSMC في أريزونا + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43 ألف سائق أقل على طرق مانهاتن بعد تفعيل تسعير الازدحام]]> + +
  • بعد تنفيذ تسعير الازدحام، كان هناك انخفاض بنسبة 7.5% في عدد السائقين الذين يدخلون مانهاتن أسفل الشارع الستين، مما يعادل 43,000 سائق أقل كل يوم من أيام الأسبوع.
    • +
  • أدى تقليل حركة المرور إلى تحسين تدفق الحركة وزيادة سرعات الحافلات، حيث شهدت بعض الحافلات السريعة زيادة في عدد الركاب.
    • +
  • تستخدم هيئة النقل الحضرية (MTA) إيرادات الرسوم، التي تُقدر بحوالي 500 مليون دولار سنويًا، لتحسينات النقل، على الرغم من بعض المعارضة السياسية.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43 ألف سائق أقل على طرق مانهاتن بعد تفعيل تسعير الازدحام + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[الميزة القاتلة لـ Uv هي جعل البيئات المؤقتة سهلة.]]> 2025-01-05T00:00:00.000Zجوتن: طابعة صحف صغيرة Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[سيارة فولفو 1993 ذاتية القيادة مع نظام الطيار المفتوح]]> - -
  • شارك مجموعة من الأصدقاء في سباق Carbage Run 2025 النسخة الشتوية، وهو سباق يستمر لمدة 6 أيام عبر السويد إلى الدائرة القطبية والعودة إلى هلسنكي، ويتطلب أن تكون السيارات لا تقل عن 20 عامًا وتقدر قيمتها بأقل من 1000 يورو.
    • -
  • قاموا بتحويل سيارة فولفو 940 Estate موديل 1993 إلى مركبة ذاتية القيادة باستخدام نظام openpilot من comma.ai، مع دمج مكونات حديثة مثل نظام التوجيه الكهربائي، وiBooster من بوش، ومستشعر رادار من تسلا.
    • -
  • ستتضمن التحديثات المستقبلية تفاصيل حول الأسلاك، ووحدة التحكم في المحرك المخصصة (ECU)، وخطط لجعل الشفرة مفتوحة المصدر، مما يبرز النهج المبتكر للمشروع في تحديث المركبات القديمة بتكنولوجيا القيادة الذاتية.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Zسيارة فولفو 1993 ذاتية القيادة مع نظام الطيار المفتوح - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: خوارزمية عرض التضاريس في أقل من 20 سطرًا من الكود (2020)]]> - -
  • استخدمت لعبة Comanche التي أصدرتها NovaLogic في عام 1992 محرك Voxel Space، وهي تقنية عرض ثلاثية الأبعاد تعتمد على تقنية تتبع الأشعة، لإنشاء تضاريس مفصلة مع تظليل وظلال.
    • -
  • استخدم محرك Voxel Space خرائط الارتفاع والألوان وخوارزمية رسم بسيطة، حيث كان يرسم خطوطًا عمودية من الخلف إلى الأمام، مما يمكن تحسينه لأداء أفضل.
    • -
  • يتوفر كود المحرك بموجب رخصة MIT، ولكن قد تكون التكنولوجيا لا تزال محمية ببراءات اختراع في بعض المناطق.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: خوارزمية عرض التضاريس في أقل من 20 سطرًا من الكود (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[كيفية رسم مخطط في لعبة فيديو]]> - -
  • تناقش المقالة خمس تقنيات لتقديم الخطوط العريضة في Unity، وهي منصة تطوير ألعاب شهيرة، مع تسليط الضوء على استخدامها في ألعاب مثل Sable وThe Last of Us. - تشمل التقنيات تأثيرات الحواف، بثق الرؤوس، المخزن المؤقت الضبابي، خوارزمية القفز الفيضاني، واكتشاف الحواف، ولكل منها مزايا فريدة ومقايضات من حيث الأداء والجودة البصرية. - توفر المقالة رؤى حول موازنة هذه الأساليب لتحقيق جمالية اللعبة المثلى ودعم اللعب، مع موارد إضافية وائتمانات لنماذج ثلاثية الأبعاد مرفقة.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Zكيفية رسم مخطط في لعبة فيديو - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[أنا أستقيل من صحيفة واشنطن بوست]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Zأنا أستقيل من صحيفة واشنطن بوست - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[حصلت Perplexity على إعلانات]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Zحصلت Perplexity على إعلانات - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/bn.xml b/static/rss/story/bn.xml index d400ac70f..397008fdf 100644 --- a/static/rss/story/bn.xml +++ b/static/rss/story/bn.xml @@ -15,11 +15,206 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[স্নাইক নিরাপত্তা গবেষক ক্ষতিকারক এনপিএম প্যাকেজ স্থাপন করেছেন যা কার্সর.কমকে লক্ষ্য করে।]]> + +
  • একজন Snyk নিরাপত্তা গবেষক Cursor.com, একটি এআই কোডিং কোম্পানিকে লক্ষ্য করে ক্ষতিকারক NPM প্যাকেজ প্রকাশ করেছেন, যা সিস্টেম ডেটা সংগ্রহ করে এবং তা আক্রমণকারী নিয়ন্ত্রিত সার্ভিসে পাঠায়।
    • +
  • প্যাকেজগুলি, যা "cursor-retrieval," "cursor-always-local," এবং "cursor-shadow-workspace" নামে চিহ্নিত হয়েছে, OpenSSF প্যাকেজ বিশ্লেষণ স্ক্যানার দ্বারা চিহ্নিত হয়েছিল, যার ফলে MAL-2025-27, MAL-2025-28, এবং MAL-2025-29 পরামর্শগুলি জারি করা হয়।
    • +
  • এই ঘটনা ইনস্টলেশনের আগে NPM প্যাকেজগুলি পরীক্ষা করার গুরুত্বকে তুলে ধরে যাতে সম্ভাব্য নিরাপত্তা হুমকি এড়ানো যায়।
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Zস্নাইক নিরাপত্তা গবেষক ক্ষতিকারক এনপিএম প্যাকেজ স্থাপন করেছেন যা কার্সর.কমকে লক্ষ্য করে। + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[আমি ফায়ারফক্সে স্যুইচ করেছি এবং আর কখনও পিছনে ফিরে তাকাইনি]]> + +
  • ফায়ারফক্স তার উন্নত ট্যাব ব্যবস্থাপনা, লিঙ্ক সংরক্ষণের জন্য বিল্ট-ইন পকেট ফিচার এবং গোপনীয়তা-কেন্দ্রিক ইমেল রিলে জন্য প্রশংসিত হয়, যা এটিকে ক্রোমের একটি শক্তিশালী বিকল্প করে তোলে। - ব্যবহারকারী-বান্ধব স্ক্রিনশট টুল, একটি ChatGPT বোতাম, পিকচার-ইন-পিকচার, কাস্টমাইজযোগ্য অনুসন্ধান বিকল্প এবং মসৃণ স্ক্রলিং এর মতো অতিরিক্ত বৈশিষ্ট্যগুলি ব্রাউজিং অভিজ্ঞতাকে উন্নত করে। - যদিও ফায়ারফক্সের ক্রোমের ওয়েব অ্যাপ ফিচার নেই, এর চিন্তাশীল নকশা এবং কম সম্পদ চাহিদা এটিকে কিছু ব্যবহারকারীর জন্য পছন্দের পছন্দ করে তোলে।
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Zআমি ফায়ারফক্সে স্যুইচ করেছি এবং আর কখনও পিছনে ফিরে তাকাইনি + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[অ্যাপ আপডেট বিপর্যয়ের পর সোনোস সিইও পদত্যাগ করেছেন]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Zঅ্যাপ আপডেট বিপর্যয়ের পর সোনোস সিইও পদত্যাগ করেছেন + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[মিস্টার বিস্টের পেটের মধ্যে]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Zমিস্টার বিস্টের পেটের মধ্যে + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[গিটহাব গিট অপারেশনগুলি ডাউন রয়েছে]]> + +
  • গিটহাব ১৩ জানুয়ারি, ২০২৫ তারিখে একটি গিট অপারেশন আউটেজের সম্মুখীন হয়েছিল, যা অভ্যন্তরীণ লোড ব্যালান্সারে প্রভাবিত একটি কনফিগারেশন পরিবর্তনের কারণে হয়েছিল এবং এটি ২৩:৩৫ থেকে ০০:২৪ ইউটিসি পর্যন্ত স্থায়ী হয়েছিল। - সমস্যাটি কনফিগারেশন পরিবর্তন ফিরিয়ে নিয়ে সমাধান করা হয়েছিল এবং গিটহাব মনিটরিং এবং ডিপ্লয়মেন্ট প্রক্রিয়াগুলি উন্নত করার জন্য কাজ করছে যাতে অনুরূপ ঘটনা প্রতিরোধ করা যায়। - আউটেজটি গিটহাবের অ্যাকশনস এবং পেজেস পরিষেবাগুলিকেও প্রভাবিত করেছিল, যা তাদের প্ল্যাটফর্ম পরিষেবাগুলির আন্তঃসংযুক্ত প্রকৃতিকে তুলে ধরে।
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000Zগিটহাব গিট অপারেশনগুলি ডাউন রয়েছে + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 মুক্তি পেয়েছে ZFS raidz সম্প্রসারণ সহ]]> + +
  • OpenZFS 2.3.0 প্রকাশিত হয়েছে, যা RAIDZ Expansion, Fast Deduplication, Direct Input/Output, JSON আউটপুট এবং দীর্ঘ ফাইল নামের জন্য সমর্থন সহ উল্লেখযোগ্য বৈশিষ্ট্যগুলি প্রবর্তন করেছে। - এই প্রকাশনায় প্রয়োজনীয় বাগ ফিক্স এবং কর্মক্ষমতা উন্নয়ন অন্তর্ভুক্ত রয়েছে, যা লিনাক্স কার্নেল 4.18 - 6.12 এবং ফ্রিBSD সংস্করণ 13.3, 14.0 - 14.2 এর সাথে সামঞ্জস্যপূর্ণ। - এই আপডেটটি 134 জন অবদানকারীর একটি যৌথ প্রচেষ্টা, যার জন্য বিস্তৃত ডকুমেন্টেশন এবং একটি পরিবর্তন লগ পর্যালোচনার জন্য উপলব্ধ।
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 মুক্তি পেয়েছে ZFS raidz সম্প্রসারণ সহ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ওয়েবটপ – আলপাইন, উবুন্টু, ফেডোরা, এবং আর্চ কন্টেইনারগুলি সম্পূর্ণ ডেস্কটপ পরিবেশ সহ অন্তর্ভুক্ত করে]]> + +
  • Linuxserver/webtop সম্পূর্ণ ডেস্কটপ পরিবেশ সহ কন্টেইনার প্রদান করে যা Alpine, Ubuntu, Fedora, এবং Arch এর উপর ভিত্তি করে তৈরি এবং ওয়েব ব্রাউজারের মাধ্যমে অ্যাক্সেসযোগ্য, যা x86-64 এবং arm64 আর্কিটেকচার উভয়কেই সমর্থন করে।
    • +
  • ব্যবহারকারীরা নির্দিষ্ট ইমেজ ট্যাগ ব্যবহার করে XFCE, KDE, MATE, i3, Openbox, এবং IceWM এর মতো বিভিন্ন ডেস্কটপ পরিবেশ থেকে নির্বাচন করতে পারেন এবং নির্দিষ্ট URL এর মাধ্যমে ওয়েবটপে প্রবেশ করতে পারেন।
    • +
  • নিরাপত্তা বৈশিষ্ট্যগুলির মধ্যে রয়েছে Docker-এর seccomp অপশন এবং প্রমাণীকরণ সেটআপ, পরিবেশ ভেরিয়েবলের মাধ্যমে কাস্টমাইজেশন বিকল্পগুলি উপলব্ধ, এবং ওপেন-সোর্স ড্রাইভার সহ GPU ত্বরণ সমর্থন।
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000Zওয়েবটপ – আলপাইন, উবুন্টু, ফেডোরা, এবং আর্চ কন্টেইনারগুলি সম্পূর্ণ ডেস্কটপ পরিবেশ সহ অন্তর্ভুক্ত করে + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[অনুসন্ধানে দেখা গেছে, প্রতি ৫টি অনলাইন চাকরির বিজ্ঞাপনের মধ্যে ১টি হয় ভুয়া অথবা কখনো পূরণ হয় না।]]> + +
  • একটি সাম্প্রতিক গবেষণায় দেখা গেছে যে অনলাইন চাকরির বিজ্ঞাপনগুলির ২০% হয় মিথ্যা বা পূরণ হয় না, যা চাকরি প্রার্থীদের হতাশা বাড়ায়। - এই "ভূত চাকরি" প্রবণতা হতে পারে কোম্পানিগুলির জন্য একটি কৌশল তাদের বৃদ্ধির চিত্র প্রদর্শনের জন্য। - গ্রিনহাউস এবং লিঙ্কডইন-এর মতো চাকরি প্ল্যাটফর্মগুলি ব্যবহারকারীদের প্রকৃত চাকরির সুযোগ সনাক্ত করতে সহায়তা করার জন্য চাকরি যাচাইকরণ পরিষেবা চালু করেছে।
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Zঅনুসন্ধানে দেখা গেছে, প্রতি ৫টি অনলাইন চাকরির বিজ্ঞাপনের মধ্যে ১টি হয় ভুয়া অথবা কখনো পূরণ হয় না। + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[চালকদের সেকেন্ড বাঁচানোর জন্য পথচারীদের জন্য একটি সংযোগস্থলকে অনিরাপদ করা]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Zচালকদের সেকেন্ড বাঁচানোর জন্য পথচারীদের জন্য একটি সংযোগস্থলকে অনিরাপদ করা + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL হল ২০২৪ সালের ডেটাবেস ম্যানেজমেন্ট সিস্টেম অফ দ্য ইয়ার]]> + +
  • PostgreSQL DB-Engines দ্বারা ২০২৪ সালের DBMS অফ দ্য ইয়ার পুরস্কার পেয়েছে, যা ৪২৩টি অন্যান্য ডাটাবেস ম্যানেজমেন্ট সিস্টেমকে অতিক্রম করে পঞ্চমবারের মতো এই স্বীকৃতি অর্জন করেছে।
    • +
  • প্রায় ৩৫ বছরের ইতিহাস নিয়ে PostgreSQL এখনও উদ্ভাবন করে চলেছে, যা সেপ্টেম্বর ২০২৪-এ প্রকাশিত PostgreSQL 17-এর সাম্প্রতিক উন্নতিগুলিতে দেখা যায়।
    • +
  • স্নোফ্লেক এবং মাইক্রোসফট যথাক্রমে দ্বিতীয় এবং তৃতীয় স্থান অর্জন করেছে, যেখানে স্নোফ্লেক তার ক্লাউড-ভিত্তিক ডেটা ওয়্যারহাউজিং এবং মাল্টি-ক্লাউড সমর্থনের জন্য উল্লেখযোগ্য, অন্যদিকে মাইক্রোসফ্ট অ্যাজুর এসকিউএল ডেটাবেস এবং এসকিউএল সার্ভারের মাধ্যমে শক্তিশালী পরিচালিত রিলেশনাল ডেটাবেস সরবরাহ করে।
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL হল ২০২৪ সালের ডেটাবেস ম্যানেজমেন্ট সিস্টেম অফ দ্য ইয়ার + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[গুগলের OAuth লগইন একটি ব্যর্থ স্টার্টআপ ডোমেইন কেনার বিরুদ্ধে সুরক্ষা প্রদান করে না]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Zগুগলের OAuth লগইন একটি ব্যর্থ স্টার্টআপ ডোমেইন কেনার বিরুদ্ধে সুরক্ষা প্রদান করে না + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[কোডিং দক্ষতা ব্যবহার করে প্যাসিভ আয় করা]]> + +
  • লেখক একজন সিটিও ভূমিকা থেকে একক উদ্যোক্তা হিসেবে রূপান্তরিত হয়েছেন, সফটওয়্যার পণ্যের একটি পোর্টফোলিওর মাধ্যমে সফলভাবে আরও বেশি উপার্জন করছেন।
    • +
  • মূল কৌশলগুলির মধ্যে রয়েছে গভীর কাজের উপর মনোযোগ দেওয়া, ছোট প্রকল্প দিয়ে শুরু করা, দ্রুত পুনরাবৃত্তি করা এবং বিপণন প্রচেষ্টার জন্য সময় উৎসর্গ করা।
    • +
  • যাত্রাটি অনিশ্চয়তার কারণে স্থিতিস্থাপকতার উপর জোর দেয়, তবে এই ক্যারিয়ার পথের অতুলনীয় স্বায়ত্তশাসন এবং স্বাধীনতাকে তুলে ধরে, কোডিং দক্ষতা সম্পন্ন ব্যক্তিদের এটি প্যাসিভ আয়ের জন্য বিবেচনা করার জন্য উৎসাহিত করে।
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Zকোডিং দক্ষতা ব্যবহার করে প্যাসিভ আয় করা + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[স্পেন অ-ইউরোপীয় ইউনিয়নের বাসিন্দাদের দ্বারা কেনা বাড়ির উপর ১০০% কর প্রস্তাব করেছে]]> + +
  • স্পেন অ-ইউরোপীয় ইউনিয়নের বাসিন্দাদের দ্বারা রিয়েল এস্টেট ক্রয়ের উপর ১০০% কর আরোপের কথা বিবেচনা করছে, যা আবাসন সংকট মোকাবেলা এবং জল্পনামূলক ক্রয় নিয়ন্ত্রণের লক্ষ্যে।
    • +
  • প্রধানমন্ত্রী পেদ্রো সানচেজের প্রস্তাবের মধ্যে রয়েছে সামাজিক আবাসন সম্প্রসারণ এবং পর্যটক ভাড়াগুলি নিয়ন্ত্রণ করা, যা আবাসন মূল্য এবং আয়ের মধ্যে বৈষম্য মোকাবেলা করতে সহায়ক হবে।
    • +
  • প্রস্তাবটির আইন হিসেবে ভবিষ্যৎ অনিশ্চিত, কিছু বিশ্লেষক এটিকে বিদেশি বিনিয়োগকারীদের জন্য একটি প্রতিবন্ধকতা হিসেবে দেখছেন, নিশ্চিত আইনগত পরিবর্তন হিসেবে নয়।
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Zস্পেন অ-ইউরোপীয় ইউনিয়নের বাসিন্দাদের দ্বারা কেনা বাড়ির উপর ১০০% কর প্রস্তাব করেছে + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[অ্যাপল শীঘ্রই TSMC-এর অ্যারিজোনা ফ্যাব থেকে 'মেড ইন আমেরিকা' চিপস পাবে]]> + +
  • অ্যাপল টিএসএমসি'র অ্যারিজোনা কারখানার প্রসেসর পরীক্ষা করছে, প্রথম ত্রৈমাসিকের মধ্যে ব্যাপক উৎপাদনের পরিকল্পনা নিয়ে, যা স্থানীয়ভাবে উত্পাদিত চিপের জন্য টিএসএমসি'র প্রথম মার্কিন গ্রাহক হতে পারে। - এই উদ্যোগটি মার্কিন সিলিকন স্বাধীনতা বাড়ানোর লক্ষ্যে, তাইওয়ানের উপর নির্ভরতা কমানোর জন্য, যা ভূ-রাজনৈতিক এবং প্রাকৃতিক ঝুঁকির প্রতি সংবেদনশীল। - টিএসএমসি'র অ্যারিজোনা ফ্যাব উন্নত ৩এনএম এবং ২এনএম চিপ উৎপাদন করবে, স্থানীয় নিয়োগ এবং মার্কিন বিশ্ববিদ্যালয়গুলির সাথে অংশীদারিত্ব বাড়ানোর প্রচেষ্টা চলমান রয়েছে, যদিও প্যাকেজিং প্রাথমিকভাবে তাইওয়ানে ঘটবে যতক্ষণ না পিওরিয়া কারখানাটি কার্যকর হয়।
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Zঅ্যাপল শীঘ্রই TSMC-এর অ্যারিজোনা ফ্যাব থেকে 'মেড ইন আমেরিকা' চিপস পাবে + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[কনজেশন প্রাইসিং চালু হওয়ার পর ম্যানহাটনের রাস্তায় ৪৩ হাজার কম গাড়িচালক]]> + +
  • যখন যানজট মূল্য নির্ধারণ কার্যকর করা হয়েছিল, তখন ৬০তম স্ট্রিটের নিচে ম্যানহাটনে প্রবেশকারী চালকদের সংখ্যা ৭.৫% হ্রাস পেয়েছিল, যা প্রতিদিনের সপ্তাহের দিনে ৪৩,০০০ কম চালকের সমান।
    • +
  • যানজট কমে যাওয়ায় ট্রাফিক প্রবাহ উন্নত হয়েছে এবং বাসের গতি বেড়েছে, কিছু এক্সপ্রেস বাসে যাত্রী সংখ্যা বৃদ্ধি পেয়েছে।
    • +
  • মেট্রোপলিটন ট্রান্সপোর্টেশন অথরিটি (এমটিএ) কিছু রাজনৈতিক বিরোধিতা সত্ত্বেও ট্রানজিট উন্নতির জন্য টোল রাজস্ব, যা বার্ষিক প্রায় ৫০০ মিলিয়ন ডলার অনুমান করা হয়, ব্যবহার করে।
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Zকনজেশন প্রাইসিং চালু হওয়ার পর ম্যানহাটনের রাস্তায় ৪৩ হাজার কম গাড়িচালক + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Uv-এর বিশেষ বৈশিষ্ট্য হল তাৎক্ষণিক পরিবেশ তৈরি করা সহজ করে তোলে]]> 2025-01-05T00:00:00.000Zগুটেন: একটি ক্ষুদ্র সংবাদপত্র প্রিন্টার Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[স্বয়ংচালিত ১৯৯৩ ভলভো ওপেন পাইলট সহ]]> - -
  • একদল বন্ধু কারবেজ রান ২০২৫ শীতকালীন সংস্করণে অংশগ্রহণ করেছিল, যা সুইডেনের মধ্য দিয়ে মেরু বৃত্ত পর্যন্ত এবং হেলসিঙ্কিতে ফিরে আসার জন্য ৬ দিনের একটি র্যালি, যেখানে গাড়িগুলির বয়স কমপক্ষে ২০ বছর হতে হবে এবং মূল্য €১০০০ এর নিচে হতে হবে।
    • -
  • তারা একটি ১৯৯৩ সালের ভলভো ৯৪০ এস্টেটকে স্বয়ংচালিত গাড়িতে রূপান্তরিত করেছে, কমা.এআই-এর ওপেনপাইলট ব্যবহার করে, যেখানে আধুনিক উপাদান যেমন বৈদ্যুতিক পাওয়ার স্টিয়ারিং, একটি বোশ আইবুস্টার এবং একটি টেসলা রাডার সেন্সর অন্তর্ভুক্ত করা হয়েছে।
    • -
  • ভবিষ্যতের আপডেটগুলিতে তারের বিশদ, একটি কাস্টম ইঞ্জিন কন্ট্রোল ইউনিট (ইসিইউ) এবং কোডটি ওপেন-সোর্স করার পরিকল্পনা অন্তর্ভুক্ত থাকবে, যা পুরানো যানবাহনগুলিকে স্বয়ংক্রিয় প্রযুক্তির সাথে রেট্রোফিট করার প্রকল্পের উদ্ভাবনী পদ্ধতির উপর আলোকপাত করবে।
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Zস্বয়ংচালিত ১৯৯৩ ভলভো ওপেন পাইলট সহ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[ভক্সেলস্পেস: ২০ লাইনের কম কোডে ভূখণ্ড রেন্ডারিং অ্যালগরিদম (২০২০)]]> - -
  • NovaLogic-এর ১৯৯২ সালের গেম Comanche Voxel Space ইঞ্জিন ব্যবহার করেছিল, যা রে কাস্টিং-এর উপর ভিত্তি করে একটি ২.৫ডি রেন্ডারিং কৌশল, যা ছায়া এবং শেডিং সহ বিস্তারিত ভূখণ্ড তৈরি করেছিল।
    • -
  • ভক্সেল স্পেস ইঞ্জিন উচ্চতা এবং রঙের মানচিত্র এবং একটি সহজ রেন্ডারিং অ্যালগরিদম ব্যবহার করত, যা পিছন থেকে সামনে পর্যন্ত উল্লম্ব রেখা আঁকত, যা কর্মক্ষমতার জন্য অপ্টিমাইজ করা যেতে পারত।
    • -
  • ইঞ্জিনের কোডটি এমআইটি লাইসেন্সের অধীনে উপলব্ধ, তবে প্রযুক্তিটি এখনও কিছু অঞ্চলে পেটেন্ট করা হতে পারে।
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000Zভক্সেলস্পেস: ২০ লাইনের কম কোডে ভূখণ্ড রেন্ডারিং অ্যালগরিদম (২০২০) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[ভিডিও গেমে একটি আউটলাইন কীভাবে আঁকবেন]]> - -
  • প্রবন্ধটি ইউনিটি, একটি জনপ্রিয় গেম ডেভেলপমেন্ট প্ল্যাটফর্মে আউটলাইন রেন্ডার করার পাঁচটি কৌশল নিয়ে আলোচনা করে, যা সেবল এবং দ্য লাস্ট অফ আস-এর মতো গেমে তাদের ব্যবহারের উপর আলোকপাত করে। - কৌশলগুলির মধ্যে রয়েছে রিম ইফেক্টস, ভার্টেক্স এক্সট্রুশন, ব্লার্ড বাফার, জাম্প ফ্লাড অ্যালগরিদম, এবং এজ ডিটেকশন, প্রতিটি পারফরম্যান্স এবং ভিজ্যুয়াল গুণমানের ক্ষেত্রে অনন্য সুবিধা এবং ট্রেড-অফ সহ। - প্রবন্ধটি এই পদ্ধতিগুলিকে ভারসাম্যপূর্ণ করার অন্তর্দৃষ্টি প্রদান করে যাতে গেমের নান্দনিকতা এবং গেমপ্লে সমর্থনের জন্য সর্বোত্তম হয়, অতিরিক্ত সম্পদ এবং 3D মডেলের জন্য ক্রেডিট সহ।
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Zভিডিও গেমে একটি আউটলাইন কীভাবে আঁকবেন - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[আমি ওয়াশিংটন পোস্ট ছেড়ে দিচ্ছি]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Zআমি ওয়াশিংটন পোস্ট ছেড়ে দিচ্ছি - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[পারপ্লেক্সিটি বিজ্ঞাপন পেয়েছে]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Zপারপ্লেক্সিটি বিজ্ঞাপন পেয়েছে - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/cs.xml b/static/rss/story/cs.xml index 1a3ada34f..7f8a8fcf4 100644 --- a/static/rss/story/cs.xml +++ b/static/rss/story/cs.xml @@ -15,11 +15,206 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[„Výzkumník bezpečnosti Snyk nasazuje škodlivé balíčky NPM zaměřené na cursor.com“]]> + +
  • „Bezpečnostní výzkumník ze společnosti Snyk zveřejnil škodlivé balíčky NPM zaměřené na Cursor.com, společnost zabývající se AI kódováním, s cílem shromažďovat systémová data a odesílat je na službu ovládanou útočníkem.“
    • +
  • „Balíčky, identifikované jako „cursor-retrieval“, „cursor-always-local“ a „cursor-shadow-workspace“, byly označeny skenerem analýzy balíčků OpenSSF, což vedlo k vydání upozornění MAL-2025-27, MAL-2025-28 a MAL-2025-29.“
    • +
  • „Tento incident zdůrazňuje důležitost pečlivého prověřování NPM balíčků před jejich instalací, aby se předešlo možným bezpečnostním hrozbám.“
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Z„Výzkumník bezpečnosti Snyk nasazuje škodlivé balíčky NPM zaměřené na cursor.com“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Přešel jsem na Firefox a nikdy se neohlédl zpět“]]> + +
  • „Firefox je chválen za svou vynikající správu karet, vestavěnou funkci Pocket pro ukládání odkazů a e-mailový relé zaměřený na ochranu soukromí, což z něj činí silnou alternativu k Chromu. - Další funkce jako uživatelsky přívětivý nástroj pro snímky obrazovky, tlačítko ChatGPT, režim obraz v obraze, přizpůsobitelné možnosti vyhledávání a plynulé rolování zlepšují zážitek z prohlížení. - Ačkoli Firefox postrádá funkci webových aplikací Chromu, jeho promyšlený design a nižší nároky na zdroje z něj činí preferovanou volbu pro některé uživatele.“
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Z„Přešel jsem na Firefox a nikdy se neohlédl zpět“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Generální ředitel společnosti Sonos odstupuje po fiasku s aktualizací aplikace“]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Z„Generální ředitel společnosti Sonos odstupuje po fiasku s aktualizací aplikace“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„V břiše MrBeasta“]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Z„V břiše MrBeasta“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Operace Git na GitHubu jsou mimo provoz“]]> + +
  • „GitHub čelil výpadku operací Git dne 13. ledna 2025 kvůli změně konfigurace ovlivňující interní vyrovnávač zatížení, který trval od 23:35 do 00:24 UTC. - Problém byl vyřešen vrácením změny konfigurace a GitHub pracuje na zlepšení monitorovacích a nasazovacích procesů, aby se předešlo podobným incidentům. - Výpadek také ovlivnil služby GitHub Actions a Pages, což zdůrazňuje propojenou povahu jejich platformových služeb.“
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000Z„Operace Git na GitHubu jsou mimo provoz“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„ZFS 2.3 vydán s rozšířením ZFS raidz“]]> + +
  • „OpenZFS 2.3.0 byl vydán a přináší významné funkce jako rozšíření RAIDZ, rychlou deduplikaci, přímý vstup/výstup, výstup ve formátu JSON a podporu pro dlouhé názvy souborů. - Vydání zahrnuje důležité opravy chyb a vylepšení výkonu, kompatibilní s jádry Linuxu 4.18 - 6.12 a verzemi FreeBSD 13.3, 14.0 - 14.2. - Aktualizace je výsledkem spolupráce 134 přispěvatelů, s dostupnou komplexní dokumentací a seznamem změn k nahlédnutí.“
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000Z„ZFS 2.3 vydán s rozšířením ZFS raidz“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Webtop – kontejnery Alpine, Ubuntu, Fedora a Arch obsahující plná desktopová prostředí“]]> + +
  • „Linuxserver/webtop poskytuje kontejnery založené na Alpine, Ubuntu, Fedora a Arch s plnými desktopovými prostředími přístupnými přes webové prohlížeče, podporujícími jak architektury x86-64, tak arm64.“
    • +
  • „Uživatelé si mohou vybrat z různých desktopových prostředí, jako jsou XFCE, KDE, MATE, i3, Openbox a IceWM, pomocí specifických značek obrázků a přistupovat k Webtopu prostřednictvím určených URL.“
    • +
  • „Bezpečnostní funkce zahrnují možnost seccomp v Dockeru a nastavení autentizace, s možnostmi přizpůsobení prostřednictvím proměnných prostředí, a podporu pro akceleraci GPU s open-source ovladači.“
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000Z„Webtop – kontejnery Alpine, Ubuntu, Fedora a Arch obsahující plná desktopová prostředí“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„1 z 5 online pracovních nabídek je buď falešná, nebo nikdy není obsazena, zjistila studie.“]]> + +
  • „Nedávná studie naznačuje, že 20 % online pracovních nabídek je buď falešných, nebo zůstává neobsazených, což přispívá k frustraci uchazečů o zaměstnání. - Tento trend „duchovních pracovních míst“ může být taktikou firem, jak projektovat obraz růstu. - Pracovní platformy jako Greenhouse a LinkedIn zavedly služby ověřování pracovních nabídek, aby uživatelům pomohly identifikovat skutečné pracovní příležitosti.“
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z„1 z 5 online pracovních nabídek je buď falešná, nebo nikdy není obsazena, zjistila studie.“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Učinit křižovatku nebezpečnou pro chodce, aby se ušetřily sekundy pro řidiče“]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Z„Učinit křižovatku nebezpečnou pro chodce, aby se ušetřily sekundy pro řidiče“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„PostgreSQL je systém pro správu databází roku 2024“]]> + +
  • „PostgreSQL byl oceněn jako DBMS roku 2024 podle DB-Engines, čímž získal toto uznání popáté a překonal 423 dalších systémů pro správu databází.“
    • +
  • „PostgreSQL, s historií sahající téměř 35 let zpět, nadále inovuje, jak je vidět na nedávných vylepšeních PostgreSQL 17, vydaných v září 2024.“
    • +
  • „Snowflake a Microsoft si zajistily druhé a třetí místo, přičemž Snowflake je známý pro své cloudové datové sklady a podporu více cloudů, zatímco Microsoft nabízí robustní spravované relační databáze prostřednictvím Azure SQL Database a SQL Server.“
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000Z„PostgreSQL je systém pro správu databází roku 2024“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Google OAuth přihlášení nechrání proti nákupu domény zkrachovalého startupu“]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Z„Google OAuth přihlášení nechrání proti nákupu domény zkrachovalého startupu“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Použití programovacích dovedností k vytváření pasivního příjmu“]]> + +
  • „Autor přešel z role CTO na solopodnikatele a úspěšně vydělává více prostřednictvím portfolia softwarových produktů.“
    • +
  • „Klíčové strategie zahrnují zaměření na hlubokou práci, začínání s malými projekty, rychlé iterace a věnování času marketingovým aktivitám.“
    • +
  • „Cesta zdůrazňuje odolnost kvůli nejistotám, ale vyzdvihuje jedinečnou autonomii a svobodu této kariérní cesty, čímž povzbuzuje ty, kteří mají dovednosti v programování, aby ji zvážili jako zdroj pasivního příjmu.“
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Z„Použití programovacích dovedností k vytváření pasivního příjmu“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Španělsko navrhuje 100% daň na domy koupené rezidenty mimo EU“]]> + +
  • „Španělsko zvažuje zavedení 100% daně na nákupy nemovitostí osobami, které nejsou rezidenty EU, s cílem řešit krizi bydlení a omezit spekulativní nákupy.“
    • +
  • „Návrh premiéra Pedra Sáncheze zahrnuje rozšíření sociálního bydlení a regulaci turistických pronájmů, aby se řešila nerovnováha mezi cenami bydlení a příjmy.“
    • +
  • „Budoucnost návrhu jako zákona je nejistá, přičemž někteří analytici jej vnímají spíše jako odstrašující prostředek pro zahraniční investory než jako zaručenou legislativní změnu.“
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Z„Španělsko navrhuje 100% daň na domy koupené rezidenty mimo EU“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Apple brzy obdrží čipy 'vyrobené v Americe' z továrny TSMC v Arizoně“]]> + +
  • „Apple testuje procesory z arizonského závodu TSMC s plány na hromadnou výrobu v prvním čtvrtletí, což by mohlo z TSMC udělat prvního amerického zákazníka pro lokálně vyráběné čipy. - Tato iniciativa má za cíl posílit americkou nezávislost na křemíku a snížit závislost na Tchaj-wanu, který je zranitelný vůči geopolitickým a přírodním rizikům. - Arizonská továrna TSMC má vyrábět pokročilé 3nm a 2nm čipy, s probíhajícími snahami o posílení místního náboru a partnerství s americkými univerzitami, ačkoli balení bude zpočátku probíhat na Tchaj-wanu, dokud nebude provozuschopné zařízení v Peorii.“
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Z„Apple brzy obdrží čipy 'vyrobené v Americe' z továrny TSMC v Arizoně“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„O 43 tisíc řidičů méně na silnicích Manhattanu poté, co bylo zavedeno zpoplatnění dopravy.“]]> + +
  • „Po zavedení poplatků za vjezd do centra došlo k 7,5% snížení počtu řidičů vjíždějících do Manhattanu pod 60. ulicí, což odpovídá 43 000 méně řidičům každý všední den.“
    • +
  • „Snížení provozu zlepšilo plynulost dopravy a zvýšilo rychlost autobusů, přičemž některé expresní autobusy zaznamenaly vyšší počet cestujících.“
    • +
  • „Metropolitní dopravní úřad (MTA) využívá příjmy z mýtného, které se odhadují na 500 milionů dolarů ročně, na zlepšení dopravy, a to i přes určitou politickou opozici.“
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z„O 43 tisíc řidičů méně na silnicích Manhattanu poté, co bylo zavedeno zpoplatnění dopravy.“ + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[„Killer funkcí Uv je snadné vytváření ad-hoc prostředí.“]]> 2025-01-05T00:00:00.000Z„Guten: Malá tiskárna novin“ Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[„Samořídící Volvo z roku 1993 s otevřeným pilotem“]]> - -
  • „Skupina přátel se zúčastnila zimní edice Carbage Run 2025, což je šestidenní rallye přes Švédsko k polárnímu kruhu a zpět do Helsinek, přičemž auta musí být stará alespoň 20 let a mít hodnotu pod 1000 €.“
    • -
  • „Přeměnili Volvo 940 Estate z roku 1993 na autonomní vozidlo pomocí openpilot od comma.ai, přičemž začlenili moderní komponenty jako elektrické posilovače řízení, Bosch iBooster a radarový senzor Tesla.“
    • -
  • „Budoucí aktualizace budou zahrnovat podrobnosti o elektroinstalaci, vlastní řídicí jednotce motoru (ECU) a plány na otevření zdrojového kódu, což zdůrazňuje inovativní přístup projektu k modernizaci starších vozidel s autonomní technologií.“
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z„Samořídící Volvo z roku 1993 s otevřeným pilotem“ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„VoxelSpace: Algoritmus pro vykreslování terénu v méně než 20 řádcích kódu (2020)“]]> - -
  • „Hra Comanche od NovaLogic z roku 1992 využívala engine Voxel Space, což je 2.5D vykreslovací technika založená na ray castingu, k vytvoření detailních terénů se stínováním a stíny.“
    • -
  • „Voxel Space engine používal výškové a barevné mapy a jednoduchý vykreslovací algoritmus, který kreslil svislé čáry od zadní části k přední, což mohlo být optimalizováno pro výkon.“
    • -
  • „Kód motoru je dostupný pod licencí MIT, ale technologie může být stále patentována v některých regionech.“
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000Z„VoxelSpace: Algoritmus pro vykreslování terénu v méně než 20 řádcích kódu (2020)“ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Jak nakreslit obrys ve videohře“]]> - -
  • „Článek pojednává o pěti technikách pro vykreslování obrysů v Unity, populární platformě pro vývoj her, a zdůrazňuje jejich použití ve hrách jako Sable a The Last of Us. - Techniky zahrnují Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm a Edge Detection, z nichž každá má jedinečné výhody a kompromisy z hlediska výkonu a vizuální kvality. - Článek poskytuje vhled do vyvážení těchto metod pro optimální estetiku her a podporu hratelnosti, s dalšími zdroji a kredity pro 3D modely.“
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Z„Jak nakreslit obrys ve videohře“ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Odcházím z Washington Post“]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Z„Odcházím z Washington Post“ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Perplexity má reklamy“]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Z„Perplexity má reklamy“ - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/da.xml b/static/rss/story/da.xml index b23ad774a..cf1ec69e9 100644 --- a/static/rss/story/da.xml +++ b/static/rss/story/da.xml @@ -15,11 +15,205 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[En Snyk-sikkerhedsforsker implementerer ondsindede NPM-pakker rettet mod cursor.com]]> + +
  • En Snyk-sikkerhedsforsker frigav ondsindede NPM-pakker rettet mod Cursor.com, et AI-kodningsfirma, for at indsamle systemdata og sende dem til en angriberkontrolleret tjeneste.
    • +
  • Pakkerne, identificeret som "cursor-retrieval," "cursor-always-local," og "cursor-shadow-workspace," blev markeret af OpenSSF-pakkeanalysescanneren, hvilket resulterede i rådgivninger MAL-2025-27, MAL-2025-28 og MAL-2025-29.
    • +
  • Denne hændelse understreger vigtigheden af at undersøge NPM-pakker grundigt inden installation for at undgå potentielle sikkerhedstrusler.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZEn Snyk-sikkerhedsforsker implementerer ondsindede NPM-pakker rettet mod cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Jeg skiftede til Firefox og har aldrig set mig tilbage]]> + +
  • Firefox bliver rost for sin overlegne fanebladshåndtering, indbyggede Pocket-funktion til at gemme links og en privatlivsfokuseret e-mail-relæ, hvilket gør det til et stærkt alternativ til Chrome. - Yderligere funktioner som et brugervenligt skærmbilledeværktøj, en ChatGPT-knap, Billede-i-billede, tilpasselige søgemuligheder og jævn rullefunktion forbedrer browseroplevelsen. - Selvom Firefox mangler Chromes webapp-funktion, gør dets gennemtænkte design og reducerede ressourcekrav det til et foretrukket valg for nogle brugere.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZJeg skiftede til Firefox og har aldrig set mig tilbage + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Sonos' administrerende direktør træder tilbage efter app-opdateringsfiasko]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZSonos' administrerende direktør træder tilbage efter app-opdateringsfiasko + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[I maven på MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZI maven på MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[GitHub Git-operationer er nede]]> + +
  • GitHub oplevede et nedbrud i Git-operationer den 13. januar 2025 på grund af en konfigurationsændring, der påvirkede den interne load balancer, og varede fra 23:35 til 00:24 UTC. - Problemet blev løst ved at tilbageføre konfigurationsændringen, og GitHub arbejder på at forbedre overvågnings- og implementeringsprocesser for at forhindre lignende hændelser. - Nedbruddet påvirkede også GitHubs Actions og Pages-tjenester, hvilket fremhæver den indbyrdes forbundne natur af deres platformtjenester.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZGitHub Git-operationer er nede + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 udgivet med ZFS raidz-udvidelse]]> + +
  • OpenZFS 2.3.0 er blevet udgivet og introducerer betydelige funktioner som RAIDZ-udvidelse, hurtig deduplikering, direkte input/output, JSON-output og understøttelse af lange filnavne. - Udgivelsen inkluderer væsentlige fejlrettelser og ydeevneforbedringer, kompatibel med Linux-kerner 4.18 - 6.12 og FreeBSD-versioner 13.3, 14.0 - 14.2. - Opdateringen er et samarbejde fra 134 bidragydere, med omfattende dokumentation og en ændringslog tilgængelig for gennemgang.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 udgivet med ZFS raidz-udvidelse + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Alpine, Ubuntu, Fedora og Arch containere, der indeholder fulde desktop-miljøer]]> + +
  • Linuxserver/webtop tilbyder containere baseret på Alpine, Ubuntu, Fedora og Arch med fulde skrivebordsmiljøer, der er tilgængelige gennem webbrowsere, og som understøtter både x86-64 og arm64 arkitekturer.
    • +
  • Brugere kan vælge mellem forskellige skrivebordsmiljøer som XFCE, KDE, MATE, i3, Openbox og IceWM ved at bruge specifikke billedtags og få adgang til Webtop via angivne URL'er.
    • +
  • Security-funktioner inkluderer Dockers seccomp-option og autentificeringsopsætning, med tilpasningsmuligheder tilgængelige gennem miljøvariabler, samt support til GPU-acceleration med open-source drivere.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Alpine, Ubuntu, Fedora og Arch containere, der indeholder fulde desktop-miljøer + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 ud af 5 online jobopslag er enten falske eller aldrig besat, viser undersøgelse]]> + +
  • En nylig undersøgelse viser, at 20% af online jobopslag enten er falske eller forbliver ubesatte, hvilket øger jobsøgendes frustration. - Denne "spøgelsesjob"-tendens kan være en taktik for virksomheder til at projicere et billede af vækst. - Jobplatforme som Greenhouse og LinkedIn har introduceret jobverifikationstjenester for at hjælpe brugere med at identificere ægte jobmuligheder.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 ud af 5 online jobopslag er enten falske eller aldrig besat, viser undersøgelse + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[At gøre et vejkryds usikkert for fodgængere for at spare sekunder for bilister]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZAt gøre et vejkryds usikkert for fodgængere for at spare sekunder for bilister + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL er Årets Databasestyringssystem 2024]]> + +
  • PostgreSQL er blevet tildelt prisen som Årets DBMS 2024 af DB-Engines, og opnår denne anerkendelse for femte gang, idet det overgår 423 andre databasehåndteringssystemer.
    • +
  • PostgreSQL, med en historie der strækker sig over næsten 35 år, fortsætter med at innovere, som det ses i de seneste forbedringer af PostgreSQL 17, der blev udgivet i september 2024.
    • +
  • Snowflake og Microsoft sikrede sig henholdsvis anden- og tredjepladsen, hvor Snowflake blev bemærket for sin cloud-baserede datawarehousing og multi-cloud support, mens Microsoft tilbyder robuste administrerede relationelle databaser gennem Azure SQL Database og SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL er Årets Databasestyringssystem 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Googles OAuth-login beskytter ikke mod køb af et mislykket startup-domæne]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZGoogles OAuth-login beskytter ikke mod køb af et mislykket startup-domæne + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Brug af kodningsfærdigheder til at skabe passiv indkomst]]> + +
  • Forfatteren gik fra en CTO-rolle til at blive soloprenør og tjente med succes mere gennem en portefølje af softwareprodukter.
    • +
  • Vigtige strategier inkluderer at fokusere på dybt arbejde, starte med små projekter, iterere hurtigt og dedikere tid til markedsføringsindsatser.
    • +
  • Rejsen understreger modstandskraft på grund af usikkerheder, men fremhæver den uovertrufne autonomi og frihed ved denne karrierevej, hvilket opmuntrer dem med kodningsfærdigheder til at overveje det som en kilde til passiv indkomst.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZBrug af kodningsfærdigheder til at skabe passiv indkomst + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Spanien foreslår 100% skat på boliger købt af ikke-EU-borgere]]> + +
  • Spanien overvejer en 100% skat på ejendomskøb foretaget af ikke-EU-borgere med det formål at tackle boligkrisen og begrænse spekulative køb.
    • +
  • Premierminister Pedro Sánchez' forslag omfatter udvidelse af sociale boliger og regulering af turistudlejninger for at tackle forskellen mellem boligpriser og indkomster.
    • +
  • Forslagets fremtid som lov er usikker, da nogle analytikere ser det som en afskrækkelse for udenlandske investorer snarere end en garanteret lovgivningsændring.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZSpanien foreslår 100% skat på boliger købt af ikke-EU-borgere + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple vil snart modtage 'fremstillet i Amerika' chips fra TSMC's fabrik i Arizona]]> + +
  • Apple tester processorer fra TSMC's facilitet i Arizona med planer om masseproduktion i første kvartal, hvilket potentielt gør dem til TSMC's første amerikanske kunde for lokalt fremstillede chips. - Dette initiativ har til formål at styrke USA's uafhængighed inden for silicium og reducere afhængigheden af Taiwan, som er sårbar over for geopolitiske og naturlige risici. - TSMC's fabrik i Arizona skal producere avancerede 3nm og 2nm chips, med igangværende bestræbelser på at forbedre lokal rekruttering og partnerskaber med amerikanske universiteter, selvom pakning i første omgang vil finde sted i Taiwan, indtil anlægget i Peoria er operationelt.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple vil snart modtage 'fremstillet i Amerika' chips fra TSMC's fabrik i Arizona + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43.000 færre bilister på Manhattans veje efter indførelsen af trængselsafgifter]]> + +
  • Efter indførelsen af trængselsafgifter var der en reduktion på 7,5 % i antallet af bilister, der kørte ind i Manhattan under 60th Street, hvilket svarer til 43.000 færre bilister hver hverdag.
    • +
  • Reduktionen i trafikken har forbedret trafikflowet og øget bussernes hastigheder, hvor nogle ekspresbusser oplever højere passagertal.
    • +
  • Metropolitan Transportation Authority (MTA) bruger indtægterne fra vejafgifter, anslået til 500 millioner dollars årligt, til forbedringer af offentlig transport, på trods af en vis politisk modstand.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43.000 færre bilister på Manhattans veje efter indførelsen af trængselsafgifter + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Uv's dræberfunktion er at gøre ad-hoc miljøer nemme.]]> 2025-01-05T00:00:00.000ZGuten: En lille avistrykker Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Selvkørende 1993 Volvo med open pilot]]> - -
  • En gruppe venner deltog i Carbage Run 2025 Winter-udgaven, et 6-dages rally gennem Sverige til polarcirklen og tilbage til Helsinki, hvor bilerne skulle være mindst 20 år gamle og have en værdi under €1000.
    • -
  • De omdannede en 1993 Volvo 940 Estate til et selvkørende køretøj ved hjælp af openpilot fra comma.ai, og integrerede moderne komponenter som elektrisk servostyring, en Bosch iBooster og en Tesla radarsensor.
    • -
  • Fremtidige opdateringer vil inkludere detaljer om ledningsføring, en specialfremstillet motorstyringsenhed (ECU) og planer om at open-source koden, hvilket fremhæver projektets innovative tilgang til at eftermontere ældre køretøjer med autonom teknologi.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZSelvkørende 1993 Volvo med open pilot - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Terrænrenderingsalgoritme på mindre end 20 linjer kode (2020)]]> - -
  • NovaLogics spil Comanche fra 1992 anvendte Voxel Space-motoren, en 2.5D renderingsteknik baseret på ray casting, til at skabe detaljerede terræner med skygger og skyggeeffekter.
    • -
  • Voxel Space-motoren brugte højde- og farvekort samt en simpel renderingsalgoritme, der tegnede lodrette linjer fra bag til front, hvilket kunne optimeres for ydeevne.
    • -
  • Motorens kode er tilgængelig under MIT-licensen, men teknologien kan stadig være patenteret i visse regioner.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Terrænrenderingsalgoritme på mindre end 20 linjer kode (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Sådan tegner du en omrids i et videospil]]> - -
  • Artiklen diskuterer fem teknikker til at gengive konturer i Unity, en populær spiludviklingsplatform, og fremhæver deres anvendelse i spil som Sable og The Last of Us. - Teknikkerne inkluderer Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm og Edge Detection, hver med unikke fordele og kompromiser i forhold til ydeevne og visuel kvalitet. - Artiklen giver indsigt i at balancere disse metoder for optimal spilæstetik og gameplay-understøttelse, med yderligere ressourcer og krediteringer for 3D-modeller inkluderet.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZSådan tegner du en omrids i et videospil - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Jeg stopper på Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZJeg stopper på Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity har fået annoncer]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity har fået annoncer - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/de.xml b/static/rss/story/de.xml index d49bce691..5715853c9 100644 --- a/static/rss/story/de.xml +++ b/static/rss/story/de.xml @@ -15,13 +15,213 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 <![CDATA[„Snyk-Sicherheitsforscher setzt bösartige NPM-Pakete ein, die auf cursor.com abzielen.“]]> + +
  • „Ein Snyk-Sicherheitsforscher veröffentlichte bösartige NPM-Pakete, die auf Cursor.com, ein KI-Coding-Unternehmen, abzielen, um Systemdaten zu sammeln und an einen von Angreifern kontrollierten Dienst zu senden.“
    • +
  • „Die Pakete, die als „cursor-retrieval“, „cursor-always-local“ und „cursor-shadow-workspace“ identifiziert wurden, wurden vom OpenSSF-Paketanalysescanner markiert, was zu den Warnungen MAL-2025-27, MAL-2025-28 und MAL-2025-29 führte.“
    • +
  • „Dieser Vorfall unterstreicht die Bedeutung der Überprüfung von NPM-Paketen vor der Installation, um potenzielle Sicherheitsbedrohungen zu vermeiden.“
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Z„Snyk-Sicherheitsforscher setzt bösartige NPM-Pakete ein, die auf cursor.com abzielen.“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Ich bin zu Firefox gewechselt und habe nie zurückgeblickt.“]]> + +
  • „Firefox wird für seine überlegene Tab-Verwaltung, die integrierte Pocket-Funktion zum Speichern von Links und ein datenschutzorientiertes E-Mail-Relay gelobt, was es zu einer starken Alternative zu Chrome macht. - Zusätzliche Funktionen wie ein benutzerfreundliches Screenshot-Tool, ein ChatGPT-Button, Bild-in-Bild, anpassbare Suchoptionen und sanftes Scrollen verbessern das Surferlebnis. - Obwohl Firefox die Web-App-Funktion von Chrome fehlt, machen sein durchdachtes Design und der reduzierte Ressourcenbedarf es für einige Benutzer zur bevorzugten Wahl.“
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Z„Ich bin zu Firefox gewechselt und habe nie zurückgeblickt.“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Sonos-CEO tritt nach Debakel mit App-Update zurück“]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Z„Sonos-CEO tritt nach Debakel mit App-Update zurück“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Im Bauch des MrBeast“]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Z„Im Bauch des MrBeast“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„GitHub-Git-Operationen sind ausgefallen“]]> + +
  • „GitHub erlebte am 13. Januar 2025 einen Ausfall der Git-Operationen aufgrund einer Konfigurationsänderung, die den internen Load Balancer betraf und von 23:35 bis 00:24 UTC andauerte. - Das Problem wurde durch Rückgängigmachen der Konfigurationsänderung behoben, und GitHub arbeitet daran, die Überwachungs- und Bereitstellungsprozesse zu verbessern, um ähnliche Vorfälle zu verhindern. - Der Ausfall betraf auch die Dienste GitHub Actions und Pages, was die miteinander verbundene Natur ihrer Plattformdienste verdeutlicht.“
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000Z„GitHub-Git-Operationen sind ausgefallen“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„ZFS 2.3 veröffentlicht mit ZFS raidz-Erweiterung“]]> + +
  • „OpenZFS 2.3.0 wurde veröffentlicht und führt bedeutende Funktionen wie RAIDZ-Erweiterung, schnelle Deduplizierung, direkte Ein-/Ausgabe, JSON-Ausgabe und Unterstützung für lange Dateinamen ein. - Die Veröffentlichung umfasst wesentliche Fehlerbehebungen und Leistungsverbesserungen, die mit Linux-Kernen 4.18 - 6.12 und FreeBSD-Versionen 13.3, 14.0 - 14.2 kompatibel sind. - Das Update ist eine gemeinsame Anstrengung von 134 Mitwirkenden, mit umfassender Dokumentation und einem Änderungsprotokoll zur Überprüfung.“
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000Z„ZFS 2.3 veröffentlicht mit ZFS raidz-Erweiterung“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Webtop – Alpine-, Ubuntu-, Fedora- und Arch-Container mit vollständigen Desktop-Umgebungen“]]> + +
  • „Linuxserver/webtop bietet Container basierend auf Alpine, Ubuntu, Fedora und Arch mit vollständigen Desktop-Umgebungen, die über Webbrowser zugänglich sind und sowohl die x86-64- als auch die arm64-Architekturen unterstützen.“
    • +
  • „Benutzer können aus verschiedenen Desktop-Umgebungen wie XFCE, KDE, MATE, i3, Openbox und IceWM auswählen, indem sie spezifische Image-Tags verwenden und über festgelegte URLs auf den Webtop zugreifen.“
    • +
  • „Sicherheitsfunktionen umfassen die seccomp-Option von Docker und die Einrichtung der Authentifizierung, mit Anpassungsoptionen über Umgebungsvariablen und Unterstützung für GPU-Beschleunigung mit Open-Source-Treibern.“
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000Z„Webtop – Alpine-, Ubuntu-, Fedora- und Arch-Container mit vollständigen Desktop-Umgebungen“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„1 von 5 Online-Stellenanzeigen ist entweder gefälscht oder wird nie besetzt, wie eine Studie herausfand.“]]> + +
  • „Eine aktuelle Studie zeigt, dass 20 % der Online-Stellenanzeigen entweder gefälscht sind oder unbesetzt bleiben, was die Frustration der Arbeitssuchenden erhöht. - Dieser Trend der „Geisterjobs“ könnte eine Taktik von Unternehmen sein, um ein Wachstumsbild zu projizieren. - Jobplattformen wie Greenhouse und LinkedIn haben Jobverifizierungsdienste eingeführt, um Nutzern bei der Identifizierung echter Jobmöglichkeiten zu helfen.“
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z„1 von 5 Online-Stellenanzeigen ist entweder gefälscht oder wird nie besetzt, wie eine Studie herausfand.“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Eine Kreuzung unsicher für Fußgänger machen, um Fahrern Sekunden zu sparen“]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Z„Eine Kreuzung unsicher für Fußgänger machen, um Fahrern Sekunden zu sparen“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„PostgreSQL ist das Datenbankverwaltungssystem des Jahres 2024“]]> + +
  • „PostgreSQL wurde von DB-Engines zum DBMS des Jahres 2024 gekürt und hat diese Auszeichnung zum fünften Mal erhalten, wobei es 423 andere Datenbankmanagementsysteme übertroffen hat.“
    • +
  • „PostgreSQL, mit einer Geschichte von fast 35 Jahren, setzt seine Innovationen fort, wie in den jüngsten Verbesserungen von PostgreSQL 17 zu sehen ist, das im September 2024 veröffentlicht wurde.“
    • +
  • „Snowflake und Microsoft sicherten sich den zweiten bzw. dritten Platz, wobei Snowflake für seine cloudbasierte Datenlagerung und Multi-Cloud-Unterstützung bekannt ist, während Microsoft über Azure SQL Database und SQL Server robuste verwaltete relationale Datenbanken anbietet.“
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000Z„PostgreSQL ist das Datenbankverwaltungssystem des Jahres 2024“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Googles OAuth-Login schützt nicht vor dem Kauf einer gescheiterten Startup-Domain“]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Z„Googles OAuth-Login schützt nicht vor dem Kauf einer gescheiterten Startup-Domain“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Mit Programmierkenntnissen passives Einkommen erzielen“]]> + +
  • „Der Autor wechselte von einer CTO-Rolle zu einem Solopreneur und verdiente erfolgreich mehr durch ein Portfolio von Softwareprodukten.“
    • +
  • „Zu den wichtigsten Strategien gehören der Fokus auf tiefgehende Arbeit, der Beginn mit kleinen Projekten, schnelles Iterieren und die Widmung von Zeit für Marketingbemühungen.“
    • +
  • „Die Reise betont die Widerstandsfähigkeit angesichts von Unsicherheiten, hebt jedoch die unvergleichliche Autonomie und Freiheit dieses Karrierewegs hervor und ermutigt diejenigen mit Programmierkenntnissen, ihn für passives Einkommen in Betracht zu ziehen.“
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Z„Mit Programmierkenntnissen passives Einkommen erzielen“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Spanien schlägt 100% Steuer auf von Nicht-EU-Bürgern gekaufte Immobilien vor“]]> + +
  • „Spanien erwägt eine 100%ige Steuer auf Immobilienkäufe durch Nicht-EU-Bürger, um die Wohnungsnot zu bekämpfen und spekulative Käufe einzudämmen.“
    • +
  • „Der Vorschlag von Premierminister Pedro Sánchez umfasst die Ausweitung des sozialen Wohnungsbaus und die Regulierung von Touristenvermietungen, um das Ungleichgewicht zwischen Wohnungspreisen und Einkommen anzugehen.“
    • +
  • „Die Zukunft des Vorschlags als Gesetz ist ungewiss, da einige Analysten ihn eher als Abschreckung für ausländische Investoren denn als garantierte gesetzliche Änderung betrachten.“
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Z„Spanien schlägt 100% Steuer auf von Nicht-EU-Bürgern gekaufte Immobilien vor“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Apple wird bald 'Made in America'-Chips aus der TSMC-Fabrik in Arizona erhalten.“]]> + +
  • „Apple testet Prozessoren aus TSMCs Anlage in Arizona und plant die Massenproduktion bis zum ersten Quartal, was TSMC möglicherweise zum ersten US-Kunden für lokal hergestellte Chips machen könnte. - Diese Initiative zielt darauf ab, die Unabhängigkeit der USA im Bereich Silizium zu stärken und die Abhängigkeit von Taiwan zu verringern, das anfällig für geopolitische und natürliche Risiken ist. - TSMCs Fabrik in Arizona soll fortschrittliche 3nm- und 2nm-Chips produzieren, mit laufenden Bemühungen zur Verbesserung der lokalen Rekrutierung und Partnerschaften mit US-Universitäten, obwohl die Verpackung zunächst in Taiwan erfolgen wird, bis die Anlage in Peoria betriebsbereit ist.“
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Z„Apple wird bald 'Made in America'-Chips aus der TSMC-Fabrik in Arizona erhalten.“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„43.000 weniger Fahrer auf den Straßen Manhattans, nachdem die Staugebühr aktiviert wurde“]]> + +
  • „Nach der Einführung der Staugebühr gab es einen Rückgang von 7,5 % bei den Fahrern, die unterhalb der 60. Straße nach Manhattan einfahren, was 43.000 weniger Fahrer an jedem Wochentag entspricht.“
    • +
  • „Die Verringerung des Verkehrs hat den Verkehrsfluss verbessert und die Busgeschwindigkeiten erhöht, wobei einige Expressbusse eine höhere Fahrgastzahl verzeichnen.“
    • +
  • „Die Metropolitan Transportation Authority (MTA) verwendet die Mauterlöse, die auf jährlich 500 Millionen Dollar geschätzt werden, für Verbesserungen im öffentlichen Nahverkehr, trotz einiger politischer Opposition.“
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z„43.000 weniger Fahrer auf den Straßen Manhattans, nachdem die Staugebühr aktiviert wurde“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Das herausragende Merkmal von Uv ist die einfache Erstellung von Ad-hoc-Umgebungen.“]]> @@ -1185,62 +1385,5 @@ 2025-01-05T00:00:00.000Z„Guten: Ein winziger Zeitungsdrucker“ Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[„Selbstfahrender Volvo 1993 mit Open Pilot“]]> - -
  • „Eine Gruppe von Freunden nahm an der Carbage Run 2025 Winterausgabe teil, einer 6-tägigen Rallye durch Schweden bis zum Polarkreis und zurück nach Helsinki, bei der die Autos mindestens 20 Jahre alt sein und einen Wert von unter 1000 € haben mussten.“
    • -
  • „Sie verwandelten einen Volvo 940 Estate von 1993 in ein selbstfahrendes Fahrzeug, indem sie openpilot von comma.ai verwendeten und moderne Komponenten wie eine elektrische Servolenkung, einen Bosch iBooster und einen Tesla-Radarsensor integrierten.“
    • -
  • „Zukünftige Updates werden Details zur Verkabelung, einer kundenspezifischen Motorsteuerungseinheit (ECU) und Pläne zur Open-Source-Veröffentlichung des Codes enthalten, was den innovativen Ansatz des Projekts zur Nachrüstung älterer Fahrzeuge mit autonomer Technologie hervorhebt.“
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z„Selbstfahrender Volvo 1993 mit Open Pilot“ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„VoxelSpace: Terrain-Rendering-Algorithmus in weniger als 20 Zeilen Code (2020)“]]> - -
  • „Das 1992 von NovaLogic veröffentlichte Spiel Comanche nutzte die Voxel Space-Engine, eine 2.5D-Rendering-Technik, die auf Raycasting basiert, um detaillierte Landschaften mit Schattierungen und Schatten zu erstellen.“
    • -
  • „Die Voxel Space-Engine verwendete Höhen- und Farbkarten sowie einen einfachen Rendering-Algorithmus, der vertikale Linien von hinten nach vorne zeichnete und für die Leistung optimiert werden konnte.“
    • -
  • „Der Code des Motors ist unter der MIT-Lizenz verfügbar, aber die Technologie könnte in bestimmten Regionen dennoch patentiert sein.“
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000Z„VoxelSpace: Terrain-Rendering-Algorithmus in weniger als 20 Zeilen Code (2020)“ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Wie man eine Umrisslinie in einem Videospiel zeichnet“]]> - -
  • „Der Artikel behandelt fünf Techniken zur Darstellung von Umrissen in Unity, einer beliebten Spieleentwicklungsplattform, und hebt deren Verwendung in Spielen wie Sable und The Last of Us hervor. - Zu den Techniken gehören Rand-Effekte, Vertex-Extrusion, verschwommener Puffer, Jump-Flood-Algorithmus und Kantenerkennung, die jeweils einzigartige Vorteile und Kompromisse in Bezug auf Leistung und visuelle Qualität bieten. - Der Artikel bietet Einblicke in die Balance dieser Methoden für optimale Spielästhetik und Gameplay-Unterstützung, mit zusätzlichen Ressourcen und Danksagungen für 3D-Modelle.“
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Z„Wie man eine Umrisslinie in einem Videospiel zeichnet“ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Ich kündige bei der Washington Post“]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Z„Ich kündige bei der Washington Post“ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Perplexity hat Werbung bekommen“]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Z„Perplexity hat Werbung bekommen“ - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/el.xml b/static/rss/story/el.xml index 63edc0035..c9215768d 100644 --- a/static/rss/story/el.xml +++ b/static/rss/story/el.xml @@ -15,13 +15,215 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 <![CDATA[Ερευνητής ασφαλείας της Snyk αναπτύσσει κακόβουλα πακέτα NPM που στοχεύουν το cursor.com]]> + +
  • Ένας ερευνητής ασφαλείας της Snyk κυκλοφόρησε κακόβουλα πακέτα NPM που στοχεύουν την Cursor.com, μια εταιρεία κωδικοποίησης AI, για να συλλέξει δεδομένα συστήματος και να τα στείλει σε μια υπηρεσία που ελέγχεται από επιτιθέμενο.
    • +
  • Τα πακέτα, που αναγνωρίστηκαν ως "cursor-retrieval," "cursor-always-local," και "cursor-shadow-workspace," επισημάνθηκαν από τον σαρωτή ανάλυσης πακέτων OpenSSF, με αποτέλεσμα τις συμβουλές MAL-2025-27, MAL-2025-28, και MAL-2025-29.
    • +
  • Αυτό το περιστατικό υπογραμμίζει τη σημασία της προσεκτικής εξέτασης των πακέτων NPM πριν από την εγκατάσταση για την αποφυγή πιθανών απειλών ασφαλείας.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZΕρευνητής ασφαλείας της Snyk αναπτύσσει κακόβουλα πακέτα NPM που στοχεύουν το cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Άλλαξα σε Firefox και δεν κοίταξα ποτέ πίσω]]> + +
  • Ο Firefox επαινείται για την ανώτερη διαχείριση καρτελών, τη λειτουργία Pocket για αποθήκευση συνδέσμων και την εστιασμένη στην ιδιωτικότητα υπηρεσία αναμετάδοσης email, καθιστώντας τον μια ισχυρή εναλλακτική λύση στο Chrome. - Πρόσθετα χαρακτηριστικά όπως το φιλικό προς τον χρήστη εργαλείο λήψης στιγμιότυπων, το κουμπί ChatGPT, η λειτουργία Picture-in-Picture, οι προσαρμόσιμες επιλογές αναζήτησης και η ομαλή κύλιση βελτιώνουν την εμπειρία περιήγησης. - Αν και ο Firefox στερείται της δυνατότητας web app του Chrome, ο προσεκτικός σχεδιασμός του και οι μειωμένες απαιτήσεις πόρων τον καθιστούν προτιμώμενη επιλογή για ορισμένους χρήστες.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZΆλλαξα σε Firefox και δεν κοίταξα ποτέ πίσω + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Ο Διευθύνων Σύμβουλος της Sonos παραιτείται μετά από το φιάσκο της ενημέρωσης της εφαρμογής]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZΟ Διευθύνων Σύμβουλος της Sonos παραιτείται μετά από το φιάσκο της ενημέρωσης της εφαρμογής + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Στην κοιλιά του MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZΣτην κοιλιά του MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Οι λειτουργίες Git στο GitHub είναι εκτός λειτουργίας]]> + +
  • Η GitHub αντιμετώπισε διακοπή λειτουργίας των Git operations στις 13 Ιανουαρίου 2025, λόγω αλλαγής διαμόρφωσης που επηρέασε τον εσωτερικό εξισορροπιστή φορτίου, διαρκώντας από τις 23:35 έως τις 00:24 UTC. - Το πρόβλημα επιλύθηκε με την επαναφορά της αλλαγής διαμόρφωσης, και η GitHub εργάζεται για τη βελτίωση των διαδικασιών παρακολούθησης και ανάπτυξης για την αποτροπή παρόμοιων περιστατικών. - Η διακοπή επηρέασε επίσης τις υπηρεσίες Actions και Pages της GitHub, υπογραμμίζοντας τη διασυνδεδεμένη φύση των υπηρεσιών της πλατφόρμας τους.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZΟι λειτουργίες Git στο GitHub είναι εκτός λειτουργίας + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Κυκλοφόρησε το ZFS 2.3 με επέκταση ZFS raidz]]> + +
  • Η έκδοση OpenZFS 2.3.0 έχει κυκλοφορήσει, εισάγοντας σημαντικά χαρακτηριστικά όπως την επέκταση RAIDZ, την ταχεία αποαναπαραγωγή, την άμεση είσοδο/έξοδο, την έξοδο JSON και την υποστήριξη για μακρά ονόματα αρχείων. - Η έκδοση περιλαμβάνει βασικές διορθώσεις σφαλμάτων και βελτιώσεις απόδοσης, συμβατή με πυρήνες Linux 4.18 - 6.12 και εκδόσεις FreeBSD 13.3, 14.0 - 14.2. - Η ενημέρωση είναι αποτέλεσμα συνεργασίας 134 συνεισφερόντων, με πλήρη τεκμηρίωση και αρχείο αλλαγών διαθέσιμα για ανασκόπηση.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZΚυκλοφόρησε το ZFS 2.3 με επέκταση ZFS raidz + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Κοντέινερ Alpine, Ubuntu, Fedora και Arch που περιέχουν πλήρη περιβάλλοντα επιφάνειας εργασίας]]> + +
  • Το Linuxserver/webtop παρέχει κοντέινερ βασισμένα σε Alpine, Ubuntu, Fedora και Arch με πλήρη περιβάλλοντα επιφάνειας εργασίας προσβάσιμα μέσω προγραμμάτων περιήγησης ιστού, υποστηρίζοντας τόσο τις αρχιτεκτονικές x86-64 όσο και arm64.
    • +
  • Οι χρήστες μπορούν να επιλέξουν από διάφορα περιβάλλοντα επιφάνειας εργασίας όπως τα XFCE, KDE, MATE, i3, Openbox και IceWM χρησιμοποιώντας συγκεκριμένες ετικέτες εικόνας, και να έχουν πρόσβαση στο Webtop μέσω καθορισμένων URLs.
    • +
  • Τα χαρακτηριστικά ασφαλείας περιλαμβάνουν την επιλογή seccomp του Docker και τη ρύθμιση αυθεντικοποίησης, με διαθέσιμες επιλογές προσαρμογής μέσω μεταβλητών περιβάλλοντος, καθώς και υποστήριξη για επιτάχυνση GPU με ανοιχτού κώδικα οδηγούς.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Κοντέινερ Alpine, Ubuntu, Fedora και Arch που περιέχουν πλήρη περιβάλλοντα επιφάνειας εργασίας + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 στις 5 διαδικτυακές αγγελίες εργασίας είναι είτε ψεύτικες είτε δεν καλύπτονται ποτέ, σύμφωνα με μελέτη.]]> + +
  • Μια πρόσφατη μελέτη δείχνει ότι το 20% των διαδικτυακών αγγελιών εργασίας είναι είτε ψεύτικες είτε παραμένουν κενές, προσθέτοντας στην απογοήτευση των αναζητούντων εργασία. - Αυτή η τάση των "φανταστικών θέσεων εργασίας" μπορεί να είναι μια τακτική για τις εταιρείες να προβάλλουν μια εικόνα ανάπτυξης. - Πλατφόρμες εργασίας όπως το Greenhouse και το LinkedIn έχουν εισαγάγει υπηρεσίες επαλήθευσης θέσεων εργασίας για να βοηθήσουν τους χρήστες να εντοπίζουν αυθεντικές ευκαιρίες εργασίας.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 στις 5 διαδικτυακές αγγελίες εργασίας είναι είτε ψεύτικες είτε δεν καλύπτονται ποτέ, σύμφωνα με μελέτη. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Κάνοντας μια διασταύρωση επικίνδυνη για τους πεζούς για να εξοικονομηθούν δευτερόλεπτα για τους οδηγούς]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZΚάνοντας μια διασταύρωση επικίνδυνη για τους πεζούς για να εξοικονομηθούν δευτερόλεπτα για τους οδηγούς + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Το PostgreSQL είναι το Σύστημα Διαχείρισης Βάσεων Δεδομένων της Χρονιάς 2024]]> + +
  • Η PostgreSQL έχει βραβευτεί ως το DBMS της Χρονιάς 2024 από την DB-Engines, επιτυγχάνοντας αυτή την αναγνώριση για πέμπτη φορά, ξεπερνώντας 423 άλλα συστήματα διαχείρισης βάσεων δεδομένων.
    • +
  • Το PostgreSQL, με ιστορία που εκτείνεται σχεδόν 35 χρόνια, συνεχίζει να καινοτομεί, όπως φαίνεται στις πρόσφατες βελτιώσεις του PostgreSQL 17, που κυκλοφόρησε τον Σεπτέμβριο του 2024.
    • +
  • Η Snowflake και η Microsoft κατέλαβαν τη δεύτερη και τρίτη θέση, αντίστοιχα, με τη Snowflake να σημειώνεται για την αποθήκευση δεδομένων στο cloud και την υποστήριξη πολλαπλών cloud, ενώ η Microsoft προσφέρει ισχυρές διαχειριζόμενες σχεσιακές βάσεις δεδομένων μέσω του Azure SQL Database και του SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZΤο PostgreSQL είναι το Σύστημα Διαχείρισης Βάσεων Δεδομένων της Χρονιάς 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Η σύνδεση μέσω OAuth της Google δεν προστατεύει από την αγορά ενός domain αποτυχημένης startup.]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZΗ σύνδεση μέσω OAuth της Google δεν προστατεύει από την αγορά ενός domain αποτυχημένης startup. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Χρησιμοποιώντας δεξιότητες προγραμματισμού για να δημιουργήσετε παθητικό εισόδημα]]> + +
  • Ο συγγραφέας μεταπήδησε από τη θέση του CTO σε έναν ρόλο solopreneur, κερδίζοντας επιτυχώς περισσότερα μέσω ενός χαρτοφυλακίου λογισμικών προϊόντων.
    • +
  • Οι βασικές στρατηγικές περιλαμβάνουν την εστίαση σε βαθιά εργασία, την έναρξη με μικρά έργα, την ταχεία επανάληψη και την αφιέρωση χρόνου στις προσπάθειες μάρκετινγκ.
    • +
  • Το ταξίδι δίνει έμφαση στην ανθεκτικότητα λόγω των αβεβαιοτήτων, αλλά υπογραμμίζει την απαράμιλλη αυτονομία και ελευθερία αυτής της επαγγελματικής πορείας, ενθαρρύνοντας όσους έχουν δεξιότητες προγραμματισμού να τη σκεφτούν για παθητικό εισόδημα.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZΧρησιμοποιώντας δεξιότητες προγραμματισμού για να δημιουργήσετε παθητικό εισόδημα + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Η Ισπανία προτείνει φόρο 100% στα σπίτια που αγοράζονται από κατοίκους εκτός ΕΕ]]> + +
  • Η Ισπανία εξετάζει την επιβολή φόρου 100% στις αγορές ακινήτων από κατοίκους εκτός ΕΕ, με στόχο την αντιμετώπιση της στεγαστικής κρίσης και τον περιορισμό των κερδοσκοπικών αγορών.
    • +
  • Η πρόταση του Πρωθυπουργού Πέδρο Σάντσεθ περιλαμβάνει την επέκταση της κοινωνικής στέγασης και τη ρύθμιση των τουριστικών ενοικιάσεων για την αντιμετώπιση της ανισότητας μεταξύ των τιμών των κατοικιών και των εισοδημάτων.
    • +
  • Το μέλλον της πρότασης ως νόμος είναι αβέβαιο, με ορισμένους αναλυτές να τη θεωρούν ως αποτρεπτικό παράγοντα για ξένους επενδυτές παρά ως εγγυημένη νομοθετική αλλαγή.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZΗ Ισπανία προτείνει φόρο 100% στα σπίτια που αγοράζονται από κατοίκους εκτός ΕΕ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Η Apple σύντομα θα παραλάβει τσιπ 'κατασκευασμένα στην Αμερική' από το εργοστάσιο της TSMC στην Αριζόνα.]]> + +
  • Η Apple δοκιμάζει επεξεργαστές από την εγκατάσταση της TSMC στην Αριζόνα, με σχέδια για μαζική παραγωγή μέχρι το πρώτο τρίμηνο, ενδεχομένως να γίνει ο πρώτος πελάτης της TSMC στις Η.Π.Α. για τοπικά κατασκευασμένα τσιπ. - Αυτή η πρωτοβουλία στοχεύει στην ενίσχυση της ανεξαρτησίας των Η.Π.Α. στον τομέα του πυριτίου, μειώνοντας την εξάρτηση από την Ταϊβάν, η οποία είναι ευάλωτη σε γεωπολιτικούς και φυσικούς κινδύνους. - Το εργοστάσιο της TSMC στην Αριζόνα πρόκειται να παράγει προηγμένα τσιπ 3nm και 2nm, με συνεχιζόμενες προσπάθειες για ενίσχυση της τοπικής πρόσληψης και συνεργασίες με πανεπιστήμια των Η.Π.Α., αν και η συσκευασία θα πραγματοποιείται αρχικά στην Ταϊβάν μέχρι να λειτουργήσει η εγκατάσταση στην Peoria.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZΗ Apple σύντομα θα παραλάβει τσιπ 'κατασκευασμένα στην Αμερική' από το εργοστάσιο της TSMC στην Αριζόνα. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43.000 λιγότεροι οδηγοί στους δρόμους του Μανχάταν μετά την ενεργοποίηση της χρέωσης συμφόρησης]]> + +
  • Μετά την εφαρμογή της τιμολόγησης συμφόρησης, υπήρξε μείωση κατά 7,5% των οδηγών που εισέρχονται στο Μανχάταν κάτω από την 60η Οδό, που ισοδυναμεί με 43.000 λιγότερους οδηγούς κάθε καθημερινή.
    • +
  • Η μείωση της κυκλοφορίας έχει βελτιώσει τη ροή της κυκλοφορίας και αυξήσει τις ταχύτητες των λεωφορείων, με ορισμένα λεωφορεία express να παρουσιάζουν αυξημένη επιβατική κίνηση.
    • +
  • Η Μητροπολιτική Αρχή Μεταφορών (MTA) χρησιμοποιεί τα έσοδα από τα διόδια, που εκτιμώνται σε 500 εκατομμύρια δολάρια ετησίως, για βελτιώσεις στις μεταφορές, παρά την πολιτική αντίθεση.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43.000 λιγότεροι οδηγοί στους δρόμους του Μανχάταν μετά την ενεργοποίηση της χρέωσης συμφόρησης + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Το χαρακτηριστικό-κλειδί του Uv είναι ότι καθιστά εύκολη τη δημιουργία πρόχειρων περιβαλλόντων.]]> @@ -1184,62 +1386,5 @@ 2025-01-05T00:00:00.000ZΟ Guten: Ένας Μικρός Εκτυπωτής Εφημερίδων Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Αυτοοδηγούμενο Volvo του 1993 με ανοιχτό πιλότο]]> - -
  • Μια ομάδα φίλων συμμετείχε στην Χειμερινή έκδοση του Carbage Run 2025, έναν 6ήμερο αγώνα ράλι μέσω της Σουηδίας προς τον πολικό κύκλο και πίσω στο Ελσίνκι, απαιτώντας τα αυτοκίνητα να είναι τουλάχιστον 20 ετών και να έχουν αξία κάτω από €1000.
    • -
  • Μετέτρεψαν ένα Volvo 940 Estate του 1993 σε αυτοκινούμενο όχημα χρησιμοποιώντας το openpilot από την comma.ai, ενσωματώνοντας σύγχρονα εξαρτήματα όπως ηλεκτρικό τιμόνι, ένα Bosch iBooster και έναν αισθητήρα ραντάρ από Tesla.
    • -
  • Οι μελλοντικές ενημερώσεις θα περιλαμβάνουν λεπτομέρειες για την καλωδίωση, μια προσαρμοσμένη Μονάδα Ελέγχου Κινητήρα (ECU) και σχέδια για την ανοιχτή διάθεση του κώδικα, υπογραμμίζοντας την καινοτόμο προσέγγιση του έργου για την αναβάθμιση παλαιότερων οχημάτων με αυτόνομη τεχνολογία.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZΑυτοοδηγούμενο Volvo του 1993 με ανοιχτό πιλότο - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Αλγόριθμος απόδοσης εδάφους σε λιγότερες από 20 γραμμές κώδικα (2020)]]> - -
  • Το παιχνίδι Comanche της NovaLogic το 1992 χρησιμοποίησε τη μηχανή Voxel Space, μια τεχνική απόδοσης 2.5D βασισμένη στο ray casting, για να δημιουργήσει λεπτομερείς τοπογραφίες με σκίαση και σκιές.
    • -
  • Η μηχανή Voxel Space χρησιμοποιούσε χάρτες ύψους και χρώματος και έναν απλό αλγόριθμο απόδοσης, σχεδιάζοντας κάθετες γραμμές από πίσω προς τα εμπρός, που μπορούσαν να βελτιστοποιηθούν για απόδοση.
    • -
  • Ο κώδικας της μηχανής είναι διαθέσιμος υπό την άδεια MIT, αλλά η τεχνολογία μπορεί να είναι ακόμα κατοχυρωμένη με δίπλωμα ευρεσιτεχνίας σε ορισμένες περιοχές.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Αλγόριθμος απόδοσης εδάφους σε λιγότερες από 20 γραμμές κώδικα (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Πώς να σχεδιάσετε ένα περίγραμμα σε ένα βιντεοπαιχνίδι]]> - -
  • Το άρθρο συζητά πέντε τεχνικές για την απόδοση περιγραμμάτων στο Unity, μια δημοφιλή πλατφόρμα ανάπτυξης παιχνιδιών, επισημαίνοντας τη χρήση τους σε παιχνίδια όπως το Sable και το The Last of Us. - Οι τεχνικές περιλαμβάνουν Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm και Edge Detection, καθεμία με μοναδικά πλεονεκτήματα και συμβιβασμούς όσον αφορά την απόδοση και την οπτική ποιότητα. - Το άρθρο παρέχει πληροφορίες για την εξισορρόπηση αυτών των μεθόδων για βέλτιστη αισθητική παιχνιδιού και υποστήριξη παιχνιδιού, με επιπλέον πόρους και πιστώσεις για 3D μοντέλα που περιλαμβάνονται.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZΠώς να σχεδιάσετε ένα περίγραμμα σε ένα βιντεοπαιχνίδι - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Παρατάω την Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZΠαρατάω την Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Η Perplexity απέκτησε διαφημίσεις]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZΗ Perplexity απέκτησε διαφημίσεις - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/en.xml b/static/rss/story/en.xml index 4179fc155..df0a91075 100644 --- a/static/rss/story/en.xml +++ b/static/rss/story/en.xml @@ -15,11 +15,199 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[Snyk security researcher deploys malicious NPM packages targeting cursor.com]]> + +
  • A Snyk security researcher released malicious NPM packages targeting Cursor.com, an AI coding company, to collect system data and send it to an attacker-controlled service.
    • +
  • The packages, identified as "cursor-retrieval," "cursor-always-local," and "cursor-shadow-workspace," were flagged by the OpenSSF package analysis scanner, resulting in advisories MAL-2025-27, MAL-2025-28, and MAL-2025-29.
    • +
  • This incident highlights the importance of scrutinizing NPM packages before installation to avoid potential security threats.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZSnyk security researcher deploys malicious NPM packages targeting cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[I Switched to Firefox and Never Looked Back]]> + +
  • Firefox is praised for its superior tab management, built-in Pocket feature for saving links, and a privacy-focused email relay, making it a strong alternative to Chrome. - Additional features like a user-friendly screenshot tool, a ChatGPT button, Picture-in-Picture, customizable search options, and smooth scrolling enhance the browsing experience. - Although Firefox lacks Chrome's web app feature, its thoughtful design and reduced resource demands make it a preferred choice for some users.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZI Switched to Firefox and Never Looked Back + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Sonos CEO steps down after app update debacle]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZSonos CEO steps down after app update debacle + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[In the belly of the MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZIn the belly of the MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[GitHub Git Operations Are Down]]> + +
  • GitHub faced a Git operations outage on January 13, 2025, due to a configuration change affecting the internal load balancer, lasting from 23:35 to 00:24 UTC. - The issue was resolved by reverting the configuration change, and GitHub is working on improving monitoring and deployment processes to prevent similar incidents. - The outage also affected GitHub's Actions and Pages services, highlighting the interconnected nature of their platform services.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZGitHub Git Operations Are Down + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 released with ZFS raidz expansion]]> + +
  • OpenZFS 2.3.0 has been released, introducing significant features such as RAIDZ Expansion, Fast Deduplication, Direct Input/Output, JSON output, and support for long file names. - The release includes essential bug fixes and performance enhancements, compatible with Linux kernels 4.18 - 6.12 and FreeBSD versions 13.3, 14.0 - 14.2. - The update is a collaborative effort from 134 contributors, with comprehensive documentation and a change log available for review.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 released with ZFS raidz expansion + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Alpine,Ubuntu,Fedora,and Arch containers containing full desktop envs]]> + +
  • Linuxserver/webtop provides containers based on Alpine, Ubuntu, Fedora, and Arch with full desktop environments accessible through web browsers, supporting both x86-64 and arm64 architectures.
    • +
  • Users can select from various desktop environments such as XFCE, KDE, MATE, i3, Openbox, and IceWM by using specific image tags, and access the Webtop via designated URLs.
    • +
  • Security features include Docker's seccomp option and authentication setup, with customization options available through environment variables, and support for GPU acceleration with open-source drivers.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Alpine,Ubuntu,Fedora,and Arch containers containing full desktop envs + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 in 5 online job postings are either fake or never filled, study finds]]> + +
  • A recent study indicates that 20% of online job postings are either fake or remain unfilled, adding to job seekers' frustration. - This "ghost job" trend might be a tactic for companies to project an image of growth. - Job platforms such as Greenhouse and LinkedIn have introduced job verification services to assist users in identifying genuine job opportunities.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 in 5 online job postings are either fake or never filled, study finds + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Making an intersection unsafe for pedestrians to save seconds for drivers]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZMaking an intersection unsafe for pedestrians to save seconds for drivers + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL is the Database Management System of the Year 2024]]> + +
  • PostgreSQL has been awarded DBMS of the Year 2024 by DB-Engines, achieving this recognition for the fifth time, surpassing 423 other database management systems.
    • +
  • PostgreSQL, with a history spanning nearly 35 years, continues to innovate, as seen in the recent enhancements of PostgreSQL 17, released in September 2024.
    • +
  • Snowflake and Microsoft secured second and third places, respectively, with Snowflake noted for its cloud-based data warehousing and multi-cloud support, while Microsoft offers robust managed relational databases through Azure SQL Database and SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL is the Database Management System of the Year 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Google’s OAuth login doesn’t protect against purchasing a failed startup domain]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZGoogle’s OAuth login doesn’t protect against purchasing a failed startup domain + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Using coding skills to make passive income]]> + +
  • The author transitioned from a CTO role to a solopreneur, successfully earning more through a portfolio of software products.
    • +
  • Key strategies include focusing on deep work, starting with small projects, iterating quickly, and dedicating time to marketing efforts.
    • +
  • The journey emphasizes resilience due to uncertainties, but highlights the unmatched autonomy and freedom of this career path, encouraging those with coding skills to consider it for passive income.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZUsing coding skills to make passive income + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Spain proposes 100% tax on homes bought by non-EU residents]]> + +
  • Spain is considering a 100% tax on real estate purchases by non-EU residents, aiming to address the housing crisis and curb speculative buying.
    • +
  • Prime Minister Pedro Sánchez's proposal includes expanding social housing and regulating tourist rentals to tackle the disparity between housing prices and incomes.
    • +
  • The proposal's future as law is uncertain, with some analysts viewing it as a deterrent to foreign investors rather than a guaranteed legislative change.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZSpain proposes 100% tax on homes bought by non-EU residents + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple will soon receive 'made in America' chips from TSMC's Arizona fab]]> + +
  • Apple is testing processors from TSMC's Arizona facility, with plans for mass production by the first quarter, potentially becoming TSMC's first U.S. customer for locally manufactured chips. - This initiative aims to bolster U.S. silicon independence, reducing dependency on Taiwan, which is vulnerable to geopolitical and natural risks. - TSMC's Arizona fab is set to produce advanced 3nm and 2nm chips, with ongoing efforts to enhance local recruitment and partnerships with U.S. universities, although packaging will initially occur in Taiwan until the Peoria facility is operational.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple will soon receive 'made in America' chips from TSMC's Arizona fab + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43K fewer drivers on Manhattan roads after congestion pricing turned on]]> + +
  • After congestion pricing was implemented, there was a 7.5% reduction in drivers entering Manhattan below 60th Street, equating to 43,000 fewer drivers each weekday.
    • +
  • The reduction in traffic has improved traffic flow and increased bus speeds, with some express buses experiencing higher ridership.
    • +
  • The Metropolitan Transportation Authority (MTA) uses the toll revenue, estimated at $500 million annually, for transit improvements, despite some political opposition.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43K fewer drivers on Manhattan roads after congestion pricing turned on + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Uv's killer feature is making ad-hoc environments easy]]> 2025-01-05T00:00:00.000ZGuten: A Tiny Newspaper Printer Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Self driving 1993 Volvo with open pilot]]> - -
  • A group of friends participated in the Carbage Run 2025 Winter edition, a 6-day rally through Sweden to the polar circle and back to Helsinki, requiring cars to be at least 20 years old and valued under €1000.
    • -
  • They transformed a 1993 Volvo 940 Estate into a self-driving vehicle using openpilot from comma.ai, incorporating modern components like electric power steering, a Bosch iBooster, and a Tesla radar sensor.
    • -
  • Future updates will include details on wiring, a custom Engine Control Unit (ECU), and plans to open-source the code, highlighting the project's innovative approach to retrofitting older vehicles with autonomous technology.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZSelf driving 1993 Volvo with open pilot - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Terrain rendering algorithm in less than 20 lines of code (2020)]]> - -
  • NovaLogic's 1992 game Comanche utilized the Voxel Space engine, a 2.5D rendering technique based on ray casting, to create detailed terrains with shading and shadows.
    • -
  • The Voxel Space engine used height and color maps and a simple rendering algorithm, drawing vertical lines from back to front, which could be optimized for performance.
    • -
  • The engine's code is available under the MIT license, but the technology may still be patented in certain regions.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Terrain rendering algorithm in less than 20 lines of code (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[How to draw an outline in a video game]]> - -
  • The article discusses five techniques for rendering outlines in Unity, a popular game development platform, highlighting their use in games like Sable and The Last of Us. - Techniques include Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm, and Edge Detection, each with unique advantages and trade-offs in terms of performance and visual quality. - The article provides insights into balancing these methods for optimal game aesthetics and gameplay support, with additional resources and credits for 3D models included.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZHow to draw an outline in a video game - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[I'm quitting the Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZI'm quitting the Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity got ads]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity got ads - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/es.xml b/static/rss/story/es.xml index ae4d7add7..76d5b4f48 100644 --- a/static/rss/story/es.xml +++ b/static/rss/story/es.xml @@ -15,11 +15,210 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[Snyk investigador de seguridad despliega paquetes NPM maliciosos dirigidos a cursor.com]]> + +
  • Un investigador de seguridad de Snyk lanzó paquetes NPM maliciosos dirigidos a Cursor.com, una empresa de codificación de IA, para recopilar datos del sistema y enviarlos a un servicio controlado por un atacante.
    • +
  • Los paquetes, identificados como "cursor-retrieval", "cursor-always-local" y "cursor-shadow-workspace", fueron señalados por el escáner de análisis de paquetes de OpenSSF, lo que resultó en las advertencias MAL-2025-27, MAL-2025-28 y MAL-2025-29.
    • +
  • Este incidente resalta la importancia de examinar los paquetes de NPM antes de la instalación para evitar posibles amenazas de seguridad.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZSnyk investigador de seguridad despliega paquetes NPM maliciosos dirigidos a cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[He cambiado a Firefox y nunca miré atrás]]> + +
  • Firefox es elogiado por su superior gestión de pestañas, la función integrada de Pocket para guardar enlaces y un servicio de retransmisión de correo electrónico enfocado en la privacidad, lo que lo convierte en una fuerte alternativa a Chrome. - Características adicionales como una herramienta de captura de pantalla fácil de usar, un botón de ChatGPT, Picture-in-Picture, opciones de búsqueda personalizables y un desplazamiento suave mejoran la experiencia de navegación. - Aunque Firefox carece de la función de aplicaciones web de Chrome, su diseño cuidadoso y la reducción en el consumo de recursos lo hacen una opción preferida para algunos usuarios.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZHe cambiado a Firefox y nunca miré atrás + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[El CEO de Sonos renuncia tras el fiasco de la actualización de la aplicación]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZEl CEO de Sonos renuncia tras el fiasco de la actualización de la aplicación + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[En el vientre del MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZEn el vientre del MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Las operaciones de Git en GitHub están caídas]]> + +
  • GitHub enfrentó una interrupción de operaciones de Git el 13 de enero de 2025, debido a un cambio de configuración que afectó al equilibrador de carga interno, que duró desde las 23:35 hasta las 00:24 UTC. - El problema se resolvió revirtiendo el cambio de configuración, y GitHub está trabajando en mejorar los procesos de monitoreo y despliegue para prevenir incidentes similares. - La interrupción también afectó a los servicios de Actions y Pages de GitHub, destacando la naturaleza interconectada de sus servicios de plataforma.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZLas operaciones de Git en GitHub están caídas + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 lanzado con expansión ZFS raidz]]> + +
  • OpenZFS 2.3.0 ha sido lanzado, introduciendo características significativas como la expansión RAIDZ, deduplicación rápida, entrada/salida directa, salida JSON y soporte para nombres de archivos largos. - La versión incluye correcciones de errores esenciales y mejoras de rendimiento, compatible con los núcleos de Linux 4.18 - 6.12 y las versiones de FreeBSD 13.3, 14.0 - 14.2. - La actualización es un esfuerzo colaborativo de 134 contribuyentes, con documentación completa y un registro de cambios disponible para revisión.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 lanzado con expansión ZFS raidz + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop: contenedores de Alpine, Ubuntu, Fedora y Arch que contienen entornos de escritorio completos]]> + +
  • Linuxserver/webtop proporciona contenedores basados en Alpine, Ubuntu, Fedora y Arch con entornos de escritorio completos accesibles a través de navegadores web, compatibles con arquitecturas x86-64 y arm64.
    • +
  • Los usuarios pueden seleccionar entre varios entornos de escritorio como XFCE, KDE, MATE, i3, Openbox e IceWM utilizando etiquetas de imagen específicas, y acceder al Webtop a través de URL designadas.
    • +
  • Las características de seguridad incluyen la opción seccomp de Docker y la configuración de autenticación, con opciones de personalización disponibles a través de variables de entorno, y soporte para aceleración de GPU con controladores de código abierto.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop: contenedores de Alpine, Ubuntu, Fedora y Arch que contienen entornos de escritorio completos + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 de cada 5 ofertas de trabajo en línea son falsas o nunca se cubren, según un estudio.]]> + +
  • Un estudio reciente indica que el 20% de las ofertas de trabajo en línea son falsas o permanecen sin cubrir, lo que aumenta la frustración de los buscadores de empleo. - Esta tendencia de "trabajos fantasma" podría ser una táctica de las empresas para proyectar una imagen de crecimiento. - Plataformas de empleo como Greenhouse y LinkedIn han introducido servicios de verificación de empleos para ayudar a los usuarios a identificar oportunidades laborales genuinas.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 de cada 5 ofertas de trabajo en línea son falsas o nunca se cubren, según un estudio. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Hacer una intersección insegura para los peatones para ahorrar segundos a los conductores]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZHacer una intersección insegura para los peatones para ahorrar segundos a los conductores + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL es el Sistema de Gestión de Bases de Datos del Año 2024]]> + +
  • PostgreSQL ha sido galardonado como el DBMS del Año 2024 por DB-Engines, logrando este reconocimiento por quinta vez, superando a otros 423 sistemas de gestión de bases de datos.
    • +
  • PostgreSQL, con una historia que abarca casi 35 años, sigue innovando, como se puede ver en las recientes mejoras de PostgreSQL 17, lanzado en septiembre de 2024.
    • +
  • Snowflake y Microsoft aseguraron el segundo y tercer lugar, respectivamente, con Snowflake destacado por su almacenamiento de datos en la nube y soporte multi-nube, mientras que Microsoft ofrece bases de datos relacionales administradas robustas a través de Azure SQL Database y SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL es el Sistema de Gestión de Bases de Datos del Año 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[El inicio de sesión de OAuth de Google no protege contra la compra de un dominio de startup fallida]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZEl inicio de sesión de OAuth de Google no protege contra la compra de un dominio de startup fallida + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Usar habilidades de codificación para generar ingresos pasivos]]> + +
  • El autor pasó de un rol de CTO a un solopreneur, ganando exitosamente más a través de una cartera de productos de software.
    • +
  • Las estrategias clave incluyen centrarse en el trabajo profundo, comenzar con proyectos pequeños, iterar rápidamente y dedicar tiempo a los esfuerzos de marketing.
    • +
  • La travesía enfatiza la resiliencia debido a las incertidumbres, pero destaca la autonomía y libertad incomparables de este camino profesional, animando a aquellos con habilidades de codificación a considerarlo para obtener ingresos pasivos.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZUsar habilidades de codificación para generar ingresos pasivos + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[España propone un impuesto del 100% sobre las viviendas compradas por residentes no pertenecientes a la UE]]> + +
  • España está considerando un impuesto del 100% sobre las compras de bienes raíces por parte de residentes no pertenecientes a la UE, con el objetivo de abordar la crisis de vivienda y frenar la compra especulativa.
    • +
  • La propuesta del Primer Ministro Pedro Sánchez incluye la expansión de la vivienda social y la regulación de los alquileres turísticos para abordar la disparidad entre los precios de la vivienda y los ingresos.
    • +
  • La futura aprobación de la propuesta como ley es incierta, ya que algunos analistas la ven más como un elemento disuasorio para los inversores extranjeros que como un cambio legislativo garantizado.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZEspaña propone un impuesto del 100% sobre las viviendas compradas por residentes no pertenecientes a la UE + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple pronto recibirá chips 'hechos en América' de la fábrica de TSMC en Arizona]]> + +
  • Apple está probando procesadores de la planta de TSMC en Arizona, con planes para la producción en masa para el primer trimestre, lo que podría convertirla en el primer cliente estadounidense de TSMC para chips fabricados localmente. - Esta iniciativa tiene como objetivo fortalecer la independencia de silicio de EE. UU., reduciendo la dependencia de Taiwán, que es vulnerable a riesgos geopolíticos y naturales. - La fábrica de TSMC en Arizona está preparada para producir chips avanzados de 3nm y 2nm, con esfuerzos continuos para mejorar el reclutamiento local y las asociaciones con universidades estadounidenses, aunque el empaquetado se realizará inicialmente en Taiwán hasta que la instalación de Peoria esté operativa.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple pronto recibirá chips 'hechos en América' de la fábrica de TSMC en Arizona + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43,000 conductores menos en las carreteras de Manhattan después de que se activó el cobro por congestión]]> + +
  • Después de que se implementó el peaje por congestión, hubo una reducción del 7.5% en los conductores que ingresaban a Manhattan por debajo de la Calle 60, lo que equivale a 43,000 conductores menos cada día de la semana.
    • +
  • La reducción del tráfico ha mejorado el flujo vehicular y aumentado la velocidad de los autobuses, con algunos autobuses exprés experimentando un mayor número de pasajeros.
    • +
  • La Autoridad Metropolitana de Transporte (MTA) utiliza los ingresos por peajes, estimados en 500 millones de dólares anuales, para mejoras en el transporte, a pesar de cierta oposición política.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43,000 conductores menos en las carreteras de Manhattan después de que se activó el cobro por congestión + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[El rasgo distintivo de Uv es facilitar la creación de entornos ad-hoc.]]> 2025-01-05T00:00:00.000ZGuten: Una pequeña impresora de periódicos Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Volvo 1993 autónomo con piloto abierto]]> - -
  • Un grupo de amigos participó en la edición de invierno del Carbage Run 2025, un rally de 6 días a través de Suecia hasta el círculo polar y de regreso a Helsinki, que requiere que los coches tengan al menos 20 años de antigüedad y un valor inferior a 1000 €.
    • -
  • Transformaron un Volvo 940 Estate de 1993 en un vehículo autónomo utilizando openpilot de comma.ai, incorporando componentes modernos como dirección asistida eléctrica, un iBooster de Bosch y un sensor de radar de Tesla.
    • -
  • Las actualizaciones futuras incluirán detalles sobre el cableado, una Unidad de Control del Motor (ECU) personalizada y planes para abrir el código, destacando el enfoque innovador del proyecto para adaptar vehículos antiguos con tecnología autónoma.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZVolvo 1993 autónomo con piloto abierto - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Algoritmo de renderizado de terrenos en menos de 20 líneas de código (2020)]]> - -
  • El juego Comanche de NovaLogic de 1992 utilizó el motor Voxel Space, una técnica de renderizado 2.5D basada en el ray casting, para crear terrenos detallados con sombreado y sombras.
    • -
  • La tecnología Voxel Space utilizaba mapas de altura y color junto con un algoritmo de renderizado simple, dibujando líneas verticales de atrás hacia adelante, lo cual podía optimizarse para mejorar el rendimiento.
    • -
  • La codificación del motor está disponible bajo la licencia MIT, pero la tecnología aún puede estar patentada en ciertas regiones.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Algoritmo de renderizado de terrenos en menos de 20 líneas de código (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Cómo dibujar un contorno en un videojuego]]> - -
  • El artículo discute cinco técnicas para renderizar contornos en Unity, una popular plataforma de desarrollo de juegos, destacando su uso en juegos como Sable y The Last of Us. - Las técnicas incluyen Efectos de Borde, Extrusión de Vértices, Búfer Desenfocado, Algoritmo de Inundación por Saltos y Detección de Bordes, cada una con ventajas y desventajas únicas en términos de rendimiento y calidad visual. - El artículo ofrece ideas sobre cómo equilibrar estos métodos para lograr una estética óptima en los juegos y apoyar la jugabilidad, con recursos adicionales y créditos para modelos 3D incluidos.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZCómo dibujar un contorno en un videojuego - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Voy a dejar el Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZVoy a dejar el Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity tiene anuncios]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity tiene anuncios - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/fi.xml b/static/rss/story/fi.xml index be5ba3df1..81ed0e972 100644 --- a/static/rss/story/fi.xml +++ b/static/rss/story/fi.xml @@ -15,11 +15,208 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[Snyk-tietoturvatutkija ottaa käyttöön haitallisia NPM-paketteja, jotka kohdistuvat cursor.com-sivustoon.]]> + +
  • Eräs Snykin tietoturvatutkija julkaisi haitallisia NPM-paketteja, jotka kohdistuivat Cursor.comiin, tekoälykoodausyritykseen, kerätäkseen järjestelmätietoja ja lähettääkseen ne hyökkääjän hallitsemaan palveluun.
    • +
  • Pakettien nimet ovat "cursor-retrieval", "cursor-always-local" ja "cursor-shadow-workspace", ja ne merkittiin OpenSSF-pakettianalyysiskannerin toimesta, mikä johti neuvonantoihin MAL-2025-27, MAL-2025-28 ja MAL-2025-29.
    • +
  • Tämä tapaus korostaa NPM-pakettien tarkastelun tärkeyttä ennen asennusta mahdollisten tietoturvauhkien välttämiseksi.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZSnyk-tietoturvatutkija ottaa käyttöön haitallisia NPM-paketteja, jotka kohdistuvat cursor.com-sivustoon. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Vaihdoinkin Firefoxiin enkä ole katsonut taaksepäin]]> + +
  • Firefoxia kehutaan sen erinomaisesta välilehtien hallinnasta, sisäänrakennetusta Pocket-ominaisuudesta linkkien tallentamiseen ja yksityisyyteen keskittyvästä sähköpostin välityspalvelusta, mikä tekee siitä vahvan vaihtoehdon Chromelle. - Lisäominaisuudet, kuten käyttäjäystävällinen kuvakaappaustyökalu, ChatGPT-painike, Picture-in-Picture, muokattavat hakuvaihtoehdot ja sujuva vieritys parantavat selauskokemusta. - Vaikka Firefoxilta puuttuu Chromen verkkosovellusominaisuus, sen harkittu suunnittelu ja vähäisempi resurssien kulutus tekevät siitä joidenkin käyttäjien suosikin.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZVaihdoinkin Firefoxiin enkä ole katsonut taaksepäin + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Sonosin toimitusjohtaja eroaa sovelluspäivityksen epäonnistumisen jälkeen]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZSonosin toimitusjohtaja eroaa sovelluspäivityksen epäonnistumisen jälkeen + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[MrBeastin vatsassa]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZMrBeastin vatsassa + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Gitin GitHub-operaatiot ovat alhaalla]]> + +
  • GitHub kohtasi Git-toimintojen katkoksen 13. tammikuuta 2025, johtuen kokoonpanomuutoksesta, joka vaikutti sisäiseen kuormantasaajaan, kestäen 23:35:stä 00:24:ään UTC-aikaa. - Ongelma ratkaistiin palauttamalla kokoonpanomuutos, ja GitHub työskentelee parantaakseen valvonta- ja käyttöönottoprosesseja estääkseen vastaavat tapaukset. - Katkos vaikutti myös GitHubin Actions- ja Pages-palveluihin, korostaen niiden alustapalveluiden keskinäistä yhteyttä.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZGitin GitHub-operaatiot ovat alhaalla + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 julkaistu ZFS raidz -laajennuksella]]> + +
  • OpenZFS 2.3.0 on julkaistu, ja se tuo mukanaan merkittäviä ominaisuuksia, kuten RAIDZ-laajennuksen, nopean deduplikoinnin, suoran syötteen/ulostulon, JSON-ulostulon ja tuen pitkille tiedostonimille. - Julkaisu sisältää olennaisia virheenkorjauksia ja suorituskyvyn parannuksia, ja se on yhteensopiva Linux-ytimien 4.18 - 6.12 ja FreeBSD-versioiden 13.3, 14.0 - 14.2 kanssa. - Päivitys on 134 avustajan yhteistyön tulos, ja siitä on saatavilla kattava dokumentaatio ja muutosloki tarkasteltavaksi.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 julkaistu ZFS raidz -laajennuksella + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Alpine-, Ubuntu-, Fedora- ja Arch-kontit, jotka sisältävät täydet työpöytäympäristöt]]> + +
  • Linuxserver/webtop tarjoaa kontteja, jotka perustuvat Alpineen, Ubuntuun, Fedoraan ja Archiin, ja joissa on täydet työpöytäympäristöt, jotka ovat käytettävissä verkkoselaimien kautta, tukien sekä x86-64 että arm64-arkkitehtuureja.
    • +
  • Kayttäjät voivat valita erilaisista työpöytäympäristöistä, kuten XFCE, KDE, MATE, i3, Openbox ja IceWM, käyttämällä tiettyjä kuvamerkintöjä ja käyttää Webtopia määrättyjen URL-osoitteiden kautta.
    • +
  • Turvaominaisuuksiin kuuluvat Dockerin seccomp-vaihtoehto ja todennuksen asennus, mukautusmahdollisuudet ympäristömuuttujien kautta sekä tuki GPU-kiihdytykselle avoimen lähdekoodin ajureilla.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Alpine-, Ubuntu-, Fedora- ja Arch-kontit, jotka sisältävät täydet työpöytäympäristöt + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 viidestä verkossa julkaistusta työpaikkailmoituksesta on joko väärennös tai niitä ei koskaan täytetä, tutkimus paljastaa]]> + +
  • Äskettäinen tutkimus osoittaa, että 20 % verkossa olevista työpaikkailmoituksista on joko väärennettyjä tai jää täyttämättä, mikä lisää työnhakijoiden turhautumista. - Tämä "haamutyöpaikkojen" trendi saattaa olla yritysten keino luoda kuvaa kasvusta. - Työpaikka-alustat, kuten Greenhouse ja LinkedIn, ovat ottaneet käyttöön työpaikkojen varmennuspalveluita auttaakseen käyttäjiä tunnistamaan aidot työmahdollisuudet.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 viidestä verkossa julkaistusta työpaikkailmoituksesta on joko väärennös tai niitä ei koskaan täytetä, tutkimus paljastaa + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Tehdä risteyksestä turvaton jalankulkijoille säästääkseen sekunteja autoilijoille]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZTehdä risteyksestä turvaton jalankulkijoille säästääkseen sekunteja autoilijoille + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL on vuoden 2024 tietokannan hallintajärjestelmä.]]> + +
  • PostgreSQL on saanut DB-Enginesin myöntämän Vuoden DBMS 2024 -palkinnon, saavuttaen tämän tunnustuksen viidennen kerran, ohittaen 423 muuta tietokannan hallintajärjestelmää.
    • +
  • PostgreSQL, jolla on lähes 35 vuoden historia, jatkaa innovointia, kuten nähdään syyskuussa 2024 julkaistun PostgreSQL 17:n viimeaikaisissa parannuksissa.
    • +
  • Snowflake ja Microsoft saavuttivat toisen ja kolmannen sijan, Snowflaken erottuessa pilvipohjaisesta tietovarastoinnistaan ja monipilvitukensa ansiosta, kun taas Microsoft tarjoaa vankkoja hallittuja relaatiotietokantoja Azure SQL Database- ja SQL Server -palveluiden kautta.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL on vuoden 2024 tietokannan hallintajärjestelmä. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Googlen OAuth-kirjautuminen ei suojaa epäonnistuneen startup-yrityksen verkkotunnuksen ostamiselta]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZGooglen OAuth-kirjautuminen ei suojaa epäonnistuneen startup-yrityksen verkkotunnuksen ostamiselta + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Koodausosaamisen hyödyntäminen passiivisen tulon hankkimiseen]]> + +
  • Kirjoittaja siirtyi teknologiajohtajan roolista yksinyrittäjäksi ja ansaitsi menestyksekkäästi enemmän ohjelmistotuotteiden portfoliollaan.
    • +
  • Keskeisiin strategioihin kuuluu keskittyminen syvälliseen työskentelyyn, aloittaminen pienistä projekteista, nopea iterointi ja ajan omistaminen markkinointiponnisteluille.
    • +
  • Matka korostaa epävarmuuksien vuoksi resilienssiä, mutta tuo esiin tämän urapolun vertaansa vailla olevan autonomian ja vapauden, kannustaen koodaustaitoisia harkitsemaan sitä passiivisen tulon lähteenä.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZKoodausosaamisen hyödyntäminen passiivisen tulon hankkimiseen + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Espanja ehdottaa 100 % veroa EU:n ulkopuolisten asukkien ostamille asunnoille]]> + +
  • Espanja harkitsee 100 % veroa kiinteistöhankinnoille, jotka tehdään EU:n ulkopuolisilta asukkailta, pyrkien ratkaisemaan asuntokriisiä ja hillitsemään spekulatiivista ostamista.
    • +
  • Pääministeri Pedro Sánchezin ehdotus sisältää sosiaalisen asuntotuotannon laajentamisen ja turistivuokrausten sääntelyn, jotta voitaisiin puuttua asuntohintojen ja tulojen väliseen epätasapainoon.
    • +
  • Ehdotuksen tulevaisuus lakina on epävarma, ja jotkut analyytikot pitävät sitä pikemminkin ulkomaisten sijoittajien pelotteena kuin taattuna lainsäädännöllisenä muutoksena.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZEspanja ehdottaa 100 % veroa EU:n ulkopuolisten asukkien ostamille asunnoille + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple saa pian 'made in America' -sirut TSMC:n Arizonan tehtaasta]]> + +
  • Apple testaa TSMC:n Arizonan laitoksen prosessoreita, suunnitellen massatuotantoa ensimmäiselle vuosineljännekselle, ja saattaa näin tulla TSMC:n ensimmäiseksi Yhdysvaltain asiakkaaksi paikallisesti valmistetuille siruille. - Tämä aloite pyrkii vahvistamaan Yhdysvaltojen piiriomavaraisuutta, vähentäen riippuvuutta Taiwanista, joka on altis geopoliittisille ja luonnonriskeille. - TSMC:n Arizonan tehdas aikoo tuottaa edistyneitä 3nm ja 2nm siruja, ja pyrkii parantamaan paikallista rekrytointia sekä yhteistyötä Yhdysvaltain yliopistojen kanssa, vaikka pakkaaminen tapahtuukin aluksi Taiwanissa, kunnes Peorian laitos on toiminnassa.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple saa pian 'made in America' -sirut TSMC:n Arizonan tehtaasta + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43 000 kuljettajaa vähemmän Manhattanin teillä ruuhkamaksujen käyttöönoton jälkeen]]> + +
  • Ruuhkamaksujen käyttöönoton jälkeen Manhattanille 60. kadun alapuolelle ajavien kuljettajien määrä väheni 7,5 %, mikä tarkoittaa 43 000 vähemmän kuljettajaa joka arkipäivä.
    • +
  • Liikenteen väheneminen on parantanut liikenteen sujuvuutta ja lisännyt bussien nopeuksia, ja joillakin pikabusseilla on ollut enemmän matkustajia.
    • +
  • Metropolitan Transportation Authority (MTA) käyttää tietullituloja, joiden arvioidaan olevan 500 miljoonaa dollaria vuosittain, liikenteen parannuksiin, huolimatta joistakin poliittisista vastustuksista.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43 000 kuljettajaa vähemmän Manhattanin teillä ruuhkamaksujen käyttöönoton jälkeen + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Uv:n paras ominaisuus on tehdä ad-hoc-ympäristöjen luomisesta helppoa]]> 2025-01-05T00:00:00.000ZGuten: Pieni sanomalehtitulostin Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[1993 Volvo, jossa on itseajava Open Pilot -järjestelmä]]> - -
  • Ryhmä ystäviä osallistui Carbage Run 2025 talviversioon, kuuden päivän ralliin Ruotsin halki napapiirille ja takaisin Helsinkiin, jossa autojen tuli olla vähintään 20 vuotta vanhoja ja arvoltaan alle 1000 €.
    • -
  • He muuttivat vuoden 1993 Volvo 940 Estate -auton itseajavaksi ajoneuvoksi käyttämällä comma.ai:n openpilot-järjestelmää, ja lisäsivät siihen moderneja komponentteja, kuten sähköisen ohjaustehostimen, Bosch iBoosterin ja Teslan tutkasensorin.
    • -
  • Tulevat päivitykset sisältävät tietoja johdotuksesta, räätälöidystä moottorinohjausyksiköstä (ECU) ja suunnitelmista avata koodi avoimeen lähdekoodiin, mikä korostaa projektin innovatiivista lähestymistapaa vanhempien ajoneuvojen varustamiseen autonomisella teknologialla.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z1993 Volvo, jossa on itseajava Open Pilot -järjestelmä - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Maaston renderöintialgoritmi alle 20 koodirivillä (2020)]]> - -
  • NovaLogicin vuoden 1992 peli Comanche käytti Voxel Space -moottoria, 2.5D-renderöintitekniikkaa, joka perustui säteiden heijastukseen, luodakseen yksityiskohtaisia maastoja varjostuksilla ja varjoilla.
    • -
  • Voxel Space -moottori käytti korkeus- ja värikarttoja sekä yksinkertaista renderöintialgoritmia, joka piirsi pystysuoria viivoja takaa eteen, mikä voitiin optimoida suorituskyvyn parantamiseksi.
    • -
  • Moottorin koodi on saatavilla MIT-lisenssin alaisena, mutta teknologia saattaa silti olla patentoitu tietyillä alueilla.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Maaston renderöintialgoritmi alle 20 koodirivillä (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Kuinka piirtää ääriviiva videopelissä]]> - -
  • Artikkeli käsittelee viittä tekniikkaa ääriviivojen renderöimiseksi Unityssä, suositussa pelinkehitysalustassa, korostaen niiden käyttöä peleissä kuten Sable ja The Last of Us. - Tekniikoihin kuuluvat Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm ja Edge Detection, joista jokaisella on omat ainutlaatuiset etunsa ja kompromissinsa suorituskyvyn ja visuaalisen laadun suhteen. - Artikkeli tarjoaa näkemyksiä näiden menetelmien tasapainottamisesta optimaalisen pelin estetiikan ja pelitukien saavuttamiseksi, sisältäen lisäresursseja ja kiitokset 3D-malleista.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZKuinka piirtää ääriviiva videopelissä - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Jätän Washington Postin]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZJätän Washington Postin - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity sai mainoksia]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity sai mainoksia - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/fr.xml b/static/rss/story/fr.xml index c4db2d052..703601e11 100644 --- a/static/rss/story/fr.xml +++ b/static/rss/story/fr.xml @@ -15,11 +15,213 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[Un chercheur en sécurité de Snyk déploie des paquets NPM malveillants ciblant cursor.com]]> + +
  • Un chercheur en sécurité de Snyk a publié des paquets NPM malveillants ciblant Cursor.com, une entreprise de codage IA, pour collecter des données système et les envoyer à un service contrôlé par un attaquant.
    • +
  • Les paquets, identifiés comme "cursor-retrieval", "cursor-always-local" et "cursor-shadow-workspace", ont été signalés par le scanner d'analyse de paquets OpenSSF, entraînant les avis MAL-2025-27, MAL-2025-28 et MAL-2025-29.
    • +
  • Cet incident souligne l'importance de scruter les paquets NPM avant l'installation pour éviter les menaces potentielles à la sécurité.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZUn chercheur en sécurité de Snyk déploie des paquets NPM malveillants ciblant cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Je suis passé à Firefox et je n'ai jamais regretté.]]> + +
  • Firefox est salué pour sa gestion supérieure des onglets, sa fonctionnalité Pocket intégrée pour enregistrer des liens, et son relais de messagerie axé sur la confidentialité, en faisant une alternative solide à Chrome. - Des fonctionnalités supplémentaires comme un outil de capture d'écran convivial, un bouton ChatGPT, le mode Picture-in-Picture, des options de recherche personnalisables, et un défilement fluide améliorent l'expérience de navigation. - Bien que Firefox manque de la fonctionnalité d'application web de Chrome, sa conception réfléchie et ses exigences réduites en ressources en font un choix préféré pour certains utilisateurs.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZJe suis passé à Firefox et je n'ai jamais regretté. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Le PDG de Sonos démissionne après le fiasco de la mise à jour de l'application]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZLe PDG de Sonos démissionne après le fiasco de la mise à jour de l'application + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Dans le ventre de MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZDans le ventre de MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Les opérations Git sur GitHub sont en panne]]> + +
  • GitHub a connu une panne des opérations Git le 13 janvier 2025, en raison d'un changement de configuration affectant l'équilibreur de charge interne, qui a duré de 23h35 à 00h24 UTC. - Le problème a été résolu en annulant le changement de configuration, et GitHub travaille à améliorer les processus de surveillance et de déploiement pour éviter des incidents similaires. - La panne a également affecté les services Actions et Pages de GitHub, soulignant la nature interconnectée de leurs services de plateforme.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZLes opérations Git sur GitHub sont en panne + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 publié avec l'expansion ZFS raidz]]> + +
  • OpenZFS 2.3.0 a été publié, introduisant des fonctionnalités significatives telles que l'expansion RAIDZ, la déduplication rapide, l'entrée/sortie directe, la sortie JSON et la prise en charge des noms de fichiers longs. - La version inclut des corrections de bugs essentielles et des améliorations de performance, compatible avec les noyaux Linux 4.18 - 6.12 et les versions FreeBSD 13.3, 14.0 - 14.2. - La mise à jour est le fruit d'un effort collaboratif de 134 contributeurs, avec une documentation complète et un journal des modifications disponibles pour consultation.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 publié avec l'expansion ZFS raidz + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Conteneurs Alpine, Ubuntu, Fedora et Arch contenant des environnements de bureau complets]]> + +
  • Linuxserver/webtop propose des conteneurs basés sur Alpine, Ubuntu, Fedora et Arch avec des environnements de bureau complets accessibles via des navigateurs web, prenant en charge les architectures x86-64 et arm64.
    • +
  • Les utilisateurs peuvent choisir parmi divers environnements de bureau tels que XFCE, KDE, MATE, i3, Openbox et IceWM en utilisant des balises d'image spécifiques, et accéder au Webtop via des URL désignées.
    • +
  • Les fonctionnalités de sécurité incluent l'option seccomp de Docker et la configuration d'authentification, avec des options de personnalisation disponibles via des variables d'environnement, ainsi que la prise en charge de l'accélération GPU avec des pilotes open-source.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Conteneurs Alpine, Ubuntu, Fedora et Arch contenant des environnements de bureau complets + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 offre d'emploi en ligne sur 5 est soit fausse, soit jamais pourvue, selon une étude]]> + +
  • Une étude récente indique que 20 % des offres d'emploi en ligne sont soit fausses, soit restent non pourvues, ce qui ajoute à la frustration des chercheurs d'emploi. - Cette tendance des "emplois fantômes" pourrait être une tactique pour les entreprises de projeter une image de croissance. - Des plateformes d'emploi telles que Greenhouse et LinkedIn ont introduit des services de vérification des offres d'emploi pour aider les utilisateurs à identifier les opportunités d'emploi authentiques.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 offre d'emploi en ligne sur 5 est soit fausse, soit jamais pourvue, selon une étude + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Rendre une intersection dangereuse pour les piétons afin de gagner quelques secondes pour les conducteurs]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZRendre une intersection dangereuse pour les piétons afin de gagner quelques secondes pour les conducteurs + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL est le système de gestion de base de données de l'année 2024]]> + +
  • PostgreSQL a été désigné SGBD de l'année 2024 par DB-Engines, obtenant cette reconnaissance pour la cinquième fois, surpassant 423 autres systèmes de gestion de bases de données.
    • +
  • PostgreSQL, avec une histoire s'étendant sur près de 35 ans, continue d'innover, comme en témoignent les récentes améliorations de PostgreSQL 17, sorti en septembre 2024.
    • +
  • Snowflake et Microsoft ont respectivement obtenu les deuxième et troisième places, Snowflake étant reconnu pour son entrepôt de données basé sur le cloud et son support multi-cloud, tandis que Microsoft propose des bases de données relationnelles gérées robustes via Azure SQL Database et SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL est le système de gestion de base de données de l'année 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Le système de connexion OAuth de Google ne protège pas contre l'achat d'un domaine d'une startup échouée.]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZLe système de connexion OAuth de Google ne protège pas contre l'achat d'un domaine d'une startup échouée. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Utiliser des compétences en codage pour générer des revenus passifs]]> + +
  • L'auteur est passé d'un rôle de CTO à celui de solopreneur, réussissant à gagner plus grâce à un portefeuille de produits logiciels.
    • +
  • Les stratégies clés incluent la concentration sur un travail en profondeur, le démarrage avec de petits projets, l'itération rapide et la dédication de temps aux efforts de marketing.
    • +
  • Le voyage met l'accent sur la résilience face aux incertitudes, mais souligne l'autonomie et la liberté inégalées de cette voie professionnelle, encourageant ceux qui possèdent des compétences en codage à la considérer pour un revenu passif.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZUtiliser des compétences en codage pour générer des revenus passifs + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Espagne propose une taxe de 100 % sur les maisons achetées par des résidents non-UE]]> + +
  • Espagne envisage une taxe de 100 % sur les achats immobiliers par des résidents non-UE, visant à résoudre la crise du logement et à freiner les achats spéculatifs.
    • +
  • Le projet du Premier ministre Pedro Sánchez comprend l'expansion du logement social et la régulation des locations touristiques pour s'attaquer à la disparité entre les prix du logement et les revenus.
    • +
  • Le futur de la proposition en tant que loi est incertain, certains analystes la considérant comme un frein pour les investisseurs étrangers plutôt qu'un changement législatif garanti.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZEspagne propose une taxe de 100 % sur les maisons achetées par des résidents non-UE + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple recevra bientôt des puces 'fabriquées en Amérique' de l'usine de TSMC en Arizona]]> + +
  • Apple teste des processeurs provenant de l'usine de TSMC en Arizona, avec des plans pour une production de masse d'ici le premier trimestre, devenant potentiellement le premier client américain de TSMC pour des puces fabriquées localement. - Cette initiative vise à renforcer l'indépendance en silicium des États-Unis, réduisant la dépendance vis-à-vis de Taïwan, qui est vulnérable aux risques géopolitiques et naturels. - L'usine de TSMC en Arizona est prête à produire des puces avancées de 3 nm et 2 nm, avec des efforts continus pour améliorer le recrutement local et les partenariats avec les universités américaines, bien que l'emballage se fasse initialement à Taïwan jusqu'à ce que l'installation de Peoria soit opérationnelle.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple recevra bientôt des puces 'fabriquées en Amérique' de l'usine de TSMC en Arizona + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43 000 conducteurs de moins sur les routes de Manhattan après l'activation du péage de congestion]]> + +
  • Après la mise en œuvre de la tarification de congestion, il y a eu une réduction de 7,5 % du nombre de conducteurs entrant à Manhattan au-dessous de la 60e rue, ce qui équivaut à 43 000 conducteurs de moins chaque jour de semaine.
    • +
  • La réduction du trafic a amélioré la fluidité de la circulation et augmenté la vitesse des bus, certains bus express connaissant une augmentation du nombre de passagers.
    • +
  • Le Metropolitan Transportation Authority (MTA) utilise les recettes des péages, estimées à 500 millions de dollars par an, pour des améliorations du transport en commun, malgré une certaine opposition politique.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43 000 conducteurs de moins sur les routes de Manhattan après l'activation du péage de congestion + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Le principal atout d'Uv est de faciliter la création d'environnements ad hoc.]]> 2025-01-05T00:00:00.000ZGuten : Une petite imprimante de journaux Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Volvo 1993 autonome avec pilote ouvert]]> - -
  • Un groupe d'amis a participé à l'édition hivernale 2025 du Carbage Run, un rallye de 6 jours à travers la Suède jusqu'au cercle polaire et retour à Helsinki, nécessitant des voitures d'au moins 20 ans et d'une valeur inférieure à 1000 €.
    • -
  • Ils ont transformé une Volvo 940 Estate de 1993 en un véhicule autonome en utilisant openpilot de comma.ai, en incorporant des composants modernes tels que la direction assistée électrique, un iBooster Bosch et un capteur radar Tesla.
    • -
  • Les mises à jour futures incluront des détails sur le câblage, une unité de contrôle moteur (ECU) personnalisée, et des plans pour rendre le code open-source, mettant en avant l'approche innovante du projet pour équiper les anciens véhicules de technologie autonome.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZVolvo 1993 autonome avec pilote ouvert - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace : Algorithme de rendu de terrain en moins de 20 lignes de code (2020)]]> - -
  • Le jeu Comanche de NovaLogic, sorti en 1992, utilisait le moteur Voxel Space, une technique de rendu 2.5D basée sur le lancer de rayons, pour créer des terrains détaillés avec des ombrages et des ombres.
    • -
  • Le moteur Voxel Space utilisait des cartes de hauteur et de couleur ainsi qu'un algorithme de rendu simple, traçant des lignes verticales de l'arrière vers l'avant, ce qui pouvait être optimisé pour la performance.
    • -
  • Le code du moteur est disponible sous la licence MIT, mais la technologie peut encore être brevetée dans certaines régions.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace : Algorithme de rendu de terrain en moins de 20 lignes de code (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Comment dessiner un contour dans un jeu vidéo]]> - -
  • L'article discute de cinq techniques pour rendre les contours dans Unity, une plateforme de développement de jeux populaire, en soulignant leur utilisation dans des jeux comme Sable et The Last of Us. - Les techniques incluent les effets de bord, l'extrusion de vertex, le tampon flou, l'algorithme de saut de crue et la détection de bord, chacune avec des avantages uniques et des compromis en termes de performance et de qualité visuelle. - L'article fournit des informations sur l'équilibre de ces méthodes pour une esthétique de jeu optimale et un soutien au gameplay, avec des ressources supplémentaires et des crédits pour les modèles 3D inclus.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZComment dessiner un contour dans un jeu vidéo - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Je quitte le Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZJe quitte le Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity a des publicités]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity a des publicités - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/he.xml b/static/rss/story/he.xml index a26f7d671..9be207314 100644 --- a/static/rss/story/he.xml +++ b/static/rss/story/he.xml @@ -15,11 +15,199 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[חוקר אבטחה של Snyk מפרסם חבילות NPM זדוניות המכוונות ל-cursor.com]]> + +
  • חוקר אבטחה של Snyk שחרר חבילות NPM זדוניות המכוונות ל-Cursor.com, חברת קידוד מבוססת בינה מלאכותית, כדי לאסוף נתוני מערכת ולשלוח אותם לשירות בשליטת תוקף.
    • +
  • החבילות, שזוהו כ-"cursor-retrieval", "cursor-always-local", ו-"cursor-shadow-workspace", סומנו על ידי סורק ניתוח החבילות של OpenSSF, מה שהוביל להמלצות MAL-2025-27, MAL-2025-28, ו-MAL-2025-29.
    • +
  • תקלה זו מדגישה את החשיבות של בדיקת חבילות NPM לפני ההתקנה כדי להימנע מאיומי אבטחה פוטנציאליים.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Zחוקר אבטחה של Snyk מפרסם חבילות NPM זדוניות המכוונות ל-cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[עברתי לפיירפוקס ולעולם לא הבטתי לאחור]]> + +
  • פיירפוקס זוכה לשבחים על ניהול הלשוניות המעולה שלו, תכונת Pocket המובנית לשמירת קישורים, ושירות דואר אלקטרוני ממוקד פרטיות, מה שהופך אותו לחלופה חזקה לכרום. - תכונות נוספות כמו כלי צילום מסך ידידותי למשתמש, כפתור ChatGPT, תמונה בתוך תמונה, אפשרויות חיפוש מותאמות אישית וגלילה חלקה משפרות את חוויית הגלישה. - למרות שפיירפוקס חסר את תכונת האפליקציות האינטרנטיות של כרום, העיצוב המחושב שלו והדרישות המופחתות למשאבים הופכים אותו לבחירה מועדפת עבור חלק מהמשתמשים.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Zעברתי לפיירפוקס ולעולם לא הבטתי לאחור + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[מנכ"ל סונוס מתפטר לאחר תקרית עדכון האפליקציה]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Zמנכ"ל סונוס מתפטר לאחר תקרית עדכון האפליקציה + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[בבטנו של מרביסט]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Zבבטנו של מרביסט + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[פעולות Git ב-GitHub מושבתות]]> + +
  • GitHub חוותה הפסקת פעילות של פעולות Git ב-13 בינואר 2025, עקב שינוי תצורה שהשפיע על מאזן העומסים הפנימי, שנמשך מ-23:35 עד 00:24 לפי זמן UTC. - הבעיה נפתרה על ידי החזרת שינוי התצורה, ו-GitHub עובדת על שיפור תהליכי הניטור והפריסה כדי למנוע תקריות דומות. - ההפסקה השפיעה גם על שירותי Actions ו-Pages של GitHub, מה שמדגיש את האופי המקושר של שירותי הפלטפורמה שלהם.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000Zפעולות Git ב-GitHub מושבתות + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[זמן שחרור ZFS 2.3 עם הרחבת ZFS raidz]]> + +
  • OpenZFS 2.3.0 שוחרר, ומציג תכונות משמעותיות כמו הרחבת RAIDZ, דה-דופליקציה מהירה, קלט/פלט ישיר, פלט JSON ותמיכה בשמות קבצים ארוכים. - השחרור כולל תיקוני באגים חיוניים ושיפורי ביצועים, תואם לליבות לינוקס 4.18 - 6.12 וגרסאות FreeBSD 13.3, 14.0 - 14.2. - העדכון הוא מאמץ שיתופי של 134 תורמים, עם תיעוד מקיף ורשימת שינויים זמינים לעיון.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000Zזמן שחרור ZFS 2.3 עם הרחבת ZFS raidz + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – מכולות של Alpine, Ubuntu, Fedora ו-Arch המכילות סביבות שולחן עבודה מלאות]]> + +
  • Linuxserver/webtop מספק מכולות המבוססות על Alpine, Ubuntu, Fedora ו-Arch עם סביבות שולחן עבודה מלאות הנגישות דרך דפדפני אינטרנט, ותומכות בארכיטקטורות x86-64 ו-arm64.
    • +
  • משתמשים יכולים לבחור מתוך סביבות שולחן עבודה שונות כמו XFCE, KDE, MATE, i3, Openbox, ו-IceWM על ידי שימוש בתגי תמונה ספציפיים, ולגשת ל-Webtop דרך כתובות URL ייעודיות.
    • +
  • מאפייני האבטחה כוללים את אפשרות ה-seccomp של Docker והגדרת אימות, עם אפשרויות התאמה אישית זמינות דרך משתני סביבה, ותמיכה בהאצת GPU עם מנהלי התקנים בקוד פתוח.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – מכולות של Alpine, Ubuntu, Fedora ו-Arch המכילות סביבות שולחן עבודה מלאות + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[מחקר מגלה כי 1 מתוך 5 מודעות דרושים באינטרנט הן מזויפות או שלא מתמלאות לעולם]]> + +
  • מחקר עדכני מצביע על כך ש-20% מהמשרות המפורסמות באינטרנט הן או מזויפות או נשארות לא מאוישות, מה שמוסיף לתסכול של מחפשי העבודה. - מגמת "משרות רפאים" זו עשויה להיות טקטיקה של חברות להציג תדמית של צמיחה. - פלטפורמות עבודה כמו Greenhouse ו-LinkedIn הציגו שירותי אימות משרות כדי לסייע למשתמשים בזיהוי הזדמנויות עבודה אמיתיות.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Zמחקר מגלה כי 1 מתוך 5 מודעות דרושים באינטרנט הן מזויפות או שלא מתמלאות לעולם + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[להפוך צומת ללא בטוחה להולכי רגל כדי לחסוך שניות לנהגים]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Zלהפוך צומת ללא בטוחה להולכי רגל כדי לחסוך שניות לנהגים + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL היא מערכת ניהול מסדי הנתונים של השנה 2024]]> + +
  • PostgreSQL זכתה בתואר מערכת ניהול בסיסי נתונים של השנה 2024 על ידי DB-Engines, וזוהי הפעם החמישית שהיא זוכה בהכרה זו, כשהיא עוקפת 423 מערכות ניהול בסיסי נתונים אחרות.
    • +
  • PostgreSQL, עם היסטוריה המשתרעת על פני כמעט 35 שנים, ממשיך לחדש, כפי שניתן לראות בשיפורים האחרונים של PostgreSQL 17, ששוחרר בספטמבר 2024.
    • +
  • סנופלייק ומיקרוסופט תפסו את המקומות השני והשלישי, בהתאמה, כאשר סנופלייק נודעה בזכות מחסני הנתונים מבוססי הענן שלה ותמיכה בריבוי עננים, בעוד שמיקרוסופט מציעה מסדי נתונים יחסיים מנוהלים חזקים דרך Azure SQL Database ו-SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL היא מערכת ניהול מסדי הנתונים של השנה 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[כניסת OAuth של גוגל לא מגנה מפני רכישת דומיין של סטארטאפ שנכשל]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Zכניסת OAuth של גוגל לא מגנה מפני רכישת דומיין של סטארטאפ שנכשל + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[להשתמש בכישורי תכנות כדי להרוויח הכנסה פסיבית]]> + +
  • המחבר עבר מתפקיד של CTO ליזם עצמאי, והצליח להרוויח יותר באמצעות פורטפוליו של מוצרי תוכנה.
    • +
  • אסטרטגיות מפתח כוללות התמקדות בעבודה מעמיקה, התחלה עם פרויקטים קטנים, חזרה מהירה והקדשת זמן למאמצי שיווק.
    • +
  • המסע מדגיש חוסן עקב אי ודאויות, אך מדגיש את האוטונומיה והחופש הבלתי משתווים של מסלול קריירה זה, ומעודד את אלו עם כישורי קידוד לשקול אותו כהכנסה פסיבית.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Zלהשתמש בכישורי תכנות כדי להרוויח הכנסה פסיבית + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ספרד מציעה מס של 100% על בתים שנרכשים על ידי תושבים שאינם מהאיחוד האירופי]]> + +
  • ספרד שוקלת להטיל מס של 100% על רכישות נדל"ן על ידי תושבים שאינם מהאיחוד האירופי, במטרה להתמודד עם משבר הדיור ולרסן רכישות ספקולטיביות.
    • +
  • ראש הממשלה פדרו סאנצ'ס מציע להרחיב את הדיור הציבורי ולווסת את השכרת הדירות לתיירים כדי להתמודד עם הפער בין מחירי הדיור להכנסות.
    • +
  • העתיד של ההצעה כחוק אינו ודאי, כאשר חלק מהאנליסטים רואים בה כהרתעה למשקיעים זרים ולא כשינוי חקיקתי מובטח.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Zספרד מציעה מס של 100% על בתים שנרכשים על ידי תושבים שאינם מהאיחוד האירופי + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[בהקדם אפל תקבל שבבים 'תוצרת אמריקה' ממפעל TSMC באריזונה]]> + +
  • Apple בוחנת מעבדים ממתקן אריזונה של TSMC, עם תוכניות לייצור המוני עד הרבעון הראשון, וייתכן שתהפוך ללקוח האמריקאי הראשון של TSMC לשבבים המיוצרים מקומית. - יוזמה זו נועדה לחזק את העצמאות הסיליקונית של ארה"ב, ולהפחית את התלות בטייוואן, שהיא פגיעה לסיכונים גיאופוליטיים וטבעיים. - המפעל של TSMC באריזונה מתוכנן לייצר שבבים מתקדמים בגודל 3 ננומטר ו-2 ננומטר, עם מאמצים מתמשכים לשיפור הגיוס המקומי ושיתופי פעולה עם אוניברסיטאות בארה"ב, אם כי האריזה תתבצע בתחילה בטייוואן עד שהמתקן בפאוריה יהיה פעיל.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Zבהקדם אפל תקבל שבבים 'תוצרת אמריקה' ממפעל TSMC באריזונה + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43 אלף נהגים פחות בכבישי מנהטן לאחר הפעלת תמחור גודש]]> + +
  • לאחר יישום תמחור העומס, חלה ירידה של 7.5% במספר הנהגים הנכנסים למנהטן מתחת לרחוב ה-60, מה שמתורגם ל-43,000 נהגים פחות בכל יום חול.
    • +
  • הירידה בתנועה שיפרה את זרימת התנועה והעלתה את מהירות האוטובוסים, כאשר חלק מהאוטובוסים המהירים חווים עלייה במספר הנוסעים.
    • +
  • הרשות המטרופולינית לתחבורה (MTA) משתמשת בהכנסות מאגרות, המוערכות בכ-500 מיליון דולר בשנה, לשיפור התחבורה, למרות התנגדות פוליטית מסוימת.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43 אלף נהגים פחות בכבישי מנהטן לאחר הפעלת תמחור גודש + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[התכונה המיוחדת של Uv היא הפיכת סביבות אד-הוק לקלות.]]> 2025-01-05T00:00:00.000Zגותן: מדפסת עיתונים זעירה Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[וולוו 1993 עם נהיגה עצמית באמצעות Open Pilot]]> - -
  • קבוצת חברים השתתפה במהדורת החורף של מרוץ קרבג' 2025, ראלי בן 6 ימים דרך שבדיה אל המעגל הארקטי וחזרה להלסינקי, הדורש מכוניות בנות לפחות 20 שנה וששוויין יהיה מתחת ל-1000 אירו.
    • -
  • הם הפכו את ה-Volvo 940 Estate משנת 1993 לרכב אוטונומי באמצעות openpilot מ-comma.ai, תוך שילוב רכיבים מודרניים כמו הגה כוח חשמלי, iBooster של Bosch וחיישן רדאר של טסלה.
    • -
  • עדכונים עתידיים יכללו פרטים על חיווט, יחידת בקרת מנוע (ECU) מותאמת אישית, ותוכניות לפתוח את הקוד לקוד פתוח, תוך הדגשת הגישה החדשנית של הפרויקט לשדרוג רכבים ישנים בטכנולוגיה אוטונומית.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Zוולוו 1993 עם נהיגה עצמית באמצעות Open Pilot - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: אלגוריתם רינדור שטח בפחות מ-20 שורות קוד (2020)]]> - -
  • משחק Comanche של NovaLogic משנת 1992 השתמש במנוע Voxel Space, טכניקת רינדור 2.5D המבוססת על הקרנת קרניים, כדי ליצור שטחים מפורטים עם הצללה וצללים.
    • -
  • המנוע Voxel Space השתמש במפות גובה וצבע ובאלגוריתם רינדור פשוט, שצייר קווים אנכיים מאחור לקדימה, שניתן היה לאופטימיזציה לביצועים.
    • -
  • הקוד של המנוע זמין תחת רישיון MIT, אך ייתכן שהטכנולוגיה עדיין מוגנת בפטנט באזורים מסוימים.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: אלגוריתם רינדור שטח בפחות מ-20 שורות קוד (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[איך לצייר קו מתאר במשחק וידאו]]> - -
  • המאמר דן בחמש טכניקות ליצירת קווי מתאר ב-Unity, פלטפורמת פיתוח משחקים פופולרית, ומדגיש את השימוש בהן במשחקים כמו Sable ו-The Last of Us. - הטכניקות כוללות אפקטים של שפה, שחול קודקודים, טשטוש באפר, אלגוריתם קפיצת הצפה, וזיהוי קצוות, כל אחת עם יתרונות ייחודיים ופשרות מבחינת ביצועים ואיכות חזותית. - המאמר מספק תובנות על איזון בין השיטות הללו להשגת אסתטיקה אופטימלית במשחק ותמיכה במשחקיות, עם משאבים נוספים וקרדיטים לדגמים תלת-ממדיים כלולים.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Zאיך לצייר קו מתאר במשחק וידאו - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[אני עוזב את הוושינגטון פוסט]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Zאני עוזב את הוושינגטון פוסט - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[פרפלקסיטי קיבלה פרסומות]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Zפרפלקסיטי קיבלה פרסומות - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/hi.xml b/static/rss/story/hi.xml index 58a0365ce..c086ac933 100644 --- a/static/rss/story/hi.xml +++ b/static/rss/story/hi.xml @@ -15,11 +15,208 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[स्नाइक सुरक्षा शोधकर्ता ने कर्सर.कॉम को लक्षित करते हुए दुर्भावनापूर्ण एनपीएम पैकेज तैनात किए।]]> + +
  • एक Snyk सुरक्षा शोधकर्ता ने Cursor.com, एक AI कोडिंग कंपनी, को लक्षित करते हुए दुर्भावनापूर्ण NPM पैकेज जारी किए, ताकि सिस्टम डेटा एकत्र किया जा सके और इसे हमलावर-नियंत्रित सेवा पर भेजा जा सके।
    • +
  • पैकेजों को "कर्सर-रिट्रीवल," "कर्सर-ऑलवेज-लोकल," और "कर्सर-शैडो-वर्कस्पेस" के रूप में पहचाना गया, जिन्हें OpenSSF पैकेज विश्लेषण स्कैनर द्वारा चिह्नित किया गया, जिसके परिणामस्वरूप परामर्श MAL-2025-27, MAL-2025-28, और MAL-2025-29 जारी किए गए।
    • +
  • यह घटना संभावित सुरक्षा खतरों से बचने के लिए स्थापना से पहले NPM पैकेजों की जांच करने के महत्व को उजागर करती है।
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Zस्नाइक सुरक्षा शोधकर्ता ने कर्सर.कॉम को लक्षित करते हुए दुर्भावनापूर्ण एनपीएम पैकेज तैनात किए। + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[मैंने फ़ायरफ़ॉक्स पर स्विच किया और फिर कभी पीछे मुड़कर नहीं देखा]]> + +
  • फायरफॉक्स को इसके उत्कृष्ट टैब प्रबंधन, लिंक सहेजने के लिए अंतर्निहित पॉकेट फीचर, और गोपनीयता-केंद्रित ईमेल रिले के लिए सराहा जाता है, जो इसे क्रोम का एक मजबूत विकल्प बनाता है। - उपयोगकर्ता के अनुकूल स्क्रीनशॉट टूल, एक चैटजीपीटी बटन, पिक्चर-इन-पिक्चर, अनुकूलन योग्य खोज विकल्प, और स्मूथ स्क्रॉलिंग जैसी अतिरिक्त विशेषताएं ब्राउज़िंग अनुभव को बेहतर बनाती हैं। - हालांकि फायरफॉक्स में क्रोम की वेब ऐप सुविधा की कमी है, लेकिन इसका विचारशील डिज़ाइन और कम संसाधन मांग इसे कुछ उपयोगकर्ताओं के लिए पसंदीदा विकल्प बनाते हैं।
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Zमैंने फ़ायरफ़ॉक्स पर स्विच किया और फिर कभी पीछे मुड़कर नहीं देखा + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[सोनोस के सीईओ ने ऐप अपडेट विवाद के बाद इस्तीफा दिया]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Zसोनोस के सीईओ ने ऐप अपडेट विवाद के बाद इस्तीफा दिया + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[MrBeast के पेट में]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZMrBeast के पेट में + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[GitHub गिट ऑपरेशन्स डाउन हैं]]> + +
  • 13 जनवरी, 2025 को GitHub को एक Git ऑपरेशन्स आउटेज का सामना करना पड़ा, जो आंतरिक लोड बैलेंसर को प्रभावित करने वाले एक कॉन्फ़िगरेशन परिवर्तन के कारण हुआ, और यह 23:35 से 00:24 UTC तक चला। - इस समस्या को कॉन्फ़िगरेशन परिवर्तन को वापस लेकर हल किया गया, और GitHub समान घटनाओं को रोकने के लिए निगरानी और परिनियोजन प्रक्रियाओं में सुधार करने पर काम कर रहा है। - इस आउटेज ने GitHub के Actions और Pages सेवाओं को भी प्रभावित किया, जो उनके प्लेटफ़ॉर्म सेवाओं की आपस में जुड़ी प्रकृति को उजागर करता है।
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZGitHub गिट ऑपरेशन्स डाउन हैं + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 ज़ेडएफएस रैडज़ विस्तार के साथ जारी किया गया]]> + +
  • OpenZFS 2.3.0 जारी किया गया है, जिसमें RAIDZ विस्तार, फास्ट डेडुप्लिकेशन, डायरेक्ट इनपुट/आउटपुट, JSON आउटपुट और लंबे फाइल नामों के लिए समर्थन जैसी महत्वपूर्ण विशेषताएं शामिल हैं। - इस रिलीज में आवश्यक बग फिक्स और प्रदर्शन सुधार शामिल हैं, जो Linux कर्नल 4.18 - 6.12 और FreeBSD संस्करण 13.3, 14.0 - 14.2 के साथ संगत हैं। - यह अपडेट 134 योगदानकर्ताओं के सहयोगात्मक प्रयास का परिणाम है, जिसमें व्यापक दस्तावेज़ीकरण और एक परिवर्तन लॉग समीक्षा के लिए उपलब्ध है।
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 ज़ेडएफएस रैडज़ विस्तार के साथ जारी किया गया + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[वेबटॉप – अल्पाइन, उबंटू, फेडोरा, और आर्च कंटेनर जिनमें पूर्ण डेस्कटॉप वातावरण शामिल हैं]]> + +
  • Linuxserver/webtop अल्पाइन, उबंटू, फेडोरा, और आर्च पर आधारित कंटेनर प्रदान करता है, जो वेब ब्राउज़रों के माध्यम से पूर्ण डेस्कटॉप वातावरण तक पहुंच प्रदान करते हैं, और यह x86-64 और arm64 आर्किटेक्चर दोनों का समर्थन करता है।
    • +
  • उपयोगकर्ता विशेष इमेज टैग का उपयोग करके XFCE, KDE, MATE, i3, Openbox, और IceWM जैसे विभिन्न डेस्कटॉप वातावरणों में से चयन कर सकते हैं, और निर्दिष्ट URL के माध्यम से वेबटॉप तक पहुंच सकते हैं।
    • +
  • सुरक्षा विशेषताओं में Docker का seccomp विकल्प और प्रमाणीकरण सेटअप शामिल हैं, जिसमें पर्यावरण वेरिएबल्स के माध्यम से अनुकूलन विकल्प उपलब्ध हैं, और ओपन-सोर्स ड्राइवर्स के साथ GPU त्वरण के लिए समर्थन शामिल है।
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000Zवेबटॉप – अल्पाइन, उबंटू, फेडोरा, और आर्च कंटेनर जिनमें पूर्ण डेस्कटॉप वातावरण शामिल हैं + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ऑनलाइन नौकरी पोस्टिंग में से 5 में से 1 या तो नकली होती है या कभी भरी नहीं जाती, अध्ययन में पाया गया।]]> + +
  • हाल ही में एक अध्ययन से पता चलता है कि ऑनलाइन नौकरी पोस्टिंग में से 20% या तो नकली हैं या खाली रह जाती हैं, जिससे नौकरी खोजने वालों की निराशा बढ़ जाती है। - यह "भूत नौकरी" प्रवृत्ति कंपनियों के लिए विकास की छवि प्रस्तुत करने की एक रणनीति हो सकती है। - ग्रीनहाउस और लिंक्डइन जैसे नौकरी प्लेटफॉर्म ने उपयोगकर्ताओं को वास्तविक नौकरी के अवसरों की पहचान करने में मदद करने के लिए नौकरी सत्यापन सेवाएं शुरू की हैं।
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Zऑनलाइन नौकरी पोस्टिंग में से 5 में से 1 या तो नकली होती है या कभी भरी नहीं जाती, अध्ययन में पाया गया। + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[चालकों के लिए कुछ सेकंड बचाने के लिए पैदल यात्रियों के लिए चौराहे को असुरक्षित बनाना]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Zचालकों के लिए कुछ सेकंड बचाने के लिए पैदल यात्रियों के लिए चौराहे को असुरक्षित बनाना + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[पोस्टग्रेएसक्यूएल वर्ष 2024 का डेटाबेस प्रबंधन प्रणाली है।]]> + +
  • पोस्टग्रेएसक्यूएल को DB-इंजिन्स द्वारा वर्ष 2024 का DBMS ऑफ द ईयर पुरस्कार दिया गया है, यह सम्मान पांचवीं बार प्राप्त करते हुए, 423 अन्य डेटाबेस प्रबंधन प्रणालियों को पीछे छोड़ दिया है।
    • +
  • पोस्टग्रेएसक्यूएल, जिसकी इतिहास लगभग 35 वर्षों का है, नवाचार करना जारी रखता है, जैसा कि सितंबर 2024 में जारी किए गए पोस्टग्रेएसक्यूएल 17 के हालिया सुधारों में देखा जा सकता है।
    • +
  • स्नोफ्लेक और माइक्रोसॉफ्ट ने क्रमशः दूसरे और तीसरे स्थान पर कब्जा किया, जिसमें स्नोफ्लेक को इसके क्लाउड-आधारित डेटा वेयरहाउसिंग और मल्टी-क्लाउड समर्थन के लिए जाना जाता है, जबकि माइक्रोसॉफ्ट Azure SQL डेटाबेस और SQL सर्वर के माध्यम से मजबूत प्रबंधित रिलेशनल डेटाबेस प्रदान करता है।
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000Zपोस्टग्रेएसक्यूएल वर्ष 2024 का डेटाबेस प्रबंधन प्रणाली है। + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Google का OAuth लॉगिन एक असफल स्टार्टअप डोमेन की खरीद के खिलाफ सुरक्षा नहीं करता है।]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZGoogle का OAuth लॉगिन एक असफल स्टार्टअप डोमेन की खरीद के खिलाफ सुरक्षा नहीं करता है। + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[कोडिंग कौशल का उपयोग करके निष्क्रिय आय अर्जित करना]]> + +
  • लेखक ने एक सीटीओ की भूमिका से एकल उद्यमी के रूप में परिवर्तन किया, और सॉफ्टवेयर उत्पादों के पोर्टफोलियो के माध्यम से अधिक कमाई करने में सफल रहे।
    • +
  • मुख्य रणनीतियों में गहन कार्य पर ध्यान केंद्रित करना, छोटे प्रोजेक्ट्स से शुरुआत करना, तेजी से पुनरावृत्ति करना, और विपणन प्रयासों के लिए समय समर्पित करना शामिल है।
    • +
  • यात्रा अनिश्चितताओं के कारण सहनशीलता पर जोर देती है, लेकिन इस करियर पथ की बेजोड़ स्वायत्तता और स्वतंत्रता को उजागर करती है, जिससे कोडिंग कौशल वाले लोगों को इसे निष्क्रिय आय के लिए विचार करने के लिए प्रोत्साहित किया जाता है।
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Zकोडिंग कौशल का उपयोग करके निष्क्रिय आय अर्जित करना + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[स्पेन ने गैर-ईयू निवासियों द्वारा खरीदे गए घरों पर 100% कर लगाने का प्रस्ताव दिया है]]> + +
  • स्पेन गैर-ईयू निवासियों द्वारा रियल एस्टेट खरीद पर 100% कर लगाने पर विचार कर रहा है, जिसका उद्देश्य आवास संकट को संबोधित करना और सट्टा खरीद को रोकना है।
    • +
  • प्रधानमंत्री पेड्रो सांचेज़ का प्रस्ताव सामाजिक आवास का विस्तार करने और पर्यटक किराए को विनियमित करने को शामिल करता है ताकि आवास की कीमतों और आय के बीच असमानता को दूर किया जा सके।
    • +
  • प्रस्ताव का भविष्य कानून के रूप में अनिश्चित है, कुछ विश्लेषकों का मानना है कि यह विदेशी निवेशकों के लिए एक निवारक के रूप में कार्य कर सकता है बजाय इसके कि यह एक सुनिश्चित विधायी परिवर्तन हो।
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Zस्पेन ने गैर-ईयू निवासियों द्वारा खरीदे गए घरों पर 100% कर लगाने का प्रस्ताव दिया है + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[एप्पल को जल्द ही टीएसएमसी के एरिज़ोना फैब से 'मेड इन अमेरिका' चिप्स प्राप्त होंगे]]> + +
  • एप्पल TSMC की एरिज़ोना सुविधा से प्रोसेसर का परीक्षण कर रहा है, और पहले तिमाही तक बड़े पैमाने पर उत्पादन की योजना बना रहा है, जिससे यह TSMC का पहला अमेरिकी ग्राहक बन सकता है जो स्थानीय रूप से निर्मित चिप्स का उपयोग करेगा। - इस पहल का उद्देश्य अमेरिकी सिलिकॉन स्वतंत्रता को बढ़ावा देना है, जिससे ताइवान पर निर्भरता कम हो सके, जो भू-राजनीतिक और प्राकृतिक जोखिमों के प्रति संवेदनशील है। - TSMC की एरिज़ोना फैब उन्नत 3nm और 2nm चिप्स का उत्पादन करने के लिए तैयार है, स्थानीय भर्ती को बढ़ावा देने और अमेरिकी विश्वविद्यालयों के साथ साझेदारी के प्रयास जारी हैं, हालांकि पैकेजिंग शुरू में ताइवान में होगी जब तक कि पियोरिया सुविधा चालू नहीं हो जाती।
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Zएप्पल को जल्द ही टीएसएमसी के एरिज़ोना फैब से 'मेड इन अमेरिका' चिप्स प्राप्त होंगे + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[भीड़भाड़ मूल्य निर्धारण चालू होने के बाद मैनहट्टन की सड़कों पर 43 हजार कम ड्राइवर हैं।]]> + +
  • भीड़भाड़ मूल्य निर्धारण लागू होने के बाद, 60वीं स्ट्रीट के नीचे मैनहट्टन में प्रवेश करने वाले ड्राइवरों में 7.5% की कमी आई, जो प्रत्येक सप्ताह के दिन 43,000 कम ड्राइवरों के बराबर है।
    • +
  • यातायात में कमी ने यातायात प्रवाह में सुधार किया है और बसों की गति बढ़ाई है, जिससे कुछ एक्सप्रेस बसों में अधिक यात्री संख्या देखी गई है।
    • +
  • मेट्रोपॉलिटन ट्रांसपोर्टेशन अथॉरिटी (एमटीए) कुछ राजनीतिक विरोध के बावजूद, ट्रांजिट सुधारों के लिए टोल राजस्व का उपयोग करती है, जिसकी वार्षिक अनुमानित राशि $500 मिलियन है।
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Zभीड़भाड़ मूल्य निर्धारण चालू होने के बाद मैनहट्टन की सड़कों पर 43 हजार कम ड्राइवर हैं। + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Uv की प्रमुख विशेषता तात्कालिक वातावरण को आसान बनाना है।]]> 2025-01-05T00:00:00.000Zगुटेन: एक छोटा समाचार पत्र प्रिंटर Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[स्वचालित ड्राइविंग 1993 वोल्वो ओपन पायलट के साथ]]> - -
  • दोस्तों के एक समूह ने कार्बेज रन 2025 विंटर संस्करण में भाग लिया, जो स्वीडन के माध्यम से ध्रुवीय वृत्त तक और फिर हेलसिंकी वापस जाने वाली 6-दिवसीय रैली थी, जिसमें कारों की उम्र कम से कम 20 साल होनी चाहिए और उनकी कीमत €1000 से कम होनी चाहिए।
    • -
  • उन्होंने 1993 वोल्वो 940 एस्टेट को एक स्व-चालित वाहन में बदल दिया, जिसमें कॉमा.एआई से ओपनपायलट का उपयोग किया गया, और आधुनिक घटकों जैसे इलेक्ट्रिक पावर स्टीयरिंग, एक बॉश आईबूस्टर, और एक टेस्ला रडार सेंसर को शामिल किया।
    • -
  • भविष्य के अपडेट में वायरिंग, एक कस्टम इंजन कंट्रोल यूनिट (ECU) के विवरण और कोड को ओपन-सोर्स करने की योजनाएं शामिल होंगी, जो पुराने वाहनों को स्वायत्त तकनीक के साथ रेट्रोफिट करने के लिए परियोजना के नवाचारी दृष्टिकोण को उजागर करती हैं।
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Zस्वचालित ड्राइविंग 1993 वोल्वो ओपन पायलट के साथ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[वोक्सलस्पेस: 20 से कम लाइनों के कोड में भू-भाग प्रतिपादन एल्गोरिदम (2020)]]> - -
  • नोवा लॉजिक का 1992 का खेल कोमांचे ने वोक्सल स्पेस इंजन का उपयोग किया, जो कि रे कास्टिंग पर आधारित एक 2.5D रेंडरिंग तकनीक है, ताकि छायांकन और छायाओं के साथ विस्तृत भूभाग तैयार किया जा सके।
    • -
  • वोक्सल स्पेस इंजन ने ऊंचाई और रंग मानचित्रों का उपयोग किया और एक सरल रेंडरिंग एल्गोरिदम का उपयोग किया, जो पीछे से आगे की ओर ऊर्ध्वाधर रेखाएं खींचता था, जिसे प्रदर्शन के लिए अनुकूलित किया जा सकता था।
    • -
  • इंजन का कोड MIT लाइसेंस के तहत उपलब्ध है, लेकिन तकनीक अभी भी कुछ क्षेत्रों में पेटेंट हो सकती है।
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000Zवोक्सलस्पेस: 20 से कम लाइनों के कोड में भू-भाग प्रतिपादन एल्गोरिदम (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[वीडियो गेम में एक रूपरेखा कैसे बनाएं]]> - -
  • लेख में यूनिटी, एक लोकप्रिय गेम विकास प्लेटफॉर्म में रूपरेखाओं को प्रस्तुत करने के लिए पांच तकनीकों पर चर्चा की गई है, जो Sable और The Last of Us जैसे खेलों में उनके उपयोग को उजागर करती है। - तकनीकों में रिम इफेक्ट्स, वर्टेक्स एक्सट्रूज़न, ब्लर बफर, जंप फ्लड एल्गोरिदम, और एज डिटेक्शन शामिल हैं, जिनमें से प्रत्येक के प्रदर्शन और दृश्य गुणवत्ता के मामले में अद्वितीय लाभ और समझौते हैं। - लेख खेल की सौंदर्यशास्त्र और गेमप्ले समर्थन के लिए इन विधियों को संतुलित करने की अंतर्दृष्टि प्रदान करता है, जिसमें अतिरिक्त संसाधन और 3D मॉडल के लिए क्रेडिट शामिल हैं।
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Zवीडियो गेम में एक रूपरेखा कैसे बनाएं - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[मैं वाशिंगटन पोस्ट छोड़ रहा हूँ]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Zमैं वाशिंगटन पोस्ट छोड़ रहा हूँ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[पर्प्लेक्सिटी को विज्ञापन मिले]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Zपर्प्लेक्सिटी को विज्ञापन मिले - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/hu.xml b/static/rss/story/hu.xml index e9b075993..d6453e158 100644 --- a/static/rss/story/hu.xml +++ b/static/rss/story/hu.xml @@ -15,11 +15,212 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[„A Snyk biztonsági kutató rosszindulatú NPM csomagokat telepít, amelyek a cursor.com-ot célozzák meg.”]]> + +
  • „Egy Snyk biztonsági kutató rosszindulatú NPM csomagokat adott ki, amelyek a Cursor.com nevű AI kódoló céget célozták meg, hogy rendszert adatokat gyűjtsenek és azokat egy támadó által irányított szolgáltatásnak küldjék el.”
    • +
  • „A csomagokat, amelyeket "cursor-retrieval", "cursor-always-local" és "cursor-shadow-workspace" néven azonosítottak, az OpenSSF csomagelemző szkenner jelölte meg, ami a MAL-2025-27, MAL-2025-28 és MAL-2025-29 figyelmeztetésekhez vezetett.”
    • +
  • „Ez az eset rávilágít arra, hogy mennyire fontos alaposan megvizsgálni az NPM csomagokat a telepítés előtt, hogy elkerüljük a lehetséges biztonsági fenyegetéseket.”
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Z„A Snyk biztonsági kutató rosszindulatú NPM csomagokat telepít, amelyek a cursor.com-ot célozzák meg.” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Átváltottam a Firefoxra, és soha nem néztem vissza”]]> + +
  • „A Firefoxot dicsérik a kiváló lapkezeléséért, a beépített Pocket funkcióért, amely lehetővé teszi a linkek mentését, valamint a magánéletre összpontosító e-mail továbbításért, ami erős alternatívává teszi a Chrome-mal szemben. - További funkciók, mint a felhasználóbarát képernyőkép eszköz, a ChatGPT gomb, a kép a képben mód, testreszabható keresési lehetőségek és a sima görgetés javítják a böngészési élményt. - Bár a Firefox nem rendelkezik a Chrome webalkalmazás funkciójával, átgondolt kialakítása és csökkentett erőforrásigénye miatt néhány felhasználó számára előnyben részesített választás.”
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Z„Átváltottam a Firefoxra, és soha nem néztem vissza” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„A Sonos vezérigazgatója lemond az alkalmazás frissítési fiaskója után”]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Z„A Sonos vezérigazgatója lemond az alkalmazás frissítési fiaskója után” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„A MrBeast gyomrában”]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Z„A MrBeast gyomrában” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„A GitHub Git műveletei nem működnek”]]> + +
  • „A GitHub 2025. január 13-án Git műveletek kiesésével szembesült egy konfigurációs változtatás miatt, amely az belső terheléselosztót érintette, és 23:35-től 00:24 UTC-ig tartott. - A problémát a konfigurációs változtatás visszavonásával oldották meg, és a GitHub azon dolgozik, hogy javítsa a monitorozási és telepítési folyamatokat, hogy megelőzze a hasonló eseteket. - A kiesés a GitHub Actions és Pages szolgáltatásait is érintette, kiemelve a platformszolgáltatásaik összekapcsolt jellegét.”
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000Z„A GitHub Git műveletei nem működnek” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Megjelent a ZFS 2.3 a ZFS raidz bővítéssel”]]> + +
  • „Megjelent az OpenZFS 2.3.0, amely jelentős új funkciókat vezet be, mint például a RAIDZ bővítés, a gyors deduplikáció, a közvetlen bemenet/kimenet, a JSON kimenet és a hosszú fájlnevek támogatása. - A kiadás alapvető hibajavításokat és teljesítményjavításokat tartalmaz, kompatibilis a 4.18 - 6.12 Linux kernel verziókkal és a FreeBSD 13.3, 14.0 - 14.2 verzióival. - A frissítés 134 közreműködő közös munkájának eredménye, részletes dokumentációval és változásnaplóval, amely elérhető áttekintésre.”
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000Z„Megjelent a ZFS 2.3 a ZFS raidz bővítéssel” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Webtop – Alpine, Ubuntu, Fedora és Arch konténerek, amelyek teljes asztali környezeteket tartalmaznak”]]> + +
  • „A Linuxserver/webtop konténereket biztosít Alpine, Ubuntu, Fedora és Arch alapokon, teljes asztali környezettel, amelyek web böngészőkön keresztül érhetők el, támogatva mind az x86-64, mind az arm64 architektúrákat.”
    • +
  • „A felhasználók különböző asztali környezetek közül választhatnak, mint például az XFCE, KDE, MATE, i3, Openbox és IceWM, speciális képcímkék használatával, és a Webtopot kijelölt URL-ek segítségével érhetik el.”
    • +
  • „A biztonsági funkciók közé tartozik a Docker seccomp opciója és a hitelesítési beállítás, testreszabási lehetőségekkel a környezeti változókon keresztül, valamint támogatás a GPU gyorsításhoz nyílt forráskódú illesztőprogramokkal.”
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000Z„Webtop – Alpine, Ubuntu, Fedora és Arch konténerek, amelyek teljes asztali környezeteket tartalmaznak” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Egy tanulmány szerint az online álláshirdetések közül 5-ből 1 vagy hamis, vagy soha nem töltik be.”]]> + +
  • „Egy friss tanulmány szerint az online álláshirdetések 20%-a vagy hamis, vagy betöltetlen marad, ami növeli az álláskeresők frusztrációját. - Ez a „szellemállás” trend talán egy taktika a vállalatok részéről, hogy növekedési képet vetítsenek előre. - Az olyan állásplatformok, mint a Greenhouse és a LinkedIn, álláshirdetés-ellenőrzési szolgáltatásokat vezettek be, hogy segítsenek a felhasználóknak azonosítani a valódi álláslehetőségeket.”
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z„Egy tanulmány szerint az online álláshirdetések közül 5-ből 1 vagy hamis, vagy soha nem töltik be.” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Egy kereszteződést veszélyessé tenni a gyalogosok számára, hogy másodperceket spóroljanak az autósoknak”]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Z„Egy kereszteződést veszélyessé tenni a gyalogosok számára, hogy másodperceket spóroljanak az autósoknak” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„A PostgreSQL a 2024-es év adatbázis-kezelő rendszere”]]> + +
  • „A PostgreSQL elnyerte a 2024-es Év DBMS-e díjat a DB-Engines-től, ezzel ötödik alkalommal kapta meg ezt az elismerést, megelőzve 423 másik adatbázis-kezelő rendszert.”
    • +
  • „A PostgreSQL, amelynek története közel 35 évre nyúlik vissza, továbbra is innovatív, amit a 2024 szeptemberében megjelent PostgreSQL 17 legújabb fejlesztései is bizonyítanak.”
    • +
  • „A Snowflake és a Microsoft a második és harmadik helyet szerezték meg, a Snowflake a felhőalapú adattárolásáról és a többfelhős támogatásáról ismert, míg a Microsoft az Azure SQL Database és az SQL Server révén erős, kezelt relációs adatbázisokat kínál.”
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000Z„A PostgreSQL a 2024-es év adatbázis-kezelő rendszere” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„A Google OAuth bejelentkezése nem véd a sikertelen startup domainjének megvásárlása ellen”]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Z„A Google OAuth bejelentkezése nem véd a sikertelen startup domainjének megvásárlása ellen” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Kódolási készségek használata passzív jövedelem szerzésére”]]> + +
  • „A szerző a CTO szerepkörből solopreneurré vált, és sikeresen többet keresett egy szoftvertermék-portfólió révén.”
    • +
  • „A kulcsfontosságú stratégiák közé tartozik a mély munkára való összpontosítás, a kis projektekkel való kezdés, a gyors iteráció, valamint az idő szentelése a marketing tevékenységekre.”
    • +
  • „Az utazás a bizonytalanságok miatt a rugalmasságot hangsúlyozza, de kiemeli ennek a karrierútnak a páratlan autonómiáját és szabadságát, bátorítva azokat, akik kódolási készségekkel rendelkeznek, hogy fontolják meg passzív jövedelemforrásként.”
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Z„Kódolási készségek használata passzív jövedelem szerzésére” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Spanyolország 100%-os adót javasol az EU-n kívüli lakosok által vásárolt ingatlanokra”]]> + +
  • „Spanyolország fontolóra veszi a 100%-os adó bevezetését az ingatlanvásárlásokra nem EU-s lakosok esetében, azzal a céllal, hogy kezelje a lakhatási válságot és visszaszorítsa a spekulatív vásárlásokat.”
    • +
  • „Pedro Sánchez miniszterelnök javaslata magában foglalja a szociális lakások bővítését és a turisztikai bérlések szabályozását, hogy kezelje a lakásárak és a jövedelmek közötti különbséget.”
    • +
  • „A javaslat jövője, mint törvény, bizonytalan, mivel egyes elemzők inkább elrettentésként tekintenek rá a külföldi befektetők számára, semmint garantált jogszabályi változásként.”
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Z„Spanyolország 100%-os adót javasol az EU-n kívüli lakosok által vásárolt ingatlanokra” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Az Apple hamarosan 'Amerikában készült' chipeket fog kapni a TSMC arizonai gyárából”]]> + +
  • „Az Apple teszteli a TSMC arizonai létesítményéből származó processzorokat, és tervezi a tömeggyártást az első negyedévre, potenciálisan a TSMC első amerikai ügyfelévé válva a helyben gyártott chipek tekintetében. - Ez az kezdeményezés célja az amerikai szilícium függetlenség erősítése, csökkentve a Tajvantól való függőséget, amely geopolitikai és természeti kockázatoknak van kitéve. - A TSMC arizonai gyára fejlett 3nm és 2nm chipeket fog gyártani, folyamatos erőfeszítésekkel a helyi toborzás és az amerikai egyetemekkel való partnerségek javítására, bár a csomagolás kezdetben Tajvanon fog történni, amíg a Peoria létesítmény működőképessé nem válik.”
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Z„Az Apple hamarosan 'Amerikában készült' chipeket fog kapni a TSMC arizonai gyárából” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„43 ezerrel kevesebb sofőr van Manhattan útjain, miután bevezették a dugódíjat”]]> + +
  • „Miután bevezették a dugódíjat, 7,5%-kal csökkent a Manhattanbe a 60. utca alá behajtó autósok száma, ami napi 43 000-rel kevesebb autóst jelentett hétköznaponként.”
    • +
  • „A forgalom csökkenése javította a közlekedés áramlását és növelte a buszok sebességét, néhány expressz busz esetében pedig megnövekedett az utasforgalom.”
    • +
  • „A Metropolitan Transportation Authority (MTA) az évi 500 millió dollárra becsült útdíjbevételt közlekedési fejlesztésekre használja fel, annak ellenére, hogy némi politikai ellenállás tapasztalható.”
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z„43 ezerrel kevesebb sofőr van Manhattan útjain, miután bevezették a dugódíjat” + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[„Uv legnagyobb előnye, hogy az ad-hoc környezetek létrehozását egyszerűvé teszi”]]> 2025-01-05T00:00:00.000Z„Guten: Egy apró újságnyomtató” Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[„Önvezető 1993-as Volvo nyílt pilótával”]]> - -
  • „Egy baráti társaság részt vett a Carbage Run 2025 téli kiadásán, egy 6 napos rallyn Svédországon keresztül a sarkkörig és vissza Helsinkibe, amelyen a járműveknek legalább 20 éveseknek kell lenniük, és értékük nem haladhatja meg az 1000 eurót.”
    • -
  • „Átalakítottak egy 1993-as Volvo 940 Estate modellt önvezető járművé a comma.ai openpilot rendszerével, modern alkatrészeket, például elektromos szervokormányt, Bosch iBooster-t és Tesla radarérzékelőt beépítve.”
    • -
  • „A jövőbeli frissítések részleteket tartalmaznak majd a vezetékezésről, egy egyedi motorvezérlő egységről (ECU), valamint a kód nyílt forráskódúvá tételének terveiről, kiemelve a projekt innovatív megközelítését a régebbi járművek önvezető technológiával való felszerelésére.”
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z„Önvezető 1993-as Volvo nyílt pilótával” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„VoxelSpace: Domborzatmegjelenítő algoritmus kevesebb mint 20 sor kódban (2020)”]]> - -
  • „A NovaLogic 1992-es Comanche játéka a Voxel Space motorral készült, amely egy 2.5D-s renderelési technika, amely sugárvetítésen alapul, és részletes terepeket hoz létre árnyékolással és árnyékokkal.”
    • -
  • „A Voxel Space motor magassági és színtérképeket használt, valamint egy egyszerű renderelési algoritmust, amely hátulról előre rajzolta a függőleges vonalakat, és amelyet teljesítmény szempontjából lehetett optimalizálni.”
    • -
  • „A motor kódja elérhető az MIT licenc alatt, de a technológia bizonyos régiókban még mindig szabadalmaztatott lehet.”
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000Z„VoxelSpace: Domborzatmegjelenítő algoritmus kevesebb mint 20 sor kódban (2020)” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Hogyan rajzoljunk körvonalat egy videojátékban”]]> - -
  • „A cikk öt technikát tárgyal az Unity-ben, egy népszerű játékfejlesztési platformon, az körvonalak megjelenítésére, kiemelve azok használatát olyan játékokban, mint a Sable és a The Last of Us. - A technikák közé tartozik a Rim Effects, a Vertex Extrusion, a Blurred Buffer, a Jump Flood Algorithm és az Edge Detection, mindegyik egyedi előnyökkel és kompromisszumokkal rendelkezik a teljesítmény és a vizuális minőség szempontjából. - A cikk betekintést nyújt ezen módszerek kiegyensúlyozásába az optimális játékesztétika és játékmenet támogatása érdekében, további forrásokkal és 3D modellekhez kapcsolódó kreditekkel.”
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Z„Hogyan rajzoljunk körvonalat egy videojátékban” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Felmondok a Washington Postnál”]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Z„Felmondok a Washington Postnál” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„A Perplexity reklámokat kapott”]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Z„A Perplexity reklámokat kapott” - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/id.xml b/static/rss/story/id.xml index 60b2e256b..e3fc9fa75 100644 --- a/static/rss/story/id.xml +++ b/static/rss/story/id.xml @@ -15,11 +15,206 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[Tidak ada teks yang diberikan untuk diterjemahkan.]]> + +
  • Seorang peneliti keamanan dari Snyk merilis paket NPM berbahaya yang menargetkan Cursor.com, sebuah perusahaan pemrograman AI, untuk mengumpulkan data sistem dan mengirimkannya ke layanan yang dikendalikan oleh penyerang.
    • +
  • Tiga paket, yang diidentifikasi sebagai "cursor-retrieval," "cursor-always-local," dan "cursor-shadow-workspace," ditandai oleh pemindai analisis paket OpenSSF, menghasilkan peringatan MAL-2025-27, MAL-2025-28, dan MAL-2025-29.
    • +
  • Insiden ini menyoroti pentingnya memeriksa paket NPM sebelum instalasi untuk menghindari potensi ancaman keamanan.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZTidak ada teks yang diberikan untuk diterjemahkan. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Saya Beralih ke Firefox dan Tidak Pernah Menyesal]]> + +
  • Firefox dipuji karena manajemen tab yang superior, fitur Pocket bawaan untuk menyimpan tautan, dan relay email yang berfokus pada privasi, menjadikannya alternatif yang kuat untuk Chrome. - Fitur tambahan seperti alat tangkapan layar yang ramah pengguna, tombol ChatGPT, Picture-in-Picture, opsi pencarian yang dapat disesuaikan, dan pengguliran yang mulus meningkatkan pengalaman menjelajah. - Meskipun Firefox tidak memiliki fitur aplikasi web Chrome, desainnya yang bijaksana dan permintaan sumber daya yang lebih rendah membuatnya menjadi pilihan yang disukai bagi beberapa pengguna.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZSaya Beralih ke Firefox dan Tidak Pernah Menyesal + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[CEO Sonos mengundurkan diri setelah kekacauan pembaruan aplikasi]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZCEO Sonos mengundurkan diri setelah kekacauan pembaruan aplikasi + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Di dalam perut MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZDi dalam perut MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Operasi Git di GitHub Sedang Mengalami Gangguan]]> + +
  • GitHub mengalami gangguan operasi Git pada 13 Januari 2025, akibat perubahan konfigurasi yang mempengaruhi penyeimbang beban internal, yang berlangsung dari pukul 23:35 hingga 00:24 UTC. - Masalah ini diselesaikan dengan mengembalikan perubahan konfigurasi, dan GitHub sedang berupaya meningkatkan pemantauan dan proses penerapan untuk mencegah insiden serupa. - Gangguan ini juga mempengaruhi layanan Actions dan Pages GitHub, menyoroti sifat saling terhubung dari layanan platform mereka.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZOperasi Git di GitHub Sedang Mengalami Gangguan + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 dirilis dengan ekspansi ZFS raidz]]> + +
  • OpenZFS 2.3.0 telah dirilis, memperkenalkan fitur-fitur signifikan seperti Ekspansi RAIDZ, Deduplication Cepat, Input/Output Langsung, keluaran JSON, dan dukungan untuk nama file panjang. - Rilis ini mencakup perbaikan bug penting dan peningkatan kinerja, kompatibel dengan kernel Linux 4.18 - 6.12 dan versi FreeBSD 13.3, 14.0 - 14.2. - Pembaruan ini merupakan upaya kolaboratif dari 134 kontributor, dengan dokumentasi lengkap dan log perubahan tersedia untuk ditinjau.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 dirilis dengan ekspansi ZFS raidz + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Kontainer Alpine, Ubuntu, Fedora, dan Arch yang berisi lingkungan desktop lengkap]]> + +
  • Linuxserver/webtop menyediakan kontainer berbasis Alpine, Ubuntu, Fedora, dan Arch dengan lingkungan desktop penuh yang dapat diakses melalui peramban web, mendukung arsitektur x86-64 dan arm64.
    • +
  • Pengguna dapat memilih dari berbagai lingkungan desktop seperti XFCE, KDE, MATE, i3, Openbox, dan IceWM dengan menggunakan tag gambar tertentu, dan mengakses Webtop melalui URL yang ditentukan.
    • +
  • Fitur keamanan mencakup opsi seccomp Docker dan pengaturan autentikasi, dengan opsi kustomisasi yang tersedia melalui variabel lingkungan, serta dukungan untuk akselerasi GPU dengan driver sumber terbuka.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Kontainer Alpine, Ubuntu, Fedora, dan Arch yang berisi lingkungan desktop lengkap + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 dari 5 lowongan pekerjaan online adalah palsu atau tidak pernah terisi, menurut sebuah studi.]]> + +
  • Studi terbaru menunjukkan bahwa 20% dari lowongan pekerjaan online adalah palsu atau tetap tidak terisi, menambah frustrasi para pencari kerja. - Tren "pekerjaan hantu" ini mungkin merupakan taktik bagi perusahaan untuk memproyeksikan citra pertumbuhan. - Platform pekerjaan seperti Greenhouse dan LinkedIn telah memperkenalkan layanan verifikasi pekerjaan untuk membantu pengguna mengidentifikasi peluang kerja yang asli.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 dari 5 lowongan pekerjaan online adalah palsu atau tidak pernah terisi, menurut sebuah studi. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Membuat persimpangan tidak aman bagi pejalan kaki demi menghemat beberapa detik bagi pengemudi]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZMembuat persimpangan tidak aman bagi pejalan kaki demi menghemat beberapa detik bagi pengemudi + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL adalah Sistem Manajemen Basis Data Tahun 2024]]> + +
  • PostgreSQL telah dianugerahi DBMS of the Year 2024 oleh DB-Engines, meraih pengakuan ini untuk kelima kalinya, melampaui 423 sistem manajemen basis data lainnya.
    • +
  • PostgreSQL, dengan sejarah yang mencakup hampir 35 tahun, terus berinovasi, seperti yang terlihat dalam peningkatan terbaru PostgreSQL 17, yang dirilis pada September 2024.
    • +
  • Snowflake dan Microsoft masing-masing menempati posisi kedua dan ketiga, dengan Snowflake dikenal karena penyimpanan data berbasis cloud dan dukungan multi-cloud, sementara Microsoft menawarkan basis data relasional terkelola yang kuat melalui Azure SQL Database dan SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL adalah Sistem Manajemen Basis Data Tahun 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Login OAuth Google tidak melindungi terhadap pembelian domain startup yang gagal.]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZLogin OAuth Google tidak melindungi terhadap pembelian domain startup yang gagal. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Memanfaatkan keterampilan pemrograman untuk menghasilkan pendapatan pasif]]> + +
  • Penulis beralih dari peran CTO menjadi solopreneur, berhasil mendapatkan lebih banyak melalui portofolio produk perangkat lunak.
    • +
  • Strategi utama meliputi fokus pada pekerjaan mendalam, memulai dengan proyek kecil, iterasi cepat, dan mendedikasikan waktu untuk upaya pemasaran.
    • +
  • Teks ini menekankan ketahanan menghadapi ketidakpastian, tetapi menyoroti otonomi dan kebebasan yang tak tertandingi dari jalur karier ini, mendorong mereka yang memiliki keterampilan pemrograman untuk mempertimbangkannya sebagai sumber pendapatan pasif.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZMemanfaatkan keterampilan pemrograman untuk menghasilkan pendapatan pasif + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Spanyol mengusulkan pajak 100% pada rumah yang dibeli oleh penduduk non-Uni Eropa.]]> + +
  • Spanyol sedang mempertimbangkan pajak 100% pada pembelian real estat oleh penduduk non-Uni Eropa, dengan tujuan untuk mengatasi krisis perumahan dan mengekang pembelian spekulatif.
    • +
  • Proposal Perdana Menteri Pedro Sánchez mencakup perluasan perumahan sosial dan pengaturan penyewaan wisata untuk mengatasi kesenjangan antara harga rumah dan pendapatan.
    • +
  • Tidak pasti apakah proposal tersebut akan menjadi undang-undang, dengan beberapa analis melihatnya lebih sebagai penghalang bagi investor asing daripada perubahan legislatif yang dijamin.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZSpanyol mengusulkan pajak 100% pada rumah yang dibeli oleh penduduk non-Uni Eropa. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple akan segera menerima chip 'buatan Amerika' dari pabrik TSMC di Arizona]]> + +
  • Apple sedang menguji prosesor dari fasilitas TSMC di Arizona, dengan rencana untuk produksi massal pada kuartal pertama, yang berpotensi menjadikan Apple sebagai pelanggan pertama TSMC di AS untuk chip yang diproduksi secara lokal. - Inisiatif ini bertujuan untuk memperkuat kemandirian silikon AS, mengurangi ketergantungan pada Taiwan, yang rentan terhadap risiko geopolitik dan alam. - Pabrik TSMC di Arizona akan memproduksi chip canggih 3nm dan 2nm, dengan upaya berkelanjutan untuk meningkatkan perekrutan lokal dan kemitraan dengan universitas di AS, meskipun pengemasan awalnya akan dilakukan di Taiwan hingga fasilitas di Peoria beroperasi.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple akan segera menerima chip 'buatan Amerika' dari pabrik TSMC di Arizona + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43 ribu lebih sedikit pengemudi di jalan-jalan Manhattan setelah penetapan harga kemacetan diaktifkan]]> + +
  • Setelah penerapan harga kemacetan, terjadi pengurangan sebesar 7,5% pada pengemudi yang memasuki Manhattan di bawah 60th Street, yang setara dengan 43.000 pengemudi lebih sedikit setiap hari kerja.
    • +
  • Pengurangan lalu lintas telah memperbaiki aliran lalu lintas dan meningkatkan kecepatan bus, dengan beberapa bus ekspres mengalami peningkatan jumlah penumpang.
    • +
  • The Metropolitan Transportation Authority (MTA) menggunakan pendapatan tol, yang diperkirakan mencapai $500 juta per tahun, untuk perbaikan transportasi, meskipun ada beberapa oposisi politik.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43 ribu lebih sedikit pengemudi di jalan-jalan Manhattan setelah penetapan harga kemacetan diaktifkan + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Fitur unggulan Uv adalah memudahkan pembuatan lingkungan ad-hoc]]> 2025-01-05T00:00:00.000ZGuten: Sebuah Printer Koran Mini Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Mobil Volvo tahun 1993 dengan sistem kemudi otomatis]]> - -
  • Sekelompok teman berpartisipasi dalam Carbage Run edisi Musim Dingin 2025, sebuah reli selama 6 hari melalui Swedia menuju lingkaran kutub dan kembali ke Helsinki, yang mengharuskan mobil berusia setidaknya 20 tahun dan bernilai di bawah €1000.
    • -
  • Mereka mengubah Volvo 940 Estate tahun 1993 menjadi kendaraan otonom menggunakan openpilot dari comma.ai, dengan menggabungkan komponen modern seperti kemudi listrik, Bosch iBooster, dan sensor radar Tesla.
    • -
  • Pembaruan di masa depan akan mencakup detail tentang pengkabelan, Unit Kontrol Mesin (ECU) khusus, dan rencana untuk membuka kode sumber, menyoroti pendekatan inovatif proyek ini dalam memodifikasi kendaraan lama dengan teknologi otonom.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZMobil Volvo tahun 1993 dengan sistem kemudi otomatis - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Algoritma rendering medan dalam kurang dari 20 baris kode (2020)]]> - -
  • Permainan Comanche dari NovaLogic tahun 1992 menggunakan mesin Voxel Space, sebuah teknik rendering 2.5D yang didasarkan pada ray casting, untuk menciptakan medan yang terperinci dengan bayangan dan naungan.
    • -
  • Mesin Voxel Space menggunakan peta ketinggian dan warna serta algoritma rendering sederhana, menggambar garis vertikal dari belakang ke depan, yang dapat dioptimalkan untuk kinerja.
    • -
  • Teks mesin tersedia di bawah lisensi MIT, tetapi teknologinya mungkin masih dipatenkan di wilayah tertentu.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Algoritma rendering medan dalam kurang dari 20 baris kode (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Bagaimana cara menggambar garis besar dalam permainan video]]> - -
  • Artikel tersebut membahas lima teknik untuk membuat garis tepi di Unity, sebuah platform pengembangan game yang populer, dengan menyoroti penggunaannya dalam game seperti Sable dan The Last of Us. - Teknik-teknik tersebut meliputi Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm, dan Edge Detection, masing-masing dengan keunggulan dan kompromi unik dalam hal kinerja dan kualitas visual. - Artikel ini memberikan wawasan tentang cara menyeimbangkan metode-metode ini untuk estetika game yang optimal dan dukungan gameplay, dengan sumber daya tambahan dan kredit untuk model 3D yang disertakan.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZBagaimana cara menggambar garis besar dalam permainan video - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Saya berhenti dari Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZSaya berhenti dari Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity mendapatkan iklan]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity mendapatkan iklan - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/it.xml b/static/rss/story/it.xml index 92fd16e03..dac1579e2 100644 --- a/static/rss/story/it.xml +++ b/static/rss/story/it.xml @@ -15,11 +15,211 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[Un ricercatore di sicurezza di Snyk distribuisce pacchetti NPM dannosi prendendo di mira cursor.com]]> + +
  • Un ricercatore di sicurezza di Snyk ha rilasciato pacchetti NPM dannosi mirati a Cursor.com, un'azienda di codifica AI, per raccogliere dati di sistema e inviarli a un servizio controllato da un attaccante.
    • +
  • I pacchetti, identificati come "cursor-retrieval", "cursor-always-local" e "cursor-shadow-workspace", sono stati segnalati dallo scanner di analisi dei pacchetti OpenSSF, risultando negli avvisi MAL-2025-27, MAL-2025-28 e MAL-2025-29.
    • +
  • Questo incidente evidenzia l'importanza di esaminare attentamente i pacchetti NPM prima dell'installazione per evitare potenziali minacce alla sicurezza.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZUn ricercatore di sicurezza di Snyk distribuisce pacchetti NPM dannosi prendendo di mira cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Io sono passato a Firefox e non sono mai tornato indietro]]> + +
  • Firefox è apprezzato per la sua gestione superiore delle schede, la funzione Pocket integrata per salvare i link e un servizio di inoltro email incentrato sulla privacy, rendendolo una valida alternativa a Chrome. - Funzionalità aggiuntive come uno strumento di screenshot facile da usare, un pulsante ChatGPT, la modalità Picture-in-Picture, opzioni di ricerca personalizzabili e uno scorrimento fluido migliorano l'esperienza di navigazione. - Sebbene Firefox manchi della funzione di app web di Chrome, il suo design attento e la ridotta richiesta di risorse lo rendono una scelta preferita per alcuni utenti.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZIo sono passato a Firefox e non sono mai tornato indietro + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Il CEO di Sonos si dimette dopo il fiasco dell'aggiornamento dell'app]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZIl CEO di Sonos si dimette dopo il fiasco dell'aggiornamento dell'app + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Nella pancia di MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZNella pancia di MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Le operazioni Git su GitHub sono inattive]]> + +
  • GitHub ha affrontato un'interruzione delle operazioni Git il 13 gennaio 2025, a causa di una modifica di configurazione che ha influenzato il bilanciatore di carico interno, durata dalle 23:35 alle 00:24 UTC. - Il problema è stato risolto ripristinando la modifica di configurazione, e GitHub sta lavorando per migliorare i processi di monitoraggio e distribuzione per prevenire incidenti simili. - L'interruzione ha anche influenzato i servizi Actions e Pages di GitHub, evidenziando la natura interconnessa dei loro servizi di piattaforma.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZLe operazioni Git su GitHub sono inattive + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 rilasciato con espansione ZFS raidz]]> + +
  • OpenZFS 2.3.0 è stato rilasciato, introducendo funzionalità significative come l'espansione RAIDZ, la deduplicazione veloce, l'input/output diretto, l'output JSON e il supporto per nomi di file lunghi. - Il rilascio include correzioni di bug essenziali e miglioramenti delle prestazioni, compatibile con i kernel Linux 4.18 - 6.12 e le versioni FreeBSD 13.3, 14.0 - 14.2. - L'aggiornamento è uno sforzo collaborativo di 134 contributori, con documentazione completa e un registro delle modifiche disponibile per la revisione.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 rilasciato con espansione ZFS raidz + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Contenitori Alpine, Ubuntu, Fedora e Arch contenenti ambienti desktop completi]]> + +
  • Linuxserver/webtop fornisce container basati su Alpine, Ubuntu, Fedora e Arch con ambienti desktop completi accessibili tramite browser web, supportando sia le architetture x86-64 che arm64.
    • +
  • Gli utenti possono scegliere tra vari ambienti desktop come XFCE, KDE, MATE, i3, Openbox e IceWM utilizzando tag di immagine specifici e accedere al Webtop tramite URL designati.
    • +
  • Le funzionalità di sicurezza includono l'opzione seccomp di Docker e la configurazione dell'autenticazione, con opzioni di personalizzazione disponibili tramite variabili d'ambiente, e supporto per l'accelerazione GPU con driver open-source.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Contenitori Alpine, Ubuntu, Fedora e Arch contenenti ambienti desktop completi + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 su 5 annunci di lavoro online sono falsi o non vengono mai coperti, secondo uno studio]]> + +
  • Un recente studio indica che il 20% delle offerte di lavoro online sono false o rimangono non occupate, aumentando la frustrazione dei cercatori di lavoro. - Questa tendenza dei "lavori fantasma" potrebbe essere una tattica delle aziende per proiettare un'immagine di crescita. - Piattaforme di lavoro come Greenhouse e LinkedIn hanno introdotto servizi di verifica delle offerte di lavoro per aiutare gli utenti a identificare opportunità di lavoro autentiche.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 su 5 annunci di lavoro online sono falsi o non vengono mai coperti, secondo uno studio + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Rendere un incrocio pericoloso per i pedoni per risparmiare secondi agli automobilisti]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZRendere un incrocio pericoloso per i pedoni per risparmiare secondi agli automobilisti + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL è il Sistema di Gestione di Database dell'Anno 2024]]> + +
  • PostgreSQL è stato premiato come DBMS dell'anno 2024 da DB-Engines, ottenendo questo riconoscimento per la quinta volta, superando 423 altri sistemi di gestione di database.
    • +
  • PostgreSQL, con una storia che si estende per quasi 35 anni, continua a innovare, come si vede nei recenti miglioramenti di PostgreSQL 17, rilasciato a settembre 2024.
    • +
  • Snowflake e Microsoft si sono assicurati rispettivamente il secondo e il terzo posto, con Snowflake noto per il suo data warehousing basato su cloud e il supporto multi-cloud, mentre Microsoft offre robusti database relazionali gestiti tramite Azure SQL Database e SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL è il Sistema di Gestione di Database dell'Anno 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Il login OAuth di Google non protegge dall'acquisto di un dominio di una startup fallita]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZIl login OAuth di Google non protegge dall'acquisto di un dominio di una startup fallita + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Utilizzare le competenze di programmazione per generare un reddito passivo]]> + +
  • L'autore è passato da un ruolo di CTO a solopreneur, guadagnando con successo di più attraverso un portafoglio di prodotti software.
    • +
  • Le strategie chiave includono concentrarsi sul lavoro profondo, iniziare con piccoli progetti, iterare rapidamente e dedicare tempo agli sforzi di marketing.
    • +
  • Il viaggio sottolinea la resilienza a causa delle incertezze, ma mette in evidenza l'autonomia e la libertà impareggiabili di questo percorso professionale, incoraggiando coloro che possiedono competenze di programmazione a considerarlo per un reddito passivo.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZUtilizzare le competenze di programmazione per generare un reddito passivo + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Spagna propone una tassa del 100% sulle case acquistate da residenti non UE]]> + +
  • Spagna sta considerando un'imposta del 100% sugli acquisti immobiliari da parte di residenti non UE, con l'obiettivo di affrontare la crisi abitativa e frenare gli acquisti speculativi.
    • +
  • Il piano del Primo Ministro Pedro Sánchez prevede l'espansione degli alloggi sociali e la regolamentazione degli affitti turistici per affrontare la disparità tra i prezzi delle case e i redditi.
    • +
  • Il futuro della proposta come legge è incerto, con alcuni analisti che la vedono come un deterrente per gli investitori stranieri piuttosto che un cambiamento legislativo garantito.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZSpagna propone una tassa del 100% sulle case acquistate da residenti non UE + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple riceverà presto chip 'made in America' dalla fabbrica di TSMC in Arizona]]> + +
  • Apple sta testando i processori della struttura di TSMC in Arizona, con piani per la produzione di massa entro il primo trimestre, potenzialmente diventando il primo cliente statunitense di TSMC per i chip prodotti localmente. - Questa iniziativa mira a rafforzare l'indipendenza del silicio degli Stati Uniti, riducendo la dipendenza da Taiwan, che è vulnerabile a rischi geopolitici e naturali. - La fabbrica di TSMC in Arizona è destinata a produrre chip avanzati a 3nm e 2nm, con sforzi in corso per migliorare il reclutamento locale e le collaborazioni con le università statunitensi, anche se l'imballaggio inizialmente avverrà a Taiwan fino a quando la struttura di Peoria sarà operativa.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple riceverà presto chip 'made in America' dalla fabbrica di TSMC in Arizona + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43.000 conducenti in meno sulle strade di Manhattan dopo l'attivazione della tariffazione della congestione]]> + +
  • Dopo l'implementazione della tariffazione della congestione, c'è stata una riduzione del 7,5% dei conducenti che entrano a Manhattan sotto la 60ª strada, pari a 43.000 conducenti in meno ogni giorno feriale.
    • +
  • La riduzione del traffico ha migliorato il flusso del traffico e aumentato la velocità degli autobus, con alcuni autobus espressi che registrano un aumento del numero di passeggeri.
    • +
  • Il Metropolitan Transportation Authority (MTA) utilizza i ricavi dei pedaggi, stimati a 500 milioni di dollari all'anno, per miglioramenti del trasporto pubblico, nonostante alcune opposizioni politiche.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43.000 conducenti in meno sulle strade di Manhattan dopo l'attivazione della tariffazione della congestione + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Il punto di forza di Uv è rendere facili gli ambienti ad-hoc]]> 2025-01-05T00:00:00.000ZGuten: Una piccola stampante per giornali Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Volvo 1993 a guida autonoma con open pilot]]> - -
  • Un gruppo di amici ha partecipato all'edizione invernale del Carbage Run 2025, un rally di 6 giorni attraverso la Svezia fino al circolo polare e ritorno a Helsinki, che richiede auto di almeno 20 anni e con un valore inferiore a €1000.
    • -
  • Hanno trasformato una Volvo 940 Estate del 1993 in un veicolo a guida autonoma utilizzando openpilot di comma.ai, incorporando componenti moderni come il servosterzo elettrico, un Bosch iBooster e un sensore radar Tesla.
    • -
  • Futuri aggiornamenti includeranno dettagli sul cablaggio, una centralina elettronica (ECU) personalizzata e piani per rendere open-source il codice, mettendo in evidenza l'approccio innovativo del progetto per l'aggiornamento di veicoli più vecchi con tecnologia autonoma.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZVolvo 1993 a guida autonoma con open pilot - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Algoritmo di rendering del terreno in meno di 20 righe di codice (2020)]]> - -
  • Il gioco Comanche del 1992 di NovaLogic utilizzava il motore Voxel Space, una tecnica di rendering 2.5D basata sul ray casting, per creare terreni dettagliati con ombreggiature e ombre.
    • -
  • Il motore Voxel Space utilizzava mappe di altezza e colore e un semplice algoritmo di rendering, disegnando linee verticali da dietro a davanti, che potevano essere ottimizzate per le prestazioni.
    • -
  • Il codice del motore è disponibile sotto la licenza MIT, ma la tecnologia potrebbe essere ancora brevettata in alcune regioni.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Algoritmo di rendering del terreno in meno di 20 righe di codice (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Come disegnare un contorno in un videogioco]]> - -
  • L'articolo discute cinque tecniche per il rendering dei contorni in Unity, una popolare piattaforma di sviluppo di giochi, evidenziando il loro utilizzo in giochi come Sable e The Last of Us. - Le tecniche includono Effetti di Bordo, Estrusione dei Vertici, Buffer Sfocato, Algoritmo di Jump Flood e Rilevamento dei Bordi, ciascuna con vantaggi unici e compromessi in termini di prestazioni e qualità visiva. - L'articolo fornisce approfondimenti su come bilanciare questi metodi per un'estetica di gioco ottimale e supporto al gameplay, con risorse aggiuntive e crediti per i modelli 3D inclusi.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZCome disegnare un contorno in un videogioco - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Sto lasciando il Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZSto lasciando il Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity ha ottenuto annunci]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity ha ottenuto annunci - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/ja.xml b/static/rss/story/ja.xml index 2b6b14a37..3a39cac3b 100644 --- a/static/rss/story/ja.xml +++ b/static/rss/story/ja.xml @@ -15,11 +15,207 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[「Snykのセキュリティ研究者が、cursor.comを標的とする悪意のあるNPMパッケージを展開」]]> + +
  • 「Snykのセキュリティ研究者が、AIコーディング会社であるCursor.comを標的とした悪意のあるNPMパッケージを公開し、システムデータを収集して攻撃者が制御するサービスに送信しました。」
    • +
  • 「パッケージ「cursor-retrieval」、「cursor-always-local」、「cursor-shadow-workspace」は、OpenSSFパッケージ分析スキャナーによってフラグが立てられ、勧告MAL-2025-27、MAL-2025-28、MAL-2025-29が発行されました。」
    • +
  • 「この事件は、潜在的なセキュリティ脅威を避けるために、インストール前にNPMパッケージを精査することの重要性を強調しています。」
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Z「Snykのセキュリティ研究者が、cursor.comを標的とする悪意のあるNPMパッケージを展開」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「私はFirefoxに切り替えて、振り返ることはありませんでした」]]> + +
  • 「Firefoxは、優れたタブ管理、リンクを保存するための内蔵Pocket機能、プライバシーに配慮したメールリレーで称賛されており、Chromeの強力な代替手段となっています。- ユーザーフレンドリーなスクリーンショットツール、ChatGPTボタン、ピクチャーインピクチャー、カスタマイズ可能な検索オプション、スムーズなスクロールなどの追加機能がブラウジング体験を向上させます。- FirefoxはChromeのウェブアプリ機能を欠いているものの、その考え抜かれたデザインとリソースの少ない要求が、一部のユーザーにとって好ましい選択肢となっています。」
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Z「私はFirefoxに切り替えて、振り返ることはありませんでした」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「SonosのCEOがアプリの更新問題を受けて辞任」]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Z「SonosのCEOがアプリの更新問題を受けて辞任」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[MrBeastの腹の中で]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZMrBeastの腹の中で + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[GitHubのGit操作が停止しています]]> + +
  • 「GitHubは、2025年1月13日に内部ロードバランサーに影響を与える設定変更のため、23:35から00:24 UTCまでGit操作の障害に直面しました。この問題は設定変更を元に戻すことで解決され、GitHubは同様のインシデントを防ぐために監視と展開プロセスの改善に取り組んでいます。この障害はGitHubのActionsとPagesサービスにも影響を与え、プラットフォームサービスの相互接続性を浮き彫りにしました。」
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZGitHubのGit操作が停止しています + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「ZFS 2.3がZFS raidz拡張機能と共にリリースされました」]]> + +
  • 「OpenZFS 2.3.0がリリースされ、RAIDZ拡張、迅速な重複排除、直接入出力、JSON出力、長いファイル名のサポートなどの重要な機能が導入されました。このリリースには、Linuxカーネル4.18 - 6.12およびFreeBSDバージョン13.3、14.0 - 14.2と互換性のある重要なバグ修正とパフォーマンスの向上が含まれています。このアップデートは134人の貢献者による共同作業の成果であり、包括的なドキュメントと変更ログがレビューのために利用可能です。」
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000Z「ZFS 2.3がZFS raidz拡張機能と共にリリースされました」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – フルデスクトップ環境を含むAlpine、Ubuntu、Fedora、およびArchコンテナ]]> + +
  • Linuxserver/webtopは、Alpine、Ubuntu、Fedora、Archに基づいたコンテナを提供し、ウェブブラウザを通じてアクセス可能なフルデスクトップ環境を備えており、x86-64とarm64の両方のアーキテクチャをサポートしています。
    • +
  • ユーザーは、特定のイメージタグを使用して、XFCE、KDE、MATE、i3、Openbox、IceWMなどのさまざまなデスクトップ環境を選択し、指定されたURLを介してWebtopにアクセスできます。
    • +
  • 「セキュリティ機能には、Dockerのseccompオプションと認証設定が含まれ、環境変数を通じてカスタマイズオプションが利用可能であり、オープンソースドライバーによるGPUアクセラレーションのサポートもあります。」
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – フルデスクトップ環境を含むAlpine、Ubuntu、Fedora、およびArchコンテナ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「オンライン求人の5件に1件は偽物であるか、または決して埋まらないことが研究で判明」]]> + +
  • 「最近の研究によると、オンライン求人の20%が偽物であるか、未充足のままであり、求職者の不満を増大させています。この「ゴーストジョブ」トレンドは、企業が成長のイメージを投影するための戦術である可能性があります。GreenhouseやLinkedInなどの求人プラットフォームは、ユーザーが本物の求人を見分けるのを助けるために求人確認サービスを導入しています。」
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z「オンライン求人の5件に1件は偽物であるか、または決して埋まらないことが研究で判明」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「歩行者の安全を犠牲にして、運転者の数秒を節約する交差点を作ること」]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Z「歩行者の安全を犠牲にして、運転者の数秒を節約する交差点を作ること」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「PostgreSQLは2024年のデータベース管理システム・オブ・ザ・イヤーです」]]> + +
  • 「PostgreSQLは、DB-Enginesによって2024年のDBMSオブザイヤーに選ばれ、423の他のデータベース管理システムを上回り、5回目の受賞を果たしました。」
    • +
  • 「PostgreSQLは、約35年にわたる歴史を持ち、2024年9月にリリースされたPostgreSQL 17の最近の強化に見られるように、革新を続けています。」
    • +
  • 「スノーフレークとマイクロソフトはそれぞれ2位と3位を獲得しました。スノーフレークはクラウドベースのデータウェアハウジングとマルチクラウドサポートで注目され、マイクロソフトはAzure SQL DatabaseとSQL Serverを通じて強力なマネージドリレーショナルデータベースを提供しています。」
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000Z「PostgreSQLは2024年のデータベース管理システム・オブ・ザ・イヤーです」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「GoogleのOAuthログインは、失敗したスタートアップのドメイン購入に対して保護しません」]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Z「GoogleのOAuthログインは、失敗したスタートアップのドメイン購入に対して保護しません」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「コーディングスキルを活用して不労所得を得る」]]> + +
  • 「著者はCTOの役職からソロプレナーに転身し、ソフトウェア製品のポートフォリオを通じてより多くの収入を得ることに成功しました。」
    • +
  • 「主な戦略には、深い作業に集中すること、小さなプロジェクトから始めること、迅速に反復すること、そしてマーケティング活動に時間を割くことが含まれます。」
    • +
  • この旅は不確実性によるレジリエンスを強調していますが、このキャリアパスの比類のない自律性と自由を強調し、コーディングスキルを持つ人々に受動的収入のためにそれを検討するよう促しています。
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Z「コーディングスキルを活用して不労所得を得る」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「スペイン、非EU居住者による住宅購入に対して100%の税を提案」]]> + +
  • 「スペインは、住宅危機に対処し、投機的な購入を抑制することを目的として、非EU居住者による不動産購入に対して100%の税を検討しています。」
    • +
  • 「首相ペドロ・サンチェスの提案には、住宅価格と収入の格差に対処するために、社会住宅の拡大と観光賃貸の規制が含まれています。」
    • +
  • 「提案の法制化の将来は不確実であり、一部のアナリストはこれを確実な法改正というよりも、むしろ外国投資家への抑止力と見なしています。」
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Z「スペイン、非EU居住者による住宅購入に対して100%の税を提案」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「アップルはまもなく、TSMCのアリゾナ工場から『メイド・イン・アメリカ』のチップを受け取る予定です」]]> + +
  • 「AppleはTSMCのアリゾナ施設からのプロセッサをテストしており、第一四半期までに量産を計画している。これにより、TSMCの米国で製造されたチップの最初の顧客になる可能性がある。この取り組みは、台湾に依存しがちなシリコンの独立性を強化し、地政学的および自然のリスクに対する脆弱性を減少させることを目的としている。TSMCのアリゾナ工場は、先進的な3nmおよび2nmチップを生産する予定であり、地元の採用と米国の大学との提携を強化する努力が続けられているが、パッケージングは当初、ピオリア施設が稼働するまで台湾で行われる予定である。」
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Z「アップルはまもなく、TSMCのアリゾナ工場から『メイド・イン・アメリカ』のチップを受け取る予定です」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「混雑料金が導入された後、マンハッタンの道路から43,000人のドライバーが減少」]]> + +
  • 「混雑料金制度が導入された後、60丁目より南のマンハッタンに入る運転手が7.5%減少し、平日ごとに43,000人の運転手が減少しました。」
    • +
  • 「交通量の減少により交通の流れが改善され、バスの速度が向上し、一部の急行バスでは乗客数が増加しています。」
    • +
  • メトロポリタン交通局(MTA)は、年間約5億ドルと見積もられる通行料収入を、政治的な反対があるにもかかわらず、交通改善のために使用しています。
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z「混雑料金が導入された後、マンハッタンの道路から43,000人のドライバーが減少」 + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Uvの優れた機能は、アドホックな環境を簡単に作成できることです]]> 2025-01-05T00:00:00.000Z「グーテン:小さな新聞プリンター」 Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[「オープンパイロットを搭載した1993年製ボルボの自動運転車」]]> - -
  • 友人のグループが、2025年の冬版のカーベージランに参加しました。これは、スウェーデンを通り、北極圏まで行き、ヘルシンキに戻る6日間のラリーで、参加車両は少なくとも20年以上前のもので、価値が1000ユーロ未満であることが求められます。
    • -
  • 「彼らは、1993年製のボルボ940エステートを、comma.aiのオープンパイロットを使用して自動運転車に変え、電動パワーステアリング、ボッシュのiBooster、テスラのレーダーセンサーなどの最新コンポーネントを組み込みました。」
    • -
  • 「将来のアップデートには、配線の詳細、カスタムエンジンコントロールユニット(ECU)、およびコードをオープンソース化する計画が含まれ、古い車両に自律技術を後付けするというプロジェクトの革新的なアプローチが強調されます。」
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z「オープンパイロットを搭載した1993年製ボルボの自動運転車」 - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[「VoxelSpace: 20行未満のコードでの地形レンダリングアルゴリズム (2020)」]]> - -
  • 「NovaLogicの1992年のゲーム『Comanche』は、ボクセルスペースエンジンという2.5Dレンダリング技術を使用し、レイキャスティングに基づいて詳細な地形を陰影と影で作成しました。」
    • -
  • ボクセルスペースエンジンは、高度マップとカラーマップを使用し、シンプルなレンダリングアルゴリズムを採用しており、後ろから前に向かって垂直線を描画することで、パフォーマンスの最適化が可能でした。
    • -
  • 「エンジンのコードはMITライセンスの下で利用可能ですが、技術は特定の地域で特許が取得されている可能性があります。」
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000Z「VoxelSpace: 20行未満のコードでの地形レンダリングアルゴリズム (2020)」 - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[「ビデオゲームでアウトラインを描く方法」]]> - -
  • 「この記事では、人気のゲーム開発プラットフォームであるUnityにおけるアウトライン描画の5つの技術について論じており、SableやThe Last of Usのようなゲームでの使用を強調しています。技術には、リムエフェクト、頂点押し出し、ぼかしバッファ、ジャンプフラッドアルゴリズム、エッジ検出が含まれ、それぞれがパフォーマンスと視覚品質における独自の利点とトレードオフを持っています。この記事は、これらの方法を最適なゲーム美学とゲームプレイのサポートのためにバランスを取るための洞察を提供し、3Dモデルの追加リソースとクレジットも含まれています。」
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Z「ビデオゲームでアウトラインを描く方法」 - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[ワシントン・ポストを辞めます]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Zワシントン・ポストを辞めます - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[「Perplexityに広告が表示されました」]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Z「Perplexityに広告が表示されました」 - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/ko.xml b/static/rss/story/ko.xml index 7e681df76..7cd37398b 100644 --- a/static/rss/story/ko.xml +++ b/static/rss/story/ko.xml @@ -15,11 +15,200 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:16 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[시닉 보안 연구원이 cursor.com을 대상으로 하는 악성 NPM 패키지를 배포하다]]> + +
  • 한 Snyk 보안 연구원이 AI 코딩 회사인 Cursor.com을 대상으로 시스템 데이터를 수집하고 이를 공격자가 제어하는 서비스로 전송하기 위해 악성 NPM 패키지를 배포했습니다.
    • +
  • 이 패키지들은 "cursor-retrieval," "cursor-always-local," 및 "cursor-shadow-workspace"로 식별되었으며, OpenSSF 패키지 분석 스캐너에 의해 플래그가 지정되어 권고 사항 MAL-2025-27, MAL-2025-28, 및 MAL-2025-29가 발행되었습니다.
    • +
  • 이 사건은 잠재적인 보안 위협을 피하기 위해 NPM 패키지를 설치하기 전에 면밀히 검토하는 것의 중요성을 강조합니다.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Z시닉 보안 연구원이 cursor.com을 대상으로 하는 악성 NPM 패키지를 배포하다 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[파이어폭스로 전환하고 다시는 돌아보지 않았다]]> + +
  • Firefox는 우수한 탭 관리, 링크 저장을 위한 내장 Pocket 기능, 그리고 프라이버시 중심의 이메일 릴레이로 칭찬받으며 Chrome의 강력한 대안이 됩니다. - 사용자 친화적인 스크린샷 도구, ChatGPT 버튼, 화면 속 화면(Picture-in-Picture), 맞춤형 검색 옵션, 부드러운 스크롤링과 같은 추가 기능들이 브라우징 경험을 향상시킵니다. - Firefox는 Chrome의 웹 앱 기능이 부족하지만, 신중한 디자인과 감소된 자원 요구로 인해 일부 사용자들에게 선호되는 선택이 됩니다.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Z파이어폭스로 전환하고 다시는 돌아보지 않았다 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Sonos CEO, 앱 업데이트 문제로 사임]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZSonos CEO, 앱 업데이트 문제로 사임 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[MrBeast의 배 속에서]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZMrBeast의 배 속에서 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[GitHub Git 작업이 중단되었습니다]]> + +
  • GitHub은 2025년 1월 13일에 내부 로드 밸런서에 영향을 미치는 구성 변경으로 인해 Git 작업 중단을 겪었으며, 이는 23:35부터 00:24 UTC까지 지속되었습니다. - 문제는 구성 변경을 되돌림으로써 해결되었으며, GitHub은 유사한 사건을 방지하기 위해 모니터링 및 배포 프로세스를 개선하고 있습니다. - 이번 중단은 GitHub의 Actions 및 Pages 서비스에도 영향을 미쳐, 플랫폼 서비스의 상호 연결된 특성을 부각시켰습니다.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZGitHub Git 작업이 중단되었습니다 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3이 ZFS raidz 확장 기능과 함께 출시되었습니다.]]> + +
  • OpenZFS 2.3.0이 출시되어 RAIDZ 확장, 빠른 중복 제거, 직접 입출력, JSON 출력, 긴 파일 이름 지원과 같은 중요한 기능이 도입되었습니다. - 이번 릴리스에는 필수적인 버그 수정과 성능 향상이 포함되어 있으며, Linux 커널 4.18 - 6.12 및 FreeBSD 버전 13.3, 14.0 - 14.2와 호환됩니다. - 이 업데이트는 134명의 기여자가 협력한 결과로, 포괄적인 문서와 변경 로그가 검토를 위해 제공됩니다.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3이 ZFS raidz 확장 기능과 함께 출시되었습니다. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – 전체 데스크톱 환경을 포함한 Alpine, Ubuntu, Fedora 및 Arch 컨테이너]]> + +
  • Linuxserver/webtop은 웹 브라우저를 통해 접근할 수 있는 전체 데스크톱 환경을 제공하는 컨테이너를 Alpine, Ubuntu, Fedora, Arch 기반으로 제공하며, x86-64 및 arm64 아키텍처를 모두 지원합니다.
    • +
  • 사용자는 특정 이미지 태그를 사용하여 XFCE, KDE, MATE, i3, Openbox, IceWM과 같은 다양한 데스크톱 환경을 선택할 수 있으며, 지정된 URL을 통해 Webtop에 접속할 수 있습니다.
    • +
  • 보안 기능에는 Docker의 seccomp 옵션과 인증 설정이 포함되며, 환경 변수를 통한 사용자 정의 옵션과 오픈 소스 드라이버를 통한 GPU 가속 지원이 포함됩니다.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – 전체 데스크톱 환경을 포함한 Alpine, Ubuntu, Fedora 및 Arch 컨테이너 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[연구에 따르면 온라인 구인 공고 중 5개 중 1개는 가짜이거나 채워지지 않는 것으로 나타났습니다.]]> + +
  • 최근 연구에 따르면 온라인 구인 공고의 20%가 가짜이거나 채워지지 않은 상태로 남아 있어 구직자들의 좌절감을 더하고 있습니다. - 이러한 '유령 일자리' 트렌드는 기업들이 성장 이미지를 투영하기 위한 전술일 수 있습니다. - Greenhouse와 LinkedIn과 같은 구인 플랫폼은 사용자들이 진정한 취업 기회를 식별할 수 있도록 돕기 위해 구인 검증 서비스를 도입했습니다.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z연구에 따르면 온라인 구인 공고 중 5개 중 1개는 가짜이거나 채워지지 않는 것으로 나타났습니다. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[운전자의 몇 초를 절약하기 위해 보행자에게 교차로를 위험하게 만들기]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Z운전자의 몇 초를 절약하기 위해 보행자에게 교차로를 위험하게 만들기 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL은 2024년 올해의 데이터베이스 관리 시스템입니다.]]> + +
  • PostgreSQL는 DB-Engines에 의해 2024년 DBMS 올해의 상을 수상했으며, 423개의 다른 데이터베이스 관리 시스템을 제치고 다섯 번째로 이 인정을 받았습니다.
    • +
  • PostgreSQL은 거의 35년에 걸친 역사를 가지고 있으며, 2024년 9월에 출시된 PostgreSQL 17의 최근 개선에서 볼 수 있듯이 계속해서 혁신을 이어가고 있습니다.
    • +
  • 스노우플레이크와 마이크로소프트는 각각 2위와 3위를 차지했으며, 스노우플레이크는 클라우드 기반 데이터 웨어하우징과 멀티 클라우드 지원으로 주목받았고, 마이크로소프트는 Azure SQL Database와 SQL Server를 통해 강력한 관리형 관계형 데이터베이스를 제공한다.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL은 2024년 올해의 데이터베이스 관리 시스템입니다. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Google의 OAuth 로그인은 실패한 스타트업 도메인 구매를 방지하지 않습니다.]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZGoogle의 OAuth 로그인은 실패한 스타트업 도메인 구매를 방지하지 않습니다. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[코딩 기술을 사용하여 수동 소득 창출하기]]> + +
  • 저자는 CTO 역할에서 솔로프리뉴어로 전환하여 소프트웨어 제품 포트폴리오를 통해 더 많은 수익을 성공적으로 올렸습니다.
    • +
  • 주요 전략에는 깊이 있는 작업에 집중하고, 작은 프로젝트로 시작하며, 빠르게 반복하고, 마케팅 노력에 시간을 할애하는 것이 포함됩니다.
    • +
  • 이 여정은 불확실성으로 인한 회복력을 강조하지만, 이 경력 경로의 비할 데 없는 자율성과 자유를 강조하며 코딩 기술을 가진 사람들이 이를 수동적 수입을 위한 경로로 고려하도록 권장합니다.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Z코딩 기술을 사용하여 수동 소득 창출하기 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[스페인, 비EU 거주자가 구매한 주택에 100% 세금 제안]]> + +
  • 스페인은 주택 위기 해결과 투기적 구매 억제를 목표로 비EU 거주자의 부동산 구매에 대해 100% 세금을 고려하고 있습니다.
    • +
  • 페드로 산체스 총리의 제안에는 주택 가격과 소득 간의 격차를 해소하기 위해 사회 주택을 확장하고 관광 임대를 규제하는 것이 포함되어 있습니다.
    • +
  • 그 제안의 법률로서의 미래는 불확실하며, 일부 분석가들은 이를 확실한 입법 변화라기보다는 외국인 투자자에 대한 억제책으로 보고 있습니다.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Z스페인, 비EU 거주자가 구매한 주택에 100% 세금 제안 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[애플은 곧 TSMC의 애리조나 공장에서 '미국산' 칩을 받을 예정입니다.]]> + +
  • 애플은 TSMC의 애리조나 시설에서 프로세서를 테스트하고 있으며, 첫 분기까지 대량 생산을 계획하고 있어 TSMC의 미국 내 제조 칩의 첫 번째 고객이 될 가능성이 있습니다. - 이 이니셔티브는 미국의 실리콘 독립성을 강화하고, 지정학적 및 자연적 위험에 취약한 대만에 대한 의존도를 줄이는 것을 목표로 합니다. - TSMC의 애리조나 공장은 첨단 3nm 및 2nm 칩을 생산할 예정이며, 현지 채용 강화 및 미국 대학과의 파트너십을 추진하고 있지만, 포장 작업은 피오리아 시설이 가동될 때까지 초기에는 대만에서 이루어질 것입니다.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Z애플은 곧 TSMC의 애리조나 공장에서 '미국산' 칩을 받을 예정입니다. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[혼잡 통행료가 시행된 후 맨해튼 도로에서 운전자가 43,000명 감소]]> + +
  • 혼잡 통행료가 시행된 후 60번가 이하 맨해튼에 진입하는 운전자가 7.5% 감소하여 매주 평일마다 43,000명의 운전자가 줄어들었습니다.
    • +
  • 교통량 감소로 인해 교통 흐름이 개선되고 버스 속도가 증가했으며, 일부 급행 버스는 승객 수가 증가했습니다.
    • +
  • 메트로폴리탄 교통국(MTA)은 연간 약 5억 달러로 추산되는 통행료 수익을 교통 개선에 사용하고 있으며, 일부 정치적 반대에도 불구하고 이를 추진하고 있습니다.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z혼잡 통행료가 시행된 후 맨해튼 도로에서 운전자가 43,000명 감소 + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Uv의 킬러 기능은 임시 환경을 쉽게 만드는 것입니다.]]> 2025-01-05T00:00:00.000Z구텐: 작은 신문 프린터 Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[오픈 파일럿이 장착된 1993년식 볼보 자율주행차]]> - -
  • 친구들 그룹이 2025년 겨울 에디션 카베이지 런에 참가했습니다. 이 행사는 스웨덴을 통해 북극권까지 갔다가 헬싱키로 돌아오는 6일간의 랠리로, 참가 차량은 최소 20년 이상 된 차량이어야 하며 가치가 €1000 이하이어야 합니다.
    • -
  • 그들은 1993년식 볼보 940 에스테이트를 comma.ai의 오픈파일럿을 사용하여 자율주행 차량으로 변환했으며, 전자식 파워 스티어링, 보쉬 iBooster, 테슬라 레이더 센서와 같은 현대적인 부품을 통합했습니다.
    • -
  • 향후 업데이트에는 배선, 맞춤형 엔진 제어 장치(ECU)에 대한 세부 정보와 코드 오픈 소스 계획이 포함되어 있으며, 이는 오래된 차량에 자율 주행 기술을 장착하는 프로젝트의 혁신적인 접근 방식을 강조합니다.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z오픈 파일럿이 장착된 1993년식 볼보 자율주행차 - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: 20줄 미만의 코드로 구현된 지형 렌더링 알고리즘 (2020)]]> - -
  • NovaLogic의 1992년 게임 Comanche는 Voxel Space 엔진을 사용하여 레이 캐스팅에 기반한 2.5D 렌더링 기법으로 음영과 그림자가 있는 상세한 지형을 만들었습니다.
    • -
  • Voxel Space 엔진은 높이 및 색상 맵과 간단한 렌더링 알고리즘을 사용하여 뒤에서 앞으로 수직선을 그렸으며, 이는 성능 최적화를 위해 조정될 수 있었습니다.
    • -
  • 엔진의 코드는 MIT 라이선스 하에 제공되지만, 기술은 여전히 특정 지역에서 특허를 받을 수 있습니다.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: 20줄 미만의 코드로 구현된 지형 렌더링 알고리즘 (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[비디오 게임에서 윤곽선을 그리는 방법]]> - -
  • 이 기사는 인기 있는 게임 개발 플랫폼인 유니티에서 윤곽선을 렌더링하는 다섯 가지 기법을 논의하며, Sable과 The Last of Us와 같은 게임에서의 사용을 강조합니다. - 기법에는 Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm, Edge Detection이 포함되며, 각각 성능과 시각적 품질 측면에서 고유한 장점과 절충점을 가지고 있습니다. - 이 기사는 최적의 게임 미학과 게임 플레이 지원을 위해 이러한 방법을 균형 있게 사용하는 방법에 대한 통찰력을 제공하며, 추가 리소스와 3D 모델에 대한 크레딧도 포함되어 있습니다.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Z비디오 게임에서 윤곽선을 그리는 방법 - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[저는 워싱턴 포스트를 그만둡니다]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Z저는 워싱턴 포스트를 그만둡니다 - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity에 광고가 생겼다]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity에 광고가 생겼다 - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/nb.xml b/static/rss/story/nb.xml index 649c169a0..bd6019cc0 100644 --- a/static/rss/story/nb.xml +++ b/static/rss/story/nb.xml @@ -15,11 +15,208 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[Een Snyk-beveiligingsonderzoeker implementeert kwaadaardige NPM-pakketten die gericht zijn op cursor.com]]> + +
  • Een Snyk-beveiligingsonderzoeker heeft kwaadaardige NPM-pakketten vrijgegeven die gericht zijn op Cursor.com, een AI-coderingsbedrijf, om systeemgegevens te verzamelen en deze naar een door een aanvaller gecontroleerde dienst te sturen.
    • +
  • De pakketten, geïdentificeerd als "cursor-retrieval," "cursor-always-local," en "cursor-shadow-workspace," werden gemarkeerd door de OpenSSF-pakketanalysescanner, resulterend in adviezen MAL-2025-27, MAL-2025-28, en MAL-2025-29.
    • +
  • Dit voorval benadrukt het belang van het onderzoeken van NPM-pakketten voordat ze worden geïnstalleerd om mogelijke beveiligingsbedreigingen te vermijden.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZEen Snyk-beveiligingsonderzoeker implementeert kwaadaardige NPM-pakketten die gericht zijn op cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Ik ben overgestapt naar Firefox en heb nooit meer achterom gekeken]]> + +
  • Firefox wordt geprezen voor zijn superieure tabbladbeheer, ingebouwde Pocket-functie voor het opslaan van links en een privacygerichte e-mailrelay, waardoor het een sterk alternatief voor Chrome is. - Extra functies zoals een gebruiksvriendelijke screenshot-tool, een ChatGPT-knop, Picture-in-Picture, aanpasbare zoekopties en soepel scrollen verbeteren de browse-ervaring. - Hoewel Firefox de webapp-functie van Chrome mist, maken het doordachte ontwerp en de verminderde hulpbroneisen het voor sommige gebruikers een voorkeurskeuze.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZIk ben overgestapt naar Firefox en heb nooit meer achterom gekeken + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Sonos-CEO stapt op na debacle met app-update]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZSonos-CEO stapt op na debacle met app-update + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[De buik van de MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZDe buik van de MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[GitHub Git-bewerkingen zijn niet beschikbaar]]> + +
  • GitHub kreeg te maken met een storing in Git-operaties op 13 januari 2025, als gevolg van een configuratiewijziging die de interne load balancer beïnvloedde, en duurde van 23:35 tot 00:24 UTC. - Het probleem werd opgelost door de configuratiewijziging terug te draaien, en GitHub werkt aan het verbeteren van monitoring- en implementatieprocessen om soortgelijke incidenten te voorkomen. - De storing beïnvloedde ook de Actions- en Pages-diensten van GitHub, wat de onderling verbonden aard van hun platformdiensten benadrukt.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZGitHub Git-bewerkingen zijn niet beschikbaar + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 uitgebracht met ZFS raidz-uitbreiding]]> + +
  • OpenZFS 2.3.0 har blitt utgitt, og introduserer betydelige funksjoner som RAIDZ-utvidelse, rask deduplisering, direkte inn-/utdata, JSON-utdata og støtte for lange filnavn. - Utgivelsen inkluderer essensielle feilrettinger og ytelsesforbedringer, kompatibel med Linux-kjerner 4.18 - 6.12 og FreeBSD-versjoner 13.3, 14.0 - 14.2. - Oppdateringen er et samarbeid fra 134 bidragsytere, med omfattende dokumentasjon og en endringslogg tilgjengelig for gjennomgang.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 uitgebracht met ZFS raidz-uitbreiding + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Alpine, Ubuntu, Fedora og Arch containere som inneholder komplette skrivebordsmiljøer]]> + +
  • Linuxserver/webtop biedt containers gebaseerd op Alpine, Ubuntu, Fedora en Arch met volledige desktopomgevingen die toegankelijk zijn via webbrowsers, en ondersteunt zowel x86-64 als arm64 architecturen.
    • +
  • Gebruikers kunnen kiezen uit verschillende desktopomgevingen zoals XFCE, KDE, MATE, i3, Openbox en IceWM door specifieke afbeeldingslabels te gebruiken en toegang te krijgen tot de Webtop via aangewezen URL's.
    • +
  • Beveiligingsfuncties omvatten Docker's seccomp-optie en authenticatie-instellingen, met aanpassingsmogelijkheden beschikbaar via omgevingsvariabelen, en ondersteuning voor GPU-versnelling met open-source stuurprogramma's.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Alpine, Ubuntu, Fedora og Arch containere som inneholder komplette skrivebordsmiljøer + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 op de 5 online vacatures is ofwel nep of wordt nooit ingevuld, blijkt uit onderzoek]]> + +
  • Een recente studie wijst uit dat 20% van de online vacatures ofwel nep zijn of onvervuld blijven, wat bijdraagt aan de frustratie van werkzoekenden. - Deze trend van "spookbanen" kan een tactiek zijn voor bedrijven om een beeld van groei te projecteren. - Banenplatforms zoals Greenhouse en LinkedIn hebben diensten voor vacatureverificatie geïntroduceerd om gebruikers te helpen echte kansen te identificeren.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 op de 5 online vacatures is ofwel nep of wordt nooit ingevuld, blijkt uit onderzoek + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Een kruispunt onveilig maken voor voetgangers om seconden te besparen voor automobilisten]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZEen kruispunt onveilig maken voor voetgangers om seconden te besparen voor automobilisten + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL is het Database Management Systeem van het Jaar 2024]]> + +
  • PostgreSQL is bekroond met de titel DBMS van het Jaar 2024 door DB-Engines, en behaalt deze erkenning voor de vijfde keer, waarmee het 423 andere databasebeheersystemen overtreft.
    • +
  • PostgreSQL, med en historie som strekker seg over nesten 35 år, fortsetter å innovere, noe som ses i de nylige forbedringene av PostgreSQL 17, utgitt i september 2024.
    • +
  • Snowflake en Microsoft sikret seg henholdsvis andre- og tredjeplass, med Snowflake kjent for sin skybaserte datalagring og støtte for flere skyer, mens Microsoft tilbyr robuste administrerte relasjonsdatabaser gjennom Azure SQL Database og SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL is het Database Management Systeem van het Jaar 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[De OAuth-login van Google beschermt niet tegen het kopen van een mislukte startup-domein.]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZDe OAuth-login van Google beschermt niet tegen het kopen van een mislukte startup-domein. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Codering gebruiken om passief inkomen te genereren]]> + +
  • De auteur ging over van een CTO-rol naar een solopreneur en verdiende met succes meer door middel van een portfolio van softwareproducten.
    • +
  • Belangrijke strategieën omvatten het richten op diep werk, beginnen met kleine projecten, snel itereren en tijd besteden aan marketinginspanningen.
    • +
  • De reis benadrukt veerkracht vanwege onzekerheden, maar benadrukt de ongeëvenaarde autonomie en vrijheid van dit carrièrepad, en moedigt degenen met codeervaardigheden aan om het te overwegen voor passief inkomen.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZCodering gebruiken om passief inkomen te genereren + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Spanje stelt een belasting van 100% voor op woningen die door niet-EU-ingezetenen worden gekocht]]> + +
  • Spanje overweegt een belasting van 100% op vastgoed aankopen door niet-EU ingezetenen, met als doel de woningcrisis aan te pakken en speculatieve aankopen te beperken.
    • +
  • Het voorstel van premier Pedro Sánchez omvat de uitbreiding van sociale huisvesting en het reguleren van toeristische verhuur om de kloof tussen woningprijzen en inkomens aan te pakken.
    • +
  • De fremtidige statusen til forslaget som lov er usikker, med noen analytikere som ser det som en avskrekkende faktor for utenlandske investorer snarere enn en garantert lovendring.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZSpanje stelt een belasting van 100% voor op woningen die door niet-EU-ingezetenen worden gekocht + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple zal binnenkort 'made in America'-chips ontvangen van TSMC's fabriek in Arizona]]> + +
  • Apple tester prosessorer fra TSMCs anlegg i Arizona, med planer om masseproduksjon innen første kvartal, og kan potensielt bli TSMCs første amerikanske kunde for lokalt produserte brikker. - Dette initiativet har som mål å styrke USAs silisiumuavhengighet, og redusere avhengigheten av Taiwan, som er sårbar for geopolitiske og naturlige risikoer. - TSMCs fabrikk i Arizona skal produsere avanserte 3nm og 2nm brikker, med pågående innsats for å forbedre lokal rekruttering og partnerskap med amerikanske universiteter, selv om pakking i utgangspunktet vil skje i Taiwan inntil anlegget i Peoria er operativt.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple zal binnenkort 'made in America'-chips ontvangen van TSMC's fabriek in Arizona + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43.000 færre sjåfører på veiene i Manhattan etter at veiprisene ble aktivert]]> + +
  • Na de invoering van tolheffing voor congestie was er een vermindering van 7,5% in het aantal bestuurders dat Manhattan onder 60th Street binnenreed, wat neerkomt op 43.000 minder bestuurders per weekdag.
    • +
  • De vermindering van het verkeer heeft de doorstroming verbeterd en de snelheid van bussen verhoogd, waarbij sommige snelbussen een hogere bezetting ervaren.
    • +
  • De Metropolitan Transportation Authority (MTA) gebruikt de tolinkomsten, geschat op $500 miljoen per jaar, voor verbeteringen in het openbaar vervoer, ondanks enige politieke tegenstand.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43.000 færre sjåfører på veiene i Manhattan etter at veiprisene ble aktivert + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[De killerfunctie van Uv is het eenvoudig maken van ad-hocomgevingen]]> 2025-01-05T00:00:00.000ZEen kleine krantenprinter Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Zelfrijdende Volvo uit 1993 met open piloot]]> - -
  • Een groep vrienden nam deel aan de Carbage Run 2025 Wintereditie, een 6-daagse rally door Zweden naar de poolcirkel en terug naar Helsinki, waarbij auto's minstens 20 jaar oud moesten zijn en een waarde van minder dan €1000 moesten hebben.
    • -
  • Ze hebben een Volvo 940 Estate uit 1993 omgebouwd tot een zelfrijdend voertuig met behulp van openpilot van comma.ai, waarbij ze moderne componenten zoals elektrische stuurbekrachtiging, een Bosch iBooster en een Tesla-radarsensor hebben geïntegreerd.
    • -
  • Toekomstige updates zullen details bevatten over bedrading, een aangepaste Engine Control Unit (ECU), en plannen om de code open-source te maken, waarbij de innovatieve benadering van het project om oudere voertuigen uit te rusten met autonome technologie wordt benadrukt.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZZelfrijdende Volvo uit 1993 met open piloot - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Terrainterenderingsalgoritme i mindre enn 20 linjer med kode (2020)]]> - -
  • NovaLogics spill Comanche fra 1992 brukte Voxel Space-motoren, en 2.5D gjengivelsesteknikk basert på strålekasting, for å skape detaljerte terreng med skyggelegging og skygger.
    • -
  • De Voxel Space-motoren brukte høyde- og fargekart og en enkel gjengivelsesalgoritme, som tegnet vertikale linjer fra bak til front, noe som kunne optimaliseres for ytelse.
    • -
  • De code van motoren er tilgjengelig under MIT-lisensen, men teknologien kan fortsatt være patentert i visse regioner.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Terrainterenderingsalgoritme i mindre enn 20 linjer med kode (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Hoe teken je een omtrek in een videospel]]> - -
  • Het artikel bespreekt vijf technieken voor het weergeven van contouren in Unity, een populair platform voor game-ontwikkeling, en benadrukt hun gebruik in games zoals Sable en The Last of Us. - Technieken omvatten Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm en Edge Detection, elk met unieke voordelen en afwegingen op het gebied van prestaties en visuele kwaliteit. - Het artikel biedt inzichten in het balanceren van deze methoden voor optimale game-esthetiek en gameplay-ondersteuning, met aanvullende bronnen en credits voor 3D-modellen inbegrepen.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZHoe teken je een omtrek in een videospel - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Ik stop bij de Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZIk stop bij de Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity heeft advertenties gekregen]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity heeft advertenties gekregen - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/nl.xml b/static/rss/story/nl.xml index 20dbcbb10..04f6d7af4 100644 --- a/static/rss/story/nl.xml +++ b/static/rss/story/nl.xml @@ -15,11 +15,205 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[En Snyk-sikkerhetsforsker distribuerer ondsinnede NPM-pakker rettet mot cursor.com]]> + +
  • En Snyk-sikkerhetsforsker ga ut ondsinnede NPM-pakker rettet mot Cursor.com, et AI-kodingsselskap, for å samle systemdata og sende dem til en angriperstyrt tjeneste.
    • +
  • Pakker, identifisert som "cursor-retrieval," "cursor-always-local," og "cursor-shadow-workspace," ble flagget av OpenSSF-pakkeanalyseskanneren, noe som resulterte i rådgivninger MAL-2025-27, MAL-2025-28, og MAL-2025-29.
    • +
  • Denne hendelsen understreker viktigheten av å granske NPM-pakker før installasjon for å unngå potensielle sikkerhetstrusler.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZEn Snyk-sikkerhetsforsker distribuerer ondsinnede NPM-pakker rettet mot cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Jeg byttet til Firefox og har aldri sett meg tilbake]]> + +
  • Firefox blir rost for sin overlegne fanebehandling, innebygde Pocket-funksjon for å lagre lenker, og en personvernfokusert e-postvideresending, noe som gjør det til et sterkt alternativ til Chrome. - Ytterligere funksjoner som et brukervennlig skjermbildeverktøy, en ChatGPT-knapp, bilde-i-bilde, tilpassbare søkealternativer og jevn rulling forbedrer nettleseropplevelsen. - Selv om Firefox mangler Chromes webapp-funksjon, gjør dens gjennomtenkte design og reduserte ressurskrav det til et foretrukket valg for noen brukere.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZJeg byttet til Firefox og har aldri sett meg tilbake + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Sonos-sjef går av etter appoppdateringsfiasko]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZSonos-sjef går av etter appoppdateringsfiasko + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[i magen til MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Zi magen til MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[GitHub Git-operasjoner er nede]]> + +
  • GitHub opplevde et driftsavbrudd for Git-operasjoner den 13. januar 2025, på grunn av en konfigurasjonsendring som påvirket den interne lastbalansereren, og varte fra 23:35 til 00:24 UTC. - Problemet ble løst ved å tilbakestille konfigurasjonsendringen, og GitHub jobber med å forbedre overvåkings- og distribusjonsprosessene for å forhindre lignende hendelser. - Avbruddet påvirket også GitHubs Actions- og Pages-tjenester, noe som fremhever den sammenkoblede naturen til deres plattformtjenester.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZGitHub Git-operasjoner er nede + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 utgitt med ZFS raidz-utvidelse]]> + +
  • OpenZFS 2.3.0 is uitgebracht en introduceert belangrijke functies zoals RAIDZ-uitbreiding, snelle deduplicatie, directe invoer/uitvoer, JSON-uitvoer en ondersteuning voor lange bestandsnamen. - De release bevat essentiële bugfixes en prestatieverbeteringen, compatibel met Linux-kernels 4.18 - 6.12 en FreeBSD-versies 13.3, 14.0 - 14.2. - De update is een gezamenlijke inspanning van 134 bijdragers, met uitgebreide documentatie en een wijzigingslogboek beschikbaar voor inzage.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 utgitt med ZFS raidz-utvidelse + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Alpine, Ubuntu, Fedora og Arch containere som inneholder komplette skrivebordsmiljøer]]> + +
  • Linuxserver/webtop tilbyr containere basert på Alpine, Ubuntu, Fedora og Arch med komplette skrivebordsmiljøer som er tilgjengelige gjennom nettlesere, og støtter både x86-64 og arm64 arkitekturer.
    • +
  • Brukere kan velge mellom ulike skrivebordsmiljøer som XFCE, KDE, MATE, i3, Openbox og IceWM ved å bruke spesifikke bildetagger, og få tilgang til Webtop via angitte URL-er.
    • +
  • SIkkershetsfunksjoner inkluderer Dockers seccomp-alternativ og autentiseringsoppsett, med tilpasningsmuligheter tilgjengelig gjennom miljøvariabler, og støtte for GPU-akselerasjon med åpen kildekode-drivere.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Alpine, Ubuntu, Fedora og Arch containere som inneholder komplette skrivebordsmiljøer + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 av 5 nettbaserte stillingsannonser er enten falske eller aldri fylt, ifølge en studie]]> + +
  • En nylig studie indikerer at 20 % av nettbaserte stillingsannonser enten er falske eller forblir ubesatte, noe som øker frustrasjonen blant jobbsøkere. - Denne "spøkelsesjobb"-trenden kan være en taktikk for selskaper for å projisere et bilde av vekst. - Jobbplattformer som Greenhouse og LinkedIn har introdusert jobbverifiseringstjenester for å hjelpe brukere med å identifisere ekte jobbmuligheter.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 av 5 nettbaserte stillingsannonser er enten falske eller aldri fylt, ifølge en studie + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Å gjøre et veikryss utrygt for fotgjengere for å spare sekunder for bilister]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZÅ gjøre et veikryss utrygt for fotgjengere for å spare sekunder for bilister + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL er Database Management System of the Year 2024]]> + +
  • PostgreSQL har blitt tildelt prisen DBMS of the Year 2024 av DB-Engines, og oppnår denne anerkjennelsen for femte gang, og overgår 423 andre databasehåndteringssystemer.
    • +
  • PostgreSQL, med en historie som strekker seg over nesten 35 år, fortsetter å innovere, som sett i de nylige forbedringene av PostgreSQL 17, utgitt i september 2024.
    • +
  • Snowflake og Microsoft sikret seg henholdsvis andre og tredje plass, med Snowflake kjent for sin skybaserte datalagring og støtte for flere skyer, mens Microsoft tilbyr robuste administrerte relasjonsdatabaser gjennom Azure SQL Database og SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL er Database Management System of the Year 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Googles OAuth-pålogging beskytter ikke mot kjøp av et mislykket oppstartsdomenenavn]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZGoogles OAuth-pålogging beskytter ikke mot kjøp av et mislykket oppstartsdomenenavn + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Bruke kodingsevner for å tjene passiv inntekt]]> + +
  • Forfatteren gikk fra en CTO-rolle til å bli en soloprenør, og tjente suksessfullt mer gjennom en portefølje av programvareprodukter.
    • +
  • Viktige strategier inkluderer å fokusere på dypt arbeid, starte med små prosjekter, iterere raskt og dedikere tid til markedsføringsinnsats.
    • +
  • Reisen understreker motstandskraft på grunn av usikkerheter, men fremhever den uovertrufne autonomien og friheten i denne karriereveien, og oppmuntrer de med kodingferdigheter til å vurdere den for passiv inntekt.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZBruke kodingsevner for å tjene passiv inntekt + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Spania foreslår 100 % skatt på boliger kjøpt av ikke-EU-bosatte]]> + +
  • Spania vurderer en 100 % skatt på eiendomskjøp av ikke-EU-bosatte, med mål om å løse boligkrisen og dempe spekulative kjøp.
    • +
  • Statsminister Pedro Sánchez sitt forslag inkluderer å utvide sosial boligbygging og regulere turistutleie for å takle forskjellen mellom boligpriser og inntekter.
    • +
  • Forslagets fremtid som lov er usikker, med noen analytikere som ser det som en avskrekkende faktor for utenlandske investorer snarere enn en garantert lovendring.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZSpania foreslår 100 % skatt på boliger kjøpt av ikke-EU-bosatte + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple vil snart motta 'laget i Amerika'-brikker fra TSMCs fabrikk i Arizona]]> + +
  • Apple tester prosessorer fra TSMCs anlegg i Arizona, med planer om masseproduksjon innen første kvartal, og kan potensielt bli TSMCs første amerikanske kunde for lokalt produserte brikker. - Dette initiativet har som mål å styrke USAs silisiumuavhengighet, og redusere avhengigheten av Taiwan, som er sårbar for geopolitiske og naturlige risikoer. - TSMCs fabrikk i Arizona skal produsere avanserte 3nm og 2nm brikker, med pågående innsats for å forbedre lokal rekruttering og partnerskap med amerikanske universiteter, selv om pakking i utgangspunktet vil skje i Taiwan inntil anlegget i Peoria er operativt.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple vil snart motta 'laget i Amerika'-brikker fra TSMCs fabrikk i Arizona + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43 000 færre sjåfører på veiene i Manhattan etter at veiprisene ble aktivert]]> + +
  • Etter at veiprising ble implementert, var det en reduksjon på 7,5 % i antall sjåfører som kjørte inn i Manhattan sør for 60th Street, noe som tilsvarer 43 000 færre sjåfører hver ukedag.
    • +
  • Reduksjonen i trafikken har forbedret trafikkflyten og økt bussfartene, med noen ekspressbusser som opplever høyere passasjertall.
    • +
  • Metropolitan Transportation Authority (MTA) bruker inntektene fra bompenger, anslått til 500 millioner dollar årlig, til forbedringer av kollektivtransport, til tross for en viss politisk motstand.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43 000 færre sjåfører på veiene i Manhattan etter at veiprisene ble aktivert + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Uv's drapsfunksjon er å gjøre ad-hoc-miljøer enkle]]> 2025-01-05T00:00:00.000ZGuten: En liten avisprinter Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Selvkjørende 1993 Volvo med åpen pilot]]> - -
  • En gruppe venner deltok i Carbage Run 2025 Winter-utgaven, et 6-dagers rally gjennom Sverige til polarsirkelen og tilbake til Helsingfors, hvor bilene måtte være minst 20 år gamle og verdsatt til under €1000.
    • -
  • De transformeerden een Volvo 940 Estate uit 1993 in een zelfrijdend voertuig met behulp van openpilot van comma.ai, waarbij ze moderne componenten zoals elektrische stuurbekrachtiging, een Bosch iBooster en een Tesla-radarsensor integreerden.
    • -
  • Fremtidige oppdateringer vil inkludere detaljer om ledninger, en tilpasset motorstyringsenhet (ECU), og planer om å gjøre koden åpen kildekode, noe som fremhever prosjektets innovative tilnærming til å ettermontere eldre kjøretøy med autonom teknologi.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZSelvkjørende 1993 Volvo med åpen pilot - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Terrenggjengivelsesalgoritme i mindre enn 20 linjer med kode (2020)]]> - -
  • NovaLogics spill Comanche fra 1992 brukte Voxel Space-motoren, en 2.5D-gjengivelsesteknikk basert på strålekasting, for å skape detaljerte terreng med skyggelegging og skygger.
    • -
  • Voxel Space-motoren brukte høyde- og fargekart og en enkel gjengivelsesalgoritme, som tegnet vertikale linjer fra bak til front, noe som kunne optimaliseres for ytelse.
    • -
  • Motorens kode er tilgjengelig under MIT-lisensen, men teknologien kan fortsatt være patentert i visse regioner.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Terrenggjengivelsesalgoritme i mindre enn 20 linjer med kode (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Hvordan tegne en omriss i et videospill]]> - -
  • Artikkelen diskuterer fem teknikker for å gjengi konturer i Unity, en populær spillutviklingsplattform, og fremhever deres bruk i spill som Sable og The Last of Us. - Teknikker inkluderer Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm og Edge Detection, hver med unike fordeler og kompromisser når det gjelder ytelse og visuell kvalitet. - Artikkelen gir innsikt i å balansere disse metodene for optimal spillestetikk og spillstøtte, med tilleggsmateriale og kreditering for 3D-modeller inkludert.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZHvordan tegne en omriss i et videospill - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Jeg slutter i Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZJeg slutter i Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity har fått annonser]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity har fått annonser - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/pl.xml b/static/rss/story/pl.xml index c1509525c..2fbe18dea 100644 --- a/static/rss/story/pl.xml +++ b/static/rss/story/pl.xml @@ -15,11 +15,210 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[„Badacz ds. bezpieczeństwa z firmy Snyk wdraża złośliwe pakiety NPM, które są wymierzone w cursor.com”]]> + +
  • „Badacz ds. bezpieczeństwa z firmy Snyk opublikował złośliwe pakiety NPM, które były wymierzone w Cursor.com, firmę zajmującą się kodowaniem AI, w celu zbierania danych systemowych i wysyłania ich do usługi kontrolowanej przez atakującego.”
    • +
  • „Pakiety, zidentyfikowane jako „cursor-retrieval”, „cursor-always-local” i „cursor-shadow-workspace”, zostały oznaczone przez skaner analizy pakietów OpenSSF, co skutkowało wydaniem ostrzeżeń MAL-2025-27, MAL-2025-28 i MAL-2025-29.”
    • +
  • „Ten incydent podkreśla znaczenie dokładnego sprawdzania pakietów NPM przed instalacją, aby uniknąć potencjalnych zagrożeń bezpieczeństwa.”
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Z„Badacz ds. bezpieczeństwa z firmy Snyk wdraża złośliwe pakiety NPM, które są wymierzone w cursor.com” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Przeszedłem na Firefox i nigdy nie oglądałem się za siebie”]]> + +
  • „Firefox jest chwalony za doskonałe zarządzanie kartami, wbudowaną funkcję Pocket do zapisywania linków oraz skoncentrowany na prywatności przekaźnik e-mail, co czyni go silną alternatywą dla Chrome. - Dodatkowe funkcje, takie jak przyjazne dla użytkownika narzędzie do zrzutów ekranu, przycisk ChatGPT, tryb Picture-in-Picture, konfigurowalne opcje wyszukiwania i płynne przewijanie, poprawiają wrażenia z przeglądania. - Chociaż Firefox nie ma funkcji aplikacji internetowych Chrome, jego przemyślany design i zmniejszone zapotrzebowanie na zasoby sprawiają, że jest preferowanym wyborem dla niektórych użytkowników.”
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Z„Przeszedłem na Firefox i nigdy nie oglądałem się za siebie” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Dyrektor generalny Sonos rezygnuje po fiasku aktualizacji aplikacji”]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Z„Dyrektor generalny Sonos rezygnuje po fiasku aktualizacji aplikacji” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„W brzuchu MrBeast”]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Z„W brzuchu MrBeast” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Operacje Git na GitHubie są niedostępne”]]> + +
  • „GitHub doświadczył awarii operacji Git 13 stycznia 2025 roku z powodu zmiany konfiguracji wpływającej na wewnętrzny load balancer, trwającej od 23:35 do 00:24 UTC. - Problem został rozwiązany poprzez cofnięcie zmiany konfiguracji, a GitHub pracuje nad poprawą procesów monitorowania i wdrażania, aby zapobiec podobnym incydentom. - Awaria wpłynęła również na usługi GitHub Actions i Pages, co podkreśla wzajemne powiązania ich usług platformowych.”
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000Z„Operacje Git na GitHubie są niedostępne” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„ZFS 2.3 wydany z rozszerzeniem ZFS raidz”]]> + +
  • „OpenZFS 2.3.0 został wydany, wprowadzając znaczące funkcje, takie jak rozszerzenie RAIDZ, szybka deduplikacja, bezpośrednie wejście/wyjście, wyjście w formacie JSON oraz obsługa długich nazw plików. - Wydanie zawiera istotne poprawki błędów i ulepszenia wydajności, kompatybilne z jądrami Linuxa 4.18 - 6.12 oraz wersjami FreeBSD 13.3, 14.0 - 14.2. - Aktualizacja jest wynikiem współpracy 134 współtwórców, z dostępną obszerną dokumentacją i dziennikiem zmian do wglądu.”
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000Z„ZFS 2.3 wydany z rozszerzeniem ZFS raidz” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Webtop – kontenery Alpine, Ubuntu, Fedora i Arch zawierające pełne środowiska desktopowe”]]> + +
  • „Linuxserver/webtop dostarcza kontenery oparte na Alpine, Ubuntu, Fedora i Arch z pełnymi środowiskami graficznymi dostępnymi przez przeglądarki internetowe, obsługującymi zarówno architektury x86-64, jak i arm64.”
    • +
  • „Użytkownicy mogą wybierać spośród różnych środowisk pulpitu, takich jak XFCE, KDE, MATE, i3, Openbox i IceWM, używając określonych tagów obrazów, oraz uzyskiwać dostęp do Webtop za pośrednictwem wyznaczonych adresów URL.”
    • +
  • „Funkcje zabezpieczeń obejmują opcję seccomp Dockera i konfigurację uwierzytelniania, z możliwością dostosowania poprzez zmienne środowiskowe oraz wsparcie dla akceleracji GPU z użyciem sterowników open-source.”
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000Z„Webtop – kontenery Alpine, Ubuntu, Fedora i Arch zawierające pełne środowiska desktopowe” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„1 na 5 ofert pracy online jest albo fałszywa, albo nigdy nie zostaje obsadzona, jak wynika z badania”]]> + +
  • „Niedawne badanie wskazuje, że 20% ofert pracy online jest albo fałszywych, albo pozostaje nieobsadzonych, co zwiększa frustrację osób poszukujących pracy. - Ten trend „widmowych ofert pracy” może być taktyką firm mającą na celu kreowanie wizerunku wzrostu. - Platformy pracy, takie jak Greenhouse i LinkedIn, wprowadziły usługi weryfikacji ofert pracy, aby pomóc użytkownikom w identyfikacji prawdziwych możliwości zatrudnienia.”
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z„1 na 5 ofert pracy online jest albo fałszywa, albo nigdy nie zostaje obsadzona, jak wynika z badania” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Uczynienie skrzyżowania niebezpiecznym dla pieszych, aby zaoszczędzić sekundy dla kierowców”]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Z„Uczynienie skrzyżowania niebezpiecznym dla pieszych, aby zaoszczędzić sekundy dla kierowców” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„PostgreSQL jest Systemem Zarządzania Bazą Danych Roku 2024”]]> + +
  • „PostgreSQL został nagrodzony tytułem DBMS Roku 2024 przez DB-Engines, zdobywając to wyróżnienie po raz piąty, przewyższając 423 inne systemy zarządzania bazami danych.”
    • +
  • „PostgreSQL, z historią sięgającą niemal 35 lat, nadal wprowadza innowacje, co widać w ostatnich usprawnieniach PostgreSQL 17, wydanych we wrześniu 2024 roku.”
    • +
  • „Snowflake i Microsoft zajęły odpowiednio drugie i trzecie miejsce, przy czym Snowflake wyróżnia się magazynowaniem danych w chmurze i wsparciem dla wielu chmur, podczas gdy Microsoft oferuje solidne zarządzane relacyjne bazy danych za pośrednictwem Azure SQL Database i SQL Server.”
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000Z„PostgreSQL jest Systemem Zarządzania Bazą Danych Roku 2024” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Logowanie OAuth Google nie chroni przed zakupem domeny upadłego startupu”]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Z„Logowanie OAuth Google nie chroni przed zakupem domeny upadłego startupu” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Wykorzystywanie umiejętności kodowania do generowania pasywnego dochodu”]]> + +
  • „Autor przeszedł z roli CTO do solopreneur, z powodzeniem zarabiając więcej dzięki portfolio produktów software'owych.”
    • +
  • „Kluczowe strategie obejmują skupienie się na głębokiej pracy, rozpoczynanie od małych projektów, szybkie iterowanie oraz poświęcanie czasu na działania marketingowe.”
    • +
  • „Podróż podkreśla odporność w obliczu niepewności, ale uwydatnia niezrównaną autonomię i wolność tej ścieżki kariery, zachęcając osoby z umiejętnościami kodowania do rozważenia jej jako źródła pasywnego dochodu.”
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Z„Wykorzystywanie umiejętności kodowania do generowania pasywnego dochodu” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Hiszpania proponuje 100% podatek od domów kupowanych przez mieszkańców spoza UE”]]> + +
  • „Hiszpania rozważa wprowadzenie 100% podatku od zakupu nieruchomości przez mieszkańców spoza UE, mając na celu rozwiązanie kryzysu mieszkaniowego i ograniczenie spekulacyjnych zakupów.”
    • +
  • „Propozycja premiera Pedro Sáncheza obejmuje rozszerzenie zasobów mieszkań socjalnych oraz regulację wynajmu turystycznego w celu rozwiązania problemu dysproporcji między cenami mieszkań a dochodami.”
    • +
  • „Przyszłość propozycji jako prawa jest niepewna, a niektórzy analitycy postrzegają ją jako czynnik odstraszający zagranicznych inwestorów, a nie jako gwarantowaną zmianę legislacyjną.”
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Z„Hiszpania proponuje 100% podatek od domów kupowanych przez mieszkańców spoza UE” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Apple wkrótce otrzyma 'wyprodukowane w Ameryce' chipy z fabryki TSMC w Arizonie”]]> + +
  • „Apple testuje procesory z zakładu TSMC w Arizonie, planując masową produkcję do pierwszego kwartału, co może uczynić Apple pierwszym amerykańskim klientem TSMC dla lokalnie produkowanych chipów. - Inicjatywa ta ma na celu wzmocnienie niezależności USA w zakresie produkcji krzemu, zmniejszając zależność od Tajwanu, który jest narażony na ryzyko geopolityczne i naturalne. - Fabryka TSMC w Arizonie ma produkować zaawansowane chipy 3nm i 2nm, z trwającymi wysiłkami na rzecz zwiększenia lokalnej rekrutacji i współpracy z amerykańskimi uniwersytetami, chociaż pakowanie początkowo będzie odbywać się na Tajwanie, dopóki zakład w Peorii nie będzie operacyjny.”
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Z„Apple wkrótce otrzyma 'wyprodukowane w Ameryce' chipy z fabryki TSMC w Arizonie” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„43 tysiące mniej kierowców na drogach Manhattanu po wprowadzeniu opłat za wjazd do centrum”]]> + +
  • „Po wprowadzeniu opłat za wjazd do centrum, liczba kierowców wjeżdżających do Manhattanu poniżej 60. ulicy zmniejszyła się o 7,5%, co oznacza 43 000 mniej kierowców każdego dnia roboczego.”
    • +
  • „Zmniejszenie ruchu poprawiło płynność ruchu i zwiększyło prędkości autobusów, a niektóre autobusy ekspresowe odnotowały większą liczbę pasażerów.”
    • +
  • „Metropolitan Transportation Authority (MTA) wykorzystuje wpływy z opłat drogowych, szacowane na 500 milionów dolarów rocznie, na poprawę transportu, pomimo pewnego sprzeciwu politycznego.”
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z„43 tysiące mniej kierowców na drogach Manhattanu po wprowadzeniu opłat za wjazd do centrum” + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[„Zabójczą cechą Uv jest ułatwianie tworzenia ad-hoc środowisk”]]> 2025-01-05T00:00:00.000Z„Guten: Mała drukarka gazet” Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[„Samochód Volvo z 1993 roku z autopilotem”]]> - -
  • „Grupa przyjaciół wzięła udział w zimowej edycji Carbage Run 2025, sześciodniowym rajdzie przez Szwecję do koła podbiegunowego i z powrotem do Helsinek, wymagającym, aby samochody miały co najmniej 20 lat i były warte mniej niż 1000 euro.”
    • -
  • „Przekształcili Volvo 940 Estate z 1993 roku w pojazd autonomiczny, wykorzystując openpilot od comma.ai, włączając nowoczesne komponenty, takie jak elektryczne wspomaganie kierownicy, Bosch iBooster i czujnik radarowy Tesli.”
    • -
  • „Przyszłe aktualizacje będą zawierały szczegóły dotyczące okablowania, niestandardowej jednostki sterującej silnikiem (ECU) oraz plany otwarcia kodu źródłowego, co podkreśla innowacyjne podejście projektu do modernizacji starszych pojazdów z technologią autonomiczną.”
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z„Samochód Volvo z 1993 roku z autopilotem” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„VoxelSpace: Algorytm renderowania terenu w mniej niż 20 liniach kodu (2020)”]]> - -
  • „Gra Comanche z 1992 roku stworzona przez NovaLogic wykorzystywała silnik Voxel Space, technikę renderowania 2.5D opartą na ray castingu, aby tworzyć szczegółowe tereny z cieniowaniem i cieniami.”
    • -
  • „Silnik Voxel Space wykorzystywał mapy wysokości i koloru oraz prosty algorytm renderowania, rysując pionowe linie od tyłu do przodu, co można było zoptymalizować pod kątem wydajności.”
    • -
  • „Kod silnika jest dostępny na licencji MIT, ale technologia może być nadal opatentowana w niektórych regionach.”
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000Z„VoxelSpace: Algorytm renderowania terenu w mniej niż 20 liniach kodu (2020)” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Jak narysować kontur w grze wideo”]]> - -
  • „Artykuł omawia pięć technik renderowania konturów w Unity, popularnej platformie do tworzenia gier, podkreślając ich zastosowanie w grach takich jak Sable i The Last of Us. - Techniki obejmują efekty krawędziowe, ekstruzję wierzchołków, rozmyty bufor, algorytm Jump Flood oraz wykrywanie krawędzi, z których każda ma unikalne zalety i kompromisy w zakresie wydajności i jakości wizualnej. - Artykuł dostarcza wglądu w równoważenie tych metod dla optymalnej estetyki gry i wsparcia rozgrywki, z dodatkowymi zasobami i podziękowaniami za modele 3D.”
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Z„Jak narysować kontur w grze wideo” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Odchodzę z Washington Post”]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Z„Odchodzę z Washington Post” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Perplexity ma reklamy”]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Z„Perplexity ma reklamy” - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/pt.xml b/static/rss/story/pt.xml index c9d9a7f7a..dd8b4296f 100644 --- a/static/rss/story/pt.xml +++ b/static/rss/story/pt.xml @@ -15,11 +15,210 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[Pesquisador de segurança da Snyk implanta pacotes NPM maliciosos visando cursor.com]]> + +
  • A Snyk, uma pesquisadora de segurança, lançou pacotes NPM maliciosos visando a Cursor.com, uma empresa de codificação de IA, para coletar dados do sistema e enviá-los para um serviço controlado por um atacante.
    • +
  • As pacotes, identificados como "cursor-retrieval", "cursor-always-local" e "cursor-shadow-workspace", foram sinalizados pelo scanner de análise de pacotes OpenSSF, resultando nos avisos MAL-2025-27, MAL-2025-28 e MAL-2025-29.
    • +
  • Este incidente destaca a importância de examinar os pacotes NPM antes da instalação para evitar potenciais ameaças à segurança.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZPesquisador de segurança da Snyk implanta pacotes NPM maliciosos visando cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[I Switched to Firefox and Never Looked Back]]> + +
  • Firefox é elogiado por seu gerenciamento superior de abas, recurso Pocket integrado para salvar links e um serviço de e-mail focado em privacidade, tornando-o uma forte alternativa ao Chrome. - Recursos adicionais como uma ferramenta de captura de tela fácil de usar, um botão ChatGPT, modo Picture-in-Picture, opções de pesquisa personalizáveis e rolagem suave melhoram a experiência de navegação. - Embora o Firefox não tenha o recurso de aplicativos da web do Chrome, seu design cuidadoso e menor demanda de recursos o tornam a escolha preferida para alguns usuários.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZI Switched to Firefox and Never Looked Back + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[CEO da Sonos renuncia após fiasco de atualização de aplicativo]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZCEO da Sonos renuncia após fiasco de atualização de aplicativo + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Na barriga do MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZNa barriga do MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Operações do Git no GitHub estão fora do ar]]> + +
  • GitHub enfrentou uma interrupção nas operações do Git em 13 de janeiro de 2025, devido a uma alteração de configuração que afetou o balanceador de carga interno, durando das 23:35 às 00:24 UTC. - O problema foi resolvido revertendo a alteração de configuração, e o GitHub está trabalhando para melhorar os processos de monitoramento e implantação para evitar incidentes semelhantes. - A interrupção também afetou os serviços Actions e Pages do GitHub, destacando a natureza interconectada de seus serviços de plataforma.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZOperações do Git no GitHub estão fora do ar + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 lançado com expansão ZFS raidz]]> + +
  • OpenZFS 2.3.0 foi lançado, introduzindo recursos significativos como Expansão RAIDZ, Desduplicação Rápida, Entrada/Saída Direta, saída em JSON e suporte para nomes de arquivos longos. - O lançamento inclui correções de bugs essenciais e melhorias de desempenho, compatível com kernels Linux 4.18 - 6.12 e versões FreeBSD 13.3, 14.0 - 14.2. - A atualização é um esforço colaborativo de 134 colaboradores, com documentação abrangente e um registro de alterações disponível para revisão.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 lançado com expansão ZFS raidz + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Contêineres Alpine, Ubuntu, Fedora e Arch contendo ambientes de desktop completos]]> + +
  • Linuxserver/webtop fornece contêineres baseados em Alpine, Ubuntu, Fedora e Arch com ambientes de desktop completos acessíveis através de navegadores web, suportando as arquiteturas x86-64 e arm64.
    • +
  • Os usuários podem selecionar entre vários ambientes de desktop, como XFCE, KDE, MATE, i3, Openbox e IceWM, usando tags de imagem específicas e acessar o Webtop por meio de URLs designados.
    • +
  • Os recursos de segurança incluem a opção seccomp do Docker e a configuração de autenticação, com opções de personalização disponíveis através de variáveis de ambiente, além de suporte para aceleração de GPU com drivers de código aberto.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Contêineres Alpine, Ubuntu, Fedora e Arch contendo ambientes de desktop completos + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 em cada 5 anúncios de emprego online são falsos ou nunca são preenchidos, aponta estudo]]> + +
  • A recent study indicates that 20% of online job postings are either fake or remain unfilled, adding to job seekers' frustration. - This "ghost job" trend might be a tactic for companies to project an image of growth. - Job platforms such as Greenhouse and LinkedIn have introduced job verification services to assist users in identifying genuine job opportunities.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 em cada 5 anúncios de emprego online são falsos ou nunca são preenchidos, aponta estudo + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Transformar um cruzamento em um local inseguro para pedestres para economizar segundos para motoristas]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZTransformar um cruzamento em um local inseguro para pedestres para economizar segundos para motoristas + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL é o Sistema de Gerenciamento de Banco de Dados do Ano de 2024]]> + +
  • PostgreSQL foi premiado como DBMS do Ano 2024 pela DB-Engines, alcançando esse reconhecimento pela quinta vez, superando 423 outros sistemas de gerenciamento de banco de dados.
    • +
  • PostgreSQL, com uma história que se estende por quase 35 anos, continua a inovar, como visto nas melhorias recentes do PostgreSQL 17, lançado em setembro de 2024.
    • +
  • Snowflake e Microsoft garantiram o segundo e terceiro lugares, respectivamente, com a Snowflake sendo destacada por seu armazenamento de dados baseado em nuvem e suporte multi-nuvem, enquanto a Microsoft oferece bancos de dados relacionais gerenciados robustos através do Azure SQL Database e SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL é o Sistema de Gerenciamento de Banco de Dados do Ano de 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Login OAuth do Google não protege contra a compra de um domínio de startup falida]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZLogin OAuth do Google não protege contra a compra de um domínio de startup falida + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Usando habilidades de codificação para gerar renda passiva]]> + +
  • O autor fez a transição de um cargo de CTO para solopreneur, conseguindo ganhar mais por meio de um portfólio de produtos de software.
    • +
  • Principais estratégias incluem focar em trabalho profundo, começar com pequenos projetos, iterar rapidamente e dedicar tempo aos esforços de marketing.
    • +
  • A jornada enfatiza a resiliência devido às incertezas, mas destaca a autonomia e liberdade incomparáveis deste caminho de carreira, encorajando aqueles com habilidades de codificação a considerá-lo para renda passiva.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZUsando habilidades de codificação para gerar renda passiva + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Proposta da Espanha: imposto de 100% sobre casas compradas por residentes fora da UE]]> + +
  • Considerando a crise habitacional e a necessidade de conter a compra especulativa, a Espanha está avaliando a implementação de um imposto de 100% sobre aquisições de imóveis por residentes de fora da UE.
    • +
  • Proposta do Primeiro-Ministro Pedro Sánchez inclui a expansão da habitação social e a regulamentação dos aluguéis turísticos para enfrentar a disparidade entre os preços das habitações e os rendimentos.
    • +
  • A futura transformação da proposta em lei é incerta, com alguns analistas vendo-a como um impedimento para investidores estrangeiros, em vez de uma mudança legislativa garantida.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZProposta da Espanha: imposto de 100% sobre casas compradas por residentes fora da UE + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Em breve, a Apple receberá chips 'feitos na América' da fábrica da TSMC no Arizona]]> + +
  • Apple está testando processadores da instalação da TSMC no Arizona, com planos para produção em massa até o primeiro trimestre, potencialmente se tornando o primeiro cliente dos EUA da TSMC para chips fabricados localmente. - Esta iniciativa visa fortalecer a independência de silício dos EUA, reduzindo a dependência de Taiwan, que é vulnerável a riscos geopolíticos e naturais. - A fábrica da TSMC no Arizona está programada para produzir chips avançados de 3nm e 2nm, com esforços contínuos para melhorar o recrutamento local e parcerias com universidades dos EUA, embora a embalagem ocorra inicialmente em Taiwan até que a instalação de Peoria esteja operacional.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZEm breve, a Apple receberá chips 'feitos na América' da fábrica da TSMC no Arizona + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43 mil motoristas a menos nas estradas de Manhattan após a ativação da precificação de congestionamento]]> + +
  • Após a implementação da precificação de congestionamento, houve uma redução de 7,5% no número de motoristas entrando em Manhattan abaixo da 60th Street, o que equivale a 43.000 motoristas a menos a cada dia útil.
    • +
  • A redução no tráfego melhorou o fluxo de trânsito e aumentou a velocidade dos ônibus, com alguns ônibus expressos experimentando um aumento no número de passageiros.
    • +
  • O Metropolitan Transportation Authority (MTA) utiliza a receita de pedágio, estimada em $500 milhões anualmente, para melhorias no transporte, apesar de alguma oposição política.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43 mil motoristas a menos nas estradas de Manhattan após a ativação da precificação de congestionamento + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Um dos principais recursos do Uv é facilitar a criação de ambientes ad-hoc.]]> 2025-01-05T00:00:00.000ZGuten: Uma Pequena Impressora de Jornais Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Volvo 1993 autônomo com piloto aberto]]> - -
  • A group of friends participated in the Carbage Run 2025 Winter edition, a 6-day rally through Sweden to the polar circle and back to Helsinki, requiring cars to be at least 20 years old and valued under €1000.
    • -
  • Transformaram um Volvo 940 Estate de 1993 em um veículo autônomo usando o openpilot da comma.ai, incorporando componentes modernos como direção elétrica, um Bosch iBooster e um sensor de radar da Tesla.
    • -
  • Atualizações futuras incluirão detalhes sobre a fiação, uma Unidade de Controle do Motor (ECU) personalizada e planos para tornar o código de código aberto, destacando a abordagem inovadora do projeto para adaptar veículos mais antigos com tecnologia autônoma.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZVolvo 1993 autônomo com piloto aberto - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Algoritmo de renderização de terreno em menos de 20 linhas de código (2020)]]> - -
  • Comanche, o jogo de 1992 da NovaLogic, utilizou o motor Voxel Space, uma técnica de renderização 2.5D baseada em ray casting, para criar terrenos detalhados com sombreamento e sombras.
    • -
  • O motor Voxel Space usava mapas de altura e cor e um algoritmo de renderização simples, desenhando linhas verticais de trás para frente, o que poderia ser otimizado para desempenho.
    • -
  • O código do motor está disponível sob a licença MIT, mas a tecnologia ainda pode estar patenteada em certas regiões.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Algoritmo de renderização de terreno em menos de 20 linhas de código (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Como desenhar um contorno em um videogame]]> - -
  • O artigo discute cinco técnicas para renderizar contornos no Unity, uma popular plataforma de desenvolvimento de jogos, destacando seu uso em jogos como Sable e The Last of Us. - As técnicas incluem Efeitos de Borda, Extrusão de Vértice, Buffer Desfocado, Algoritmo de Jump Flood e Detecção de Bordas, cada uma com vantagens e desvantagens únicas em termos de desempenho e qualidade visual. - O artigo oferece insights sobre como equilibrar esses métodos para uma estética de jogo ideal e suporte à jogabilidade, com recursos adicionais e créditos para modelos 3D incluídos.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZComo desenhar um contorno em um videogame - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Estou saindo do Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZEstou saindo do Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity tem anúncios]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity tem anúncios - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/ro.xml b/static/rss/story/ro.xml index f881471e7..7484cd5b2 100644 --- a/static/rss/story/ro.xml +++ b/static/rss/story/ro.xml @@ -15,11 +15,211 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[„Cercetătorul de securitate Snyk lansează pachete NPM malițioase care vizează cursor.com”]]> + +
  • „Un cercetător în securitate de la Snyk a lansat pachete NPM malițioase care vizează Cursor.com, o companie de codare AI, pentru a colecta date de sistem și a le trimite către un serviciu controlat de atacator.”
    • +
  • „Pachetele, identificate ca „cursor-retrieval”, „cursor-always-local” și „cursor-shadow-workspace”, au fost semnalate de scannerul de analiză a pachetelor OpenSSF, rezultând în avizele MAL-2025-27, MAL-2025-28 și MAL-2025-29.”
    • +
  • „Acest incident subliniază importanța examinării atente a pachetelor NPM înainte de instalare pentru a evita potențialele amenințări de securitate.”
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Z„Cercetătorul de securitate Snyk lansează pachete NPM malițioase care vizează cursor.com” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Am trecut la Firefox și nu m-am mai uitat înapoi”]]> + +
  • „Firefox este lăudat pentru gestionarea superioară a filelor, funcția Pocket integrată pentru salvarea linkurilor și un serviciu de redirecționare a e-mailurilor axat pe confidențialitate, făcându-l o alternativă puternică la Chrome. - Funcții suplimentare precum un instrument de captură de ecran ușor de utilizat, un buton ChatGPT, funcția Picture-in-Picture, opțiuni de căutare personalizabile și derularea lină îmbunătățesc experiența de navigare. - Deși Firefox nu dispune de funcția de aplicație web a Chrome, designul său atent și cerințele reduse de resurse îl fac o alegere preferată pentru unii utilizatori.”
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Z„Am trecut la Firefox și nu m-am mai uitat înapoi” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„CEO-ul Sonos demisionează după fiasco-ul actualizării aplicației”]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Z„CEO-ul Sonos demisionează după fiasco-ul actualizării aplicației” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„În burta lui MrBeast”]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Z„În burta lui MrBeast” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Operațiunile Git de pe GitHub sunt indisponibile”]]> + +
  • „GitHub a întâmpinat o întrerupere a operațiunilor Git pe 13 ianuarie 2025, din cauza unei modificări de configurare care a afectat echilibratorul de sarcină intern, durând de la 23:35 la 00:24 UTC. - Problema a fost rezolvată prin revenirea la modificarea de configurare, iar GitHub lucrează la îmbunătățirea proceselor de monitorizare și implementare pentru a preveni incidente similare. - Întreruperea a afectat, de asemenea, serviciile Actions și Pages ale GitHub, evidențiind natura interconectată a serviciilor platformei lor.”
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000Z„Operațiunile Git de pe GitHub sunt indisponibile” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„ZFS 2.3 lansat cu extinderea ZFS raidz”]]> + +
  • „OpenZFS 2.3.0 a fost lansat, introducând caracteristici semnificative precum extinderea RAIDZ, deduplicarea rapidă, intrare/ieșire directă, ieșire JSON și suport pentru nume de fișiere lungi. - Lansarea include corecții esențiale de erori și îmbunătățiri de performanță, compatibile cu nucleele Linux 4.18 - 6.12 și versiunile FreeBSD 13.3, 14.0 - 14.2. - Actualizarea este un efort colaborativ al 134 de contribuitori, cu documentație cuprinzătoare și un jurnal de modificări disponibil pentru revizuire.”
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000Z„ZFS 2.3 lansat cu extinderea ZFS raidz” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Webtop – Containere Alpine, Ubuntu, Fedora și Arch care conțin medii desktop complete”]]> + +
  • „Linuxserver/webtop oferă containere bazate pe Alpine, Ubuntu, Fedora și Arch cu medii desktop complete accesibile prin browsere web, suportând atât arhitecturile x86-64, cât și arm64.”
    • +
  • „Utilizatorii pot selecta din diverse medii desktop, cum ar fi XFCE, KDE, MATE, i3, Openbox și IceWM, folosind etichete de imagine specifice și pot accesa Webtop prin URL-uri desemnate.”
    • +
  • „Caracteristicile de securitate includ opțiunea seccomp a Docker și configurarea autentificării, cu opțiuni de personalizare disponibile prin variabile de mediu, și suport pentru accelerarea GPU cu drivere open-source.”
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000Z„Webtop – Containere Alpine, Ubuntu, Fedora și Arch care conțin medii desktop complete” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„1 din 5 anunțuri de locuri de muncă online sunt fie false, fie nu sunt niciodată ocupate, arată un studiu”]]> + +
  • „Un studiu recent indică faptul că 20% dintre anunțurile de locuri de muncă online sunt fie false, fie rămân neocupate, adăugând la frustrarea celor care caută un loc de muncă. - Această tendință de „locuri de muncă fantomă” ar putea fi o tactică a companiilor de a proiecta o imagine de creștere. - Platforme de locuri de muncă precum Greenhouse și LinkedIn au introdus servicii de verificare a locurilor de muncă pentru a ajuta utilizatorii să identifice oportunitățile de muncă autentice.”
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z„1 din 5 anunțuri de locuri de muncă online sunt fie false, fie nu sunt niciodată ocupate, arată un studiu” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Transformarea unei intersecții într-un loc nesigur pentru pietoni pentru a economisi câteva secunde pentru șoferi”]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Z„Transformarea unei intersecții într-un loc nesigur pentru pietoni pentru a economisi câteva secunde pentru șoferi” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„PostgreSQL este Sistemul de Management al Bazelor de Date al Anului 2024”]]> + +
  • „PostgreSQL a fost desemnat DBMS-ul Anului 2024 de către DB-Engines, obținând această recunoaștere pentru a cincea oară, depășind alte 423 de sisteme de gestionare a bazelor de date.”
    • +
  • „PostgreSQL, cu o istorie de aproape 35 de ani, continuă să inoveze, așa cum se vede în îmbunătățirile recente ale PostgreSQL 17, lansat în septembrie 2024.”
    • +
  • „Snowflake și Microsoft au obținut locurile doi și trei, respectiv, cu Snowflake remarcat pentru depozitarea de date bazată pe cloud și suportul multi-cloud, în timp ce Microsoft oferă baze de date relaționale gestionate robust prin Azure SQL Database și SQL Server.”
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000Z„PostgreSQL este Sistemul de Management al Bazelor de Date al Anului 2024” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Conectarea OAuth de la Google nu protejează împotriva achiziționării unui domeniu al unei startup-uri eșuate”]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Z„Conectarea OAuth de la Google nu protejează împotriva achiziționării unui domeniu al unei startup-uri eșuate” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Folosirea abilităților de programare pentru a obține venituri pasive”]]> + +
  • „Autorul a făcut tranziția de la rolul de CTO la soloprenor, reușind să câștige mai mult printr-un portofoliu de produse software.”
    • +
  • „Strategiile cheie includ concentrarea pe munca profundă, începerea cu proiecte mici, iterarea rapidă și dedicarea timpului pentru eforturile de marketing.”
    • +
  • „Călătoria subliniază reziliența în fața incertitudinilor, dar evidențiază autonomia și libertatea de neegalat ale acestui parcurs profesional, încurajându-i pe cei cu abilități de programare să îl considere pentru venituri pasive.”
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Z„Folosirea abilităților de programare pentru a obține venituri pasive” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Spania propune un impozit de 100% pe locuințele cumpărate de rezidenți din afara UE”]]> + +
  • „Spania ia în considerare un impozit de 100% pe achizițiile imobiliare de către rezidenții din afara UE, având ca scop abordarea crizei locuințelor și limitarea achizițiilor speculative.”
    • +
  • „Propunerea prim-ministrului Pedro Sánchez include extinderea locuințelor sociale și reglementarea închirierilor turistice pentru a aborda disparitatea dintre prețurile locuințelor și venituri.”
    • +
  • „Viitorul propunerii ca lege este incert, unii analiști considerând-o mai degrabă un factor de descurajare pentru investitorii străini decât o schimbare legislativă garantată.”
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Z„Spania propune un impozit de 100% pe locuințele cumpărate de rezidenți din afara UE” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Apple va primi în curând cipuri 'fabricate în America' de la fabrica TSMC din Arizona”]]> + +
  • „Apple testează procesoare de la fabrica TSMC din Arizona, cu planuri de producție în masă până în primul trimestru, devenind potențial primul client american al TSMC pentru cipuri fabricate local. - Această inițiativă are ca scop consolidarea independenței siliconului în SUA, reducând dependența de Taiwan, care este vulnerabil la riscuri geopolitice și naturale. - Fabrica TSMC din Arizona este pregătită să producă cipuri avansate de 3nm și 2nm, cu eforturi continue de a îmbunătăți recrutarea locală și parteneriatele cu universitățile americane, deși ambalarea va avea loc inițial în Taiwan până când facilitatea din Peoria va fi operațională.”
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Z„Apple va primi în curând cipuri 'fabricate în America' de la fabrica TSMC din Arizona” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Cu 43.000 de șoferi mai puțin pe drumurile din Manhattan după ce a fost activată taxarea pentru congestionare”]]> + +
  • „După implementarea taxării pentru congestionare, a existat o reducere de 7,5% a șoferilor care intră în Manhattan sub strada 60, ceea ce echivalează cu 43.000 de șoferi mai puțini în fiecare zi lucrătoare.”
    • +
  • „Reducerea traficului a îmbunătățit fluxul de trafic și a crescut viteza autobuzelor, unele autobuze expres înregistrând o creștere a numărului de pasageri.”
    • +
  • „Autoritatea Metropolitană de Transport (MTA) folosește veniturile din taxe, estimate la 500 de milioane de dolari anual, pentru îmbunătățiri ale transportului, în ciuda unei anumite opoziții politice.”
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z„Cu 43.000 de șoferi mai puțin pe drumurile din Manhattan după ce a fost activată taxarea pentru congestionare” + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[„Caracteristica de bază a Uv este facilitarea creării de medii ad-hoc”]]> 2025-01-05T00:00:00.000Z„Guten: O imprimantă mică de ziare” Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[„Volvo 1993 cu autopilot”]]> - -
  • „Un grup de prieteni a participat la ediția de iarnă Carbage Run 2025, un raliu de 6 zile prin Suedia până la cercul polar și înapoi la Helsinki, care necesită ca mașinile să aibă cel puțin 20 de ani vechime și să fie evaluate sub 1000 €.”
    • -
  • „Au transformat un Volvo 940 Estate din 1993 într-un vehicul autonom folosind openpilot de la comma.ai, încorporând componente moderne precum direcția asistată electric, un iBooster Bosch și un senzor radar Tesla.”
    • -
  • „Actualizările viitoare vor include detalii despre cablaj, o unitate de control a motorului (ECU) personalizată și planuri de a face codul open-source, evidențiind abordarea inovatoare a proiectului de a echipa vehiculele mai vechi cu tehnologie autonomă.”
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z„Volvo 1993 cu autopilot” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„VoxelSpace: Algoritm de randare a terenului în mai puțin de 20 de linii de cod (2020)”]]> - -
  • „Jocul Comanche din 1992 al companiei NovaLogic a utilizat motorul Voxel Space, o tehnică de redare 2.5D bazată pe ray casting, pentru a crea terenuri detaliate cu umbre și umbrire.”
    • -
  • „Motorul Voxel Space folosea hărți de înălțime și culoare și un algoritm simplu de randare, desenând linii verticale de la spate la față, care puteau fi optimizate pentru performanță.”
    • -
  • „Codul motorului este disponibil sub licența MIT, dar tehnologia poate fi încă brevetată în anumite regiuni.”
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000Z„VoxelSpace: Algoritm de randare a terenului în mai puțin de 20 de linii de cod (2020)” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Cum să desenezi un contur într-un joc video”]]> - -
  • „Articolul discută cinci tehnici pentru redarea contururilor în Unity, o platformă populară de dezvoltare a jocurilor, evidențiind utilizarea lor în jocuri precum Sable și The Last of Us. - Tehnicile includ efecte de margine, extrudare de vârfuri, tampon blurat, algoritmul de salt și detectarea marginilor, fiecare având avantaje și compromisuri unice în ceea ce privește performanța și calitatea vizuală. - Articolul oferă perspective asupra echilibrării acestor metode pentru estetica optimă a jocului și suportul pentru gameplay, cu resurse suplimentare și credite pentru modelele 3D incluse.”
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Z„Cum să desenezi un contur într-un joc video” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Renunț la Washington Post”]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Z„Renunț la Washington Post” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Perplexity are reclame”]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Z„Perplexity are reclame” - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/ru.xml b/static/rss/story/ru.xml index 42d1b5c59..79397017b 100644 --- a/static/rss/story/ru.xml +++ b/static/rss/story/ru.xml @@ -15,13 +15,211 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 <![CDATA[Исследователь безопасности Snyk разворачивает вредоносные пакеты NPM, нацеленные на cursor.com]]> + +
  • Исследователь безопасности из Snyk выпустил вредоносные пакеты NPM, нацеленные на Cursor.com, компанию, занимающуюся AI-кодированием, чтобы собирать системные данные и отправлять их на сервис, контролируемый злоумышленником.
    • +
  • Пакеты, идентифицированные как "cursor-retrieval", "cursor-always-local" и "cursor-shadow-workspace", были отмечены сканером анализа пакетов OpenSSF, что привело к предупреждениям MAL-2025-27, MAL-2025-28 и MAL-2025-29.
    • +
  • Этот инцидент подчеркивает важность тщательной проверки пакетов NPM перед установкой, чтобы избежать потенциальных угроз безопасности.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZИсследователь безопасности Snyk разворачивает вредоносные пакеты NPM, нацеленные на cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Я перешел на Firefox и никогда не оглядывался назад]]> + +
  • Firefox хвалят за превосходное управление вкладками, встроенную функцию Pocket для сохранения ссылок и ориентированную на конфиденциальность функцию пересылки электронной почты, что делает его сильной альтернативой Chrome. - Дополнительные функции, такие как удобный инструмент для создания скриншотов, кнопка ChatGPT, режим "картинка в картинке", настраиваемые параметры поиска и плавная прокрутка, улучшают впечатления от просмотра. - Хотя Firefox не имеет функции веб-приложений, как у Chrome, его продуманный дизайн и сниженные требования к ресурсам делают его предпочтительным выбором для некоторых пользователей.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZЯ перешел на Firefox и никогда не оглядывался назад + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Генеральный директор Sonos уходит в отставку после неудачного обновления приложения]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZГенеральный директор Sonos уходит в отставку после неудачного обновления приложения + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[В чреве MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZВ чреве MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Операции Git на GitHub не работают]]> + +
  • GitHub столкнулся с сбоем операций Git 13 января 2025 года из-за изменения конфигурации, повлиявшего на внутренний балансировщик нагрузки, который длился с 23:35 до 00:24 по UTC. - Проблема была решена путем отмены изменения конфигурации, и GitHub работает над улучшением процессов мониторинга и развертывания, чтобы предотвратить подобные инциденты. - Сбой также затронул сервисы GitHub Actions и Pages, что подчеркивает взаимосвязанную природу их платформенных сервисов.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZОперации Git на GitHub не работают + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Выпущен ZFS 2.3 с расширением ZFS raidz]]> + +
  • OpenZFS 2.3.0 выпущен, представляя значительные функции, такие как расширение RAIDZ, быстрая дедупликация, прямой ввод/вывод, вывод в формате JSON и поддержка длинных имен файлов. - Выпуск включает в себя важные исправления ошибок и улучшения производительности, совместимые с ядрами Linux 4.18 - 6.12 и версиями FreeBSD 13.3, 14.0 - 14.2. - Обновление является совместной работой 134 участников, с доступной для ознакомления полной документацией и журналом изменений.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZВыпущен ZFS 2.3 с расширением ZFS raidz + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – контейнеры Alpine, Ubuntu, Fedora и Arch, содержащие полные настольные среды]]> + +
  • Linuxserver/webtop предоставляет контейнеры на основе Alpine, Ubuntu, Fedora и Arch с полными настольными окружениями, доступными через веб-браузеры, поддерживая архитектуры x86-64 и arm64.
    • +
  • Пользователи могут выбирать из различных настольных сред, таких как XFCE, KDE, MATE, i3, Openbox и IceWM, используя определенные теги изображений, и получать доступ к Webtop через указанные URL-адреса.
    • +
  • Функции безопасности включают в себя опцию seccomp Docker и настройку аутентификации, с возможностью настройки через переменные окружения, а также поддержку ускорения GPU с использованием драйверов с открытым исходным кодом.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – контейнеры Alpine, Ubuntu, Fedora и Arch, содержащие полные настольные среды + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 из 5 онлайн-вакансий либо фальшивые, либо никогда не заполняются, как показало исследование.]]> + +
  • Недавнее исследование показывает, что 20% онлайн-вакансий либо фальшивые, либо остаются незаполненными, что добавляет разочарования соискателям. - Эта тенденция "призрачных вакансий" может быть тактикой компаний для создания образа роста. - Платформы для поиска работы, такие как Greenhouse и LinkedIn, внедрили услуги проверки вакансий, чтобы помочь пользователям в идентификации подлинных возможностей трудоустройства.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 из 5 онлайн-вакансий либо фальшивые, либо никогда не заполняются, как показало исследование. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Делать перекресток небезопасным для пешеходов, чтобы сэкономить секунды для водителей]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZДелать перекресток небезопасным для пешеходов, чтобы сэкономить секунды для водителей + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL - это система управления базами данных года 2024]]> + +
  • PostgreSQL был удостоен звания СУБД года 2024 по версии DB-Engines, получив это признание в пятый раз, обойдя 423 другие системы управления базами данных.
    • +
  • PostgreSQL, с историей, охватывающей почти 35 лет, продолжает внедрять инновации, что видно на примере последних улучшений PostgreSQL 17, выпущенного в сентябре 2024 года.
    • +
  • Snowflake и Microsoft заняли второе и третье места соответственно, при этом Snowflake отмечен за свои облачные хранилища данных и поддержку мультиоблачности, в то время как Microsoft предлагает надежные управляемые реляционные базы данных через Azure SQL Database и SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL - это система управления базами данных года 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[OAuth-авторизация Google не защищает от покупки домена неудавшегося стартапа.]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZOAuth-авторизация Google не защищает от покупки домена неудавшегося стартапа. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Использование навыков программирования для получения пассивного дохода]]> + +
  • Автор перешел с должности технического директора на путь солопредпринимателя, успешно зарабатывая больше благодаря портфелю программных продуктов.
    • +
  • Ключевые стратегии включают в себя сосредоточение на глубокой работе, начало с небольших проектов, быструю итерацию и выделение времени на маркетинговые усилия.
    • +
  • Путешествие подчеркивает стойкость перед лицом неопределенностей, но выделяет несравненную автономию и свободу этого карьерного пути, побуждая тех, кто обладает навыками программирования, рассмотреть его для получения пассивного дохода.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZИспользование навыков программирования для получения пассивного дохода + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Испания предлагает 100% налог на дома, купленные резидентами, не входящими в ЕС]]> + +
  • Испания рассматривает возможность введения 100% налога на покупку недвижимости для нерезидентов ЕС, стремясь решить жилищный кризис и ограничить спекулятивные покупки.
    • +
  • Предложение премьер-министра Педро Санчеса включает расширение социального жилья и регулирование туристической аренды для решения проблемы несоответствия между ценами на жилье и доходами.
    • +
  • Будущее предложения как закона остается неопределенным, и некоторые аналитики рассматривают его скорее как сдерживающий фактор для иностранных инвесторов, чем как гарантированное законодательное изменение.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZИспания предлагает 100% налог на дома, купленные резидентами, не входящими в ЕС + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple вскоре получит чипы 'сделано в Америке' с фабрики TSMC в Аризоне.]]> + +
  • Apple тестирует процессоры из аризонского завода TSMC, планируя массовое производство к первому кварталу, что потенциально делает её первым клиентом TSMC в США для локально произведённых чипов. - Эта инициатива направлена на укрепление независимости США в области кремния, снижая зависимость от Тайваня, который уязвим к геополитическим и природным рискам. - Аризонский завод TSMC будет производить передовые чипы 3нм и 2нм, с продолжающимися усилиями по улучшению местного набора сотрудников и партнёрств с американскими университетами, хотя упаковка изначально будет происходить на Тайване, пока объект в Пеории не станет операционным.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple вскоре получит чипы 'сделано в Америке' с фабрики TSMC в Аризоне. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[На дорогах Манхэттена стало на 43 тысячи водителей меньше после введения платы за въезд в зону с высокой загруженностью.]]> + +
  • После внедрения системы платного въезда количество водителей, въезжающих в Манхэттен ниже 60-й улицы, сократилось на 7,5%, что эквивалентно 43 000 водителей меньше каждый будний день.
    • +
  • Снижение трафика улучшило поток движения и увеличило скорость автобусов, при этом некоторые экспресс-автобусы испытывают рост числа пассажиров.
    • +
  • Метрополитенское транспортное управление (MTA) использует доходы от сборов, оцениваемые в 500 миллионов долларов в год, для улучшения транспорта, несмотря на некоторое политическое сопротивление.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000ZНа дорогах Манхэттена стало на 43 тысячи водителей меньше после введения платы за въезд в зону с высокой загруженностью. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Убийственная функция Uv заключается в том, что она упрощает создание временных сред.]]> @@ -1176,60 +1374,5 @@ 2025-01-05T00:00:00.000ZГутен: крошечный принтер для газет Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Самоуправляемый Volvo 1993 года с открытым пилотом]]> - -
  • Группа друзей приняла участие в зимнем издании Carbage Run 2025, шестидневном ралли через Швецию до полярного круга и обратно в Хельсинки, требующем, чтобы автомобили были не моложе 20 лет и оценивались менее чем в 1000 евро.
    • -
  • Они превратили Volvo 940 Estate 1993 года в автономное транспортное средство, используя openpilot от comma.ai, интегрировав современные компоненты, такие как электрический усилитель руля, Bosch iBooster и радарный датчик Tesla.
    • -
  • Будущие обновления будут включать детали по проводке, специальный блок управления двигателем (ECU) и планы по открытию исходного кода, подчеркивая инновационный подход проекта к модернизации старых автомобилей с использованием автономных технологий.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZСамоуправляемый Volvo 1993 года с открытым пилотом - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Алгоритм рендеринга ландшафта менее чем в 20 строках кода (2020)]]> - -
  • Игра Comanche от NovaLogic, выпущенная в 1992 году, использовала движок Voxel Space, технику рендеринга 2.5D, основанную на трассировке лучей, для создания детализированных ландшафтов с тенями и затенением.
    • -
  • Движок Voxel Space использовал карты высот и цвета, а также простой алгоритм рендеринга, рисуя вертикальные линии от заднего плана к переднему, что могло быть оптимизировано для повышения производительности.
    • -
  • Код двигателя доступен по лицензии MIT, но технология все еще может быть запатентована в некоторых регионах.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Алгоритм рендеринга ландшафта менее чем в 20 строках кода (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Как нарисовать контур в видеоигре]]> - -
  • Статья обсуждает пять техник для рендеринга контуров в Unity, популярной платформе для разработки игр, подчеркивая их использование в таких играх, как Sable и The Last of Us. - Техники включают эффекты ободка, экструзию вершин, размытие буфера, алгоритм Jump Flood и обнаружение краев, каждая из которых имеет уникальные преимущества и компромиссы с точки зрения производительности и визуального качества. - Статья предоставляет информацию о том, как сбалансировать эти методы для оптимальной эстетики игры и поддержки игрового процесса, с дополнительными ресурсами и кредитами для 3D-моделей.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZКак нарисовать контур в видеоигре - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Я ухожу из Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZЯ ухожу из Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity получила рекламу]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity получила рекламу - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/sk.xml b/static/rss/story/sk.xml index 77ca56b6d..5bcfb78c0 100644 --- a/static/rss/story/sk.xml +++ b/static/rss/story/sk.xml @@ -15,11 +15,207 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[„Výskumník bezpečnosti Snyk nasadzuje škodlivé balíky NPM zamerané na cursor.com“]]> + +
  • „Bezpečnostný výskumník zo spoločnosti Snyk vydal škodlivé NPM balíčky zamerané na Cursor.com, spoločnosť zaoberajúcu sa AI kódovaním, s cieľom zhromažďovať systémové údaje a posielať ich na službu kontrolovanú útočníkom.“
    • +
  • „Balíky, identifikované ako „cursor-retrieval“, „cursor-always-local“ a „cursor-shadow-workspace“, boli označené skenerom analýzy balíkov OpenSSF, čo viedlo k upozorneniam MAL-2025-27, MAL-2025-28 a MAL-2025-29.“
    • +
  • „Tento incident zdôrazňuje dôležitosť dôkladného preskúmania NPM balíkov pred ich inštaláciou, aby sa predišlo potenciálnym bezpečnostným hrozbám.“
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Z„Výskumník bezpečnosti Snyk nasadzuje škodlivé balíky NPM zamerané na cursor.com“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Prešiel som na Firefox a nikdy som sa neobzrel späť“]]> + +
  • „Firefox je chválený za svoju vynikajúcu správu kariet, vstavanú funkciu Pocket na ukladanie odkazov a súkromie zameraný emailový relé, čo z neho robí silnú alternatívu k Chrome. - Ďalšie funkcie ako užívateľsky prívetivý nástroj na snímanie obrazovky, tlačidlo ChatGPT, funkcia Obraz v obraze, prispôsobiteľné možnosti vyhľadávania a plynulé posúvanie zlepšujú zážitok z prehliadania. - Aj keď Firefox nemá funkciu webových aplikácií ako Chrome, jeho premyslený dizajn a znížené nároky na zdroje ho robia preferovanou voľbou pre niektorých používateľov.“
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Z„Prešiel som na Firefox a nikdy som sa neobzrel späť“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Generálny riaditeľ spoločnosti Sonos odstupuje po fiasku s aktualizáciou aplikácie“]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Z„Generálny riaditeľ spoločnosti Sonos odstupuje po fiasku s aktualizáciou aplikácie“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„V bruchu MrBeasta“]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Z„V bruchu MrBeasta“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Operácie Git na GitHube sú nefunkčné“]]> + +
  • „GitHub čelil výpadku operácií Git 13. januára 2025 kvôli zmene konfigurácie, ktorá ovplyvnila interný vyvažovač záťaže, a trval od 23:35 do 00:24 UTC. - Problém bol vyriešený návratom k pôvodnej konfigurácii a GitHub pracuje na zlepšení monitorovacích a nasadzovacích procesov, aby sa predišlo podobným incidentom. - Výpadok tiež ovplyvnil služby GitHub Actions a Pages, čo poukazuje na prepojenú povahu ich platformových služieb.“
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000Z„Operácie Git na GitHube sú nefunkčné“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„ZFS 2.3 vydaný s rozšírením ZFS raidz“]]> + +
  • „OpenZFS 2.3.0 bol vydaný a prináša významné funkcie ako rozšírenie RAIDZ, rýchlu deduplikáciu, priamy vstup/výstup, výstup vo formáte JSON a podporu pre dlhé názvy súborov. - Vydanie zahŕňa dôležité opravy chýb a vylepšenia výkonu, kompatibilné s jadrami Linuxu 4.18 - 6.12 a verziami FreeBSD 13.3, 14.0 - 14.2. - Aktualizácia je výsledkom spolupráce 134 prispievateľov, s dostupnou komplexnou dokumentáciou a záznamom zmien na preštudovanie.“
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000Z„ZFS 2.3 vydaný s rozšírením ZFS raidz“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Webtop – kontajnery Alpine, Ubuntu, Fedora a Arch obsahujúce plné desktopové prostredia“]]> + +
  • „Linuxserver/webtop poskytuje kontajnery založené na Alpine, Ubuntu, Fedora a Arch s plnými desktopovými prostrediami prístupnými cez webové prehliadače, podporujúcimi architektúry x86-64 aj arm64.“
    • +
  • „Používatelia si môžu vybrať z rôznych desktopových prostredí, ako sú XFCE, KDE, MATE, i3, Openbox a IceWM, pomocou špecifických značiek obrázkov a pristupovať k Webtopu prostredníctvom určených URL adries.“
    • +
  • „Bezpečnostné funkcie zahŕňajú možnosť seccomp v Dockeri a nastavenie autentifikácie, s možnosťami prispôsobenia prostredníctvom premenných prostredia a podporou akcelerácie GPU s open-source ovládačmi.“
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000Z„Webtop – kontajnery Alpine, Ubuntu, Fedora a Arch obsahujúce plné desktopové prostredia“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„1 z 5 online pracovných ponúk je buď falošná, alebo nikdy nie je obsadená, zistila štúdia“]]> + +
  • „Nedávna štúdia naznačuje, že 20 % online pracovných ponúk je buď falošných, alebo zostáva neobsadených, čo pridáva k frustrácii uchádzačov o zamestnanie. - Tento trend „duchovných pracovných miest“ môže byť taktikou spoločností na projekciu obrazu rastu. - Pracovné platformy ako Greenhouse a LinkedIn zaviedli služby overovania pracovných miest, aby pomohli používateľom identifikovať skutočné pracovné príležitosti.“
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z„1 z 5 online pracovných ponúk je buď falošná, alebo nikdy nie je obsadená, zistila štúdia“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Urobiť križovatku nebezpečnou pre chodcov, aby sa ušetrili sekundy pre vodičov“]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Z„Urobiť križovatku nebezpečnou pre chodcov, aby sa ušetrili sekundy pre vodičov“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„PostgreSQL je systém na správu databáz roka 2024“]]> + +
  • „PostgreSQL získal ocenenie DBMS roka 2024 od DB-Engines, čím dosiahol toto uznanie už piatykrát, prekonávajúc 423 ďalších systémov na správu databáz.“
    • +
  • „PostgreSQL, s históriou trvajúcou takmer 35 rokov, naďalej inovuje, čo je vidieť na nedávnych vylepšeniach PostgreSQL 17, vydaných v septembri 2024.“
    • +
  • „Snowflake a Microsoft si zabezpečili druhé a tretie miesto, pričom Snowflake je známy svojím cloudovým dátovým skladovaním a podporou viacerých cloudov, zatiaľ čo Microsoft ponúka robustné spravované relačné databázy prostredníctvom Azure SQL Database a SQL Server.“
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000Z„PostgreSQL je systém na správu databáz roka 2024“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Google OAuth prihlásenie nechráni pred kúpou domény neúspešného startupu“]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Z„Google OAuth prihlásenie nechráni pred kúpou domény neúspešného startupu“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Používanie programovacích zručností na vytváranie pasívneho príjmu“]]> + +
  • „Autor prešiel z pozície CTO na solopodnikateľa a úspešne zarába viac prostredníctvom portfólia softvérových produktov.“
    • +
  • „Kľúčové stratégie zahŕňajú zameranie sa na hlbokú prácu, začínanie s malými projektmi, rýchle iterovanie a venovanie času marketingovým aktivitám.“
    • +
  • „Cesta zdôrazňuje odolnosť kvôli neistotám, ale vyzdvihuje neprekonateľnú autonómiu a slobodu tejto kariérnej cesty, čím povzbudzuje tých, ktorí majú zručnosti v kódovaní, aby ju zvážili ako pasívny príjem.“
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Z„Používanie programovacích zručností na vytváranie pasívneho príjmu“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Španielsko navrhuje 100% daň na domy kúpené obyvateľmi mimo EÚ“]]> + +
  • „Španielsko zvažuje 100% daň na nákupy nehnuteľností obyvateľmi mimo EÚ, s cieľom riešiť krízu bývania a obmedziť špekulatívne nákupy.“
    • +
  • „Návrh premiéra Pedra Sáncheza zahŕňa rozšírenie sociálneho bývania a reguláciu turistických prenájmov na riešenie rozdielu medzi cenami bývania a príjmami.“
    • +
  • „Budúcnosť návrhu ako zákona je neistá, pričom niektorí analytici ho vnímajú skôr ako odstrašujúci prostriedok pre zahraničných investorov než ako zaručenú legislatívnu zmenu.“
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Z„Španielsko navrhuje 100% daň na domy kúpené obyvateľmi mimo EÚ“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„Apple čoskoro dostane čipy 'vyrobené v Amerike' z továrne TSMC v Arizone“]]> + +
  • „Apple testuje procesory z arizonského závodu TSMC s plánmi na hromadnú výrobu do prvého štvrťroka, pričom by sa mohol stať prvým americkým zákazníkom TSMC pre lokálne vyrábané čipy. - Táto iniciatíva má za cieľ posilniť americkú nezávislosť na silikóne, čím sa zníži závislosť na Taiwane, ktorý je zraniteľný voči geopolitickým a prírodným rizikám. - Arizonská továreň TSMC má vyrábať pokročilé 3nm a 2nm čipy, pričom prebiehajú snahy o zlepšenie miestneho náboru a partnerstiev s americkými univerzitami, hoci balenie sa spočiatku bude vykonávať na Taiwane, kým nebude prevádzková továreň v Peorii.“
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Z„Apple čoskoro dostane čipy 'vyrobené v Amerike' z továrne TSMC v Arizone“ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[„O 43 tisíc menej vodičov na cestách v Manhattane po zavedení poplatkov za preťaženie dopravy“]]> + +
  • „Po zavedení poplatkov za preťaženie došlo k zníženiu počtu vodičov vstupujúcich do Manhattanu pod 60. ulicou o 7,5 %, čo predstavuje o 43 000 menej vodičov každý pracovný deň.“
    • +
  • „Zníženie premávky zlepšilo plynulosť dopravy a zvýšilo rýchlosť autobusov, pričom niektoré expresné autobusy zaznamenali vyšší počet cestujúcich.“
    • +
  • „Metropolitný dopravný úrad (MTA) využíva príjmy z mýta, odhadované na 500 miliónov dolárov ročne, na zlepšenie dopravy, napriek určitému politickému odporu.“
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z„O 43 tisíc menej vodičov na cestách v Manhattane po zavedení poplatkov za preťaženie dopravy“ + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[„Výnimočnou vlastnosťou Uv je jednoduché vytváranie ad-hoc prostredí“]]> 2025-01-05T00:00:00.000Z„Guten: Malá tlačiareň novín“ Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[„Samojazdiace Volvo z roku 1993 s otvoreným pilotom“]]> - -
  • „Skupina priateľov sa zúčastnila zimnej edície Carbage Run 2025, 6-dňovej rally cez Švédsko k polárnemu kruhu a späť do Helsínk, pričom autá museli byť staré aspoň 20 rokov a ich hodnota nesmela presiahnuť 1000 €.“
    • -
  • „Premenili Volvo 940 Estate z roku 1993 na samojazdiace vozidlo pomocou openpilot od comma.ai, pričom začlenili moderné komponenty ako elektrické posilňovače riadenia, Bosch iBooster a radarový senzor Tesla.“
    • -
  • „Budúce aktualizácie budú obsahovať podrobnosti o elektroinštalácii, vlastnej riadiacej jednotke motora (ECU) a plány na otvorenie zdrojového kódu, čím sa zdôrazní inovatívny prístup projektu k modernizácii starších vozidiel autonómnou technológiou.“
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z„Samojazdiace Volvo z roku 1993 s otvoreným pilotom“ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„VoxelSpace: Algoritmus vykresľovania terénu v menej ako 20 riadkoch kódu (2020)“]]> - -
  • „Hra Comanche od spoločnosti NovaLogic z roku 1992 využívala engine Voxel Space, techniku 2.5D renderovania založenú na ray castingu, na vytvorenie detailných terénov s tieňovaním a tieňmi.“
    • -
  • „Voxelský engine používal výškové a farebné mapy a jednoduchý renderovací algoritmus, ktorý kreslil vertikálne čiary od zadnej časti dopredu, čo mohlo byť optimalizované pre výkon.“
    • -
  • „Kód motora je dostupný pod licenciou MIT, ale technológia môže byť stále patentovaná v niektorých regiónoch.“
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000Z„VoxelSpace: Algoritmus vykresľovania terénu v menej ako 20 riadkoch kódu (2020)“ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Ako nakresliť obrys v počítačovej hre“]]> - -
  • „Článok sa zaoberá piatimi technikami pre vykresľovanie obrysov v Unity, populárnej platforme na vývoj hier, pričom zdôrazňuje ich použitie v hrách ako Sable a The Last of Us. - Techniky zahŕňajú Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm a Edge Detection, pričom každá má jedinečné výhody a kompromisy z hľadiska výkonu a vizuálnej kvality. - Článok poskytuje pohľad na vyváženie týchto metód pre optimálnu estetiku hier a podporu hrateľnosti, s ďalšími zdrojmi a kreditmi pre 3D modely zahrnuté.“
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Z„Ako nakresliť obrys v počítačovej hre“ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Odchádzam z Washington Post“]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Z„Odchádzam z Washington Post“ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[„Perplexity má reklamy“]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Z„Perplexity má reklamy“ - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/sv.xml b/static/rss/story/sv.xml index 2ed42b459..be623f469 100644 --- a/static/rss/story/sv.xml +++ b/static/rss/story/sv.xml @@ -15,11 +15,203 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[En säkerhetsforskare från Snyk distribuerar skadliga NPM-paket som riktar sig mot cursor.com]]> + +
  • En säkerhetsforskare från Snyk släppte skadliga NPM-paket som riktade sig mot Cursor.com, ett AI-kodningsföretag, för att samla in systemdata och skicka den till en tjänst kontrollerad av angriparen.
    • +
  • Paketen, identifierade som "cursor-retrieval", "cursor-always-local" och "cursor-shadow-workspace", flaggades av OpenSSF:s paketanalysverktyg, vilket resulterade i rådgivningar MAL-2025-27, MAL-2025-28 och MAL-2025-29.
    • +
  • Denna incident belyser vikten av att granska NPM-paket innan installation för att undvika potentiella säkerhetshot.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZEn säkerhetsforskare från Snyk distribuerar skadliga NPM-paket som riktar sig mot cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Jag bytte till Firefox och har aldrig sett tillbaka]]> + +
  • Firefox beröms för sin överlägsna flikhantering, inbyggda Pocket-funktion för att spara länkar och en integritetsfokuserad e-postrelä, vilket gör det till ett starkt alternativ till Chrome. - Ytterligare funktioner som ett användarvänligt skärmdumpsverktyg, en ChatGPT-knapp, Bild-i-bild, anpassningsbara sökalternativ och smidig rullning förbättrar surfupplevelsen. - Även om Firefox saknar Chromes webbappfunktion, gör dess genomtänkta design och minskade resurskrav det till ett föredraget val för vissa användare.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZJag bytte till Firefox och har aldrig sett tillbaka + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Sonos VD avgår efter appuppdateringsfiasko]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZSonos VD avgår efter appuppdateringsfiasko + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[I magen på MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZI magen på MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[GitHub Git-operationer är nere]]> + +
  • GitHub drabbades av ett avbrott i Git-operationer den 13 januari 2025 på grund av en konfigurationsändring som påverkade den interna lastbalanseraren, vilket varade från 23:35 till 00:24 UTC. - Problemet löstes genom att återställa konfigurationsändringen, och GitHub arbetar på att förbättra övervaknings- och distributionsprocesser för att förhindra liknande incidenter. - Avbrottet påverkade även GitHubs Actions- och Pages-tjänster, vilket belyser den sammanlänkade naturen hos deras plattformstjänster.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZGitHub Git-operationer är nere + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 släppt med ZFS raidz-expansion]]> + +
  • OpenZFS 2.3.0 har släppts och introducerar betydande funktioner som RAIDZ Expansion, snabb deduplicering, direkt in-/utmatning, JSON-utmatning och stöd för långa filnamn. - Utgåvan inkluderar viktiga buggfixar och prestandaförbättringar, kompatibel med Linux-kärnor 4.18 - 6.12 och FreeBSD-versioner 13.3, 14.0 - 14.2. - Uppdateringen är ett samarbetsprojekt från 134 bidragsgivare, med omfattande dokumentation och en ändringslogg tillgänglig för granskning.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 släppt med ZFS raidz-expansion + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Alpine, Ubuntu, Fedora och Arch-containrar som innehåller fullständiga skrivbordsmiljöer]]> + +
  • Linuxserver/webtop tillhandahåller containrar baserade på Alpine, Ubuntu, Fedora och Arch med fullständiga skrivbordsmiljöer som är tillgängliga via webbläsare, och stöder både x86-64 och arm64-arkitekturer.
    • +
  • Användare kan välja mellan olika skrivbordsmiljöer som XFCE, KDE, MATE, i3, Openbox och IceWM genom att använda specifika bildtaggar, och få tillgång till Webtop via angivna URL:er.
    • +
  • Till säkerhetsfunktionerna hör Dockers seccomp-alternativ och autentiseringsinställningar, med anpassningsmöjligheter tillgängliga via miljövariabler, samt stöd för GPU-acceleration med öppen källkod-drivrutiner.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Alpine, Ubuntu, Fedora och Arch-containrar som innehåller fullständiga skrivbordsmiljöer + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 av 5 jobbannonser online är antingen falska eller aldrig tillsatta, enligt en studie.]]> + +
  • En nyligen genomförd studie visar att 20% av online-jobbannonser antingen är falska eller förblir obesatta, vilket ökar frustrationen hos arbetssökande. - Denna trend med "spökjobb" kan vara en taktik för företag att projicera en bild av tillväxt. - Jobbplattformar som Greenhouse och LinkedIn har infört tjänster för jobbverifiering för att hjälpa användare att identifiera äkta jobbmöjligheter.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 av 5 jobbannonser online är antingen falska eller aldrig tillsatta, enligt en studie. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Att göra en korsning osäker för fotgängare för att spara sekunder för bilister]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZAtt göra en korsning osäker för fotgängare för att spara sekunder för bilister + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL är Årets Databashanteringssystem 2024]]> + +
  • PostgreSQL har tilldelats utmärkelsen DBMS of the Year 2024 av DB-Engines, och har därmed uppnått denna erkänsla för femte gången, vilket överträffar 423 andra databashanteringssystem.
    • +
  • PostgreSQL, med en historia som sträcker sig över nästan 35 år, fortsätter att förnya sig, vilket ses i de senaste förbättringarna av PostgreSQL 17, som släpptes i september 2024.
    • +
  • Snowflake och Microsoft säkrade andra respektive tredje plats, där Snowflake noterades för sin molnbaserade datalagring och stöd för flera moln, medan Microsoft erbjuder robusta hanterade relationsdatabaser genom Azure SQL Database och SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL är Årets Databashanteringssystem 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Googles OAuth-inloggning skyddar inte mot att köpa en misslyckad startup-domän]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZGoogles OAuth-inloggning skyddar inte mot att köpa en misslyckad startup-domän + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Använda kodningsfärdigheter för att skapa passiv inkomst]]> + +
  • Författaren övergick från en CTO-roll till att bli soloprenör och tjänade framgångsrikt mer genom en portfölj av mjukvaruprodukter.
    • +
  • Nyckelstrategier inkluderar att fokusera på djupt arbete, börja med små projekt, iterera snabbt och ägna tid åt marknadsföringsinsatser.
    • +
  • Resan betonar motståndskraft på grund av osäkerheter, men framhäver den oöverträffade autonomin och friheten i denna karriärväg, vilket uppmuntrar dem med kodningsfärdigheter att överväga den för passiv inkomst.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZAnvända kodningsfärdigheter för att skapa passiv inkomst + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Spanien föreslår 100% skatt på bostäder köpta av icke-EU-invånare]]> + +
  • Spanien överväger en 100% skatt på fastighetsköp av icke-EU-invånare, med målet att hantera bostadskrisen och begränsa spekulativa köp.
    • +
  • Premiärminister Pedro Sánchez förslag inkluderar att utöka socialt boende och reglera turistuthyrning för att hantera skillnaden mellan bostadspriser och inkomster.
    • +
  • Förslagets framtid som lag är osäker, med vissa analytiker som ser det som en avskräckande faktor för utländska investerare snarare än en garanterad lagändring.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZSpanien föreslår 100% skatt på bostäder köpta av icke-EU-invånare + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple kommer snart att få 'tillverkade i Amerika' chips från TSMC:s fabrik i Arizona]]> + +
  • Apple testar processorer från TSMC:s anläggning i Arizona, med planer på massproduktion under första kvartalet, vilket potentiellt gör dem till TSMC:s första amerikanska kund för lokalt tillverkade chip. - Detta initiativ syftar till att stärka USA:s kiseloberoende och minska beroendet av Taiwan, som är sårbart för geopolitiska och naturliga risker. - TSMC:s fabrik i Arizona ska producera avancerade 3nm och 2nm chip, med pågående ansträngningar för att förbättra lokal rekrytering och samarbeten med amerikanska universitet, även om förpackning initialt kommer att ske i Taiwan tills anläggningen i Peoria är i drift.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple kommer snart att få 'tillverkade i Amerika' chips från TSMC:s fabrik i Arizona + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43 000 färre förare på Manhattans vägar efter att trängselavgifter införts]]> + +
  • Efter att trängselavgifter infördes minskade antalet förare som körde in i Manhattan söder om 60:e gatan med 7,5 %, vilket motsvarar 43 000 färre förare varje vardag.
    • +
  • Den minskade trafiken har förbättrat trafikflödet och ökat bussarnas hastighet, med vissa expressbussar som upplever högre passagerarantal.
    • +
  • Metropolitan Transportation Authority (MTA) använder intäkterna från vägtullar, uppskattade till 500 miljoner dollar årligen, för förbättringar av kollektivtrafiken, trots viss politisk opposition.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43 000 färre förare på Manhattans vägar efter att trängselavgifter införts + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Uv:s främsta funktion är att göra ad-hoc-miljöer enkla.]]> 2025-01-05T00:00:00.000ZGuten: En liten tidningsskrivare Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Självkörande 1993 Volvo med open pilot]]> - -
  • Ett kompisgäng deltog i Carbage Run 2025 Winter edition, en 6-dagars rally genom Sverige till polcirkeln och tillbaka till Helsingfors, där bilarna måste vara minst 20 år gamla och värderade under 1000 €.
    • -
  • De förvandlade en Volvo 940 Estate från 1993 till ett självkörande fordon med hjälp av openpilot från comma.ai, och integrerade moderna komponenter som elektrisk servostyrning, en Bosch iBooster och en Tesla radarsensor.
    • -
  • Framtida uppdateringar kommer att inkludera detaljer om kablage, en anpassad motorstyrningsenhet (ECU) och planer på att göra koden öppen källkod, vilket belyser projektets innovativa tillvägagångssätt för att eftermontera äldre fordon med autonom teknik.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZSjälvkörande 1993 Volvo med open pilot - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Terrängrenderingsalgoritm på mindre än 20 rader kod (2020)]]> - -
  • NovaLogics spel Comanche från 1992 använde Voxel Space-motorn, en 2.5D-renderingsteknik baserad på ray casting, för att skapa detaljerade terränger med skuggning och skuggor.
    • -
  • Voxel Space-motorn använde höjd- och färgkartor samt en enkel renderingsalgoritm, som ritade vertikala linjer från bak till fram, vilket kunde optimeras för prestanda.
    • -
  • Motorns kod är tillgänglig under MIT-licensen, men teknologin kan fortfarande vara patenterad i vissa regioner.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Terrängrenderingsalgoritm på mindre än 20 rader kod (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Så ritar du en kontur i ett videospel]]> - -
  • Artikeln diskuterar fem tekniker för att rendera konturer i Unity, en populär plattform för spelutveckling, och lyfter fram deras användning i spel som Sable och The Last of Us. - Teknikerna inkluderar Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm och Edge Detection, var och en med unika fördelar och kompromisser när det gäller prestanda och visuell kvalitet. - Artikeln ger insikter i hur man balanserar dessa metoder för optimal spelestetik och spelstöd, med ytterligare resurser och krediter för 3D-modeller inkluderade.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZSå ritar du en kontur i ett videospel - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Jag slutar på Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZJag slutar på Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity har fått annonser]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity har fått annonser - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/ta.xml b/static/rss/story/ta.xml index f8d7f0b14..22a467ad6 100644 --- a/static/rss/story/ta.xml +++ b/static/rss/story/ta.xml @@ -15,11 +15,212 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[ச்னிக் பாதுகாப்பு ஆராய்ச்சியாளர் cursor.com ஐ இலக்காகக் கொண்ட தீங்கிழைக்கும் NPM தொகுப்புகளைப் பரப்புகிறார்]]> + +
  • ஒரு Snyk பாதுகாப்பு ஆராய்ச்சியாளர் Cursor.com என்ற AI குறியீட்டு நிறுவனத்தை இலக்காகக் கொண்ட தீங்கிழைக்கும் NPM தொகுப்புகளை வெளியிட்டு, கணினி தரவுகளை சேகரித்து, அதை தாக்குதலாளி கட்டுப்பாட்டில் உள்ள சேவைக்கு அனுப்பினார்.
    • +
  • பொதியங்கள், "கர்சர்-மீட்டெடுப்பு," "கர்சர்-எப்போதும்-உள்ளூர்," மற்றும் "கர்சர்-நிழல்-வேலைநிலம்" என அடையாளம் காணப்பட்டன, OpenSSF பொதிய பகுப்பாய்வு ஸ்கேனர் மூலம் குறிக்கப்படுவதால், MAL-2025-27, MAL-2025-28, மற்றும் MAL-2025-29 என அறிவுறுத்தல்கள் வெளியிடப்பட்டன.
    • +
  • இந்த நிகழ்வு, சாத்தியமான பாதுகாப்பு அச்சுறுத்தல்களை தவிர்க்க, நிறுவுவதற்கு முன் NPM தொகுப்புகளை ஆராய்வதின் முக்கியத்துவத்தை வெளிப்படுத்துகிறது.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Zச்னிக் பாதுகாப்பு ஆராய்ச்சியாளர் cursor.com ஐ இலக்காகக் கொண்ட தீங்கிழைக்கும் NPM தொகுப்புகளைப் பரப்புகிறார் + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[நான் ஃபயர்பாக்ஸுக்கு மாறினேன் மற்றும் மீண்டும் ஒருபோதும் திரும்பிப் பார்க்கவில்லை]]> + +
  • Firefox அதன் மேம்பட்ட தாவல் மேலாண்மை, இணைக்கப்பட்ட பாக்கெட் அம்சம் மூலம் இணைப்புகளை சேமிக்க, மற்றும் தனியுரிமை மையமாகிய மின்னஞ்சல் ரிலே ஆகியவற்றிற்காக பாராட்டப்படுகிறது, இதனால் இது Chrome க்கு ஒரு வலுவான மாற்றாக உள்ளது. - பயனர் நட்பு ஸ்கிரீன்ஷாட் கருவி, ChatGPT பொத்தான், படம்-இன்-படம், தனிப்பயனாக்கக்கூடிய தேடல் விருப்பங்கள், மற்றும் மென்மையான ஸ்க்ரோலிங் போன்ற கூடுதல் அம்சங்கள் உலாவல் அனுபவத்தை மேம்படுத்துகின்றன. - Firefox Chrome இன் வலை பயன்பாட்டு அம்சத்தை கொண்டிருக்கவில்லை என்றாலும், அதன் சிந்தனையுடன் வடிவமைப்பு மற்றும் குறைந்த வள தேவைகள் சில பயனர்களுக்கு விருப்பமான தேர்வாக இதை மாற்றுகின்றன.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Zநான் ஃபயர்பாக்ஸுக்கு மாறினேன் மற்றும் மீண்டும் ஒருபோதும் திரும்பிப் பார்க்கவில்லை + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[சோனோஸ் தலைமை நிர்வாக அதிகாரி செயலி புதுப்பிப்பு சிக்கலுக்குப் பிறகு பதவி விலகினார்]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Zசோனோஸ் தலைமை நிர்வாக அதிகாரி செயலி புதுப்பிப்பு சிக்கலுக்குப் பிறகு பதவி விலகினார் + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[MrBeast என்பவரின் வயிற்றில்]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZMrBeast என்பவரின் வயிற்றில் + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[GitHub Git செயல்பாடுகள் செயலிழந்துள்ளன]]> + +
  • GitHub, ஜனவரி 13, 2025 அன்று, உள்துறை சுமை சமநிலை மாற்றத்தை பாதித்த ஒரு கட்டமைப்பு மாற்றம் காரணமாக Git செயல்பாடுகள் தடை ஏற்பட்டது, இது 23:35 முதல் 00:24 UTC வரை நீடித்தது. - இந்த பிரச்சினை கட்டமைப்பு மாற்றத்தை மாற்றுவதன் மூலம் தீர்க்கப்பட்டது, மேலும் இதுபோன்ற சம்பவங்களைத் தடுக்க கண்காணிப்பு மற்றும் பிரசாரம் செயல்முறைகளை மேம்படுத்த GitHub பணியாற்றி வருகிறது. - இந்த தடை GitHub இன் Actions மற்றும் Pages சேவைகளையும் பாதித்தது, அவர்களின் தள சேவைகளின் பரஸ்பர இணைந்த தன்மையை வெளிப்படுத்தியது.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZGitHub Git செயல்பாடுகள் செயலிழந்துள்ளன + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 வெளியிடப்பட்டது ZFS raidz விரிவாக்கத்துடன்]]> + +
  • TEXT: OpenZFS 2.3.0 வெளியிடப்பட்டுள்ளது, RAIDZ விரிவாக்கம், வேகமான Deduplication, நேரடி உள்ளீடு/வெளியீடு, JSON வெளியீடு மற்றும் நீண்ட கோப்பு பெயர்களுக்கு ஆதரவு போன்ற முக்கிய அம்சங்களை அறிமுகப்படுத்துகிறது. - இந்த வெளியீடு முக்கிய பிழை திருத்தங்கள் மற்றும் செயல்திறன் மேம்பாடுகளை உள்ளடக்கியது, Linux kernels 4.18 - 6.12 மற்றும் FreeBSD பதிப்புகள் 13.3, 14.0 - 14.2 உடன் இணக்கமானது. - இந்த புதுப்பிப்பு 134 பங்களிப்பாளர்களின் கூட்டாண்மை முயற்சியாகும், விரிவான ஆவணங்கள் மற்றும் மாற்றம் பதிவு மதிப்பீட்டிற்காக கிடைக்கின்றன.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 வெளியிடப்பட்டது ZFS raidz விரிவாக்கத்துடன் + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[வலைமேடை – முழுமையான டெஸ்க்டாப் சூழல்களைக் கொண்ட ஆல்பைன், உபுண்டு, ஃபெடோரா மற்றும் ஆர்ச் கண்டெய்னர்கள்]]> + +
  • Linuxserver/webtop ஆனது Alpine, Ubuntu, Fedora, மற்றும் Arch அடிப்படையிலான கன்டெய்னர்களை வழங்குகிறது, அவை முழுமையான டெஸ்க்டாப் சூழல்களை வலை உலாவிகளின் மூலம் அணுகக்கூடியவாறு செய்கின்றன, மேலும் x86-64 மற்றும் arm64 கட்டமைப்புகளையும் ஆதரிக்கின்றன.
    • +
  • பயனர்கள் XFCE, KDE, MATE, i3, Openbox, மற்றும் IceWM போன்ற பல்வேறு டெஸ்க்டாப் சூழல்களில் இருந்து தேர்வு செய்யலாம், குறிப்பிட்ட படக்குறிகளைப் பயன்படுத்தி, குறிப்பிட்ட URLகளின் மூலம் வலைமேடையை அணுகலாம்.
    • +
  • பாதுகாப்பு அம்சங்களில் Docker இன் seccomp விருப்பம் மற்றும் அங்கீகார அமைப்பு அடங்கும், சூழல் மாறிகள் மூலம் தனிப்பயனாக்கல் விருப்பங்கள் கிடைக்கின்றன, மேலும் திறந்த மூல இயக்கிகள் மூலம் GPU வேகப்படுத்தலுக்கான ஆதரவு உள்ளது.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000Zவலைமேடை – முழுமையான டெஸ்க்டாப் சூழல்களைக் கொண்ட ஆல்பைன், உபுண்டு, ஃபெடோரா மற்றும் ஆர்ச் கண்டெய்னர்கள் + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ஆன்லைன் வேலைவாய்ப்பு விளம்பரங்களில் 5 இல் 1 என்பது போலியானது அல்லது ஒருபோதும் நிரப்பப்படாதது என்று ஆய்வு கண்டறிந்துள்ளது]]> + +
  • சமீபத்திய ஆய்வு ஒன்று, ஆன்லைன் வேலைவாய்ப்பு அறிவிப்புகளில் 20% போலியானவையாகவோ அல்லது நிரப்பப்படாதவையாகவோ உள்ளன என்று காட்டுகிறது, இது வேலை தேடுபவர்களின் ஏமாற்றத்தை அதிகரிக்கிறது. - இந்த "பேய் வேலை" போக்கு, நிறுவனங்கள் வளர்ச்சி படத்தை வெளிப்படுத்தும் உத்தியாக இருக்கலாம். - கிரீன்ஹவுஸ் மற்றும் லிங்க்ட்இன் போன்ற வேலைவாய்ப்பு தளங்கள், பயனர்களுக்கு உண்மையான வேலை வாய்ப்புகளை அடையாளம் காண உதவ வேலை சரிபார்ப்பு சேவைகளை அறிமுகப்படுத்தியுள்ளன.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Zஆன்லைன் வேலைவாய்ப்பு விளம்பரங்களில் 5 இல் 1 என்பது போலியானது அல்லது ஒருபோதும் நிரப்பப்படாதது என்று ஆய்வு கண்டறிந்துள்ளது + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[வாகன ஓட்டிகளுக்காக விநாடிகளை சேமிக்க பாதசாரிகளுக்கு ஒரு சந்திப்பை பாதுகாப்பற்றதாக மாற்றுதல்]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Zவாகன ஓட்டிகளுக்காக விநாடிகளை சேமிக்க பாதசாரிகளுக்கு ஒரு சந்திப்பை பாதுகாப்பற்றதாக மாற்றுதல் + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL 2024 ஆம் ஆண்டின் தரவுத்தள மேலாண்மை அமைப்பாகும்]]> + +
  • PostgreSQL, 2024 ஆம் ஆண்டிற்கான DBMS ஆஃப் தி இயர் விருதை DB-Engines மூலம் பெற்றுள்ளது, 423 பிற தரவுத்தள மேலாண்மை அமைப்புகளை முந்தி, ஐந்தாவது முறையாக இந்த அங்கீகாரத்தை பெற்றுள்ளது.
    • +
  • PostgreSQL, 35 ஆண்டுகளுக்கு மேல் நீடிக்கும் வரலாற்றுடன், 2024 செப்டம்பரில் வெளியிடப்பட்ட PostgreSQL 17 இன் சமீபத்திய மேம்பாடுகளில் காணப்படும் புதிய முயற்சிகளை தொடர்ந்து மேற்கொள்கிறது.
    • +
  • Snowflake மற்றும் Microsoft முறையே இரண்டாம் மற்றும் மூன்றாம் இடங்களைப் பெற்றன, Snowflake அதன் மேக அடிப்படையிலான தரவுத்தொகுப்பு மற்றும் பல மேக ஆதரவுக்காக குறிப்பிடப்பட்டது, அதேசமயம் Microsoft Azure SQL Database மற்றும் SQL Server மூலம் வலுவான மேலாண்மை செய்யப்பட்ட தொடர்பு தரவுத்தொகுப்புகளை வழங்குகிறது.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL 2024 ஆம் ஆண்டின் தரவுத்தள மேலாண்மை அமைப்பாகும் + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Google இன் OAuth உள்நுழைவு ஒரு தோல்வியுற்ற ஸ்டார்ட்அப் டொமைனை வாங்குவதிலிருந்து பாதுகாக்காது]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZGoogle இன் OAuth உள்நுழைவு ஒரு தோல்வியுற்ற ஸ்டார்ட்அப் டொமைனை வாங்குவதிலிருந்து பாதுகாக்காது + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[கோடிங் திறன்களை பயன்படுத்தி பாசிவ் வருமானம் பெறுதல்]]> + +
  • TEXT: ஆசிரியர் CTO பங்கிலிருந்து தனியார் தொழில்முனைவோராக மாறி, மென்பொருள் தயாரிப்புகளின் தொகுப்பின் மூலம் அதிக வருமானம் ஈட்டினார். TEXT:
    • +
  • முக்கிய உத்திகள் ஆழமான பணியில் கவனம் செலுத்துவது, சிறிய திட்டங்களுடன் தொடங்குவது, விரைவாக திருத்துவது மற்றும் சந்தைப்படுத்தல் முயற்சிகளுக்கு நேரத்தை ஒதுக்குவது ஆகியவற்றை உள்ளடக்கியவை.
    • +
  • இந்த பயணம் நிச்சயமற்ற தன்மையால் பொறுமையை வலியுறுத்துகிறது, ஆனால் இந்த தொழில் பாதையின் ஒப்பற்ற சுயாதீனத்தையும் சுதந்திரத்தையும் சிறப்பிக்கிறது, குறியீட்டு திறன்களைக் கொண்டவர்களை இதை பாசிவ் வருமானத்திற்காக பரிசீலிக்க ஊக்குவிக்கிறது.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Zகோடிங் திறன்களை பயன்படுத்தி பாசிவ் வருமானம் பெறுதல் + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ஸ்பெயின், ஐரோப்பிய ஒன்றியத்திற்கு வெளியே உள்ள குடியிருப்பாளர்களால் வாங்கப்படும் வீடுகளுக்கு 100% வரி விதிக்க முன்மொழிகிறது]]> + +
  • ஸ்பெயின், வீட்டு வசதி நெருக்கடியை சமாளிக்கவும், ஊக வணிகத்தை கட்டுப்படுத்தவும் நோக்கி, ஐரோப்பிய ஒன்றியத்திற்கு வெளியே உள்ள குடியிருப்பாளர்களால் செய்யப்படும் நில விற்பனை வாங்குதல்களுக்கு 100% வரி விதிப்பதை பரிசீலிக்கிறது.
    • +
  • பிரதமர் பெட்ரோ சாஞ்சஸ் முன்மொழிந்த திட்டம் சமூக வீடுகளை விரிவுபடுத்துவதையும், வீட்டு விலை மற்றும் வருமானங்களுக்கிடையேயான வேறுபாட்டை சமாளிக்க சுற்றுலா வாடகைகளை ஒழுங்குபடுத்துவதையும் உள்ளடக்கியது.
    • +
  • தமிழில் எழுத வேண்டும். சில பகுப்பாய்வாளர்கள் இதை ஒரு உறுதியான சட்ட மாற்றமாக அல்லாமல், வெளிநாட்டு முதலீட்டாளர்களுக்கு தடையாகக் காண்கிறார்கள் என்பதால், அந்த முன்மொழிவின் சட்டமாக்கலின் எதிர்காலம் நிச்சயமற்றதாக உள்ளது.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Zஸ்பெயின், ஐரோப்பிய ஒன்றியத்திற்கு வெளியே உள்ள குடியிருப்பாளர்களால் வாங்கப்படும் வீடுகளுக்கு 100% வரி விதிக்க முன்மொழிகிறது + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ஆப்பிள் விரைவில் TSMC இன் அரிசோனா தொழிற்சாலையில் இருந்து 'அமெரிக்காவில் தயாரிக்கப்பட்ட' சிப்களை பெறும்]]> + +
  • உரை: ஆப்பிள் TSMC இன் அரிசோனா தொழிற்சாலையில் இருந்து செயலிகளை சோதித்து வருகிறது, முதல் காலாண்டிற்குள் பெருமளவில் உற்பத்தி செய்ய திட்டமிட்டுள்ளது, இது உள்ளூர் தயாரிக்கப்பட்ட சிப்களுக்கான TSMC இன் முதல் அமெரிக்க வாடிக்கையாளராக ஆப்பிள் மாறக்கூடும். - இந்த முயற்சி அமெரிக்காவின் சிலிகான் சுயாதீனத்தை வலுப்படுத்துவதற்காக, புவியியல் மற்றும் இயற்கை அபாயங்களுக்கு ஆளாகக்கூடிய தைவானின் மீது சார்பை குறைப்பதற்காக மேற்கொள்ளப்படுகிறது. - TSMC இன் அரிசோனா தொழிற்சாலை மேம்பட்ட 3nm மற்றும் 2nm சிப்களை தயாரிக்க அமைக்கப்பட்டுள்ளது, உள்ளூர் ஆட்சேர்ப்பு மற்றும் அமெரிக்க பல்கலைக்கழகங்களுடன் கூட்டாண்மைகளை மேம்படுத்தும் முயற்சிகள் நடைபெற்று வருகின்றன, ஆனால் பேக்கேஜிங் ஆரம்பத்தில் தைவானில் நடைபெறும், பியோரியா தொழிற்சாலை செயல்பாட்டுக்கு வரும்வரை.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Zஆப்பிள் விரைவில் TSMC இன் அரிசோனா தொழிற்சாலையில் இருந்து 'அமெரிக்காவில் தயாரிக்கப்பட்ட' சிப்களை பெறும் + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[மெருகூட்டல் கட்டணம் செயல்படுத்தப்பட்ட பிறகு மான்ஹாட்டன் சாலைகளில் 43,000 ஓட்டுநர்கள் குறைந்துள்ளனர்]]> + +
  • கூட்ட நெரிசல் விலை நிர்ணயம் செயல்படுத்தப்பட்ட பிறகு, 60வது தெருவுக்கு கீழே மான்ஹாட்டனில் நுழையும் வாகன ஓட்டிகளின் எண்ணிக்கை 7.5% குறைந்தது, இது வாரத்தின் ஒவ்வொரு வேலை நாளிலும் 43,000 வாகன ஓட்டிகள் குறைவாக உள்ளனர் என்பதற்கு சமமாகும்.
    • +
  • பேருந்து போக்குவரத்து குறைந்ததன் காரணமாக போக்குவரத்து ஓட்டம் மேம்பட்டுள்ளது மற்றும் பேருந்து வேகங்கள் அதிகரித்துள்ளன, சில விரைவு பேருந்துகளில் பயணிகள் எண்ணிக்கை அதிகரித்துள்ளது.
    • +
  • மெட்ரோபாலிடன் போக்குவரத்து ஆணையம் (MTA) ஆண்டுக்கு $500 மில்லியன் என மதிப்பிடப்பட்ட சுங்க வருவாயை, சில அரசியல் எதிர்ப்புகள் இருந்தபோதிலும், போக்குவரத்து மேம்பாடுகளுக்காக பயன்படுத்துகிறது.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Zமெருகூட்டல் கட்டணம் செயல்படுத்தப்பட்ட பிறகு மான்ஹாட்டன் சாலைகளில் 43,000 ஓட்டுநர்கள் குறைந்துள்ளனர் + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Uv இன் சிறப்பு அம்சம் தற்காலிக சூழல்களை எளிதாக உருவாக்குவதில் உள்ளது]]> 2025-01-05T00:00:00.000Zகூட்டன்: ஒரு சிறிய செய்தித்தாள் அச்சுப்பொறி Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[1993 வோல்வோ சுய இயக்கம் திறந்த பைலட்டுடன்]]> - -
  • ஒரு நண்பர்கள் குழு 2025 குளிர்கால பதிப்பில் Carbage Run இல் பங்கேற்றனர், இது ஸ்வீடனின் வழியாக துருவ வட்டத்திற்கு சென்று ஹெல்சிங்கிக்கு திரும்பும் 6 நாள் ராலி ஆகும், இதில் கார்கள் குறைந்தது 20 ஆண்டுகள் பழமையானவை மற்றும் மதிப்பு €1000 க்குக் குறைவாக இருக்க வேண்டும்.
    • -
  • அவர்கள் 1993 ஆம் ஆண்டின் வோல்வோ 940 எஸ்டேட்டை சுய இயக்க வாகனமாக மாற்றினர், comma.ai இன் openpilot ஐ பயன்படுத்தி, மின்சார ஸ்டியரிங், Bosch iBooster, மற்றும் டெஸ்லா ரேடார் சென்சார் போன்ற நவீன கூறுகளை இணைத்து.
    • -
  • எதிர்கால புதுப்பிப்புகளில் வயரிங் விவரங்கள், தனிப்பயன் என்ஜின் கட்டுப்பாட்டு அலகு (ECU), மற்றும் குறியீட்டு திறந்த மூலமாக்கல் திட்டங்கள் அடங்கும், பழைய வாகனங்களை தானியங்கி தொழில்நுட்பத்துடன் புதுப்பித்தல் தொடர்பான திட்டத்தின் புதுமையான அணுகுமுறையை வெளிப்படுத்துகிறது.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z1993 வோல்வோ சுய இயக்கம் திறந்த பைலட்டுடன் - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[வோக்சல் ஸ்பேஸ்: 20 வரிகளுக்குள் குறைவான குறியீட்டில் நிலப்பரப்பு காட்சிப்படுத்தும் அல்காரிதம் (2020)]]> - -
  • NovaLogic இன் 1992 ஆம் ஆண்டின் Comanche விளையாட்டு, Voxel Space என்ஜினை பயன்படுத்தியது, இது கதிர் வீச்சு அடிப்படையிலான 2.5D காட்சிப்படுத்தல் நுட்பமாகும், இது நிழல்களுடன் கூடிய விரிவான நிலப்பரப்புகளை உருவாக்கியது.
    • -
  • Voxel Space என்ஜின் உயரம் மற்றும் நிற வரைபடங்களை மற்றும் எளிய ரெண்டரிங் அல்காரிதத்தை பயன்படுத்தியது, இது பின்புறத்திலிருந்து முன்னோக்கி செங்குத்து கோடுகளை வரைவதைக் கொண்டிருந்தது, இது செயல்திறனை மேம்படுத்துவதற்காக மேம்படுத்தப்படலாம்.
    • -
  • எஞ்சின் குறியீடு MIT உரிமத்தின் கீழ் கிடைக்கிறது, ஆனால் அந்த தொழில்நுட்பம் சில பகுதிகளில் இன்னும் காப்புரிமை பெற்றிருக்கலாம்.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000Zவோக்சல் ஸ்பேஸ்: 20 வரிகளுக்குள் குறைவான குறியீட்டில் நிலப்பரப்பு காட்சிப்படுத்தும் அல்காரிதம் (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[வீடியோ கேமில் ஒரு வெளிப்புற கோட்டை எவ்வாறு வரைய வேண்டும்]]> - -
  • கட்டுரை Unity எனும் பிரபலமான விளையாட்டு மேம்பாட்டு தளத்தில் வெளிப்புற கோடுகளை உருவாக்குவதற்கான ஐந்து நுட்பங்களை விவரிக்கிறது, அவற்றின் பயன்பாட்டை Sable மற்றும் The Last of Us போன்ற விளையாட்டுகளில் விளக்குகிறது. - நுட்பங்களில் Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm, மற்றும் Edge Detection ஆகியவை அடங்கும், ஒவ்வொன்றும் செயல்திறன் மற்றும் காட்சித் தரம் ஆகியவற்றில் தனித்தன்மையான நன்மைகள் மற்றும் மாற்றங்களைக் கொண்டுள்ளன. - இந்த முறைகளை சமநிலைப்படுத்தி சிறந்த விளையாட்டு அழகியல் மற்றும் விளையாட்டு ஆதரவைப் பெறுவதற்கான பார்வைகளை கட்டுரை வழங்குகிறது, மேலும் 3D மாதிரிகளுக்கான கூடுதல் வளங்கள் மற்றும் கிரெடிட்களும் சேர்க்கப்பட்டுள்ளன.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Zவீடியோ கேமில் ஒரு வெளிப்புற கோட்டை எவ்வாறு வரைய வேண்டும் - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[நான் வாஷிங்டன் போஸ்டை விட்டு வெளியேறுகிறேன்]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Zநான் வாஷிங்டன் போஸ்டை விட்டு வெளியேறுகிறேன் - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[பெர்ப்ளெக்சிட்டிக்கு விளம்பரங்கள் கிடைத்தன]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Zபெர்ப்ளெக்சிட்டிக்கு விளம்பரங்கள் கிடைத்தன - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/th.xml b/static/rss/story/th.xml index c253a4299..672ca5562 100644 --- a/static/rss/story/th.xml +++ b/static/rss/story/th.xml @@ -15,11 +15,201 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[นักวิจัยด้านความปลอดภัยของ Snyk ปล่อยแพ็กเกจ NPM ที่เป็นอันตรายโดยมีเป้าหมายที่ cursor.com]]> + +
  • นักวิจัยด้านความปลอดภัยจาก Snyk ได้ปล่อยแพ็กเกจ NPM ที่เป็นอันตรายซึ่งมุ่งเป้าไปที่ Cursor.com ซึ่งเป็นบริษัทเขียนโค้ด AI เพื่อรวบรวมข้อมูลระบบและส่งไปยังบริการที่ผู้โจมตีควบคุม
    • +
  • แพ็กเกจที่ถูกระบุว่าเป็น "cursor-retrieval," "cursor-always-local," และ "cursor-shadow-workspace" ถูกตั้งค่าสถานะโดยเครื่องสแกนการวิเคราะห์แพ็กเกจของ OpenSSF ส่งผลให้มีคำแนะนำ MAL-2025-27, MAL-2025-28, และ MAL-2025-29
    • +
  • เหตุการณ์นี้เน้นย้ำถึงความสำคัญของการตรวจสอบแพ็กเกจ NPM ก่อนการติดตั้งเพื่อหลีกเลี่ยงภัยคุกคามด้านความปลอดภัยที่อาจเกิดขึ้น
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Zนักวิจัยด้านความปลอดภัยของ Snyk ปล่อยแพ็กเกจ NPM ที่เป็นอันตรายโดยมีเป้าหมายที่ cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ฉันเปลี่ยนไปใช้ Firefox และไม่เคยหันกลับไปมองอีกเลย]]> + +
  • Firefox ได้รับการยกย่องในเรื่องการจัดการแท็บที่ยอดเยี่ยม ฟีเจอร์ Pocket ในตัวสำหรับบันทึกลิงก์ และการส่งต่ออีเมลที่เน้นความเป็นส่วนตัว ทำให้เป็นทางเลือกที่แข็งแกร่งสำหรับ Chrome - ฟีเจอร์เพิ่มเติมเช่น เครื่องมือจับภาพหน้าจอที่ใช้งานง่าย ปุ่ม ChatGPT โหมด Picture-in-Picture ตัวเลือกการค้นหาที่ปรับแต่งได้ และการเลื่อนที่ราบรื่น ช่วยเพิ่มประสบการณ์การท่องเว็บ - แม้ว่า Firefox จะขาดฟีเจอร์แอปเว็บของ Chrome แต่การออกแบบที่รอบคอบและการใช้ทรัพยากรที่ลดลงทำให้เป็นตัวเลือกที่ผู้ใช้บางคนชื่นชอบ
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Zฉันเปลี่ยนไปใช้ Firefox และไม่เคยหันกลับไปมองอีกเลย + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ซีอีโอของ Sonos ลาออกหลังจากปัญหาการอัปเดตแอป]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Zซีอีโอของ Sonos ลาออกหลังจากปัญหาการอัปเดตแอป + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ในท้องของ MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Zในท้องของ MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[การดำเนินการ Git บน GitHub หยุดทำงาน]]> + +
  • GitHub ประสบปัญหาการหยุดชะงักของการดำเนินการ Git เมื่อวันที่ 13 มกราคม 2025 เนื่องจากการเปลี่ยนแปลงการกำหนดค่าที่ส่งผลกระทบต่อโหลดบาลานเซอร์ภายใน ซึ่งกินเวลาตั้งแต่ 23:35 ถึง 00:24 UTC - ปัญหาได้รับการแก้ไขโดยการย้อนกลับการเปลี่ยนแปลงการกำหนดค่า และ GitHub กำลังทำงานเพื่อปรับปรุงกระบวนการตรวจสอบและการปรับใช้เพื่อป้องกันเหตุการณ์ที่คล้ายกัน - การหยุดชะงักยังส่งผลกระทบต่อบริการ Actions และ Pages ของ GitHub ซึ่งเน้นถึงธรรมชาติที่เชื่อมโยงกันของบริการแพลตฟอร์มของพวกเขา
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000Zการดำเนินการ Git บน GitHub หยุดทำงาน + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 เปิดตัวพร้อมกับการขยาย ZFS raidz]]> + +
  • OpenZFS 2.3.0 ได้รับการเปิดตัวแล้ว โดยมีการแนะนำฟีเจอร์สำคัญเช่น RAIDZ Expansion, Fast Deduplication, Direct Input/Output, การแสดงผลแบบ JSON และการรองรับชื่อไฟล์ที่ยาว - การเปิดตัวนี้รวมถึงการแก้ไขบั๊กที่สำคัญและการปรับปรุงประสิทธิภาพ ซึ่งสามารถใช้งานร่วมกับเคอร์เนล Linux เวอร์ชัน 4.18 - 6.12 และ FreeBSD เวอร์ชัน 13.3, 14.0 - 14.2 - การอัปเดตนี้เป็นความร่วมมือจากผู้ร่วมพัฒนา 134 คน พร้อมด้วยเอกสารประกอบและบันทึกการเปลี่ยนแปลงที่สามารถตรวจสอบได้
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 เปิดตัวพร้อมกับการขยาย ZFS raidz + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – คอนเทนเนอร์ Alpine, Ubuntu, Fedora และ Arch ที่มีสภาพแวดล้อมเดสก์ท็อปแบบเต็มรูปแบบ]]> + +
  • Linuxserver/webtop ให้บริการคอนเทนเนอร์ที่มีพื้นฐานจาก Alpine, Ubuntu, Fedora, และ Arch พร้อมด้วยสภาพแวดล้อมเดสก์ท็อปเต็มรูปแบบที่สามารถเข้าถึงได้ผ่านเว็บเบราว์เซอร์ รองรับทั้งสถาปัตยกรรม x86-64 และ arm64
    • +
  • ผู้ใช้สามารถเลือกจากสภาพแวดล้อมเดสก์ท็อปต่าง ๆ เช่น XFCE, KDE, MATE, i3, Openbox และ IceWM โดยใช้แท็กภาพเฉพาะ และเข้าถึง Webtop ผ่าน URL ที่กำหนด
    • +
  • คุณสมบัติด้านความปลอดภัยประกอบด้วยตัวเลือก seccomp ของ Docker และการตั้งค่าการยืนยันตัวตน พร้อมตัวเลือกการปรับแต่งที่สามารถทำได้ผ่านตัวแปรสภาพแวดล้อม และรองรับการเร่งความเร็ว GPU ด้วยไดรเวอร์โอเพ่นซอร์ส
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – คอนเทนเนอร์ Alpine, Ubuntu, Fedora และ Arch ที่มีสภาพแวดล้อมเดสก์ท็อปแบบเต็มรูปแบบ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 ใน 5 ของประกาศรับสมัครงานออนไลน์เป็นของปลอมหรือไม่เคยมีการจ้างงานจริง, การศึกษาพบ]]> + +
  • การศึกษาล่าสุดระบุว่า 20% ของประกาศรับสมัครงานออนไลน์เป็นของปลอมหรือยังไม่ได้รับการเติมเต็ม ซึ่งเพิ่มความหงุดหงิดให้กับผู้หางาน - แนวโน้ม "งานผี" นี้อาจเป็นกลยุทธ์ของบริษัทในการสร้างภาพลักษณ์ของการเติบโต - แพลตฟอร์มงานเช่น Greenhouse และ LinkedIn ได้แนะนำบริการตรวจสอบงานเพื่อช่วยผู้ใช้ในการระบุโอกาสงานที่แท้จริง
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 ใน 5 ของประกาศรับสมัครงานออนไลน์เป็นของปลอมหรือไม่เคยมีการจ้างงานจริง, การศึกษาพบ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ทำให้ทางแยกไม่ปลอดภัยสำหรับคนเดินเท้าเพื่อประหยัดเวลาไม่กี่วินาทีสำหรับผู้ขับขี่]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Zทำให้ทางแยกไม่ปลอดภัยสำหรับคนเดินเท้าเพื่อประหยัดเวลาไม่กี่วินาทีสำหรับผู้ขับขี่ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL เป็นระบบจัดการฐานข้อมูลแห่งปี 2024]]> + +
  • PostgreSQL ได้รับรางวัล DBMS of the Year 2024 จาก DB-Engines โดยได้รับการยอมรับนี้เป็นครั้งที่ห้า แซงหน้า 423 ระบบจัดการฐานข้อมูลอื่น ๆ
    • +
  • PostgreSQL ซึ่งมีประวัติยาวนานเกือบ 35 ปี ยังคงสร้างสรรค์นวัตกรรมใหม่ ๆ ดังที่เห็นได้จากการปรับปรุงล่าสุดของ PostgreSQL 17 ที่เปิดตัวในเดือนกันยายน 2024
    • +
  • Snowflake และ Microsoft ได้รับตำแหน่งที่สองและสามตามลำดับ โดย Snowflake มีความโดดเด่นในด้านการจัดเก็บข้อมูลบนคลาวด์และการสนับสนุนหลายคลาวด์ ในขณะที่ Microsoft มีการจัดการฐานข้อมูลเชิงสัมพันธ์ที่แข็งแกร่งผ่าน Azure SQL Database และ SQL Server
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL เป็นระบบจัดการฐานข้อมูลแห่งปี 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[การเข้าสู่ระบบ OAuth ของ Google ไม่ได้ป้องกันการซื้อโดเมนของสตาร์ทอัพที่ล้มเหลว]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Zการเข้าสู่ระบบ OAuth ของ Google ไม่ได้ป้องกันการซื้อโดเมนของสตาร์ทอัพที่ล้มเหลว + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[การใช้ทักษะการเขียนโค้ดเพื่อสร้างรายได้แบบพาสซีฟ]]> + +
  • ผู้เขียนเปลี่ยนจากบทบาท CTO มาเป็นผู้ประกอบการเดี่ยว โดยประสบความสำเร็จในการสร้างรายได้มากขึ้นผ่านพอร์ตโฟลิโอของผลิตภัณฑ์ซอฟต์แวร์
    • +
  • กลยุทธ์หลักประกอบด้วยการมุ่งเน้นที่การทำงานอย่างลึกซึ้ง เริ่มต้นด้วยโครงการขนาดเล็ก ทำซ้ำอย่างรวดเร็ว และทุ่มเทเวลาให้กับความพยายามทางการตลาด
    • +
  • การเดินทางนี้เน้นย้ำถึงความยืดหยุ่นเนื่องจากความไม่แน่นอน แต่ยังชี้ให้เห็นถึงความเป็นอิสระและเสรีภาพที่ไม่มีใครเทียบได้ของเส้นทางอาชีพนี้ โดยกระตุ้นให้ผู้ที่มีทักษะการเขียนโค้ดพิจารณาเพื่อรายได้แบบพาสซีฟ
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Zการใช้ทักษะการเขียนโค้ดเพื่อสร้างรายได้แบบพาสซีฟ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[สเปนเสนอภาษี 100% สำหรับบ้านที่ซื้อโดยผู้อยู่อาศัยนอกสหภาพยุโรป]]> + +
  • สเปนกำลังพิจารณาภาษี 100% สำหรับการซื้ออสังหาริมทรัพย์โดยผู้ที่ไม่ใช่ผู้อยู่อาศัยในสหภาพยุโรป โดยมีเป้าหมายเพื่อแก้ไขปัญหาวิกฤตที่อยู่อาศัยและควบคุมการซื้อเพื่อเก็งกำไร
    • +
  • ข้อเสนอของนายกรัฐมนตรีเปโดร ซานเชซ รวมถึงการขยายที่อยู่อาศัยสังคมและการควบคุมการเช่าที่พักสำหรับนักท่องเที่ยวเพื่อแก้ไขความไม่สมดุลระหว่างราคาที่อยู่อาศัยและรายได้
    • +
  • อนาคตของข้อเสนอนี้ในฐานะกฎหมายยังไม่แน่นอน โดยนักวิเคราะห์บางคนมองว่าเป็นการขัดขวางนักลงทุนต่างชาติมากกว่าการเปลี่ยนแปลงทางกฎหมายที่รับประกันได้
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Zสเปนเสนอภาษี 100% สำหรับบ้านที่ซื้อโดยผู้อยู่อาศัยนอกสหภาพยุโรป + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[แอปเปิลจะได้รับชิป 'ผลิตในอเมริกา' จากโรงงานของ TSMC ในรัฐแอริโซนาในไม่ช้า]]> + +
  • Apple กำลังทดสอบโปรเซสเซอร์จากโรงงานของ TSMC ในรัฐแอริโซนา โดยมีแผนที่จะผลิตในปริมาณมากภายในไตรมาสแรก ซึ่งอาจทำให้ Apple กลายเป็นลูกค้ารายแรกของ TSMC ในสหรัฐฯ สำหรับชิปที่ผลิตในท้องถิ่น - โครงการนี้มีเป้าหมายเพื่อเสริมสร้างความเป็นอิสระด้านซิลิคอนของสหรัฐฯ ลดการพึ่งพาไต้หวันซึ่งมีความเสี่ยงต่อปัญหาทางภูมิรัฐศาสตร์และธรรมชาติ - โรงงานของ TSMC ในแอริโซนามีกำหนดจะผลิตชิปขั้นสูงขนาด 3nm และ 2nm โดยมีความพยายามอย่างต่อเนื่องในการเพิ่มการสรรหาบุคลากรในท้องถิ่นและความร่วมมือกับมหาวิทยาลัยในสหรัฐฯ แม้ว่าการบรรจุหีบห่อจะเกิดขึ้นในไต้หวันในช่วงแรกจนกว่าโรงงานใน Peoria จะเริ่มดำเนินการ
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Zแอปเปิลจะได้รับชิป 'ผลิตในอเมริกา' จากโรงงานของ TSMC ในรัฐแอริโซนาในไม่ช้า + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[มีผู้ขับขี่น้อยลง 43,000 คนบนถนนในแมนฮัตตันหลังจากการเปิดใช้งานการคิดค่าผ่านทางตามความหนาแน่นของการจราจร]]> + +
  • หลังจากการใช้ระบบการคิดค่าธรรมเนียมการจราจร มีการลดลงของผู้ขับขี่ที่เข้าสู่แมนฮัตตันใต้ถนนที่ 60 ลง 7.5% ซึ่งเท่ากับมีผู้ขับขี่น้อยลง 43,000 คนในแต่ละวันธรรมดา
    • +
  • การลดลงของการจราจรได้ปรับปรุงการไหลของการจราจรและเพิ่มความเร็วของรถบัส โดยมีรถบัสด่วนบางสายที่มีจำนวนผู้โดยสารเพิ่มขึ้น
    • +
  • การขนส่งมวลชนมหานคร (MTA) ใช้รายได้จากค่าผ่านทาง ซึ่งประมาณการไว้ที่ 500 ล้านดอลลาร์ต่อปี สำหรับการปรับปรุงระบบขนส่ง แม้ว่าจะมีการคัดค้านทางการเมืองอยู่บ้าง
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Zมีผู้ขับขี่น้อยลง 43,000 คนบนถนนในแมนฮัตตันหลังจากการเปิดใช้งานการคิดค่าผ่านทางตามความหนาแน่นของการจราจร + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[คุณสมบัติเด่นของ Uv คือการทำให้การสร้างสภาพแวดล้อมชั่วคราวเป็นเรื่องง่าย]]> 2025-01-05T00:00:00.000Zกูเทน: เครื่องพิมพ์หนังสือพิมพ์ขนาดเล็ก Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[รถวอลโว่ปี 1993 ที่ขับเคลื่อนด้วยตัวเองพร้อมระบบโอเพ่นไพลอต]]> - -
  • กลุ่มเพื่อนกลุ่มหนึ่งได้เข้าร่วมการแข่งขัน Carbage Run 2025 ฉบับฤดูหนาว ซึ่งเป็นการแข่งรถ 6 วันผ่านสวีเดนไปยังวงกลมขั้วโลกและกลับมาที่เฮลซิงกิ โดยมีข้อกำหนดว่ารถต้องมีอายุอย่างน้อย 20 ปีและมีมูลค่าต่ำกว่า €1000
    • -
  • พวกเขาได้เปลี่ยน Volvo 940 Estate ปี 1993 ให้กลายเป็นยานพาหนะขับเคลื่อนอัตโนมัติโดยใช้ openpilot จาก comma.ai รวมถึงการติดตั้งส่วนประกอบสมัยใหม่ เช่น พวงมาลัยไฟฟ้า Bosch iBooster และเซ็นเซอร์เรดาร์ของ Tesla
    • -
  • การอัปเดตในอนาคตจะรวมถึงรายละเอียดเกี่ยวกับการเดินสายไฟ, หน่วยควบคุมเครื่องยนต์ (ECU) ที่ปรับแต่งเอง, และแผนการเปิดซอร์สโค้ด ซึ่งเน้นย้ำถึงแนวทางที่เป็นนวัตกรรมของโครงการในการปรับปรุงยานพาหนะรุ่นเก่าด้วยเทคโนโลยีอัตโนมัติ
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Zรถวอลโว่ปี 1993 ที่ขับเคลื่อนด้วยตัวเองพร้อมระบบโอเพ่นไพลอต - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: อัลกอริทึมการเรนเดอร์ภูมิประเทศในโค้ดน้อยกว่า 20 บรรทัด (2020)]]> - -
  • เกม Comanche ของ NovaLogic ในปี 1992 ใช้เอนจิน Voxel Space ซึ่งเป็นเทคนิคการเรนเดอร์แบบ 2.5D ที่อิงจากการแคสต์เรย์ เพื่อสร้างภูมิประเทศที่มีรายละเอียดพร้อมการแรเงาและเงา
    • -
  • เอนจิน Voxel Space ใช้แผนที่ความสูงและสีพร้อมกับอัลกอริธึมการเรนเดอร์แบบง่าย ๆ โดยการวาดเส้นแนวตั้งจากด้านหลังไปด้านหน้า ซึ่งสามารถปรับแต่งเพื่อเพิ่มประสิทธิภาพได้
    • -
  • โค้ดของเครื่องยนต์มีให้ใช้งานภายใต้ใบอนุญาต MIT แต่เทคโนโลยีอาจยังคงได้รับการจดสิทธิบัตรในบางภูมิภาค
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: อัลกอริทึมการเรนเดอร์ภูมิประเทศในโค้ดน้อยกว่า 20 บรรทัด (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[วิธีการวาดเส้นขอบในวิดีโอเกม]]> - -
  • บทความนี้กล่าวถึงเทคนิคห้าอย่างในการสร้างเส้นขอบใน Unity ซึ่งเป็นแพลตฟอร์มพัฒนาเกมยอดนิยม โดยเน้นการใช้งานในเกมอย่าง Sable และ The Last of Us - เทคนิคต่างๆ ประกอบด้วย Rim Effects, Vertex Extrusion, Blurred Buffer, Jump Flood Algorithm และ Edge Detection ซึ่งแต่ละเทคนิคมีข้อดีและข้อเสียเฉพาะตัวในแง่ของประสิทธิภาพและคุณภาพภาพ - บทความนี้ให้ข้อมูลเชิงลึกเกี่ยวกับการปรับสมดุลวิธีการเหล่านี้เพื่อความสวยงามของเกมและการสนับสนุนการเล่นเกมที่เหมาะสม พร้อมทั้งมีแหล่งข้อมูลเพิ่มเติมและเครดิตสำหรับโมเดล 3D ที่รวมอยู่ด้วย
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Zวิธีการวาดเส้นขอบในวิดีโอเกม - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[ฉันกำลังลาออกจากวอชิงตันโพสต์]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Zฉันกำลังลาออกจากวอชิงตันโพสต์ - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity มีโฆษณา]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity มีโฆษณา - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/tr.xml b/static/rss/story/tr.xml index 22b832dce..dd3864847 100644 --- a/static/rss/story/tr.xml +++ b/static/rss/story/tr.xml @@ -15,11 +15,212 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[Bir Snyk güvenlik araştırmacısı, cursor.com'u hedef alan kötü niyetli NPM paketleri dağıtıyor.]]> + +
  • Bir Snyk güvenlik araştırmacısı, sistem verilerini toplamak ve saldırgan kontrolündeki bir hizmete göndermek amacıyla, bir yapay zeka kodlama şirketi olan Cursor.com'u hedef alan kötü niyetli NPM paketleri yayımladı.
    • +
  • Bu paketler, "cursor-retrieval," "cursor-always-local" ve "cursor-shadow-workspace" olarak tanımlandı ve OpenSSF paket analiz tarayıcısı tarafından işaretlenerek MAL-2025-27, MAL-2025-28 ve MAL-2025-29 uyarılarına yol açtı.
    • +
  • Bu olay, potansiyel güvenlik tehditlerinden kaçınmak için NPM paketlerini yüklemeden önce dikkatlice incelemenin önemini vurgulamaktadır.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZBir Snyk güvenlik araştırmacısı, cursor.com'u hedef alan kötü niyetli NPM paketleri dağıtıyor. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Firefox'a Geçtim ve Bir Daha Asla Geriye Bakmadım]]> + +
  • Firefox, üstün sekme yönetimi, bağlantıları kaydetmek için yerleşik Pocket özelliği ve gizlilik odaklı e-posta yönlendirmesi ile övülmekte olup, Chrome'a güçlü bir alternatif oluşturmaktadır. - Kullanıcı dostu ekran görüntüsü aracı, ChatGPT düğmesi, Resim içinde Resim, özelleştirilebilir arama seçenekleri ve akıcı kaydırma gibi ek özellikler, gezinme deneyimini geliştirmektedir. - Firefox, Chrome'un web uygulama özelliğinden yoksun olsa da, düşünceli tasarımı ve azaltılmış kaynak talepleri, bazı kullanıcılar için tercih edilen bir seçenek haline getirmektedir.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZFirefox'a Geçtim ve Bir Daha Asla Geriye Bakmadım + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Sonos CEO'su, uygulama güncelleme fiyaskosunun ardından istifa etti]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZSonos CEO'su, uygulama güncelleme fiyaskosunun ardından istifa etti + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[MrBeast'in karnında]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZMrBeast'in karnında + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[GithHub Git İşlemleri Çalışmıyor]]> + +
  • GitHub, 13 Ocak 2025'te, iç yük dengeleyicisini etkileyen bir yapılandırma değişikliği nedeniyle 23:35'ten 00:24 UTC'ye kadar süren bir Git operasyonları kesintisi yaşadı. - Sorun, yapılandırma değişikliğinin geri alınmasıyla çözüldü ve GitHub, benzer olayları önlemek için izleme ve dağıtım süreçlerini iyileştirmeye çalışıyor. - Kesinti, GitHub'ın Actions ve Pages hizmetlerini de etkiledi ve platform hizmetlerinin birbirine bağlı doğasını vurguladı.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZGithHub Git İşlemleri Çalışmıyor + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3, ZFS raidz genişletmesi ile yayınlandı]]> + +
  • OpenZFS 2.3.0, RAIDZ Genişletme, Hızlı Tekilleştirme, Doğrudan Giriş/Çıkış, JSON çıktısı ve uzun dosya adları desteği gibi önemli özellikler sunarak yayınlandı. - Sürüm, Linux çekirdekleri 4.18 - 6.12 ve FreeBSD sürümleri 13.3, 14.0 - 14.2 ile uyumlu olan temel hata düzeltmeleri ve performans iyileştirmelerini içeriyor. - Güncelleme, 134 katkıda bulunanın işbirliğiyle hazırlandı ve incelenmek üzere kapsamlı bir dokümantasyon ve değişiklik günlüğü mevcut.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3, ZFS raidz genişletmesi ile yayınlandı + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Tam masaüstü ortamları içeren Alpine, Ubuntu, Fedora ve Arch konteynerleri]]> + +
  • Linuxserver/webtop, web tarayıcılar aracılığıyla erişilebilen tam masaüstü ortamları sunan, Alpine, Ubuntu, Fedora ve Arch tabanlı konteynerler sağlar ve hem x86-64 hem de arm64 mimarilerini destekler.
    • +
  • Kullanıcılar, belirli imaj etiketlerini kullanarak XFCE, KDE, MATE, i3, Openbox ve IceWM gibi çeşitli masaüstü ortamlarından seçim yapabilir ve belirlenmiş URL'ler aracılığıyla Webtop'a erişebilirler.
    • +
  • Metin: Güvenlik özellikleri arasında Docker'ın seccomp seçeneği ve kimlik doğrulama kurulumu bulunur, ortam değişkenleri aracılığıyla özelleştirme seçenekleri mevcuttur ve açık kaynak sürücülerle GPU hızlandırma desteği sunulmaktadır.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Tam masaüstü ortamları içeren Alpine, Ubuntu, Fedora ve Arch konteynerleri + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Çalışma, çevrimiçi iş ilanlarının 5'te 1'inin ya sahte olduğunu ya da hiç doldurulmadığını ortaya koyuyor.]]> + +
  • Son yapılan bir çalışma, çevrimiçi iş ilanlarının %20'sinin ya sahte olduğunu ya da doldurulmadığını, bu durumun iş arayanların hayal kırıklığını artırdığını gösteriyor. - Bu "hayalet iş" trendi, şirketlerin büyüme imajı yansıtmak için bir taktik olabilir. - Greenhouse ve LinkedIn gibi iş platformları, kullanıcıların gerçek iş fırsatlarını belirlemelerine yardımcı olmak için iş doğrulama hizmetleri sunmaya başladı.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000ZÇalışma, çevrimiçi iş ilanlarının 5'te 1'inin ya sahte olduğunu ya da hiç doldurulmadığını ortaya koyuyor. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Yayalar için bir kavşağı güvensiz hale getirerek sürücüler için saniyeler kazanmak]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZYayalar için bir kavşağı güvensiz hale getirerek sürücüler için saniyeler kazanmak + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL, 2024 Yılının Veritabanı Yönetim Sistemi oldu.]]> + +
  • PostgreSQL, 423 diğer veritabanı yönetim sistemini geride bırakarak, DB-Engines tarafından 2024 Yılının DBMS'si ödülüne layık görüldü ve bu tanınırlığı beşinci kez elde etti.
    • +
  • PostgreSQL, neredeyse 35 yıllık bir geçmişe sahip olup, Eylül 2024'te piyasaya sürülen PostgreSQL 17'nin son geliştirmelerinde görüldüğü gibi yenilik yapmaya devam ediyor.
    • +
  • Snowflake ve Microsoft sırasıyla ikinci ve üçüncü sırayı aldı; Snowflake bulut tabanlı veri ambarı ve çoklu bulut desteği ile dikkat çekerken, Microsoft Azure SQL Veritabanı ve SQL Server aracılığıyla güçlü yönetilen ilişkisel veritabanları sunuyor.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL, 2024 Yılının Veritabanı Yönetim Sistemi oldu. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Google’ın OAuth girişi, başarısız bir girişim alan adının satın alınmasına karşı koruma sağlamaz.]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZGoogle’ın OAuth girişi, başarısız bir girişim alan adının satın alınmasına karşı koruma sağlamaz. + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Pasif gelir elde etmek için kodlama becerilerini kullanma]]> + +
  • Yazar, CTO rolünden soloprenörlüğe geçiş yaparak, bir dizi yazılım ürünü aracılığıyla daha fazla kazanç elde etti.
    • +
  • Temel stratejiler arasında derin çalışmaya odaklanmak, küçük projelerle başlamak, hızlı bir şekilde yinelemek ve pazarlama çabalarına zaman ayırmak yer alır.
    • +
  • Yolculuk, belirsizlikler nedeniyle dayanıklılığı vurgularken, bu kariyer yolunun eşsiz özerklik ve özgürlüğünü öne çıkarıyor ve kodlama becerilerine sahip olanları pasif gelir için bunu düşünmeye teşvik ediyor.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZPasif gelir elde etmek için kodlama becerilerini kullanma + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[İspanya, AB üyesi olmayan sakinler tarafından satın alınan evlere %100 vergi öneriyor]]> + +
  • İspanya, konut krizini ele almak ve spekülatif alımları sınırlamak amacıyla AB üyesi olmayan sakinler tarafından yapılan gayrimenkul alımlarına %100 vergi getirmeyi düşünüyor.
    • +
  • Başbakan Pedro Sánchez'in teklifi, konut fiyatları ile gelirler arasındaki eşitsizliği ele almak için sosyal konutların genişletilmesini ve turistik kiralamaların düzenlenmesini içeriyor.
    • +
  • Teklifin yasa olarak geleceği belirsiz, bazı analistler bunu kesin bir yasal değişiklikten ziyade yabancı yatırımcılar için bir caydırıcı olarak görüyor.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Zİspanya, AB üyesi olmayan sakinler tarafından satın alınan evlere %100 vergi öneriyor + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple yakında TSMC'nin Arizona fabrikasından 'Amerika'da üretilmiş' çipler alacak]]> + +
  • Apple, TSMC'nin Arizona tesisinden işlemcileri test ediyor ve ilk çeyrekte seri üretime geçmeyi planlıyor, bu da TSMC'nin yerel olarak üretilen çipler için ilk ABD müşterisi olma potansiyelini taşıyor. - Bu girişim, ABD'nin silikon bağımsızlığını güçlendirmeyi, jeopolitik ve doğal risklere karşı savunmasız olan Tayvan'a bağımlılığı azaltmayı amaçlıyor. - TSMC'nin Arizona fabrikası, gelişmiş 3nm ve 2nm çipler üretecek ve yerel işe alım ile ABD üniversiteleriyle ortaklıkları geliştirme çabaları devam ediyor, ancak paketleme başlangıçta Tayvan'da gerçekleşecek ve Peoria tesisi faaliyete geçene kadar bu durum sürecek.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple yakında TSMC'nin Arizona fabrikasından 'Amerika'da üretilmiş' çipler alacak + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Yoğunluk fiyatlandırması devreye girdikten sonra Manhattan yollarında 43 bin daha az sürücü var.]]> + +
  • Yoğunluk fiyatlandırması uygulandıktan sonra, 60. Cadde'nin altındaki Manhattan'a giren sürücülerde %7,5'lik bir azalma oldu, bu da her hafta içi 43.000 daha az sürücüye eşdeğer.
    • +
  • Trafikteki azalma, trafik akışını iyileştirmiş ve otobüs hızlarını artırmıştır, bazı ekspres otobüsler daha yüksek yolcu sayısı yaşamaktadır.
    • +
  • MTA, bazı siyasi muhalefetlere rağmen, yıllık yaklaşık 500 milyon dolar olarak tahmin edilen geçiş ücreti gelirini ulaşım iyileştirmeleri için kullanıyor.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000ZYoğunluk fiyatlandırması devreye girdikten sonra Manhattan yollarında 43 bin daha az sürücü var. + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Uv'nin en önemli özelliği, geçici ortamları kolayca oluşturabilmesidir.]]> 2025-01-05T00:00:00.000ZGuten: Küçük Bir Gazete Yazıcısı Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[1993 model kendi kendine giden Volvo, açık pilot ile]]> - -
  • Bir grup arkadaş, 2025 Kış edisyonu Carbage Run'a katıldı; bu, İsveç üzerinden kutup dairesine ve ardından Helsinki'ye geri dönen, arabaların en az 20 yaşında ve değeri 1000 €'nun altında olmasını gerektiren 6 günlük bir rallidir.
    • -
  • 1993 model bir Volvo 940 Estate'i, comma.ai'den openpilot kullanarak kendi kendine giden bir araca dönüştürdüler ve elektrikli direksiyon, Bosch iBooster ve Tesla radar sensörü gibi modern bileşenler eklediler.
    • -
  • Gelecekteki güncellemeler, kablolama detayları, özel bir Motor Kontrol Ünitesi (ECU) ve kodu açık kaynak yapma planlarını içerecek, projenin eski araçları otonom teknoloji ile donatma konusundaki yenilikçi yaklaşımını vurgulayacak.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z1993 model kendi kendine giden Volvo, açık pilot ile - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: 20 satırdan daha az kodla arazi işleme algoritması (2020)]]> - -
  • NovaLogic'in 1992 yapımı Comanche oyunu, gölgelendirme ve gölgelerle detaylı araziler oluşturmak için ışın dökümüne dayanan 2.5D bir işleme tekniği olan Voxel Space motorunu kullandı.
    • -
  • Voxel Space motoru, yükseklik ve renk haritalarını ve basit bir işleme algoritmasını kullanarak, performans için optimize edilebilecek şekilde arkadan öne doğru dikey çizgiler çiziyordu.
    • -
  • Motorun kodu MIT lisansı altında mevcuttur, ancak teknoloji belirli bölgelerde hala patentli olabilir.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: 20 satırdan daha az kodla arazi işleme algoritması (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Bir video oyununda ana hat nasıl çizilir]]> - -
  • Makale, popüler bir oyun geliştirme platformu olan Unity'de dış hatları oluşturmak için beş tekniği tartışıyor ve bunların Sable ve The Last of Us gibi oyunlarda kullanımını vurguluyor. - Teknikler arasında Kenar Efektleri, Vertex Ekstrüzyonu, Bulanık Tampon, Sıçrama Taşkın Algoritması ve Kenar Algılama yer alıyor ve her biri performans ve görsel kalite açısından benzersiz avantajlar ve ödünleşimler sunuyor. - Makale, bu yöntemleri optimal oyun estetiği ve oyun desteği için dengeleme konusunda içgörüler sağlıyor ve ek kaynaklar ile 3D modeller için krediler içeriyor.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZBir video oyununda ana hat nasıl çizilir - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Washington Post'tan ayrılıyorum]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZWashington Post'tan ayrılıyorum - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity reklam aldı]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity reklam aldı - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/vi.xml b/static/rss/story/vi.xml index 140090632..a2b3ee9af 100644 --- a/static/rss/story/vi.xml +++ b/static/rss/story/vi.xml @@ -15,11 +15,211 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[Snyk nhà nghiên cứu bảo mật triển khai các gói NPM độc hại nhắm mục tiêu vào cursor.com]]> + +
  • Một nhà nghiên cứu bảo mật của Snyk đã phát hành các gói NPM độc hại nhắm vào Cursor.com, một công ty mã hóa AI, để thu thập dữ liệu hệ thống và gửi nó đến một dịch vụ do kẻ tấn công kiểm soát.
    • +
  • Những gói này, được xác định là "cursor-retrieval," "cursor-always-local," và "cursor-shadow-workspace," đã bị gắn cờ bởi máy quét phân tích gói OpenSSF, dẫn đến các khuyến cáo MAL-2025-27, MAL-2025-28, và MAL-2025-29.
    • +
  • Vụ việc này nhấn mạnh tầm quan trọng của việc kiểm tra kỹ lưỡng các gói NPM trước khi cài đặt để tránh các mối đe dọa an ninh tiềm ẩn.
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000ZSnyk nhà nghiên cứu bảo mật triển khai các gói NPM độc hại nhắm mục tiêu vào cursor.com + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Tôi đã chuyển sang Firefox và không bao giờ nhìn lại]]> + +
  • Firefox được khen ngợi vì khả năng quản lý tab vượt trội, tính năng Pocket tích hợp để lưu liên kết và dịch vụ chuyển tiếp email tập trung vào quyền riêng tư, làm cho nó trở thành một lựa chọn thay thế mạnh mẽ cho Chrome. - Các tính năng bổ sung như công cụ chụp màn hình thân thiện với người dùng, nút ChatGPT, chế độ Picture-in-Picture, tùy chọn tìm kiếm có thể tùy chỉnh và cuộn mượt mà nâng cao trải nghiệm duyệt web. - Mặc dù Firefox thiếu tính năng ứng dụng web của Chrome, thiết kế chu đáo và yêu cầu tài nguyên giảm khiến nó trở thành lựa chọn ưa thích của một số người dùng.
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000ZTôi đã chuyển sang Firefox và không bao giờ nhìn lại + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[CEO của Sonos từ chức sau vụ bê bối cập nhật ứng dụng]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZCEO của Sonos từ chức sau vụ bê bối cập nhật ứng dụng + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Trong bụng của MrBeast]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000ZTrong bụng của MrBeast + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Hoạt động Git trên GitHub đang gặp sự cố]]> + +
  • GitHub đã gặp sự cố gián đoạn hoạt động Git vào ngày 13 tháng 1 năm 2025, do thay đổi cấu hình ảnh hưởng đến bộ cân bằng tải nội bộ, kéo dài từ 23:35 đến 00:24 UTC. - Vấn đề đã được giải quyết bằng cách hoàn nguyên thay đổi cấu hình, và GitHub đang làm việc để cải thiện quy trình giám sát và triển khai nhằm ngăn chặn các sự cố tương tự. - Sự cố gián đoạn cũng ảnh hưởng đến các dịch vụ Actions và Pages của GitHub, làm nổi bật tính chất liên kết của các dịch vụ nền tảng của họ.
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000ZHoạt động Git trên GitHub đang gặp sự cố + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[ZFS 2.3 phát hành với mở rộng ZFS raidz]]> + +
  • OpenZFS 2.3.0 đã được phát hành, giới thiệu các tính năng quan trọng như Mở rộng RAIDZ, Khử trùng lặp Nhanh, Đầu vào/Đầu ra Trực tiếp, đầu ra JSON và hỗ trợ tên tệp dài. - Bản phát hành bao gồm các bản sửa lỗi quan trọng và cải tiến hiệu suất, tương thích với các nhân Linux từ 4.18 đến 6.12 và các phiên bản FreeBSD 13.3, 14.0 - 14.2. - Bản cập nhật là nỗ lực hợp tác từ 134 người đóng góp, với tài liệu đầy đủ và nhật ký thay đổi có sẵn để xem xét.
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000ZZFS 2.3 phát hành với mở rộng ZFS raidz + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop – Các container Alpine, Ubuntu, Fedora và Arch chứa các môi trường desktop đầy đủ]]> + +
  • Linuxserver/webtop cung cấp các container dựa trên Alpine, Ubuntu, Fedora và Arch với các môi trường desktop đầy đủ có thể truy cập thông qua trình duyệt web, hỗ trợ cả kiến trúc x86-64 và arm64.
    • +
  • Người dùng có thể chọn từ nhiều môi trường desktop khác nhau như XFCE, KDE, MATE, i3, Openbox và IceWM bằng cách sử dụng các thẻ hình ảnh cụ thể, và truy cập Webtop thông qua các URL được chỉ định.
    • +
  • Những tính năng bảo mật bao gồm tùy chọn seccomp của Docker và thiết lập xác thực, với các tùy chọn tùy chỉnh có sẵn thông qua các biến môi trường, và hỗ trợ tăng tốc GPU với các trình điều khiển mã nguồn mở.
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop – Các container Alpine, Ubuntu, Fedora và Arch chứa các môi trường desktop đầy đủ + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[1 trong 5 tin tuyển dụng trực tuyến là giả hoặc không bao giờ được lấp đầy, nghiên cứu cho thấy]]> + +
  • Một nghiên cứu gần đây chỉ ra rằng 20% các bài đăng tuyển dụng trực tuyến là giả mạo hoặc không được lấp đầy, làm tăng thêm sự thất vọng của người tìm việc. - Xu hướng "công việc ma" này có thể là một chiến thuật của các công ty để tạo ra hình ảnh phát triển. - Các nền tảng việc làm như Greenhouse và LinkedIn đã giới thiệu các dịch vụ xác minh công việc để hỗ trợ người dùng nhận diện các cơ hội việc làm thực sự.
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z1 trong 5 tin tuyển dụng trực tuyến là giả hoặc không bao giờ được lấp đầy, nghiên cứu cho thấy + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Biến một giao lộ trở nên không an toàn cho người đi bộ để tiết kiệm vài giây cho người lái xe]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000ZBiến một giao lộ trở nên không an toàn cho người đi bộ để tiết kiệm vài giây cho người lái xe + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL là Hệ quản trị cơ sở dữ liệu của năm 2024]]> + +
  • PostgreSQL đã được trao giải DBMS của năm 2024 bởi DB-Engines, đạt được sự công nhận này lần thứ năm, vượt qua 423 hệ thống quản lý cơ sở dữ liệu khác.
    • +
  • PostgreSQL, với lịch sử kéo dài gần 35 năm, tiếp tục đổi mới, như được thấy trong những cải tiến gần đây của PostgreSQL 17, phát hành vào tháng 9 năm 2024.
    • +
  • Snowflake và Microsoft lần lượt giành vị trí thứ hai và thứ ba, với Snowflake được ghi nhận nhờ kho dữ liệu dựa trên đám mây và hỗ trợ đa đám mây, trong khi Microsoft cung cấp các cơ sở dữ liệu quan hệ được quản lý mạnh mẽ thông qua Azure SQL Database và SQL Server.
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL là Hệ quản trị cơ sở dữ liệu của năm 2024 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Đăng nhập OAuth của Google không bảo vệ chống lại việc mua một tên miền của startup thất bại]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000ZĐăng nhập OAuth của Google không bảo vệ chống lại việc mua một tên miền của startup thất bại + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Kiếm thu nhập thụ động bằng cách sử dụng kỹ năng lập trình]]> + +
  • Người tác giả đã chuyển từ vai trò CTO sang làm một doanh nhân độc lập, thành công kiếm được nhiều hơn thông qua một danh mục các sản phẩm phần mềm.
    • +
  • Những chiến lược chính bao gồm tập trung vào công việc sâu, bắt đầu với các dự án nhỏ, lặp lại nhanh chóng và dành thời gian cho các nỗ lực tiếp thị.
    • +
  • Chuyến hành trình nhấn mạnh sự kiên cường do những bất định, nhưng làm nổi bật sự tự chủ và tự do vô song của con đường sự nghiệp này, khuyến khích những người có kỹ năng lập trình nên cân nhắc nó để có thu nhập thụ động.
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000ZKiếm thu nhập thụ động bằng cách sử dụng kỹ năng lập trình + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Tây Ban Nha đề xuất thuế 100% đối với nhà ở được mua bởi cư dân không thuộc EU]]> + +
  • Tây Ban Nha đang xem xét áp dụng thuế 100% đối với việc mua bất động sản bởi các cư dân không thuộc EU, nhằm giải quyết cuộc khủng hoảng nhà ở và hạn chế việc mua bán mang tính đầu cơ.
    • +
  • Đề xuất của Thủ tướng Pedro Sánchez bao gồm việc mở rộng nhà ở xã hội và điều chỉnh cho thuê du lịch để giải quyết sự chênh lệch giữa giá nhà và thu nhập.
    • +
  • Việc đề xuất này trở thành luật trong tương lai là không chắc chắn, với một số nhà phân tích coi nó như một biện pháp ngăn cản các nhà đầu tư nước ngoài hơn là một sự thay đổi lập pháp được đảm bảo.
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000ZTây Ban Nha đề xuất thuế 100% đối với nhà ở được mua bởi cư dân không thuộc EU + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Apple sẽ sớm nhận được chip 'sản xuất tại Mỹ' từ nhà máy của TSMC ở Arizona]]> + +
  • Apple đang thử nghiệm các bộ vi xử lý từ cơ sở của TSMC tại Arizona, với kế hoạch sản xuất hàng loạt vào quý đầu tiên, có thể trở thành khách hàng đầu tiên của TSMC tại Mỹ cho các chip sản xuất trong nước. - Sáng kiến này nhằm tăng cường sự độc lập về silicon của Mỹ, giảm sự phụ thuộc vào Đài Loan, nơi dễ bị tổn thương trước các rủi ro địa chính trị và thiên nhiên. - Nhà máy của TSMC tại Arizona dự kiến sẽ sản xuất các chip tiên tiến 3nm và 2nm, với nỗ lực liên tục để tăng cường tuyển dụng địa phương và hợp tác với các trường đại học Mỹ, mặc dù việc đóng gói ban đầu sẽ diễn ra tại Đài Loan cho đến khi cơ sở Peoria đi vào hoạt động.
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000ZApple sẽ sớm nhận được chip 'sản xuất tại Mỹ' từ nhà máy của TSMC ở Arizona + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[43 nghìn tài xế ít hơn trên các con đường ở Manhattan sau khi thu phí tắc nghẽn được kích hoạt]]> + +
  • Sau khi áp dụng giá cước tắc nghẽn, đã có sự giảm 7,5% số lượng tài xế vào Manhattan dưới phố 60, tương đương với 43.000 tài xế ít hơn mỗi ngày trong tuần.
    • +
  • Việc giảm lưu lượng giao thông đã cải thiện dòng chảy giao thông và tăng tốc độ xe buýt, với một số xe buýt nhanh có lượng hành khách tăng cao hơn.
    • +
  • Mặc dù có một số phản đối chính trị, Cơ quan Giao thông Vận tải Đô thị (MTA) sử dụng doanh thu từ phí cầu đường, ước tính khoảng 500 triệu đô la hàng năm, để cải thiện hệ thống giao thông.
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z43 nghìn tài xế ít hơn trên các con đường ở Manhattan sau khi thu phí tắc nghẽn được kích hoạt + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Điểm nổi bật của Uv là giúp tạo ra các môi trường tạm thời một cách dễ dàng]]> 2025-01-05T00:00:00.000ZGuten: Máy in báo nhỏ Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[Xe Volvo tự lái 1993 với hệ thống lái mở]]> - -
  • Một nhóm bạn đã tham gia Carbage Run 2025 phiên bản mùa đông, một cuộc đua kéo dài 6 ngày qua Thụy Điển đến vòng cực và trở lại Helsinki, yêu cầu các xe phải ít nhất 20 năm tuổi và có giá trị dưới 1000 €.
    • -
  • Họ đã biến đổi một chiếc Volvo 940 Estate năm 1993 thành một phương tiện tự lái bằng cách sử dụng openpilot từ comma.ai, tích hợp các thành phần hiện đại như hệ thống lái trợ lực điện, Bosch iBooster và cảm biến radar của Tesla.
    • -
  • Những cập nhật trong tương lai sẽ bao gồm chi tiết về hệ thống dây điện, một Bộ Điều Khiển Động Cơ (ECU) tùy chỉnh, và kế hoạch mã nguồn mở, nhấn mạnh cách tiếp cận sáng tạo của dự án trong việc trang bị công nghệ tự động cho các phương tiện cũ.
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000ZXe Volvo tự lái 1993 với hệ thống lái mở - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace: Thuật toán kết xuất địa hình trong chưa đầy 20 dòng mã (2020)]]> - -
  • Trò chơi Comanche của NovaLogic năm 1992 đã sử dụng công cụ Voxel Space, một kỹ thuật dựng hình 2.5D dựa trên ray casting, để tạo ra các địa hình chi tiết với đổ bóng và bóng đổ.
    • -
  • Động cơ Voxel Space sử dụng bản đồ độ cao và màu sắc cùng với một thuật toán kết xuất đơn giản, vẽ các đường thẳng đứng từ sau ra trước, có thể được tối ưu hóa để cải thiện hiệu suất.
    • -
  • Đoạn mã của động cơ có sẵn theo giấy phép MIT, nhưng công nghệ này có thể vẫn được cấp bằng sáng chế ở một số khu vực nhất định.
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace: Thuật toán kết xuất địa hình trong chưa đầy 20 dòng mã (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Vẽ một đường viền trong trò chơi điện tử như thế nào]]> - -
  • Theo bài viết, có năm kỹ thuật để tạo đường viền trong Unity, một nền tảng phát triển game phổ biến, được sử dụng trong các trò chơi như Sable và The Last of Us. - Các kỹ thuật bao gồm Hiệu ứng Vành, Đùn Đỉnh, Bộ đệm Mờ, Thuật toán Lũ Nhảy, và Phát hiện Cạnh, mỗi kỹ thuật có những ưu điểm và nhược điểm riêng về hiệu suất và chất lượng hình ảnh. - Bài viết cung cấp cái nhìn sâu sắc về việc cân bằng các phương pháp này để đạt được thẩm mỹ trò chơi tối ưu và hỗ trợ lối chơi, kèm theo các tài nguyên bổ sung và ghi nhận cho các mô hình 3D.
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000ZVẽ một đường viền trong trò chơi điện tử như thế nào - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Tôi sẽ nghỉ việc tại Washington Post]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000ZTôi sẽ nghỉ việc tại Washington Post - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity có quảng cáo]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity có quảng cáo - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/zh-Hans.xml b/static/rss/story/zh-Hans.xml index 5ff395e9a..ef6e34ade 100644 --- a/static/rss/story/zh-Hans.xml +++ b/static/rss/story/zh-Hans.xml @@ -15,11 +15,189 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[“思客安全研究员部署恶意NPM包,目标是cursor.com”]]> + +
  • “一个 Snyk 安全研究员发布了针对 AI 编码公司 Cursor.com 的恶意 NPM 包,以收集系统数据并将其发送到攻击者控制的服务。”
    • +
  • “这些被标识为“cursor-retrieval”、“cursor-always-local”和“cursor-shadow-workspace”的软件包被OpenSSF软件包分析扫描器标记,导致发布了MAL-2025-27、MAL-2025-28和MAL-2025-29的建议。”
    • +
  • “此事件突显了在安装之前仔细审查NPM包以避免潜在安全威胁的重要性。”
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Z“思客安全研究员部署恶意NPM包,目标是cursor.com” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[“我切换到 Firefox 后再也没有回头”]]> + +
  • Firefox因其出色的标签管理、内置的Pocket功能用于保存链接以及注重隐私的电子邮件中继而受到赞誉,使其成为Chrome的强大替代品。- 其他功能如用户友好的截图工具、ChatGPT按钮、画中画、自定义搜索选项和流畅的滚动增强了浏览体验。- 尽管Firefox缺乏Chrome的网络应用功能,但其周到的设计和较低的资源需求使其成为一些用户的首选。
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Z“我切换到 Firefox 后再也没有回头” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[“Sonos首席执行官在应用程序更新风波后辞职”]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000Z“Sonos首席执行官在应用程序更新风波后辞职” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[“在MrBeast的腹中”]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Z“在MrBeast的腹中” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[“GitHub Git 操作已中断”]]> + +
  • “GitHub在2025年1月13日因配置更改影响内部负载均衡器而面临Git操作中断,从23:35持续到00:24(UTC)。- 通过恢复配置更改解决了该问题,GitHub正在努力改进监控和部署流程以防止类似事件。- 此次中断还影响了GitHub的Actions和Pages服务,突显了其平台服务的互联性质。”
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000Z“GitHub Git 操作已中断” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[“ZFS 2.3发布,支持ZFS raidz扩展”]]> + +
  • “OpenZFS 2.3.0 已发布,引入了重要功能,如 RAIDZ 扩展、快速重复数据删除、直接输入/输出、JSON 输出和对长文件名的支持。- 此版本包括基本的错误修复和性能增强,兼容 Linux 内核 4.18 - 6.12 和 FreeBSD 版本 13.3, 14.0 - 14.2。- 此更新是由 134 位贡献者共同努力的成果,提供了全面的文档和变更日志供审阅。”
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000Z“ZFS 2.3发布,支持ZFS raidz扩展” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[“Webtop – Alpine、Ubuntu、Fedora 和 Arch 容器包含完整的桌面环境”]]> + +
  • “Linuxserver/webtop 提供基于 Alpine、Ubuntu、Fedora 和 Arch 的容器,这些容器具有可通过网络浏览器访问的完整桌面环境,支持 x86-64 和 arm64 架构。”
    • +
  • “用户可以通过使用特定的镜像标签,从各种桌面环境中进行选择,如XFCE、KDE、MATE、i3、Openbox和IceWM,并通过指定的URL访问Webtop。”
    • +
  • “安全功能包括 Docker 的 seccomp 选项和身份验证设置,通过环境变量提供自定义选项,并支持使用开源驱动程序进行 GPU 加速。”
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000Z“Webtop – Alpine、Ubuntu、Fedora 和 Arch 容器包含完整的桌面环境” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[“研究发现,五分之一的在线招聘信息要么是假的,要么从未被填补。”]]> + +
  • “最近的一项研究表明,20%的在线招聘信息要么是假的,要么无人填补,这增加了求职者的挫败感。- 这种“幽灵职位”趋势可能是公司为了展示增长形象而采取的一种策略。- Greenhouse和LinkedIn等招聘平台已经推出了职位验证服务,以帮助用户识别真实的就业机会。”
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z“研究发现,五分之一的在线招聘信息要么是假的,要么从未被填补。” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[“为了给司机节省几秒钟而使行人交叉路口变得不安全”]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Z“为了给司机节省几秒钟而使行人交叉路口变得不安全” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL是2024年度数据库管理系统]]> + +
  • PostgreSQL被DB-Engines评为2024年度数据库管理系统(DBMS),这是其第五次获得此殊荣,超过了其他423个数据库管理系统。
    • +
  • “PostgreSQL 拥有近 35 年的历史,仍在不断创新,这在 2024 年 9 月发布的 PostgreSQL 17 的最新增强功能中得到了体现。”
    • +
  • “雪花公司和微软分别获得了第二和第三名,雪花公司因其基于云的数据仓库和多云支持而受到关注,而微软则通过 Azure SQL 数据库和 SQL 服务器提供强大的托管关系数据库。”
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL是2024年度数据库管理系统 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[“Google 的 OAuth 登录无法防止购买失败初创公司的域名”]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Z“Google 的 OAuth 登录无法防止购买失败初创公司的域名” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[“利用编程技能赚取被动收入”]]> + +
  • “作者从首席技术官的角色转变为独立创业者,通过一系列软件产品成功赚取了更多收入。”
    • +
  • “关键策略包括专注于深度工作,从小项目开始,快速迭代,并投入时间进行营销工作。”
    • +
  • “这段旅程强调了由于不确定性而需要的韧性,但同时突出了这一职业道路无与伦比的自主性和自由,鼓励那些拥有编码技能的人考虑将其作为被动收入的来源。”
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Z“利用编程技能赚取被动收入” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[西班牙提议对非欧盟居民购买的房屋征收100%税]]> + +
  • “西班牙正在考虑对非欧盟居民的房地产购买征收100%的税,以解决住房危机并遏制投机性购买。”
    • +
  • “首相佩德罗·桑切斯的提议包括扩大社会住房和规范旅游租赁,以解决房价与收入之间的差距。”
    • +
  • “该提案作为法律的未来尚不确定,一些分析人士认为它更像是对外国投资者的威慑,而不是一项有保障的立法变更。”
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Z西班牙提议对非欧盟居民购买的房屋征收100%税 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[“苹果将很快从台积电的亚利桑那州工厂收到‘美国制造’的芯片。”]]> + +
  • “苹果正在测试来自台积电亚利桑那工厂的处理器,计划在第一季度实现量产,可能成为台积电首个使用本地制造芯片的美国客户。- 这一举措旨在增强美国的硅独立性,减少对台湾的依赖,因为台湾易受地缘政治和自然风险的影响。- 台积电的亚利桑那工厂计划生产先进的3纳米和2纳米芯片,并正在努力加强本地招聘和与美国大学的合作,尽管封装工作最初将在台湾进行,直到皮奥里亚工厂投入运营。”
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Z“苹果将很快从台积电的亚利桑那州工厂收到‘美国制造’的芯片。” + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[“拥堵收费启动后,曼哈顿道路上的司机减少了4.3万人。”]]> + +
  • “在实施拥堵收费后,进入曼哈顿60街以下地区的司机减少了7.5%,相当于每个工作日减少了43,000名司机。”
    • +
  • “交通量的减少改善了交通流量并提高了公交车速度,一些快速公交的乘客量有所增加。”
    • +
  • “尽管存在一些政治反对意见,大都会运输署(MTA)将估计每年5亿美元的收费收入用于交通改善。”
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z“拥堵收费启动后,曼哈顿道路上的司机减少了4.3万人。” + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[“Uv 的杀手级功能是让临时环境变得简单”]]> 2025-01-05T00:00:00.000Z“Guten:一个小型报纸打印机” Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[“1993年沃尔沃自动驾驶汽车,配备开放式驾驶员”]]> - -
  • “ 一群朋友参加了2025年冬季版的Carbage Run,这是一场为期6天的拉力赛,穿越瑞典到达北极圈,然后返回赫尔辛基,要求参赛车辆至少有20年车龄且价值低于1000欧元。”
    • -
  • “他们将一辆1993年的沃尔沃940旅行车改装成一辆自动驾驶汽车,使用了comma.ai的openpilot,并结合了现代组件,如电动助力转向、博世iBooster和特斯拉雷达传感器。”
    • -
  • “未来的更新将包括有关布线、定制发动机控制单元(ECU)的详细信息,以及开源代码的计划,突显出该项目在为旧车辆配备自动驾驶技术方面的创新方法。”
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z“1993年沃尔沃自动驾驶汽车,配备开放式驾驶员” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[“VoxelSpace:地形渲染算法少于20行代码(2020)”]]> - -
  • “NovaLogic的1992年游戏《Comanche》使用了Voxel Space引擎,这是一种基于光线投射的2.5D渲染技术,用于创建具有阴影和阴影的详细地形。”
    • -
  • “Voxel Space引擎使用高度和颜色地图以及一个简单的渲染算法,从后到前绘制垂直线,这可以优化性能。”
    • -
  • “引擎的代码在 MIT 许可证下可用,但该技术在某些地区可能仍然受到专利保护。”
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000Z“VoxelSpace:地形渲染算法少于20行代码(2020)” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[“如何在电子游戏中绘制轮廓”]]> - -
  • “文章讨论了在Unity这一流行的游戏开发平台中渲染轮廓的五种技术,强调了它们在《Sable》和《最后生还者》等游戏中的应用。- 技术包括边缘效果、顶点挤出、模糊缓冲、跳跃泛洪算法和边缘检测,每种技术在性能和视觉质量方面都有其独特的优势和权衡。- 文章提供了关于如何平衡这些方法以实现最佳游戏美学和游戏支持的见解,并附有额外的资源和3D模型的鸣谢。”
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Z“如何在电子游戏中绘制轮廓” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[“我将辞去《华盛顿邮报》的工作”]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Z“我将辞去《华盛顿邮报》的工作” - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[“Perplexity有广告”]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000Z“Perplexity有广告” - Sat, 04 Jan 2025 00:00:00 GMT -     diff --git a/static/rss/story/zh-Hant.xml b/static/rss/story/zh-Hant.xml index 0cc117315..61cf9cb6c 100644 --- a/static/rss/story/zh-Hant.xml +++ b/static/rss/story/zh-Hant.xml @@ -15,11 +15,193 @@ https://hn.cho.sh RSS for Node - Mon, 13 Jan 2025 19:11:49 GMT + Tue, 14 Jan 2025 19:14:17 GMT - Mon, 13 Jan 2025 00:00:00 GMT + Tue, 14 Jan 2025 00:00:00 GMT 60 + + <![CDATA[「Snyk 資安研究員部署惡意 NPM 套件以攻擊 cursor.com」]]> + +
  • 「一位 Snyk 的安全研究員發布了針對 AI 編碼公司 Cursor.com 的惡意 NPM 套件,以收集系統數據並將其發送到由攻擊者控制的服務。」
    • +
  • 「這些套件被標識為“cursor-retrieval”、“cursor-always-local”和“cursor-shadow-workspace”,並被 OpenSSF 套件分析掃描器標記,導致發出建議 MAL-2025-27、MAL-2025-28 和 MAL-2025-29。」
    • +
  • 此事件突顯了在安裝前仔細檢查 NPM 套件以避免潛在安全威脅的重要性。
    • + +]]>     + https://sourcecodered.com/snyk-malicious-npm-package/ + 2025-01-14T00:00:00.000Z「Snyk 資安研究員部署惡意 NPM 套件以攻擊 cursor.com」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「我改用 Firefox 後就再也沒有回頭過」]]> + +
  • Firefox 因其優越的分頁管理、內建的 Pocket 功能用於儲存連結,以及注重隱私的電子郵件中繼功能而受到讚譽,使其成為 Chrome 的強大替代品。- 其他功能如使用者友好的截圖工具、ChatGPT 按鈕、畫中畫、可自訂的搜尋選項和流暢的滾動效果,提升了瀏覽體驗。- 雖然 Firefox 缺乏 Chrome 的網頁應用程式功能,但其周到的設計和較低的資源需求使其成為某些使用者的首選。
    • + +]]>     + https://www.howtogeek.com/why-i-switched-to-firefox-and-never-looked-back/ + 2025-01-14T00:00:00.000Z「我改用 Firefox 後就再也沒有回頭過」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Sonos 執行長在應用程式更新風波後辭職]]> + -

    +]]>     + https://www.reuters.com/business/retail-consumer/sonos-ceo-patrick-spence-steps-down-after-app-update-debacle-2025-01-13/ + 2025-01-14T00:00:00.000ZSonos 執行長在應用程式更新風波後辭職 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「在 MrBeast 的肚子裡」]]> + -

    +]]>     + https://kevinmunger.substack.com/p/in-the-belly-of-the-mrbeast + 2025-01-14T00:00:00.000Z「在 MrBeast 的肚子裡」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「GitHub Git 操作暫時無法使用」]]> + +
  • 「GitHub 在 2025 年 1 月 13 日因為一項影響內部負載平衡器的配置變更而遭遇 Git 操作中斷,持續時間從 UTC 時間 23:35 到 00:24。- 問題通過恢復配置變更得到解決,GitHub 正在努力改進監控和部署流程以防止類似事件發生。- 此次中斷也影響了 GitHub 的 Actions 和 Pages 服務,突顯了其平台服務的互聯性。」
    • + +]]>     + https://www.githubstatus.com/incidents/qd96yfgvmcf9 + 2025-01-14T00:00:00.000Z「GitHub Git 操作暫時無法使用」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「ZFS 2.3 發佈,新增 ZFS raidz 擴展功能」]]> + +
  • 「OpenZFS 2.3.0 已經發布,推出了重要功能,如 RAIDZ 擴展、快速重複資料刪除、直接輸入/輸出、JSON 輸出以及對長檔名的支援。此版本包含了基本的錯誤修正和效能增強,與 Linux 核心 4.18 - 6.12 和 FreeBSD 版本 13.3、14.0 - 14.2 相容。這次更新是由 134 位貢獻者共同努力的成果,並提供了完整的文件和變更記錄供檢閱。」
    • + +]]>     + https://github.com/openzfs/zfs/releases/tag/zfs-2.3.0 + 2025-01-14T00:00:00.000Z「ZFS 2.3 發佈,新增 ZFS raidz 擴展功能」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[Webtop-包含完整桌面環境的 Alpine、Ubuntu、Fedora 和 Arch 容器]]> + +
  • Linuxserver/webtop 提供基於 Alpine、Ubuntu、Fedora 和 Arch 的容器,這些容器具有完整的桌面環境,可透過網頁瀏覽器存取,並支援 x86-64 和 arm64 架構。
    • +
  • 使用者可以透過特定的映像標籤選擇各種桌面環境,例如 XFCE、KDE、MATE、i3、Openbox 和 IceWM,並透過指定的 URL 存取 Webtop。
    • +
  • 安全功能包括 Docker 的 seccomp 選項和身份驗證設置,並可透過環境變數進行自訂,且支援使用開源驅動程式的 GPU 加速。
    • + +]]>     + https://docs.linuxserver.io/images/docker-webtop/ + 2025-01-14T00:00:00.000ZWebtop-包含完整桌面環境的 Alpine、Ubuntu、Fedora 和 Arch 容器 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[研究發現,每五個線上職缺中就有一個是假的或從未被填補。]]> + +
  • 「一項最近的研究顯示,20% 的線上職缺要麼是假的,要麼是未填補的,這增加了求職者的挫折感。這種“幽靈職缺”趨勢可能是公司用來展示成長形象的一種策略。像 Greenhouse 和 LinkedIn 這樣的求職平台已經推出了職缺驗證服務,以協助用戶識別真實的工作機會。」
    • + +]]>     + https://gizmodo.com/1-in-5-online-job-postings-are-either-fake-or-never-filled-study-finds-2000549706 + 2025-01-14T00:00:00.000Z研究發現,每五個線上職缺中就有一個是假的或從未被填補。 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[為了讓駕駛節省幾秒鐘而使行人穿越道變得不安全]]> + -

    +]]>     + https://collegetowns.substack.com/p/making-an-intersection-unsafe-for + 2025-01-14T00:00:00.000Z為了讓駕駛節省幾秒鐘而使行人穿越道變得不安全 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[PostgreSQL 是 2024 年度的資料庫管理系統]]> + +
  • PostgreSQL 獲得了 DB-Engines 頒發的 2024 年度資料庫管理系統獎,這是它第五次獲得此殊榮,超越了其他 423 種資料庫管理系統。
    • +
  • PostgreSQL 擁有近 35 年的歷史,持續創新,這在 2024 年 9 月發布的 PostgreSQL 17 的最新增強功能中可見一斑。
    • +
  • 「Snowflake 和 Microsoft 分別獲得第二和第三名,Snowflake 因其雲端資料倉儲和多雲支援而受到讚譽,而 Microsoft 則透過 Azure SQL Database 和 SQL Server 提供強大的託管關聯式資料庫。」
    • + +]]>     + https://db-engines.com/en/blog_post/109 + 2025-01-14T00:00:00.000ZPostgreSQL 是 2024 年度的資料庫管理系統 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[「Google 的 OAuth 登入無法防止購買失敗的新創公司網域」]]> + -

    +]]>     + https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw + 2025-01-14T00:00:00.000Z「Google 的 OAuth 登入無法防止購買失敗的新創公司網域」 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[利用程式設計技能賺取被動收入]]> + +
  • 作者從首席技術官的職位轉型為個人創業者,透過一系列軟體產品成功賺取更多收入。
    • +
  • 關鍵策略包括專注於深度工作、從小型專案開始、快速迭代,以及投入時間於行銷工作。
    • +
  • 這段旅程強調了因不確定性而需要的韌性,但也突顯了這條職業道路無與倫比的自主性和自由,鼓勵擁有程式設計技能的人考慮將其作為被動收入的來源。
    • + +]]>     + https://www.coryzue.com/writing/solopreneur/ + 2025-01-14T00:00:00.000Z利用程式設計技能賺取被動收入 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[西班牙提議對非歐盟居民購買的房屋徵收100%稅]]> + +
  • 西班牙正在考慮對非歐盟居民的房地產購買徵收100%的稅,旨在解決住房危機並抑制投機性購買。
    • +
  • 首相佩德羅·桑切斯的提議包括擴大社會住宅和規範旅遊租賃,以解決房價與收入之間的差距。
    • +
  • 該提案作為法律的未來尚不確定,一些分析師認為它更像是對外國投資者的威懾,而不是一項保證的立法變革。
    • + +]]>     + https://www.theguardian.com/world/2025/jan/13/spain-proposes-100-tax-on-homes-bought-by-non-eu-residents + 2025-01-14T00:00:00.000Z西班牙提議對非歐盟居民購買的房屋徵收100%稅 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[蘋果即將從台積電位於亞利桑那州的工廠獲得「美國製造」的晶片]]> + +
  • 蘋果正在測試來自台積電亞利桑那廠的處理器,計劃在第一季度開始量產,可能成為台積電首位使用美國本地製造晶片的客戶。此舉旨在加強美國的矽獨立性,減少對台灣的依賴,因為台灣易受地緣政治和自然風險的影響。台積電的亞利桑那廠將生產先進的3奈米和2奈米晶片,並持續努力增強當地的招聘和與美國大學的合作,儘管封裝工作將在台灣進行,直到皮奧里亞設施投入運營。
    • + +]]>     + https://www.tomshardware.com/tech-industry/apple-will-soon-receive-made-in-america-chips-from-tsmcs-arizona-fab-company-in-final-stages-of-quality-verification + 2025-01-14T00:00:00.000Z蘋果即將從台積電位於亞利桑那州的工廠獲得「美國製造」的晶片 + Tue, 14 Jan 2025 00:00:00 GMT +     + + <![CDATA[在擁擠收費啟用後,曼哈頓道路上的駕駛人數減少了43,000人]]> + +
  • 「在實施擁擠收費後,進入曼哈頓60街以下的駕駛人數減少了7.5%,相當於每個工作日減少了43,000名駕駛。」
    • +
  • 交通量的減少改善了交通流量並提高了公車速度,部分快捷公車的乘客量有所增加。
    • +
  • 大都會運輸署(MTA)將估計每年5億美元的通行費收入用於交通改善,儘管面臨一些政治反對。
    • + +]]>     + https://gothamist.com/news/43k-fewer-drivers-on-manhattan-roads-after-congestion-pricing-turned-on-mta-says + 2025-01-14T00:00:00.000Z在擁擠收費啟用後,曼哈頓道路上的駕駛人數減少了43,000人 + Tue, 14 Jan 2025 00:00:00 GMT +     <![CDATA[Uv 的殺手級功能是讓臨時環境的設置變得簡單]]> 2025-01-05T00:00:00.000ZGuten:一台迷你報紙印表機 Sun, 05 Jan 2025 00:00:00 GMT - - <![CDATA[1993 年的 Volvo 自駕車搭載 Open Pilot 系統]]> - -
  • 「一群朋友參加了 2025 年冬季版的 Carbage Run,這是一場為期 6 天的拉力賽,從瑞典出發到達北極圈,然後返回赫爾辛基,參賽車輛必須至少有 20 年車齡且價值低於 1000 歐元。」
    • -
  • 他們將一輛1993年的Volvo 940 Estate改裝成自駕車,使用來自comma.ai的openpilot,並整合了現代化的元件,如電動助力轉向、Bosch iBooster和Tesla雷達感測器。
    • -
  • 未來的更新將包括有關配線、自訂引擎控制單元(ECU)的詳細資訊,以及開源代碼的計劃,突顯出該專案在為舊款車輛改裝自動駕駛技術方面的創新方法。
    • - -]]>     - https://practicapp.com/carbagepilot-part1/ - 2025-01-04T00:00:00.000Z1993 年的 Volvo 自駕車搭載 Open Pilot 系統 - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[VoxelSpace:地形渲染演算法在不到 20 行程式碼中實現 (2020)]]> - -
  • NovaLogic 於 1992 年推出的遊戲《Comanche》使用了 Voxel Space 引擎,這是一種基於光線投射的 2.5D 渲染技術,用於創建具有陰影和陰影效果的詳細地形。
    • -
  • Voxel Space 引擎使用高度圖和色彩圖以及一個簡單的渲染算法,從後到前繪製垂直線,這可以進行效能優化。
    • -
  • 「引擎的程式碼是以 MIT 授權條款提供,但該技術在某些地區可能仍然受到專利保護。」
    • - -]]>     - https://github.com/s-macke/VoxelSpace - 2025-01-04T00:00:00.000ZVoxelSpace:地形渲染演算法在不到 20 行程式碼中實現 (2020) - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[「如何在電子遊戲中繪製輪廓」]]> - -
  • 「這篇文章討論了在 Unity 這個受歡迎的遊戲開發平台中渲染輪廓的五種技術,並強調它們在《Sable》和《最後生還者》等遊戲中的應用。- 技術包括邊緣效果、頂點擠出、模糊緩衝區、跳躍洪水演算法和邊緣檢測,每種技術在效能和視覺品質方面都有其獨特的優勢和取捨。- 文章提供了如何平衡這些方法以達到最佳遊戲美學和遊戲性支持的見解,並附上了額外的資源和 3D 模型的來源。」
    • - -]]>     - https://ameye.dev/notes/rendering-outlines/ - 2025-01-04T00:00:00.000Z「如何在電子遊戲中繪製輪廓」 - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[我將辭去《華盛頓郵報》的工作]]> - -

    -]]>     - https://anntelnaes.substack.com/p/why-im-quitting-the-washington-post - 2025-01-04T00:00:00.000Z我將辭去《華盛頓郵報》的工作 - Sat, 04 Jan 2025 00:00:00 GMT -     - - <![CDATA[Perplexity 有廣告了]]> - -

    -]]>     - https://twitter.com/damengchen/status/1875296442417607072 - 2025-01-04T00:00:00.000ZPerplexity 有廣告了 - Sat, 04 Jan 2025 00:00:00 GMT -