Stone tablet shows Babylonians able to approximate √2 with 99.9999% accuracy
445 by picture | 158 comments on
New best story on Hacker News: It's easier and faster to pirate an e-book, than it is to buy it
It's easier and faster to pirate an e-book, than it is to buy it
572 by leoff | 464 comments on
The end of the year is coming, and I have some funds left from my company learning budget. I wanted to give it back to some of the authors that still help me in my developer journey, by buying some of their work online and hopefully contributing to their income, but the following happened: 1. I went to Amazon, since I have a kindle and didn't want to buy physical books. Amazon doesn't have a shopping card for kindle books, so I started buying them one by one. My company uses Spendesk for managing funds, so for each of the purchase I created a new virtual card and bought them. After a few minutes my Amazon account is blocked for suspicious activity, and ALL my kindle library is wiped, and the funds are returned to my company. 2. Not wanting to give up, I go to a different online store, Thalia, to buy the books again. After buying them, I download the files, which are in an .acsm format, and can only be opened on the Adobe Digital Editions (ADE) software. Once opened, an .epub file is downloaded, and even though I can't transfer the files to my kindle on ADE, I download Calibre to transfer them. Once I try opening them on Calibre, I get an error message saying the files are protected by DRM. Funnily enough, it's possible to remove this DRM protection, but it's also not something completely legal, and makes me question why did I decide to legally buy the e-books in the first place. After spending hours trying to buy e-books, having my Amazon account blocked, and downloading files that can't be transferred to my Kindle, the only conclusion I come to, is that I'm never buying e-books again.
572 by leoff | 464 comments on
The end of the year is coming, and I have some funds left from my company learning budget. I wanted to give it back to some of the authors that still help me in my developer journey, by buying some of their work online and hopefully contributing to their income, but the following happened: 1. I went to Amazon, since I have a kindle and didn't want to buy physical books. Amazon doesn't have a shopping card for kindle books, so I started buying them one by one. My company uses Spendesk for managing funds, so for each of the purchase I created a new virtual card and bought them. After a few minutes my Amazon account is blocked for suspicious activity, and ALL my kindle library is wiped, and the funds are returned to my company. 2. Not wanting to give up, I go to a different online store, Thalia, to buy the books again. After buying them, I download the files, which are in an .acsm format, and can only be opened on the Adobe Digital Editions (ADE) software. Once opened, an .epub file is downloaded, and even though I can't transfer the files to my kindle on ADE, I download Calibre to transfer them. Once I try opening them on Calibre, I get an error message saying the files are protected by DRM. Funnily enough, it's possible to remove this DRM protection, but it's also not something completely legal, and makes me question why did I decide to legally buy the e-books in the first place. After spending hours trying to buy e-books, having my Amazon account blocked, and downloading files that can't be transferred to my Kindle, the only conclusion I come to, is that I'm never buying e-books again.
New best story on News: It's easier and faster to pirate an e-book, than it is to buy it
It's easier and faster to pirate an e-book, than it is to buy it
572 by leoff | 464 comments .
The end of the year is coming, and I have some funds left from my company learning budget. I wanted to give it back to some of the authors that still help me in my developer journey, by buying some of their work online and hopefully contributing to their income, but the following happened: 1. I went to Amazon, since I have a kindle and didn't want to buy physical books. Amazon doesn't have a shopping card for kindle books, so I started buying them one by one. My company uses Spendesk for managing funds, so for each of the purchase I created a new virtual card and bought them. After a few minutes my Amazon account is blocked for suspicious activity, and ALL my kindle library is wiped, and the funds are returned to my company. 2. Not wanting to give up, I go to a different online store, Thalia, to buy the books again. After buying them, I download the files, which are in an .acsm format, and can only be opened on the Adobe Digital Editions (ADE) software. Once opened, an .epub file is downloaded, and even though I can't transfer the files to my kindle on ADE, I download Calibre to transfer them. Once I try opening them on Calibre, I get an error message saying the files are protected by DRM. Funnily enough, it's possible to remove this DRM protection, but it's also not something completely legal, and makes me question why did I decide to legally buy the e-books in the first place. After spending hours trying to buy e-books, having my Amazon account blocked, and downloading files that can't be transferred to my Kindle, the only conclusion I come to, is that I'm never buying e-books again.
572 by leoff | 464 comments .
The end of the year is coming, and I have some funds left from my company learning budget. I wanted to give it back to some of the authors that still help me in my developer journey, by buying some of their work online and hopefully contributing to their income, but the following happened: 1. I went to Amazon, since I have a kindle and didn't want to buy physical books. Amazon doesn't have a shopping card for kindle books, so I started buying them one by one. My company uses Spendesk for managing funds, so for each of the purchase I created a new virtual card and bought them. After a few minutes my Amazon account is blocked for suspicious activity, and ALL my kindle library is wiped, and the funds are returned to my company. 2. Not wanting to give up, I go to a different online store, Thalia, to buy the books again. After buying them, I download the files, which are in an .acsm format, and can only be opened on the Adobe Digital Editions (ADE) software. Once opened, an .epub file is downloaded, and even though I can't transfer the files to my kindle on ADE, I download Calibre to transfer them. Once I try opening them on Calibre, I get an error message saying the files are protected by DRM. Funnily enough, it's possible to remove this DRM protection, but it's also not something completely legal, and makes me question why did I decide to legally buy the e-books in the first place. After spending hours trying to buy e-books, having my Amazon account blocked, and downloading files that can't be transferred to my Kindle, the only conclusion I come to, is that I'm never buying e-books again.
New best story on News: Tell HN: Merry Christmas and Happy New Year
Tell HN: Merry Christmas and Happy New Year
530 by graderjs | 109 comments on News.
Hope your 2023’s great. I’m sorry for all of you that were laid off or affected by the virus or lockdowns. Next year will be better! Keep the faith!
530 by graderjs | 109 comments on News.
Hope your 2023’s great. I’m sorry for all of you that were laid off or affected by the virus or lockdowns. Next year will be better! Keep the faith!
New best story on Hacker News: Tell HN: Merry Christmas and Happy New Year
Tell HN: Merry Christmas and Happy New Year
530 by graderjs | 109 comments on
Hope your 2023’s great. I’m sorry for all of you that were laid off or affected by the virus or lockdowns. Next year will be better! Keep the faith!
530 by graderjs | 109 comments on
Hope your 2023’s great. I’m sorry for all of you that were laid off or affected by the virus or lockdowns. Next year will be better! Keep the faith!
New best story on News: Tell HN: Merry Christmas and Happy New Year
Tell HN: Merry Christmas and Happy New Year
530 by graderjs | 109 comments .
Hope your 2023’s great. I’m sorry for all of you that were laid off or affected by the virus or lockdowns. Next year will be better! Keep the faith!
530 by graderjs | 109 comments .
Hope your 2023’s great. I’m sorry for all of you that were laid off or affected by the virus or lockdowns. Next year will be better! Keep the faith!
New best story on News: I am done. I give up
I am done. I give up
708 by wakana | 417 comments .
I'm writing this post because I'm done. I can't do this anymore. After three failed attempts at building a successful startup and spending time institutionalized, I'm giving up on my entrepreneurship dreams. I tried everything - building an audience, making sure my product actually solved a problem, getting paying customers, and writing high-quality content and contributing to the community. But no matter what I did, I couldn't seem to get anywhere. My efforts were fruitless and I'm tired of trying. I barely had 20 followers, my substack and product blogs didn't get any signups, and while I did get a few upvotes (8) on Product Hunt once, I never had a paid customer. It was as if the world was against me and no matter how hard I tried, I couldn't make any progress. I remember trying to interact and hype up my fellow indiehackers on Twitter, regularly engaging with their content, but no one ever paid any attention to me or followed me back. It was like I didn't even exist in the world of entrepreneurship. And even when I did get some attention, it was short-lived and never led to anything substantial. But it's not just the lack of success that's getting me down. It's also the constant stream of digital nomad influencers on Twitter who sell extremely distorted, rosy, and often times false dreams to indie entrepreneurs like myself. They make it seem like building a successful startup is easy and anyone can do it with the right mindset and a few key tips. But the reality is that it's not that simple. It's fucking hard and it takes more than just a positive attitude to make it. I know I'm not alone in feeling this way. There are so many other indie entrepreneurs out there who are struggling and feeling like they'll never make it. If you're one of them, I want you to know that you're not alone. It's okay to feel defeated and to want to give up. But please don't give up. Keep pushing forward and don't let the failures define you. There's always a chance for success, no matter how small it may seem. But for me, I can't take it anymore. I've hit rock bottom and I have nothing left to give. To all the indie hackers, hacker news, and Reddit readers out there, please don't be fooled by the false promises of digital nomad influencers. Building a startup is hard work and it takes time. It's not as easy as they make it seem and it's not for everyone. Don't let your dreams consume you like they did for me, and PLEASE PLEASE PLEASE PROTECT YOUR MENTAL HEALTH AT ALL COST! Don't make the same mistakes I did and realize that entrepreneurship may not be the path for you. It's okay to admit defeat and move on to something else.
708 by wakana | 417 comments .
I'm writing this post because I'm done. I can't do this anymore. After three failed attempts at building a successful startup and spending time institutionalized, I'm giving up on my entrepreneurship dreams. I tried everything - building an audience, making sure my product actually solved a problem, getting paying customers, and writing high-quality content and contributing to the community. But no matter what I did, I couldn't seem to get anywhere. My efforts were fruitless and I'm tired of trying. I barely had 20 followers, my substack and product blogs didn't get any signups, and while I did get a few upvotes (8) on Product Hunt once, I never had a paid customer. It was as if the world was against me and no matter how hard I tried, I couldn't make any progress. I remember trying to interact and hype up my fellow indiehackers on Twitter, regularly engaging with their content, but no one ever paid any attention to me or followed me back. It was like I didn't even exist in the world of entrepreneurship. And even when I did get some attention, it was short-lived and never led to anything substantial. But it's not just the lack of success that's getting me down. It's also the constant stream of digital nomad influencers on Twitter who sell extremely distorted, rosy, and often times false dreams to indie entrepreneurs like myself. They make it seem like building a successful startup is easy and anyone can do it with the right mindset and a few key tips. But the reality is that it's not that simple. It's fucking hard and it takes more than just a positive attitude to make it. I know I'm not alone in feeling this way. There are so many other indie entrepreneurs out there who are struggling and feeling like they'll never make it. If you're one of them, I want you to know that you're not alone. It's okay to feel defeated and to want to give up. But please don't give up. Keep pushing forward and don't let the failures define you. There's always a chance for success, no matter how small it may seem. But for me, I can't take it anymore. I've hit rock bottom and I have nothing left to give. To all the indie hackers, hacker news, and Reddit readers out there, please don't be fooled by the false promises of digital nomad influencers. Building a startup is hard work and it takes time. It's not as easy as they make it seem and it's not for everyone. Don't let your dreams consume you like they did for me, and PLEASE PLEASE PLEASE PROTECT YOUR MENTAL HEALTH AT ALL COST! Don't make the same mistakes I did and realize that entrepreneurship may not be the path for you. It's okay to admit defeat and move on to something else.
New best story on News: Ask HN: Anyone tired of everything being a subscription now?
Ask HN: Anyone tired of everything being a subscription now?
603 by CM30 | 425 comments on News.
Not newspapers or media services (though those can be annoying too), but products in general? It feels like it's getting harder and harder to just buy something in the tech world, especially when it comes to running programs on my home computer. Want a password manager? It's a SaaS now. Note taking app? SaaS. Image editor or office suite? SaaS (thanks Adobe...) This is especially annoying given I generally refuse to rent anything in life, and will go out of my way to buy something upfront simply so there's no risk of losing it if finances get worse in future (or the wrong billionaire buys the company). Yet it seems like it's getting harder to do so, especially when open source products don't exist for that domain. So yeah, why is that? And is anyone else tired of the constant barrage of subscriptions for things that should be one off purchases?
603 by CM30 | 425 comments on News.
Not newspapers or media services (though those can be annoying too), but products in general? It feels like it's getting harder and harder to just buy something in the tech world, especially when it comes to running programs on my home computer. Want a password manager? It's a SaaS now. Note taking app? SaaS. Image editor or office suite? SaaS (thanks Adobe...) This is especially annoying given I generally refuse to rent anything in life, and will go out of my way to buy something upfront simply so there's no risk of losing it if finances get worse in future (or the wrong billionaire buys the company). Yet it seems like it's getting harder to do so, especially when open source products don't exist for that domain. So yeah, why is that? And is anyone else tired of the constant barrage of subscriptions for things that should be one off purchases?
New best story on Hacker News: Ask HN: Anyone tired of everything being a subscription now?
Ask HN: Anyone tired of everything being a subscription now?
603 by CM30 | 425 comments on
Not newspapers or media services (though those can be annoying too), but products in general? It feels like it's getting harder and harder to just buy something in the tech world, especially when it comes to running programs on my home computer. Want a password manager? It's a SaaS now. Note taking app? SaaS. Image editor or office suite? SaaS (thanks Adobe...) This is especially annoying given I generally refuse to rent anything in life, and will go out of my way to buy something upfront simply so there's no risk of losing it if finances get worse in future (or the wrong billionaire buys the company). Yet it seems like it's getting harder to do so, especially when open source products don't exist for that domain. So yeah, why is that? And is anyone else tired of the constant barrage of subscriptions for things that should be one off purchases?
603 by CM30 | 425 comments on
Not newspapers or media services (though those can be annoying too), but products in general? It feels like it's getting harder and harder to just buy something in the tech world, especially when it comes to running programs on my home computer. Want a password manager? It's a SaaS now. Note taking app? SaaS. Image editor or office suite? SaaS (thanks Adobe...) This is especially annoying given I generally refuse to rent anything in life, and will go out of my way to buy something upfront simply so there's no risk of losing it if finances get worse in future (or the wrong billionaire buys the company). Yet it seems like it's getting harder to do so, especially when open source products don't exist for that domain. So yeah, why is that? And is anyone else tired of the constant barrage of subscriptions for things that should be one off purchases?
New best story on News: Ask HN: Anyone tired of everything being a subscription now?
Ask HN: Anyone tired of everything being a subscription now?
596 by CM30 | 418 comments .
Not newspapers or media services (though those can be annoying too), but products in general? It feels like it's getting harder and harder to just buy something in the tech world, especially when it comes to running programs on my home computer. Want a password manager? It's a SaaS now. Note taking app? SaaS. Image editor or office suite? SaaS (thanks Adobe...) This is especially annoying given I generally refuse to rent anything in life, and will go out of my way to buy something upfront simply so there's no risk of losing it if finances get worse in future (or the wrong billionaire buys the company). Yet it seems like it's getting harder to do so, especially when open source products don't exist for that domain. So yeah, why is that? And is anyone else tired of the constant barrage of subscriptions for things that should be one off purchases?
596 by CM30 | 418 comments .
Not newspapers or media services (though those can be annoying too), but products in general? It feels like it's getting harder and harder to just buy something in the tech world, especially when it comes to running programs on my home computer. Want a password manager? It's a SaaS now. Note taking app? SaaS. Image editor or office suite? SaaS (thanks Adobe...) This is especially annoying given I generally refuse to rent anything in life, and will go out of my way to buy something upfront simply so there's no risk of losing it if finances get worse in future (or the wrong billionaire buys the company). Yet it seems like it's getting harder to do so, especially when open source products don't exist for that domain. So yeah, why is that? And is anyone else tired of the constant barrage of subscriptions for things that should be one off purchases?
New best story on Hacker News: Ask HN: Developer abused “sign in with GitHub” and users are being punished
Ask HN: Developer abused “sign in with GitHub” and users are being punished
581 by 2Gkashmiri | 313 comments on
The offending website "nopecha.com", which unfortunately i found about a week ago on HN itself appeared to be another captcha service but one that was offering "1 Sec" solve speed for text captchas. i was interested and by the looks of it, a lot of people. their webisite only had "sign in with google" so i didnt bother. The day before i check the website out of boredom and saw "sign in with github". i logged in, clicked through a bunch of pages because its the same drill everytime. i found out that i had "automatically starred their repos". by the looks of it, around 500 "stars", the last i saw. suddenly i am unable to log in to my github and the page just says "account suspended." contacted their support and the last response i got from them was "your ban should stay as you engaged in improper behavior of stars farming" or some other BS. Here is my problem. I am not a part of nopecha. I just used their website once using "sign in with github" button. That is the extent of my involvement. How can github allow the developer to use "sign in with" button to create a situation that they could LATER consider abusive but then go ahead and ban all the victims also? i did not voluntarily want to join their abusive practice, i just wanted a log into the website. (There was no explicit mention of the stars farming practice on the website) Why is github allowing the developer to abuse their Oath in the first place? If this is going to be a norm going forward, i do not see any hope of "sign in with" buttons for any service because then you could be banned from one service and suddenly everything connected to your account is also banned. I honestly expect the "sign in with x" button to provide a frictionless access to a website, thats it. how could the developer abuse that process and the website, instead of acting on the developer alone, are causing trouble to unsuspecting victims? edit: to add a bit more context, here is the first reply i got from github on my support request "Your account has restrictions imposed because it appears to have been used for the purpose of artificially inflating the popularity of GitHub accounts or repositories. This activity isn't in keeping with our Terms of Service. We'll need to leave the restrictions in place." I knowingly or unknowingly accepted to allow the app to access my stars action or whatever. i did not engage in this practice myself, their automated system did. i even had "forkhub" android app and i did see "stars" and i remember unstarring 4/5 of their repos myself so its not like i did not try to undo their actions. the problem here is. 1. if github is allowing developers to include their permissions alongwith the SSO workflow 2. github is allowing apps write action to stars from the users accounts which can be legitimate or not. 3. user is not responsible for automated actions taken without their consent or even if consent was there, user is not aware of the "actual scope" meaning app could say "you allow us stars access" but not "you allow us stars access with the knowledge that such permission can be a banable offense, you are warned" 4. unless the user is a sockpuppet account created for the sole purpose (by checking age/activity of user), is it reasonable to throw the banhammer so quickly on everyone involved? 5. why did github not ban the original dev, stop the users from starring for a "cooling period" or "undid their stars" ? why was a ban necessary?
581 by 2Gkashmiri | 313 comments on
The offending website "nopecha.com", which unfortunately i found about a week ago on HN itself appeared to be another captcha service but one that was offering "1 Sec" solve speed for text captchas. i was interested and by the looks of it, a lot of people. their webisite only had "sign in with google" so i didnt bother. The day before i check the website out of boredom and saw "sign in with github". i logged in, clicked through a bunch of pages because its the same drill everytime. i found out that i had "automatically starred their repos". by the looks of it, around 500 "stars", the last i saw. suddenly i am unable to log in to my github and the page just says "account suspended." contacted their support and the last response i got from them was "your ban should stay as you engaged in improper behavior of stars farming" or some other BS. Here is my problem. I am not a part of nopecha. I just used their website once using "sign in with github" button. That is the extent of my involvement. How can github allow the developer to use "sign in with" button to create a situation that they could LATER consider abusive but then go ahead and ban all the victims also? i did not voluntarily want to join their abusive practice, i just wanted a log into the website. (There was no explicit mention of the stars farming practice on the website) Why is github allowing the developer to abuse their Oath in the first place? If this is going to be a norm going forward, i do not see any hope of "sign in with" buttons for any service because then you could be banned from one service and suddenly everything connected to your account is also banned. I honestly expect the "sign in with x" button to provide a frictionless access to a website, thats it. how could the developer abuse that process and the website, instead of acting on the developer alone, are causing trouble to unsuspecting victims? edit: to add a bit more context, here is the first reply i got from github on my support request "Your account has restrictions imposed because it appears to have been used for the purpose of artificially inflating the popularity of GitHub accounts or repositories. This activity isn't in keeping with our Terms of Service. We'll need to leave the restrictions in place." I knowingly or unknowingly accepted to allow the app to access my stars action or whatever. i did not engage in this practice myself, their automated system did. i even had "forkhub" android app and i did see "stars" and i remember unstarring 4/5 of their repos myself so its not like i did not try to undo their actions. the problem here is. 1. if github is allowing developers to include their permissions alongwith the SSO workflow 2. github is allowing apps write action to stars from the users accounts which can be legitimate or not. 3. user is not responsible for automated actions taken without their consent or even if consent was there, user is not aware of the "actual scope" meaning app could say "you allow us stars access" but not "you allow us stars access with the knowledge that such permission can be a banable offense, you are warned" 4. unless the user is a sockpuppet account created for the sole purpose (by checking age/activity of user), is it reasonable to throw the banhammer so quickly on everyone involved? 5. why did github not ban the original dev, stop the users from starring for a "cooling period" or "undid their stars" ? why was a ban necessary?
New best story on News: Ask HN: Developer abused “sign in with GitHub” and users are being punished
Ask HN: Developer abused “sign in with GitHub” and users are being punished
572 by 2Gkashmiri | 308 comments .
The offending website "nopecha.com", which unfortunately i found about a week ago on HN itself appeared to be another captcha service but one that was offering "1 Sec" solve speed for text captchas. i was interested and by the looks of it, a lot of people. their webisite only had "sign in with google" so i didnt bother. The day before i check the website out of boredom and saw "sign in with github". i logged in, clicked through a bunch of pages because its the same drill everytime. i found out that i had "automatically starred their repos". by the looks of it, around 500 "stars", the last i saw. suddenly i am unable to log in to my github and the page just says "account suspended." contacted their support and the last response i got from them was "your ban should stay as you engaged in improper behavior of stars farming" or some other BS. Here is my problem. I am not a part of nopecha. I just used their website once using "sign in with github" button. That is the extent of my involvement. How can github allow the developer to use "sign in with" button to create a situation that they could LATER consider abusive but then go ahead and ban all the victims also? i did not voluntarily want to join their abusive practice, i just wanted a log into the website. (There was no explicit mention of the stars farming practice on the website) Why is github allowing the developer to abuse their Oath in the first place? If this is going to be a norm going forward, i do not see any hope of "sign in with" buttons for any service because then you could be banned from one service and suddenly everything connected to your account is also banned. I honestly expect the "sign in with x" button to provide a frictionless access to a website, thats it. how could the developer abuse that process and the website, instead of acting on the developer alone, are causing trouble to unsuspecting victims? edit: to add a bit more context, here is the first reply i got from github on my support request "Your account has restrictions imposed because it appears to have been used for the purpose of artificially inflating the popularity of GitHub accounts or repositories. This activity isn't in keeping with our Terms of Service. We'll need to leave the restrictions in place." I knowingly or unknowingly accepted to allow the app to access my stars action or whatever. i did not engage in this practice myself, their automated system did. i even had "forkhub" android app and i did see "stars" and i remember unstarring 4/5 of their repos myself so its not like i did not try to undo their actions. the problem here is. 1. if github is allowing developers to include their permissions alongwith the SSO workflow 2. github is allowing apps write action to stars from the users accounts which can be legitimate or not. 3. user is not responsible for automated actions taken without their consent or even if consent was there, user is not aware of the "actual scope" meaning app could say "you allow us stars access" but not "you allow us stars access with the knowledge that such permission can be a banable offense, you are warned" 4. unless the user is a sockpuppet account created for the sole purpose (by checking age/activity of user), is it reasonable to throw the banhammer so quickly on everyone involved? 5. why did github not ban the original dev, stop the users from starring for a "cooling period" or "undid their stars" ? why was a ban necessary?
572 by 2Gkashmiri | 308 comments .
The offending website "nopecha.com", which unfortunately i found about a week ago on HN itself appeared to be another captcha service but one that was offering "1 Sec" solve speed for text captchas. i was interested and by the looks of it, a lot of people. their webisite only had "sign in with google" so i didnt bother. The day before i check the website out of boredom and saw "sign in with github". i logged in, clicked through a bunch of pages because its the same drill everytime. i found out that i had "automatically starred their repos". by the looks of it, around 500 "stars", the last i saw. suddenly i am unable to log in to my github and the page just says "account suspended." contacted their support and the last response i got from them was "your ban should stay as you engaged in improper behavior of stars farming" or some other BS. Here is my problem. I am not a part of nopecha. I just used their website once using "sign in with github" button. That is the extent of my involvement. How can github allow the developer to use "sign in with" button to create a situation that they could LATER consider abusive but then go ahead and ban all the victims also? i did not voluntarily want to join their abusive practice, i just wanted a log into the website. (There was no explicit mention of the stars farming practice on the website) Why is github allowing the developer to abuse their Oath in the first place? If this is going to be a norm going forward, i do not see any hope of "sign in with" buttons for any service because then you could be banned from one service and suddenly everything connected to your account is also banned. I honestly expect the "sign in with x" button to provide a frictionless access to a website, thats it. how could the developer abuse that process and the website, instead of acting on the developer alone, are causing trouble to unsuspecting victims? edit: to add a bit more context, here is the first reply i got from github on my support request "Your account has restrictions imposed because it appears to have been used for the purpose of artificially inflating the popularity of GitHub accounts or repositories. This activity isn't in keeping with our Terms of Service. We'll need to leave the restrictions in place." I knowingly or unknowingly accepted to allow the app to access my stars action or whatever. i did not engage in this practice myself, their automated system did. i even had "forkhub" android app and i did see "stars" and i remember unstarring 4/5 of their repos myself so its not like i did not try to undo their actions. the problem here is. 1. if github is allowing developers to include their permissions alongwith the SSO workflow 2. github is allowing apps write action to stars from the users accounts which can be legitimate or not. 3. user is not responsible for automated actions taken without their consent or even if consent was there, user is not aware of the "actual scope" meaning app could say "you allow us stars access" but not "you allow us stars access with the knowledge that such permission can be a banable offense, you are warned" 4. unless the user is a sockpuppet account created for the sole purpose (by checking age/activity of user), is it reasonable to throw the banhammer so quickly on everyone involved? 5. why did github not ban the original dev, stop the users from starring for a "cooling period" or "undid their stars" ? why was a ban necessary?
New best story on News: Tell HN: IPv6-only still pretty much unusable
Tell HN: IPv6-only still pretty much unusable
628 by 9dev | 540 comments on News.
Our Hosting provider, Hetzner, has recently started charging for public IPv4 addresses - as they should! Those numbers started getting expensive. This prompted me to try and set up a new server cluster using IPv6 exclusively, and see how far I could get before having to give in and purchase an additional v4 address. The experiment ended much sooner than I had anticipated. Some of the road blocks I hit along the way: - The GitHub API and its code load endpoints are not reachable via IPv6, making it impossible to download release artefacts from many projects, lots of which distribute their software via GitHub exclusively (Prometheus for instance). - The default Ubuntu key servers aren't reachable via IPv6, making it difficult to install packages from third-party registries, such as Docker or Grafana. While debugging, I noticed huge swaths of the GPG infrastructure are defunct: There aren't many key servers left at all, and the only one I found actually working via IPv6 was pgpkeys.eu. - BitBucket cannot deploy to IPv6 hosts, as pipelines don't support IPv6 at all. You can self-host a pipeline runner and connect to it via v6, BUT it needs to have a dual stack - otherwise the runner won't start. - Hetzner itself doesn't even provide their own API via IPv6 (which we talk to for in-cluster service discovery. Oh, the irony. It seems IPv6 is still not viable, more than a decade after launch. Do you use it in production? If so, how? What issues did you hit?
628 by 9dev | 540 comments on News.
Our Hosting provider, Hetzner, has recently started charging for public IPv4 addresses - as they should! Those numbers started getting expensive. This prompted me to try and set up a new server cluster using IPv6 exclusively, and see how far I could get before having to give in and purchase an additional v4 address. The experiment ended much sooner than I had anticipated. Some of the road blocks I hit along the way: - The GitHub API and its code load endpoints are not reachable via IPv6, making it impossible to download release artefacts from many projects, lots of which distribute their software via GitHub exclusively (Prometheus for instance). - The default Ubuntu key servers aren't reachable via IPv6, making it difficult to install packages from third-party registries, such as Docker or Grafana. While debugging, I noticed huge swaths of the GPG infrastructure are defunct: There aren't many key servers left at all, and the only one I found actually working via IPv6 was pgpkeys.eu. - BitBucket cannot deploy to IPv6 hosts, as pipelines don't support IPv6 at all. You can self-host a pipeline runner and connect to it via v6, BUT it needs to have a dual stack - otherwise the runner won't start. - Hetzner itself doesn't even provide their own API via IPv6 (which we talk to for in-cluster service discovery. Oh, the irony. It seems IPv6 is still not viable, more than a decade after launch. Do you use it in production? If so, how? What issues did you hit?
New best story on Hacker News: Tell HN: IPv6-only still pretty much unusable
Tell HN: IPv6-only still pretty much unusable
628 by 9dev | 540 comments on
Our Hosting provider, Hetzner, has recently started charging for public IPv4 addresses - as they should! Those numbers started getting expensive. This prompted me to try and set up a new server cluster using IPv6 exclusively, and see how far I could get before having to give in and purchase an additional v4 address. The experiment ended much sooner than I had anticipated. Some of the road blocks I hit along the way: - The GitHub API and its code load endpoints are not reachable via IPv6, making it impossible to download release artefacts from many projects, lots of which distribute their software via GitHub exclusively (Prometheus for instance). - The default Ubuntu key servers aren't reachable via IPv6, making it difficult to install packages from third-party registries, such as Docker or Grafana. While debugging, I noticed huge swaths of the GPG infrastructure are defunct: There aren't many key servers left at all, and the only one I found actually working via IPv6 was pgpkeys.eu. - BitBucket cannot deploy to IPv6 hosts, as pipelines don't support IPv6 at all. You can self-host a pipeline runner and connect to it via v6, BUT it needs to have a dual stack - otherwise the runner won't start. - Hetzner itself doesn't even provide their own API via IPv6 (which we talk to for in-cluster service discovery. Oh, the irony. It seems IPv6 is still not viable, more than a decade after launch. Do you use it in production? If so, how? What issues did you hit?
628 by 9dev | 540 comments on
Our Hosting provider, Hetzner, has recently started charging for public IPv4 addresses - as they should! Those numbers started getting expensive. This prompted me to try and set up a new server cluster using IPv6 exclusively, and see how far I could get before having to give in and purchase an additional v4 address. The experiment ended much sooner than I had anticipated. Some of the road blocks I hit along the way: - The GitHub API and its code load endpoints are not reachable via IPv6, making it impossible to download release artefacts from many projects, lots of which distribute their software via GitHub exclusively (Prometheus for instance). - The default Ubuntu key servers aren't reachable via IPv6, making it difficult to install packages from third-party registries, such as Docker or Grafana. While debugging, I noticed huge swaths of the GPG infrastructure are defunct: There aren't many key servers left at all, and the only one I found actually working via IPv6 was pgpkeys.eu. - BitBucket cannot deploy to IPv6 hosts, as pipelines don't support IPv6 at all. You can self-host a pipeline runner and connect to it via v6, BUT it needs to have a dual stack - otherwise the runner won't start. - Hetzner itself doesn't even provide their own API via IPv6 (which we talk to for in-cluster service discovery. Oh, the irony. It seems IPv6 is still not viable, more than a decade after launch. Do you use it in production? If so, how? What issues did you hit?
Subscribe to:
Posts (Atom)