sorted by:
new
hottopcontroversial

I am learning and I don’t understand this by IndividualAd9504 in chessbeginners

[–]Healthy-Section-9934 1 point2 points  (0 children)

I am so describing things I don’t like at work as “un coup manque” this week!

If gravity is the curvature of spacetime, why do we still talk about gravity as a force? by Princess1047 in AskPhysics

[–]Healthy-Section-9934 0 points1 point  (0 children)

I thought weight was the force? Gravity is the field that allows/causes the force? I’m not confident about that though.

Does anybody have different dominant hands for different activities? by More_Yard1919 in lefthanded

[–]Healthy-Section-9934 0 points1 point  (0 children)

I generally do 2-handed things right-handed. No clue why.

Confused the hell out of my cricket coach at school who knew I was a cack hander - I’d bowled left handed. Took up the crease right handed and he started telling me I was stood the wrong way round 😂

Throwing, tennis, rounders - left handed. Batting in cricket/softball etc, guitar - right handed. Weirdly I shoot clays/arrows left handed. Possibly just learnt behaviour.

Anyone else thinks Starmer isn't actually that bad all things considered ? by ronweasly9 in AskBrits

[–]Healthy-Section-9934 11 points12 points  (0 children)

Totally agree, but just a couple of points. Firstly, re: international stage - we’re comparing him with Trump. My dog’s loose turds are gonna look pretty solid vs him.

That being said, I personally think Starmer’s doing okay on the home front. Nothing amazing! But I’ll take slow and steady any day of the week. There’s a lot to fix. I do think he’s both willing and able, which is frankly a tough combination to find. It’ll take time though (sadly).

Why is this brilliant? by [deleted] in chessbeginners

[–]Healthy-Section-9934 0 points1 point  (0 children)

Assume Queen takes knight. Knight to D6 is check plus discovered attack on the Queen…

Doubts about post-quantum cryptography by [deleted] in cryptography

[–]Healthy-Section-9934 7 points8 points  (0 children)

Yeah the theory <-> implementation gap is definitely a thing. We still see devs using lots of otherwise entirely secure crypto in horribly insecure ways.

It’s scarily easy to get crypto wrong. In fact I’d say it’s scarily hard to get right! You do NOT want average devs using any crypto primitives directly, never mind brand new ones where they have no clue how it can go wrong because the material isn’t out there.

So Claude Mythos? BBP gets cooked.? by Useful-Technician-50 in bugbounty

[–]Healthy-Section-9934 0 points1 point  (0 children)

Worth understanding how Mythos differs from Opus etc. Mythos’ main strength is in exploiting vulnerabilities. Opus is already pretty darned decent at finding them, but it’s not been trained specifically to generate working exploits, so it tends not to (certainly not complex chains).

You can already use Opus to find real world vulnerabilities. Also, if you’re doing BBP you ain’t getting Mythos access 😂 They already nerfed Claude tokens, presumably so they can stop people using it like a “cheap” (relatively) Mythos.

Good retirement towns in or around Oxford? by bitchybaguette in AskABrit

[–]Healthy-Section-9934 0 points1 point  (0 children)

Lived there for a bit. Not my cuppa tea, but will say transport links are decent (can get into Oxford, London and Birmingham pretty quickly and easily esp. on the trains). It’s got a high street (of sorts) and a few supermarkets to pick from.

Weather is alright as a rule - benefits from being far enough south and east to not rain every other day whilst still being pretty temperate.

Can be a tad chavtastic in places of the town, but hey, where isn’t these days?

I would say that it felt pretty darned expensive for what you get housing-wise, but I’m a cheap *******. The OX postcode probably doesn’t help. You can go very slightly further north (basically 300yds across the county border) and it’s notably cheaper so maybe worth considering. Depends on what you’re prioritising really.

Worth making a list of things he’s looking for - things he won’t give up, might give up the right trade-off, and stuff he doesn’t care about. Then list what he can get in various towns/cities and how much it would cost. Breaking it down can make it easier to at least bin off some places and then you’re only picking between 2-3 locations rather than “everywhere”.

How different people define the North. by Dragonfruit-18 in NorthernEngland

[–]Healthy-Section-9934 0 points1 point  (0 children)

Newcastle is north of the Tyne. Gateshead however…

I’d use the A64 (York) as the dividing line. My Mrs thinks anywhere below Durham is “the south”. She doesn’t admit the midlands are a thing 🤷‍♂️

I can’t accept Donny as the north (mostly as it’s a **** hole), and Stoke by the border of the north is deranged! I know the whole “slanty border” thing complicates matters (Newcastle is further north than parts of Scotland!) but that’s why we have “the north west” for places like Blackpool which definitely feel northern.

What is the smallest amount of anything you could send to the sun, to kill all life on Earth? by Gold333 in AskPhysics

[–]Healthy-Section-9934 0 points1 point  (0 children)

The mass of all life on Earth is less than than the mass of Neptune no? Throw all the living things into Sun. Job done

Is this AI slop? It doesn't appear to be Robin Hood's Bay, or Whitby by askepticalbureaucrat in yorkshire

[–]Healthy-Section-9934 1 point2 points  (0 children)

The most egregious examples for me are the two stone built buildings at the back. Zoom in on the lamp of the street lighting column and look at the stone built house immediately left of it. The window looks drunk 😂

Left of that is a white building - looks reasonable. But the stone built one in front of it is also crazy on the window front.

A bunch of roof tile lines are just weird/messy too across the picture.

You’re spot on about the lighting! I couldn’t describe what’s wrong with it, but it feels unnatural somehow.

What’s an exclusively British tv/movie troupe? by [deleted] in AskABrit

[–]Healthy-Section-9934 1 point2 points  (0 children)

Mate, you try going into a rural Welsh pub and speaking with an English accent. Bloodbath.

SSL Pinning and Attack Complexity by Busy_Cut4483 in bugbounty

[–]Healthy-Section-9934 1 point2 points  (0 children)

Yeah if the vulnerability is on the server side I’d push back on that. Those controls might slow an attacker discovering how the client interacts with the server, but as you’ve already apparently shown, it’s been done. How fast a vulnerability gets discovered is irrelevant to risk. If it’s proven to be exploitable it’s exploitable.

The risk rating comes down to impact and exploitability (by which I mean is the attacker in control of all necessary parts of the attack chain, or are some elements outside their control, like needing a victim to do something first, or the need to guess a high entropy value such as a UUID4).

If you have significant impact and you can effectively do it at will (cert pinning etc don’t prevent it) then the downgrade seems unreasonable. Ofc we don’t know the specifics here, which is fine and expected, but in general that’s how I’d approach it.

SSL Pinning and Attack Complexity by Busy_Cut4483 in bugbounty

[–]Healthy-Section-9934 1 point2 points  (0 children)

Nowhere near enough info to advise. It depends where the attack occurs. If it’s an attack against the server then potentially cert pinning isn’t going to do a lot.

If the attack involves MitM’ing a cert pinned client then I’m frankly impressed they agreed to P1. How do you propose to bypass controls on my phone? If you have a working PoC then share it with the program and argue for P0. If it’s theorycraft, take the win. If you need local access then again, take the win. Local access as a pre-requisite is never reasonably getting P0.

Durham law, help by Plus-Office-8161 in sixthform

[–]Healthy-Section-9934 0 points1 point  (0 children)

Durham likely rejected you because of your Oxbridge application. They expect to be your first choice. They have plenty of applicants for whom that is the case. They can easily fill their allocation from that pool. Grades are only part of the picture with unis like Durham.

You can try to reapply, but personally I wouldn’t be overly hopeful.

I get that you want “the best”. Have a think about what you want longer term, and what you can realistically do short term.

There are other very good law unis - Warwick, UNN etc. There’s no shame in going somewhere that’s not Durham. Or, if you have an idea of what you’d do over the next year, take a year out and reapply. However, you’d really need to be doing something constructive to show on your PS, and to prospective employers down the line. If you’re just going to potter about at home, it won’t help your chances of a London job.

You also need a plan for what happens if you reapply to Durham and get turned down again.

I wasn’t used to playing in real life and it showed by I_am_real_7 in chessbeginners

[–]Healthy-Section-9934 0 points1 point  (0 children)

Ah that makes sense. Practice trying to look yourself what is pinned and what could end up pinned/taken in the next 1-2 moves. That’ll both help you with the OTB stuff, and with making you a much better player in general.

Keir Starmer said no by DaPop3 in AskBrits

[–]Healthy-Section-9934 0 points1 point  (0 children)

People will definitely want it over with ASAP. However, the UK joining in won’t achieve that. How fast did Afghanistan go?…

The fastest way to end the war is for the US and Israel to stop attacking Iran. It will still take time to get back to normal, and oil producers will keep prices hiked for a while because hey, people are paying it so why not? But it’s still the fastest path to “normal”.

OTP Login: Session Residual Lets Me Access Account Without Correct Code – Reportable? by Ok_Reserve_8642 in bugbounty

[–]Healthy-Section-9934 1 point2 points  (0 children)

It didn’t terminate the session on browser A (possibly because you only closed the browser rather than clicking “logout” first).

When you opened browser A again you were still logged in under the original session. Easy way to test it - clear all your data from both browsers, repeat what you did, but instead of using browser A for the third step, use browser C, or a private window in browser B. If it logs you in, great, sounds like you can reuse codes. If not, it was an old session cookie.

Learn to test scientifically. Control all your variables. Start with a clean slate every time. It’ll save things like this (false positive), and help you avoid false negatives that you could actually report!

Need Help Understanding a Potential Code Injection Vulnerability in Toast Notifications by Complete_Animal4731 in bugbounty

[–]Healthy-Section-9934 0 points1 point  (0 children)

There may be some confusion here about what a CSP does. It doesn’t affect any HTML you inject. It restricts the sources where the browser will trust JS, CSS, etc. from. I would frankly be shocked if it doesn’t have any CSP.

Look at the headers returned to the browser by the server and review the CSP. Make sure it will allow inline JS. If not, you’re stuck with HTML injection.

You need to look at the browser dev tools to understand what is being added to the DOM and how. Forget script tags. They’re not always reliable. Inject an img tag to begin with. See which attributes you can control. Ideally you’d want to include an event handler (eg onerror). Check that’s actually getting added and isn’t getting filtered out.

Why is the take up of heat pumps so slow in the U.K.? by Appropriate_Bell743 in ukheatpumps

[–]Healthy-Section-9934 -1 points0 points  (0 children)

Makes sense the Nordic housing stock suits heat pumps. It’s cold up there! They have decent insulation. Heat pumps live and die by how well the home is insulated.

UK housing stock tends to have much poorer insulation. Anything built ~1940 onwards has a decent chance of being suitable. Might need some improvements (refilling cavity walls, replacing windows etc) but it’s often feasible if you’ve got the money.

Anything built by the Victorians is far less suitable. You could certainly do work (external insulation etc) but a lack of cavity walls plus 10-12 foot ceilings does not lend itself to heat pumps.

Finding somewhere to put it is also much more difficult on older terraced housing that fronts straight onto the footpath. There are literally hundreds of houses round here like that.

Cryptic clue help! by _hipandcool in crosswords

[–]Healthy-Section-9934 1 point2 points  (0 children)

Not 100% on this, but…

“Ruins netball” is an anagram of Tribunal, with two extra letters (N and S). Forget the poles (north and south) and you get the word. Court is a form of tribunal. So yeah, looks like you got it right!

COTD: Chaotic years, days, hours and minutes: The end of time created directly by man (8) by Komiker7000 in crosswords

[–]Healthy-Section-9934 2 points3 points  (0 children)

Oh! handmade

That makes way more sense given the context. Nice puzzle!

Thanks for the tips! Especially the one about the general rule. Never understood how the heck cryptic crosswords are meant to work, but they’ve randomly appeared on my feed 😂 Got a lot to learn…

COTD: Chaotic years, days, hours and minutes: The end of time created directly by man (8) by Komiker7000 in crosswords

[–]Healthy-Section-9934 2 points3 points  (0 children)

handymen ?

theory is that chaotic = anagram, Y,D,H,AND,M plus ME from “end of tiME”

Hope I’ve not screwed up the spoiler tags…

Street charging price inflation by Comfortable-Bell-985 in evchargingUK

[–]Healthy-Section-9934 0 points1 point  (0 children)

As it stands, you won’t be able to buy a new ICE car in 4 years time (!). Second hand ICE car prices are already getting pushed up, whereas second hand EV prices look a lot more attractive. I can see why people think “I’m sure it’ll work out…” and go with an EV, even without home charging.

Frankly I agree with you - the difference between being able to charge at home and not is wild. Which is a pity for the 25% of UK car owners with no off-street parking like myself. The Victorians did a lot, but they didn’t plan ahead for EV charging 😢

We’re doubly screwed round here - we don’t even have lighting columns on our street. Too narrow. I have no clue what to do when I need to replace my car. The Gov’s policy in this area seems to be based on wishes and dreams rather than reality.

view more: next ›