ve never seen a software distribution mechanism as careless and sloppy as NPM. Bazillions of dependencies and no signing of packages. [ ... ]

Rust's cargo packaging system is almost exactly the same way. And the last time I looked, Go's packaging was very similar. And package signing won't help if the maintainer's key/cert has been exfiltrated and cracked.

This is what you get when you embrace DLL Hell -- the idea that you should pin your program to a single specific revision of a library, rather than, y'know, doing the engineering work to ensure that, as an app author, you're relying only on documented behavior; and, as a library author, to be responsible for creating backward compatibility for old apps linking to old entry points. Sticking to that principle lets you update shared system libraries with the latest enhancements and bug fixes, while remaining relatively sure none of the old clients will break.

"Sometimes you have to break backward compatibility." Agreed, but the interval between those breaks should be measured in years, not days.

Plus, brains don't process colors! They process light waves. Color doesn't exist in the outside world, light waves do. Color is a relation between the world and a brain.

These kinds of brain studies are common and they suffer from a subtle problem. When you train an ML model on brain activity from 15 people, the classifier works for those 15 people. It usually does not generalize. Train the model on a different set of 15 people and get different results. Yet the researchers make claims that they've found the elusive brain signature for color or whatever they're looking for. This approach reflects a basic misunderstanding of machine learning.

Previous comments have been drawing analogies to Black Mirror, but this "idea" goes back much further...

...This is an episode of Max Headroom (US version).

Specifically, S02E02: "Deities." A company claims to be able to bring past loved ones back to "life" as an AI, for a modest recurring fee. But Bryce (the creator of Max Headroom) opines they can't possibly have the compute power to do it, as it requires a large mainframe just to run Max's highly flawed, glitching bust.

Wouldn't surprise me if the "visionaries" behind this saw that episode, and saw an opportunity to fleece gullible rubes.

Note that this study doesn't create any sort of "universal" brain-to-text capability. It's tuned to the three specific individuals in the study. A fourth person's brain activity would just be noise. If you and I think of a rubber duck, our brain activity does not look similar.

Thankfully, he was mostly wrong...

Um, when was the last time you stayed at a hotel?

There's a microprocessor in every doorknob.

I'm self-hosting Vaultwarden on my LAN, a Bitwarden-compatible backend written in Rust. I have it running inside a jail on TrueNAS Core (which, alas, is now end-of-life). It hosts its own Web interface, but also is compatible with Bitwarden's Android app and browser plugins.

So far, it's worked out pretty well for me.

...Because no one uses Edge.

Clearly you have never worked in a large corporate environment that has shackled itself to the entire Micros~1 ecosystem -- Office, Outlook, Exchange, OneDrive, Teams, Engage, SharePoint... The whole ball of earwax.

One notable fact that's missing from many of his obituaries. A few years ago, Lehrer released all his lyrics and music into the public domain. This is rare in the music industry. You can download lyrics and scores from https://tomlehrersongs.com./

I thought that's what the front page was. It keeps wasting space with things I'm not interested in, or actively dislike.

New Video from The Primagen!
<block channel>

NotAIHonestly Gets Rare Interview with The Primagen!
<block channel>

FrierenFan04 Reacts to !AIH's Interview with Primagen!
<smashes keyboard>

HBO Max has been rebranded as HBO Max Headroom.

Never mind that wearables are notoriously inaccurate. Try wearing several brands simultaneously. (We have.) They give wildly different results for how many steps you've walked, how much sleep you've had, etc.

The manufacturers also push pseudoscience, like claiming to detect your stress level from your heart rate. Duh. Hearts beat at various rates for all kinds of reasons.

This is how I've come to understand it. I welcome any and all corrections.

Passkeys are a cryptographic key stored in a Secure Element. This is usually a private key inside a small cryptographic engine. You feed it some plaintext along with the key ID, and it encrypts it using that key. The outer software then decrypts the ciphertext using the public key. If the decrypted text matches the original plaintext, then that proves you're holding a valid private key, and authentication proceeds.

The private key can be written to and erased from the Secure Element, but never read back out. All it can do is perform operations using the secret key to prove that it is indeed holding the correct secret key.

On phones, the Secure Element is in the hardware of your handset. On PCs, this is most often the TPM (Trusted Platform Module) chip. In both cases, the platform will ask for your PC's/phone's password/fingerprint/whatever before forwarding the request to the Secure Element.

Yubikeys can also serve as a Secure Element for Passkeys; the private key is stored in the Yubikey itself. Further, the Yubikey's stored credentials may be further protected with a PIN, so even if someone steals your Yubikey, they'll still need to know the PIN before it will accept and perform authentication checks. You get eight tries with the PIN; after that, it bricks itself.

The latest series 5 Yubikeys can store up to 100 Passkeys, and Passkeys may be individually deleted when no longer needed. Older series 5 Yubikeys can store only 25 Passkeys, and can only be deleted by erasing all of them.

Theoretically, you can have multiple Passkeys for a given account (one for everyday access; others as emergency backups). Not all sites support creating these, however.