Character encoding standard
POPULARITY
130 episodes with Unicode
31 episodes with Unicode
6 episodes with Unicode
5 episodes with Unicode
5 episodes with Unicode
7 episodes with Unicode
4 episodes with Unicode
4 episodes with Unicode
3 episodes with Unicode
Excited is overused This week, we recap Microsoft Build, Google I/O, and Java turning 30. Plus, more Vegemite talk and a discussion on whether tech presenters really need to tell us they're “excited.” Watch the YouTube Live Recording of Episode (https://www.youtube.com/live/4ar2nzlx3gw?si=pee9R6HbHN06etA2) 520 (https://www.youtube.com/live/4ar2nzlx3gw?si=pee9R6HbHN06etA2) Runner-up Titles We all need choices Vegans are against everything The problem is you shouldn't be watching keynotes You're giving the black box too much responsibility What are you going to do? Some more stuff they announced that I don't want They're excited about that Hopefully people are excited about that I'm happy for you I want to like it Nerd famous Can you just fix calendaring? It's too much I'm not going back to Java Rundown Will Matt try marmalade with his Vegemite for the full PBJ analogue. (https://bsky.app/profile/thescarletmanuka.bsky.social/post/3lpdioobdek27) MSFT Build Microsoft Build 2025: news and announcements from the developer conference (https://www.theverge.com/news/669382/microsoft-build-2025-news-ai-agents) Microsoft announces over 50 AI tools to build the ‘agentic web' at Build 2025 (https://venturebeat.com/ai/microsoft-announces-over-50-ai-tools-to-build-the-agentic-web-at-build-2025/) Findings from Microsoft's 3-week study on Copilot use (https://newsletter.getdx.com/p/microsoft-3-week-study-on-copilot-impact) Microsoft open sources Windows Subsystem for Linux (https://www.theregister.com/2025/05/19/microsoft_wsl_open_source/) Google I/O Everything announced at the Google I/O 2025 keynote (https://www.engadget.com/ai/everything-announced-at-the-google-io-2025-keynote-171514495.html?guccounter=1&guce_referrer=aHR0cHM6Ly9uZXdzLmdvb2dsZS5jb20v&guce_referrer_sig=AQAAAIewjPeuiVydyPgPtFxJyD7lYSE7rAY-BFM7JxN5AHvJvH_NrHmCURfrSuBK4HmB700OTDoGERdfPyB77mCb8_225GPcoppCXG4dl_bgGOA9j4E5Fprl_nUD__-69yEG5-W7vmXISAdJC2kBU3MSZErnX1TuyR1_gKfb5Hx_OdRs) Android XR is getting stylish partners in Warby Parker and Gentle Monster (https://www.theverge.com/google-io/670013/android-xr-warby-parker-gentle-monster-smart-glassesi-io-2025) Jules - An Asynchronous Coding Agent (https://jules.google/) Google Embraces MCP (https://thenewstack.io/google-embraces-mcp/?link_source=ta_bluesky_link&taid=682cf46509703200019ca4f3&utm_campaign=trueanthem&utm_medium=social&utm_source=bluesky) iOS 19 Will Let Developers Use Apple's AI Models in Their Apps (https://www.macrumors.com/2025/05/20/ios-19-apple-ai-models-developers/) NEW Claude MCP AI Super Agents (https://x.com/juliangoldieseo/status/1924148362653348232?s=46&t=zgzybiDdIcGuQ_7WuoOX0A) AWS Launches Its Take on an Open Source AI Agents SDK (https://thenewstack.io/aws-launches-its-take-on-an-open-source-ai-agents-sdk/) Java at 30: The Genius Behind the Code That Changed Tech (https://thenewstack.io/java-at-30-the-genius-behind-the-code-that-changed-tech/) Relevant to your Interests If AI is so good at coding … where are the open source contributions? (https://pivot-to-ai.com/2025/05/13/if-ai-is-so-good-at-coding-where-are-the-open-source-contributions/) Y Combinator says Google is a ‘monopolist' that has ‘stunted' the startup ecosystem (https://techcrunch.com/2025/05/13/y-combinator-says-google-is-a-monopolist-that-has-stunted-the-startup-ecosystem) Coinbase says customers' personal information stolen in data breach (https://techcrunch.com/2025/05/15/coinbase-says-customers-personal-information-stolen-in-data-breach/) DataBricks interview about Neon (https://www.axios.com/newsletters/axios-pro-rata-a6f0b4f0-fe7f-412f-bf4b-5978de02d604.html?chunk=1&utm_term=emshare#story1) OpenAI launches Codex, an AI coding agent, in ChatGPT (https://techcrunch.com/2025/05/16/openai-launches-codex-an-ai-coding-agent-in-chatgpt/) CarPlay Ultra, the next generation of CarPlay, begins rolling out today (https://www.apple.com/newsroom/2025/05/carplay-ultra-the-next-generation-of-carplay-begins-rolling-out-today/) Meta argues enshittification isn't real in bid to toss FTC monopoly case (https://arstechnica.com/tech-policy/2025/05/meta-says-no-proof-of-monopoly-power-wants-ftc-case-dismissed-mid-trial/) When Open Source Isn't: How OpenRewrite Lost Its Way (https://medium.com/@jonathan.leitschuh/when-open-source-isnt-how-openrewrite-lost-its-way-642053be287d) Wiz 2.0? Cyera's meteoric $6B valuation is turning heads across the cyber world | CTech (https://www.calcalistech.com/ctechnews/article/shavjm2g2) Steve Langasek, One of Ubuntu Linux's Leading Lights, Has Died (https://thenewstack.io/steve-langasek-one-of-ubuntu-linuxs-leading-lights-has-died/) Python: The Documentary [OFFICIAL TRAILER] (https://www.youtube.com/watch?v=pqBqdNIPrbo) Spain Orders Airbnb to Take Down 66,000 Rental Listings (https://www.nytimes.com/2025/05/19/business/airbnb-listings-spain.html) Detecting malicious Unicode (https://daniel.haxx.se/blog/2025/05/16/detecting-malicious-unicode/) Former Apple Design Guru Jony Ive to Take Expansive Role at OpenAI (https://www.wsj.com/tech/ai/former-apple-design-guru-jony-ive-to-take-expansive-role-at-openai-5787f7da) Apple's Worldwide Developers Conference kicks off June 9 (https://www.apple.com/newsroom/2025/05/apples-worldwide-developers-conference-kicks-off-june-9/) Valkey Turns One: How the Community Fork Left Redis in the Dust - Momento (https://www.gomomento.com/blog/valkey-turns-one-how-the-community-fork-left-redis-in-the-dust/?ck_subscriber_id=512834888&utm_source=convertkit&utm_medium=email&utm_campaign=[Last%20Week%20in%20AWS]:%20Transform%20Away,%20as%20AWS%20Reverses%20Course%20-%2017665354) Nonsense Max (@StreamOnMax) on X (https://x.com/StreamOnMax/status/1922781490473034153) Uber to introduce fixed-route shuttles in major US cities designed for commuters (https://techcrunch.com/2025/05/14/uber-to-introduce-fixed-route-shuttles-in-major-us-cities-other-ways-to-save/) Conferences POST/CON 25 (https://postcon.postman.com/2025/), June 3-4, Los Angeles, CA, Brandon representing SDT. Register here for free pass (https://fnf.dev/43irTu1) using code BRANDON (https://fnf.dev/43irTu1) (limited to first 20 People) Contract-Driven Development: Unite Your Teams and Accelerate Delivery (https://postcon.postman.com/2025/session/3022520/contract-driven-development-unite-your-teams-and-accelerate-delivery%20%20%20%20%20%208:33) by Chris Chandler SREDay Cologne, June 12th, 2025 (https://sreday.com/2025-cologne-q2/#tickets) - Coté speaking, discount: CLG10, 10% off. SDT News & Community Join our Slack community (https://softwaredefinedtalk.slack.com/join/shared_invite/zt-1hn55iv5d-UTfN7mVX1D9D5ExRt3ZJYQ#/shared-invite/email) Email the show: questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com) Free stickers: Email your address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) Follow us on social media: Twitter (https://twitter.com/softwaredeftalk), Threads (https://www.threads.net/@softwaredefinedtalk), Mastodon (https://hachyderm.io/@softwaredefinedtalk), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com) Watch us on: Twitch (https://www.twitch.tv/sdtpodcast), YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured), Instagram (https://www.instagram.com/softwaredefinedtalk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk) Book offer: Use code SDT for $20 off "Digital WTF" by Coté (https://leanpub.com/digitalwtf/c/sdt) Sponsor the show (https://www.softwaredefinedtalk.com/ads): ads@softwaredefinedtalk.com (mailto:ads@softwaredefinedtalk.com) Recommendations Brandon: MurderBot (https://www.google.com/aclk?sa=L&ai=DChcSEwi286yM0KiNAxUELNQBHStVDhgYABABGgJvYQ&co=1&gclid=Cj0KCQjwxJvBBhDuARIsAGUgNfjytNAoEF2oBZYZixtUoB15h1o0UU1SJRQp-A-GFE_i0FGLHOE5wY8aAoFzEALw_wcB&cce=1&sig=AOD64_3mm-tO-giOK7S1lj45fNCC7pw-6w&q&adurl&ved=2ahUKEwiFq6eM0KiNAxXI4ckDHc0cBAMQ0Qx6BAg9EAE)
This week in the security news: Malware-laced printer drivers Unicode steganography Rhode Island may sue Deloitte for breach. They may even win. Japan's active cyber defense law Stop with the ping LLMs replace Stack Overflow - ya don't say? Aggravated identity theft is aggravating Ivanti DSM and why you shouldn't use it EDR is still playing cat and mouse with malware There's a cellular modem in your solar gear Don't slack on securing Slack XSS in your mail SIM swapping and the SEC Ivanti and libraries Supercomputers in space! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-875
This week in the security news: Malware-laced printer drivers Unicode steganography Rhode Island may sue Deloitte for breach. They may even win. Japan's active cyber defense law Stop with the ping LLMs replace Stack Overflow - ya don't say? Aggravated identity theft is aggravating Ivanti DSM and why you shouldn't use it EDR is still playing cat and mouse with malware There's a cellular modem in your solar gear Don't slack on securing Slack XSS in your mail SIM swapping and the SEC Ivanti and libraries Supercomputers in space! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-875
This podcast interview focuses on the entrepreneurial journey to discovering powerful strategic frameworks through trial and error. My guest is Sharat Potharaju, CEO of Unicode. Sharat is a serial entrepreneur with 15 years of experience. He navigated through a decade of ventures that didn't scale before founding Uniqode in 2019. His company has since grown to serve over 50,000 businesses worldwide, including Fortune 500 companies, by creating innovative technology that connects physical and digital worlds through mobile experiences. What makes Sharat's story remarkable is his methodical approach to business building, where he combines weekly deep strategic thinking with rapid experimentation frameworks, always maintaining that impact—both for employees and customers—is what drives his entrepreneurial energy. And this inspired me, and hence I invited Sharat to my podcast. We explore how an entrepreneur's decade of failures can become the foundation for remarkable success. Sharat challenges conventional wisdom by dedicating specific time each week for deep thinking about long-term strategy while handling day-to-day operations. He reveals why being selective about advice is crucial for maintaining entrepreneurial confidence, and how balancing luck with persistence creates the conditions for breakthrough success. His approach makes products dead-simple for users while sticking to strict testing methods to know what works. Here is a quote that captures one of Sharat's most striking business lessons: "It's important to love your product, but it's even more important to be obsessed about the problem that you're trying to solve. Because if you're not obsessed about the problem, eventually you'll just fall in love with your product and lose your focus on vision." By listening to this podcast you will learn: Why entrepreneurial success typically takes a decade, not overnight, and how to mentally prepare for this reality How to implement a "Wednesday deep thinking" practice that balances long-term vision with short-term execution The secret to filtering advice from well-meaning investors, mentors, and colleagues without losing your entrepreneurial confidence How to create frameworks for experimentation that prevent chaos while maximizing learning For more information about the guest from this week: Guest: Sharat Potharaju Website: uniqode.com Learn more about your ad choices. Visit megaphone.fm/adchoices
It's another hot questions episode. Tabs vs spaces, whether we have imposter syndrome, why software keeps getting heavier, the correct length of functions and files, and what every programmer should know. Some things we mentioned: Interesting Characters (UTF-16, utf-8, Unicode, encodings) Software Design is Knowledge Building The Absolute Minimum Every Software Developer Must Know... Read More
It's another hot questions episode. Tabs vs spaces, whether we have imposter syndrome, why software keeps getting heavier, the correct length of functions and files, and what every programmer should know. Some things we mentioned: Interesting Characters (UTF-16, utf-8, Unicode, encodings) Software Design is Knowledge Building The Absolute Minimum Every Software Developer Must Know... Read More
Kürzlich titelten einige Tech-Magazine, ChatGPT baue "unsichtbare Zeichen" in generierte Texte ein. Was hat es damit auf sich? Gibt es wirklich unsichtbare Zeichen? In der 44. Folge von Informatik für die moderne Hausfrau beschäftigen wir uns damit, wie es funktioniert, dass Computer Zeichen (also Buchstaben, Ziffern etc.) speichern, interpretieren und korrekt darstellen können. Dazu schauen wir uns das Prinzip der Zeichencodierung genauer an und erfahren, was der Unterschied zwischen Zeichencodierung und Zeichensatz ist. Wir werfen einen Blick auf zwei der bekanntesten Zeichencodierungen, nämlich ASCII und Unicode, und klären auf, wozu es die sogenannten Steuerzeichen braucht. Den erwähnten Artikel zum Thema ChatGPT und vermeintlich unsichtbare Zeichen könnt ihr hier nachlesen: https://t3n.de/news/openai-zeichen-chatgpt-texte-1683993/ Grundlage für den Artikel ist dieser Bericht des KI-Unternehmens Rumi: https://www.rumidocs.com/newsroom/new-chatgpt-models-seem-to-leave-watermarks-on-text Alle Informationen über Unicode könnt ihr hier nachlesen: https://home.unicode.org/ Mehr zum Thema Leerzeichen erfahrt ihr hier: - https://unicode.org/charts/collation/chart_Whitespace.html - https://www.compart.com/de/unicode/category/Zs - https://de.wikipedia.org/wiki/Leerzeichen Es gibt übrigens auch eine Programmiersprache namens Whitespace, die auf der Nutzung unterschiedlicher Arten von Leerzeichen und (wie der Name schon sagt) Whitespaces basiert: https://de.wikipedia.org/wiki/Whitespace_(Programmiersprache) Ein Onlinetool, mit dem ihr euch Unicode-Steuerzeichen in euren Texten anzeigen lassen könnt, kann auf dieser Seite ausprobiert werden: https://www.soscisurvey.de/tools/view-chars.php In dieser Folge wird auf fünf weitere Folgen verwiesen: - Folge 21 - Sichere Datenübertragung und wie autoritäre Staaten sie unterwandern (können) - Interview mit Alexandra Dirksen - Folge 26 - Mehr Daten als erlaubt: Wie Buffer Overflows (Wahl-)Systeme beeinflussen können - Folge 31 - Zurück in die Vergangenheit oder wie die Zeitdarstellung in der Informatik funktioniert - Folge 32 - Adversarial Attacks: Wie sich KI-Systeme austricksen lassen - Folge 37 - Steganographie: Versteckte Botschaften, die Schaden anrichten können Ich habe zu Beginn der Folge auf die Studie zum Thema KI-Transformation von Stephanie Reiner hingewiesen - an der Online-Umfrage könnt ihr hier teilnehmen: https://sreineruni.limesurvey.net/271658?lang=de Alle Informationen zum Podcast findet ihr auf der zugehörigen Webseite https://www.informatik-hausfrau.de. Zur Kontaktaufnahme schreibt mir gerne eine Mail an mail@informatik-hausfrau.de oder meldet euch über Social Media. Auf Instagram und Bluesky ist der Podcast unter dem Handle @informatikfrau (bzw. @informatikfrau.bsky.social) zu finden. Wenn euch dieser Podcast gefällt, abonniert ihn doch bitte und hinterlasst eine positive Bewertung oder eine kurze Rezension, um ihm zu mehr Sichtbarkeit zu verhelfen. Rezensionen könnt ihr zum Beispiel bei Apple Podcasts schreiben oder auf panoptikum.social. Falls ihr den Podcast werbefrei hören möchtet oder die Produktion des Podcasts finanziell unterstützen möchtet, habt ihr die Möglichkeit, dies über die Plattform Steady zu tun. Weitere Informationen dazu sind hier zu finden: https://steadyhq.com/de/informatikfrau Falls ihr mir auf anderem Wege etwas 'in den Hut werfen' möchtet, ist dies (auch ohne Registrierung) über die Plattform Ko-fi möglich: https://ko-fi.com/leaschoenberger Dieser Podcast wird gefördert durch das Kulturbüro der Stadt Dortmund.
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
It's 2025, so why are malicious advertising URLs still going strong? Phishing attacks continue to take advantage of Google s advertising services. Sadly, this is still the case for obviously malicious links, even after various anti-phishing services flag the URL. https://isc.sans.edu/diary/It%27s%202025...%20so%20why%20are%20obviously%20malicious%20advertising%20URLs%20still%20going%20strong%3F/31880 ChatGPT Fingerprinting Documents via Unicode ChatGPT apparently started leaving fingerprints in texts, which it creates by adding invisible Unicode characters like non-breaking spaces. https://www.rumidocs.com/newsroom/new-chatgpt-models-seem-to-leave-watermarks-on-text Asus AI Cloud Security Advisory Asus warns of a remote code execution vulnerability in its routers. The vulnerability is related to the AI Cloud feature. If your router is EoL, disabling the feature will mitigate the vulnerability https://www.asus.com/content/asus-product-security-advisory/ PyTorch Vulnerability PyTorch fixed a remote code execution vulnerability exploitable if a malicious model was loaded. This issue was exploitable even with the weight_only=True" setting selected https://github.com/pytorch/pytorch/security/advisories/GHSA-53q9-r3pm-6pq6
Bytes und Strings (click here to comment) 18. April 2025, Jochen In dieser Episode werfen wir einen Blick auf das nächste Kapitel von "Fluent Python" über "Bytes und Strings". Johannes erklärt die wichtigsten Konzepte und warum UTF-8 fast immer die richtige Wahl ist.
* Critical Flaw in Next.js Allows Authorization Bypass* Hackers Can Now Weaponize AI Coding Assistants Through Hidden Configuration Rules* Hacker Claims Oracle Cloud Data Theft, Company Refutes Breach* Chinese Hackers Infiltrate Asian Telco, Maintain Undetected Network Access for Four Years* Cloudflare Launches Aggressive Security Measure: Shutting Down HTTP Ports for API AccessCritical Flaw in Next.js Allows Authorization Bypasshttps://zhero-web-sec.github.io/research-and-things/nextjs-and-the-corrupt-middlewareA critical vulnerability, CVE-2025-29927, has been discovered in the Next.js web development framework, enabling attackers to bypass authorization checks. This flaw allows malicious actors to send requests that bypass essential security measures.Next.js, a popular React framework used by companies like TikTok, Netflix, and Uber, utilizes middleware components for authentication and authorization. The vulnerability stems from the framework's handling of the "x-middleware-subrequest" header, which normally prevents infinite loops in middleware processing. Attackers can manipulate this header to bypass the entire middleware execution chain.The vulnerability affects Next.js versions prior to 15.2.3, 14.2.25, 13.5.9, and 12.3.5. Users are strongly advised to upgrade to patched versions immediately. Notably, the flaw only impacts self-hosted Next.js applications using "next start" with "output: standalone." Applications hosted on Vercel and Netlify, or deployed as static exports, are not affected. As a temporary mitigation, blocking external user requests containing the "x-middleware-subrequest" header is recommended.Hackers Can Now Weaponize AI Coding Assistants Through Hidden Configuration Ruleshttps://www.pillar.security/blog/new-vulnerability-in-github-copilot-and-cursor-how-hackers-can-weaponize-code-agentsResearchers Uncover Dangerous "Rules File Backdoor" Attack Targeting GitHub Copilot and CursorIn a groundbreaking discovery, cybersecurity researchers from Pillar Security have identified a critical vulnerability in popular AI coding assistants that could potentially compromise software development processes worldwide. The newly unveiled attack vector, dubbed the "Rules File Backdoor," allows malicious actors to silently inject harmful code instructions into AI-powered code editors like GitHub Copilot and Cursor.The vulnerability exploits a fundamental trust mechanism in AI coding tools: configuration files that guide code generation. These "rules files," typically used to define coding standards and project architectures, can be manipulated using sophisticated techniques including invisible Unicode characters and complex linguistic patterns.According to the research, nearly 97% of enterprise developers now use generative AI coding tools, making this attack particularly alarming. By embedding carefully crafted prompts within seemingly innocent configuration files, attackers can essentially reprogram AI assistants to generate code with hidden vulnerabilities or malicious backdoors.The attack mechanism is particularly insidious. Researchers demonstrated that attackers could:* Override security controls* Generate intentionally vulnerable code* Create pathways for data exfiltration* Establish long-term persistent threats across software projectsWhen tested, the researchers showed how an attacker could inject a malicious script into an HTML file without any visible indicators in the AI's response, making detection extremely challenging for developers and security teams.Both Cursor and GitHub have thus far maintained that the responsibility for reviewing AI-generated code lies with users, highlighting the critical need for heightened vigilance in AI-assisted development environments.Pillar Security recommends several mitigation strategies:* Conducting thorough audits of existing rule files* Implementing strict validation processes for AI configuration files* Deploying specialized detection tools* Maintaining rigorous manual code reviewsAs AI becomes increasingly integrated into software development, this research serves as a crucial warning about the expanding attack surfaces created by artificial intelligence technologies.Hacker Claims Oracle Cloud Data Theft, Company Refutes Breachhttps://www.bleepingcomputer.com/news/security/oracle-denies-data-breach-after-hacker-claims-theft-of-6-million-data-records/Threat Actor Offers Stolen Data on Hacking Forum, Seeks Ransom or Zero-Day ExploitsOracle has firmly denied allegations of a data breach after a threat actor known as rose87168 claimed to have stolen 6 million data records from the company's Cloud federated Single Sign-On (SSO) login servers.The threat actor, posting on the BreachForums hacking forum, asserts they accessed Oracle Cloud servers approximately 40 days ago and exfiltrated data from the US2 and EM2 cloud regions. The purported stolen data includes encrypted SSO passwords, Java Keystore files, key files, and enterprise manager JPS keys.Oracle categorically rejected the breach claims, stating, "There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data."To substantiate their claims, the hacker shared an Internet Archive URL indicating they uploaded a text file containing their ProtonMail email address to the login.us2.oraclecloud.com server. The threat actor also suggested that SSO passwords, while encrypted, could be decrypted using available files.The hacker's demands are multifaceted: they are selling the allegedly stolen data for an undisclosed price or seeking zero-day exploits. Additionally, they proposed offering partial data removal for companies willing to pay a specific amount to protect their employees' information.In a provocative move, rose87168 claimed to have emailed Oracle, demanding 100,000 Monero (XMR) in exchange for breach details. According to the threat actor, Oracle refused the offer after requesting comprehensive information for fixing and patching the vulnerability.The threat actor alleges that Oracle Cloud servers are running a vulnerable version with a public CVE (Common Vulnerabilities and Exposures) that currently lacks a public proof-of-concept or exploit.Chinese Hackers Infiltrate Asian Telco, Maintain Undetected Network Access for Four Yearshttps://www.sygnia.co/threat-reports-and-advisories/weaver-ant-tracking-a-china-nexus-cyber-espionage-operation/Sophisticated Espionage Campaign Exploits Vulnerable Home RoutersCybersecurity researchers from Sygnia have uncovered a sophisticated four-year cyber espionage campaign by Chinese state-backed hackers targeting a major Asian telecommunications company. The threat actor, dubbed "Weaver Ant," demonstrated extraordinary persistence and technical sophistication in maintaining undetected access to the victim's network.The attack began through a strategic compromise of home routers manufactured by Zyxel, which served as the initial entry point into the telecommunications provider's environment. Sygnia attributed the campaign to Chinese actors based on multiple indicators, including the specific targeting, campaign objectives, hacker working hours, and the use of the China Chopper web shell—a tool frequently employed by Chinese hacking groups.Oren Biderman, Sygnia's incident response leader, described the threat actors as "incredibly dangerous and persistent," emphasizing their primary goal of infiltrating critical infrastructure and collecting sensitive information. The hackers demonstrated remarkable adaptability, continuously evolving their tactics to maintain network access and evade detection.A key tactic in the attack involved operational relay box (ORB) networks, a sophisticated infrastructure comprising compromised virtual private servers, Internet of Things devices, and routers. By leveraging an ORB network primarily composed of compromised Zyxel routers from Southeast Asian telecom providers, the hackers effectively concealed their attack infrastructure and enabled cross-network targeting.The researchers initially discovered the campaign during the final stages of a separate forensic investigation, when they noticed suspicious account restoration and encountered a web shell variant deployed on a long-compromised server. Further investigation revealed multiple layers of web shells that allowed the hackers to move laterally within the network while remaining undetected.Sygnia's analysis suggests the campaign's ultimate objective was long-term espionage, enabling continuous information collection and potential future strategic operations. The hackers' ability to maintain access for four years, despite repeated elimination attempts, underscores the sophisticated nature of state-sponsored cyber intrusions.Cloudflare Launches Aggressive Security Measure: Shutting Down HTTP Ports for API Accesshttps://blog.cloudflare.com/https-only-for-cloudflare-apis-shutting-the-door-on-cleartext-traffic/Company Takes Bold Step to Prevent Potential Data ExposuresCloudflare has announced a comprehensive security initiative to completely eliminate unencrypted HTTP traffic for its API endpoints, marking a significant advancement in protecting sensitive digital communications. The move comes as part of the company's ongoing commitment to enhancing internet security by closing cleartext communication channels that could potentially expose critical information.Starting immediately, any attempts to connect to api.cloudflare.com using unencrypted HTTP will be entirely rejected, rather than simply redirected. This approach addresses a critical security vulnerability where sensitive information like API tokens could be intercepted during initial connection attempts, even before a secure redirect could occur.The decision stems from a critical observation that initial plaintext HTTP requests can expose sensitive data to network intermediaries, including internet service providers, Wi-Fi hotspot providers, and potential malicious actors. By closing HTTP ports entirely, Cloudflare prevents the transport layer connection from being established, effectively blocking any potential data exposure before it can occur.Notably, the company plans to extend this feature to its customers, allowing them to opt-in to HTTPS-only traffic for their websites by the last quarter of 2025. This will provide users with an additional layer of security at no extra cost.While the implementation presents challenges—with approximately 2-3% of requests still coming over plaintext HTTP from "likely human" clients and over 16% from automated sources—Cloudflare has developed sophisticated technical solutions to manage the transition. The company has leveraged tools like Tubular to intelligently manage IP addresses and network connections, ensuring minimal disruption to existing services.The move is part of Cloudflare's broader mission to make the internet more secure, with the company emphasizing that security features should be accessible to all users without additional charges. Developers and users of Cloudflare's API will need to ensure they are using HTTPS connections exclusively moving forward. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com
#circuitpythonparsec How to use Unicode characters in the REPL. https://github.com/jedgarpark/parsec/blob/main/2025-03-20/code.py https://www.adafruit.com/product/6003 Learn about CircuitPython: https://circuitpython.org Visit the Adafruit shop online - http://www.adafruit.com ----------------------------------------- LIVE CHAT IS HERE! http://adafru.it/discord Subscribe to Adafruit on YouTube: http://adafru.it/subscribe New tutorials on the Adafruit Learning System: http://learn.adafruit.com/ -----------------------------------------
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.North Korea's state-backed Lazarus Group is believed to be responsible for the largest cryptocurrency heist ever recorded, stealing $1.5 billion from the Bybit exchange. The "BadPilot" hacking campaign has been linked to Russia's Sandworm threat group, a unit of the GRU known for cyber espionage and disruptive attacks. GreyNoise has observed active exploitation of CVE-2025-0108, a critical authentication bypass vulnerability in Palo Alto Networks' PAN-OS. Security researcher Paul Butler has demonstrated a novel technique for smuggling arbitrary data using emojis, leveraging the way modern text encoding and rendering systems handle Unicode characters.Kitty Stealer is a newly identified malware targeting macOS systems, designed to steal sensitive user data such as credentials, browser cookies, and cryptocurrency wallets.SEKOIA researchers have uncovered a previously unknown IoT botnet named PolarEdge, which has been operating covertly for an extended period.
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Network traffic tunneling is a technique used by attackers to bypass security controls and exfiltrate data or establish covert communication channels. Threat actors use various tunneling methods, including DNS tunneling, HTTP/S tunneling, and ICMP tunneling, each with its own advantages depending on the target environment.The "BadPilot" hacking campaign has been linked to Russia's Sandworm threat group, a unit of the GRU known for cyber espionage and disruptive attacks.GreyNoise has observed active exploitation of CVE-2025-0108, a critical authentication bypass vulnerability in Palo Alto Networks' PAN-OS. This vulnerability allows unauthenticated attackers to gain administrative access to affected firewall devices, posing a significant risk to organizations relying on PAN-OS for network security.Security researcher Paul Butler has demonstrated a novel technique for smuggling arbitrary data using emojis, leveraging the way modern text encoding and rendering systems handle Unicode characters.Kitty Stealer is a newly identified malware targeting macOS systems, designed to steal sensitive user data such as credentials, browser cookies, and cryptocurrency wallets.
![Day[0] - Zero Days for Day Zero](https://ivyfm.s3.amazonaws.com/i320/820071.jpg)
On the web side, we cover a portswigger post on ways of abusing unicode mishandling to bypass firewalls and a doyensec guide to OAuth vulnerabilities. We also get into a Windows exploit for a use-after-free in the telephony service that bypasses Control Flow Guard, and a data race due to non-atomic writes in the macOS kernel. Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/271.html [00:00:00] Introduction [00:00:22] Bypassing character blocklists with unicode overflows [00:06:53] Common OAuth Vulnerabilities [00:18:37] Windows Telephony Service - It's Got Some Call-ing Issues [CVE-2024-26230] [00:32:05] TRAVERTINE (CVE-2025-24118) Podcast episodes are available on the usual podcast platforms: -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063 -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt -- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz -- Other audio platforms can be found at https://anchor.fm/dayzerosec You can also join our discord: https://discord.gg/daTxTK9
2024 年终,W3C 发布了新版《中文排版需求》。这是该文档自发布以来,首次经历的大幅度结构调整。 2025 年伊始,我们有幸请到 W3C 国际化工作负责人、《中文排版需求》编辑薛富侨,向我们介绍文档的更新进展及逻辑框架;同时,也与我们分享 W3C 国际化工作的细节与愿景。 参考链接 W3C(World Wide Web Consortium,万维网联盟)于 2023 年正式转型成为公益性非营利组织 W3C 无障碍相关的标准及指南 W3C FAQ 之一「本地化与国际化有什么关系?」 Richard Ishida,国际化专家,前任 W3C 国际化标准工作负责人 W3C Requirements for Chinese Text Layout(中文排版需求) 字谈字畅 007:「通缉」中文字体排印事业的贡献者 字谈字畅 143:「中文电子书为什么还这么差?」 字谈字畅 144:CSS 中文排版的十年跬步 字谈字畅 186:《中文排版需求》的进展 薛富侨近期在 The Type 发布文章《新版〈中文排版需求〉:结构的统一与未来的可能性》,介绍《中文排版需求》的更新进展 W3C Patent Policy(专利政策) 语言文字矩阵(language matrix)是 W3C 推进国际化工作的重要框架之一 Safari 18.2 开始支持行内(字间)注音符号的排版,基于 CSS ruby-position 属性的 inter-character 值 Unicode 变体序列(variation sequence) Unicode Technical Report #59: East Asian Spacing 《中文排版需求》的 GitHub repo 嘉宾 薛富侨:W3C 国际化专家,致力于推动全球文字排版需求 主播 Eric:字体排印研究者,译者,The Type 执行编辑 蒸鱼:设计师,The Type 编辑 欢迎与我们交流或反馈,来信请致 podcast@thetype.com。如果你喜爱本期节目,也欢迎用支付宝向我们捐赠:hello@thetype.com。
Episode 103: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joseph delve into the vulnerabilities associated with ANSI codes and large language models (LLMs), as well as talk through some new research and the value of micro-blogging in general.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord!We offer Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Check out our new SWAG store!Join our Shift waitlist!Today's Sponsor - ThreatLocker. Check out their Elevation Control! https://www.criticalthinkingpodcast.io/tl-ecResources_json Juggling AttackCross-Site POST Requests Without a Content-Type HeaderWorst FitOrange Tsai on Worst FitHandling Cookies is a MinefieldTerminal DiLLMaXS-Leaking flags with CSS: A CTFd 0dayHacking Back the AI-HackerJohann Computer use demoHow I Became The Most Valuable HackerTimestamps(00:00:00) Introduction(00:01:39) _json Juggling Attack and Cross-Site POST Requests Without a Content-Type Header(00:10:55) Worst Fit and Unicode Mapping(00:20:08) Handling Cookies is a Minefield(00:28:11) Terminal DiLLMa & CTFd 0day(00:41:18) Hacking Back the AI-Hacker(00:47:30) Becoming Most Valuable Hacker
This episode features a conversation with Toronto-based designer, developer and accessibility specialist, Michael Young. His graduate level research involves making technology more accessible, specifically through the expansion of Raleway; an open source Google font used in communications by the Ontario Government.In this episode you'll hear more about Michael's gateway into this work, hear about the Syllabic writing system, and what Unicode is in plain language. You'll hear what it was like for Michael to embark on a journey of font creation for the first time, including what surprised him the most and what challenged him most in the process. You'll learn about typographic tofu and hear helpful resources related to typography for Indigenous language support.If you'd like to see some of the visuals related to what's discussed in this episode, please check out the show notes at www.talkpaperscissors.info. This conversation is part of a guest lecture series in GCM 230 - Typography at The Creative School at Toronto Metropolitan University.I'm all about interesting projects with interesting people! Let's Connect on the web or via Instagram. :)
摄氏度符号是一个独立字符,还是由两个字符组合构成?——今天的话题,同样由一位听众的来信引出。本期节目,就让我们尝试从历史、技术与实践多个角度,来认识这个符号。 参考链接 铁宋 v1.0 版正式发布 蒙纳字库与上海印刷技术研究所,于 11 月 6 日对外发布达成战略合作 陈其瑞先生曾撰文《被遗忘的宋体》,提及「宋七体」,2013 年刊于 The Type 字谈字畅 038:一根藤上七朵花 字谈字畅 115:喜欢游乐园的字体设计师 2024 年「Hiii 国际创意月」于 11 月 16 日开启,由 Hiiibrand 主办 Unicode 文档对于兼容分解(compatibility decomposition)符号的定义 Unicode 码表帮助文档及相关链接 字谈字畅 052:Kerning Panic·字谈字串(五)规范化有四样形式,你知道么? UAX #15: Unicode Normalization Forms 摄氏度(degree Celsius) 安德斯·摄尔修斯(Anders Celsius,1701—1744),瑞典天文学家、物理学家、数学家;于 1742 年提出「摄氏温标」,后由植物学家卡尔·林奈反转温标,沿用至今 GB 3100—1993《国际单位制及其应用》 国际单位制(SI,International System of Units) 在 macOS 上可使用字符检视器输入特殊符号 主播 Eric:字体排印研究者,译者,The Type 执行编辑 蒸鱼:设计师,The Type 编辑 欢迎与我们交流或反馈,来信请致 podcast@thetype.com。如果你喜爱本期节目,也欢迎用支付宝向我们捐赠:hello@thetype.com。
Hello folks, welcome to the security box, podcast 217. Its been a long time since we did how notes, as NCSAM doesn't necessarily need show notes per see. We've got a great topic on something I blogged and we talked about awhile back about the braille space. No, not the way braille is written as you know it, but a hexidecimal character used to cause havoc. We'll explain on this podcast. Besides that, we're going to have the news, the notes, the landscape, answers to trivia and more. Please feel free to participate. Starting with this podcast, we're going to have our click to call wigit available so you can feel free to use it to call the comment line and leave your message or talk to us, depending on availability. Thanks so much for listening to the program, and we hope you enjoy! The braille space When writing braille, it is no different than writing print. But braille can be written with hexidecimal characters just like other languages using a computer keyboard. We found an article talking about the fact that this braille character is used to actually hide file extensions, amking you think you're opening one type of file, but opening another. On September 16, 2024: Robert Stepp responded to the email I sent him iquiring to the braille space as a character, and he wrote the following. Hi, There is nothing special about a "braille" space. The 0x2800 character is simply a space in the 8-dot braille page of Unicode (three bytes in UTF-8). Apparently 0x2800 is interesting because is shows as nothing but is parsed as non-whitespace. A bogus filename SomeName.pdfxxxxxxxxxxxxxxxxxxxx.hta where x is the braille space, when written to a FileName box (whose length is too short to show the final .hta without scrolling) appears to be a .pdf file when it is actually a .hta (private malware) file. Any Unicode character, not known by Windows controls to be whitespace (space, thin-space, zero-width- space, etc) would work just as well for this visualization spoof. To read the entire blog post including the article which will lead to our discussion, I did not know there was something called a braille space is the article in which I wrote, linking to the article from Bleeping Computer. For those that just want to dive in to the Bleeping computer article, Windows vulnerability abused braille “spaces” in zero-day attacks will be your article. Thanks Bob for your great insite! Its much appreciated. Contacting the podcast If you would like to contact the podcast folk, please use the following info which goes to Jared and can be shared with the rest of the contributors as needed: Email/imessage: jaredrimer@986themix.com or tech@menvi.org which go to Jared. Text or WhatsApp: 804-442-6975 Call the comment line at (888) 405-7524 or use the click to call button located in the show notes. If available, Jared can take your call below. You may also call long distance by calling (818) 527-4754. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone. Internet Radio affiliates airing our program Our Internet Radio stations that carry us include International Friends Radio Network. The program is also carried live through the Independent Channel which is part of 98.6 the mix, KKMX, International. If you want to carry us, please use the Jared Rimer Network site to do that and let me know about your station. Please allow 3-4 hours for airplay, although we try to go 3 hours for this program. Thanks so much!
Grupa, która ma zero słuchaczy na Spotify? W tym odcinku K-Castu wchodzimy naprawdę głęboko w k-popowe uniwersum. Z okazji 'Nuguvember' Matylda rzuca światło na mniej popularne girl groupy i solistki, takie jak PIXY, UNICODE, Candy Shop czy W!TCHX. Jeśli jeszcze nie znacie ich wszystkich, koniecznie posłuchajcie tego epizodu! Odcinek o nugu boy groupach: https://fm.tuba.pl/podcast/1391,nugu-boy-groups-zespoly-ktore-zasluguja-na-uwage-starlight-boys Playlista
Unicode, orthography, typography, syllabics, diacritics—what do these terms mean and how do they relate to our way of representing, interpreting and designing language? In our conversation with typographer Kevin King, we take a deep into these concepts and how we can work towards a more inclusive representation of written text, especially when bringing indigenous languages into written, both online and in print. L'Unicode, l'orthographe, la typographie, les syllabiques, les signes diacritiques—que signifient ces termes et quel est leur lien avec notre manière de représenter, d'interpréter et de concevoir le langage ? Dans notre conversation avec le typographe Kevin King, nous approfondissons ces concepts et la manière dont nous pouvons travailler envers une représentation plus inclusive du texte écrit, en particulier lors de l'intégration des langues autochtones dans l'écrit, à la fois en ligne et sur papier.
Video Episode: https://youtu.be/igJqDBKj13o In today’s episode, we discuss a new cybercriminal campaign utilizing Unicode obfuscation to hide the Mongolian Skimmer on e-commerce platforms, aiming to steal sensitive data. OpenAI has reported disrupting over 20 malicious operations leveraging its technology for tasks including malware development and election-related misinformation. Additionally, we cover critical vulnerabilities in Firefox and Fortinet products, emphasizing the need for urgent updates to mitigate risks and ensure cybersecurity. References: 1. https://thehackernews.com/2024/10/cybercriminals-use-unicode-to-hide.html 2. https://thehackernews.com/2024/10/openai-blocks-20-global-malicious.html 3. https://www.helpnetsecurity.com/2024/10/10/cve-2024-9680/ 4. https://thehackernews.com/2024/10/cisa-warns-of-critical-fortinet-flaw-as.html Timestamps 00:00 – Introduction 01:12 – Fortinet Urgent Patch 02:12 – Firefox Zero-Day 03:14 – OpenAI blocks 20 abusive networks 05:04 – Unicode Obfuscation 1. What are today’s top cybersecurity news stories? 2. How is the Mongolian Skimmer using Unicode to hide its malware? 3. What actions has OpenAI taken against malicious operations using its platform? 4. What are the latest updates regarding the Firefox zero-day vulnerability CVE-2024-9680? 5. What critical vulnerabilities are impacting Fortinet and Palo Alto Networks? 6. How can ransomware be concealed with obfuscated scripts? 7. Which cybersecurity threats are currently being reported by CISA? 8. What steps should be taken to secure systems against the new vulnerabilities? 9. How are cyber actors leveraging generative AI for malicious purposes? 10. What recent updates have been made to safeguard web applications from skimmers? Unicode obfuscation, Mongolian Skimmer, malware, e-commerce, OpenAI, malware, misinformation, countermeasures, zero-day, Firefox, Mozilla, vulnerability, CISA, Fortinet, vulnerabilities, cyber threats
《字谈字畅》走过了九年,感谢听众一如既往的支持。本期节目将与大家分享 Eric 近期应邀撰稿的内容,回顾近二十年来中文字体产品的发展景象。 同时,感谢来自八岁半年轻听众的声音和祝福。 参考链接 字谈字畅 080:三周年庆特别节目 The Type 纪念 T 恤 Hiiibrand Awards 2024 设计竞赛开始征集作品,截止时日期为 2024 年 10 月 31 日(超级早鸟),11 月 30 日(早鸟),12 月 31 日(常规) 森泽字体设计竞赛作品征集已截止,评奖结果预计 2025 年 2 月发布 第十三届「方正奖」设计大赛启动,作品征集日期为 2024 年 9 月 21 日至 2026 年 2 月 28 日 TDC71 设计竞赛开始征集作品,截止日期为 2024 年 11 月 1 日(早鸟),2025 年 1 月 31 日(常规),2025 年 2 月 28 日(最终) Inscript Experimental Typography Festival 将于 10 月 16 至 20 日在线上举办 Unicode 16.0 于 9 月 10 日正式发布,新增 UAX #53 和 UAX #57,以及 Emoji v16.0 等;核心规范(Core Specification)部分同时以网页版形式发布 新出版的日文设计期刊 C-GRAPHIC INDEX 于今年 8 月面世,Eric 应邀发表文章《从二〇〇〇年代开始的汉字设计风景》(二〇〇〇年代からの漢字デザイン風景) Unicode 3.0 于 2000 年发布 GB 18030—2000《信息技术 信息交换用汉字编码字符集 基本集的扩充》 谭沛然所撰《参数化设计与字体战争:从 OpenType 1.8 说起》,2016 年刊于 The Type 方正铁筋隶书,朱志伟设计,2003 年发布 方正兰亭黑,齐立设计,2006 年发布 方正雅宋,朱志伟设计,2007 年发布 冬青黑体(简体中文版),字游工房设计,2007 年发布 方正静蕾体,徐静蕾设计,2007 年发布 方正金陵(简体中文版),今田欣一设计,2016 年发布 华康翩翩体,华康字型出品,2012 年发布 信黑体,柯炽坚设计,2011 年发布 汲古书体,应永会设计,2017 年发布 字谈字畅 047:汲古新字 空明朝体,许瀚文设计,2022 年发布 汉仪尚巍手书,尚巍设计,2016 年发布 锦华明朝体,薛天盟设计,2023 年发布 字谈字畅 176:茉莉芬芳沁锦华 思源黑体,Adobe、Google 合作设计出品,2014 年发布 杜甫所作七言律诗《至日遣兴奉寄北省旧阁老两院故人二首》 汉仪杰龙桃花源,张杰龙设计,2022 年发布 主播 Eric:字体排印研究者,译者,The Type 执行编辑 蒸鱼:设计师,The Type 编辑 欢迎与我们交流或反馈,来信请致 podcast@thetype.com。如果你喜爱本期节目,也欢迎用支付宝向我们捐赠:hello@thetype.com。
In this episode of the Security Swarm Podcast, host Andy Syrewicze and guest Michael Posey discuss the new password guidelines and recommendations released by NIST (National Institute of Standards and Technology). They cover a range of topics related to password security, including the importance of password length over complexity, the move away from composition rules and periodic password changes, the risks associated with knowledge-based authentication, the concept of password entropy, and more! Throughout the conversation, Andy and Michael draw on their extensive experience in the cybersecurity field to offer practical advice and perspectives on the changing landscape of password security. Do you want to join the conversation? Join us in our Security Lab LinkedIn Group! Key Takeaways: NIST recommends a minimum password length of 8 characters, with a suggested length of 15 characters or more. NIST has recommended removal of the requirement for password composition rules, such as the need for special characters, numbers, and uppercase letters. NIST states that password providers SHALL NOT require periodic password changes unless there is evidence of a breach, as this can lead to users creating predictable password patterns. The use of ASCII and Unicode characters is now encouraged, allowing for more diverse and random password options. Password entropy (randomness) is more important than password complexity, as modern computing power can quickly crack simple but complex-looking passwords. For mission-critical systems, organizations may still choose to implement more rigorous password policies, even if they deviate from the NIST recommendations. The industry is exploring new hashing methods and technologies, such as passkeys, to address the challenges posed by GPU-based brute-force attacks. Timestamps: (07:40) Credential Service Provider (CSP) Requirements and Recommendations (10:02) Removing Password Composition Rules (14:21) Ending Periodic Password Changes (19:48) The Importance of Password Entropy and Length (28:30) Phasing Out Knowledge-Based Authentication (30:30) The Impact of Password Length on Cracking Time Episode Resources: NIST Publication 800-63B -- To enhance your organization's security posture, consider implementing Hornetsecurity's Advanced Threat Protection. This solution provides AI-powered defense against sophisticated attacks, ensuring your emails and data remain secure. By adopting best practices in password management and utilizing advanced security features, you can significantly reduce the risk of breaches. Protect your business today and stay one step ahead of cyber threats. Learn more about Advanced Threat Protection here.
Lords: * Nathan * https://store.steampowered.com/app/2976260/ChainStaff/ * Tom Topics: * During the summer olympics, France introduced breakdancing as an event, which was invented in America. They stole it from us! What new event should we steal from another country when the Olympics comes to LA in 2028? * https://en.wikipedia.org/wiki/Izzy_(mascot) * Getting to an age where media is good: the writers are your contemporaries so their work doesn't feel stodgy anymore. * How are you saying goodbye to trigraphs? * Rain by Raymond Carver * https://readalittlepoetry.com/2012/12/13/rain-by-raymond-carver/ * Jumping levels of abstraction while explaining computery things, how to pronounce angle brackets and command-line flags * 3rd tetris playtest developed ("rolling"), ponder an entirely new approach to a game (or medium, or problem) that comes nearly 40 years later. * https://www.youtube.com/watch?v=iV5DIZyqsaw Microtopics: * Whether the chain staff is also the grappling hook. * How all games ought to be made. * Using an ancient alien artifact as an immersion blender. * Getting the steamer arm upgrade before you can steam the milk. * Space Opera by Catherynne Valente. * Books where you read a couple paragraphs and you're done for the day. * A sport where if you reach just a little bit further maybe you can touch your opponent's face with your foot. * Stealing cheese rolling from France at the 2028 Olympics. * Hosting the Olympics: a huge money-loser. * Shouldering the terrible burden of hosting the 2028 Olympics. * Aging up the 1996 Olympics mascot so they'll be the right age for the 2028 Olympics. * The Chinese Olympics mascot Jim keeps confusing for Tingle. * Olympic announcers just assuming everyone knows what a "B-Boy" is. * This right here is a horse. * Arranging a competition as bracket of 1v1 matches when it could just as easily be individually scored performances. * Gymnasts all over the world chalking their hands because humans are more alike than they are different. * Running fast at the Olympics. * Hiring Topic Lords as Olympic announcers. * Synchronized swimming except you need to synchronize with all your competitors. * Getting out the shotgun mics to televise basketball players trash talking each other. * Liking television alongside people who share your generational values. * Enjoying being part of a target demographic until you get too old. * Making an effort to appreciate new art more. * The inexhaustible supply of old movies you haven't seen. * What is lost and what is gained now that we're not all watching exactly the same TV shows every night. * Realizing your social values match the media you're consuming because you didn't roll your eyes at the Very Special Episode. * All the video games where you build a bionic arm for an NPC. * Two guys in a missile silo arguing to keep trigraphs in the C standard. * Boring programming situations where memory leaks are impossible. * A guy drinking a beer looking over your shoulder while you program who says "yep" whenever you do something he approves of. * Compiling C++ to a web site. * Writing a web assembly program by typing opcodes into a Javascript string. * What website people are into. * Music that plays while you're waiting for a game to load. * Loading the loading screen. * Some things are being destroyed and other things rebuilt. * Waking up and it's raining. * Saying you have no regrets when of course you have regrets – everyone has regrets, fool! * What cities were destroyed in December 2012? * Scraping information so you can stick it in a file system. * Complete List of Destroyed Cities. * How grumpy Raymond Carver was as a six year old. * How to communicate about what you want someone to type. * What they call curly braces in other countries. * Smooth brackets. * How Mandarin speakers write C code. * Drawing weird shit with Unicode glyphs, making it your URL, printing it on the side of a bus and making people figure out how to type it. * Mathematicians giving all their variables single letter names. * Embarrassing yourself by begging the compiler to not reformat your code. * Choosing to do the easy part of your job right now. * How to play Tetris faster. * Strumming arcade buttons to press them faster. * Weird ways of holding the NES controller to move Tetris pieces faster. * A new way to interact with this piece of plastic. * Turning the back of the controller into a giant button. * What high jump competitors thought the first time they saw the Fosbury Flop. * Learning to do close-up magic and getting frustrated because you can't literally make the card vanish. * Funding a weird game and finding out later if it ever ships. * Whether the folks who made ZPF considered any better names.
三言出品的《Glyphs 字体设计手册中文版》正式发售。今天,我们特别邀请到本书的两位作者梁卓毅和厉致谦,介绍手册的内容构成,以及编撰和设计过程中的幕后故事。 参考链接 2024 蒙纳夏季字体沙龙深圳站活动,将于 6 月 21 日 14 至 17 时在万科云城设计公社举办 研习设名家排版学习月线上课程,将于 7 月 6 日开办 石金浩(석금호, Paul Geumho Seok)先生,韩国 Sandoll 字体公司创始人,于 2024 年 5 月 23 日逝世,享年 69 岁 铁宋已于 4 月 23 日发布第二个预览版本,并计划在今年 6 月底完成开发,推出公测版 Unicode 16.0 进入公开审阅阶段,审阅期截至 7 月 2 日;正式版计划于 9 月 10 日发布 Glyphs 于 4 月发布 3.2 版 《Glyphs 字体设计手册中文版》,由三言出品,已于 3 月 30 日至 4 月 27 日完成预售 佛捷歌尼(Fedrigoni),意大利纸业品牌 Glyphs 使用指南相关的外语出版物 日文:『Glyphsではじめる フォント制作』 韩文:『글립스 타입 디자인』 Adobe 的日本字体设计师吉田大成在 Adobe Typekit 写的 Glyphs 连载 《InDesign 用户指南》中对「书写器」(排版器)的说明 嘉宾 厉致谦:以设计为原点的多领域的研究和实践者;3type 联合创始人,The Type 撰稿人,上海活字项目发起人 梁卓毅:3type 设计师,中文字体解密组成员 主播 Eric:字体排印研究者,译者,The Type 编辑 欢迎与我们交流或反馈,来信请致 podcast@thetype.com。如果你喜爱本期节目,也欢迎用支付宝向我们捐赠:hello@thetype.com。
Hello buffet! We've finally brought back a potluck after two years, so come sit with us as we each serve a song from 2024 so far to dig into! Allen Mark brought "REC" by COOING Stephen brought "Spring in My 20th" by UNICODE Chuck brought "Cheese (featuring WENDY)" by SUHO (00:39) - Intro & Catch-up (07:34) - Stephen's Specials of the Week (15:15) - “REC” Discussion (31:50) - “Spring in my 20th” Discussion (44:37) - “Cheese” Discussion Let's Connect: Twitter: @HallyuCanEat Instagram: @HallyuCanEat Email: hallyucaneat@gmail.com Follow some of the Co-Leaders! Allen Mark - https://twitter.com/allenmarkca Chuck - https://twitter.com/ChuckJose Stephen - https://www.instagram.com/extendedfamradio/
Introduction This is the start of a short series about the JSON data format, and how the command-line tool jq can be used to process such data. The plan is to make an open series to which others may contribute their own experiences using this tool. The jq command is described on the GitHub page as follows: jq is a lightweight and flexible command-line JSON processor …and as: jq is like sed for JSON data - you can use it to slice and filter and map and transform structured data with the same ease that sed, awk, grep and friends let you play with text. The jq tool is controlled by a programming language (also referred to as jq), which is very powerful. This series will mainly deal with this. JSON (JavaScript Object Notation) To begin we will look at JSON itself. It is defined on the Wikipedia page thus: JSON is an open standard file format and data interchange format that uses human-readable text to store and transmit data objects consisting of attribute–value pairs and arrays (or other serializable values). It is a common data format with diverse uses in electronic data interchange, including that of web applications with servers. The syntax of JSON is defined by RFC 8259 and by ECMA-404. It is fairly simple in principle but has some complexity. JSON's basic data types are (edited from the Wikipedia page): Number: a signed decimal number that may contain a fractional part and may use exponential E notation, but cannot include non-numbers. (NOTE: Unlike what I said in the audio, there are two values representing non-numbers: 'nan' and infinity: 'infinity'. String: a sequence of zero or more Unicode characters. Strings are delimited with double quotation marks and support a backslash escaping syntax. Boolean: either of the values true or false Array: an ordered list of zero or more elements, each of which may be of any type. Arrays use square bracket notation with comma-separated elements. Object: a collection of name–value pairs where the names (also called keys) are strings. Objects are delimited with curly brackets and use commas to separate each pair, while within each pair the colon ':' character separates the key or name from its value. null: an empty value, using the word null Examples These are the basic data types listed above (same order): 42 "HPR" true ["Hacker","Public","Radio"] { "firstname": "John", "lastname": "Doe" } null jq From the Wikipedia page: jq was created by Stephen Dolan, and released in October 2012. It was described as being “like sed for JSON data”. Support for regular expressions was added in jq version 1.5. Obtaining jq This tool is available in most of the Linux repositories. For example, on Debian and Debian-based releases you can install it with: sudo apt install jq See the download page for the definitive information about available versions. Manual for jq There is a detailed manual describing the use of the jq programming language that is used to filter JSON data. It can be found at https://jqlang.github.io/jq/manual/. The HPR statistics page This is a collection of statistics about HPR, in the form of JSON data. We will use this as a moderately detailed example in this episode. A link to this page may be found on the HPR Calendar page close to the foot of the page under the heading Workflow. The link to the JSON statistics is https://hub.hackerpublicradio.org/stats.json. If you click on this you should see the JSON data formatted for you by your browser. Different browsers represent this in different ways. You can also collect and display this data from the command line, using jq of course: $ curl -s https://hub.hackerpublicradio.org/stats.json | jq '.' | nl -w3 -s' ' 1 { 2 "stats_generated": 1712785509, 3 "age": { 4 "start": "2005-09-19T00:00:00Z", 5 "rename": "2007-12-31T00:00:00Z", 6 "since_start": { 7 "total_seconds": 585697507, 8 "years": 18, 9 "months": 6, 10 "days": 28 11 }, 12 "since_rename": { 13 "total_seconds": 513726307, 14 "years": 16, 15 "months": 3, 16 "days": 15 17 } 18 }, 19 "shows": { 20 "total": 4626, 21 "twat": 300, 22 "hpr": 4326, 23 "duration": 7462050, 24 "human_duration": "0 Years, 2 months, 27 days, 8 hours, 47 minutes and 30 seconds" 25 }, 26 "hosts": 356, 27 "slot": { 28 "next_free": 8, 29 "no_media": 0 30 }, 31 "workflow": { 32 "UPLOADED_TO_IA": "2", 33 "RESERVE_SHOW_SUBMITTED": "27" 34 }, 35 "queue": { 36 "number_future_hosts": 7, 37 "number_future_shows": 28, 38 "unprocessed_comments": 0, 39 "submitted_shows": 0, 40 "shows_in_workflow": 15, 41 "reserve": 27 42 } 43 } The curl utility is useful for collecting information from links like this. I have used the -s option to ensure it does not show information about the download process, since it does this by default. The output is piped to jq which displays the data in a “pretty printed” form by default, as you see. In this case I have given jq a minimal filter which causes what it receives to be printed. The filter is simply '.'. I have piped the formatted JSON through the nl command to get line numbers for reference. The JSON shown here consists of nested JSON objects. The first opening brace and the last at line 43 define the whole thing as a single object. Briefly, the object contains the following: a number called stats_generated (line 2) an object called age on lines 3-18; this object contains two strings and two objects an object called shows on lines 19-25 a number called hosts on line 26 an object called slot on lines 27-30 an object called workflow on lines 31-34 an object called queue on lines 35-42 We will look at ways to summarise and reformat such output in a later episode. Next episode I will look at some of the options to jq next time, though most of them will be revealed as they become relevant. I will also start looking at jq filters in that episode. Links JSON (JavaScript Object Notation): Wikipedia page about JSON Standards: RFC8259: The JavaScript Object Notation (JSON) Data Interchange Format ECMA-404: The JSON data interchange syntax jq: GitHub page Downloading jq The jq manual Wikipedia page about the jq programming language MrX's show on using the HPR statistics in JSON: Modifying a Python script with some help from ChatGPT
Lingthusiasm - A podcast that's enthusiastic about linguistics
When you order a kebab and they ask you if you want everything on it, you might say yes. But you'd probably still be surprised if it came with say, chocolate, let alone a bicycle...even though chocolate and bicycles are technically part of "everything". That's because words like "everything" and "all" really mean something more like "everything typical in this situation". Or in linguistic terms, we say that their scope is ambiguous without context. In this episode, your hosts Lauren Gawne and Gretchen McCulloch get enthusiastic about how we can think about ambiguity of meaning in terms of scope. We talk about how humour often relies on scope ambiguity, such as a cake with "Happy Birthday in red text" written on it (quotation scope ambiguity) and the viral bench plaque "In Memory of Nicole Campbell, who never saw a dog and didn't smile" (negation scope ambiguity). We also talk about how linguists collect fun examples of ambiguity going about their everyday lives, how gesture and intonation allow us to disambiguate most of the time, and using several scopes in one sentence for double plus ambiguity fun. Read the transcript here: https://lingthusiasm.com/post/748141442230272000/transcript-episode-91-scope Announcements: In this month's bonus episode we get enthusiastic about the forms that our thoughts take inside our heads! We talk about an academic paper from 2008 called "The phenomena of inner experience", and how their results differ from the 2023 Lingthusiasm listener survey questions on your mental pictures and inner voices. We also talk about more unnerving methodologies, like temporarily paralyzing people and then scanning their brains to see if the inner voice sections still light up (they do!). Join us on Patreon now to get access to this and 80+ other bonus episodes. You'll also get access to the Lingthusiasm Discord server where you can chat with other language nerds. You can find us at patreon.com/lingthusiasm Also: Join at the Ling-phabet tier and you'll get an exclusive “Lingthusiast – a person who's enthusiastic about linguistics,” sticker! You can stick it on your laptop or your water bottle to encourage people to talk about linguistics with you. Members at the Ling-phabet tier also get their very own, hand-selected character of the International Phonetic Alphabet – or if you love another symbol from somewhere in Unicode, you can request that instead – and we put that with your name or username on our supporter Wall of Fame! Check out our Supporter Wall of Fame and become a Ling-phabet patron here: patreon.com/lingthusiasm For links to things mentioned in this episode: https://lingthusiasm.com/post/748139974576275456/lingthusiasm-episode-91-scoping-out-the-scope-of
Episode 65: In this episode of Critical Thinking - Bug Bounty Podcast we sit down with Sam Curry to discuss the ethical considerations and effectiveness of hacking, the importance of good intent, and the enjoyment Sam derives from pushing the boundaries to find bugs. He shares stories of his experiences, including hacking Tesla, online casinos,Starbucks, his own is ISP router, and even getting detained at the airport.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Today's Guest:https://samcurry.net/Resources:Don't Force Yourself to Become a Bug Bounty HunterhackcomputeStarbucks BugrecollapseTimestamps:(00:00:00) Introduction(00:02:25) Hacking Journey and the limits of Ethical Hacking(00:28:28) Selecting companies to hack(00:33:22) Fostering passion vs. Forcing performance(00:54:06) Collaboration and Hackcompute(01:00:40) The Efficacy of Bug Bounty(01:09:20) Secondary Context Bugs(01:25:01) Mindmaps, note-taking, and Intuition.(01:46:56) Back-end traversals and Unicode(01:56:16) Hacking ISP(02:06:58) Next.js and Crypto(02:22:24) Dev vs. Prod JWT
If you're itching for a discussion that explains why I'm afraid to move into my new bathroom, what I really think about Andrew Huberman, and why it might make more sense to learn French than Java… prepare to be scratched, I guess? I am highly confident that at least one person will get angry and unfollow this show as a result of words that came out of my mouth. If you've got thoughts and/or feelings, let me have'm at podcast@searls.co! Some links to things: legitimate.us Added likes for my podcast Browsers ignore autocomplete=off My new dry_eraser gem My newsletter about chronic back issues Tron got snubbed because they "cheated" by using computers (a cool video about its production) The Huberman "hit-piece" (News+) Huberman as pseudo-science Universities have a Computer-Science Problem (News+) The End of Foreign-Language Education (News+) Stardew Valley 1.6 True Detective Season 4
Shift to Electric Cars Could Save 89,000 Lives and $1 Trillion. Wind Farms No Noisier Than Traffic, Study Finds. Canadian Court Decodes Emoji as Contract Agreement. Latest Lineup as Unicode Unveils Draft Emojis. Australian Scientist's UV Innovation Delivers Clean Water with a Sticker. Futuristic Farming as Virtual Fencing Revolutionises Dairy Industry. 3D-Printed Toilets Declared a Slippery Success. Australia's 3G Network Rings off Leaving Millions Hanging Up. Farm Dams Are the Hidden 'Batteries' That Could Transform Energy Storage. Unicode 15.1 Officially Adds 118 New Characters! Wheelie Good Innovation with Rubbish Trucks Paving the Way for Smarter Cities. Hydro Powerline Set to See Canada Energise the Big Apple. Hanks for Nothing as Tom Denounces Dental Deepfake Deception. Unplugging Overcharging Battery Myths and Tips to Prolong Battery Life. London Conference Discusses Mobile Phone Theft Epidemic. Wi-Charge Aims to Cut the Cord with Long-Range Wireless Power. Out-of-This-World Tune-up as NASA Beams Software Updates across Billions of Kilometres. AI Takes the Crown as Word of the Year Reflects Our Digital Dominance. Revolutionising Refrigeration as Whirlpool's SlimTech Innovation Redefines Fridge Design. Smart Safes Stopping Sneaky Snatchers This Season.
LINKS Declaration “Fiducia Supplicans” on the Pastoral Meaning of Blessings: https://press.vatican.va/content/salastampa/en/bollettino/pubblico/2023/12/18/231218b.html Vatican News write-up on Calendar Change For UGCC https://www.vaticannews.va/en/church/news/2023-02/ukrainian-greek-catholics-to-celebrate-christmas-on-december-25.html "CardiNEWS" Background music by David Fesliyan. www.fesliyanstudios.com Tsar Power: https://tsarpowerpod.weebly.com/ The History of Saqartvelo Georgia: https://podcasts.apple.com/us/podcast/the-history-of-saqartvelo-georgia/id1567806651 TRANSCRIPT Hello everyone, First, some CardiNEWS! A few days ago, Cardinal Fernández, who, I should note, already made it into the next round of Cardinal Numbers so he's just running up his score at this point, issued a high level document in his capacity as the head of the Dicastery for the Doctrine of the Faith–aka the Vatican's Head Theology Guy–that explicitly allows for the informal blessing of homosexual couples with certain conditions. The document was at pains to stress that it does not represent a change in church teaching. I'll defer to the theologians on that, but in the end I've seen takeaways ranging from “this is definitely a change in church teaching” in an excited tone from the more liberally inclined both inside and outside the Church and the same takeaway in a despairing tone from those more conservatively inclined. Then there are those who say “this is definitely NOT a change in Church teaching”, a take that comes mainly from more centrist folks and but also from the hard left who think allowing informal blessings of gay couples while being at pains to distinguish them from marriage isn't even close to the kind of change they want to see. Basically, whether you think this document represents Pope Francis changing doctrine seems to boil down to whether you were already expecting Pope Francis to change doctrine. Folks seem to be seeing what they expected to see. For my part, I was actually genuinely surprised, mainly because there had been none of the usual rumors preceding the release of the document. Usually you get more smoke before the fire. In the end, I am perfectly willing to say that blessings are good, get them if you can and are inclined to seek them. They're more readily available now than they were last week. The second topic tonight is something I meant to cover in my what to expect update but, well, forgot. I've started labeling my Cardinal Numbers posts with a special symbol, and I do mean special. Roberto from Tsar Power help me out *** thanks Roberto who is also from The History of Saqartvelo Georgia. So yes, the Arevakhach (֎) is an Armenian symbol symbolizing eternity, used in contexts from the Christian to the Neo-Pagan to the secular, always tied to Armenia, so it's kind of a national symbol for them. I admit I'm borrowing it for pretty much entirely unrelated purposes, namely that it's a distinctive looking symbol that also works in UNICODE and should therefore be able to render properly for ya'll pretty much regardless of device, plus outside Armenia it doesn't really have an established meaning that might confuse folks, so all in all those things add up to make it a useful symbol to use to make my Cardinals episodes stand out from the rest at a quick glance. So, with thanks to Armenian culture and my Armenian and quasi-Armenian contacts who assured me it would not be offensive to use the Arevakhach for that purpose as long as I took a moment to explain its place in Armenian culture and as a national symbol, I'll be using it to flag Cardinal Numbers content moving forward, starting with, well, starting with the back catalog stuff I've already started flagging, but then after that starting with the next batch of 12 cardinals which I am hoping but not guaranteeing will begin releasing tomorrow, as I present to you the 12 Cardinals of Christmas! Oh, and mentioning Christmas brings me to one other milestone I wanted to note. One consequence of Putin's invasion of Ukraine is the fact that the Ukrainian Greek Catholic Church has decided to partially adopt the Gregorian Calendar, 441 years after its introduction under Pope Gregory XIII. Orthodox Churches under the Moscow Patriarchate are among the few institutions still using the Julian Calendar, which Pope Gregory revised to reflect solar reality as Easter had begun to drift out of its springtime home. The move is not complete, as the present adoption of the new calendar actually doesn't apply to the dating of Easter in this case, but there is hope that the dating of Easter will be resolved a couple years from now, in 2025, for the 1700th anniversary of the Council of Nicaea, the first great council of the Christian Church. I'm not going to hold my breath on the Easter controversy being fully resolved in my lifetime since it's one of the longest-running points of contention in the history of Christianity, but for now if you know any Ukrainian Greek Catholics, be sure to welcome them to Christmas in the Gregorian Calendar. З Різдвом (Христовим), or, Merry Christmas!
Proxy trojan targets macOS users for traffic redirection Indoor navigation has had a slow start Krasue RAT uses cross-kernel Linux rootkit to attack telecoms U.S. approves first gene-editing treatment, Casgevy, for sickle cell disease The DNS Deep-Drive continues with guests Josh Kuo, DNS expert, and Ross Gibson, Principal Solutions Architect of Infoblox, to talk about external authoritative DNS - whether enterprises should fully manage their own external DNS or use managed services, threats like domain hijacking, using load balancers, and more. Hosts: Curtis Franklin and Brian Chee Guests: Josh Kuo and Ross Gibson Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT lookout.com vanta.com/ENTERPRISE
Proxy trojan targets macOS users for traffic redirection Indoor navigation has had a slow start Krasue RAT uses cross-kernel Linux rootkit to attack telecoms U.S. approves first gene-editing treatment, Casgevy, for sickle cell disease The DNS Deep-Drive continues with guests Josh Kuo, DNS expert, and Ross Gibson, Principal Solutions Architect of Infoblox, to talk about external authoritative DNS - whether enterprises should fully manage their own external DNS or use managed services, threats like domain hijacking, using load balancers, and more. Hosts: Curtis Franklin and Brian Chee Guests: Josh Kuo and Ross Gibson Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT lookout.com vanta.com/ENTERPRISE
Proxy trojan targets macOS users for traffic redirection Indoor navigation has had a slow start Krasue RAT uses cross-kernel Linux rootkit to attack telecoms U.S. approves first gene-editing treatment, Casgevy, for sickle cell disease The DNS Deep-Drive continues with guests Josh Kuo, DNS expert, and Ross Gibson, Principal Solutions Architect of Infoblox, to talk about external authoritative DNS - whether enterprises should fully manage their own external DNS or use managed services, threats like domain hijacking, using load balancers, and more. Hosts: Curtis Franklin and Brian Chee Guests: Josh Kuo and Ross Gibson Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT lookout.com vanta.com/ENTERPRISE
Proxy trojan targets macOS users for traffic redirection Indoor navigation has had a slow start Krasue RAT uses cross-kernel Linux rootkit to attack telecoms U.S. approves first gene-editing treatment, Casgevy, for sickle cell disease The DNS Deep-Drive continues with guests Josh Kuo, DNS expert, and Ross Gibson, Principal Solutions Architect of Infoblox, to talk about external authoritative DNS - whether enterprises should fully manage their own external DNS or use managed services, threats like domain hijacking, using load balancers, and more. Hosts: Curtis Franklin and Brian Chee Guests: Josh Kuo and Ross Gibson Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT lookout.com vanta.com/ENTERPRISE
听众朋友早上好,今天是 10 月 10 日又一个星期二,欢迎收听全球字体新闻联播。 接下来,我们将为大家播报字体排印领域的近闻,包括字体设计竞赛、学术会议日程、公共标准迭代以及业内值得关注的网站发布或改版。 本期节目特别感谢听众杨乔媗送来的祝福。 参考链接 汉仪第五届字体之星设计大赛顺利落幕,评奖结果已公布 汉仪第六届字体之星设计大赛已于 2023 年 9 月 4 日启动,征稿日期将截至 2025 年 7 月 30 日 东京 TDC 2024 现已结束征稿 TDC70 正在征稿,早鸟截止日期为 2023 年 11 月 3 日,常规截止日期为 2024 年 1 月 19 日,最终截止日期为 2024 年 2 月 2 日 ATypI 2024 将于 2024 年 4 月 16 至 20 日在澳大利亚布里斯班举办,早鸟票正在出售 ATypI 2023–2024 理事会选举结果已公布,Thomas Phinney 担任主席 ATypI 2024 正在征集演讲、展示、工作坊提案,截止日期为 10 月 13 日 ATypI 会议演讲视频陆续在 YouTube 发布 Inscript 2023 于 10 月 4 至 8 日在线上举办 BITS(Bangkok International Typography Symposium,曼谷国际字体排印研讨会)将于 11 月 2 至 4 日在泰国曼谷举办 Commercial Type 网站改版 Kowloon Type 发布新网站,网站由 NDCOSD 设计 Google Fonts 网站改版 Canadian Typography Archives(加拿大字体排印档案) Unicode 15.1.0 于 9 月 12 日发布 小林剑起草了 Unicode 技术提案 L2/23-212: Proposal to add standardized variation sequences for four quotation marks 特别来宾 杨乔媗:七岁半的听众 主播 Eric:字体排印研究者,译者,The Type 编辑 蒸鱼:设计师,The Type 编辑 欢迎与我们交流或反馈,来信请致 podcast@thetype.com。如果你喜爱本期节目,也欢迎用支付宝向我们捐赠:hello@thetype.com。
This is a recap of the top 10 posts on Hacker News on October 2nd, 2023.This podcast was generated by wondercraft.ai(00:42): Return to Office Is Bullshit and Everyone Knows ItOriginal post: https://news.ycombinator.com/item?id=37739376&utm_source=wondercraft_ai(02:32): What every software developer must know about Unicode in 2023Original post: https://news.ycombinator.com/item?id=37735801&utm_source=wondercraft_ai(04:22): NomnomlOriginal post: https://news.ycombinator.com/item?id=37734875&utm_source=wondercraft_ai(05:56): Python 3.12Original post: https://news.ycombinator.com/item?id=37737519&utm_source=wondercraft_ai(07:49): Nobel Prize in Medicine awarded to Katalin Karikó and Drew WeissmanOriginal post: https://news.ycombinator.com/item?id=37736035&utm_source=wondercraft_ai(09:44): Exploiting the iPhone 4Original post: https://news.ycombinator.com/item?id=37736318&utm_source=wondercraft_ai(11:45): Microsoft Defender was flagging Tor browser as a trojan and removing itOriginal post: https://news.ycombinator.com/item?id=37740468&utm_source=wondercraft_ai(13:26): Efficient streaming language models with attention sinksOriginal post: https://news.ycombinator.com/item?id=37740932&utm_source=wondercraft_ai(15:28): Redfin Is Leaving the National Association of RealtorsOriginal post: https://news.ycombinator.com/item?id=37746717&utm_source=wondercraft_ai(17:15): Weird A.I. Yankovic: a cursed deep dive into the world of voice cloningOriginal post: https://news.ycombinator.com/item?id=37739233&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai
Unicode 15.1 Officially Adds 118 New Characters! Student-Designed EV Races Past Old Acceleration Mark in Under a Jiffy. Apple to Curb iPhone 12's Energy in France. Swipe Right for Safety as Australia Issues Ultimatum to Dating Apps. The Search for Fair Play in the Biggest US Antitrust Trial in 25 Years. Wheelie Good Innovation with Rubbish Trucks Paving the Way for Smarter Cities. How Car-Sharing Initiatives are Paving the Way for an Electric Future for All. Gene-Tweaking Plants for a Greener, Fuller Harvest. Unplugging the Competition in the Budget EV Battle.
话接上回,今天的节目将继续回顾近期字体排印领域的要闻,并与大家分享听众们七月的来信。 参考链接 一派 vol. 111:探索播客世界:你的收听清单里都有哪些栏目? GB 18030—2022《信息技术 中文编码字符集》计划于今年 8 月 1 日开始实施 GB 18030—2022《信息技术 中文编码字符集》第 1 号修改单(第二次征求意见稿)征求意见 字谈字畅 184:十七年等一回 阿里巴巴普惠体 3.0 的 regular 字重完整支持 GB 18030—2022 几经修改的「CJK 统一汉字扩展 I 区」议案在 Unicode 技术委员会第 176 次会议上获得通过 Unicode 15.1.0 计划于今年 9 月发布 ATypI Brisbane 2024 计划于 2024 年 4 月 16 至 20 日在澳大利亚布里斯本举办 Microsoft 在今年 7 月正式上线新版默认字体 Aptos Steve Matteson,美国字体设计师,曾任职于 Monotype;为 Microsoft 设计过多款系统字体,也是 Aptos 的设计师 蒙纳于今年 7 月 19 日宣布收购日本字体公司 Fontworks 字谈字畅 148:博物字(三)市谷之杜时钟台 佐佐木活字店去年报废的日文 Monotype 铸排机 日本「笹っぱ活字館」展出的日文 Monotype 铸排机 知乎上关于中国印刷历史中铸排机应用相关的讨论 字谈字畅 146:书名号居然是个九〇后 Bobo_alcazar 针对文言的字体显示给 Mozilla 报的 issue OpenType 规范中对文种、语种的定义以及特性与查找机制的解释 OpenType 规范:语言系统标签 W3C 国际化文档:HTML 与 XML 中的语言标签 HTML 规范对包括 em、strong 等文本级别语义元素的定义 字谈字畅 185:山外有山,字外有字 苟文手天在 Bilibili 发布的文章《方正字体在 InDesign 等软件里使用时,获得正常的标点间距的方法》 主播 Eric:字体排印研究者,译者,The Type 编辑 蒸鱼:设计师,The Type 编辑 欢迎与我们交流或反馈,来信请致 podcast@thetype.com。如果你喜爱本期节目,也欢迎用支付宝向我们捐赠:hello@thetype.com。
In the news: Design & Marketing Summit, July 27–28, online only More online Summits coming up, check them out! Adobe MAX 2023, David and Anne-Marie are doing live sessions, many more InDesign pros presenting live and online only CreativePro magazine July 2023 all about Artificial Intelligence Podcasts we like (and please review ours)! David's story about recovering from Can't Save/Save As disasters Deep Dive: Secrets of the Glyphs panel Obscure Feature of the Week: Styles Override Highlighter Sponsor for this episode >>Santa Cruz Software: Did you know that 66% of sales professionals can't get their sales or marketing collateral in time, often creating assets without oversight? Solve this with BrandingUI. Try it today at SantaCruzSoftware.com! Links mentioned in this podcast Podcasts: ChaxChat Accessibility podcast with Dax Castro and Chad Chelius What other podcasts to you listen to? Let us know! Please rate InDesign Secrets! https://podcasts.apple.com/us/podcast/indesign-secrets/id101102043 https://open.spotify.com/show/4Erwd0qHoR22NhTSY67I0v (you have to listen to at least one episode before it lets you rate it) Saving files to Cloud Documents: https://helpx.adobe.com/creative-cloud/help/work-with-cloud-documents.html and https://helpx.adobe.com/photoshop/using/manage-cloud-documents-photoshop.html Glyphs panel: Get to Know InDesign's Glyphs Panel Find Characters Using the Glyphs Panel Tip of the Week: Controlling the Glyphs Panel Display Working With Custom Glyph Sets Talking about CID/GID: Podcast 260 Insert a Character by Unicode or GID Stylistic Sets: TypeTalk: Stylin' Sets Using Stylistic Sets Anne-Marie's video Obscure Feature: Style Overrides Highlighter Next time: InDesign Secrets True Crime podcast!
Language Servers underpin the language specific support we rely on in modern code editors. Lately, there have been new efforts in this area in the Elixir community. We talk with Steve Cohen about his project Lexical LS to learn about his new Elixir Language Server, how long he's been at it, and what it can do today. We learn about some of the technical challenges when creating a tool like this, and why there's still room for new projects in this area. Steve explains how Lexical LS is architected and that it is a goal to be easy to contribute to and work on the Lexical project itself. Time to give it a try! Show Notes online - http://podcast.thinkingelixir.com/161 (http://podcast.thinkingelixir.com/161) Elixir Community News - https://github.com/elixir-lang/elixir/releases/tag/v1.15.4 (https://github.com/elixir-lang/elixir/releases/tag/v1.15.4?utm_source=thinkingelixir&utm_medium=shownotes) – Elixir v1.15.3 and v1.15.4 were released. v1.15.4 includes fixes for running on Erlang/OTP 26. - https://github.com/elixir-lang/elixir/releases/tag/v1.15.3 (https://github.com/elixir-lang/elixir/releases/tag/v1.15.3?utm_source=thinkingelixir&utm_medium=shownotes) – Elixir v1.15.3 release notes - https://gleam.run/news/v0.30-local-dependencies-and-enhanced-externals/ (https://gleam.run/news/v0.30-local-dependencies-and-enhanced-externals/?utm_source=thinkingelixir&utm_medium=shownotes) – Gleam v0.30 was released - https://news.livebook.dev/whats-new-in-livebook-0.10---introducing-multi-session-livebook-apps-3Dbpss (https://news.livebook.dev/whats-new-in-livebook-0.10---introducing-multi-session-livebook-apps-3Dbpss?utm_source=thinkingelixir&utm_medium=shownotes) – The Livebook v0.10 was released - https://gitlab.com/MachinesAreUs/archeometer (https://gitlab.com/MachinesAreUs/archeometer?utm_source=thinkingelixir&utm_medium=shownotes) – Archeometer analyzes your project and now supports a --format livemd - https://twitter.com/MachinesAreUs/status/1676127531840204800 (https://twitter.com/MachinesAreUs/status/1676127531840204800?utm_source=thinkingelixir&utm_medium=shownotes) – Archeometer Twitter share with Livebook demo - https://gitlab.com/MachinesAreUs/archeometer/-/merge_requests/205 (https://gitlab.com/MachinesAreUs/archeometer/-/merge_requests/205?utm_source=thinkingelixir&utm_medium=shownotes) – MR for the new feature - https://twitter.com/wojtekmach/status/1679919717648138241 (https://twitter.com/wojtekmach/status/1679919717648138241?utm_source=thinkingelixir&utm_medium=shownotes) – Learned about "repotransact" as an alternative to Ecto.Multi - https://tomkonidas.com/repo-transact/ (https://tomkonidas.com/repo-transact/?utm_source=thinkingelixir&utm_medium=shownotes) – Blog post about repotransact with the code - https://twitter.com/germsvel/status/1678721797561131012 (https://twitter.com/germsvel/status/1678721797561131012?utm_source=thinkingelixir&utm_medium=shownotes) – German Valesco highlighted the new DateTime comparison functions added in Elixir 1.15. - https://github.com/phoenixframework/dns_cluster (https://github.com/phoenixframework/dns_cluster?utm_source=thinkingelixir&utm_medium=shownotes) – DNS Cluster - Simple DNS clustering for distributed Elixir nodes - https://twitter.com/DNAutics/status/1679902629000880128 (https://twitter.com/DNAutics/status/1679902629000880128?utm_source=thinkingelixir&utm_medium=shownotes) – Apical 0.2.0 released - an OpenAPI schema builder - https://0x7f.dev/post/ntp-implementation-in-elixir (https://0x7f.dev/post/ntp-implementation-in-elixir?utm_source=thinkingelixir&utm_medium=shownotes) – Post about implementing a Network Time Protocol in Elixir. - https://erikarow.land/articles/mix-completions (https://erikarow.land/articles/mix-completions?utm_source=thinkingelixir&utm_medium=shownotes) – Post about implementing shell completions for mix tasks - https://www.youtube.com/playlist?list=PLKBMoE8mCkXijPYoLCKtWeHa-q69EYwDf (https://www.youtube.com/playlist?list=PLKBMoE8mCkXijPYoLCKtWeHa-q69EYwDf?utm_source=thinkingelixir&utm_medium=shownotes) – Youtube playlist for published GigCityElixir conference talks Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Discussion Resources - https://github.com/lexical-lsp/lexical (https://github.com/lexical-lsp/lexical?utm_source=thinkingelixir&utm_medium=shownotes) – Lexical LS Github project - https://github.com/lexical-lsp/vscode-lexical (https://github.com/lexical-lsp/vscode-lexical?utm_source=thinkingelixir&utm_medium=shownotes) – Lexical VS Code project - https://github.com/lexical-lsp/vscode-lexical#known-issues (https://github.com/lexical-lsp/vscode-lexical#known-issues?utm_source=thinkingelixir&utm_medium=shownotes) – Currently need to using Erlang 25.2 - https://marketplace.visualstudio.com/items?itemName=lexical-lsp.lexical (https://marketplace.visualstudio.com/items?itemName=lexical-lsp.lexical?utm_source=thinkingelixir&utm_medium=shownotes) – VS Marketplace Link for Lexical LS extension - https://venturebeat.com/dev/pinterest-elixir/ (https://venturebeat.com/dev/pinterest-elixir/?utm_source=thinkingelixir&utm_medium=shownotes) - https://discord.com/invite/elixir (https://discord.com/invite/elixir?utm_source=thinkingelixir&utm_medium=shownotes) – Join the Elixir Discord - https://github.com/elixir-lsp/elixir_sense (https://github.com/elixir-lsp/elixir_sense?utm_source=thinkingelixir&utm_medium=shownotes) - https://en.wikipedia.org/wiki/ComparisonofUnicode_encodings (https://en.wikipedia.org/wiki/Comparison_of_Unicode_encodings?utm_source=thinkingelixir&utm_medium=shownotes) Guest Information - https://twitter.com/icecreamcohen (https://twitter.com/icecreamcohen?utm_source=thinkingelixir&utm_medium=shownotes) – on Twitter - https://github.com/scohen/ (https://github.com/scohen/?utm_source=thinkingelixir&utm_medium=shownotes) – on Github Find us online - Message the show - @ThinkingElixir (https://twitter.com/ThinkingElixir) - Message the show on Fediverse - @ThinkingElixir@genserver.social (https://genserver.social/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen - @brainlid (https://twitter.com/brainlid) - Mark Ericksen on Fediverse - @brainlid@genserver.social (https://genserver.social/brainlid) - David Bernheisel - @bernheisel (https://twitter.com/bernheisel) - David Bernheisel on Fediverse - @dbern@genserver.social (https://genserver.social/dbern) - Cade Ward - @cadebward (https://twitter.com/cadebward) - Cade Ward on Fediverse - @cadebward@genserver.social (https://genserver.social/cadebward)
今天我们邀请老朋友张暄和微梨做客嘉宾,介绍亲身参与 ATypI 2023 的体验。本期节目将继续为大家分享嘉宾和主播印象深刻的演讲、讨论及参观活动——在国际化与包容性被反复讨论的设计思潮中,字体排印同样不可缺席。 参考链接 Unicode 15.1 开放公共测评(beta review) TikTok 于今年 5 月发布品牌字体 TikTok Sans,由 Grilli Type 协同设计 Discord 于去年 12 月起,启用新字体 gg sans TDC Ascenders 2023(新升奖)公布评奖结果 大曲都市著、刘育黎译.《街机游戏字体》.同济大学出版社,2021 年 ATypI 2023 法国国家印刷所参观活动(Imprimerie Nationale visit) 法国国家印刷所(Imprimerie nationale) 蒙纳铸排机(Monotype system) 用树莓派控制蒙纳铸排机 弗兰克·雅洛(Franck Jalleau),法国最后一位字冲雕刻师 “The Weight of the Ink”(油墨的重量),Véronique Vienne 在 ATypI 2023 开幕式后的主题演讲 “VR Calligraphy Performance: New medium, new possibilities, new perspectives on the art of writing”(VR 书法表演),ATypI 2023 开幕式现场表演 “Designing Fonts for 2 Billion People”,Héctor Mangas 和 Peter Biľak 在 ATypI 2023 的演讲 Typotheque 的文章集合,包括天城文各种区域不同字形的调查报告 国王的希腊字(Grecs du roi) Paul Shaw. Revival Type: Digital Typefaces Inspired by the Past. Yale University Press, 2017 Michael S. Macrakis. Greek Letters: From Tablets to Pixels. Oak Knoll Press, 1996 “Decolonizing Ascenders and Descenders: Resisting homogenization and encouraging diversity”,Borna Izadpanah 在 ATypI 2023 的演讲 “Typeface Legibility and Low-vision Readers”,Sofie Beier 在 ATypI 2023 的演讲 “Titans of Transfer Type”,Dan Rhatigan 在 ATypI 2023 的演讲 字谈字畅 106:观看《平面之道》之道 “It Started as a Typeface for Post-digital Letterpress Printing, and Then it Became Much More”,Ana Sofia Mariz 在 ATypI 2023 的演讲 微软公司的 ClearType 技术 “Power in the World of Type”,Ann Bessemans、Laura Meseguer、Lynne Yun、Nadine Chahine 和 Veronika Burian 在 ATypI 2023 的演讲 “OpenType 2.0 Panel, 2023 Edition”,ATypI 2023 的专题讨论 Boring Expansion,HarfBuzz 起草的字体格式规范扩展第一部分 “Script Meets Tech: Responses to materiality in some ancient and medieval letterforms”,Marc Smith 在 ATypI 2023 的演讲 “Filiation: Nurturing a pedagogy of type design in France”,Alice Savoie 和 Thomas Huot-Marchand 在 ATypI 2023 的演讲 本次巴黎年会举办地点为由巴黎第四与第六大学于 2018 年新合并而成的索邦大学朱西厄校区 阿拉伯世界文化中心(Institut du monde arabe),为法国建筑师让·努维尔(Jean Nouvel)设计 ATypI 2024 年会将于 6 月 3 至 8 日在澳大利亚布里斯班举办 ATypI 2023 off program(非正式活动) 法国国家图书馆举办的特展 “Imprimer ! l'Europe de Gutenberg” 拉雪兹神父公墓 普朗坦–莫雷图斯博物馆位于比利时安特卫普 嘉宾 张暄:前「燕京城外夜玫瑰」,汉仪字库资深字体设计师 刘育黎(微梨):字体设计师、平面设计师,atelierAnchor 锚坞联合创始人 主播 Eric:字体排印研究者,译者,The Type 编辑 欢迎与我们交流或反馈,来信请致 podcast@thetype.com。如果你喜爱本期节目,也欢迎用支付宝向我们捐赠:hello@thetype.com。
Angular is an open-source web framework used by millions of developers. Explore the Angular community. Miško is currently CTO at Builder, an API-driven, drag-and-drop headless CMS with a visual editor. Explore their docs or see what they're up to on their blog.Builder's full-stack web framework is Qwik, which just reached 1.0.Let Miško walk you through why Hydration is Pure Overhead.ICYMI, listen to our episode with Builder CEO Steve Stewell.Connect with Miško on LinkedIn, Twitter, or GitHub. You can also check out his website.This week's Lifeboat badge is awarded to ORION for their answer to Unicode symbol that represents "download".
We ask—and then we try to change emoji history. Learn how an emoji gets made as we submit our pie emoji proposal to Unicode.
In the Gaming Hut we look at what characters should do more often in horror: run! At the behest of beloved Patreon backer Eric Saltwell, the Word Hut seeks the real truth behind Unicode ghost kanji. In part two of our Cinema Hut Science Fiction Essentials series, we finally get to some actual movies, the […]
© 2020-2025 Ivy Podcast Discovery LLC
