Can’t believe it’s been 16 years since I organised the world’s first virtual web conference (it was called <head>, it took place over 3 days, had 4 simultaneous tracks, over 70 speakers, and local in-world conference hubs in London, Manchester, Brigthon, Fribourg, and San Francisco, as well as as pre-conference party and a separate virtual hub in Second Life).
OpenAI updates ChatGPT with a "read aloud" feature supporting 37 languages, allowing it to read its responses out loud, available on the web and mobile apps (Emilia David/The Verge)
https://www.theverge.com/2024/3/4/24090500/chatgpt-openai-voi…
Patreon rolls out a Reddit-like community moderation feature that lets podcasters, artists, writers, and other creators assign community members as moderators (Mia Sato/The Verge)
https://www.theverge.com/2024/4/3/24118984/patreon-…
I just updated https://jws.dev: I added my "Vue Offline Boilerplate" to the projects page
I wrote this app as a common "starter app" for 2-3 other apps that I have kicking around in my head. It uses:
- Vue 3 and the Composition API
- Pinia
- The vite-plugin-pwa plugin
Web-Apps außer Funktion: iOS 17.4 Beta bereitet Entwicklern große Sorge
Mit Beta 2 von iOS 17.4 funktionierten plötzlich Web-Apps nicht mehr auf dem iPhone. Auch Beta 3 bringt keine Besserung. Entwickler fragen sich: Was ist da los?
I just updated https://jws.dev: I added my "Vue Offline Boilerplate" to the projects page
I wrote this app as a common "starter app" for 2-3 other apps that I have kicking around in my head. It uses:
- Vue 3 and the Composition API
- Pinia
- The vite-plugin-pwa plugin
Web 3.0 and Quantum Security: Long-Distance Free-Space QSDC for Global Web 3.0 Networks
Yew Kee Wong, Yifan Zhou, Xinlin Zhou, Yan Shing Liang, Zi Yan Li
https://arxiv.org/abs/2402.09108
While I was initially scared by Canva acquiring Affinity, as it’s what @… and I use, he reminded me that Canva is not a product we hate. If anything this can allow online collaboration functionality.
@… 3. Also related, yet feels somewhat separate: The cool whacky sites out there.
Again, maybe they exist now and we just aren’t sharing them, but I feel like I see a lot less “experiments” on the web. Sites that use HTML, CSS, and JS to just do something cool and unexpected. From playing fart noises to making cool colorful animations. I just don’t see t…
Seems like Reddit isn't quite done sucking. Sometimes I miss aspects of the site, but neither the Web version nor the app are worth using, so it's history to me. Now they are blocking VPN users, because of course they are.
https://news.ycombinator.com/item?id=39883747
“I would argue that in some ways, MT in 2004 was better software than WordPress is TODAY.”
I have done a bunch of freelance work over the years and I’ve always stayed away from WordPress - a WP installation always ends with installing a bunch of plugins that don’t quite work together, and you get a fragile mess that breaks if you look at it wrong.
#WebDev
gonna tell my kids web 3 was just web 2 with rounder corners
there's probably other DHT-like tables besides the standard XOR metric that torrents use.
like, if you're literally doing web-of-trust stuff, small network stuff applies right?
high clustering coefficient, low path length?
so something that's good at getting you a good-enough path length of the local group is probably fine. Doesn't need to be global.
could probably still have the exponential backoff drop. or maybe faster?
distance tables:
direct friends
friend 1 (store all)
friend 3 (store... half?)
friend 7 (store... a quarter? an eighth?)
friend 15 (there's a lot here, store few)
https://web.stanford.edu/class/cs124/lec/socialnetworks21.pdf
Freshness-aware Block Propagation Optimization in 6G-based Web 3.0: An Evolutionary Game Approach
Jinbo Wen, Jiawen Kang, Zehui Xiong, Hongyang Du, Zhaohui Yang, Dusit Niyato, Meng Shen, Yutao Jiao, Yang Zhang
https://arxiv.org/abs/2403.12807
Data to view after voting, see above post
I found lots of websites (¹ ² ³ ⁴) claiming the correct answer is "specced" and only two (Merriam-Webster and Dictionary.com) that referred to the punctuated "spec'd", naming it as an alternative to "specced" with the same pronunciation. (Dictionary.com also named "specking" as a second alternative. I found nothing referring solely to "spec'd".)
However, Google Books Ngram Viewer has "spec'd" as the most common printed form until recently. Continuing the trend past 2019, "specced" should now have a narrow lead. In British English books (not shown), it overtook "spec'd" in 1997 and began a commanding lead in 2010.
Google web searches put "specced" at 3.01M results and "spec'd" at 8.69M, though almost all of the hits refer to "Spec-D" headlights. This is one major advantage of the Ngram Viewer, which doesn't trip over differing punctuation types (it shows "spec-d" at a trickle). It might be more fair to compare "specced out" (348k) with "spec'd out" (739k)
#PhanpySocial changelog ✨
🌪️ Keyword filters UI
📝 Allow ‘Lists’ in Shortcuts (except multi-column view)
🖋️ Edit Profile (only name, bio & extra fields)
🐛 Bug fixes
For upcoming Mastodon v4.3 :
🪣 Filtered notifications
https://docs.strapi.io/dev-docs/intro
Nice system for doing headless web content management.
Simple integration to the usual single page application frameworks.
For those enterprises or use cases where is no budget or strategic need for systems like Adobe Experience Manager or…
#Google search results are so shitty lately that, for example, searching for a thing (a keytar named "alesis vortex") it shows 8 ads and, after these, as the 4th result, the web page of the product.
In case you are curious, #Duckduckgo shows, mostly, results involving the web page…
Knapp 3,3 Milliarden Euro will #Microsoft in den kommenden zwei Jahren in #Deutschland investieren, um seine Rechenzentrumskapazitäten für Anwendungen im Bereich künstlicher Intelligenz #KI und beim
I’m very concerned about Apple breaking the web by intentionally removing PWA features in the EU.
If we assume good intentions and the root issue is merely one of regulatory deadlines—an almost $3 trillion (USD) market cap company would make a plan to work with third-party browsers to add that compatibility back in (or at the very least provide APIs for others to do so).
But as far as I can tell they’re just removing the feature (only in the EU??) with no plan at all to add it ba…
Truth.
PHP gets frowned upon a lot but mostly by people who need 3 times the amount of time to ship something with their fancy new tech.
Personally I don't use PHP for bigger stuff but it's a language that's really fun to prototype web stuff in.
https://social.treehouse.systems/@bodi
Google, Apple, Mozilla, and Microsoft release Speedometer 3.0, a benchmark to "create a shared understanding of web performance", after Speedometer 2.0 in 2018 (Abner Li/9to5Google)
https://9to5google.com/2024/03/11/speedometer-3-0/
I particularly enjoyed Section 3, explaining all the things characters are not (necessarily): units of aural rendering, units of visual rendering, units of input, units of collation, units of storage.
Character Model for the World Wide Web 1.0: Fundamentals
https://www.w3.org/TR/charmod/#sec-Percept…
Que la web de El Tiempo (punto) es pide 3,99€ al mes por que no comercien con las cookies y tu información revendiéndolas a 897 empresas.
Google, Apple, Mozilla, and Microsoft release Speedometer 3.0, a benchmark to "create a shared understanding of web performance", after Speedometer 2.0 in 2018 (Abner Li/9to5Google)
https://9to5google.com/2024/03/11/speedometer-3-0/
Elk is a good example of a mastodon client that has not the most functionality but is just very nice to use. Easy, fast, small.
#Elk
Sorry, but the whole “We’ll make our own browser! With Blackjack & hookers!” crowd feels an awful lot like the Web 3 “DAOs are the Future”, and, well, guess how that went.
Helping write code doesn’t make Firefox rich. It makes the browser better and frees up folk to work on the backlog. Plus management can’t dictate what you work on.
Grab a bug or two. It’ll be just like working on a public fork, because the code is public, and you can fork it.
#PhanpySocial changelog ✨
🌪️ Keyword filters UI
📝 Allow ‘Lists’ in Shortcuts (except multi-column view)
🖋️ Edit Profile (only name, bio & extra fields)
🐛 Bug fixes
For upcoming Mastodon v4.3 :
🪣 Filtered notifications
Knapp 3,3 Milliarden Euro will #Microsoft in den kommenden zwei Jahren in #Deutschland investieren, um seine Rechenzentrumskapazitäten für Anwendungen im Bereich künstlicher Intelligenz #KI und beim
Microsoft launches Copilot Pro worldwide with a one-month free trial; Pro subscribers can use the AI assistant in Office web apps without a Microsoft 365 sub (Tom Warren/The Verge)
https://www.theverge.com/2024/3/14/24100993/microsoft-copilot-pr…
Over the next 15 years we will spend $3 Trillion on highway expansions and maintenance in the United States
With 2.5% of that funding Amtrak will deliver their vision of adding 39 new routes and enhancing 25 routes!
Imagine what Amtrak could do with 5% of the highway budget?
Holi queridos. En la web de Xiaomi tenéis de oferta el Redlmi Note 12 por 99€, en su versión 4g.
No tiene 5g, pero monta una pantalla amoled de 120hz, tiene doble sim, jack de 3'5, NFC, trae funda y cargador de 33W.
Y tiene disponibles custom rom para huir de miui.
Elk is a good example of a mastodon client that has not the most functionality but is just very nice to use. Easy, fast, small.
#Elk
My current take on the #xz situation, not having read the actual source backdoor commits yet (thanks a lot #Github for hiding the evidence at this point...) besides reading what others have written about it (cf. #rustlang for such central library dependencies would maybe (really big maybe) have made it a bit harder to push a backdoor like this because - if and only if the safety features are used idiomatically in an open source project - reasonably looking code is (a bit?) more limited in the sneaky behavior it could include. We should still very much use those languages over C/C for infrastructure code because the much larger class of unintentional bugs is significantly mitigated, but I believe (without data to back it up) that even such "bugdoor" type changes will be harder to execute. However, given the sophistication in this case, it may not have helped at all. The attacker(s) have shown to be clever enough.
6. Sandboxing library code may have helped - as the attacker(s) explicitly disabled e.g. landlock, that might already have had some impact. We should create better tooling to make it much easier to link to infrastructure libraries in a sandboxed way (although that will have performance implications in many cases).
7. Automatic reproducible builds verification would have mitigated this particular vector of backdoor distribution, and the Debian team seems to be using the reproducibility advances of the last decade to verify/rebuild the build servers. We should build library and infrastructure code in a fully reproducible manner *and* automatically verify it, e.g. with added transparency logs for both source and binary artefacts. In general, it does however not prevent this kind of supply chain attack that directly targets source code at the "leaf" projects in Git commits.
8. Verifying the real-life identity of contributors to open source projects is hard and a difficult trade-off. Something similar to the #Debian #OpenPGP #web-of-trust would potentially have mitigated this style of attack somewhat, but with a different trade-off. We might have to think much harder about trust in individual accounts, and for some projects requiring a link to a real-world country-issued ID document may be the right balance (for others it wouldn't work). That is neither an easy nor a quick path, though. Also note that sophisticated nation state attackers will probably not have a problem procuring "good" fake IDs. It might still raise the bar, though.
9. What happened here seems clearly criminal - at least under my IANAL naive understanding of EU criminal law. There was clear intent to cause harm, and that makes the specific method less important. The legal system should also be able to help in mitigating supply chain attacks; not in preventing them, but in making them more costly if attackers can be tracked down (this is difficult in itself, see point 8) and face risk of punishment after the fact.
H/T @… @… @… @… @…
昨日は (今日もだけど) 体調が悪くて、午後帰宅してそのままベッドで横になった。そしたら朝からつけっ放しだった NHKラジオ第1 で阪神 - 中日戦を中継してて。試合は 7回表。戦況をなかなか言わないので Web で速報を見たら、10 - 2 で中日が負けてる!
そこから更に点を取られて、中日ファンのカフェのご主人の SNS を恐る恐る除いたら「なんだこりゃ?」と一行。...胸が痛い。最終的に 15 - 2 で阪神が圧勝。そして今日も 3 - 0 で阪神の勝ち。...で、夕方ちょっと体調が持ち直したので、中日ファンのご主人のカフェへお邪魔して話が盛り上がる。
野球の話しで盛り上がっている自分に我乍ら驚き。そしてラジオの野球中継も、解説は今中慎二だったけど本当に面白かった。阪神の岡田監督も素晴らしい。ちょっとしたチャンスを必ず得点に繋げる感じ。...これから野球ファンになるかも?
👀 Looks like the new (upcoming) mute confirmation dialog design on Mastodon also changed the mute durations from "5 mins, 30 mins, 1 hour, 6 hours, 1 day, 3 days, 7 days" to "24 hours, 7 days, 30 days" https://git…
Teleoscope: Exploring Themes in Large Document Sets By Example
Paul Bucci, Leo Foord-Kelcey, Patrick Yung Kang Lee, Alamjeet Singh, Ivan Beschastnikh
https://arxiv.org/abs/2402.06124
Algorithmic Misjudgement in Google Search Results: Evidence from Auditing the US Online Electoral Information Environment
Brooke Perreault, Johanna Lee, Ropafadzo Shava, Eni Mustafaraj
https://arxiv.org/abs/2404.04684
Looking at the beautiful standard for "normal-gauge traction vehicles, classification and marking", I'd like to point out one more historical curiosity.
Electric multiple units are classified as designed "for local and suburban traffic, on lines with low and high platforms" (EN) and "for suburban traffic, on lines with high platforms" (EW) [1].
Let's note that the standard dates back to a time when high-floor railcars were a norm. According to Wikipedia, EN57's "floor is 1153 mm above top of rail" [2]. For these EMUs, the difference between "high-platform" and "low-platform" units boiled down to the latter having stairs leading down. So both kinds of units could be used on high-platform lines.
Most of the modern EMUs are low-floor, and are not suitable for high platforms. Therefore, they technically do not meet the definition for "EN" marking. For example, the Newag Impuls trains ordered by SKM Trójmiasto (the urban train operator) had their train floor height specially raised to 960 mm ATR [3].
[1] #rail
Meta rolls out real-time AI image generation, which changes the image as the user types a prompt, in beta on WhatsApp and Meta AI on the web in the US (Emma Roth/The Verge)
https://www.theverge.com/2024/4/18/24134079/meta-real-time-ai-image-…
My current take on the #xz situation, not having read the actual source backdoor commits yet (thanks a lot #Github for hiding the evidence at this point...) besides reading what others have written about it (cf. #rustlang for such central library dependencies would maybe (really big maybe) have made it a bit harder to push a backdoor like this because - if and only if the safety features are used idiomatically in an open source project - reasonably looking code is (a bit?) more limited in the sneaky behavior it could include. We should still very much use those languages over C/C for infrastructure code because the much larger class of unintentional bugs is significantly mitigated, but I believe (without data to back it up) that even such "bugdoor" type changes will be harder to execute. However, given the sophistication in this case, it may not have helped at all. The attacker(s) have shown to be clever enough.
6. Sandboxing library code may have helped - as the attacker(s) explicitly disabled e.g. landlock, that might already have had some impact. We should create better tooling to make it much easier to link to infrastructure libraries in a sandboxed way (although that will have performance implications in many cases).
7. Automatic reproducible builds verification would have mitigated this particular vector of backdoor distribution, and the Debian team seems to be using the reproducibility advances of the last decade to verify/rebuild the build servers. We should build library and infrastructure code in a fully reproducible manner *and* automatically verify it, e.g. with added transparency logs for both source and binary artefacts. In general, it does however not prevent this kind of supply chain attack that directly targets source code at the "leaf" projects in Git commits.
8. Verifying the real-life identity of contributors to open source projects is hard and a difficult trade-off. Something similar to the #Debian #OpenPGP #web-of-trust would potentially have mitigated this style of attack somewhat, but with a different trade-off. We might have to think much harder about trust in individual accounts, and for some projects requiring a link to a real-world country-issued ID document may be the right balance (for others it wouldn't work). That is neither an easy nor a quick path, though. Also note that sophisticated nation state attackers will probably not have a problem procuring "good" fake IDs. It might still raise the bar, though.
9. What happened here seems clearly criminal - at least under my IANAL naive understanding of EU criminal law. There was clear intent to cause harm, and that makes the specific method less important. The legal system should also be able to help in mitigating supply chain attacks; not in preventing them, but in making them more costly if attackers can be tracked down (this is difficult in itself, see point 8) and face risk of punishment after the fact.
H/T @… @… @… @… @…
昨日は (今日もだけど) 体調が悪くて、午後帰宅してそのままベッドで横になった。そしたら朝からつけっ放しだった NHKラジオ第1 で阪神 - 中日戦を中継してて。試合は 7回表。戦況をなかなか言わないので Web で速報を見たら、10 - 2 で中日が負けてる!
そこから更に点を取られて、中日ファンのカフェのご主人の SNS を恐る恐る除いたら「なんだこりゃ?」と一行。...胸が痛い。最終的に 15 - 2 で阪神が圧勝。そして今日も 3 - 0 で阪神の勝ち。...で、夕方ちょっと体調が持ち直したので、中日ファンのご主人のカフェへお邪魔して話が盛り上がる。
野球の話しで盛り上がっている自分に我乍ら驚き。そしてラジオの野球中継も、解説は今中慎二だったけど本当に面白かった。阪神の岡田監督も素晴らしい。ちょっとしたチャンスを必ず得点に繋げる感じ。...これから野球ファンになるかも?
昨日は (今日もだけど) 体調が悪くて、午後帰宅してそのままベッドで横になった。そしたら朝からつけっ放しだった NHKラジオ第1 で阪神 - 中日戦を中継してて。試合は 7回表。戦況をなかなか言わないので Web で速報を見たら、10 - 2 で中日が負けてる!
そこから更に点を取られて、中日ファンのカフェのご主人の SNS を恐る恐る除いたら「なんだこりゃ?」と一行。...胸が痛い。最終的に 15 - 2 で阪神が圧勝。そして今日も 3 - 0 で阪神の勝ち。...で、夕方ちょっと体調が持ち直したので、中日ファンのご主人のカフェへお邪魔して話が盛り上がる。
野球の話しで盛り上がっている自分に我乍ら驚き。そしてラジオの野球中継も、解説は今中慎二だったけど本当に面白かった。阪神の岡田監督も素晴らしい。ちょっとしたチャンスを必ず得点に繋げる感じ。...これから野球ファンになるかも?
Credential Control Balance: A Universal Blockchain Account Model Abstract From Bank to Bitcoin, Ethereum External Owned Account and Account Abstraction
Huifeng Jiao, Dr. Nathapon Udomlertsakul, Dr. Anukul Tamprasirt
https://arxiv.org/abs/2402.10616
Credential Control Balance: A Universal Blockchain Account Model Abstract From Bank to Bitcoin, Ethereum External Owned Account and Account Abstraction
Huifeng Jiao, Dr. Nathapon Udomlertsakul, Dr. Anukul Tamprasirt
https://arxiv.org/abs/2402.10616