1611134337 vexsome tldr: A shorter front page of the internet

hackernews

1. American Academy of Sleep Medicine: Eliminate daylight saving time

DARIEN, IL - Public health and safety would benefit from eliminating daylight saving time, according to a position statement from the American Academy of Sleep Medicine. The position statement, published online as an accepted paper in the Journal of Clinical Sleep Medicine, outlines the acute effects of daylight saving time, which range from increased risk of stroke and hospital admissions to sleep loss and increased production of inflammatory markers, one of the body's responses to stress. Studies show that traffic fatalities have increased as much as six percent in the first few days following the change to daylight saving time, and a recently published research abstract found an 18 percent increase in adverse medical events related to human error in the week after switching to daylight saving time. A 2019 survey by the AASM found that 55 percent of adults feel extremely or somewhat tired after the spring change to daylight saving time. The monthly, peer-reviewed Journal of Clinical Sleep Medicine is the official publication of the American Academy of Sleep Medicine, a professional membership society that advances sleep care and enhances sleep health to improve lives.


2. Zoom is now critical infrastructure – that’s a concern

Just before 6 AM Pacific time, the company acknowledged the problem in a statement, writing "We are currently investigating and will provide updates as we have them." An hour later, Zoom said that it had "Identified the issue" and was "Working on a fix." Finally, over three hours after it had first acknowledged the problem, Zoom announced that "We have resolved the issue." Another challenge is that Zoom is a relatively young company that has experienced some security-related growing pains. As a March article in The Intercept explained, Zoom was actually using "Transport encryption, which is different from end-to-end encryption because the Zoom service itself can access the unencrypted video and audio content of Zoom meetings. So when you have a Zoom meeting, the video and audio content will stay private from anyone spying on your Wi-Fi, but it won't stay private from the company." While Zoom subsequently announced that it was working on new software that will allow it to introduce end-to-end encryption, the fact that confusion on this point had arisen at all is concerning from a security standpoint. The time people have invested learning how to use Zoom and the licenses companies and universities have signed to make it their main platform for real-time video interactions create strong incentives against adopting an alternative. People who have spent hours getting used to Zoom don't want to start over on another platform.


3. Apple Terminates Epic Games' Developer Account

Apple in mid-August said that it would terminate Epic Games' developer account if the Fortnite app continued to break the App Store rules, and today, Apple followed through with that threat and removed Epic's access to the Epic Games account. Searching for Epic Games in the ‌App Store‌ brings up no apps and on the web, the Epic Games developer account is blank. Last night, Epic sent out emails to Fortnite players blaming the unavailability of the new season on Apple and claming that Apple is "Blocking Fortnite" in order to prevent Epic Games from "Passing on the savings from direct payments to players." Apple in turn has taken to featuring Fortnite competitor PUBG in its ‌App Store‌. Apple originally wanted to terminate the developer accounts of both Epic Games and Epic International, a separate account linked to Epic's Unreal Engine used by third-party app developers, but a judge issued a temporary restraining order preventing Apple from doing so. The judge declined to stop Apple from terminating the Epic Games account telling Epic that it "Created the situation" and made a "Strategically and calculated move to breach" ‌App Store‌ terms.



5. Tell HN: Check medium's localstorage if you use adblock

I remember the buzz around Medium back when it launched, Ev Williams was going to try and do something new and exciting with text and don't call it a blog platform, it'll be like Twitter but with longer form text and anyone could write for it, etc. Blogger was bought out, I actually found it amazing that TypePad was still around, but the "Blog engine" that powers it, Movable Type is still powering sites that you've probably heard of, daringfireball.net and Kottke.org being two of the more famous examples with the kinds of writers/bloggers I was advocating for: people who own what they have to say, every pixel of it. WordPress is now the biggest fish in the blogging pond in mindshare, market share and revenue for blogging software. If it's a blog and it's not someone's custom static site generator or Movable Type on the backend, then it is probably using WordPress either.com or.org. I have lost track of where TypePad is relative to everyone else, even in its heyday it was the one platform I never signed up for because I had chosen Blogger, mind I quickly found Blogging wasn't for me.



7. The Dark Core of Personality

Their key prediction is that those scoring high on the D-factor will not be motivated to increase the utility of others without benefiting themselves, and will not derive utility for themselves from the utility of others. Across four studies, the researchers found support for the existence of their proposed D-factor. To capture a reasonable D-factor, they administered nine different tests measuring a particular dark trait that has been well studied in the psychological literature. Second, the pattern of items that were most strongly related to the D-factor related to aspects of their theoretical model: utility maximization, inflicting disutility on others, and justifying malevolent beliefs. The D-factor captured the dark core of many different dark traits without crucially relying on any one measure.



9. Malloc Geiger Counter

Malloc geiger is a hook for malloc that plays geiger counter blips in proportion to the amount of calls to malloc as a way of knowing what an application does. A video of malloc geiger in action can be found here. The probability of a click happening in each interval is // min(number of mallocs in interval/saturation rate, 1.0) MALLOC GEIGER API MG Status install malloc geiger. Size t. saturation rate, size t. interval); // Uninstalls the geiger clicking malloc handler. With the current setup where malloc geiger is built as a dll it requires the application using it to use the dynamic runtime library.


10. Scientists build army of a million microrobots that fit inside hypodermic needle

A four-inch wafer of silicon has been turned into an army of one million microscopic, walking robots, thanks to some clever engineering employed by researchers at Cornell University in New York.In a paper, published Wednesday in the journal Nature, a team of roboticists detail the creation of their invisible army of robots, which are less than 0.1mm in size and cannot be seen with the naked eye. One of their chief purposes, the researchers say, could be to investigate the human body from the inside. The team was able to build incredibly small legs, which are connected to two different patches on the back of the robot - one for the front pair of legs, one for the back. The research team were able to show the microrobots devices could fit within the narrowest hypodermic needle and thus, could be "Injected" into the body. Improvements could pave the way for swarms of robots to head inside the body and repair wounds or go on the attack against diseases like cancer, but that future is years - or potentially decades - away.


11. The Joy of Cryptography

The Joy of Cryptography is a textbook that I've been writing for CS427, my undergraduate course in cryptography. All security definitions are written in a unified and simplified "Game-based" style. For an example of what security definitions look like in this style, see the index of security definitions. For example proofs of security in this style, see the supplementary material below. "The Joy of Cryptography" is a silly title, but all the sensible titles were already taken.


12. Netflix is now doing per-shot encoding for UHD content

The fixed-bitrate ladder often appears like steps - since it is not title adaptive it switches "Late" to most encoding resolutions and as a result the quality stays flat within that resolution even with increasing bitrate. For the optimized ladders we have logic to detect quality saturation at the high end, meaning an increase in bitrate not resulting in material improvement in quality. Once such a bitrate is reached it is a good candidate for the topmost rung of the ladder. Below plot highlights such a case where the optimized ladder exceeds the fixed-bitrate ladder in terms of the highest bitrate, thereby achieving an improvement in the highest quality. As expected, the quality is higher for the same bitrate, even when compared in the low or medium bitrate regions.


13. Ethereum Is a Dark Forest: A Horror Story

Even if nobody else noticed the free money, anyone could remove their own liquidity at any time, accidentally receiving the tokens from the contract. My Paradigm colleague Georgios Konstantopoulos agreed to help with contract deployment and submitting the transactions. In addition to burying the call as an internal transaction, we would split the transaction in two: a set transaction that activates our contract, and a get transaction that rescues the funds if the contract has been activated. Deploy a Getter contract which, when called by its owner, would make the burn call ONLY if activated, and otherwise revert. Deploy a Setter contract which, when called by its owner, would activate the Getter contract.


14. Squad Wealth

To paraphrase Bill Bishop: today people are born as individuals, and have to find their squad. While ancient squads were brought together by the struggle for survival, always-on group communication sets the scene for contemporary squad culture. Memes forged in SQUAD SPACE bubble out into the "Clearnet" above, pwning NPCs on the internet of beefs. Squad culture is downstream of squad space, and the digital places squads inhabit are only getting more advanced. Accordingly, the core of squad production is the continuous production of the squad itself. These not only enable the creation of social capital, but strengthen the squad's capacity to organize, minimizing transaction costs and leading to greater productive capacities and resilience; this is "The nature of the squad." But while squads can be viewed as a "Nexus of contracts", unlike the Coasean firm, they are without legal structure.


15. Life Is Short (2016)

Is life actually short, or are we really complaining about its finiteness? Would we be just as likely to feel life was short if we lived 10 times as long? It's not just a figure of speech to say that life is too short for something. If you find yourself thinking that life is too short for something, you should try to eliminate it if you can. It's almost the definition of bullshit that it's the stuff that life is too short for. Most people start out with a life that's a mix of things that matter and things that don't, and only gradually learn to distinguish between them.



17. Launch HN: SuperTokens (YC S20) – Securely manage session tokens

Launch HN: SuperTokens - Securely manage session tokens 73 points. SuperTokens helps companies securely manage their session tokens, saving developer time and preventing identity theft. SuperToken mitigates against all session attacks by implementing best practices. Those have clear UX problems, but for apps that are OK with those problems, implementing such mechanisms is good enough, security wise! Most existing libraries easily allow you to build inactive timeouts, but building the frequent "In session" reauth, can be tricky: detecting when last auth happened, saving state of an app between reauths & regenerating session tokens after reauth. I have seen banks store session tokens in the page HTML as opposed to HttpOnly cookies.


18. Apple blocks Facebook update that called out 30-percent App Store ‘tax’

Apple blocked Facebook from informing users that Apple would collect 30 percent of in-app purchases made through a planned new feature, Facebook tells Reuters. Apple said the update violated an App Store rule that doesn't let developers show "Irrelevant" information to users. Apple's rules say that purchases of digital content have to use the App Store's payments system, giving Apple 30 percent of the total. "Unfortunately Apple rejected our transparency notice around their 30-percent tax but we are still working to make that information available inside the app experience." Apple has been strict on apps that try to explain App Store policies - apps like Netflix, Kindle, and Spotify, for example, aren't allowed to mention that users could pay on the web without Apple taking a cut, much less provide a link to do so.


19. Objective-Rust

Yep, that's Rust code with embedded Objective-C syntax, and it works. Why would you do such a thing? Maybe you want tighter interop between the Rust and Objective-C parts of your iOS app. If you're looking to use Objective-C from Rust in production, you should not be using my unsafe toy here. Background on Objective-C. My normal audience these days is probably Swift developers, but I expect this one to make rounds with at least some Rust people as well. People almost universally think Objective-C syntax is ugly when they first see it, almost universally find it completely normal after a few years, and largely find idiomatic Swift easier to read even if they're used to Objective-C. Objective-C from Rust, manually.


20. Impact of Go AI on the professional Go world

Professional Go players are often referred to as one of two types, tournament players or teaching players. In the case of Korea, there are about 380 professional players certified by the Korean Baduk Association, and about 50 top players can be considered tournament players. Last year, the top player in Korea earned about $1 million US dollars from tournaments alone, while the 10th player earned about $120,000 US dollars. It's actually to buy more powerful GPUs and a well-trained deep neural network and have it play Go. So, suddenly, we players felt an enormous sense of loss. Most strong players had distinctive flavors of play and oftentimes this style was the reason why some Go fans rooted for one player over the other.


21. Show HN: Healthcare Is Dumb

No summary.


22. Firefox 80 and my confusion over its hardware accelerated video on Linux

The news of the time interval is that Firefox 80 is out and in theory it can support hardware video acceleration on X11, not just Wayland. If Firefox is making a sensible decision for my specific hardware, that's one thing and I want it to do what will work best. If I've missed a setting or if Firefox is just being twitchy about something, I also want to override it. Firefox won't tell me what it's doing or why, at least not in a way that I can understand. If Firefox is or isn't going to do hardware accelerated video playback, I wish it would tell me both what it was doing and why.


23. China Built a Vast New Infrastructure to Imprison Uighurs

China has secretly built scores of massive new prison and internment camps in the past three years, dramatically escalating its campaign against Muslim minorities even as it publicly claimed the detainees had all been set free. The construction of these purpose-built, high-security camps - some capable of housing tens of thousands of people - signals a radical shift away from the country's previous makeshift use of public buildings, like schools and retirement homes, to a vast and permanent infrastructure for mass detention. With at least tens of thousands of detainees crowded into government buildings repurposed as camps by the end of 2017, the government began building the largest new facilities in the spring of 2018. Unlike the old, repurposed camps, new prisons and camps such as this one have higher security, with gates up to four stories tall and thicker walls along their borders, often with further layers of barbed wire on either side of the main walls. The camp at Dabancheng, Ruser said, "Is the main catchment camp for Ürümqi. It's 2 km long and was expanded late last year an extra kilometer with a new facility across the road to the west." By comparison, the camp is about half the length of Central Park.


24. Show HN: Read The Count of Monte Cristo and others in installments in your email

The emails follow the rule of one chapter per email as I couldn't find the chapter division of the original installments online. The novel "Great Expectations" by Charles Dickens was first published in weekly installments in a periodical, from December 1860 to August 1861. The novel "Madame Bovary" by Gustave Flaubert was originally published in fortnightly installments in the periodical "La Revue de Paris", from October 1856 to December 1856. Each installment would be one book usually, except for four books that were divided into two installments. Such lenghty installments seemed excessive for the email format, so I rearranged in groups of 2 or 3 chapters per email, reaching 44 installments.