Hackers' Pub is a place for software engineers to share their knowledge and experience with each other. It's also an ActivityPub-enabled social network, so you can follow your favorite hackers in the fediverse and get their latest posts in your feed.
自分なんかと遊んでくれる人がいるの、とてもありがたいわね
소소하지만 내 삶의 즐거움이 되는 물건들: 메모리폼 토퍼, 와이드 샤워 헤드 그리고 좋은 비누.
이 셋은 없으면 일단 사고 본다. 비누는 한국에서 산다면 도브 센서티브가 괜찮음. 뽀득한 거 원하면 아이보리.
Story index:
Learn more at ChantingLureTales!
미국에서 Leica D-Lux 8 카메라 가격이 $1,595에서 $2,790(!!)으로 큰 폭으로 인상. 참고로 D-Lux 8은 중국 생산 제품..
https://leicarumors.com/2025/05/02/the-leica-d-lux-8-camera-is-now-2790-in-the-us-up-1195.aspx/
Looking to advance your research career? Choose Europe.
Practical information: http://europa.eu/!B8hjh3
Register for the info session on 6 May: http://europa.eu/!gX3Dgv
Why did mitra lose a thread 💀
"1+1=3이라고 말만 했을 뿐인데 이렇게들 우르르 몰려와서 산수도 못하냐고 비난하시면 당황스럽네요... 의견도 말 못하나요? 님들같이 입틀어막는 사람들 있는거 생각해서라도 앞으로는 꼭 3이라고 사실대로 말하고 다닐거에요" 이런 사람들 온오프라인 안 가리고 분야별로 삼억팔천만명 있음
啊啊啊不想上班!!!!恐懼症要來了 
혹시 겹칠 수 있으니 제가 제보한 걸 밝히자면, - 회원가입할 때, 비밀번호에 <, >, ", ', _ 를 사용할 수 없는 특수문자라고 안내되어있는데 실제로 사용할 수 없는 문자가 이보다 더 많은 점 - 브라우저 창 크기를 조절하면서 상단 메뉴가 오작동할 수 있는 버그 ...입니다.
"In 1946, renowned author Lin Yutang filed a patent for a typewriter that printed Chinese characters. This is the MingKwai typewriter, with a reasonable number of keys. By pressing two keys, eight characters from thousands in the machine's mechanical hard drive would appear in the typewriter's "magic eye" window. Pressing a third key would select from those and print the character."
https://www.neatorama.com/2025/05/04/An-Old-Typewriter-Turned-Out-to-Be-a-Priceless-One-of-a-kind/
Why does the #AISlop problem exist at #hackerone (and likely other bug bounty platforms)?
Because apparently it works: https://hackerone.com/evilginx/hacktivity?type=user
It seems that some projects pay bounties for such AI Slop reports.
This thing works by generating fake vulnerability reports. Here are some of the qualities of the HackerOne report 3125832 sent to #curl:
- It looks convincing at a glance, especially if you're not a subject matter expert.
- It's vague about actual repro steps. It makes it impossible for the victim project to reproduce the issue. For example, it makes up fake patches against non-existent, imaginary code.
- It refers to functions and methods that do not exist (in case someone tries to look for them). When confronted, the attacker refer to some old or new versions of components, using non-existent commit hashes.
- The report makes up some convincing functionality or names that are novel, but don't really exist.
An expert’s look at the report shows the number of discrepancies, but finding them takes time and effort. It requires attention from a subject matter expert, with limited resources.
The real exploit here is that the attacker (evilginx) exploits the fact that the victims (the orgs who paid the attacker money) don't have the capacity to perform thorough analysis and rather just pay up. TL;DR: It's cheaper to pay the bug bounty than hire an expert to perform true analysis.
Why didn't it work against the curl project? The attacker miscalculated badly. Curl project is not a company and has far greater capability in security response than your average org. Also they can smell #aislop miles away.
아니 근데 대체 왜 DB 쿼리가 이렇게 느린거야
did you know that GDB includes a bytecode compiler? specifically, it has a private [edit: it's documented] bytecode format used between it and the GDB server, which the latter uses to implement conditional breakpoints with complex expressions and tracepoints
every time it hits a breakpoint/tracepoint it evaluates the bytecode, which has jumps and can read arbitrary target memory, and decides whether it really was hit or not
그리고 가장 깝깝한 건 그 당혹감의 끝에서 지금 무슨 입장차가 일어난 건지 파악하는 대신 "이래서 너희들 편 안들어준다"는 식으로 잠재적 우군(=적)선언을 하고 흑화해버리는 사람들임...
가짜뉴스와 선동과 파편화의 시대. 스스로는 순박하고 온건하고 비편향적인 입장을 취한다고 취하지만, 딛고 선 논리가 남들이 파탄내 놓은 구렁텅이인 줄을 모른다. 결국 남들이 해줄 말은 "당신 말이 처음부터 끝까지 다틀렸다" 밖에 없는데 그런 반응에는 상처입고 분노하더라... 당연함. 스스로는 소박한 진실만 말한 것인데 인신공격 수준의 대꾸가 돌아왔다고 여기기 때문임. 그런데 도대체 이 참사를 어째야하나.
사람은 정말 온건하고 순하고 조심스러운 태도로도 개쎈혐오가짜뉴스를 말할 수 있는 것이다. 온건하다고 가만 놔 두면 온건하게 동조자가 늘어나고, 그거 아니라고 정색하고 뜯어말리면 당혹하거나 심지어 "공격받았다"며 진심으로 토라지는 사람들을... 대체 어째야 하는가.
素敵に人になりたい!2024
그리고 가장 깝깝한 건 그 당혹감의 끝에서 지금 무슨 입장차가 일어난 건지 파악하는 대신 "이래서 너희들 편 안들어준다"는 식으로 잠재적 우군(=적)선언을 하고 흑화해버리는 사람들임...
I'm excited to announce that registrations are open for my online course, "The Barbarian Kingdoms (376-751)," hosted by 
@medievalistsMedievalists.net!
What: Six weekly Zoom sessions, starting May 29, where we'll discuss the history and culture of the Franks, Visigoths, Lombards, and others! See the module descriptions below, and feel free to DM with questions!
Where: Zoom
When: Thurs, 1:00-2:30 PM ET
Fee: $149
Registration: https://medievalstudies.thinkific.com/courses/barbarian
@histodonshistodons group #histodons @medievodonsMedievodons group @edutootersEduTooters group #history
가짜뉴스와 선동과 파편화의 시대. 스스로는 순박하고 온건하고 비편향적인 입장을 취한다고 취하지만, 딛고 선 논리가 남들이 파탄내 놓은 구렁텅이인 줄을 모른다. 결국 남들이 해줄 말은 "당신 말이 처음부터 끝까지 다틀렸다" 밖에 없는데 그런 반응에는 상처입고 분노하더라... 당연함. 스스로는 소박한 진실만 말한 것인데 인신공격 수준의 대꾸가 돌아왔다고 여기기 때문임. 그런데 도대체 이 참사를 어째야하나.
사람은 정말 온건하고 순하고 조심스러운 태도로도 개쎈혐오가짜뉴스를 말할 수 있는 것이다. 온건하다고 가만 놔 두면 온건하게 동조자가 늘어나고, 그거 아니라고 정색하고 뜯어말리면 당혹하거나 심지어 "공격받았다"며 진심으로 토라지는 사람들을... 대체 어째야 하는가.
Faschismus ist kein Protest.
미국 정부가 소수자 탄압하려고 기업에 압력 넣어서 다들 엎드리고 있는 와중에 애플은 아직 굴하지 않고 있는 것 같아 다행이네. https://www.apple.com/newsroom/2025/05/apple-introduces-the-2025-pride-collection/
Der Bundestag hat für den Entschließungsantrag der CDU/CSU gestimmt, um Grenzschließungen für Geflüchtete und Grenzkontrollen dauerhaft durchzusetzen. Während Union, FDP und AfD diesmal gemeinsam dafür und #Grüne und #SPD dagegen gestimmt haben, sollte nicht vergessen werden, dass es erst die Grünen und die SPD waren, die den Nährboden für diese autoritäre Politik geschaffen, gepflegt und gedüngt haben.
Nancy #Faeser (SPD) hat seit Beginn der Ampel-Regierung versucht, über das ständige Verlängern eines Ausnahmezustandes, Grenzkontrollen permanent durchzusetzen. Grüne und SPD haben mit ihren Beschlüssen zur Bekämpfung von Geflüchteten und mit ihren Vorhaben, bis hin zur geplanten Einführung der biometrischen Massenüberwachung, eine rassistisch-autoritäre Politik der zunehmenden Staatsfaschisierung betrieben und weiter normalisiert. Was Rechtskonservative und Faschos jetzt zu Ende führen möchten, haben selbsternannte linksliberale Parteien und ihre Anhängsel die letzten Jahre eifrig vorangetragen.
https://www.tagesschau.de/inland/innenpolitik/migration-antrag-union-100.html
#CDU #Migration #Asyl #Refugees #Antireport #FDP #AFD #FckNzs
Der staatliche "Kampf gegen Hass und Hetze" konsequent zu Ende geführt.
Die bayerische #Polizei führt einen digitalen Kalender. Darin werden alle Veranstaltungen erfasst, die polizeiliche Relevanz haben könnten: größere Gerichtsprozesse oder Kultur- und Sportveranstaltungen ebenso wie politische Kundgebungen und Demonstrationen. Die Veranstaltungen werden jeweils mit Schlagwörtern versehen, um sie recherchierbar zu machen. Das soll der Polizei helfen, mögliche Gefährdungslagen besser einzuschätzen und Einsätze effizienter zu planen.
Vor knapp zwei Wochen wurden nun alle bayerischen Polizisten per Artikel im Intranet der Polizei angewiesen, ab sofort im Bedarfsfall ein neues Schlagwort zu verwenden: "gegen CDU und CSU".
커미션작업~
あけおめ
aaaaaah, I assumed that you are using popover. Sorry. That's all popover and just because of that Chromium only.
あけましておめでとう
にゃー
"In 1946, renowned author Lin Yutang filed a patent for a typewriter that printed Chinese characters. This is the MingKwai typewriter, with a reasonable number of keys. By pressing two keys, eight characters from thousands in the machine's mechanical hard drive would appear in the typewriter's "magic eye" window. Pressing a third key would select from those and print the character."
https://www.neatorama.com/2025/05/04/An-Old-Typewriter-Turned-Out-to-Be-a-Priceless-One-of-a-kind/
> 정부24가 시범운영을 시작합니다. 시범운영 홈페이지를 둘러보고 '옥의 티'를 찾아주시는 분들께 상품권을 드립니다. 나도 몇개 찾아서 제보 보내봤다. plus.gov.kr/portal/ntcmt...
참고로 두번째 이미지 저거... 텍스트가 아니라 텍스트를 스크린샷 찍어둔 이미지(!) 인데다가 대체 텍스트(ALT 텍스트)도 없다... 그래서 대체 텍스트 넣어달란 제보도 했다. (아니 그냥 텍스트인데 그냥 간단하게 복사해서 넣으면 어디 덧나나...)
> 정부24가 시범운영을 시작합니다. 시범운영 홈페이지를 둘러보고 '옥의 티'를 찾아주시는 분들께 상품권을 드립니다. 나도 몇개 찾아서 제보 보내봤다. plus.gov.kr/portal/ntcmt...
시간 자꾸 죽이는 사이에 연휴가 끝나가네요... 일하기 싫다.............
@hongminhee洪 民憙 (Hong Minhee) Isn't that FEP based on the GTS spec? If it's notably worse, I guess that says something about the process
@TakTak! @hongminhee洪 民憙 (Hong Minhee) it's the other way around, FEP-5624 pre-dates GTS' interaction policies but was never implemented anywhere and did not get much traction; the bulk of the discussion at the time was about who should control the reply policy (original post author or person you immediately reply to)
GTS decided to pick the second solution even if it's not necessarily the ideal one, because it's much simpler to implement
GTS' interaction policies were then refined with a lot of back-and-forth with Mastodon devs when we were working on quote posts (resulting in FEP-044F which re-use GTS' interaction policies)
maybe we should retire FEP-5624
@hongminhee洪 民憙 (Hong Minhee) Isn't that FEP based on the GTS spec? If it's notably worse, I guess that says something about the process
@TakTak! @hongminhee洪 民憙 (Hong Minhee) it's the other way around, FEP-5624 pre-dates GTS' interaction policies but was never implemented anywhere and did not get much traction; the bulk of the discussion at the time was about who should control the reply policy (original post author or person you immediately reply to)
GTS decided to pick the second solution even if it's not necessarily the ideal one, because it's much simpler to implement
GTS' interaction policies were then refined with a lot of back-and-forth with Mastodon devs when we were working on quote posts (resulting in FEP-044F which re-use GTS' interaction policies)
maybe we should retire FEP-5624
세계적인 극우파 약진…그 뒤엔 ‘기독교 우파 조직’과의 결탁이 있다 https://www.khan.co.kr/article/202505031100001/
"실제로 1990년대 이후 미국 기독교 우파 단체들이 유럽의 동료들을 전략적으로 지원하고 자금과 이념적 틀을 제공해왔다. 특히 유럽에서 기독교 우파의 입김이 강해진 영역이 반젠더, 반낙태, 반페미니즘인데 여기에는 미국 기독교 우파 단체의 유럽 지부나 네트워크 조직들이 깊이 관여하고 있다."
Pinkfong Company Launches Moon Shark Webtoon in English
Needed a bit of help so I travelled back in time. 👵🏼
I know I can find everything online, but this book has been my happy guide before I changed my focus.
I just bought this book for my friend’s little boy, who has just become a big brother to his new baby sibling.
I wonder how many grown-ups can answer these questions without peeking under the flaps?
弟が生まれて大きいお兄ちゃんになったばかりのお友だちの息子さんに、プレゼントを買いました。「自分のものを他の人とシェアすべき理由」について考える絵本。大人でもうまく答えられない質問がたくさん(ALTに和訳)。
#Books #bookstodon
I found a motto for my Substack
這是什麼水汪汪大眼睛。
立立亂書局wwww
Blog Questions Challenge: Ten Pointless Facts About Me (thx 
@rl_daneR.L. Dane 
🍵!)
https://michal.sapka.pl/2025/blog-questions-challenge-ten-pointless-facts-about-me/
I am not cool enough to nominate anyone.
I've released a tiny Django admin package, https://github.com/amureki/django-admin-hotkeys
Together with amazing https://github.com/rajasimon/django-command-palette/ it drastically improves the keyboard experience in the Django admin.
#Django
@dansup will the app directory also get a feature matrix?
んなぞめ
Stefan Bohacek
daniel:// stenberg://
잉어구이
Quincy ⁂
@
洪 民憙 (Hong Minhee) 
GENKI
+ 
