Darktable. It has a hell of a learning curve, but it's one hell of a powerful raw editor with some really cool masking features. It has a reputation for being difficult to learn, but the newest release bundles a new tone mapper (AgX) that requires a whole lot less massaging than the old Filmic (and, to a lesser extent, the later Sigmoid mapper). I'm back to managing my photo libraries using plain old files and folders, and syncing them to my NAS using Syncthing. I couldn't be happier, and it doesn't cost me a dime.
Aperture’s death coincided with my life getting less excitingly photogenic. The combination was enough to break my habit of shooting pictures altogether.
My old well-curated and edited and tagged libraries are still on S3 backups. No conversion has been satisfactory.
I switched to Capture One a couple years ago and like it - used Lightroom Classic for many years before that, and think I've tried most DAMs over the years.
> These “primitives”—simple, foundational measures of how Claude is used, which we generate by asking Claude specific questions about anonymized Claude.ai and first-party (1P) API transcripts
I just skimmed but is there any manual verification / human statistical analysis done on this or we just taking Claude’s word for it?
A lot of meat cutting (and packaging) robotics and dairy automation are the flashy ones. Softer tech like crop, orchard management and cultivar creation as well as stock breeding/selection or logistics all of which came a long way. The development of uses for byproducts i.e. chemical refineries to change milk into something like protein or milk powder and use the secondary products from those processes to produce alcohols or fertilizer.
I read that recently and meant to look up the reality of that cycle. I mostly pay attention to ENSO but looking it up now I see there is a 15-30 year PDO cycle.
I find the political discussions on here interesting and generally of decent+ caliber. Plus so much of what’s happening is tech related / enabled.
There’s 30 posts on the front page. If someone doesn’t care about politics why can’t they just ignore that 1 post instead of flagging it into oblivion?
I agree that HN tends to have better discussion, but I'd argue it tends to have better discussion precisely because it's not the norm, so there's input from the type of people that loathe the current state of Reddit on the matter, and also the type of people that do like yapping about it 24/7 are absent from it.
They can give you a few numbers without sharing the detailed cap table. Will they though? :p You could try to get around it by asking the last 409A valuation.
Regular people don't need a "secure network". Phones and computers are, by default, secure against malicious networks.
Just don't run code you download from the internet or put your passwords to important accounts into cheap devices and you'll be fine. Normally people don't the the former, but sometimes do the latter.
edit: To be clear: the bitterness in this comment comes from how many developers assume loopback is secure. However, most website are allowed to send requests to local ports on your computer (IIRC) so that assumption is basically completely false. This is forgivable, except in a world where every developer runs tons of extensions/scripts/open-source apps, and have next-to-zero blast-radius-reduction methods, it makes me sad.
Regular people download shit all the time though? Especially now with GPT, everyone is a programmer pasting code into command line. And how many people have IoT devices that they have to connect to WiFi? That’s total blind trust.
Every time I ask this question nobody is able to give me a solid answer :/
Based on the :/ emoticon, I now understand that you were asking this question for yourself. In that case, I will express anger at the article. I believe that it was vague and leaned into fear mongering. This explains the vagueness of your question (emphasis mind):
> I know this may seem trivial for many here but how can regular people easily check and debug their network for stuff like this?
"Stuff like this" is very vague.
- If there is a device on your network that is occasionally sending requests to the internet, then it generally isn't hurting you. That's why security is weak here, because the person buying the device is not harmed.
- If you're worried about the device sniffing your local network, then "normal people" are typically safe. Computers that you use are typically safe from malicious devices on the network, and you're in no more danger than working at a coffee shop, hotel, or university network.
- If you're knowledgeable enough to be a danger to yourself, and need the local network to be safe to protect yourself, then there is definitely a longer conversation to be had.
Responding point by point (before I realized that you were asking for yourself, and not the average person):
> Regular people download shit all the time though?
This is fair, though on macOS, most people download apps from the App Store (macOS makes it difficult to run apps downloaded from the internet and not signed by a registered developer).
> Especially now with GPT, everyone is a programmer pasting code into command line.
I am trying to reference a group of "regular people" who definitely do not fit this description---something like "the average citizen in the developed world". My parents definitely are not writing code with AI and pasting it into the command line. Although this was not crystal clear in this comment chain.
> And how many people have IoT devices that they have to connect to WiFi? That’s total blind trust.
My point was these devices do not endanger things that regular people care about. Their computers are still just as secure as when they visit a coffee shop or connect to their university wifi.
> Every time I ask this question nobody is able to give me a solid answer :/
Sure they can send requests but they can't receive them unless you've got misconfigured CORS. I guess there's DNS rebinding but like, idk, attack surface seems pretty small. This sort of stuff isn't really worth worrying about unless you're an idiot or likely to be the victim of a targeted attack. I happily run code off the internet all the time and it seems fine. If there's one thing that really seems like a mind virus it's the paranoia all security people get, I can't imagine living life like that. I'm ok getting pwned every few decades if the tradeoff is never worrying about this shit.
Maybe I've just gotten lucky?
(i will say putting a device not running open source software/firmware or something very locked down like a phone on your LAN is insanity, i could never)
When you run VS Code, it spins up a local language server that is capable of making code changes. That is how refactoring python works in many editors (including VS Code).
A website that you're browsing could potentially send requests to this server asking for code to be inserted that fully compromises your device. What keeps us safe?
- maybe the website is only allowed to send GET requests, not PUT requests, and maybe the language servers that you're using are all "hardened" so that they will never permit mutations via any get requests, and never have a misconfigured CORS header
- the website has to guess the correct port and the correct language server with a known vulnerability
- any website doing this on a large scale would likely get the language server patched and the website on a block list
- there might be other safeguards that I'm not familiar with. For example, I believe that Chrome disallows this by default
So now, here's my frustration: these two statements seem hugely at odds with each other:
> I'm ok getting pwned every few decades if the tradeoff is never worrying about this shit.
> (i will say putting a device not running open source software/firmware or something very locked down like a phone on your LAN is insanity, i could never)
I'm ok with a person who makes either statement. I'm also ok with a person who makes the first statement, and also wants their LAN locked down. However, I do not feel as though the a LAN ever needs to be locked down unless a person in running a server on the LAN network. Personal devices (like laptops and phones) are plenty capable of resisting malicious networks by default (coffee shops, university wifi, etc). What else is on a LAN?
> mind virus it's the paranoia all security people get
I generally agree with you, but I feel as though I am the one who has accepted that personal laptops need to handle malicious networks, and I'm generally comfortable with that. I don't worry too much about putting IoT devices on the same network as my personal laptop, nor about connecting to coffee shop wifis.
reply