It works because the original filter has suboptimal settings. An optimal filter of that size and number of items would set 5 bits per item and have about a quarter of the false positive rate. The 2 bits per item in the blocked filter is still suboptimal, but it's also saving them from saturating a bunch of 32-bit blocks, at the cost of a much higher overall false positive rate.
That struck me as an odd choice, too. On average there's no difference in false positives, but the smaller the blocks, the more likely they'll be saturated. Since there are 6 leftover bits in the hash anyway, there's no cost to increase the two 5-bit values to 6 bits and the block size to 64. You'll have a lot fewer hot blocks that way.
With blocks this small there's also no reason not to optimize the number of hash functions (albeit this brings back the specter of saturation). There are no cache misses to worry about; all positions can be checked with a single mask.
Speaking of Brandon, some time watch Brandon speaking about The Crow. I watched that on a special edition of the DVD and I had to watch it twice. It was as if he knew something really bad was about to happen and he was rationalizing and coping with it. I can't watch any of the crow movies that came out after his death. I don't know if that monologue is on the internet anywhere.
Even without incident, many movies with heavy special effects can take up to a year to finish the final draft. I kinda suspect it's by design. Get the studio hooked and ask for more money to increase the production values to match the acting.
Magnus has always been unhappy with the format of the WCC cycle. He first skipped it in 2011, when he was already the top-rated player but not yet champion (https://www.chess.com/news/view/carlsen-quits-world-champion...), and very nearly skipped it again in 2013.
It isn't a slump at all, really. He had his first kid in December. He's preparing for the Candidates in March. Weekly chess.com tournaments are just, you know, going to be relegated to streaming content for a bit.
The ones that specifically come to mind are Lazavik vs. Carlsen, Speed Chess Championship 2025 Semi-Final, Round 3, and Sindarov vs. Carlsen, Freestyle Chess Grand Slam Finals 2025 in South Africa, Round 1 of the Group Stage Finals.
I assume you mean that beautiful tactical shot Lazavik found? In general these sort of games are the opposite of convincing. The reason is that we're all human and make tactical mistakes now and again, even more so in very rapid time controls. What generally defines players overall edge though is the ability to grind small edges, rather than stumble into knock-out blows.
For instance this is why Carlsen was so crushed by his loss to Niemann in 2022 (that led to the cheating claim controversy). Niemann actively avoided a draw and then systematically outplayed Magnus in a very difficult R+N v R+B ending. This is also why players like Erdogmus seem to have so much potential. It's not the tactics - which is basically a prerequisite to high level play, but his ability to just systematically grind down extremely strong players like MVL.
I'm replying to this post, but your other posts throughout the thread have similar misunderstandings.
User presence tests are an anti-malware feature. The point is that a machine can be compromised without letting bad guys log into your accounts willy-nilly. Is it a super useful feature? No. The bad guys can steal the tokens for accounts you're actively logged into anyway. But that's why the test exists.
The whole back and forth about plaintext keys is pretty much people talking past each other. Approximately nobody thinks users shouldn't be able to access their keys in the general case. FIDO just wasn't originally designed for the general case (see Operation Aurora). Now it's playing catch-up.
KeePassXC is not "being threatened with being banned via attestation". Attestation requirements are set by the service you're logging into, and KeePassXC is already locked out where those requirements exist (pretty much exclusive to a small number of corporate and government orgs). A random guy from Okta is not threatening to ban KeePassXC.
> Approximately nobody thinks users shouldn't be able to access their keys in the general case
Citation needed. To me it seems to be the quiet part that they aren't saying out loud. If it's just a consequence of the spec being unfinished, then they shouldn't threaten to ban KeepassXC for this. The purpose of a system is what it does, and commercial passkey implementations lock users out of their credentials and uses it to strengthen vendor lock-in.
> Is it a super useful feature? No
It's security theater and a way for websites to annoy users unnecessarily.
> KeePassXC is not "being threatened with being banned via attestation".
Let's be specific. Who is "they"? Who do you think is threatening to ban KeePassXC? A mid-level Okta employee? The whole FIDO Alliance?
Brother, there's no conspiracy here. Attestation requires a trusted third party, same as TLS. You know how you can generate self-signed certificates, but your browser and other tools don't trust them? Attestation is like that. What you keep calling a "ban" is a trivial operational consequence of this. Individual services still get to decide whether attestation is even required, and in the consumer space you aren't going to see it much.
The "they" is any corporation that has an interest in the user not controlling their system, and whom this technology caters to. This sea has plenty of fish already. Streaming services serving Hollywood content, banks, dating apps...
Lastly I even faced another one. Something as simple as a gym token wants GMS, attestation and GPS positioning because it treats its users as liars prima facie. That's the new norm this attestation enables. No conspiracy needed, simple business interest and greed to juice "customers" to the last penny drives you there.
You're on a tangent from the discussion you're replying to. Individual services get to decide requirements for their users, but that's not at all the same as "banning" KeePassXC from the entire ecosystem.
Like, there are lots of services that require SMS or email link MFA. I guess KeePassXC is just banned from everything, then?
To repeat, the GitHub issue digiown linked is not a threat to ban KeePassXC. A random guy from Okta doesn't have that power. Okta itself doesn't have that power or want to have that power. The GitHub issue is simply a description of what attestation is.
OPs point is that we shouldn't allow "individual services get to decide requirements for their users". If the spec requires being implemented in a way that allows that, it's a user-hostile spec.
That wasn't their point and is orthogonal to their misunderstanding of the GitHub issue where, again, no threat is being made.
But in any case services do get to decide, because the service runs on someone else's computer, not yours. You get to decide what happens on your computer, they get to decide what happens on theirs.
> This is electionist cope. The elections are decided in a handful of states with narrow margins.
And the other guy's point was that the backlash against Trump is significant enough that this time around elections may not be decided that way. As evidence: A Texas district that was Republican for 25 years, that voted Republican by a 17% margin in November 2024, just elected a Democrat by 14% (after he'd already won by 12% in November 2025).
This is separate from the obvious fact that House seats are decided in district elections and are all up for grabs this year.
The images are AI-generated. This makes them automatically bad in some people's view, but I think they're reasonably fitting here. With a little bit of work (e.g. attention to consistency between frames, blending into the site background) they could even be good.
The art’s aesthetic, which resembles Calvin and Hobbes, is disrespectful to its creator, Bill Watterson’s.
Bill spent a lot of energy fighting commercialization of his work, arguing that it would devalue his characters and their personalities. I don’t know what is cheaper than using an AI model to instantly generate similar art, for free.
You did do pretty well! I don't think the final result was ruined at all. Not many people will notice things like his pants only being brown in the first image, or their eyes only having whites in the third image, or his jacket sometimes having a hood and sometimes not.
Compared to what we see on most blogs, even patio11's, this is capital-A Art.
It's a probabilistic cache. Standard Bloom filters can't add items indefinitely, and also can't evict old items to make room for new ones. Thus, rotating.
reply