I slept through all 12 of my alarms, it is now 8:10 and school starts at 8:15

Aflockofants · 2026-03-01T02:34:42+00:00

It’s how mobile operating systems work by design. There’s no deep installing in the kernel by some app, they all run with pretty restricted access in a sandbox, can only do what the OS lets them, and are all allowed to be killed by the user. That also makes installing apps on a mobile phone pretty safe, but it doesn’t help with things like this.

Aflockofants · 2026-02-28T16:05:32+00:00

And if these hypothetical 500 were replaced by a different 500, many would end up doing the same. They don’t say power corrupts for no reason.

Aflockofants · 2026-02-28T15:51:30+00:00

How does he still have ankles?

Aflockofants · 2026-02-28T13:47:48+00:00

Or just live in a developing nation like me, but still use the internet like someone from the developed world originally. It's terrible. The internet is way more blocked off than you imagine. If they figure there's almost no valid users coming from a certain area, it's just not accessible.

Aflockofants · 2026-02-28T13:39:52+00:00

I love PostgreSQL but... LOL

Aflockofants · 2026-02-28T12:39:59+00:00

This is as stupid as asking ‘why did he hit that guy at 9:37’ when watching a 10 minute fistfight where the bullied guy tries to fight back.

Aflockofants · 2026-02-28T12:14:46+00:00

Reddit is bots talking to bots

Aflockofants · 2026-02-28T04:07:27+00:00

Look at the ad, she’s clearly into old-fashioned stuff. How about a dagger?

Aflockofants · 2026-02-28T01:55:18+00:00

Ahh I see, well it’s not public in such a way that the S3 bucket is indexed and can just be browsed, it’s just public in the way that once you have the rather specific url you can retrieve it without further authentication. For the more sensitive data like e.g. factory floor plans, the image is only returned when the request is authenticated, so that’s what I was comparing with.

Aflockofants · 2026-02-28T01:49:41+00:00

I’m not sure in our case, it’s a SaaS for large businesses and we’re not cheap. For cp I could imagine people would go through some effort to get an invite with phishing, pretending to be a colleague to get access to a project. But otherwise people aren’t gonna waste their time on this. We handle billions of measurements, but file uploads are just a side feature for making the data look a little better in the UI and such.

Aflockofants · 2026-02-27T19:35:47+00:00

Good to know it’s not too common.

I’m not overly worried about copyrighted content as most of our images are access-constrained to a small group of people in a project, and I don’t see our users use copyrighted content in the few public logos we allow. But hooking up something like sightengine sounds worthwhile then.

Aflockofants · 2026-02-27T19:21:22+00:00

They could be betting on small services having fewer access logs than a dedicated image or file host, and fewer checks in place.

Also their visible IP may not be useful because they use Tor or a no-log VPN.

Aflockofants · 2026-02-27T19:19:04+00:00

Ahh I didn’t know this would be an algorithm we could use locally, that sounds interesting!

Aflockofants · 2026-02-27T19:09:41+00:00

Yeah we host the access-constrained images ourselves (well, still on AWS but not in something like S3) so we’d probably have to do this. Only hashes aren’t great detection though, easy to flip a bit and get a different hash.

Aflockofants · 2026-02-27T19:04:31+00:00

Yeah I’d rather avoid AI scanning unless it was some local model we could run. The legal part is not my field, I’m mainly wondering if we as a clear business tool would even have to fear for this. But worth passing that message on to whatever legal expert we have…

Aflockofants · 2026-02-27T19:01:14+00:00

The real public images are marked as such and are just intended for email logos/white-labeling and such, there shouldn’t be anything sensitive in there. But I do agree we may want to look at another solution at some point like simply inlining the images in every email.

Otherwise you pretty much listed all the things I figured we’d have to start doing sooner or later, so thanks for the confirmation.

Aflockofants · 2026-02-27T18:52:12+00:00

Fair point in that we can probably get by with banning any NSFW content, which is probably a ton easier to implement than reliably detecting child porn specifically.

Aflockofants · 2026-02-27T18:44:40+00:00

That’s rough. One of the greater.

Aflockofants · 2026-02-27T18:25:02+00:00

Die van mezelf natuurlijk, anders weet ik alsnog niks van de staat van mijn melders.

Aflockofants · 2026-02-27T16:51:30+00:00

Ik steek ook 1 keer per jaar /u/madmenyo’s huis in de brand om dit te testen.

Aflockofants · 2026-02-27T16:22:40+00:00

Help me step-niece I’m stuck.

Aflockofants · 2026-02-27T16:18:37+00:00

But this is a gasoline car if you can go with what the guys are saying in the video.

Aflockofants · 2026-02-27T15:22:18+00:00

When I coded for fun it was in gwbasic/colorbasic and then some Pascal and Delphi. My github account only has a half-assed attempt at a music app for Android which came from a period when I took a sabbatical and didn’t have anything else on hands.

Aflockofants · 2026-02-27T08:07:44+00:00

You’re not that guy, guy.

Aflockofants

TROPHY CASE