Clearly a big f-up by FIFA on what looks like quite a tidy platform otherwise.
One question though, how do you know your feed would kick off the 'real' feed if you pushed to RTMP, does it just take the most recent connection as live? Does the protocol have a mechanism for dealing with multiple people pushing to the same endpoint? There maybe more checking on that endpoint and if course I'm sure most live broadcasters would have a live director to cut any feeds at their end if a dodgy feed popped up too.
A huge vulnerability nonetheless and a great write up!
Good question! So RTMP doesn't really have a clean way to handle two publishers on the same stream key. What would actually happen is the two streams fighting for the ingest endpoint, so the output would glitch between the two sources. Like if I pushed Subway Surfers gameplay it'd be flickering between the actual match and Subway Surfers with the audio cutting back and forth. You're right that a live director would catch it pretty fast but even a few seconds of that on air during a World Cup match is not great.
That's a different thing. RTMP ingest endpoints aren't behind the same API layer, they're just open media endpoints that accept a connection if you have the stream key. The stream key was right there in the URL. There's no JWT involved in pushing video to an RTMP ingest, it's just connect and publish.
My city is covered by a low emissions zone so the odd van polluting sticks out. I was in Athens recently and the pollution from so many old rough cars was so noticeable (and quite unpleasant).
Reminds me of how I didn't really notice cigarettes until they were banned from public spaces and the base level of normal was recalibrated.
That's exactly how it usually happens in my experience. I think a lot of people are OK if everyones upright on short haul flights (here most budget airlines don't have a recline facility and it's not missed) but once someone reclines into your space you then recline to gain a little space back and the domino effect takes place even if you're not sleeping.
And then the person in the last row is screwed because they are in a seat that doesn't recline but the seat in front of them does, so they have to sit like a canned sardine for the entire flight(ask me how I know).
That may be true but doesn't help if not accepting the terms prevents you from using the device.
On a practical level you then at best have a battle to get a third party (the retailer) to give you a refund and most people faced with the option of removing and returning a huge expensive device like a fridge with no guarantee of a refund are going to just leave it.
It does need some stubborn and tenacious people to make a stand and set a president - perhaps backed by a consumer rights group but it's an uphill battle.
> May 12, we began a software deployment that introduced a bug that could be triggered by a specific customer configuration under specific circumstances.
I'd love to know more about what those specific circumstances were!
Ah this is a positive thread so not [flagged] - gotta say Hacker News really has been shameful of late with it's shutting down of the negative stories around Grok.
yeah, there are major AI offerings from multiple vendors, but only one offering has the top boss trying to remove the AI's "wokeness" (with the obvious and hilarious results). why take the obvious extra (and entirely unnecessary) risk?
I did my first toilet browsing on a Sony Ericsson K750i on Edge network. For forums it worked really well. I suspect this site would have worked well on it.
There's definitely _something_ there, but, as with all philosophies, the internet has taken it and run with it to a fairly absurd degree, to the point where, for many adherents, it's basically a religion.
It's not. Feeding kids, researching vaccines and a bunch of other things that billionaires are funding should not depend on the graces and whims of billionaires, it should be something provided for by the government.
HN crowd is ... mixed, it's perhaps the one last true melting pot we have on the Internet. A curse and a blessing, if you ask me.
You got truly anything here. Europeans that in general tend to lean more towards "democratic socialism" and its various offshoots, American libertarians (which have a large intersection with Musk fanboys), a bunch of extremely rich startup founders, American progressives, conservatives of all kinds, Zionists and Hamas apologists, probably Russian and Chinese psy-ops, accelerationists, preppers... name any ideology and you'll find supporters on HN.
What has changed a bit is that tribalism seems to have taken over from civilized or at least arguments and fact oriented discourse. Personally, I'd prefer if downvotes and especially flags would require one to give a reason so that repeat offenders that just flag and downvote everything they disagree with can get suspended for ruining discussion.
Interesting how you put "hamas apologists" and not pro-palestinians next to Zionists. How would you have felt if it was written "pro-palestinains and genocide-apologists"?
Do you know what a "bubble" is? In fact, do you actually know any pro-palestinain people or do you get media that tells you about them? These are not the same thing. Very neat that you included "from the river to the sea" as right alongside rape. Very telling.
PS you can find street interviews of random isreali's where they will straight up tell you they wish all palestinians were killed with very little prompting. But I guess they just don't count huh?
There is a new function available in their app which does similar (i.e allow for proof of posting from a postbox). They've also been pushing collection by postman too.
It saves a trip to the post office which is a hassle which would be a cost for the Royal Mail (which was privatised as a separate company to the Post Office).
One question though, how do you know your feed would kick off the 'real' feed if you pushed to RTMP, does it just take the most recent connection as live? Does the protocol have a mechanism for dealing with multiple people pushing to the same endpoint? There maybe more checking on that endpoint and if course I'm sure most live broadcasters would have a live director to cut any feeds at their end if a dodgy feed popped up too.
A huge vulnerability nonetheless and a great write up!
reply