Phoenix: A modern X server written from scratch in Zig
from git.dec05eba.com
284
by
snvzz
6h ago
|
|
|
Article:
9 min
Phoenix is a new X server developed from scratch in Zig. It aims to be simpler than the Xorg server by supporting only modern applications, hardware, and protocols. Phoenix prioritizes security through automatic parsing of protocol messages and built-in isolation between applications. It also focuses on improving graphics handling with features like tearing prevention, compositor integration, and HDR support.
Phoenix could encourage the development of more secure and efficient X server alternatives, potentially leading to improved user privacy and system stability.
- Supports only relatively modern applications and hardware.
- Automatically catches illegal behaviors through Zig's ReleaseSafe option.
- Isolates applications by default, allowing interaction with permission prompts or explicit permissions.
- Improves graphics handling with tearing prevention and built-in compositor.
- Develops new standards like per-monitor DPI for better application scaling.
Discussion (134):
The discussion revolves around an X server implementation, with opinions on its naming, support for legacy protocols, and comparison to Wayland. There is a mix of agreement and debate among participants.
- The compositor will get disabled if the client runs a fullscreen application and disabled vsync in the application.
Counterarguments:
- Pretty interesting approach to make an X server that is essentially 'Wayland-like' (merging display server/compositor by default, isolated apps by default, no remoting of GLX, dropping legacy protocol features to the point of breaking compat with the core protocol, etc.). Not sure who this is for, but by itself it looks like a fairly reasonable set of choices.
Software Development
Operating Systems, Computer Science
Show HN: Minimalist editor that lives in browser, stores everything in the URL
from github.com/antonmedv
264
by
medv
9h ago
|
|
|
Article:
2 min
Minimalist editor that operates within the browser, storing content in URL hash. Features include compression magic, URL storage for sharing, dark mode, auto-save, mobile-friendliness, and no backend.
Social implications are minimal, as it is a technical tool with no direct social impact
- Lives entirely in the browser
- Stores content in URL hash
- Features compression, dark mode, auto-save, and mobile compatibility
Quality:
The article provides clear and concise information about the editor's features without exaggerating its capabilities.
Discussion (89):
9 min
The comment thread discusses a simple, URL-based notes app that uses only modern browser features. Users praise its simplicity and functionality for quick note-taking while mentioning limitations in URL length and privacy concerns regarding server-side logging of URLs. The discussion also includes comparisons with other similar projects and insights into browser-specific URL handling.
- The app is a simple and effective solution for quick note-taking.
- It respects privacy by not using cookies or tracking.
Counterarguments:
- Limitations in URL length may cause issues for sharing longer content.
- Potential for server-side logging of URLs.
Web Development
Browser-based Applications, JavaScript
CSRF protection without tokens or hidden form fields
from blog.miguelgrinberg.com
136
by
adevilinyc
2d ago
|
|
|
Article:
17 min
The article discusses the implementation of CSRF protection in Microdot, a web framework. The author initially planned to use traditional methods like anti-CSRF tokens and hidden form fields but discovered a simpler approach based on the Sec-Fetch-Site header. This method allows servers to reject requests with the 'cross-site' value for this header, effectively protecting against CSRF attacks.
This method could influence the way developers implement CSRF protection in their web applications, potentially leading to more secure and streamlined solutions.
- Microdot framework's lead developer implemented CSRF protection without traditional tokens or hidden form fields.
- Found a new, simpler method based on the Sec-Fetch-Site header for modern browsers.
- Discussed handling subdomains and compatibility with older browsers.
- Implemented an argument 'allow_subdomains' in Microdot to address subdomain attacks.
- Provided fallback options using Origin header or explicit user configuration.
Discussion (27):
The comment thread discusses the role of Sec-Fetch-Site in OWASP's security practices, its influence due to corporate compliance, and compares it with other modern CSRF protection methods like SameSite cookie attribute. The author corrects a mistake in the OWASP cheat sheet regarding Sec-Fetch-Site's position.
Security
Web Security, Web Development
Fabrice Bellard: Biography (2009) [pdf]
from ipaidia.gr
224
by
lioeters
10h ago
|
|
|
Article:
36 min
The article is a biography of Fabrice Bellard, a French computer scientist known for his contributions to programming, mathematics, and digital signal processing. He has developed notable projects such as LZEXE (executable file compression), TinyGL (OpenGL implementation), FFMPEG (digital video and audio conversion tool), QEMU (processor emulator), and has won the International Obfuscated C Code Contest twice.
Bellard's work has influenced various fields including computer science, digital media processing, and virtualization technology.
- Born in Grenoble, France in 1972
- Developed LZEXE for efficient compression
- Created TinyGL, a small OpenGL implementation
- Founded FFMPEG, a digital video and audio conversion tool
- Published QEMU, the first processor emulator with near-native performance
Discussion (62):
8 min
The comment thread discusses the biography of Fabrice Bellard, his contributions to programming (FFmpeg, QEMU), and speculates about whether he uses LLM coding tools. There is a debate on this topic with supporting evidence from both sides.
- Fabrice Bellard has used LLM coding tools
- Fabrice Bellard does not use LLM coding tools
Counterarguments:
- LLMs could potentially help Bellard be even more productive.
- Current LLMs may not be good enough for the type of work Bellard does.
Computer Science
Artificial Intelligence, Computer Vision, Digital Privacy
Research team digitizes more than 100 years of Canadian infectious disease data
from news.mcmaster.ca
84
by
XzetaU8
5d ago
|
|
Article:
7 min
A research team has digitized over a century's worth of Canadian infectious disease data, creating a comprehensive dataset called 'CANDID' that spans from 1903 to the present day. This dataset includes weekly, monthly, and quarterly case numbers for various diseases across provinces and territories, providing valuable insights into past outbreaks and epidemics.
The release of this dataset could lead to improved public health strategies and preparedness for future outbreaks, benefiting all Canadians by enhancing understanding of disease patterns and facilitating more effective response measures.
- Discovery of 50 years of weekly infectious disease incidence reports from 1939-1989 in Ontario Ministry of Health archives.
- Creation of the Canadian Notifiable Disease Incidence Dataset (CANDID) containing over a million infectious disease incidence counts.
- Public release of the dataset for use by epidemiologists to study patterns, learn from historical surveillance efforts, and strengthen public health preparedness.
Discussion (5):
Comment analysis in progress.
Healthcare
Public Health, Epidemiology
Show HN: Exploring Mathematics with Python
from coe.psu.ac.th
64
by
Andrew2565
5d ago
|
|
Article:
11 min
Exploring Mathematics with Python is an updated version of Arthur Engel's 1993 textbook, which uses Python instead of Turbo Pascal for exploring mathematical concepts. The book covers over 60 topics across various chapters and includes new content by Andrew Davison, focusing on areas like fractals, chaos, computer graphics, computational geometry, continued fractions, Markov chains, navigating the Earth, quaternions, curve fitting, conic sections, solving cubic equations, and the catenary. The book is aimed at university-level students with a year of exposure to mathematics and programming, as well as advanced high school students who have studied additional math and been introduced to Python.
The book could enhance the learning experience for students by integrating programming with mathematics, potentially improving their understanding of complex mathematical concepts through practical applications.
Discussion (3):
More comments needed for analysis.
Education
Computer Science, Mathematics