I got "radicalized" about these filter measures at my last job, where we operated a popular public-facing website, and we apparently adopted some third-party solution to reject otherwise valid logins based on some heuristics, with an intentionally vague "try again later"-style error message. Throughout a few months, I noticed a steady trickle of coworkers talking on the internal chat about being unable to log into the site citing that exact error, with varying degrees of urgency (eg. for myself, I noticed I couldn't log in using a private browsing window, but didn't worry too much because my long-lived session cookies were still fine). I like to think all of them were eventually pointed in the direction of the team working on the integration so that these false positives could be worked around, but definitely not everybody initially realized what was happening to them.
If even people within the same company fell victim to these filters, what chance would the wider public have? On the other side of my tenuous work/life balance, multiple friends that were long-time users of our product were also getting locked out of the site, and of course they had no means of understanding that they were false positives of a fraud detection heuristic, much less of getting individualized support. I know those people and that they were genuine good-faith users, but naturally, while I could pass on word of their struggle, I couldn't offer any actual help since that would disclose details about those heuristics that we were apparently paying good money for and wouldn't want the public to know anything about. I also saw social media discussions where other affected users were helplessly telling each other to try different browsers or reinstall Windows.
Of course, I understand the need to combat abuse of services (and I applaud this employer for many other measures taken in that effort), but it definitely did a number on my loyalty to the company and excitement to be part of the industry to realize that my friends and I would be readily sacrificed if push came to shove.
Do your OS and screen both support HDR and have it enabled? It works by default on my mbp m2's screen, but not its external monitor or on my windows desktop/laptop.
When admitting fault with your a PR hat on after pissing off a decent(?) number of your paying customers, you're supposed to fully fall on your own sword, not assign blame to factors outside of your control.
Instead of saying "race condition that appears on very slow internet connections", you might say "race condition caused by real-world network latencies that our in-office testing didn't reveal" or some shit.
> I'm honestly befuddled why anyone would downvote this.
I think there's two parts to this. First, there's a bit of a history of people making disingenious jabs at Rust for not having an "ISO C++" style spec. Typically people would try to suggest that Rust can't be ready for production or shouldn't receive support in other ecosystems without being certified by some manner of international committee. Second, Rust by now has an extensive tradition of people discussing memory safety invariants, what soundness means, formal models of what is a valid memory access, desirable optimizations, etc, etc, so your question what undefined behavior means could be taken to be, like, polemically reductive or dismissive.
In context I don't think it's what you're doing, but I would also not be surprised if a lot of people reading Rust-related HN discussions are just super tired of anything that even slightly looks like an effort to re-litigate undefined behavior from first principles, because it tends to derail more specific discussions.
> Second, Rust by now has an extensive tradition of people discussing memory safety invariants, what soundness means, formal models of what is a valid memory access
Rust is still lacking a definitive formal model of "soundness" in unsafe code. I'm not sure why you're suggesting that this is not a valid criticism or remark, it's just a fact.
It is a term of art in compilers/language design though, isn't it?
If you break an invariant the compiler is relying on for optimization then you can't say for sure what the effect after all optimisation passes or in future versions of the compiler will be. It's just "undefined"
Yeah I personally think the problem isn't undefined behavior itself, but the C development culture where undefined behavior is sprinkled all over the language to the point where it has become unavoidable plus the inevitable assignment of blame onto C developers, because everyone knows there is enough time in the day for fuzzing your entire code base.
In a situation like this, causing UB is basically saying you deliberately corrupted your memory.
How are you supposed to be specific about what the possible damage might entail for corrupted memory? If you have a function with an "if" or a "while" or a "switch" in it, and you break the variable being evaluated, you might cause the program to skip over the choices and run whatever happens to be next in memory. What's the non-lazy listing of possible outcomes at that point?
I'm not reading it as "it's not worse than python", I am reading it as "the choice was between bash and perl, python was not an option for reasons unrelated to its merits"
What's the term for having to choose between an deprecated/EOL version or an unstable/regressed version? It seems like it comes up over and over again.
If I add two days, semantically, I want to add two days. The date should increment by two. The time should remain the same, even if a DST transition has occurred.
The problem with comment sections on web sites is that the web sites are incentivized to have shitty comments for engagement and ease of moderation. If it's a browser plugin, it's out of the website's hands and as the user I could probably configure it so I only see comments from people I think are good at commenting, like my friends or people I follow on social media.
reply