When you have a simple journey and no interruptions DB in long distance is pretty good, not excellent but solid. But with more complicated things traveling with DB is not well thought out and they don't see what could be possible. Changing a platform should show you in-station navigation door to door. DB navigator should not show you impossible journeys, it presents you with train switches where the second train already left once you arrive or displays the stop is canceled entirely.
DB Navigator and bahn.de have a monopoly over german train routing and ticketing, but are not subject to anti-trust regulation enough or run by the government directly (dataquality issues, etc).
DB is very much against grassroots movements trying to improve customer experience and quality, like community built ticket stores or wallet and calendar integration.
I also think the ministry of transportation and politicians are at fault for not getting DB to step up their game. Trying to privatize DB, rigid regulations for how DB has to run and not enough attention to rail as a whole for example. I would consider the "ampel" (21-24) to be one of the better ones. After some reforms, the government is still not in a position to control the monopolist enough.
I set it up for an old Google account that has been breached. It did a relatively good job, but HIBP has more data in my experience, albeit it mainly looks at emails, whereas Google's report can do lookups by full name, address, and phone number. I think it was useful, but did not get enough love to be like a second HIBP.
I use ChatGPT to compress SVGs, in particular QR codes. Many QR code SVG generators produce inefficient SVGs, and conventional SVG compressors often lack the understanding required for some compression techniques. ChatGPT can replace alignment indicators with <use> elements.
Is there a way to embed the data encoded in the QR code directly within the image? This would allow the data to be parsed directly by the browser, eliminating the need for computer vision to decode it again. Going further, for web images QR codes could be efficiently encoded and rendered by the browser.
I am not sure about your use case. There exist many JS libraries which will generate client side QR codes. How many of them do you handle that you optimize for file size? Or is it just an academic interest?
SVGs are XML so technically, yes, you can just embed your visually encoded payload data with namespaces attributes and elements. If you don't want to use namespaces, you can use off-canvas texts, hidden/opacity=0 texts or even XML comments. You can even use the regular metadata section of SVGs. You can make the whole QR code within the SVG a clickable link.
Heads up. The site you linked is just a wrapping of the original with adverts and tracking scripts. It isn't running the latest version either. Much better off using the creator's version.
I will say, I have never before this season seen so many seemingly-legit fake web stores. All with their little lock icons in the address bar. I assume LLMs helped kick it into overdrive too
Conflating transport-layer encryption with authenticity is the problem. The former should always be standard, the latter is unrelated and IMO needs a different mechanism.
Absent widespread adoption of DNSSEC, which has just not happened at all, I don't see any alternative.
The authentication must be done before the encryption parameters are negotiated, in order to protect against man-in-the-middle attacks. There must be some continuity between the two as well, since the authenticated party (both parties can be authenticated, but only one has to be) must digitally sign its parameters.
Any competing authentication scheme would therefore have to operate at a lower layer with even more fundamental infrastructure, and the only thing we've really got that fits the bill is DNS.
This applies to grandparent too (for the record I largely agree with them) but the issue isn't just "authenticity" but "identification" -- there's no real attestation about who is in on the other end of the site. This identity was once at least somewhat part of the certificate itself.
Yes, it is fair to say that domain names are not the sum total of identity. However, the EV certificate experience showed that, at least in terms of WebPKI and the open Internet, there really isn't anything better than domains yet.
We have clear and seemingly easy go-to examples like proving that yes, this is THE Microsoft, and not a shady fly-by-night spoof in a non-extradition territory, but apart from the headline companies--who as of late seem to like changing their names anyway--this actually isn't easy at all.
Walled gardens like app stores have different trade-offs, admittedly.
Graphene OS provides advanced security capabilities and a thorough defense-in-depth approach including a hardened supply chain. GOS aims to provide mechanisms to protect against 0day attacks. For example Celebrite can not open up GOS. GOS relys on hardware support provided by Pixels. Graphene OS works on getting their developments upstream.
Minecraft modding has done so much to get young people into CS. I started learning Java when I was 10 because I wanted to do modding. At university, I met so many people who had the same experience.
The tooling developed for Minecraft modding is world-class and better than what is developed during PhDs. It's very advanced, and people internalized the JVM and Java spec. One problem, though, is that Mojang's updates often change much of the foundation, and upgrading mods is very time-intensive. Mojang announced in 2012 that an official modding API is in the works. This is another step.
The best teams from Google CTF were invited to compete in Hackceler8, a combination of speedrunning and CTF, this year on a SEGA Genesis. Today are the finals, which are steamed and commented on YouTube. See this teaser [0]
Android is not just Android. The device vendors have to customize it to fit their devices by including drivers for example. Device vendors have the option to change the look pretty heavily, Samsung TouchWiz was infamous, Chinese vendors also offer very customized versions, including making it look like iOS.
What you are seeing is material design 3 "expressive" which will be rolled out in the next minor Android version and Google apps
I like the spirit of this comment (pointing out that it's OSS). I don't even disagree with discouraging people from asking questions that have readily searchable answers they'd be well served to direct themselves to.
But I think it can be assumed that someone asking such a questions is highly unlikely to be a world-class security researcher equipped to answer it for themselves by auditing the source code, so your response comes across as snarky for the sake of snark.
