[object Object]

Do you know how law works? There’s no law against Newell accepting cash from Russia. Whereas, if the US wanted, they would easily make a law saying it’s forbidden to accept any kind of payment from Russia. Steam operates entirely within what the law says.

Are you aware of what you yourself wrote in the original comment?

Russia is sanctioned and they are not supposed be able to make purchases at all.

Explain to me why they’re supposed to not be able to make purchases.

There are no ‘Western sanctions’ that prohibit from selling stuff to all Russians. Visa and MasterCard stopped doing cross-border transactions by their own decision, and most Russian banks are cut off from SWIFT. That’s all, aside from more individual and sector-specific sanctions.

If we’re talking about the same thing, then afaik their whole claim is that we aren’t in a simulation, because we have true randomness which can’t be created in software. But it’s not necessary to create true randomness in software to have it in said software.

Although I haven’t read the full paper, and am going off what people wrote about it in comments.

Russia is sanctioned and they are not supposed be able to make purchases at all.

Might want to try finding sources for this, because you’ll discover this is untrue.

For what claim?

If you mean the fact that we have true randomness, just read about how secure random number generators work, like urandom. It’s not some industry secret, they’re in every computer and likely every smartphone out there, and have been around for twenty years at least.

This here is the implementation of sha256 in the slow language JavaScript:

const msgUint8 = new TextEncoder().encode(message);
const hashBuffer = await window.crypto.subtle.digest("SHA-256", msgUint8);
const hashHex = new Uint8Array(hashBuffer).toHex();

You imagined that JS had to have that done from scratch, with sticks and mud? Every OS has cryptographic facilities, and every major browser supplies an API to that.

As for using it to filter out bots, Anubis does in fact get it a bit wrong. You have to incur this cost at every webpage hit, not once a week. So you can’t just put Anubis in front of the site, you need to have the JS on every page, and if the challenge is not solved until the next hit, then you pop up the full page saying ‘nuh-uh’, and probably make the browser do a harder challenge and also check a bunch of heuristics like go-away does.

It’s still debatable whether it will stop bots who would just have to crank sha256 24/7 in between page downloads, but it does add cost that bot owners have to eat.

I mean, I thought it was long dead. It’s twenty-five years old, and the web has changed quite a bit in that time. No one uses Perl anymore, for starters. I used Open Web Analytics, Webalizer, or somesuch by 2008 or so. I remember Webalizer being snappy as heck.

I tinkered with log analysis myself back then, peeping into the source of AWStats and others. Learned that a humongous regexp with like two hundred alternative matches for the user-agent string was way faster than trying to match them individually — which of course makes sense seeing as regexps work as state-machines in a sort of a very specialized VM. My first attempts, in comparison, were laughably naive and slow. Ah, what a time.

Sure enough, working on a high-traffic site taught me that it’s way more efficient to prepare data for reading at the moment of change instead of when it’s being read — which translates to analyzing visits on the fly and writing to an optimized database like ElasticSearch.

Awstats

I thought I recognized it. Hell of a blast from the past, haven’t seen it in fifteen years at least.

The deterrent might work temporarily until the challenge pattern is recognised, but there’s no actual protection here, just obscurity.

Anubis uses a proof-of-work challenge to ensure that clients are using a modern browser and are able to calculate SHA-256 checksums. Anubis has a customizable difficulty for this proof-of-work challenge, but defaults to 5 leading zeroes.

Please tell me how you’re gonna un-obscure a proof-of-work challenge requiring calculation of hashes.

And since the challenge is adjustable, you can make it take as long as you want.

If you mean the paper saying it can’t be a simulation because the universe has true randomness, which can’t be created in software: we ourselves do in fact have true randomness in software, by capturing it from the environment via hardware sensors for fluctuations in temperature and such.

Use Ansible or some such solution like Puppet, Salt or Chef, just like the big boys do. If you don’t have a unified editable config for your machines, you don’t really have a homelab, you just have a pile of hardware instead.

Artistically, it’s pretty bold. It’s got rhythm, it’s dynamic, it’s insistent in its method. It’s just that its legibility is worse than that of a Russian doctor’s cursive writing, which for me is a visual companion to James ‘Blood’ Ulmer’s ‘Timeless’. This is however fine for a death metal band logo — would work even better for grindcore.

His signature that looks like a death-metal band logo?

Well, the game uses portable bytecode for the ‘Z-machine’ interpreter, and there are dozens of third-party interpreters for it. You can run these games on your phone, no need to compile them.

TBF I for one want to code to install an app. By which I mean use Ansible.

Wine has some compatibility differences between its versions — I’ve had to downgrade it before because the newer version didn’t work with the app I wanted. So, if you’re ever in the mood to try again, you could check out an older version, and perhaps try launching a simpler app like notepad which is iirc supplied with Wine.

Also, Wine launched from the command line, with the exe as the parameter, usually prints a lot of stuff some of which may say what libraries weren’t found, and winetricks allows installing those libraries easily (if it’s still around, I haven’t done this in a while). Typically something like ‘MS C++ redistributables’ or the .NET framework is necessary.

called Arabic Numerals because that’s their origin

While the origin of Arabic numerals is actually Indian.

Thanks again! This is very comprehensive and much more comprehensible.

Thanks, but as a non-quite-EU person I’d like you to know I understood your comment fine until a bit after the second comma in the second sentence, following which my grokking declined sharply to just the surface level when met with a bunch of peculiar terms forming a mighty wall of obstruction to my comprehending.