- NoahZunigaReinvested money isn't a cost, so the amount of reinvesting doesn't impact the profit number in their report.
- Thanks for this great comment!
> He also uses Rice’s theorem (old) to show that there is no uniform measure over the set of "possible universes."
I assume a finite uniform measure? Presumably |set| is a uniform measure over the set of "possible universes".
Anyway if I understood that correctly, than this is not that surprising? There isn't a finite uniform measure over the real line. If you only consider the possible universes of two particles at any distance from eachother, this models the real line and therefore has no finite uniform measure.
- Pretty sure this was a thing in the past, but that currently it has to be a court order.
- The cloudflare 15 year cert is one they issue privately and that they only use to authenticate your origin. Cloudflare manages the certificates for connections coming from the web.
- Have you heard the good news of Merkle Tree Certificates[1,2]? They include the transparency cryptography directly in the certificate issuance pipeline. This has multiple benefits, one of them being way smaller transparency logs.
1: https://www.youtube.com/watch?v=uSP9uT_wBDw A great explainer of how they work and why they're better.
2: https://davidben.github.io/merkle-tree-certs/draft-davidben-... The current working draft
- > # We must reshape X to be a column vector (3,1)
> # or rely on broadcasting rules carefully.
> Z = Y @ X.reshape(3, 1)
Why not use X.transpose()?
- I use cloudflare and it's great. It feels like the only registrar that has a business case for at cost domains. Also if you're worried about cloudflare downtime, you can only use them for dns resolution (which hasn't been impacted) and not for proxying.
- I mean this is a decision you can make, but its a disservice to your customers.
Starting in about a few months, user agents will stop requiring all certs to be logged in at least one RFC 6962 log. At that point some certs will not be visible to monitors that only monitor RFC 6962 logs.
Edit: This person behind merklemap known to be an asshole in the CT community.
- > With Github that’s not even an option.
Github does offer a self hosted product: GitHub Enterprise Server
- This article seems to imply that when works enter into the public domain depend on where they were published. This is not true! It's based on where you are and when it was published.I E, if you're in the USA and some work published in a death+50 year country is in the public domain in said country, it would still be illegal to distribute in the US.
Similarly, some works that are published in the US but are not in the public domain there could be perfectly legal to publish in a death+50 year country.
- its consistent cross site, so you get all the same privacy problems as with 3rd party cookies
- archive.today already takes down all reported CSAM? They explicitly don't want to archive it.
- > Even if you're worried about other people sniffing network traffic, the hostname you're visiting still gets revealed in plaintext during the SNI handshake
Many sites now support Encypted Client Hello. This makes it possible to send the hostname after the connection has been encrypted. This is enabled by default on cloudflare hosted domains (when cloudflare also manages DNS).
- Great news! Deno uses the same runtime as chrome, so you benefit from all those found exploits.
- There's a supportedsites.md file in the base directory of the git repo.
- You can only have a $1T tech stock sell off if $1T of tech stocks are bought.
- *searchable list of password hashes
- He, however, seems to hold the minority view under Nobel prize winning physicists on this subject.
- This is pretty obviously addressed in the article. The premise of the article is why don't users migrate to better platforms when the large ones are extracting as much money as possible (because the incentives are misaligned)
- They are immutable! The releases are signed with an attestation from a trusted third party that Github can't forge! Also these attestations are public and anyone can verify that the signing third party isn't misbehaving.
> Release attestations let you verify that an artifact is authentic and unchanged, even outside GitHub. Attestations use the Sigstore bundle format, so you can easily verify releases and assets using the GitHub CLI or integrate with any Sigstore-compatible tooling to automate policy enforcement in your CI/CD pipelines. For instructions on how to verify the integrity of a release, see our docs on verifying the integrity of a release.
They are using Sigstore, which is pretty standard in this space.