Anime4K - A High-Quality Real Time Anime Upscaler
> We present a state-of-the-art high-quality real-time SISR algorithm designed to work with japanese animation and cartoons that is extremely fast (~3ms with Vega 64 GPU), temporally coherent, simple to implement (~100 lines of code), yet very effective. We find it surprising that this method is not currently used ‘en masse’, since the intuition leading us to this algorithm is very straightforward. Remarkably, the proposed method does not use any machine-learning or statistical approach, and is tailored to content that puts importance to well defined lines/edges while tolerates a sacrifice of the finer textures.
HTTP/2 Denial of Service Advisory
> Netflix has discovered several resource exhaustion vectors affecting a variety of third-party HTTP/2 implementations. These attack vectors can be used to launch DoS attacks against servers that support HTTP/2 communication.
Son of Slowloris returns!
> While this added complexity enables some exciting new features, it also raises implementation questions.
Here comes trouble...
> The Security Considerations section of RFC 7540 (see Section 10.5) addresses some of this in a general way. However, unlike the expected “normal” behavior—which is well-documented and which implementations seem to follow very closely—the algorithms and mechanisms for detecting and mitigating “abnormal” behavior are significantly more vague and left as an exercise for the implementer. From a review of various software packages, it appears that this has led to a variety of implementations with a variety of good ideas, but also some weaknesses.
Spying on HTTPS
> While most users probably would have no idea what to make of this, I happened to know what it means– Chrome is warning me that the system configuration has instructed it to leak the secret keys it uses to encrypt and decrypt HTTPS traffic to a stream on the local computer.
Become allergic to The Churn
> The Churn is losing a day debugging because a transitive dependency changed a function signature. The Churn is spending a week just to get a project you wrote a year ago to even run. The Churn is rewriting your front-end because a shiny new thing came around.
> Many people are blind to The Churn. They waste days, weeks, months of their lives without blinking, or worse, they get a perverse sense of achievement because the thing which was working fine works again.
The Lonely Work of Moderating Hacker News
> The site’s now characteristic tone of performative erudition—hyperrational, dispassionate, contrarian, authoritative—often masks a deeper recklessness. Ill-advised citations proliferate; thought experiments abound; humane arguments are dismissed as emotional or irrational. Logic, applied narrowly, is used to justify broad moral positions. The most admired arguments are made with data, but the origins, veracity, and malleability of those data tend to be ancillary concerns. The message-board intellectualism that might once have impressed V.C. observers like Graham has developed into an intellectual style all its own. Hacker News readers who visit the site to learn how engineers and entrepreneurs talk, and what they talk about, can find themselves immersed in conversations that resemble the output of duelling Markov bots trained on libertarian economics blogs, “The Tim Ferriss Show,” and the work of Yuval Noah Harari.
This is a pretty fun read I think, even for people who don’t like HN. Or perhaps especially so. Some great, and dismal, quotes. Even ngate makes an appearance.
Yelp is Screwing Over Restaurants By Quietly Replacing Their Phone Numbers
> The phone numbers add tracking before connecting to a restaurant so that Grubhub can bill for a marketing fee.
> “There’s a button where you could hit play and so I was like, what is this?” he said. “I hit play, and the first call was me on the phone, which freaked me out because I didn’t know I was being recorded.” The call was a customer who had his restaurant confused with another restaurant. It took four minutes to figure this out before the customer hung up without placing an order. “I got charged almost $8 for that phone call.”
Turning a MacBook into a Touchscreen Using the Webcam
> Our idea was to retrofit a small mirror in front of a MacBook’s built-in webcam, so that the webcam would be looking down at the computer screen at a sharp angle. The camera would be able to see fingers hovering over or touching the screen, and we’d be able to translate the video feed into touch events using computer vision.
vDSO, 32-bit time, and seccomp
> The seccomp() mechanism is notoriously difficult to use. It also turns out to be easy to break unintentionally, as the development community discovered when a timekeeping change meant to address the year-2038 problem created a regression for seccomp() users in the 5.3 kernel. Work is underway to mitigate the problem for now, but seccomp() users on 32-bit systems are likely to have to change their configurations at some point.
The problems inherent in exposing very low level interfaces in one place (seccomp) and high level interfaces in another (libc).
Killing a process and all of its descendants
> Unix-like operating systems have sophisticated process relationships. Parent-child, process groups, sessions, and session leaders. However, the details are not uniform across operating systems like Linux and macOS. POSIX compliant operating systems support sending signals to process groups with a negative PID number.
I think some of this is not entirely correct, but as noted, it’s a complicated subject.
How to wring power from the night air
> Solar power is all very well, but it is available only during daylight hours. If something similarly environmentally friendly could be drawn on during the hours of darkness, that would be a great convenience. Colin Price, an atmospheric scientist at Tel Aviv University, in Israel, wonders if he might have stumbled across such a thing. As he told a meeting of the International Union of Geodesy and Geophysics, held in Montreal in July, it may be possible to extract electricity directly from damp air—specifically, from air of the sort of dampness (above 60% relative humidity) found after sundown, as the atmosphere cools and its ability to hold water vapour diminishes.
The Ethics of Web Performance
> Advocates of any technique or technology can be a bit heavy-handed when it suits them if they’re not being careful–myself included. But I’m not sure if that’s the case here. When you stop to consider all the implications of poor performance, it’s hard not to come to the conclusion that poor performance is an ethical issue.
> Poor performance can, and does, lead to exclusion. This point is extremely well documented by now, but warrants repeating. Sites that use an excess of resources, whether on the network or on the device, don’t just cause slow experiences, but can leave entire groups of people out.
> The “best practice” solution is a technique known as suffix trees, which requires some moderately complex coding. However, we can get very reasonable performance for strings up to hundreds of thousands of characters long using a much simpler approach.
Banding in Games: A Noisy Rant
> If you use sRGB correctly, you’re doing pretty well - you will generally hardly notice banding (though dark areas remain)
> If you are not on a platform where it’s readily available, or you want to get rid of the last issues, the rest of this presentation is for you
Dithering. Lots of dithering.
The Internet's Old Guard
> So we gathered around a circle of old timers and listened to them reminisce. The man who’d called the gathering guided the conversation. It slowly dawned on me that he was Lee Felsenstein, who’d set up the first public-access computer in Berkeley and helped start the Homebrew Computer Club, which incubated Apple and the personal computer. He was managing this conversation with the skills he’d learned from moderating the HCC meetings for years. I’d read about his story in Steven Levy’s book Hackers. Sometimes you’re reminded that history isn’t something that happened elsewhere, it’s an ongoing story we’re still living in.
Plus some other characters.
BART slows rollout of new trains as it contends with more repairs than expected
> One example is the “D” cars, which have a cab where the operator sits. The agency expects them to run 6,000 hours before hitting any kind of equipment failure that causes a delay of five minutes or more. They’re hovering at 1,000 hours.
The Roots of Boeing’s 737 Max Crisis: A Regulator Relaxes Its Oversight
> In the days after the first crash of Boeing’s 737 Max, engineers at the Federal Aviation Administration came to a troubling realization: They didn’t fully understand the automated system that helped send the plane into a nose-dive, killing everyone on board.
> Engineers at the agency scoured their files for information about the system designed to help avoid stalls. They didn’t find much. Regulators had never independently assessed the risks of the dangerous software known as MCAS when they approved the plane in 2017.
Adblocking: How About Nah?
> The rise and rise of ad-blockers (and ad-blocker-blocker-blockers) is without parallel: 26% of Internet users are now blocking ads, and the figure is rising. It’s been called the biggest boycott in human history.
> Adversarial interoperability occurs when someone figures out how to plug a new product or service into an existing product or service, against the wishes of the company behind that existing product or service.
Plus a history of ads on the web.
What Internet Memes Get Wrong About Breezewood, Pennsylvania
> However, the idea that the photo is placeless is, to be blunt, nonsense. As others have pointed out before me, the setting is instantly recognizable as Breezewood and only Breezewood. Far from being “Every Town, U.S.A.,” Breezewood is a weird, improbable blip of a place. It’s what an architect might call a unique urban condition—a churning mini-city where the population nearly turns over every hour. (For this reason, and for the place’s sheer, unembarrassed honky-tonk, I’m a Breezewood fan.)
Extending the Kernel with Built-in Kernel Headers
> Kernel headers are usually unavailable on the target where these BPF tracing programs need to be dynamically compiled and run. That is certainly the case with Android, which runs on billions of devices. It is not practical to ship custom kernel headers for every device. My solution to the problem is to embed the kernel headers within the kernel image itself and make it available through the sysfs virtual filesystem (usually mounted at /sys) as a compressed archive file (/sys/kernel/kheaders.tar.xz). This archive can be uncompressed as needed to a temporary directory. This simple change guarantees that the headers are always shipped with the running kernel.
I feel this is the wrong solution, but interesting nevertheless.
How (not) to sign a JSON object
This covers a lot of ground. I liked this quote, even though there’s much more to the post.
> Canonicalization is a quagnet, which is a term of art in vulnerability research meaning quagmire and vulnerability magnet. You can tell it’s bad just by how hard it is to type ‘canonicalization’.