dblitt

Born on July 22, 2022•827 Karma

About Submitted Comments Favorites

dblitt•

5 months ago

•on: It's hard to justify Tahoe icons

Make sure to keep a backup of your Sequoia install

dblitt•

11 months ago

•on: You Are in a Box

Looks like it checks for the referrer in main.js and adds the uppercase text-transform if you come from HN:

  let host;
  if (document.referrer) { host = (new URL(document.referrer)).host; }
  if (host === "news.ycombinator.com" || host === "lobste.rs") {
    let style = document.createElement('style');
    // let transform = host === "lobste.rs" ? 
    style.textContent = `
      body { text-transform: uppercase; }
      pre, code { text-transform: none; }
    `;
    document.head.appendChild(style);
    console.log("HN readers clearly can't handle the typing habits of the average trans girl.");
    return;
  }

Centigonal•

11 months ago

Sounds like the author got called out for not capitalizing the start of her sentences[1] and decided that, if HN readers want capital letters, they will get them.

[1] https://news.ycombinator.com/item?id=39027187

Minor49er•

11 months ago

Which is funny because if you engage Reader Mode in the browser, everything becomes proper except sentences, which still start with lowercased letters for some reason. Names are still properly capitalized. It's truly bizarre

packetslave•

11 months ago

It's a less... dramatic... version of what happens when HN links to JWZ's blog.

DonHopkins•

11 months ago

But where's the testicle in an egg cup?

dblitt•

on June 7, 2025

•on: BorgBackup 2 has no server-side append-only anymor...

It seems the suggested solution is to use server credentials that lack delete permissions (and use credentials that have delete for compacting the repo), but does that protect against a compromised client simply overriding files without deleting them?

ThomasWaldmann•

on June 8, 2025

no-delete disallows any kind of deleting information, that includes object deletion and object overwriting.

throwaway984393•

on June 7, 2025

No. Delete and overwrite are different. You need overwrite protection in addition to delete protection. The solution will vary depending on the storage system and the use case. (The comment in the PR is not an exhaustive description of potential solutions)

qeternity•

on June 7, 2025

Append-only would imply yes. There is no overwriting in append-only. There is only truncate and append.

mosselman•

on June 7, 2025

You have misread I think.

There used to be append-only, they've removed it and suggest using a credential that has no 'delete' permission. The question asked here is whether this would protect against data being overwritten instead of deleted.

ThomasWaldmann•

on June 8, 2025

Yes, it also disallows overwriting.

dblitt•

on Dec 17, 2024

•on: Microsoft Confirms Password Deletion for 1B Users

Yes, its called "hybrid transport", and its a flow where a laptop presents a QR code to a mobile phone, who then sets up a BLE connection for one time use of the passkey.

https://www.corbado.com/blog/webauthn-passkey-qr-code

(Not sure how the "cloud assisted" part of caBLE works)

nottorp•

on Dec 17, 2024

So... you need to carry two electronic devices for this so-called security solution?

helloooooooo•

on Dec 17, 2024

No… you can also sync with iCloud Passwords, or use a hardware token, like a Yubikey.

nottorp•

on Dec 17, 2024

So a Yubikey is not an electronic device that you need to carry?

iCloud Passwords don't run on an iPhone that is an electronic device that you need to carry?

Those electronic devices that you mention don't each store the keys in a proprietary format and you can't access them without the vendor's cooperation - i.e. vendor lock in?

jesseendahl•

on Dec 19, 2024

>Those electronic devices that you mention don't each store the keys in a proprietary format and you can't access them without the vendor's cooperation - i.e. vendor lock in?

Passkey portability is being worked on. Here is the draft of the open standard:

https://github.com/fido-alliance/credential-exchange-feedbac...

News article: https://www.theverge.com/2024/10/15/24270875/password-manage...

Kwpolska•

on Dec 18, 2024

BLE seems to be a different way to authenticate than QR codes. Desktop computers may often not have Bluetooth chips.

dblitt•

on Dec 4, 2024

•on: Apple Releases iCloud Passwords Add-On for Firefox

Note that this requires native iCloud support on the host machine, so macOS or the iCloud app on Windows (no Linux support)

highwaylights•

on Dec 5, 2024

I'm hearing mixed information about whether this even works on Windows (I've been told the Firefox version of the extension only works for macOS, not sure how correct this is).

beretguy•

on Dec 5, 2024

> no Linux support

Yeah, that makes it useless to me.

dblitt•

on Nov 18, 2024

•on: Reverse Engineering iOS 18 Inactivity Reboot

Does anyone have insight into why Apple encrypts SEP firmware? Clearly it’s not critical to their security model so maybe just for IP protection?

jonpalmisc•

on Nov 18, 2024

They have a long history of encrypting firmware. iBoot just stopped being decrypted recently with the launch of PCC, and prior to iOS 10 the kernel was encrypted too.

The operating theory is that higher management at Apple sees this as a layer of protection. However, word on the street is that members of actual security teams at Apple want it to be unencrypted for the sake of research/openness.

saagarjha•

on Nov 18, 2024

Someone high up is an idiot presumably

dblitt•

on Sept 9, 2024

•on: iPhone 16 Pro and iPhone 16 Pro Max

Notably, only the pro models support USB 3. The base 16/16 plus are still on USB 2. This hasn't changed from the 15 lineup when they switched to USB-C.

unsnap_biceps•

on Sept 9, 2024

what do you use that usb 3 speeds matter? The only thing ever plugged into my phones port is a charger.

aucisson_masque•

on Sept 9, 2024

I have a bad wired internet connection and use my phone to download anything over 1gb. takes 2 minutes instead of 2 hours.

also use it as a portable usb stick. when you are transfering stuff over 10gb, usb 3 is very very usefull.

Aaargh20318•

on Sept 9, 2024

Wouldn’t it be easier to simply fix your ethernet wiring (or just use wifi) than to sneakernet large files using your phone?

aucisson_masque•

on Sept 9, 2024

No it's the internet connection, 1gb takes two hour to download in perfect condition. Not complaining tho. There are many part of the world where you rely on your phone for internet and to download stuff and then use the computer for excel or to watch movies you downloaded.

fragmede•

on Sept 9, 2024

if they can only get eg DSL at their location, how would they fix that?

lucb1e•

on Sept 10, 2024

LTE modem

Not saying they should: using existing hardware to solve one's problem is perfectly legitimate; just saying there's other hardware out there than Apple devices

_ph_•

on Sept 9, 2024

They said that the iPhone can record video directly to external storage, so you would need the faster USB speed for that. Quite a nice feature for productions which use the iPhone for professional video.

baq•

on Sept 9, 2024

Same thing you use prores log video for.

dbbk•

on Sept 9, 2024

How curious that they would save it for... the pro model, then

kowbell•

on Sept 10, 2024

May be worth noting that ProRes is entirely unrelated to “Pro” phones (and predates them by over a decade if I read correctly.)

dblitt•

on Aug 28, 2024

•on: FCast: Casting Made Open Source

Could this end up on an embedded smart tv device, like a Roku?

hiatus•

on Aug 28, 2024

They have an android receiver package available: https://gitlab.futo.org/videostreaming/fcast/-/tree/master/r...

koen31•

on Aug 30, 2024

FCast engineer here. Yes it will come to Roku.

dblitt•

on March 21, 2024

•on: US sues Apple for illegal monopoly over smartphone...

dupe: https://news.ycombinator.com/item?id=39778999

dblitt•

on Feb 5, 2024

•on: .NET on Linux: What a Contrast

What extensions are you using for C# on code-server? AFAIK the official C# extensions from Microsoft (C# base and dev kit) aren’t licensed for non-vscode use.

VikingCoder•

on Feb 5, 2024

Well, I think I'm doing the dumbest thing possible, which is just running code-server with not many extensions...

I'm using code-server as a dumb text editor, akin to using notepad.exe back in the day.

But I'm honestly very comfortable with that. Especially for the kind of code I'm writing.