Skip to main content

2024-07-08

Reverse Engineering Ticketmaster's Rotating Barcodes

  • TicketMaster's SafeTix system uses rotating barcodes displayed in a mobile app, complicating the ticketing process and preventing easy printing or screenshots.
  • Issues arise when there's no internet connection at the venue, making it difficult to load the barcode, and the system aims to reduce ticket resale and gather user data.
  • Reverse engineering reveals that the barcodes use PDF417 format with a bearer token and two TOTPs, which can be extracted using Chrome DevTools, allowing offline saving of tickets up to 20 hours before the event.

Reactions

  • The post discusses the reverse engineering of Ticketmaster's rotating barcodes, highlighting the potential for scam-free third-party ticket resale if Ticketmaster and AXS documented their QR code cryptography and exposed apps/APIs for verification.
  • The conversation critiques Ticketmaster's monopoly on ticket resale, suggesting that their reluctance to support third-party verification benefits their control over the market.
  • The debate extends to ethical considerations for developers and companies, with some arguing that societal structures and government failures contribute to monopolistic practices, rather than the developers themselves.

Simulating 20M Particles in JavaScript

  • The author spent several months experimenting with shared array buffers, a feature in JavaScript that allows multiple threads to share memory efficiently.
  • They have developed a final application showcasing these experiments and are inviting feedback and ideas for further simulations in JavaScript.
  • The post highlights the potential of shared array buffers for creating more complex and efficient simulations in web development.

Reactions

  • A developer successfully simulated 20 million particles using JavaScript, leveraging shared array buffers over several months of free time.
  • The post includes a final app demo and invites suggestions for simulating even more particles in JavaScript.
  • The community provided various feedback, including embedding the simulation for easier access, optimizing performance, and using different technologies like WebGL and WebGPU for rendering.

Boeing to plead guilty to criminal fraud charge stemming from 737 MAX crashes

  • Boeing will plead guilty to a conspiracy fraud charge related to the 737 Max crashes, agreeing to pay a $243.6 million fine and install a third-party compliance monitor.
  • The deal, which avoids a trial, requires federal judge approval and could impact Boeing's ability to sell to the U.S. government.
  • Boeing must also invest $455 million in compliance and safety programs and have its board meet with crash victims' families.

Reactions

  • Boeing will plead guilty to a criminal fraud charge concerning the 737 MAX crashes, with victims' families advocating for a public trial to reveal all facts.
  • The plea deal involves a $243.6 million fine and a three-year third-party monitor, but critics argue this is inadequate and call for individual accountability.
  • The case underscores persistent issues with corporate accountability and questions the effectiveness of penalties in altering company culture.

I'm funding Ladybird because I can't fund Firefox

  • The author is funding the Ladybird Browser Initiative because Mozilla does not allow direct user funding for Firefox.
  • Browser diversity is crucial to prevent any single vendor, like Chrome, from controlling web standards and pushing user-hostile features.
  • Ladybird, originally part of SerenityOS, is now a separate project aiming for its first alpha release in 2026 and is open to user funding.

Reactions

  • The author is funding Ladybird because Mozilla prioritizes online advertising over Firefox development, making Mozilla more of an advertising advocacy project.
  • Mozilla's shift from a foundation to a corporation has made it reliant on advertising revenue, particularly from Google, and it does not accept donations specifically for Firefox development.
  • Alternatives like the Servo rendering engine and Ladybird, which plans to transition from C++ to a safer language, are suggested as worthy of support.

The internet is already over (2022)

Reactions

  • The internet is evolving due to factors like advertising, politics, and AI, leading to more restricted and censored versions.
  • There is a debate between maintaining control through censorship and preserving the internet's potential for open communication.
  • The shift from public spaces to private forums like Discord and Slack indicates a move away from the open web, but niche communities still offer value.

Reactions

  • Zed Editor downloads binaries and NPM packages without user consent, raising security and supply chain attack concerns.
  • Users compare it to VSCode, which requests permission, emphasizing the need for user control and security in IDEs.
  • Zed's team acknowledges the issue and plans to address it, sparking a debate on balancing convenience and security in development tools.

Do Skis Get Blunt?

Reactions

  • Skis can become blunt, especially when used on hard or icy snow, making sharp edges and proper bevels crucial for performance.
  • Regular maintenance with a diamond stone is usually sufficient unless the skis are damaged by rocks or rust.
  • While technically inclined skiers can benefit from learning to maintain their skis, many find it more practical to have them professionally tuned, especially those with families.

Open-sourced Webflow for your own app

  • Onlook Studio has introduced an app that allows developers to visually edit their locally running React applications and write the code back in real-time.
  • The app runs locally, requiring only a simple plugin addition, and includes features like a React parser, pre-processor, and CSS conversion to Tailwind.
  • Future developments include inspecting and selecting layers, reordering elements, and A/B testing changes before committing to code.

Reactions

  • Onlook Studio introduces an open-source tool for visually editing React apps locally, ensuring developers retain full code ownership.
  • The app features a React parser, pre-processor, and CSS-to-Tailwind conversion, running as an Electron app for real-time code updates.
  • Future plans include proof-of-concept features like layer inspection and A/B testing, with potential monetization through a hosted version for team collaboration.

A Mini Monitor for a Pi

  • This post details using a 2-inch display as a monitor for a Raspberry Pi, aiming to create a handheld console with a keyboard.
  • The display, driven by an ST7789 controller and connected via SPI, consumes 2.5 MB of RAM and ~2% CPU, ensuring battery efficiency.
  • Setup instructions include wiring, enabling SPI, setting framebuffer and X display sizes, and installing the mirroring program as a system service.

Reactions

  • A mini monitor project for Raspberry Pi is gaining attention, with discussions on optimizing hardware connections and display options.
  • Users are sharing tips on using 3D printing for custom cases, with suggestions to check local libraries or use 3D printing services for high-quality results.
  • Various display options and configurations are being explored, including using small tablet screens, Waveshare displays, and implementing proper DRM (Digital Rights Management) kernel drivers for better performance.

Xpra: Persistent Remote Applications for X11

  • Xpra, an open-source tool, allows running X11 programs on a remote host and displaying them locally, with the ability to reconnect without losing state.
  • It supports various platforms and integrates features like audio, printers, clipboard, system trays, notifications, and webcams, adapting to different network conditions.
  • Installation is available for Windows, MacOS, and Linux, with extensive documentation and support through FAQs, GitHub discussions, IRC, and Discord.

Reactions

  • Xpra is a tool for persistent remote applications on X11, allowing users to maintain application states across sessions.
  • The discussion highlights various remote desktop solutions, including Xpra, NoMachine, RustDesk, and NICE DCV, each with unique features and user preferences.
  • There is an ongoing debate between the use of X11 and Wayland, with users noting the pros and cons of each, including hardware support, security, and compatibility issues.

For the first time in more than 150 years, Alberta's electricity is coal free

  • Alberta's last coal plant, Unit 2 at the Genesee Generating Station, went offline on June 16, marking the end of coal-fired electricity in the province.
  • The coal phase-out was accelerated under the New Democratic Party's leadership after 2015, with policies like stronger carbon pricing and a commitment to 30% renewables by 2030.
  • Despite the milestone, challenges such as the need for more wind and solar energy, storage solutions, and updated infrastructure remain, especially with Alberta's recent renewables moratorium and market restructuring.

Reactions

  • Alberta has transitioned to being coal-free for the first time in over 150 years, sparking a debate on the costs and benefits of this move.
  • Critics highlight that while Alberta has shifted to natural gas, the current government is criticized for not supporting renewable energy investments.
  • The discussion includes comparisons with countries like China, which, despite increasing coal usage, is also heavily investing in renewables and nuclear energy, emphasizing the global complexity of addressing the climate crisis.

ICANN's list of abandoned vanity TLDs

Reactions

  • ICANN (Internet Corporation for Assigned Names and Numbers) has released a list of abandoned vanity TLDs (Top-Level Domains), which are custom domain extensions like .brandname.
  • There was a significant rush for gTLDs (generic Top-Level Domains) in the late 2000s, but many companies realized they didn't need them after paying high fees, such as the $185,000 evaluation fee.
  • Many vanity TLDs are now unused or abandoned, highlighting the initial overestimation of their value and the shift in internet usage towards search engines and apps.

Unit is a general purpose visual programming system

Reactions

  • Unit is a general-purpose visual programming system facing cognitive scalability issues and tangled connections, making visual programming challenging.
  • Users appreciate certain design features, such as task-focused widgets, but compare it to tools like LabVIEW and OpenSCAD Graph Editor, highlighting both benefits and limitations.
  • Discussions emphasize the difficulty of organizing visual code, the need for improved user experience (UX), and the potential of mixed-modal computing environments.

'It's like I drew a door and disappeared through it' (2021)

Reactions

  • The article discusses the severe drop in donations to charities like Nochlezhki following a full-scale invasion, leading to many organizers being forced out.
  • The situation is expected to worsen post-demobilization due to poor PTSD treatment, increased crime rates, and economic downturn.
  • The article highlights the deep impact of homelessness and the challenges faced by those affected, emphasizing the importance of decent law enforcement and justice.

The Right Kind of Stubborn

  • Persistence and obstinacy both involve determination, but they differ fundamentally in approach and outcome.
  • Persistent individuals adapt their strategies based on feedback, demonstrating resilience, good judgment, and a focus on goals.
  • Obstinate individuals rigidly stick to their initial ideas, often leading to failure, especially in complex situations.

Reactions

  • Paul Graham's article differentiates between obstinate and persistent people, noting that obstinate individuals seem more confident but are less open to feedback, whereas persistent people are more flexible and willing to learn.
  • The public often confuses obstinacy with confidence, particularly in public forums, leading to misinterpretations.
  • The article also explores growth and fixed mindsets, with mixed reactions from commenters who either agree with Graham's views or find his definitions overly simplistic or overlapping.