I agree with the sentiment, but this part is complete bullshit:

> what is the likelihood of every certificate authority on the Internet having their private keys compromised simultaneously

Who cares? It's not like all CAs would have to be breached, just one. CA certs are not scoped, so the moment one CA gets breached, we're all fucked. CT helps, but AFAIK it's still not enforced everywhere yet

Application error: a client-side exception has occurred (see the browser console for more information).

The amount of articles on HN that render perfectly, then vanish a second later and are replaced by this error message is insane. Yes, I'm using an old unmaintained Android HN reader with a questionable webview. No, that's not an excuse to delete a perfectly rendered from right in front of my eyes.

Sure. But it's not the browser that did that. You see the dialog because the app HANDLED the error condition, and application code displayed an dialog. Had the error not been handled, the browser's behavior is to log a message to the browser console (which you, as a user, never see), and carry on, pretending that the error never happened. So the page would have continued on in some non-functional, or half-functional state.

Yes, of course. My point was more that modern javascript developers have taken that away from us.

Why is this article trending again?? The NanoKVM is showcase product for the LicheeRV Nano. A built-in microphone is an advertised feature of that board.

I like Matej's work, especially his GSM stuff, but this article is so overblown. A third are known issues and another third are non-issues. The last third was good security work and I genuinely appreciate he did it. Beat me to it by a feew weeks, since my order was stuck in customs while I tried to explain to them what a KVM was...

The whole "we need latex because of math" thing has been nothing more than a bad excuse for a very long time. Math notation is too varied to include in Unicode (some papers have to invent new notation!), but even if we had it, authors would still insist on latex. You can already make responsive and largely accessible papers that render to HTML, with latex familiar syntax for equations, bibtex for references and all the footnotes/figures/tables/captions you might want.

But authors still refuse. It's not real science if the layout isn't two-column, written in an old serif font, tables and figures float randomly disconnected from their reference points, code isn't syntax higlighted and has completely nonsensical line breaks... If the reader wants to read it on a phone, or needs to change to font to be larger or more legible, they're not a real scientist and don't deserve to read real papers.

Seriously, what the fuck?? Even the economists are laughing at us with their MS Word and third-party cloud-based bibliography plugin subscription.

Authors just follow any format mandated by the journals.

In unoficial notes for the classes, most authors use single column, and try to remember the magic spell to keep the figures in place. Something like [H!] ???

Also most books are single column.

> After a year or two, I’m happy to throw it out and buy a new one.

Sincerely, fuck you.

Nobody with this mentality should be designing anything. I know many people at most hardware companies think like that and they can go fuck themselves too. But at least they have the excuse of getting fired if they make things too good. You don't.

I have the same issues in Zed and VS Code, but somehow everything works in PyCharm. Even all the double underscore nonsense in QuerySets that I've never seen work enywhere else. I don't use it very often because I mostly work from my potato of a laptop these days, but when I really just need to Get Shit Done, I sacrifice 10 browser tabs to reclaim some RAM and open PyCharm.

Pycharm does not have good type checking. It has the best type inference, but its type checking is very basic. It’s not strict, that’s why you don’t see a lot of errors. When complex types don’t much, it won’t complain.

> something being down or not is pretty black and white

This is so obviously not true that I'm not sure if you're even being serious.

Is the control panel being inaccessible for one region "down"? Is their DNS "down" if the edit API doesn't work, but existing records still get resolved? Is their reverse proxy service "down" if it's still proxying fine, just not caching assets?

I understand there are nuances here, and I may be oversimplifying, but if part of the contract effectively says "You must act as a proxy for npmjs.com" yet the site has been returning 500 Cloudflare errors across all regions several times within a few weeks while still reporting a shining 99.99% uptime, something doesn't quite add up. Still, I'm aware I don't know much about these agreements, and I'm assuming the people involved aren't idiots and have already considered all of this.

Not tamper with the record directly, but MitM it on the way to a target.

That should be prevented by dnssec no?

Depends on who your adversary is. If it's your ISP: no, DNSSEC doesn't prevent that (in every mainstream deployment scenario, your upstream DNS recursive server is the only thing really doing DNSSEC validation).

That's what DNSSEC is for.

Yes, but that's just PKI again, which is what the OP was trying to avoid.

Is it better? As with all price gouging, better for those who can afford it, sure, but not for those who can't. The proper way to combat scalping is to implement fair allocation methods (for a start purchase quantity limits) and punish people for scalping.

Look at how most places handled war-time gasoline shortages. Rationing coupons, purchase limits, demand leveling (like the odd-even system), price or profit controls, strict prosecution of scalpers and price gougers. And it's not like only the communists did this - even the US had most if not all of these things. And it worked far better than the shit that happened during the pandemic shortages. Governments used to know how to govern.

If you want to be "fair" for a necessity such as gasoline, you can have tradable rationing coupons. That way you are rewarded if you buy and use less gasoline, but the excess windfall due to the shortage is still transfered to you and away from the supplier. But even this assumes that gasoline is in fixed supply and there is no way of increasing its total production by paying more, which is not a very good assumption.

In a time of shortage, throwing more money at the problem usually won't increase supply. A shortage necessarily means that if you make more of something, you're guaranteed to sell it basically instantly, so there's already an incentive to increase production.

And it's not like the higher prices mean more money goes to the producers so they can invest in more production capacity. The price increase is spread out between every middleman in the chain untils there's almost nothing left. This could work only if the producers themselves are the ones raising prices, but then everyone else would still add their own cut, leading to even crazier price hikes, and also it's unlikely that extra profit would go to much more than lining the owners' pockets.

Additionally, demand spikes usually don't last, so any new production capacity you build will be a liability later, after the market settles down.

>A shortage necessarily means that if you make more of something, you're guaranteed to sell it basically instantly, so there's already an incentive to increase production.

This is patently false. Every oil reserve around the world has a cost per barrel of extraction. At $60/barrel many of them are shut down.

If you fix the price at $60 and demand goes up, you’ll end up with shortages and producers won’t be able to fill the gap.

It is very rare to have a market of physical goods where the cost of production is fixed and supply is effectively limited. For every other market, the price needs to go up to entice investing in making more supply.

The high prices ("price gouging") perform a social function because some cannot afford it; they prioritize what matters to them more, and ram is left available to those who absolutely require it. Trying to get around that by forcing prices below the market price simple encourages scalping behaviors. If prices are below the market price, but at the market price you would prefer the cash in your pocket over the ram stick, then you have every reason to sell it higher than you bought it because people are willing to buy it. It is those willing to buy it that are the main culprit in establishing the true price.

In reality, it is almost never a true binary of "afford" or "cannot afford" like critics of surge pricing make it out to be; people evaluate the price according to their circumstance and make a trade off. It is because of these decisions, the state of demand, that surge pricing is possible, not because of the machinations of evil price scalpers. That is why manufacturers couldn't lower prices even if they wanted to; gpu msrp being a great example of gpu vendors being caught between consumer ignorance about economics and the facts of reality that gpus are scarce enough to warrant higher prices.

>since scarcity is more a function of demand than supply

This is incorrect. Anything that is bound by something like TSMC production is only made scarce when nvidia realizes they could sell out the entire run at $1000/card or whatever.

They were supply limited for years during the crypto boom. The way you know it was a supply problem is that you couldn’t even buy new cards because they were so frequently sold out.

Nvidia cards became really valuable overnight in the same way as any other asset. You trying to scream at “rich bastard” buyers will not change the fact that there is a shortage of cards so the price is going to go up across all sellers until the supply and demand curves intersect.

This is basic econ in action and history is fraught with attempts to try to fix supply shortages by capping the price.

Scarcity is a function of demand. That doesn't change the importance of what I said! In fact, it proves my point. The reason that "some rich bastard" is willing to pay such prices for gpus or ram or anything else is because they expect it to generate revenue for them equal to or greater than the amount they paid for it. How do they generate revenue? By selling a product! Who do they sell the product to? People like you and I who also compete with them to buy ram and gpus. In other words, the importance of what I said about prices depending on demand is that it depends on your demand. Rich bastards don't care much about ram per se; they could get it anyway. They care about it because of what (they expect) you're willing to pay for its products. Prices are what they are because people, on net, would rather spend the equivalent they could spend on ram by buying products of ram.

Putting this in view to the idea that people don't "afford" things equally: by your assumption, this implies people can indeed "afford" other non-ram things better when it comes to the more important alternatives they could buy with the ram-equivalent funds. Not only do ram-equivalent funds compete with alternate uses, but ram as a factor of production competes with other factors of production. And all factors of production compete, by way of the so-called rich bastards, for your and my dollars. In other words, if ram is more expensive, it is to support alternate uses of ram whose products are valued more highly by consumers than the direct use of ram. And, most importantly if one were to try to get around this higher resulting price for ram, it would cause higher prices for the products of those alternate uses of ram. People would be less able to get the thing they value more highly than ram because ram competes with all our needs, and less ram can be used for its indirect use.

All of that is to say that efforts to combat so-called price gouging bounds those who can less afford ram to be in a worse spot than otherwise. They can't afford ram as before, that much is true. But they prefer the alternatives to ram. If they would be better off by having ram, they would purchase that. Waving a magic wand to redistribute ram to them will give them ram, but now they lose what they valued more highly than ram.

Your logic that OpenAI can by proxy afford to buy out the entire world's supply of RAM because consumers value OpenAI products more than other RAM-dependent things assumes that OpenAI's money comes from selling goods or services to those consumers. It doesn't. The overwhelming majority of people pay zero dollars per year on AI services, while almost everyone spends at least a few hundred a year on gadgets that need RAM and other services that run on servers that need it as well.

The money OpenAI is using to starve the rest of us of RAM is coming from pumped up valuation through circular investments, investor FOMO, cheap debt and often straight up gambling. Rich bastards know that they can pump money into the bubble to grow it and hopefully cash out before it bursts. Nowhere in that process did any regular person value AI datacenters over other uses of RAM.

What you're pointing to is uncertainty; it is a judgement call whether or not consumers actually value these things. But if they don't open AI will lose money, assuming the market is not interfered with by bailouts, which would indeed hamper the social function of pricing. In a similar manner, this social function is hampered by interventions which manipulated credit and deby. My assumption only works in an economy where debt isn't artificially created ad hoc by the federal reserve and other banks. But that is a problem with how federal policies condition debt and finance in the modern economy, not with surge pricing. I would like to see more criticisms of the fed which essentially bankrolls bubbles like this rather than surging pricing, which performs its social function either way.

> The high prices ("price gouging") perform a social function because some cannot afford it; they prioritize what matters to them more, and ram is left available to those who absolutely require it.

This is not true at all. It isn't left available to those who absolutely need it but to those who can pay for it. Those are two very different things.

You're attempting to construct a notion of need separate from the empirical experience of people's concrete choices, but that isn't possible if you want to be scientific. If a person spends $400 on a phone instead of 32gb of ram, they need the phone more than the ram. If a company spends $400 on ram instead of on some other production good, they need the ram more than the other production good - they expect it to generate more revenue.

These two exchanges are not disconnected either: phone prices are affected by revenues of companies which use ram for production. And those revenues are determined by purchases of phones. The person demonstrates through their choice that the use of ram for an indirect purpose of making phones (however indirectly that might effect it) is more valuable to them than the direct use in their computer. The person is not excluded from "having" the ram in the most general sense: they have it indirectly because they benefit from its use in production whose products they value more than the direct use of ram. The person, along with all other consumers, participates in organizing production in the manner that best benefits them, according to their needs, which may not necessarily involve them directly owning the thing.

During the pandemic there wasn’t gouging? I just remember complete shortages of inventory like toilet paper, basic microchips, etc.

It would have been better if people did raise prices during the pandemic for those things to prevent hoarding so I could actually wipe my ass at 2 cents a wipe instead of 1. But alas, the “price gouging” cry babies would have come out and lambasted them for “being greedy”.

Nope, governments were famously bad at this. Coffee rations and gas rations were a disaster.

(Edit: Replying here because of dumb rate limits)

>You guys are being unreasonable, we have plenty of toilet paper for everyone. Each person gets two rolls per week unless you can prove you need more until you calm the fuck down

And this is why it’s dumb. There actually was a supply shortage. You should read about it.

Toilet paper manufacturers made industrial scale toilet paper for offices, schools, public buildings, rest areas, etc.

1/3 of the entire toilet paper market for giant single ply rolls sold in bulk disappeared overnight. And that same demand flowed back into home multi-ply toilet paper that couldn’t be scaled up quickly because it came from a different mill.

Rations would have been completely stupid in reaction to a legitimate 50% increase in legitimate demand.

Read again. My whole point was that governments used to know how to handle a shortage, but they don't anymore, as evidenced by the pandemic. They let the market figure it out and you got a mix of both price gouging and scalpers.

And no, doubling prices wouldn't have done anything. Hoarders would just hoard more because not only was supply low, but prices were increasing, so they better buy it now rather than later.

If governments actually governed, this wouldn't have been a problem. "You guys are being unreasonable, we have plenty of toilet paper for everyone. Each person gets two rolls per week unless you can prove you need more until you calm the fuck down. We're also putting the toilet paper factory into overdrive to compensate for this stupidity."

I get the first point, but having shareholders doesn't solve that in any way. Shareholders would just give themselves payouts instead of letting the execs take everything as bonuses. And unlike the execs, whose bonuses could be limited by charter and who could be chosen on the basis of trust, shareholders are "whoever has the most money to throw around", so there's no mechanism to align them with company values.

So it's not perfect, but it sure as hell beats having shareholders.

> Shareholders would just give themselves payouts

Precisely, in the form of the #1 trend of public companies, stock buybacks! I've seen aggressive buybacks take a company with a ton of money in the bank and a profitable business and drive it right to Chapter 7 bankruptcy in just a few short years.