AI 资讯
Meta's Noninvasive Brain–Computer Interface Brain2Qwerty Achieves 61% Accuracy
Meta recently open-sourced Brain2Qwerty v2, a noninvasive Brain–Computer Interface (BCI) that can decode sentences from thoughts using electroencephalography (EEG) or magnetoencephalography (MEG) signals from the brain. In evaluations, the system achieved a word accuracy rate 61% on average, compared to 8% for other non-invasive methods. By Anthony Alford
AI 资讯
Why Enterprise AI Governance Should Start at the Access Path
Many enterprise AI governance discussions start with frameworks. Frameworks are useful. They help organizations define principles, roles, controls and accountability. But when an enterprise starts using generative AI in real workflows, the practical governance problem often appears somewhere much more specific: the AI access path. That is the moment when an employee, application, copilot, agent or API workflow sends a request to an AI model. At that point, governance becomes operational. The practical governance questions Before an AI request reaches a model, an enterprise may need to answer several concrete questions: Who is sending the request? What business use case is involved? What data is being sent? Which AI model is being used? Is the model approved for this use case? Should sensitive data be masked or blocked? Was the access decision recorded? Can the activity be reviewed later? Can AI usage and token cost be explained by user, department, model and use case? These questions are not only policy questions. They are architecture questions. If the enterprise cannot answer them at the access path, AI governance may remain too far away from the real system behavior. Why the access path matters Many organizations already have AI policies. But policies are often written before or after the actual AI interaction. The access path is where policy meets execution. For example, a team may approve the use of generative AI for internal productivity. But the organization still needs to understand: whether customer data is being included in prompts; whether employees are using approved or unapproved models; whether sensitive content is being sent to external services; whether different departments are using AI in very different ways; whether audit evidence exists when an incident or review happens. This is why AI governance should not only be treated as a document, committee or training program. It also needs a technical control point. A simple access governance pattern A
AI 资讯
Stop Writing try/catch in Every Controller
When I first started building APIs with Express.js, every async controller looked the same. I would write a try block, perform some database operations, and then write a catch block that called next(error) . It worked, so I copied the same pattern into every controller. One controller became ten. Ten became fifty. Eventually, I realized that half of my controller code wasn't actually business logic, it was just repetitive error handling. That's when I discovered the Async Handler pattern. The Problem A typical Express controller often looks like this: export const getUser = async ( req , res , next ) => { try { const user = await User . findById ( req . params . id ); if ( ! user ) { throw new Error ( " User not found " ); } res . json ( user ); } catch ( error ) { next ( error ); } }; There's nothing wrong with this code. The problem is that every async controller ends up looking exactly the same. Every file contains: try, catch and next(error) over and over again. Besides being repetitive, it's also easy to forget. Miss one try-catch block, and Express won't automatically catch errors thrown inside async functions. What Is an Async Handler? An async handler is a small wrapper function that automatically catches errors from async controllers. Instead of every controller handling its own errors, the wrapper does it for you. A Simple Analogy Imagine an office where every employee has to stop working whenever someone rings the front door. Besides doing their own job, they also have to greet every visitor. This quickly becomes repetitive and inefficient. Instead, the company hires a receptionist to handle every visitor. Now the employees can focus on their actual work while the receptionist takes care of the door. An async handler works the same way. Controllers focus on handling requests, while the async handler catches errors and passes them to Express's error handler. Without an Async Handler export const createUser = async ( req , res , next ) => { try { const user
AI 资讯
Manticore Speaks MySQL - So I Made It a Laravel Database Driver Instead of a Scout Engine
The problem I've been working with Manticore Search for about two years at EricaPRO , building the search layer for two financial data platforms. For the past year, that work has been a Laravel API. Manticore was never the problem. It's fast and it's stable. The problem was the gap between Manticore and Laravel. I had already built a package for this — laravel-manticore-search , a fluent builder over Manticore's HTTP/JSON API. It works, and it's still in use. But it's a client wrapper. Every feature had to be implemented manually. Every new filter or facet meant more custom architecture around the client, and none of the things Laravel gives you for free — models, migrations, pagination, casts — applied to it. Scout doesn't close that gap either. Scout gives you search() . No full query builder, no migrations for your indexes, sync is your problem. That's not a criticism — Scout abstracts over engines with completely different APIs, so it exposes the lowest common denominator. It just wasn't what I needed. What I needed was simple to describe and annoying to not have: something plug and play. Something Laravel way. Point Eloquent at Manticore and use Eloquent. The insight Manticore speaks the MySQL wire protocol. Out of the box, port 9306. You can connect to it with any MySQL client and run SQL. I had been using that port for two years without thinking about what it meant for Laravel. Because here's the thing: all of Eloquent — models, query builder, migrations, pagination, chunking — sits on top of a Connection and a Grammar . The grammar compiles builder calls into SQL for a specific dialect. That's the entire mechanism behind Laravel supporting MySQL, Postgres, SQLite and SQL Server with one codebase. So the real question was never "how do I re-implement Eloquent on top of Manticore's client?" It was "how thin can a Manticore grammar be?" If Manticore accepts MySQL-protocol connections and mostly-MySQL SQL, then a Laravel database driver — a custom connection plu
开发者
Plex Keeps Getting Worse. Is Jellyfin a Decent Replacement?
If you want to stream local media, this free and open source media server is just as good as Plex. But if you rely on remote access or live TV, prepare to tinker.
AI 资讯
Best RGB TVs (2026): My Picks After Testing the Hottest TVs
RGB TVs are the latest hotness in the world of televisions, and I’ve tested many of the latest models to see which you should buy.
开发者
9 Tips to Get More Out of Google Chat
There’s more to Google’s messaging app than you might realize.
AI 资讯
Oura Ring 5 Review: Still the Smart Ring to Beat
It’s not the upgrade Ring 4 owners have been waiting for, but it’s easily the best smart ring Oura has ever made.
开发者
Google's Genkit Ships Agents API with Detached Turns and Human-in-the-Loop for TypeScript and Go
Google released the Genkit Agents API in preview for TypeScript and Go. The open-source framework packages message history, tool loops, streaming, and state persistence behind a single chat() interface. Detached turns let agents work after clients disconnect. Interruptible tools provide human-in-the-loop control with anti-forgery validation on resume. By Steef-Jan Wiggers
AI 资讯
Diagnosing Cloudflare Blocks Before Changing Your Scraper
A scraper fails, someone swaps the User-Agent, someone else adds a proxy, then the job starts passing locally but fails again in CI. That usually happens because Cloudflare did not block “scraping” as one thing. It evaluated several signals, and each failure needs a different fix. This is about authorized automation: your own sites, customer-approved workflows, testing, monitoring, data access you are allowed to perform. If you do not have permission to automate against a site, changing fingerprints or rotating IPs does not make it okay. Start with the failure you actually see Cloudflare failures often get collapsed into “403”, but the page body matters. Common cases: Error 1020 : usually an access denied page from a Cloudflare rule or bot score decision. The HTTP status may still be 403, so inspect the HTML. 403 without a 1020 page : often IP reputation, firewall rules, geo restrictions, or an auth problem. 429 : rate limit exhaustion. Slowing down can help here, but it will not fix a fingerprint problem. Endless Just a moment... page : your client did not complete the browser-side challenge. CAPTCHA or Turnstile loop : Cloudflare still considers the session borderline after earlier checks. Add classification before you add workarounds. Even a basic classifier saves time: import time import requests CLOUDFLARE_MARKERS = { " 1020 " : " cloudflare_access_denied " , " Just a moment " : " cloudflare_js_challenge " , " cf-turnstile " : " cloudflare_turnstile " , " cf-error-code " : " cloudflare_error_page " , } def classify_response ( resp : requests . Response ) -> str : body = resp . text [: 5000 ] if resp . status_code == 429 : return " rate_limited " for marker , label in CLOUDFLARE_MARKERS . items (): if marker in body : return label if resp . status_code == 403 : return " forbidden_unknown " return " ok " if resp . ok else f " http_ { resp . status_code } " def get_with_backoff ( url : str , max_attempts = 4 ): for attempt in range ( max_attempts ): resp = request
AI 资讯
The Chatbot That Foretold Why People Share Secrets With ChatGPT
In the 1960s an MIT professor named Joseph Weizenbaum created a chatbot called ELIZA. The conversations people had with it set precedents for the chatbots to come.
AI 资讯
Why AI Agents Are Replacing Traditional SaaS
A few weeks ago I was setting up a new project and needed to do the usual dance: create a Notion doc, spin up a Linear board, invite the team to Slack, and set up a couple of Zapier automations to connect them all. It took me most of an afternoon. That's when it hit me — I wasn't actually trying to "use" any of these tools. I just wanted the outcome. I wanted the project set up. And somewhere between the fifth Zapier trigger and the third failed webhook, I found myself thinking: why am I the one gluing all this together? That question is basically the whole thesis behind this post. AI agents aren't just a new feature category bolted onto SaaS. They're starting to eat the reason SaaS exists in the first place. The old deal: software rents you a workflow Traditional SaaS sells you a workflow, not an outcome. You pay for Notion, and Notion gives you a very nice, very rigid shape to pour your thoughts into. You pay for HubSpot, and it gives you a CRM shape. You pay for Zapier so you can awkwardly stitch the shapes together. This worked great for twenty years because the alternative was building everything yourself. SaaS was the shortcut. But the shortcut came with a tax: you had to adapt your work to fit the tool, and when you needed two tools to talk to each other, you had to become a part-time integrations engineer. The new deal: software does the workflow for you An AI agent flips that relationship. Instead of "here's a tool, go operate it," it's "here's the outcome, go figure out how to get there." You tell an agent "onboard this new client" and it can read the contract, create the folders, send the welcome email, schedule the kickoff call, and post a summary in Slack — using whatever tools it has access to, without you clicking through five different dashboards. That's the part that's easy to miss if you only think of agents as "chatbots with extra steps." A chatbot answers questions. An agent does multi-step work: It breaks a goal down into subtasks It calls tools
AI 资讯
Getting the public IP in PHP — no dependencies, no API key
Getting the public IP in PHP — no dependencies, no API key PHP is still one of the most widely deployed server-side languages, running a significant share of the web's backend code. If you're building a PHP application that needs the public IP address — for geolocation, DDNS, diagnostics, or country detection — this article covers the common patterns using IPPubblico.org : free, no key, HTTPS, JSON and plain text endpoints. Use case 1 — Your server's own public IP (one-liner) The simplest case: a PHP script that needs to know its own public IP. <?php $ip = trim ( file_get_contents ( 'https://ipv4.ippubblico.org/' )); echo $ip ; // 203.0.113.42 file_get_contents works if allow_url_fopen is enabled (it is by default on most servers). If not, use cURL (see below). Use case 2 — With cURL (recommended for production) file_get_contents has no timeout control and minimal error handling. For production code, cURL is better: <?php function getPublicIP (): ?string { $ch = curl_init ( 'https://ipv4.ippubblico.org/' ); curl_setopt_array ( $ch , [ CURLOPT_RETURNTRANSFER => true , CURLOPT_TIMEOUT => 5 , CURLOPT_FOLLOWLOCATION => true , CURLOPT_SSL_VERIFYPEER => true , ]); $response = curl_exec ( $ch ); $httpCode = curl_getinfo ( $ch , CURLINFO_HTTP_CODE ); curl_close ( $ch ); if ( $response === false || $httpCode !== 200 ) { return null ; } return trim ( $response ); } $ip = getPublicIP (); echo $ip ?? 'Unavailable' ; Use case 3 — Full geolocation data When you need country, city, ISP and timezone in addition to the IP: <?php function getIPInfo ( ?string $ip = null ): ?array { $url = 'https://ippubblico.org/?api=1' ; if ( $ip !== null ) { $url . = '&ip=' . urlencode ( $ip ); } $ch = curl_init ( $url ); curl_setopt_array ( $ch , [ CURLOPT_RETURNTRANSFER => true , CURLOPT_TIMEOUT => 5 , CURLOPT_SSL_VERIFYPEER => true , ]); $response = curl_exec ( $ch ); $httpCode = curl_getinfo ( $ch , CURLINFO_HTTP_CODE ); curl_close ( $ch ); if ( $response === false || $httpCode !== 200 ) { retur
AI 资讯
7 MongoDB Query Mistakes That Return the Wrong Results
MongoDB queries look simple. You type a field, give it a value, hit run, and you get your data back. But just because a query runs without throwing an error doesn't mean it worked right. Sometimes you get a blank screen. Sometimes you get way too many records. Other times, the data looks fine at first glance, but it doesn't actually match what you asked for. Most of these slip-ups happen for one basic reason: the query structure doesn't match the way the data actually sits in the database. To show you what we mean, we’ll use a clinic database with a collection called visits . Here is what a typical document looks like: JSON { "_id": "6871b6f9c3f1d1a4c2a10001", "status": "completed", "visitDate": "2026-07-01T09:30:00.000Z", "patient": { "name": "Anna Keller", "age": 34 }, "doctor": { "name": "Dr. James Carter", "specialty": "Cardiology" }, "symptoms": ["cough", "fever"], "prescriptions": [ { "name": "Ibuprofen", "active": false }, { "name": "Paracetamol", "active": true } ], "invoice": { "paid": true, "method": "card", "total": 250 } } You can run these examples right in the VisuaLeaf MongoDB Shell . Using visual tools makes a big difference because you can see exactly what MongoDB is returning in real time. 1. Forgetting the Curly Braces This is just a quick typo, but it breaks things right away. The Mistake: db . visits . find ( status : " completed " ) The Correct Query The find() tool always expects an object. Even if you are only looking for one specific thing, you still need to wrap that condition in curly braces {} . 2. Treating $or Like a Regular Object This one trips a lot of people up because the broken version looks like it should work. The Mistake: db.visits.find({ $or: { status: "completed", "invoice.paid": false } }) What is wrong: $or expects an array of conditions, but this query gives it one object. The error will usually be something like: MongoServerError: $or must be an array The Correct Query The first query is wrong because $or needs an array, n
AI 资讯
Four Eras of Cloud Security. Same Verb.
✓ Human-authored analysis; AI used for formatting and proofreading. Scott Piper published a twenty-year retrospective on cloud security research in March 2026. It's the most useful structural history of the field I've seen — four eras, each with defining milestones, each with the tools and research that shaped cloud security. If you work in cloud security, read it first. What follows is a question about what the history reveals when you examine one detail it doesn't discuss. The four eras Piper divides two decades into four eras: 2006–2016, Foundational. Cloud providers built the security primitives — IAM (2011), CloudTrail (2013), Organizations and SCPs (2016). Before these existed, there was no mechanism for least privilege, no audit trail, and no organizational boundary. Security research in this era was part-time work from people with broader careers. 2016–2021, CSPM. Cloud security became a full-time job. CIS Benchmarks standardized what to check. Open-source tools proliferated — Prowler, CloudMapper, Pacu, Cloud Custodian, ScoutSuite. Cloud security during this time largely meant deploying a CSPM. 2021–2025, CNAPP. Point solutions gave way to platforms. Vendors integrated CSPM with container scanning, vulnerability management, and workload protection into a single product category. Research teams at vendors began finding cross-tenant vulnerabilities in the cloud providers themselves. 2025–present, AI. AI accelerates both attack and defense. Exploits that required deep language expertise are generated in minutes. A CTF challenge was solved by an AI within minutes of release. The industry is speed-running the cloud eras. This is a well-evidenced narrative. Every era is defined by a change in what tools could do and who was building them. The verb that didn't change Look at what each era's defining tools do. The direct action each tool performs on its direct object. In the CSPM era, the defining tools match API responses against rule databases. Prowler, ScoutSuit
AI 资讯
DOGE Used AI for Housing Policy. The Government Won’t Say How
In response to a public records request, HUD has withheld documents about DOGE’s use of AI—in part by citing a privilege that doesn’t exist.
产品设计
Pinwheel launches a retro-inspired landline phone for kids
Kid-friendly tech company Pinwheel announced the launch of a new landline phone designed to let children stay connected without the distractions of a smartphone.
AI 资讯
Article: Comprehension at AI Speed: Building a Context Store for Evolutionary Architecture
AI makes the first 80% of development feel fast, but hides architectural complexity until it's too late. To prevent system instability, engineering leaders must shift from raw throughput to systemic comprehension. By unifying spec-anchored SDD, TDD, and automated fitness functions into a repo-bound "Context Store," teams can ensure AI agents and human reviewers evolve code safely. By Stella Berhe, Stephan Bragner, Vikram Maran, Anand Jayaraman
AI 资讯
Hisense's E Ink phone has a full-color LCD you can snap on the back
The Hisense A10 has an E Ink main display and a magnetic LCD screen you can attach to its rear.
AI 资讯
Evolutionary Data Through Schemaboi: Achieving Forward, Backwards, and Sideways Compatibility
Drawing from the enduring adaptability of HTML and HTTP, Seph Gentle proposes embedding self-contained schemas directly into file headers, ensuring data remains readable without external definitions. His experimental format prioritises forward, backwards, and sideways compatibility, enabling data format evolution without central coordination or data loss By Olimpiu Pop