The SSO Wall of Shame – Vendors that treat SSO as luxury feature
Why does this exist? Single sign-on (SSO) is a mechanism for outsourcing the authentication for your website (or other product) to a third party identity provider, such as Google, Okta, Entra ID (Azure AD), PingFederate, etc. In this context, SSO refers to a SaaS or similar vendor allowing a business client to manage user accounts […]
Notion releases offline mode
Ever tried to dive into work, only to realize you’re offline? Maybe you’re on a flight, off the grid, or stuck in a dead zone right when inspiration hits. With Notion’s offline mode, you can keep your workflow uninterrupted, your content protected, and your work accessible from anywhere, no signal required. Because even if the […]
D2 (text to diagram tool) now supports ASCII renders
In the latest release of D2 (0.7.1), we introduce ASCII outputs. Any output file with extension txt will use the ASCII renderer to write to it. Here is an example of their rendering from the D2 Vim extension. The user opens a .d2 file and opens a preview window, which updates upon every save. Code […]
Emacs as your video-trimming tool
Emacs as your video-trimming tool ██ ██ ███████ ███ ██ ██████ ██████ ██ ██ ██ ███ ███ ██ ██ ██ ████ ██ ██ ██ ██ ██ ██ ██ ██ ████ ████ ███ █████ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ████ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ […]
How We Exploited CodeRabbit: From Simple PR to RCE and Write Access on 1M Repos
In this blog post, we explain how we got remote code execution (RCE) on CodeRabbit’s production servers, leaked their API tokens and secrets, how we could have accessed their PostgreSQL database, and how we obtained read and write access to 1 million code repositories, including private ones. This blog post is a detailed write-up of […]
A renovation project in Turkey led to the discovery of a lost city (2023)
We live cheek by jowl with undiscovered worlds. Sometimes the barriers that separate us are thick, sometimes they’re thin, and sometimes they’re breached. That’s when a wardrobe turns into a portal to Narnia, a rabbit hole leads to Wonderland, and a Raquel Welch poster is all that separates a prison cell from the tunnel to […]
Launch HN: Parachute (YC S25) – Guardrails for Clinical AI
Hi HN, Aria and Tony here, co-founders of Parachute (https://www.parachute-ai.com/). We’re building governance infrastructure that lets hospitals safely evaluate and monitor clinical AI at scale. Hospitals are racing to adopt AI. More than 2,000 clinical AI tools hit the U.S. market last year – from ambient scribes to imaging models. But new regulations (HTI-1, Colorado […]
Chrome intends to remove XSLT from the HTML spec
{{ message }} Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can […]
Positron, a New Data Science IDE
We are excited to introduce Positron, a free, next-generation Integrated Development Environment (IDE) for data science by Posit PBC. Positron brings the spectrum of exploration and production work together in one environment so you can move from ideation to insight to application without switching context. Ultimately, we have taken all the learnings from the 14+ […]
Without the Futex, It’s Futile
Phil Eaton’s book club is starting The Art of Multiprocessor Programming, 2nd Edition , which is a very well regarded textbook, and pretty recently updated (2021). I’ve even heard of a couple of authors. I’ve done a lot of concurrent programming, and have always felt like I’ve still got plenty to learn, so I was […]