Yes this is what im confused about. They described it as a parking domain, but the old strategy of "buy a popular domain and put ads on a one pager" hasn't been something that pays substantively for a long time. Ads sales have plummeted in general but not being able to use adsense would make it worse.
The first example I looked at was haute-sorne.ch, which is reported by this tool as "Self hosted/other". Whilst it's true that they appear to self host, https://mails.haute-sorne.ch will land you on a Microsoft Exchange server, patch level 15.2.1748.39.
This is better than typical, being an October 2025 patch. But that leaves open CVE-2025-64667, CVE-2025-64666 and CVE-2026-21527. Which are vulnerabilities with patches out going back months.
Now are these RCEs? No, but this was also the first example I looked at.
This is a misrepresentation. This command-line is the compiler invocation, and is not the equivalent to 'make' on Windows. The actual equivalent on Linux, in the same order of the arguments to cl.exe would be:
I see no difference. One uses slash-demarcated arguments, the other uses hyphens. The g++ invocation is missing the flag for the exception handling model[1]. Otherwise, it is a matter of what you are used to. In fact, if you have MinGW, this exact command-line invocation will probably work correctly.
When you install the VS build tools you get nmake which processes most Makefiles just fine. Or you get a solution file, in which case you just open the solution in VS and press F5. Or if you are hung up about doing it in the command-line, it would be
msbuild.exe foo.sln
Or with CMake, which has a cross-platform command-line,
cmake --preset somepreset
Linux people who don't know Windows and complain that 'it looks like this' is my bugbear, when they can spend hours fixing a dumb in-tree driver with printf debugging that works plug-and-play on Windows.
Im running APL only stickers on my keyboard because it seemed more entertaining than blank caps for touch typing. Freaks people out, but really enjoy it.
Outside of these unfortunuate situations, a lot of people are quite happy for developers of eg kernel anti cheat to have a difficult time.
We do need to recognise, a long history of "windows always bluescreens" was somewhat reigned in by this policy with a lot of crashes coming down to third party drivers.
There's more to it. Signed desktop software can be signed by any CA.
Veracrypt has kernel drivers. Microsoft's ability to control what you can sign is specific to kernel drivers, and Microsoft's trigger finger around bans exists in the world where bad drivers BSOD machines.
Speculation as well and highly unlikely. Microsoft drivers can very well BSOD your machine as well, not a significant or convincing threat scenario and certainly not something that lead to certificate revocation of driver developers. There is zero quality control or review by Microsoft here. Not for their own products and not for third party ones.
That's not entirely true. Certain classes of signing keys require driver developers to put their driver through a test battery and submit the results to Microsoft.
I wish Microsoft expanded and built on that model, instead of moves like firing swarthes of their QA staff.
It could have grown into a massive, self-service testing playground where any developer could submit their product and put it through an arsenal of basic, automated evaluations (e. does uninstall leave tidbits behind?), with paid upgrades to more tailored services. They could even publish scores to help consumers coarsely compare workmanship across different vendors, and encourage an emphasis on quality across the whole ecosystem.
Instead they decided to just become overpaid bouncers who take your money, check your ID, and don't even bother about what you bring through the door.
My experience deploying at blockers in the enterprise is the average non tech user feels the Internet is "broken" when it's not covered in ads and will tell helpdesk it needs to be fixed.
The easy example is that meta was full of influencers confirming the war was over, with the us having won, at a time Iran's own statements declared otherwise. That was a while back.
To prompt a discussion that's purely technical: I'm interested in how this was done.
Specifically, Turnstile as far as I'm aware doesn't do anything specifically configurable or site specific. It works on sites that don't run React, and the cookie OpenAI-Sentinel-Turnstile-Token is not a CF cookie.
Did OpenAI somehow do something on their own API that uses data from Turnstile?
reply