Published: 2025-01-10 | Origin: Hacker News

The text discusses a post made by a design and construction company, initially questioning whether it was a joke due to its misleading information. It contrasts misinformation (ignorance) and disinformation (malice), and mentions trolling as a separate phenomenon. The author analyzes the inaccuracies in a graphical representation of circular arcs related to flight distances. They point out that while the depicted arcs suggest a significant difference in length, the calculation neglects the Earth's actual radius, which is vastly larger than implied. Ultimately, the analysis

Published: 2025-01-10 | Origin: Hacker News

The content discusses the first installment of the "Demystifying the PVS" series, which explores the precomputed visibility technique used in games like Quake, Half-Life, and those built on the Source Engine. The author developed a Python tool, vis.py, to reimplement this algorithm. The focus is on addressing the issue of overdraw in 3D rendering, where the same pixel is unnecessarily written multiple times, which can be problematic for performance, particularly on older hardware. To mitigate over

Published: 2025-01-10 | Origin: Hacker News

CannonBall is an enhanced game engine for the OutRun arcade game, rewritten in C++ from its original assembler code to support modern platforms with features like higher frame rates and widescreen. It requires the original ROMs for graphics and audio. Chris White, the project creator, maintains the Windows build, but other ports for Linux, Wii, Mac, and Raspberry Pi are managed by different individuals. CannonBall utilizes the SDL 2 and Boost libraries and has deprecated support for SDL 1. Users

Published: 2025-01-10 | Origin: Hacker News

Shavarsh Karapetyan (born May 19, 1953) is a retired Soviet finswimmer notable for heroically rescuing 20 individuals during a 1976 trolleybus accident in Yerevan, Armenia. Born in Kirovakan (now Vanadzor), he moved to Yerevan with his family at a young age and later pursued finswimming after training in swimming. In 1974, he prevented a bus disaster by taking control of a rolling

Published: 2025-01-10 | Origin: /r/ruby

The content discusses the complexities and vulnerabilities associated with email parsing in web applications, particularly how discrepancies in email address parsing can lead to access control bypasses and remote code execution (RCE). It highlights the lenient standards established by longstanding RFCs (Request for Comments), which complicate the development of reliable email parsers. As a result, many web applications depend on third-party email parsing libraries without fully understanding how they process email addresses, leading to potential security issues when decisions are made based on email domains

Published: 2025-01-10 | Origin: /r/ruby

The post from Doyensec LLC discusses a specific type of vulnerability in Ruby called class pollution, an idea derived from the concept of prototype pollution in JavaScript. Class pollution can be mainly categorized into three types: 1. **Merge on Hashes**: Class pollution is not applicable as the merge operation is contained within the hash. 2. **Merge on Attributes (Non-Recursive)**: This involves poisoning instance variables of an object, potentially replacing methods and altering the object's behavior without affecting the

Published: 2025-01-10 | Origin: /r/ruby

Ruby on Rails is a web framework that utilizes the params object, an instance of ActionController::Parameters, to manage user-provided data through key-value pairs. This object collects data from the request body, query strings, and route paths. A notable vulnerability, called the _json juggling attack, exploits JSON parsing within Rails by allowing attackers to supply a JSON object with a "_json" key. This creates a conflict between single and multi-item JSON structures, leading to potential authorization bypass issues when the authorization

Published: 2025-01-10 | Origin: Hacker News

Failed to fetch content - HTTP Status - 403

Published: 2025-01-10 | Origin: /r/programming

The author announces their decision to fully commit to developing their programming language, jank, by resigning from their current job, effective Wednesday. This choice comes after a decade of exploring programming language design, initially motivated by their need for safer systems with robust compile-time meta programming and improved parallelism beyond what C++ could offer. The author has experimented with various languages, including Rust, Common Lisp, OCaml, Haskell, and Clojure, finding value in Rust and Clojure that significantly

Published: 2025-01-10 | Origin: Hacker News

The content describes a two-player card game called Cuttle, which emerged in North America in the 1970s and is considered one of the earliest examples of a combat card game, predating later games like Magic the Gathering. Players aim to build a layout of cards totaling at least 21 points to win. Each player is dealt a hand of cards from a standard 52-card deck, with one player starting the game. Players take turns playing cards to form their layouts and can attack their opponent

Published: 2025-01-10 | Origin: /r/programming

OpenTofu has released version 1.9.0, marking the one-year anniversary of its initial 1.6 release. This update introduces several long-requested features, notably the provider for_each, facilitating multi-zone and multi-region deployments. As part of their support policy, 1.6 is no longer supported and users are encouraged to upgrade to at least 1.7. The release saw a remarkable increase in usage, with registry requests tripling to over 6 million per day

Published: 2025-01-10 | Origin: Hacker News

The ECOSCOPE report by Laurence Boone, Boris Cournède, and Marissa Plouin discusses the impact of the COVID-19 pandemic on homelessness across OECD countries. In response to rising homelessness, many governments implemented significant public support measures, such as quickly providing housing to homeless individuals. The report highlights the UK as an example, where individuals living on the streets or in shelters were housed in individual accommodations within days. To sustain this progress, the report looks to Finland's long-term strategy, which

Published: 2025-01-10 | Origin: /r/programming

The organization values and carefully reviews all feedback received. For information on available qualifiers, please refer to their documentation.

Published: 2025-01-10 | Origin: /r/programming

CyberInsider reports on a recent investigation by Wladimir Palant, which reveals that many Chrome Web Store extensions exploit a loophole to manipulate search rankings using misleading descriptions and irrelevant keywords. This manipulation clutters search results, often burying legitimate extensions under unrelated options. Developers are taking advantage of Chrome's multilingual support by filling less-used language fields with competitive keywords, affecting global search results. For instance, searching for "Norton Password Manager" sometimes yields unrelated extensions at the top. Despite Google's policies against

Published: 2025-01-10 | Origin: /r/ruby

On January 10, 2025, Maxime Chevalier-Boisvert announced the release of a new version of YJIT, which is designed to be faster, more stable, and more memory-efficient than previous versions. The prior year's release had successfully boosted performance, encouraging many businesses to upgrade their Ruby deployments, which was a significant change from the past when many were several versions behind. YJIT 3.4 is reported to be approximately 92% faster than the CRuby

Published: 2025-01-10 | Origin: Hacker News

Daniel Wirtz shared a brief update about his blog, which features a menu for navigation, options for dark mode, and sections for books, bookmarks, and tools. Additionally, he invites readers to subscribe to his blog for further content.

Published: 2025-01-10 | Origin: Hacker News

Some programming languages struggle with obscurity, lack of usage, or overly ambitious feature sets. For instance, languages like Fortress have complex type systems that hinder initial implementations. Others, like BF (Brainfuck) and Scheme, have many implementations but not enough actual use, as developers often prefer to create their own versions instead of using existing ones. Shen, a multiparadigm Lisp with a minimal specification, also faces this issue, evidenced by numerous implementations but few libraries. Forth follows a similar trend where

Published: 2025-01-10 | Origin: /r/programming

Li Haoyi's article, dated January 10, 2025, discusses the role and functioning of garbage collectors (GCs) in programming languages, particularly focusing on the Java Virtual Machine (JVM). While GCs are essential for managing program memory, they can sometimes malfunction in unexpected ways. The article aims to provide readers with a deeper understanding of JVM garbage collectors, including their fundamental design and performance benchmarks. It begins with a simple example of a garbage collector to illustrate how memory management works,

Published: 2025-01-10 | Origin: /r/programming

Failed to fetch content - HTTP Status - 403

Published: 2025-01-10 | Origin: /r/programming

The article discusses how large language models (LLMs), like ChatGPT, deal with conflicting and outdated information found on the internet. It highlights that LLMs are trained on vast datasets that contain both current and historical information, leading to situations where they may recognize multiple, contradictory pieces of information as valid. The author uses the example of mountain heights to illustrate these inconsistencies, noting that similar principles apply to other domains such as medication dosages and programming guidelines. The article emphasizes that LLMs lack