Polygon had seen better days, that's for sure. But in their early days the site was very, very good.

More than anything else, I feel like the site lost its focus somewhere in the last half-decade. The original focus of the site is all in the name: polygons - as in video games. But Vox slowly morphed it into a general pop culture website. These days it's a mix of video games, movies, TV shows, board games, books, etc.

Those are all fine things in and of themselves. But at best they dilute the brand. And at worst they're taking the place of video game content, to the point where if you're after actual gaming news you're going to want to go elsewhere, because Polygon didn't have the editorial bandwidth to cover it.

So it has been a long time coming, in some respects. Unfortunately, the people who really pay the price are the writers, who are now out of a job.

CodeWeavers is one of the few companies that I believe really do intend to keep their word - and have the means to do it.

The company has been shipping CrossOver Mac for almost 20 years now - basically since Macs transitioned from PPC to x86. They've rejiggered their software lineup a couple of times, essentially consolidating a few different products (Games, Office, Standard) into a single SKU, but they've always provided a continuity of features and an upgrade path. Put another way, they've been offering the same continually-updated CrossOver product for over two decades now.

Which, since it's essentially the commercial release of Wine, that makes sense. Their whole business model is constantly developing improvements to Wine, and then bundling that up into a commercial-grade software package that comes with official support. So their business model is stable (so long as Windows remains important), as well as the need to continue updating the software.

Given how intertwined CodeWeavers is with Wine, it would be a disaster if they did renege on lifetime updates for anyone who has paid for them. The corollary to that being that if it were to happen, then something very bad must have already happened to the broader Wine ecosystem, as this is how they primarilly fund the whole project.

Good high schools have offered stats courses for ages. And for college-bound students, AP Statistics has been offered for almost 30 years now.

Not even jokingly, no. Denuevo is self-contained at the executable level: it runs entirely in ring 3. It's not like, say, StarForce, which needed a ring 0 driver installed.

Similar but reversed. My credit unions aren't part of Zelle, but some people don't use or won't use Venmo or Paypal FF. This removes one of the few free ways to transfer funds.

Ditto. This change means I won't be able to pay Zelle users. There are other services, so it's not the end of the world, but it makes Zelle all but impossible for me to use.

I remember when the Beeb was still experimenting with various forms of radio streaming. They were one of the first groups to try out OGG Vorbis, and even though they didn't stick with it, their R&D efforts contributed a lot to the development and success of Vorbis overall.

More importantly, I didn't think there would be a day where you wouldn't be able to stream BBC Radio online. Even 25 years later, I still enjoy poking the Radio 1 stream now and then just to see what weird and hip stuff they're running overnight. It's still an insightful look into what's going on nearly half-way around the world.

So that sucks.

Isn't most of the cost the probe, followed by the energy and machinery needed to get out of Earth's immediate gravity well?

Being that close to us is more convenient. But if it reduces the cost of a mission from $500m to $450m, that's not the kind of significant improvement needed to make more missions viable.

Did slashdot suddenly stop working with certain scripts disabled? Site load normally, then changes into a massive notice that JavaScript needs to be enabled.

For the last few months, Slashdot's owners have been toying with an anti-adblocking service called Ad-Shield.

Ad-Shield is a very thorough and very heavy-handed service that has multiple layers of checks to ensure that ads are loading. And a lot of those checks require JavaScript to run. So Ad-Shield makes the site unusable without JS in order to make it harder to block its checks.

But if Nvidia is removing PhysX entirely, then ANY game using Physx, be it 32bit or 64bit, is dead. The game will not work.

To clarify, the PhysX middleware is bundled with the game. It's usually statically compiled in, but there are also some instances where it's shipped as part of a DLL.

The issue is that the API PhysX uses to access the GPU to execute GPU-accelerated effects is CUDA. And NVIDIA is dropping 32-bit CUDA support. That means there's no way for the PhysX middleware to talk to the GPU. As you correctly note, PhysX itself doesn't stop working - the CPU effects still work just fine - but all of the optional GPU effects will stop working.

And 64-bit CUDA support isn't going away. So 64-bit binaries that use PhysX GPU effects will continue to work just fine.

Indeed. Alongside RAM, NAND is the other classic cyclical (boom & bust) technology market.

The long-term trend is always down, but inside of a two year period it's going to behave like a sine wave, with prices cresting and busting out as production reacts to market prices and the onlining of new facilities.

There are a surprising number of businesses that (still) don't accept anything above a $20. They'd really rather you pay with a card - and if you aren't going to do that, they want you using bills that are too small to be worth counterfeiting.

Note that MD5 is not that bad. It is still competent at protecting files against corruption or third party tampering, because a collision attack is not currently possible.

Are you sure about that? This is getting outside of my specialty here, but Wikipedia notes that the Flame malware was able to counterfeit a Microsoft MD5 signing certificate in 2012. That seems like exactly the kind of collision attack that warrants retiring it for signing certificates.

I do agree that it still seems fine as a basic file hashing algorithm, though.

Yes and no.

Cryptography is one of the areas where a lot of leeway is needed. As computers get faster and algorithms get weakened by attacks, it is critical that old algorithms are retired and replaced with new ones that can stand up to attacks for the coming decades. Otherwise we'd still be using the now trivially broken MD5.

Frankly, I'm surprised it has taken Apple this long to implement SHA-2 everywhere. The NIST stopped allowing it for digital signatures in government services over a decade ago, and web browsers stopped accepting it in 2017. Even Microsoft stopped signing binaries with it in 2020.

As the old adage goes, if you want a program to last forever, don't give it networking capabilities. The moment that it needs to communicate with other programs in order to function, you've committed to having to maintain the program to keep up with the times. Conversely, if Square Enix hadn't used IAPs, then the game could have run fully stand-alone.

It's not a bug. It's because Square Enix doesn't want to update the game to handle purchase receipts signed with SHA-256.

Crystal Chronicles was released in 2020. The game is essentially one giant collection of free demos, with IAPs to unlock the specific games inside. Square opted to do on-device verification of IAPs (which is generally a good thing), which means the app relies on purchase receipts sent over by the App Store.

Up until 2023, these receipts were signed with an SHA-1 certificate, at which time Apple started a process to migrate over to a much stronger SHA-256 certificate. Between then and the end of last month, both certificates were available. But on January 24th, Apple moved to the last phase of the migration as the SHA-1 certificate expired.

As a result, the current build of Crystal Chronicles cannot read Apple's modern receipts. It would need to be updated to handle the SHA-256 receipts. In fact, Square can't even submit a new build of the game to the App Store without SHA-256 support, as that has been a requirement since August of 2023.

There are a few other ways around this as well, though all would take more effort on Square's part. Apps that rely on server-side verification weren't affected by the certificate change (that's all handled by Apple's servers). And there are now functions in the StoreKit API such as Transaction that fully offload the cryptographic process to the OS, abstracting away these kinds of changes. Though I don't believe this was available in 2020 when the game was first released.

Dev-wise, there may be other things that Square would need to do to bring the game into compliance with current App Store rules as well. The minimum SDK version Apple accepts right now is iOS 17, for example. So the project would need ported from what I'd wager is the iOS 13 SDK. That shouldn't be a big deal for a well-written app. But a poorly-written, minimum-effort port - especially one making heavy use of external libraries - could definitely have issues.

Ultimately, Square kind of tried to have their cake and eat it too, and it backfired on them. Had they not relied on IAPs, this issue would have been avoided. Alternatively, if they had gone fully in the other direction and used server-side verification, this issue would have been avoided. But the on-device route, while noble in some respects, also comes with the most maintenance work, which they are now opting out of doing.

What you're missing here is that the provisioning of these devices happens via a cloud service. The sale point of something "smart" is that you are able to access it remotely. That means your devices ultimately connect to some remote server. The way they do that presents a risk.

Sure, it presents a risk. But I've also not heard of any major TV vendors getting their cloud service compromised and all of their TVs getting compromised in turn. Especially with these devices increasingly using certificate pinning, which is making it difficult for even the owner to do much to the device, let alone outsiders.

It's entirely possible I'm just out of the loop here. But I'd expect a TV vendor getting hacked to make the news. So while I agree that TVs behaving like a 10 year old and wanting unfettered internet access is not a good thing - on a theoretical basis alone, it should be stopped - in practice I'm not seeing evidence of that leading to widespread compromise?

That's before you consider some stupid backdoored devices punching holes in your router via UPNP to open up to any idiot out there.

Now that is definitely a lot more plausible. But what are TVs even requesting UPnP IGD port punching for? Of all the TVs I've been dragged into supporting over the years, none of them have seemed to use port punching. Presumably, precisely because they just initiate outbound server requests instead. It's certainly a potential issue, but I'd expect to see UPnP IGD used more for home security cameras and the like - which have services to offer the end user - than I would TVs and related gear.

If firewalls were enough to keep bad guys out we wouldn't have malware.

Ain't that the truth!

Going by PC world at least, where OSes have well-defined support schedules and built-in firewalls, the usual weak point for the last 20 years hasn't been the systems, it's been the users. They're the ones who are accessing hostile webpages (with code exploiting browser vulns) and installing malware-infected applications. It's mostly all pulling, with very little pushing going on.

Which to get back to the subject at hand, it makes me wonder if the TV problem isn't a networking vulnerability problem, but rather a user problem. With so many of these TVs running flavors of Android, side-loading apps is very doable. And people are certainly (still) dumb enough to install compromised apps in order to get stuff for free - there's a whole industry built around it with questionable, piracy-focused Android-based STBs.

But if that's where most of these TVs are getting compromised, then the whole software support aspect of CR's argument is a red herring when it comes to TVs. Even with updates, this is all privileged code blessed by the user. So we'd still have the same problem.