hm do you have benchmarking fixture for that somewhere? I feel like one can improve speed for common cases, making other cases much slower, but I'm not sure what the common cases are, and what kind of tradeoff would be OK.
## Summary
A Denial of Service (DoS) vulnerability exists in the `dedotdotify()` function in `lib/urlapi.c` that can cause excessive CPU consumption due to O(n²) time complexity when processing...
ah. OK. (and yes, if the problem is "people get to pass unchecked complexity strings to libcurl", then that's an API consumer problem, not a problem of the lib implementing that API)
Simple solution here would *seem* (I bet the devil's in the details!) to be to have two arrays, instead of just the first
1. char array for output 2. max_substring_length_integer array for "how long is this output path component"
. Then, encountering `./` in the input just leaves both alone, and 1/2
## Summary
A Denial of Service (DoS) vulnerability exists in the `dedotdotify()` function in `lib/urlapi.c` that can cause excessive CPU consumption due to O(n²) time complexity when processing...
Summary: A major brick-and-mortar store sold an Apple Gift Card that Apple seemingly took offence to, and locked out my entire Apple ID, effectively bricking my devices and my iCloud Account, Apple Developer ID, and everything associated with it, and…
😲 OMG! #Apple released the Mail Drop feature back in 2014, and I had no idea! If you use Apple Mail app with an #iCloud account and Mail Drop enabled, it lets you attach files up to 5 GB via iCloud, even from a non iCloud #email address. It embeds links in your message, and the files are encrypted and stored for 30 days. It doesn't count against your iCloud storage, and even works for free iCloud users. I have been sending large files through Dropbox all this time! support.apple.com/guide/mail/s…
Summary: A major brick-and-mortar store sold an Apple Gift Card that Apple seemingly took offence to, and locked out my entire Apple ID, effectively bricking my devices and my iCloud Account, Apple Developer ID, and everything associated with it, and…
And finally done with the alt-texts for my trip to Japan. In total we are talking about 597 images, only a very small number of which received empty alt texts (because they showed largely the same thing as the previous one from a slightly different angle).
I don’t claim that they are perfect, but they are there! If you don’t like one, send me a better one.
I’m not yet done with the site, I still want to add more regular text, and more notably some videos, but this is a huge step in any case…
I’m proud of it, but my takeaway here really is that it is simply not practical to do like this for a personal site: I easily spent 20 times as much time on getting alt-texts than I spent on selecting the images and if anything that is a very low estimate. It simply doesn’t scale for posting a large number of vacation pictures, with this selection being very much a selection, we have many more images, not all of them good or even that dissimilar from what is there now, but still…
I was originally planning to also put pictures from my previous trip up, but the way this went I don’t think I’ll do that, at least not with fully manually generated alt texts.
I see a lot of complaints about AI-generated alt-texts, but I’m honestly not sure that they are worse than much of what I came up in this case, especially once I do a second path on them to fix any mistakes, in the same way in which I use DeepL for translations: It’s not that they are fully reliable, but they are good enough, that I can focus on the few issues they have and don’t have to do all the tedium that translating everything manually brings with it. And in a lot of cases DeepL does a better job than I would have done: My English is pretty good, but I am not a native speaker, and sometimes that’s noticeable in that my vocabulary is not as comprehensive as it is in German. Maybe the same approach would be fine for #accessibility? I’d be interested in opinions and proposals.
And I am familiar with all the benefits of alt-texts, but since that page is first and foremost a image-site, where not being able to see them will really remove most of the reasons to use it, it also does make me wonder how many people will actually benefit from it, compared to the effort I put in…
I normally use my computer with a regular qwerty keyboard. But since it's a seven-inch Toughpad, I wanted to try it with my Orbit Writer, due to the size. I bought it to use with my iPhone, which it does very well (better than with Android,). I read the manual and even saved the HID keyboard commands so that I could refer to them quickly. But I don't understand a few things.
1. It is missing the Windows key. Due to this, I can't get to the start menu as I usually do. I also can't get to the desktop in the regular way. 2. I created a desktop shortcut which I put on the start menu, but I can't type ctrl+escape at the same time, so that method of getting to the start menu is also blocked, meaning that I still can't get to the desktop. 3. I can't type NVDA+F11 or F12 for the system tray or the time and date, respectively. I was able to create new commands for both under Input Gestures. But I also tried NVDA+1 for key identification, with both caps lock and insert, and that didn't work either. Fortunately, I was able to create another gesture to get into the NVDA menu. 4. On a qwerty keyboard, I can type alt+f4 to switch between windows. If I hold the alt key, I can also continue pressing f4 to switch between more than two windows. But with the Orbit Writer, while the command works, it seems to only work for two windows i.e. I can't hold alt and continue pressing f4.
Am I missing something here or is this a half-implemented system? How can they say it works with Windows when basic commands can't even be performed? If there are ways around these problems, please let me know.
As for the last question, you probably meant alt+Tab. To be honest, that works nowhere except for normal keyboards, including, for example, Focus displays. You cannot hold an equivalent of alt and press an equivalent of Tab consequently. In JAWS at least there is a workaround: task list, JAWSKey+F10, don't know about NVDA though. #Accessibility
For #Apple #iPhone #MacOS developers: Are there any good docs or guides on Accessibility API and usage of it, specifically on interactions with Braille displays? The official docs are seemingly barely anything even for accessibility API in general much less Braille. #accessibility #braille #swift
A little funky Jazz number I found kicking about this morning called 'Just Your Average' because it's a standard chord sequence I put down ages ago and forgot about. Uses Native Instruments products only. Piano: The Gentleman Rhodes: Vintage Keys Bass: Monark Organ: Play Series Selection Drums: Studio Drummer. youtu.be/Agk2Z5mHMrs
A little funky Jazz number I found kicking about this morning called 'Just Your Average'because it's a standard chord sequence I put down ages ago and forgot...
Asi dost záleží na kontextu. Pokud to je někdo, s kým jsem měl už předchozí interakci a "znám" ho, nemám s tím problém, i když se blíž neznáme a formálně si tykání nenabídli. Pokud to je ale nějaký anonym, navíc v negativně vedené debatě, vadí mi to.
Safari 26.2 is here with 65 features + 165 bug fixes — including `field-sizing`, Navigation API, Largest Contentful Paint, `command` & `commandfor`, CHIPS opt-in partitioned cookies, `scrollend` event, `random()`, WebGPU in WebXR, `scrollbar-color`, `hidden=until-found` and *much* more! webkit.org/blog/17640/webkit-f…
I never thought about this before for some reason, but babies dream in the womb. They have REM sleep, so presumably have dreams based on their limited experience.
What was my first ever dream like? If I could experience it now would it be the most peaceful experience, or possibly terrifying to a grown adult?
Now is as good a time as any, so I am happy to announce that we have an #XMPP assembly at #39C3, as part of the Critical Decentralization Cluster habitat (decentral.community/39C3/). All creatures interested in federated messaging welcome!
Petite annonce sympa : J'ai été invité à participer aux Rencontres Hivernales du Libre qui se dérouleront fin janvier à Saint-Cergue, en Suisse.
J'y donnerai une conférence de 1h à propos de XMPP, dont voici le titre et la description :
« XMPP ou comment ne pas réinventer la roue : Messagerie fédérée et sécurisée en 2026 »
----- « Oh non ! La messagerie instantanée que j'utilise vient de se faire racheter par un Venture Capital… C'est la 3eme en 5 ans ! »
Et si au lieu de sauter de produit en produit tous les 2 ans, on utilisait plutôt un protocole fiable, standardisé, qui fonctionne depuis 25 ans et qui fonctionnera encore pendant les 25 prochains sans pouvoir se faire racheter ?
Cette conférence a pour but de présenter XMPP et plus particulièrement ses évolutions ces 5 dernières années : Clients modernes, chiffrement de bout en bout, salons de discussion mais aussi les collectifs et communautés qui le font exister. Venez découvrir la messagerie instantanée que vous n'aurez pas besoin de quitter d'ici 5 ans ! -----
D'ailleurs, si vous connaissez ou avez entendu parler de XMPP, je vous invite à lire le post juste sous celui-ci ↓
Si tu as déjà entendu parler de XMPP ou si tu as déjà utilisé XMPP, je serai intéressé d'avoir un petit retour sur ton expérience.
Si tu en a déjà entendu parler mais jamais essayé :
- Qu'est-ce que tu as entendu à propos de XMPP ? - Est-ce que ça t'as donné envie d'essayer ou non ? - Qu'est-ce qui te fait penser que ça serait fait pour toi ou au contraire pas du tout ?
Si tu as déjà essayé :
- Quelle a été ton expérience ? - En quelle année était ton dernier essai ? - Tu as testé quels clients ?
It's so underrated how, because of the Thailand-Cambodia war, I get to see just how far aflung native Malay speakers can be up north as they each fight with each other's talking points in Malay 💀💀💀 #tootSEA
Ježíšek? V podstatě nuda. V Katalánsku mají "kakací poleno" (Tio de Nadal).
Domů se poleno přinese po 8. prosinci (den Neposkvrněného početí Panny Marie), nazdobí se a přikryje se dekou. Do Vánoc musí děti poleno „krmit“ zbytky jídla a ovocem, aby si tak zajistily dostatečný přísun dárků. Na Štědrý večer nebo Boží Hod pak do polena tlučou klacky a zpívají speciální písně „cagatío“, které mají donutit Tía vykálet dárky pod deku (kam je podstrčí rodiče).
Dárky jsou obecně menší věci, např. sladkosti (turrón), ořechy, sušené fíky a drobnější dárky. Větší a hodnotnější dárky jsou, tak jako v celém Španělsku, přinášeny až 6. ledna Třemi králi.
A tiny human (2?) is hugging Dad around the neck. But wait! He's not a tiny human! He's a BIG SHARK! And he's gonna eat Dad's face! Making mighty munching "UM UM UM" noises as laughter bubbles up from Dad's tummy.
A woman (40s?) is standing by her open car door. Groceries loosely placed on her back seat. A tray of fresh strawberries in her hand. She's got to get her market veges home but first... maybe she should eat some of these strawberries. A small smile as she tries her first one.
A teen (13?) has been given the task of carrying a bunch of asparagus while Mum chooses tomatoes. But wait. This is not asparagus! It's a microphone for broadcasting all of Mum's movements and motivations! Wearing a devilishly cheeky smile. Ducking Mum's swat with a laugh and a yelp.
A man (50s?) in a faded band T-shirt, paint-flecked shorts and boots is quickly striding through the markets while wearing a determined expression. He's got multiple packets of bratwurst sausages in his arms. He's got places to go and things to do. And they most likely involve barbeque.
A woman (18?), the spitting image of a young Joni Mitchell is inspecting a cherry stall. Long blonde hair, a white crochet top, flair jeans and bare feet. She picks up a bag of cherries and looks at it thoughtfully before turning to grin at a nearby busker who grins back.
it's a UI glitch if the please-wait message stays although the chat is usable already. Will be fixed with next release. Otherwise the message indicates that the other side needs to be online a d receive the invite handshake still.
I am 100% likely to recommend @Tutanota as a Gmail replacement. VERY happy with the service. If you're ready to #deGoogle #unGoogle or say #ByeGoogle, this is an excellent and impactful place to start.
Tax wealth — Created by anonymous artist network Brandalism, the action comes ahead of Black Friday, when UK shoppers are expected to spend £6.5 billion as brands run discounted sales of their products.
On this day, two years ago, we published the first chatmail relay, delta.chat/en/2023-12-13-chatm… along with templates to replicate the setup, without needing any permission. Two weeks ago we thought there are 60 relays when a hacker handed in a 100+ list 😂 A bunch of knowledgeable folks are now maintaining track of health of the evolving global network, and supporting new operators. 💜💥🖤
thx also for all the support here on the fediverse! its been a wild year and #39c3 is in 13 days to top it off 😅
Today, we are unveiling chatmail services, making onboarding with Delta Chat a breeze, with peace of mind: Convenience: Get a chatmail address in a few seconds Privacy: No questions asked, no name,...
two quick things 1) my wish list would be able to interface with Delta through ham radio VHF/UHF. Like through an internet gateway. I realize the security concerns. 2) I can't join your mastodon group as I know no one to issue the invitatation.
Account Suspension Notice: Dear TheTechnologicalGenius, We're getting in touch to let you know that your Ramblio account has been temporarily suspended. Based on activity on your account (for example, things said in audio posts or reports from other users), it appears that this account may belong to someone under the age of 18. We don't store your date of birth or age directly, so this decision is based on behaviour, content and/or reports. Ramblio is an audio-first social platform designed for adults. People can share unfiltered conversations and discussions that may include strong language and other mature themes. To keep younger users safe and to meet our legal and policy obligations, accounts for people under 18 aren't allowed. If we have got this wrong, we're genuinely sorry for the inconvenience. You can contact our support team at support@techcake.co.uk and provide any relevant information that shows you are 18 or over so we can review this decision and, if appropriate, restore access to your account. We understand this may be disappointing, and we really appreciate your understanding while we work to keep the community safe. Kind regards, The Ramblio Team.
This message was sent to **************@outlook.com regarding your Ramblio account. If you believe this message was sent in error, please reach out to our support team.
so half of us have to be over 18 just to use ramblio? Sad..., Based on activity on your account (for example, things said in audio posts or reports from other users), it appears that this account may belong to someone under the age of 18. We don't store your date of birth or age directly, so this decision is based on behaviour, content and/or reports.. Again, sad
@delta I just saw that you can now add several relay servers to one account, that's neat! But I remember that accounts get automatically deleted if you don't talk to them for some time, how is that solved for secondary backup relays I might add and never use?
IMAP connections to secondary relays are maintained to receive messages that might arrive there from contacts that don't know yet you have switched to another relay.
ok, nice! So if my main server explodes before I switched, I would have to send all of my contacts a message from the other server to make sure they can contact me?
And secondary question: When will the Flatpack Desktop Version be updated with this feature?
at best follow the support forum where the last 2.33+ release issues are discussed and resolved and announcements happen. Still some road blocks on some of the ~15 store targets, but that's normal. There is always one or another release target making new problems, compliance, build problems or some crash on particular devices. We are trying our best to push it all out :)
@Delta Chat Is it okay to add more relays and keep using the original one as the primary? Once the primary goes down or has a temporary hiccups, can I continue the conversation and replies will be addressed to the backup relay? I am trying to figure out if adding another relay to my account profile is enough or if I should do something else to make my chats more proof to single relay failures.
@pvagner You don't need to keep relays in reserve. It doesn't help right now with the 2.33 releases.
If your current relay goes down, just add a new relay and message your chats. Everybody will use your new relay then.
Early 2026 we work towards another bigger multi-relay release , and then it will make sense to add relays preliminarily, so you won't have to worry about any server breakdown or shutdown, and chatting will just always succeed.
Gut beobachtet. Allerdings nur ein ganz kleiner exemplarischer Ausschnitt des Gesamtbildes der Entwicklung.
Man wäre gut beraten, auf allen Ebenen der Politik auf die Ränder zu schauen. Sie sind mitunter die Vorboten dessen, was sich Jahre später in den Zentren zeigt:
Ein blauer Trabant 500, besetzt mit zwei Uniformierten, pendelte zum Jahrestag der Grenzöffnung zwischen Grenze und Kulturhaus in Lehesten. Nostalgie ersetzt Geschichte.
V tomto oceňuji Nextcloud, kde to všechno dostanu v jednom balíčku a nemusím řešit samostatný server pro každý protokol mojí osobní agendy. Ale přiznávám, že KISS a "Do one thing and do it right" přístup to úplně není. 🙂
@sesivany Postavit si vlastní cloud z těchhle simple věcí je super. Ale to si můžu dovolit tak akorát pro sebe. Pro BFU potřebuju AIO řešení, kam se přihlásej jedním účtem a budou tam mít všechno. 😄 Ono je i tak dost na pytel, že pro kalendář a kontakty v rámci Nextcloudu na Androidu potřebuješ DAVx5. Ale aspoň to má webový UI.
@sesivany @Razemix zatím to vypadá mnohem jednodušší než před 17-18 lety, kdy jsem měl server x86 Linux, desktop PowerPC Mac a dva mobily - jeden s PalmOS a druhý s Windows Mobile. To bylo něco, syncnout to online tak aby sedělo kódování, maximální délky polí a datové typy. Od té doby jsem vlastně vždy syncoval s někým - s BlackBerry, Googlem a teď Applem.
Já asi chápu ten appeal LLMs v tom, že je to interaktivní a máš pocit, že se tvůj problém aktivně řeší. Ale co jsem to v poslední době zkoušel (u problémů, kde jsem si už fakt nevěděl rady), tak je to fakt k ničemu. U jednoho Linux problému to nevědělo vůbec (a házelo to po mně dokola basic debugging steps, který jsem už dávno udělal), u jedný JS knihovny mi to furt cpalo kód pro šíleně outdated verzi, kterej už nefungoval. Když navíc vezmu v potaz, kolik reálně stojí trénování a jednotlivý queries týhle blbosti a že bych to měl platit (až to přestanou dotovat VC fondama), tak velice rád zůstanu u dokumentace a vyhledávače. 😄
@Razemix mně to zase tak marné nepřijde. Záleží na modelu. My máme ve firmě Cursor a Claude Code a ti toho umí fakt hodně. Třeba jsem jim v rámci experimentu předhodil můj migrační skript, ať to přepíše do desktopové aplikace. A ono se to fakt povedlo. Strávil jsem s tím hodiny, protože v kontextu GUI tam vzniknou problémy, které v CLI člověk neřeší, a zároveň jsem chtěl, aby to běželo ve Flatpaku, což některé operace komplikuje. Ale povedlo se. Dnes to dělá, co má, jen to chce vyladit rozhraní a UX. Sám bych to dával dohromady desítky hodin. Samozřejmě to pořád beru jako experiment a nehledím na nějakou dlouhodobou udržitelnost. Tam si myslím, že by mě to doběhlo. Tohle si troufnu poskytovat jen u něčeho, co jsem dal dohromady svými znalostmi a kde u všeho vím (nebo si aspoň po nějakém přemýšlení dokážu vzpomenou), proč to tam je a jak to funguje.
@Razemix ale i u těchto modelů nad tím musí sedět člověk, který tomu rozumí a ví, co chce, protože to často volí nesprávná řešení a když to narazí na slepou uličku, tak to nedokáže ten přístup zahodit a zacyklí se. A pak si fakt myslím, že zkušení vývojáři tam opravdu nebudou mít nějaký nárůst výkonnosti. Oni dokážou programovat tak rychle, že ten vibecoding s dodatečným velkým debugováním je pro ně ve výsledku pomalejší a s horším výsledkem. Já jsem nikdy nebyl denní programátor, znovu a znovu se do toho jazyka musím dostávat a proto píšu pomalu, pro mě tam nárůst rychlosti je velký, ale zároveň jsem si vědom všech těch negativ, takže k tomu mám pořád spíš rezervovaný přístup.
I try not to involve myself with politics, but I just can't say something to this.
Seems I will not be visiting the USA any time soon if this revision to the ESTA system or Form I-94 is actually inacted.
This is the information they will be asking for, if this comes to pass. In particular point I is the most scary:
a. Telephone numbers used in the last five years; b. Email addresses used in the last ten years; c. IP addresses and metadata from electronically submitted photos; d. Family member names (parents, spouse, siblings, children); e. Family number telephone numbers used in the last five years; f. Family member dates of birth; g. Family member places of birth; h. Family member residencies; i. Biometrics—face, fingerprint, DNA, and iris; j. Business telephone numbers used in the last five years; k. Business email addresses used in the last ten years.
"Effective with plan year 2026 all bronze level and catastrophic plans are statutorily now HDHPs and thus HSA compatible. You may get and self-fund an HSA if you have any bronze or catastrophic plan, as well as any plan of any level designated a HDHP."
One amazing thing about 2025 is that, if you start up an Apple product, it forces you to choose between _three different_ window mangers, but if you start up a clean install of a current version of Linux, it just chooses good defaults for you.
Pooja Saxena's INDIA STREET LETTERING includes painted signs, wood signs, neon signs, bus signs, boat signs, food cart signs, signs in 13 different scripts and 17 languages, and signs featuring unusual romanisation of Indian names
Pietervdvn
in reply to Pietervdvn • • •Pietervdvn
in reply to Pietervdvn • • •