Actually, this seems like a rather interesting defense of crypto. To use the metaphor, did the trough create the pigs? Or did it only draw a horde of pre-existing pigs to one place? Perhaps the amount of quasi-criminals that we are seeing in the crypto sector right now is just a sign that crypto was highly successful and not a condemnation of crypto in and of itself.
You are half right. It obviously did not create the pigs, but the "trough" is the place for easy pickings: Crypto. Of course Crypto did not create scammers, scammers simply have an easy time scamming people there.
Agreed 100%, but troughs are good for other things besides feeding pigs. I hope the actually innovative, non-scam projects don't have their name tarnished too much by all the pigs.
> you transmit 5 characters of the SHA1 hash of the email address
You don't use email addresses at all with Pwned Passwords. The documentation says "first 5 characters of a SHA-1 password hash", not email-address hash.
HIBP does not have a way to search for which password hashes are associated with a given email address, as this would be far more useful to attackers than to victims. The only data that Pwned Passwords exposes is a list of password hashes and the number of times that hash was used. The expectation is that even if that leaked password was actually for someone else's account, you still shouldn't be using it.
Whoops, you're right, got the API confused. You can't just search for email addresses.
Still, though, you can implementtthis check every time someone logs in (and the password is transfered over the wire) which should catch most bad passwords/password reuse cases.
This is false. Paul Irish still has the repository for w3fools on Github. You can verify[1] that Paul Irish himself revised the text. Paul Irish works for Google. There is no reason to think that w3schools paid him to revise the content. There is a closed issue that explains the reasoning[2]
Thank you for remedying my ignorance; I was in fact mistaken. It's too late to edit my comment, but I won't repeat my invalidated claim again.
That said, I will continue to resent and distrust and disparage w3schools because of their shady past. The only reason they cleaned up their act was the concerted efforts of w3fools, Paul Irish et al -- which efforts were only ever expended bc w3schools had succeeded in pwning SEO/SERPs and it was such a distraction and blight on our profession.
It's like a politician gaining office via election fraud / ballot-stuffing, then proposing legislation to improve voter rights; they shouldn't be in office.
Is it possible to automate detection of automation? If you can create an algorithm that detects the difference between AI art and human art, wouldn't that algorithm itself be able to create a new AI art algorithm that it itself could not detect?
But would you _want_ a GPU that had a former life as a cryptominer? Running all those computations 24/7 probably takes a bit out of the life expectancy.
How are people supposed to use features like this if they get dropped and re-added from time to time? If I want a convenient timer, googling "set 5 minute timer" has no advantage if I don't know whether it will work or not. Inconsistency is an enemy of convenience.
I agree with you in general but not in this particular case. Best case scenario: you get a five minute timer running right away. Worst case scenario: you click the first link and get a five minute timer right away
Screw those people for trying to monetize something you’re expecting to use for free. Your phone and computer have the capability to do timers. Why are you googling a timer with this attitude in the first place?
Your software never has bugs? We definitely had to turn something off before because something didn't line up/someone messed up planning during a bigger tech transition. This stuff happens in big orgs ran by humans, I'm happy that it's back and it's a lot better than the first result in any case.
I know that software is fiendishly difficult, but if you think a parent is ever going to put their child in a software driven car, then the industry had probably better get a bit more serious.
This doesn't make any sense. "Software" isn't produced by a single company with a single set of engineering practices and trade-offs. Safety-critical software has been around for decades and decades, and it's not developed and tested using the same practices as a minuscule D-list feature of a web service.
I already put my kids in a software driven car every day. It has automatic cruise control, automatic lane keeping, and automatic emergency braking. I don't trust Tesla's Autopilot yet but as soon as there is a self-driving car which I believe is safer than a car driven by me, I will switch to that.
Is it inconsistent? Even if it isn't google's timer, you still get results for timers provided by other websites, if you google search for "set 5 minute timer".
On the other hand I doubt many more people noticed that it went away than ppl on HN who saw the previous thread. So now they've all been re-informed and know they can rely on it again.
Why wouldn't I be surprised to see it gone later on? Kudos to Google for reshaping their brand image this way, they made my switch to alternatives much easier.
