It is incredible to see a concept going from 'optical table of sensitive equipment fraught with numerous safety concerns' to 'here is a 1 kB svg animation, stare at it for 1 minute' in 3 months.

Enjoy your forbidden color, you earned it!

The article however concludes: “So do the illusions actually take you outside the natural human color gamut? Unfortunately, I’m not sure. I can’t find much quantitative information about how much your cones are saturated when you stare at red circles. My best guess is no, or perhaps just a little.”

FTA:

> The idea for that animation is not new. It’s ~~plagiarized~~ based on Skytopia’s Eclipse of Titan optical illusion (h/t Steve Alexander), which dates back to at least 2010.

I got the same e-mail sent to an address unique to HN. It is a custom domain with a catch-all enabled, the e-mail only came to the HN specific address.

edit: While the above statement is true, the e-mail was posted publicly on a 'whos hiring' thread so there is no mystery as to why it is receiving spam.

Questions for both you and OP:

Have you ever sent any email using this as a return address?

Have you ever received any non-spam HN mail at this address?

If yes, it seems like it might have been grabbed from a server in the middle. If not, then it does sound like HN has to be the direct source.

After further review, the e-mail was posted on a 'who's hiring' page, so to be honest its a miracle that this isn't receiving more spam!

Mine most certainly wasn't.

Is this your email: https://news.ycombinator.com/item?id=36157877 ?

Yikes yeah that's the one. Did not remember posting that. Thanks for clearing it up, that has to be the culprit.

You can search for specific strings in comments as well as stories with the search bar on the bottom of the page. Plugging you email in shows where it was posted.

Btw, posts to "who is hiring" and related threads remain permanently deletable, so you should be able to delete that post if you want to.

Most of us think our operational security is way better than it actually is.

Unfortunately the Internet does not forget.

but you can always ask dang to help you if you fucked up and find out something you need deleted here.

I can't remember if HN sends an activation link or anything on signup, but if so that would be the only thing ever sent to it.

deadbeef-f00d-f00d-deadbeef isn't a valid UUID v4

Aside from missing a grouping in the middle, you need the version and variant bits, ie:

XXXXXXXX-XXXX-4XXX-VXXX-XXXXXXXXXXXX

where V is 8, 9, A, or B

searching for deadbeef-f00d-400d-a00d-deadbeef does return the expected matches

Your comment is needed as a parent / top-level for the discussion. A lot of people were confused about the 'V' portion in particular. Thanks for the insight.

Here is the product page

https://www.sifive.com/boards/hifive-premier-p550

It is based on the ESWIN EIC7700X SoC with its quad core 1.8GHz RISC-V core

https://sifive.cdn.prismic.io/sifive/ZxLjE4F3NbkBXuzW_EIC770...

You also get Imagination AXM-8-256 'GPU' on chip. You get h264/h265 encode/decode and '3d support' in a yet-to-be-released driver.

Looks like a fairly promising product -- quite a step up from the unmatched

I have not been following the end-to-end encryption discussion in a while so please excuse my ignorance in asking...

How does the 'rubber hose' threat apply to Matrix? So long as you are in control of your home server (or at least use a home server you trust) I am not sure who your advisary would pressure.

They could force them to add a backdoor in the Element build uploaded to the app store so they can use that backdoor to attack specific users. This is why we need reproducible builds and code which automatically check for discrepancies.

FWIW, the current version of element (X) is published as a reproducible build on f-droid. https://f-droid.org/en/packages/io.element.android.x/

The attack on xz illustrates that even if the code is open source and the build is reproducible, well-designed attacks can still be executed.

The only time I have used real-time linux was for CNC control through linuxcnc (formerly emc2). https://linuxcnc.org/

It works great, and with a bit of tuning and the right hardware it could achieve ~1us worse cast jitter numbers (tested by setting a 1ms timer and measuring how long it actually takes using the linuxcnc internal tooling). Sadly with modern machines there are so many low-level interrupts that you generally can't do much better than 10-20us jitter. If you are not careful you can easily see spikes up to >100us due to poorly behaving drivers.

Came here to say basically the same thing. Linux CNC on an old PC with a parallel port can do some amazing things!

To be honest the never ending headache of getting things to work with SELinux under RHEL was a big driver for why I moved to debian.

Certainly SELinux has its place but I never found the value it offers to be worth the complexity it adds.

Same. People will always scream "it's not that hard just RTFM", but it's actually quite complex AND unique to RedHat's world. So of course when you are in a company that has a fleet of a mix of Ubuntu and Debian and RedHat, which is more common than you'd think, it becomes the oddball server nobody likes working on. And nobody wants to spend hours learning it in and out for just that. I don't think I ever worked at a shop that didn't end up disabling it completely out of frustration.

I never had any real problems with selinux, I've been using CentOS since version 5 something and with even just a cursory understanding of selinux I got by. Plus you could just disable it entirely by changing one setting so distro hopping for just this one thing seems a bit extreme.

The same reason why many people choose WhatsApp, Telegram, Slack, Discord over things like Signal or Matrix. They are just easier to use. It is about priorities. Maybe some day we solve the usability problems.

I get it for Matrix, but Signal really has had the same user experience as WhatsApp for years now. But anyway, your point still stands. That's why user-friendliness is an important part of security (and why Signal work is so important regarding secure messaging apps).

I think it is still impossible to backup one's own messages in Signal and then retrieve them back in another phone. It was possible on Android via root but basically impossible for unrooted phones which is a dealbreaker for Apple devices my friends and family use.

Signal has to provide 100% of the features and convenience of Whatsapp and some more without compromising security for it to be a viable alternative.

Backup/restore to a file works perfectly fine on unrooted Android phones.

Source: Just did it a couple weeks ago.

At most a little over one year ago, I installed Signal Desktop to open a link in a message I had received on my desktop. This is, apparently, deliberately unsupported, since the app claims that "[f]or your security, chat history isn't transferred to new linked devices". So no, the user experience of WhatsApp is miles ahead of Signal, at least if you want to use a real computer.

Important to note that the 'score' button doesn't work on the archive.org version

Then again any half decent hacker would know their score before clicking the button anyway ;-)

Genuinely curious - which model is this? I bought a LG C2 OLED last year (still current model) and never experienced this. It mentioned alexa support on the box, but I have never seen any popups related to it.

FWIW - on most LG TVs, you can 'revoke' your acceptance of the EULA, which essentially returns the TV to non-smart status. Most of the tiles will disappear from the home screen, as will the ads. Depending on the model you might need to futz with the settings to make sure that the TV defaults to the hdmi input instead of the homescreen when you turn it on.

I used to own a C2 in Brazil. Never accepted EULA. Noticed that the notification system sometimes notified me of TV Globo newest productions, begged me to install Alexa, begged me to install other random crap.

And when a guest accepted EULA it promptly filled my home screen with "recommendations" of documentaries about Porn, with explicit posters included.

I then threatened to sue them. The porn recommendations stopped and they sent me an apology, but the other ads remained.

Yup, LG C2. As the other poster said, it just periodically popped up with stuff, trying to get me to put it on the internet.

You should upgrade your search engine.

Here is a nice survey covering some of the commercial uses: https://www.photonics.com/Articles/Ultrafast_Lasers_Are_Quic... The market for commercial femtosecond lasers systems is nearly $1B/year!

These are just discussing femtosecond lasers, I don't see any mention of coulomb explosions? Maybe it's implied, but I don't see it.

The working mechanism of femtosecond (and picosecond for that matter) micromachining is the same as the coulomb explosion being discussed here. In the industry it is usually referred to 'athermal' or 'cold' to differentiate from the older system which rely on thermally heating the material to ionize it.

In fact it is mentioned explicitly in the wikipedia article:

>Coulomb explosions for industrial machining are made with ultra-short (picosecond or femtoseconds) laser pulses...Coulomb explosion etching can be used in any material to bore holes, remove surface layers, and texture and microstructure surfaces

It sounds like you're familiar with the field, so I'll accept that you're probably correct here, but the wikipedia article doesn't say what you're claiming.

It says coulom explosions are made with ultra short lasers, not that all ultra short laser pulses result in coulomb explosions, so for someone that doesn't know otherwise, you can't infer that whenever someone says ultra short laser cutting that it happens via coulomb explosions.