今日已更新 166 条资讯 | 累计 20138 条内容
关于我们

标签:#X

找到 668 篇相关文章

AI 资讯

I built a daily Linux documentation site

I built a daily Linux documentation site I created this site because I've noticed that Linux documentation is generally confusing. What is xybss? xybss is a simple site that publishes Linux documentation every day. No ads No tracking No JavaScript Just plain HTML docs I add at least one new command every day. Who is it for? Beginners learning Linux Anyone who needs a quick reference People who want simple, clean docs Current content Right now, the site covers basic commands like ls and rm. More commands are added daily. Check it out 👉 https://xybss.github.io Feedback is welcome

2026-07-06 原文 →
AI 资讯

A 20-year-old HCI paper, resurrected as a Chrome extension

I missed the tiny "x" on a browser tab again today. Meant to close it, switched to it instead. Aiming a one-pixel pointer at an eleven-pixel checkbox is basically microsurgery, and somewhere along the way we all just accepted that. Here's the strange part: HCI research solved this twenty years ago. It just never shipped. The paper In 2005, Grossman and Balakrishnan published The Bubble Cursor at CHI. The whole idea fits in one sentence: Make the cursor's hit area a dynamic circle that always contains exactly one target. That turns out to be the same thing as always selecting the target nearest to the pointer. Picture the screen divided into Voronoi cells, one per clickable thing, and the cursor picking the owner of whatever cell it's currently in. The clever part is what it refuses to do. Naive "gravity" cursors snap to every link on the way to the one you actually want, and they get stuck. The bubble cursor grabs exactly one target by definition. The moment a second target becomes nearer, it switches. So it stays calm on link-dense pages, and the paper showed significant speedups in controlled experiments. Twenty years later our cursors are still naked, so I built it as a Chrome extension. It's called MagPoint . The core is about 30 lines A content script collects clickable elements ( a[href] , button , input , ARIA roles and so on) and, every frame, picks the one with the smallest point-to-rectangle distance: function pointToRect ( x : number , y : number , r : DOMRect ): number { const dx = Math . max ( r . left - x , 0 , x - r . right ); const dy = Math . max ( r . top - y , 0 , y - r . bottom ); return Math . hypot ( dx , dy ); } Clicks that land in the empty space near a captured element get re-routed to it. Past a max radius of 120px the magnet lets go, and empty-space clicks behave like the normal web. It also stands down while you type or select text, because getting yanked toward a link mid-sentence would be infuriating. The rule that kept me sane: the vis

2026-07-06 原文 →
AI 资讯

Self-Hosting Like a Pro, Part 1: Hardening a Fresh Ubuntu VPS

This is the first article in a four-part series where I document how I turned a 10€/month VPS into a production-grade platform hosting my portfolio, a university group webapplication and a SaaS product, all isolated from each other with Kubernetes. In this part, we take a fresh Ubuntu server and lock it down properly before installing anything else. Why bother with hardening? The moment your VPS gets a public IP address, it starts receiving attacks. Not "might receive", it starts . Within minutes, automated bots will probe port 22, try root:root , admin:admin123 and thousands of other credential combinations. If you skip this step and jump straight to deploying your apps, you are building on sand. The good news: an hour of work is enough to eliminate the vast majority of these threats. Here is what we will set up: A non-root user with sudo privileges SSH key authentication, with passwords and root login disabled UFW as a simple, effective firewall Fail2ban to ban brute-force attackers automatically Automatic security updates What you need A fresh VPS running Ubuntu 24.04 LTS or newer. I use a Hostinger KVM 2 (2 vCPU, 8 GB RAM, 100 GB NVMe), but any provider works: Hetzner, DigitalOcean, OVH, Contabo. The root password or SSH key your provider gave you. A terminal on your local machine (macOS, Linux, or WSL on Windows). Throughout this tutorial, replace YOUR_SERVER_IP with your server's IP address and deploy with the username you want to use. Step 1: First login and system update Connect as root for the first and last time: ssh root@YOUR_SERVER_IP Update everything before touching anything else: apt update && apt upgrade -y apt autoremove -y If a kernel update was installed, reboot now: reboot Wait a minute, then reconnect. Step 2: Create a non-root user Working as root is like driving without a seatbelt: fine until it isn't. One mistyped rm -rf and the party is over. Create a dedicated user: adduser deploy Choose a strong password (you will still need it for sudo ,

2026-07-06 原文 →
AI 资讯

AI Model Context Protocol Adds Centralised Auth for Enterprise

The Model Context Protocol team has promoted its Enterprise-Managed Authorisation extension to stable status, adding a centralised way for organisations to control access to MCP servers through their identity provider. The project states the aim is to replace per-server consent prompts with a zero-touch flow in which users sign in once and then access approved servers without further setup. By Matt Saunders

2026-07-06 原文 →
AI 资讯

I Built a NATO Phonetic Alphabet Converter After One Phone Call Changed My Mind

It Started With a Simple Misunderstanding I was spelling something over a phone call. I said: "B" The other person heard: "D" So I repeated it. Still wrong. Then I remembered something I'd heard before: "B as in Bravo." Instantly... There was no confusion. That's When I Realized Some letters sound almost identical. Especially over: Phone calls Weak connections Noisy environments Different accents And repeating the same letter five times doesn't always help. Why I Built This Tool So I built something simple: 👉 https://allinonetools.net/phonetic-alphabet-converter/ A tool that instantly converts normal text into the NATO phonetic alphabet. For example: CHAT Becomes: Charlie Hotel Alpha Tango No signup. No setup. Just: Paste → Convert → Read What I Learned Before building this, I thought the phonetic alphabet was mostly for pilots or the military. Turns out it's useful for anyone who needs to spell things clearly. Like: Email addresses Usernames License keys Customer support Phone conversations The Small Problem It Solves Have you ever said: "M" And someone replied: "N?" Or: "P?" 😅 That's exactly the kind of confusion this avoids. Why It Works So Well Instead of similar-sounding letters... You use unique words. Like: A → Alpha B → Bravo C → Charlie D → Delta It's much harder to misunderstand. What Surprised Me I expected only developers or IT people to use it. But it also makes sense for: Customer support Call centers Students Remote workers Anyone spelling things over the phone What I Focused On I wanted the tool to be: Fast Simple Easy to copy Beginner-friendly Because if you're already on a call... You don't want extra steps. The Real Insight Good communication isn't always about saying more. Sometimes it's about making sure the first attempt is understood. Simple Rule I Follow Now If people keep repeating themselves... 👉 There's probably a simpler way to communicate. Final Thought The NATO phonetic alphabet has been around for decades. But after using it once... Yo

2026-07-06 原文 →
AI 资讯

Calculating On-Premises vs. Cloud Cost Break-Even for Small Businesses with Stable Workloads (5–7 Years)

Introduction: When Does On-Premises Outpace the Cloud? For small businesses like ComputeLabs , the decision between on-premises servers and cloud services isn’t just about cost—it’s about predictable stability versus elastic flexibility. With stable workloads (websites, email, file storage, backups, internal apps), the question narrows: Does a one-time server purchase amortized over 5–7 years beat monthly cloud bills? The answer hinges on a total cost of ownership (TCO) analysis , where upfront CAPEX collides with recurring OPEX , and hidden costs lurk in both models. The CAPEX vs. OPEX Tug-of-War On-premises servers demand a high initial investment —hardware, software licenses, setup. For a small business, this could mean $5,000–$15,000 upfront , depending on specs. Cloud services, in contrast, operate on a pay-as-you-go model , with monthly costs averaging $100–$500 for similar workloads. But here’s the catch: Cloud costs compound. Over 5 years, that’s $6,000–$30,000 —potentially double the on-premises CAPEX. The break-even point? When the cumulative cloud spend exceeds the depreciated server cost , typically 3–4 years in , assuming no major upgrades. Hidden Costs: The Silent Budget Killers On-premises servers aren’t just a one-time buy. Electricity (a 2U server consumes ~ 500W/hour , costing ~ $400/year ), cooling (fans degrade, heat expands components, shortening lifespan), and maintenance (disk failures, OS patches) add $500–$1,000/year. Cloud services mask these costs but introduce their own: data egress fees (AWS charges $0.09/GB for outbound transfers), premium support ( $100+/month ), and vendor lock-in (migrating data is costly). The edge case? Regulatory compliance —if data must stay on-premises, cloud costs become irrelevant, but self-managed security (firewalls, patches) becomes a non-negotiable expense. Scalability vs. Stability: The Workload Paradox Cloud’s elasticity is its strength—but for stable workloads, it’s overkill. An on-premises server sized

2026-07-06 原文 →
AI 资讯

Behind the Curtain: APE-QIL QUANTUM SUPREME OCTOPUS and the 3-Tier Sovereign Auth Pipeline

Most API authentication I've seen in production follows the same pattern: a single apiKey check at the top of each route handler, maybe a rate limiter slapped on as middleware, and a quota check that lives in the database layer. It works — until you have 673 routes across 3 access tiers, and you realize you can't answer the question "which routes require a paid subscription?" without grepping every file. I ran into this exact problem building the APE-QIL QUANTUM SUPREME OCTOPUS — a Bio-inspired Autonomous Intelligence Organism that operates as an AI routing platform with 14+ provider integrations. The codebase has 673 API routes divided into three access tiers: public (79 routes), free API key (337 routes), and paid subscription (255 routes). Manually maintaining auth on each route was untenable. So I built a composable request pipeline that makes the auth structure declarative and CI-enforced. This post walks through the architecture: the 3-tier sovereign auth model, the composable withRequestPipeline function, and the CI guard that fails the build if any protected route is missing its wrapper. The 3-Tier Sovereign Auth Model The access model is deliberately simple — three tiers, each with a clear boundary: // TIER 0 — Public, no auth (79 routes) // Health checks, pricing, blog, lead magnet, metrics // Example: /api/health, /api/pricing, /api/blog/* // TIER 1 — Free API key required (337 routes) // Any valid API key in the database grants access // Enforced via: withSovereignAuth('free') // Example: /api/v1/chat/completions (free tier limits) // TIER 2 — Paid subscription required (255 routes) // Requires Pro ($79/mo) or Business ($249/mo) tier // Enforced via: withSovereignAuth('professional') // Example: /api/v1/chat/completions (premium models, higher limits) The key design decision: the tier is declared at the route level, not inferred from the user's subscription at runtime. This means the route registry itself is the source of truth for "what requires what."

2026-07-06 原文 →
AI 资讯

10 Website Performance Optimization Tips Every Developer Should Know

Website performance is no longer just a nice-to-have feature—it's a critical factor for user experience, SEO, and business success. Even a one-second delay in page load time can reduce conversions and increase bounce rates. Whether you're building a portfolio, SaaS application, eCommerce platform, or business website, these optimization techniques can make a significant difference. Optimize Images Images are often the largest assets on a webpage. Use modern formats like AVIF or WebP, compress images, and serve responsive image sizes to reduce bandwidth usage. Self-Host Fonts Third-party font requests add latency. Self-hosting fonts, preloading critical font files, and serving only the required character subsets can dramatically improve loading performance. Remove Unused CSS & JavaScript Shipping unnecessary code increases download size and execution time. Tree shaking, code splitting, and removing unused styles help keep your bundle lean. Enable Caching Configure long-term browser caching for static assets and use hashed filenames for cache busting. This allows returning visitors to load your website much faster. Use Lazy Loading Images, videos, and iframes that aren't immediately visible should load only when needed. Native lazy loading is supported by modern browsers and is easy to implement. Optimize Core Web Vitals Google's Core Web Vitals measure how users experience your website. Focus on: Largest Contentful Paint (LCP) Interaction to Next Paint (INP) Cumulative Layout Shift (CLS) Improving these metrics benefits both SEO and user satisfaction. Minify Assets Minify HTML, CSS, and JavaScript files before deployment. Smaller files transfer faster and improve overall performance. Use a CDN Serving assets from edge locations around the world reduces latency and improves loading times for global visitors. Prioritize Accessibility Accessible websites provide a better experience for everyone and often align with SEO best practices. Use semantic HTML, descriptive labe

2026-07-06 原文 →
AI 资讯

Building in public, week 17: turning one feature into a page cluster (and the internal-linking layer nobody sees)

Week 16 shipped the AI background remover: Rust-native, ort + ISNet + libvips, no Python. That was the feature. Week 17 was not about writing more of it. It was about the boring, high-leverage part that most side projects skip: turning one working feature into pages that can actually rank, and wiring those pages together so search engines can find them. No new engine code this week. Just leverage on what already existed. Here is what that actually looked like. The problem: a hub with nothing pointing at it The background remover lives at /remove-background . That is the hub. The plan was classic hub-and-spoke: one general tool page, then use-case spokes that each target a specific intent (removing a signature background, prepping an Amazon product photo, and so on). I built two spokes this week. But halfway through, I looked at how internal links actually worked on the site and found the real problem: nothing linked from the hub to the spokes. The spokes linked back to the hub in their body text, but the hub had no idea they existed. Neither did the ~180 converter pages. Tool links on the site were hardcoded in a frontend constant, roughly: export const IMAGE_TOOLS = [ { label : " Compress JPG " , href : " /compress/jpg " , tool : " compress " }, { label : " Resize Image " , href : " /resize-image " , tool : " resize " }, { label : " Crop Image " , href : " /crop-image " , tool : " crop " }, { label : " Images to PDF " , href : " /images-to-pdf " , tool : " convert " }, ] as const ; That list covered the converter tools. It did not include the background remover or its spokes at all. So the new pages were orphans: reachable only through the sitemap, with no internal links carrying any signal to them. For a domain that is still young and still earning Google's trust, orphan pages get discovered slowly and rank even slower. The fix: one constant as the source of truth Instead of hardcoding links in three different places, I made a single constant describe the whole cl

2026-07-06 原文 →
AI 资讯

Where to preorder Grand Theft Auto VI

Rockstar's long-awaited Grand Theft Auto VI is launching November 19th, 2026 for PlayStation 5 and Xbox Series S/X consoles. The game will be available digitally at launch, with physical cases containing codes, not discs, so your options for preordering are straightforward. The preloading phase for the game begins on November 12th, which should give you […]

2026-07-06 原文 →
产品设计

Missing network configuration on fresh Ubuntu Server offline installation

Installing Ubuntu Server 24.04 LTS in an offline mode (no LAN cable or WiFi connected) leaves you with an unmanaged network interface which requires manual configuration post-install. The interface enp4s0 is unmanaged by systemd-networkd and also the service itself is disabled. NOTE: This guide applies to Ubuntu server. On Ubuntu desktop you have the NetworkManager service installed and the steps would be different. To fix the problem follow the steps below: Create a Brand New Netplan Configuration File Look into /etc/netplan . You will probably see the dir is empty. This means the installer completely gave up on configuring the network and didn't create any profiles. Create a new file, e.g. vim /etc/netplan/01-netcfg.yaml . Paste the following configuration network : version : 2 renderer : networkd ethernets : enp4s0 : dhcp4 : true This makes the interface managed by networkd instead of the desktop NetworkManager. Fix permissions The new file needs to be readable only by root so fix it's permissions chmod 600 /etc/netplan/01-netcfg.yaml . Enable network service Enable the network service and make it start on boot: systemctl enable systemd-networkd systemctl start systemd-networkd Run netplan Finally, we need to tell Ubuntu to use our new configuration and activate the network netplan generate netplan apply Network should be up! ip a

2026-07-05 原文 →
AI 资讯

Reclaim free space from VirtualBox VM on Windows host

When you delete files in your virtualbox VM in order to free up space on the host filesystem, this space is not automatically reclaimed. In order for the host system to see the changes you need to rewrite the free space with zeroes. Follow the below steps to perform this operation: Install zerofree package. It is needed to rewrite the free space with zeroes. Mount the filesystem as "readonly". This is needed for the tool to be able to perform it's task. If you're working with the "/", easiest way to mount it as readonly is to edit the kernel parameters. Edit /etc/default/grub . Find the GRUB_CMDLINE_LINUX_DEFAULT line. Add init=/bin/bash to it reboot Run zerofree -v /dev/sdX . This could run for some time, depending on the size of your disk. After it's done, run exec init to finish booting up. Shutdown the VM in order to be able to run the next command which requires a lock on the VDI volume. On the Windows host run VBoxManage.exe modifymedium "path\to\disk.vdi" --compact

2026-07-05 原文 →
AI 资讯

AI Can Write Code. So What Makes a Developer Valuable? Why PyNyx Thinks the Answer Has Changed

A few years ago, writing code was the difficult part. Today, AI can generate an API, build a React component, explain Dynamic Programming, fix bugs, and even suggest architecture—all within seconds. So here's a better question. If AI can generate code, what exactly are companies hiring humans for? The answer isn't typing speed. It isn't memorizing syntax. And it certainly isn't copying solutions faster than someone else. The value of a developer is shifting. And learning platforms need to shift with it. The Developer Role Is Changing Modern software engineering is becoming less about writing every line manually and more about making good engineering decisions. Can you understand a problem before solving it? Can you identify why one solution is better than another? Can you improve AI-generated code instead of accepting it blindly? Can you build something that is maintainable, scalable, and useful? These questions matter more today than they did five years ago. AI Reduced the Cost of Writing Code One of AI's biggest achievements is reducing repetitive work. That's a good thing. Developers spend less time writing boilerplate and more time focusing on higher-level thinking. But this creates a new challenge. When everyone has access to the same AI tools, writing code becomes less of a differentiator. Thinking becomes the differentiator. Learning Needs to Evolve Too Many learning experiences still revolve around one objective: Solve another problem. Complete another lesson. Earn another badge. Those activities still matter. But in an AI-first world, they aren't enough on their own. Learners also need opportunities to connect concepts, apply knowledge, build projects, and understand why solutions work—not just that they work. Where PyNyx Takes a Different Direction PyNyx is being built around a broader learning journey rather than a collection of isolated activities. Instead of separating learning into unrelated pieces, the platform connects multiple stages of growth. Stru

2026-07-05 原文 →
AI 资讯

Detecting Speaker Changes with Pyannote Segmentation 3.0 and ONNX Runtime

Hello, everyone. When listening to a conversation, we naturally keep track of who is speaking. A program has a harder job: beyond finding speech, it must also determine where one speaker gives way to another. Today, I will use an ONNX version of Pyannote Segmentation 3.0 to detect speaker changes in a two-person conversation and split the recording into one WAV file per utterance. What I Tested This lab uses FFmpeg to decode a roughly 14-second conversation into a 16 kHz mono waveform. It then combines the Pyannote segmentation model with simple post-processing to produce contiguous speaker segments. I wanted to verify: Whether six alternating utterances can be separated into six segments Whether the detected speaker indexes remain consistent throughout the recording Whether ONNX Runtime can process the audio faster than real time using only its CPU execution provider Whether every segment can be saved as a separate WAV file The complete code and reproducible environment are available in the pyannote-scd lab in kiarina/labs . This test performs segmentation using the model's speaker indexes. It does not compare speaker embeddings or run clustering, so it is not a complete speaker diarization pipeline that identifies the same person throughout a long recording. Reproducing the Lab You will need: mise uv FFmpeg curl The following commands fetch only this lab, download the shared test audio, and run it: git clone --depth 1 --filter = blob:none --sparse \ https://github.com/kiarina/labs.git cd labs git sparse-checkout set .gitignore .mise/tasks Makefile mise.toml \ 2026/07/04/pyannote-scd make download-test-assets mise -C 2026/07/04/pyannote-scd run On the first run, the task downloads the full-precision onnx/model.onnx file from onnx-community/pyannote-segmentation-3.0 on Hugging Face. uv then prepares the Python dependencies and runs the detector. How Speaker Segments Are Detected The input is this shared test asset: assets/mp3/conversation_2speaker_14s_16k.mp3 The re

2026-07-05 原文 →