I have strongly negative connotations with rock tumblers. When I was about 8 I saw one in a store and thought it would turn regular rocks into precious stones. One of the biggest disappointments of my childhood.
The claims made on that kind of hobby tool, in that era, serve as a fantastic argument for truth-in-advertising laws. Looking at you, the perpetual ad for (plans for) time machines and force fields in the back of Boy's Life.
Me, just the opposite, but my dad was a jeweler, so my context was much better informed. I was positively surprised by how cool rocks looked after smoothing and then polishing.
Slightly older, I graduated to polishing cabachons on a grinder system.
Teenage me learned to solder gold rings to new sizes, which benefitted young electrical engineering me - gold and lead solder very similarly.
All of this, I now realize, was more-or-less a planned arc/quasi-apprenticeship training for the family store.
Precious/semi-precious stones are rather arbitrarily defined. Various forms of chalcedony (agates, jasper, chert, etc) can often be called such, and are very common sometimes.
I’ve buckets of agates and jasper, among other things (like petrified wood) that I’ve found in fields while doing my ag job here in the willamette valley of Oregon. Oregon as a whole is amazing for rockhounding. There are some spots where I can’t go a several feet without seeing a 1cm or larger agate just laying there. Makes it hard to concentrate. I’ve mostly got it out of my system now though.
Cleaned up a bunch thanks to an ultrasonic cleaner, and one day will tumble a bunch to give away.
Yeah, I dug up a bunch of quartz crystals, some granite containng small fossils (tiny clams, small spiral shells etc), and a few pieces of turqoise in the backyard as a kid. How interesting the rocks in your own backyard are depends a lot on the geological history of the area though.
Same. I also had one when the school mail-order book fair offered a diary with a padlock on it. I wasn't even into writing, but I thought a locking book was so cool. 8 weeks later it shows up and turns out to be just a regular hardcover diary with the cover printed to look like a padlock.
Was he on in between Ivermectin and DMT enthusiasts? Not that MDMA treatments are definitely bunk, but Doblin seems like he's promoting himself as much as he's interested in helping people.
Thanks! This sort of "deno"-fies Node, but in my opinion it's a bit smarter. With Deno, it's an all or nothing approach where 3rd party libraries still have the same access as the main application.
Hagana is still not at the stage where it's fully ready to block all attacks, there's still work to be done, but I do want to be transparent about the approach taken so that the open source community can create issues that show sandbox breakouts (as someone already has).
Eventually it'll get to the point where the security will be tight enough that having it open source won't make a difference.
Additionally, even having this rudimentary protection is still more effective at blocking generic supply chain attacks than not having any protection at all.
I've given this exact question some thought. I think that the only real way to make sure this doesn't happen is by not allowing any 3rd party packages into the codebase. That means any package I want to install will have to be manually copied over. Granted, that this isn't the state now in the repo since I wanted to get to a POC phase as quickly as possible, but it's something I'm going to do.
The problem with a lot of these attempts at fingerprinting prevention is that they cause additional data which can be used to more accurately fingerprint users.
getImageData() is blocked - datapoint
Any detectable difference from what a “regular” browser would return is another point of entropy.
However, the accuracy of device fingerprinting with `getImageData()` is as far as I can tell a lot higher than the accuracy from trying to fingerprint people based on whether they're returning blank data from that call.
If turning off a feature reveals a new 3 bits of information, but leaving it on would have revealed 5 bits, then it's still probably a good idea to turn it off.
Again, not to say that people shouldn't care about those 3 bits, they should. But it's not necessarily a waste of time even if a site tries to use anti-fingerprinting as its own metric. It only becomes a waste of time if the anti-fingerprinting is more unique than leaving the holes open.
Yup, I agree with you about this. It’d be interesting to do a deep dive into a library like FingerprintJS and see what has the most weight in terms of uniqueness. Maybe getImageData is worthwhile blocking, but perhaps other APIs will increase the amount of entropy.
At the moment it’s not the default though. So people who enable this feature will, ironically be more unique and therefore more accurately fingerprintable.
There are sects (like the ultra orthodox) who don't use Sabbath mode specifically for this reason. They say that the added weight causes the elevator's motor to work harder thereby desecrating the Sabbath.
A prohibition on "creation" is over-broad. Any action taken purposefully can be considered an act of creation. That would include choosing to adhere to the law (thus creating a world where there is more compliance with the law) even if that takes the form of deliberately doing nothing.
The only way I can think of to completely avoid creating anything would be to remain unconscious the entire time, thus preventing yourself from making any choices.
Yes, that is understood. My point was that if the intention was to prohibit "acts of creation" then the official list is woefully incomplete, and rather arbitrary; other acts which could equally well be considered "creation" under the same reasoning are not prohibited. (Mostly IMHO because if said reasoning were applied consistently it would be impossible to follow the law, regardless of what one did or did not do.) It leaves the impression that "creation" is merely an excuse or after-the-fact rationalization, not the actual reason for the prohibition.
