--- blogpost: true date: 18.11.2024 author: Tobias location: Ori category: links, 2024 tags: links, 2024 language: Deutsch --- # Links für 2024 KW 46 Meine To-Read Liste, Zusammengefasst von [LlongOrca](https://huggingface.co/TheBloke/LlongOrca-13B-16K-GGUF). ------------- **[Fefes Blog](https://blog.fefe.de/?ts=99ccc8dc):** The article criticizes Infineon and Yubikey for their lack of secure software, pointing out that Infineon has a history of poor security practices, including undisclosed vulnerabilities, and Yubikeys with outdated firmware. The author believes that there is no real interest in producing secure products and questions the motives behind certifications and compliance processes. They emphasize that hardware-level security is just as problematic as software-level security. ------------- **[Fefes Blog](https://blog.fefe.de/?ts=99cb1ddd):** OpenAI, Google, and Anthropic are having difficulties in building more advanced AI systems due to the lack of high-quality human-made training data. The increasingly difficult search for new sources of such data has led these companies to shift their focus towards newer use cases, including AI tools called agents that can perform tasks like booking flights or sending emails on a user's behalf. However, there are concerns regarding the effectiveness and sustainability of this approach, as it may not address core issues in the development of advanced AI systems. ------------- **[How Public Key Cryptography Really Works, Using Only Simple Math](https://www.quantamagazine.org/how-public-key-cryptography-really-works-20241115/):** The security system underlying the internet relies on public key cryptography, which uses two keys: one to scramble a message and another to unscramble it. This technique makes use of mathematical puzzles called trapdoor functions, which are easy to compute in one direction but difficult to reverse. Public key cryptography was first discovered by British mathematicians between 1970-1974 but only became widely implemented after the RSA algorithm was developed in 1977. While computers have made public key cryptography more secure, quantum computing poses a threat to its security as it can efficiently reverse trapdoor functions that underlie most current public key cryptography systems. ------------- **[Why you're bad at giving feedback - PostHog](https://posthog.com/newsletter/how-to-give-feedback):** The article discusses the importance of providing useful, actionable feedback in the workplace, focusing on being honest without discouraging the recipient. It emphasizes being direct and specific when offering criticism, anchoring feedback in examples and observations, and avoiding excessive compliments or sandwich-style criticism. The article also suggests scheduling regular 1-on-1 meetings for feedback sessions, using project retrospectives to discuss team improvements, and allocating time for celebrations in addition to areas of improvement during team meetings. ------------- **[TSMC cannot make 2nm chips abroad now: MOEA - Taipei Times](https://www.taipeitimes.com/News/biz/archives/2024/11/08/2003826545):** Taiwan Semiconductor Manufacturing Co (TSMC) cannot produce 2-nanometer chips abroad due to technology protection rules in Taiwan, according to Minister of Economic Affairs J.W. Kuo. TSMC is planning to make 2-nanometer chips overseas but its core technology will remain in Taiwan. The company has also expressed concerns over potential tariff hikes under former US president Donald Trump's administration. ------------- **[A Case Against the Placebo Effect](https://carcinisation.com/2024/11/13/a-case-against-the-placebo-effect/):** The article discusses the placebo effect and its perceived healing power. It begins by examining why placebos were initially believed to be effective, highlighting misunderstandings about natural improvement and the role of time in disease progression. The author then contrasts randomized controlled trials with no-treatment arms, showing that the placebo effect is minimal compared to natural improvement or regression to the mean. The article also explores the concept of "open-label placebos" and how they can induce a placebo response even when subjects know they are receiving an inert substance. However, it emphasizes that these responses are still subjective and influenced by factors such as politeness and roleplay. Brain imaging studies are discussed, suggesting that some brain responses to placebos may be under voluntary control, similar to the sustained late Positive Potential (LPP) in EEG. The author questions whether these findings truly represent an objective placebo effect or merely reflect subjects' ability to influence their own brain activity. The article then delves into the controversial issue of opioid antagonists and their supposed role in reducing the placebo effect. It presents conflicting evidence from different studies, casting doubt on the reliability of this phenomenon. The author concludes that large, pre-registered multi-center replication attempts are needed to confirm or refute these effects. Finally, the article touches upon animal models of placebo analgesia and their limitations. It suggests that while some animals may learn to associate cues with less pain, the replicability of such findings is poor. The author also criticizes research fields like marketing for producing large, implausible placebo effects, often indicative of questionable research practices or fraud. In conclusion, the article argues that the "placebo effect" is not a real healing effect but rather a product of response bias and misunderstanding. It emphasizes the importance of blinding in research designs to prevent this bias from influencing outcomes. ------------- **[login.php](https://m.facebook.com/login.php?next=https%3A%2F%2Fm.facebook.com%2Fstory.php%3Fstory_fbid%3D10159934131461514%26id%3D520846513&refsrc=deprecated&_rdr):** The article provides information on how to log in or sign up for Facebook, as well as links to various Facebook features like Messenger, Meta Pay, Marketplace, Instagram, and more. It also explains the purpose of cookies used by Facebook and allows users to manage their cookie settings. ------------- **[tesla-has-highest-fatal-accident-rate-of-all-auto-brands-study](https://www.roadandtrack.com/news/a62919131/tesla-has-highest-fatal-accident-rate-of-all-auto-brands-study/):** The article reports that a recent study by iSeeCars has found Tesla vehicles to have the highest fatal accident rate among all car brands in America. This is based on data from the U.S. Fatality Analysis Reporting System (FARS) and focuses on crashes between 2017 and 2022 that resulted in occupant fatalities. Tesla vehicles had a fatal crash rate of 5.6 per billion miles driven, with Kia and Buick following closely behind. The study suggests that driver behavior and driving conditions contribute to the higher accident rates, rather than any inherent design flaws within the vehicles themselves. ------------- **[Elsevier may wish they had checked the revision a bit more carefully](https://news.ycombinator.com/item?id=42125903):** This article discusses a situation where an author, Alex V. Trukhanov, has been publishing a high number of papers per year with a significant amount of citations in comparison to the number of citing papers. It is suggested that either he is a giant and seminal figure in their field or involved in citation manipulation. The article also mentions a Sergei V Trukhanov on many artificially cited papers. While it highlights the potential for abuse, such as "cash-for-citations" schemes, it does not provide enough context to determine if this particular case is an example of that or another form of academic misconduct. ------------- **[Your Standing Desk Might Actually Be as Bad as Sitting All Day](https://www.sciencealert.com/your-standing-desk-might-actually-be-as-bad-as-sitting-all-day):** A new study from Australia and the Netherlands suggests that standing for long periods may not be much better than sitting, as it comes with its own life-threatening risks. The researchers found no association between time spent standing and the risk of cardiovascular disease but found an increased risk of circulatory diseases. Standing more than two hours a day raised the risk by 11 percent for every extra half hour, which is bad news for retail workers and the standing desk industry. The researchers concluded that standing alone should not be considered a cure-all for sedentary lifestyles and should be mixed with other forms of activity to keep the body moving. ------------- **[Title:Why is it so hard to find a job now? Enter Ghost Jobs](https://arxiv.org/abs/2410.21771):** This study examines "ghost hiring" or "ghost jobs", where employers post job openings without actually intending to fill them. Using a dataset from Glassdoor, the LLM-BERT technique found that up to 21% of job ads may be ghost jobs, particularly in specialized industries and larger firms. Ghost hiring could be driven by low marginal costs of posting additional job ads or maintaining a pipeline of talent. After adjusting for annual trends, the study shows that ghost jobs contribute to the recent disconnect in the Beveridge Curve over the past fifteen years. This practice leads to job fatigue and distorts market signals, suggesting policy-makers should be aware of it. ------------- **[When muscles work out, they help neurons to grow, a new study shows](https://news.mit.edu/2024/when-muscles-work-out-they-help-neurons-grow-1112):** MIT engineers have found that exercise can have benefits at the level of individual neurons by releasing biochemical signals called myokines. Myokines cause neurons to grow four times farther than those not exposed to myokines, suggesting a significant biochemical effect on nerve growth. Additionally, researchers discovered that neurons respond not only to the biochemical signals of exercise but also to its physical impacts. This study is the first to show that physical effects can be just as important for nerve growth. These findings could inform exercise-related therapies for repairing damaged and deteriorating nerves. ------------- **[GOG’s Preservation Program is the DRM-free store refocusing on the classics](https://arstechnica.com/gaming/2024/11/gogs-preservation-program-is-the-drm-free-store-refocusing-on-the-classics/):** GOG, a DRM-free storefront for classic PC games, has announced a new GOG Preservation Program aimed at preserving and updating 100 classic games for future compatibility. The program will keep the games DRM-free while providing ongoing technical support and granting them a "Good Old Game: Preserved by GOG" stamp. Although GOG's primary mission remains focused on offering an alternative to Steam, Epic, and other PC storefronts, this new initiative demonstrates their commitment to classic games. ------------- **[James Webb Space Telescope Finds Stunning Evidence for Alternate Theory of Gravity - The Debrief](https://thedebrief.org/james-webb-space-telescope-finds-stunning-evidence-for-alternate-theory-of-gravity/):** Astronomers have found evidence using the James Webb Space Telescope to support an alternate theory of gravity called Modified Newtonian Dynamics (MOND). The data gathered by JWST contradicts the commonly accepted Cold Dark Matter (Lambda-CDM) model, which posits that dark matter is essential for explaining the structure of the universe. According to MOND, galaxy formation happened more rapidly and did not rely on dark matter. While some modern astronomical measurements favor the dark matter hypothesis, JWST's data aligns more closely with predictions made by MOND proponents than Lambda-CDM models. ------------- **[Give Up GitHub - Software Freedom Conservancy](https://sfconservancy.org/GiveUpGitHub/):** The article calls on FOSS developers to quit using GitHub, claiming that the proprietary platform contradicts the nature of Free and Open Source Software (FOSS). The article cites several reasons for giving up GitHub, including its use of AI technology in Copilot and a contract with US Immigration and Customs Enforcement. It also criticizes GitHub for not providing self-hosting options or support for FOSS projects. The article offers alternatives to GitHub, such as CodeBerg and SourceHut, and suggests methods for contributing to the cause of giving up GitHub, even if it is still being used. ------------- **[Kleinanzeigen.de schmeißt Nutzer bereits vor dem ersten Einloggen raus](https://www.heise.de/meinung/Kleinanzeigen-de-schmeisst-Nutzer-bereits-vor-dem-ersten-Einloggen-raus-10019995.html?view=print):** In Berlin, there is now a large advertising billboard for the platform Kleinanzeigen.de at the main train station. The platform's anti-fraud AI system can be harsh: it locks out innocent new users even after SMS verification, as reported by Ben Schwan. Users have complained about the platform's strict anti-fraud measures without a consistently functioning complaint mechanism for potential market leaders. This could be uncomfortable for affected individuals. ------------- **[The High Stakes Of Labeling—Costco’s Butter Recall, Explained](https://www.forbes.com/sites/stephaniegravalese/2024/11/12/the-high-stakes-of-labelingcostcos-butter-recall-explained/):** Costco recalled batches of its Kirkland Signature Butter due to a missing milk allergen label, which posed serious risks for customers with allergies. The U.S. Food and Drug Administration (FDA) is urging customers to check their refrigerators for specific product codes and follow its disposal instructions if they find affected butter. Accurate food labels are essential for consumer trust and safety, as they provide transparency about ingredients and allergens. Regulations require accurate labeling on packaged foods to prevent health risks and build consumer confidence. Food labels are a lifeline for people with food allergies or dietary restrictions, ensuring their safety by listing every ingredient and allergen. ------------- **[On Building Git for Lawyers](https://jordanbryan.substack.com/p/on-building-git-for-lawyers):** This article discusses a problem faced by lawyers who do not use git or other version control systems in their work. It highlights the need for a more efficient and error-free method to manage legal documents, such as contracts and agreements. The author suggests that using a concurrent version control system like Version Story can help address these issues, providing lawyers with an easier way to collaborate on legal documents. ------------- **[101 Deep Talk Fragen für das intensivste Gespräch, das Du je hattest](https://www.gq-magazin.de/artikel/deep-talk-fragen-intensive-gespraeche):** This article provides a list of 101 deep conversation questions to help build connections and better understand one another. A deep talk, also known as a deep conversation or intense discussion, is a meaningful dialogue between two people in which they share their innermost thoughts and feelings. The goal isn't right or wrong answers, but rather emotional closeness with the other person. The article offers three categories of questions for deep talks: starting questions to get the conversation flowing, in-depth questions, and erotic questions. It emphasizes the importance of honesty and vulnerability in order to create a genuine connection during these conversations. ------------- **[story.php](https://m.facebook.com/story.php?story_fbid=10159934131461514&id=520846513):** **TODO** ------------- **[Cheaper to rent in Barcelona and commute to London…](https://bestburgerinnorthwestlondon.wordpress.com/2013/10/24/cheaper-to-rent-in-barcelona-and-commute-to-london/):** The article discusses the cost comparison between renting a one-bed flat in West Hampstead, London and a three-bedroom flat in Barcelona's Les Corts district for a four-day workweek with one day at home. After calculating monthly expenses including rent, council tax (London), travelcards (London) and airfare (Barcelona), the author finds that it is cheaper to rent a three-bedroom flat in Barcelona and commute to London than renting a smaller flat in West Hampstead. The author also takes into consideration fixed commuting costs for four weeks a month, resulting in additional savings of 387 euros per month compared to their London life. ------------- **[Open-Source Software is in Crisis](https://spectrum.ieee.org/open-source-crisis):** The clash between WordPress and WP Engine highlights the growing discontent among open-source developers as projects become essential components of massive computer and internet infrastructure. Open-source technologies are experiencing increased pressure on project maintainers, especially when it comes to providing prompt software updates and critical security fixes. To better support the community, Chad Whitacre suggests three levers: commercialization, taxation, and social validation. These approaches aim to economically sustain open-source technologies while acknowledging the work of maintainers and encouraging contributions from others. ------------- **[FDP soll Bruch der Ampelkoalition über Wochen geplant haben](https://www.spiegel.de/politik/deutschland/fdp-soll-koalitionsbruch-ueber-wochen-geplant-haben-a-da5ee258-5c62-4f7c-bf77-b1d44f473b32):** The article in the "Zeit" reads like a script from the FDP for the collapse of government. At its core, it documents how the leadership of the Free Democrats (FDP) has been preparing since a caucus meeting on September 29 under the slogan "D-Day," to make the break from the unloved traffic light. The Süddeutsche Zeitung has also published an article with this take. It is a serious accusation, as if FDP leader and former Finance Minister Christian Lindner had deceived the public for a long time about wanting to end the coalition. On the night of the government's demise last week, Lindner accused Chancellor Olaf Scholz of trying to get the FDP out of the coalition. The Ampel coalition broke last week when the chancellor announced on Wednesday evening in the coalition committee that he would fire the FDP leader as Finance Minister because he had refused to agree to another exception to the debt brake. The article reconstructs that Scholz only acted according to the plan of the FDP to end the coalition. The debt issue, which has been disputed since the traffic light coalition broke down, would thus be conclusively answered. If it hadn't been for the government breakdown on Wednesday last week, so the version of the weekly newspaper, Lindner would have called off the coalition two days later and withdrawn the liberal cabinet members. Reports indicate that there have been several rounds of top FDP politicians since the end of September planning steps to bring about the end of the coalition. The 18-page paper on economic change by Lindner, which was made public a few days before the government ended, is also believed to have been written for this purpose only. FDP spoke of "Autumn of Decisions" Actually, the FDP leadership had been talking about an "Autumn of Decisions" for weeks: Here, it left open whether the agreement with coalition partners in key areas of economic and budget policy was meant to continue the coalition or end it. The dissatisfaction among Liberals grew due to consistently poor election results in state elections and poll values that were mostly below five percent. The presentation of "Zeit" is rejected by the FDP. The text is described as "partly wrong and drawing false conclusions," according to leading party circles. A reference is made to the reaction of a party spokesman to the research of the weekly newspaper: Since the ruling of the Federal Constitutional Court on November 15, reevaluations have been carried out again and again in various rounds. Of course, scenarios have always been considered and moods checked. In the end, there were two options that Christian Lindner proposed to the Chancellor in a conversation on November 3: an agreement on a new orientation of economic policy or the orderly termination of the coalition by going to new elections. The result is known. FDP leadership outraged over narrative In the FDP leadership, there is indignation about the narrative of "Zeit" text. The depiction that they had been preparing for the end of the traffic light from the beginning is simply incorrect, it is stated from the party. Of course, strategic considerations have always been made, including the possibility of ending the coalition. It should be emphasized that the option to continue the government in office was also seriously considered until the end. While reporting by "Zeit" and "SZ" clearly places the blame for the collapse of the Ampel at the FDP, a hint is made from the party leadership to recent reporting by SPIEGEL: It is said that internally Scholz had discussed in July raising a vote of confidence in the Bundestag to put pressure on the FDP. ------------- **[The Silurian Hypothesis: It was the Cephalopods](https://pacificklaus.com/the-silurian-hypothesis-it-was-the-cephalopods/):** This article discusses the "Silurian hypothesis," which proposes that a species different from humans once achieved high intelligence and technological civilization on Earth millions of years ago. The hypothesis is thought-provoking, but there is no concrete evidence to support it. Instead of focusing on the Silurian hypothesis, the author explores the possibility of an ancient cephalopod (octopus, squid, and cuttlefish) civilization. Cephalopods are known for their complex behaviors and skills, such as using tools, changing skin colors for camouflage and communication, and displaying deceptive behavior in mating rituals. However, there is no evidence to suggest that an ancient cephalopod civilization ever existed. The article highlights the potential evolutionary window when cephalopods could have developed civilizations before aquatic vertebrates took over, which could have been during the Jurassic period. ------------- **[Fefes Blog](https://blog.fefe.de/?ts=99c7d4c5):** The article discusses the lack of media competency in reporting on an alleged FDP plan to sabotage traffic lights. It mentions that several major publications have hidden their research behind paywalls, while others openly report the information. The author argues that the press is now cautious about taking risks and has a limited timeframe for reporting "Media reports" articles, leading to a lack of proper fact-checking. They suggest that readers with media competency can deduce this from the articles' wording. ------------- **[Journalism's fight for survival in a postliterate democracy](https://mattdpearce.substack.com/p/journalisms-fight-for-survival-in):** The article discusses how technology has led to an increase in postliterate media, where the truth is going out of business due to economic reasons. It explains that as the cost of producing quality information rises, the production of bullshit continues to be more affordable. This economic problem affects journalists and newsrooms, making it difficult for them to fund their work. The article also highlights how consumer preferences and capabilities have shifted towards lower-quality content, leading to increased alienation from the actual sources of information and creating a society ripe for manipulation by demagogues. The author suggests that fixing this problem requires understanding the issue at hand and working towards truth in media, as well as policy intervention, subsidy, and breaking up trillion-dollar tech companies. ------------- **[How I Lost $210 to a Stripe Dispute Despite Proof](https://zarar.dev/how-i-lost-210-to-a-stripe-dispute-despite-proof/):** The article discusses the author's experience with a Stripe dispute where they lost $210 due to an email discrepancy even though they provided invoices and tickets as evidence. Despite Bank of America having compelling documents that matched the customer's name, they still claimed unauthorized/fraudulent charges. The author criticizes Stripe for not having any influence over the dispute process and leaving merchants exposed to potential losses. ------------- **[This Russian Family Lived Alone in the Siberian Wilderness for 40 Years, Unaware of World War II or the Moon Landing](https://www.smithsonianmag.com/history/this-russian-family-lived-alone-in-the-siberian-wilderness-for-40-years-unaware-of-world-war-ii-or-the-moon-landing-7354256/):** The Lykov family lived in remote regions of the Siberian taiga for more than 40 years, utterly isolated and more than 150 miles from the nearest human settlement. In 1978, a helicopter crew found evidence of human habitation in the form of a clearing on a mountainside while searching for a safe spot to land geologists. The Soviet authorities had no records of anyone living in the district. The family, an Old Believer sect who worshiped in a style unchanged since the 17th century, lived in extreme isolation and poverty but were incredibly resourceful and intelligent. In 2016, Agafia Lykova, the last surviving member of the family, began accepting more help, including medical care from Russian billionaire Oleg Deripaska. ------------- **[Fault Injection - Down the Rabbit Hole - hn security](https://security.humanativaspa.it/fault-injection-down-the-rabbit-hole/):** This article discusses fault injection attack techniques on a chip, specifically focusing on voltage glitching using an ESP32 as the target. The author provides a detailed breakdown of the preparation, hardware setup, and execution of these attacks. They also explain how to interpret the results using a combination of analysis tools and emulation in Ghidra. The article emphasizes that instructions are not "skipped" during fault injection but can be affected in various ways, often involving multiple instructions. ------------- **[Fefes Blog](https://blog.fefe.de/?ts=99d12e9c):** In diesem Artikel wird besprochen, wie die Automatisierung und Roboter tatsächlich Arbeitsplätze zerstören und dabei Karrieren nachhaltig beeinträchtigen können. Früher gab es Möglichkeiten, auf der Basis eines niedriger bezahlten Jobs eine Karriere aufzubauen und sie in besser bezahlte Positionen zu steigern. Durch die Einführung von Automatisierung wurde diese Aufstiegschance jedoch eingeschränkt, sodass Menschen nur noch andere gleich gut bezahlte Jobs finden können. Die Automatisierung hat auch Auswirkungen auf die gesamte lokale Wirtschaft, da sie dazu führt, dass Menschen weniger Geld ausgegeben und somit das Geschäften in anderen Branchen schadet. Schließlich wird darauf hingewiesen, dass diese Entwicklung auch politische Konsequenzen hat: Stellenlose Menschen suchen nach Alternativen, was zu einer stärkeren Unterstützung von populistischen Kandidaten wie Donald Trump führt. ------------- **[3600 MHz Raspberry Pi 5 with Liquid Nitrogen - SkatterBencher](https://skatterbencher.com/2024/11/11/3600-mhz-raspberry-pi-5-with-liquid-nitrogen/):** The article describes an attempt to overclock a Raspberry Pi 5 to achieve the fastest speeds possible. Despite trying various methods such as changing the operating system, using liquid nitrogen for cooling, boosting power circuitry, and swapping out the crystal oscillator, the highest achievable frequency reached was 3.6 GHz. The limitations were attributed to factors like voltage configuration limitations imposed by the PMIC (power management integrated circuit) and a lack of temperature scaling in frequencies. ------------- **[Biden Asked Microsoft to “Raise the Bar on Cybersecurity.” He May Have Helped Create an Illegal Monopoly.](https://www.propublica.org/article/microsoft-white-house-offer-cybersecurity-biden-nadella):** ProPublica has reported that Microsoft offered free upgrades and consultants to install them in response to a request from President Joe Biden for tech companies to improve cybersecurity. This move was designed to bring in billions of dollars in new revenue, box competitors out of lucrative government contracts, and tighten the company's grip on federal business. Legal experts have claimed that this offer never should have come to pass as it sidesteps or violates federal procurement and antitrust laws. Microsoft defended its conduct, stating that its sole goal during this period was to support an urgent request by the administration to enhance the security posture of federal agencies. ------------- **[Doctolib kritisiert meinen Artikel – Thilo Weichert klärt auf](https://www.kuketz-blog.de/doctolib-kritisiert-meinen-artikel-thilo-weichert-klaert-auf/):** The article discusses a response from Doctolib to a blog post that allegedly contained some inaccuracies. Doctolib clarified various points, stating that they do not require the submission of patient data and that practices decide which data to submit. They also mentioned that they only process data for their own purposes if required by law or with the explicit consent of patients. The article includes a comment from Thilo Weichert, who states that Doctolib has not provided sufficient information regarding its data processing methods. He emphasized the importance of transparency in data usage and the preservation of patient confidentiality. ------------- **[the-hidden-tax-trap-for-saas-founders-in-germany](https://www.vincentschmalbach.com/the-hidden-tax-trap-for-saas-founders-in-germany/):** The article discusses the hidden tax trap for SaaS founders in Germany. Unlike the US, UK, or Australia where founders benefit from favorable capital gains treatment, German founders face a significant 50% tax burden on asset sales. This issue makes Germany one of the worst places to build and sell a bootstrapped SaaS business, especially for smaller acquisitions under $10M. The author suggests that Germany needs to recognize software asset sales as capital gains for individuals and create specific tax relief for small software business exits. ------------- **[VoicePing Walkie Talkie Android SDK](https://github.com/SmartWalkieOrg/VoicePing-Walkie-Talkie-AndroidSDK):** The VoicePing Android SDK allows developers to easily add push-to-talk functionality to their Android apps quickly and for free. This SDK, provided by Smart Walkie Talkie, enables group voice broadcast capabilities in Android projects. It works with the VoicePing Open Source Router, has low data consumption, and is suitable for various applications like Uber, chat apps, and emergency alerts. To install the SDK, developers need to follow a few simple steps using Jitpack and Gradle. ------------- **[The WIRED Guide to Protecting Yourself From Government Surveillance](https://www.wired.com/story/the-wired-guide-to-protecting-yourself-from-government-surveillance/):** The incoming Trump administration is expected to use surveillance machinery more than any other US administration in recent history, prompting a need for at-risk individuals and activist groups to strengthen their data security measures. Key recommendations include using encrypted communication services like Signal or WhatsApp, full disk encryption on devices, limiting online anonymity, managing location data, financial privacy, and being cautious about burner phones. It is important for individuals to be aware that even with precautions in place, digital evidence from their past may still be available and could potentially be used against them. ------------- **[winter - Why did people rub snow on frozen feet? - The Great Outdoors Stack Exchange](https://outdoors.stackexchange.com/questions/15801/why-did-people-rub-snow-on-frozen-feet):** Article not found. ------------- **[Datenleck bei Destatis: Prorussische Hacker erbeuten Dokumente über deutsche Unternehmen](https://www.nzz.ch/visuals/aktuell/datenleck-bei-destatis-prorussische-hacker-erbeuten-dokumente-ueber-deutsche-unternehmen-ld.1857259):** According to German statistics agency Destatis, hackers are selling stolen data on the Darknet for $250. The data was not directly sold by the agency but instead, by hackers in a Darknet forum. Hackers claim that they have 3.8 GB of data from Destatis, which includes names, addresses, phone numbers, email addresses and login details of companies involved in exchanging statistical data with Destatis. The leaked information also potentially includes emails and documents. The hackers claim the stolen data is likely from the Internet Data Exchange (Idev), a platform used by firms to collect data such as cross-border trade figures, which are then processed into statistics by Destatis or state statistical offices. The hacker group, known as "Indonesian Cyber Attack" or "Indohaxsec", claims to support Russia and has previously targeted NATO member countries with cyberattacks. The group is notorious for attacking weakly-secured websites, which indicates that the stolen data was likely obtained through a system vulnerability or an alternate method, rather than a direct breach of Destatis' systems. ------------- **[I Regret Ever Open Sourcing Java – Jill Malony Ratkevic](https://news.ycombinator.com/item?id=42135358):** The author discusses their regrets about open-sourcing Java and mentions that it led to their daughter learning the language, which resulted in her husband questioning some aspects of Java. They also mention using Vim as an editor for coding purposes. ------------- **[Software-Anbieter aufgepasst: Sie haften jetzt für fehlerhafte Produkte](https://www.heise.de/hintergrund/Software-Anbieter-aufgepasst-Sie-haften-jetzt-fuer-fehlerhafte-Produkte-10027145.html?view=print):** The new Product Liability Directive introduces stricter regulations for software manufacturers and other stakeholders, addressing digitalization-related liabilities. It explicitly includes standalone software as a product subject to liability. Key changes include the widened scope of application, increased compensation for damages caused by defective products, and an extended period of responsibility for the producer beyond when the product reaches the consumer. The regulation also covers digital construction documents and software, regardless of whether it is installed on a device or provided as a service. This expansion extends the responsibility of software manufacturers, and their liability could extend to cases where they are not in direct contract with the injured party. The directive comes into force two years after its adoption by the member states. ------------- **[Hebamio](https://kombaecher.hebamio.de/geburt#):** In this article, it is explained that the fees for conducted course hours are paid directly by the health insurance company for insured women. Participants cannot be replaced during a closed course and fees for missed sessions are not covered by the insurance and must be borne by the participant themselves. Missed sessions cannot be made up later. The midwife is entitled to relocate individual course units at short notice. If a situation arises that leads to further restrictions, live courses will automatically take place as video conferences. Registration for the course is binding. Free cancellation is possible within 24 hours after registration. A processing fee of €20 applies if cancelled between 14 and 2 days before the start date; full course fees apply if cancelled later. If the minimum number of participants is not reached two weeks prior to the start of the course, the midwife can withdraw from the contract. Participants will be informed immediately. The midwife can also withdraw from the contract or postpone individual course units if a course cannot take place for reasons beyond her control (e.g., illness). Participants must be notified immediately. The midwife has the right to terminate the contract under extraordinary circumstances, such as dishonorable behavior in courses. Please refer to the website for the partner fee prices for birth preparation courses. Payment is due before the start of the course. Some health insurance companies cover the partner fee, so participants should inquire with their provider. Participants have the right to withdraw from the contract within 14 days without giving reasons. The cancellation period begins on the day the contract is concluded. A short-term course change is possible. If individual provisions of this contract are invalid, it does not affect the validity of the remaining provisions; invalid provisions will be replaced by the closest effective provisions. ------------- **[Fefes Blog](https://blog.fefe.de/?ts=99cbe20c):** The article criticizes the "Secure by Design" marketing trend in security firms as being empty promises and not providing concrete solutions for better security. It emphasizes that a truly secure design should be considered from the beginning, rather than being tacked on later. The author mentions implementing self-sandboxing techniques and limited access to their blog's file system as examples of such secure designs. They point out that "Secure by Design" is often used in marketing materials without any real substance behind it. In contrast, the author highlights real-world companies like Amazon Web Services, Fortinet, Microsoft, Okta, and Sophos as examples of firms with successful "Secure by Design" implementations, but argues that these successes are mainly due to implementing multi-factor authentication (MFA) rather than true secure design principles. ------------- **[IMG_0416](https://ben-mini.github.io/2024/img-0416):** Between 2009 and 2012, Apple iPhones included a feature called "Send to YouTube" that allowed users to upload videos directly from the Photos app. This resulted in a 1700% increase in total video uploads during that time period. However, when Apple removed this feature in 2012, millions of unedited and often accidentally uploaded videos were left with default names based on the "IMG_XXXX" naming convention for images captured on iOS devices. These videos provide a unique and authentic glimpse into the lives of complete strangers, making them an interesting discovery on YouTube when searching using this naming convention. ------------- **[Fefes Blog](https://blog.fefe.de/?ts=99cb8483):** AMD is cutting jobs and focusing on "AI" chips, which may be a good move for investors as GPU business stagnates. This strategy reminds the author of Clayton Christensen's disruption theory about mini-mills in steel production. In the story, traditional integrated steel mills made a low margin with rebar steel and eventually lost to mini-mills that produced lower cost steel for 20% less. The same pattern could occur with AMD as it shifts focus to AI chips, potentially leading to higher prices and fewer competitors in the market. ------------- **[archive.ph](https://archive.ph/O92yg):** The article discusses how to complete a security check (CAPTCHA) and prevent future issues with access by running an anti-virus scan on your device or requesting a network administrator to perform a scan across the network for misconfigured or infected devices. ------------- **[Attestations: A new generation of signatures on PyPI](https://blog.trailofbits.com/2024/11/14/attestations-a-new-generation-of-signatures-on-pypi/):** The Python Package Index (PyPI) has introduced index-hosted digital attestations as a new security feature, providing key usability, index verifiability, cryptographic strength, and provenance properties for the Python ecosystem, as specified in PEP 740. These attestations improve on traditional PGP signatures by providing holistic, cryptographically verifiable provenance for software supply chains. The feature is now enabled by default for those using Trusted Publishing with PyPI since v1.11.0 and newer, ensuring package provenance without requiring changes to the publishing workflow. ------------- **[I Followed the Official AWS Amplify Guide and was Charged $1,100](https://elliott-king.github.io/2024/10/amplify-overcharge/):** The article details a user's experience integrating OpenSearch with Amplify and the unexpected charges they incurred while following an official guide provided by AWS. The user received a $1200 bill for their usage, despite not having used the service much at all. After reaching out to customer support, AWS processed a billing adjustment for the unexpected charges. The article serves as a cautionary tale for those using AWS Amplify, especially with OpenSearch, and encourages users to be aware of their budget and potential expenses when working with new technologies. ------------- **[Shae Erisson's blog - The github plugin my coworkers asked me not to write.](https://www.scannedinavian.com/the-github-plugin-my-coworkers-asked-me-not-to-write.html):** This article discusses the "bus factor" or "truck factor," which refers to the minimum number of team members that must suddenly disappear from a project before it stalls due to lack of knowledgeable or competent personnel. The author mentions a 2015 research paper on this topic and attempts to reproduce the results using the GitHub platform, only finding an improvement in the "truck factor" after installing the linguist plugin, which filters out documentation files. ------------- **[Fefes Blog](https://blog.fefe.de/?ts=99d11f13):** In this article, the author expresses confusion over why the press is making fun of Habeck as a chancellor candidate. They admit not being a fan of the Greens but acknowledge it's the only party with a candidate to consider. The author finds the disparity between candidates so extreme that they are even starting to entertain the idea of voting for the Greens, as Habeck is clearly the most notable and prominent candidate by far. ------------- **[Docker Compose Isn't Enough](https://blog.tealok.tech/post/docker-compose-isnt-enough/):** The article discusses the challenges faced while deploying complex applications using Docker-compose and suggests a higher level of abstraction that includes concepts like SQL databases, local caches, durable storage, service discovery, and resource management. It proposes a solution in the form of Tealok - a new container runtime that provides standardized interfaces, reduces waste, ensures consistent good practices, and simplifies application deployment. ------------- **["The Hatpin Peril" Terrorized Men Who Couldn't Handle the 20th-Century Woman](https://www.smithsonianmag.com/history/hatpin-peril-terrorized-men-who-couldnt-handle-20th-century-woman-180951219/):** In May 1903, Leoti Blaker defended herself from a masher on a Fifth Avenue stagecoach by using her hatpin as a weapon. This incident led to the rise of similar encounters with "mashers," or predatory men who targeted women in public spaces. Society started to recognize women's desire and ability to defend themselves, transitioning away from female dependence on men. Working women and suffragists spoke out against harassment and emphasized women's right to move freely in public alone. The hatpin became a symbol of self-defense for women, leading to laws restricting their length. However, the furor over hatpins died down when bobbed hair and cloche hats came into fashion. ------------- **[Nutrient Density and other Stupid Magic Words](https://www.exfatloss.com/p/nutrient-density-and-other-stupid):** The article discusses the use of "magic words" in nutrition and health debates, pointing out that many common terms are misleading and imply assumptions without proper definition or context. Examples include "nutrient density," "excess," and "fattening." The author argues that these words often distract from the actual discussions and understanding of nutrition. Additionally, they question the accuracy of recommended daily allowances (RDAs) for micronutrients, suggesting that many of them are made up or based on inaccurate data. ------------- **[Why I want my deaf daughter to have the best of both worlds | Aeon Essays](https://aeon.co/essays/why-i-want-my-deaf-daughter-to-have-the-best-of-both-worlds):** The article discusses the challenges and dilemmas faced by parents of deaf children in deciding whether to implant their child with a cochlear implant, an electronic device that creates the sensation of sound by bypassing the inner ear entirely and stimulating the auditory nerve with a set of electrodes. The article presents both sides of the argument: those who argue for intervention as it can enable the deaf child to apprehend dangers in their environment, participate actively in positions of power, and connect with more people using spoken language; and those who argue against it, seeing it as a threat to Deaf culture, languages, and communities. The author ultimately decides to have her daughter implanted, believing it will give her the best chance at a fulfilling life without compromising her identity or autonomy. ------------- **[Matrix Client Tutorial](https://uhoreg.gitlab.io/matrix-tutorial/index.html):** This book serves as an introduction to creating a client using the Matrix Client-Server API. It provides information on making HTTP calls to a Matrix homeserver, discussing reliability and security issues. The book is written in Python using aiohttp but can be ported to other programming languages. Topics covered include basic concepts of the API, authentication, events, device management, and encryption. Additional topics, such as media repo, URL previews, and more messaging features are also discussed. ------------- **[What science reveals about our tendency toward corruption](https://english.elpais.com/science-tech/2024-11-11/what-science-reveals-about-our-tendency-toward-corruption.html):** A year-long experiment conducted at supermarket checkouts in Modena and Ferrara, Italy, found that the probability of not declaring all purchases increased by 16% to 30% after a local corruption scandal made headlines. The phenomenon is defined as contagious corruption, with its impact peaking four days after the news broke before declining. Corruption can take many forms: bribery, embezzlement, extortion and fraud. Behavioral economics and social psychology methods have been employed to study corruption in conjunction with behavioral data. Results suggest that people act based on who they are paired with, indicating a more dynamic and flexible nature of corruption rather than a stable incorruptible personality. Factors such as belief systems and emotions also play significant roles in influencing the decisions to engage in or refrain from corruption. Improving government quality is essential for controlling and reducing corruption. ------------- **[Robots gut job prospects for low skilled workers](https://www.theregister.com/2024/11/08/robots_crush_career_low_skill/):** A study by economists Maria Petrova, Gregor Schubert, Bledi Taska, and Pinar Yildirim reveals that the adoption of robots in industries is negatively affecting career opportunities, leading to a decrease in lifetime "career value" for workers. The research shows that exposure to robots reduces career values by driving more job transitions to similar-paying jobs and fewer transitions to better-paying ones. This has contributed to the rise of populist political candidates such as Donald Trump, as people seek alternative political solutions when they lose faith in their ability to advance economically. ------------- **[Why are cassette and CD players so bulky now?](https://www.theverge.com/24295971/we-are-rewind-fiio-cassette-player-cd-dm-13):** Cassette tape sales are experiencing a 20-year high, and vinyl records have been growing for 17 years; now, tech companies are providing updated hardware to play these formats. Companies like We Are Rewind and Fiio offer new cassette and CD players with additional features like USB-C charging and Bluetooth. However, the design of these modern gadgets is not as advanced as their vintage counterparts. The compact designs from early 2000s have been replaced by larger, less efficient designs in today's updated players. ------------- **[I sent an ethernet packet](https://github.com/francisrstokes/githublog/blob/main/2024%2F11%2F1%2Fsending-an-ethernet-packet.md):** The article is about building a TCP/IP stack from scratch on a microcontroller using an STM32F401 on a nucleo devboard. The writer describes the process of successfully sending their first ethernet packet, including dealing with bugs and debugging challenges. They used the W5100 chip to transmit raw ethernet packets and faced issues like garbled data and inefficient communication between SPI lines. The writer eventually debugged the issue by writing a tool that parsed SPI capture CSV data and compared it with an example working Arduino implementation, leading them to discover the root cause of their bug. ------------- **[SQLite Index Visualization: Structure](https://mrsuh.com/articles/2024/sqlite-index-visualization-structure/):** This article discusses the process of understanding SQLite indexes by exploring their basic structure, data storage, algorithm, and searching through them. The author provides an analysis of SQLite's Page and Cell structures, explaining how they are stored in a B-Tree structure on disk. They also analyze the source code to provide more insight into the index data storage process. To visualize index structures, the author uses a library called d3-org-tree for visualization, but later finds that it does not adjust spacing well when the tree becomes deeper and more Pages are added. The article concludes by discussing various types of indexes and their optimization, as well as providing examples for each type of index. ------------- **[Deanna Dikeman - Leaving and Waving](https://deannadikeman.com/leaving-and-waving):** The article discusses a personal photography series taken by the author over the course of 27 years as they left their parents' home in Sioux City, Iowa after visiting them. This ritual started in 1991 and gradually turned into a way for the author to deal with the sadness of saying goodbye. The series is part of a larger body of work called "Relative Moments" that chronicles the lives of their parents and other relatives since 1986. In 2017, the author's mother passed away, marking the end of this ritual as she was no longer there to wave goodbye. The photographs were displayed in an exhibition at Charlotte Street Foundation La Esquina Gallery in Kansas City, Missouri in August 2018. ------------- **[archive.ph](https://archive.ph/B7hkD):** The article discusses the necessity of completing a CAPTCHA in order to access a website and provides information on how to prevent future issues with malware, either by running an anti-virus scan at home or requesting a network administrator to perform a scan if using a shared connection. ------------- **[A Basic Introduction to the Classfile API | Ife Sunmola](https://ifesunmola.com/a-basic-introduction-to-the-classfile-api/):** This article introduces the class file API, a standard way for parsing, generating, and transforming Java class files. The API is still in preview and will be finalized with the release of JDK 24. It demonstrates how to convert code into JVM bytecode and run it using the Java command. The author provides an introduction to creating class files and uses the class file API to generate bytecode for a simple Person class, as well as PersonRunner class that calls the main method with a random number. ------------- **[The Two Santas Strategy: How the GOP has used an economic scam to manipulate Americans for 40 years | Milwaukee Independent](https://www.milwaukeeindependent.com/thom-hartmann/two-santas-strategy-gop-used-economic-scam-manipulate-americans-40-years/):** This article discusses the political strategy known as "Two Santa Clauses" by Republican strategist Jude Wanniski, which involves spending money when in power and then criticizing excessive debt when a Democrat is in office. The GOP has used this tactic throughout history, raising the national debt during their tenure and then using it as an argument against Democrats to cut social safety net programs like Social Security and Medicare. Treasury Secretary Janet Yellen warned that Republicans are planning to use this strategy again under Biden's administration. The article argues that Americans should be aware of how they have been manipulated by the GOP for the past 40 years. ------------- **[Async Await Is The Worst Thing To Happen To Programming](https://andrewzuo.com/async-await-is-the-worst-thing-to-happen-to-programming-9b8f5150ba74?gi=0c4ab5fd4915):** The article discusses the author's experience with async and await, mentioning that it creates a chain reaction of async functions in code. The author then transitions to coding in Go, which does not support async and await, and shares their positive experience without these features. The author also explains how to implement a one-second delay between requests using the time.Sleep() function in Go. ------------- **[Stromanbieter Tibber gehackt, 50.000 deutsche Kunden betroffen](https://www.heise.de/news/Stromanbieter-Tibber-gehackt-50-000-deutsche-Kunden-betroffen-10030864.html?view=print):** Hackers have gained access to and stolen data from Tibber, a Swedish energy provider. Approximately 50,000 German customers are affected, with their data being sold in the Darknet marketplace. Tibber has confirmed the breach, stating that no payment or consumption data, exact addresses, or passwords were compromised. An investigation is ongoing, and the company is collaborating with authorities and experts to address the issue and implement improvements. ------------- **[My 11-year-old walked less than a mile away from home. I was arrested and charged with reckless conduct.](https://www.businessinsider.com/mom-arrested-after-tween-walked-mile-town-alone-2024-11):** Brittany Patterson was arrested and charged with reckless conduct after her 11-year-old son walked less than a mile away from home without telling her. A stranger called the police, concerned he might be in danger. Patterson is now facing a year in jail and a $1,000 fine for allowing her child to walk alone outside. ------------- **[Datenleck bei Online-Auskunftei: Hackerin kann beliebige Bonitätsdaten einsehen](https://www.heise.de/news/Datenleck-bei-Online-Auskunftei-Hackerin-kann-beliebige-Bonitaetsdaten-einsehen-10034774.html?view=print):** Activist Lilith Wittmann discovered a way to easily retrieve personal credit data through the "it's my data" platform. She exploited an unsecured API call and was able to access and change her own data, as well as that of other users. The company has since disabled or limited new account registrations, responding with a 418 HTTP status code ("I'm a teapot") to any attempts at registering. It is unclear how many personal records have been exposed due to the security vulnerability, which can be easily exploited by anyone holding an "it's my data" account. ------------- **[Fefes Blog](https://blog.fefe.de/?ts=99ca610b):** The article argues against the notion that children born in a digital age are "digital natives" and can repair or build computers due to their upbringing with technology. According to the studies, 40% of young people thought to be digital natives can only click and swipe. The author blames software companies for making products complex while also simplifying user interfaces. They claim that this leads to a lack of learning and ultimately contributes to global warming, which these children have contributed to by not trying to learn.