Japan is a bureacracy-driven credentialist Confucian scholar-boner societal nightmare, so pushes for more credentialism are never a surprise. Recently this month laws and fines for bicyclists have gotten stricter. Yes, a human-powered vehicle that almost anyone can ride without a license is deemed necessary to enforce. This is what the government thinks is worthy of its time, and it thinks making immigration harder to do with more bureaucratic entry barriers is necessary when the foreigner population is barely 3%. The process to getting a driver's license is insane. If you want to avoid the Kafkaesque procedures at the license center, you have to go to a school that costs around $2000 and takes several weeks so you can have forced participation in the bureacracy. The United States fails to prioritize anything whereas Japan prioritizes all the wrong places and thinks such misprioritization is good because it considers any centralized action at all to be inherently good. Wheels spinning in place.
I have been in Tokyo a week ago and that they want to do "something" to affect the behavior of cyclists is absolutely unsurprising to me. Cyclists are definitely a problem in Tokyo. They ride like maniacs, always on sidewalks, even if there are bicycle paths on the road. The actually surprising thing was that the otherwise very ordered and rule-abiding tokyoites are so chaotic when it comes to bicycles.
Now where I am from every school kid gets to take part during a days long bicycle safety introduction and after that most citizens will be relatively ok to ride practically for the rest of their lifes. In Tokyo it seemed to me that tokyoites seemed to have declared bicycling a rule-free space for themselves. I have been there two weeks and witnessed 3 near accidents on the sidewalk.
I am not a fan of bureaucrats, but we can't assume people are able to create a good outcome just by themselves without education, guidance, rules and enforcement. The best way is to educate your population early on on how move in a public space using bicycles. But if you have a problem to solve right now the next best thing is the law.
Cyclist in Tokyo here. Maybe I wouldn't need to go on the sidewalk so much if they didn't let cars treat the bicycle lane like roadside parking. Enforce that before enforcing some stupid green ticket. We need dedicated bicycle lanes partitioned from the car lanes like I've seen in Australia.
Yeah, I am a cyclist myself. The bicycle lanes in Tokyo were woefully inadequate, so many cyclists using the pedestrian areas is not really a big surprise. But what was a surprise (mirrored in one of your silbling comments) was the way in which they did it.
I am living in Germany and there are also cyclists on sidewalks here. But I don't think I ever had the feeling when walking here that I needed to move when a cyclist approached. Cyclists are aware they are not supposed to be there so they will have to wait to pass. That was different in Tokyo, hence also my lack of surprise that there needs to be some regulation, since this was clearly dangerous and with a city that size this has to end up in hospitals on a daily basis.
Yeah, I gained a habit of constantly checking over my shoulders because of the people who will speed past you on e-bikes with very little room. Even parents with their kid in the back ride like mad.
This was something I really reacted to in Japan. Cyclists had absolutely no manners at all. I know it is popular to complain about cyclists everywhere, but Japan really stood out to me)
All of that stuff you listed sounds great, actually. I sure wish my government would enforce traffic laws, raise the barrier of knowledge to drive, and reduce immigration. Alas.
Well, I mean Japan has almost half the GDP per capita than Germany and the mentioned fee is the minimum in a rural area (a place where driving becomes essential), not Tokyo where it's considered the ultimate privilege bestowed upon from the heavens and costs more.
yes but maybe it’s still cheaper in DE than the time cost of learning JP
it’s cray cray that in non Schengen foreigners can drive 90 days im Germany with their foreign issued driving license, but natives are subject to insane whims of the driving Schule…
They traded my Canadian license for a German one. No tests required. I didn’t even now about the priority signs. I learned most of it when I did my motorcycle license later.
That loophole has been closed years ago by requiring classes and tests in your country of residence. I believe that’s the case since almost a decade, but I could be wrong.
On the morning of March 25th, as part of our ongoing improvements, we released a firmware update for select 2022+ Zero models that improves the accuracy of the battery state-of-charge and range display. This update addresses a condition where, over time, the system could overestimate available charge, which in rare cases could lead to the motorcycle shutting down before the display reaches 0%. Following installation, some riders may notice a lower battery percentage or reduced range estimate. This is expected and reflects corrected, more accurate readings — actual riding range is not affected.
See details at zeromotorcycles.com/firmware.
Ongoing Security Enhancements
Separately, we recently became aware of potential issues in our motorcycles’ firmware and are taking steps to address them with your safety and security in mind. This work is ongoing, and we remain committed to strengthening system protections across our platform.
We understand how important trust and dependability are when you ride. Thank you for your continued support.
Hilarious that someone would go to the length of creating 134 anonymized email addresses, but all of them using the same Apple account. Might as well have put in the effort for actual anonymous email addresses.
I know software developers complain about forced compliance due to the security theatre aspects, but I would like to charitably ask from someone who has technical understanding of FIPS-compliant cryptography. Are there any actual security advantages on technical grounds for making WireGuard FIPS-compliant? Assume the goal is not to appease pencil pushers. I really want to know if this kind of effort has technical gains.
Actual fips compliant (certified) gives you confidence in some basic competence of the solution.
Just fips compatible (i.e. picking algos that could be fips compliant) is generally neutral to negative.
I'm not 100% up to date, so that might have changed, but AEAD used to be easier if you don't follow fips than fips compatible. Still possible, but more foot guns due to regulatory lag in techniques.
Overall, IMO the other top-level comment of "only fips if you have pencil pusher benefit" applies.
FIPS-140 allowed encryption using 3DES up until Jan 1 2024, and allowed certification of modules containing SHA-1 through the end of 2025. There is some transition-timeline nuance involved, but those examples are in general pretty horrible from a security perspective.
There is no security advantages or technical grounds for using FIPS algorithms in a WireGuard clone instead of Chacha / Blake2. It's purely a compliance move. ChaPoly, Blake2, etc, are not known to be broken and we have every reason to believe they are strong.
Getting a crypto module validated by FIPS 140-3 simply lets you sell to the US Government (something something FedRAMP). It doesn't give you better assurance in the actual security of your designs or implementations, just verifies that you're using algorithms the US government has blessed for use in validated modules, in a way that an independent lab has said "LGTM".
You generally want to layer your compliance (FIPS, etc.) with actual assurance practices.
My limited understanding is that issues like being vulnerable to side channel attacks are very difficult to detect. So you have to have shown that the entire development process is safe. From the code to the compiler to the hardware to the microcode, it all needs to be checked. That said it does seem like compliance is a bigger priority than safety.
If you're considering whether to use a FIPS 140-3 module for your cryptography, consider that FIPS 140-3 is really only for specific compliance verticals. If you don't know whether you need it, you probably don't need it.
So, along those lines, if you wonder whether a package's cryptography should be FIPS 140-3 compliant, then the real question is whether you are a vertical that needs to be compliant. Again, if you aren't sure, the answer is likely NO.
>Again, if you aren't sure, the answer is likely NO.
Likely no, I agree. But I think there are probably a lot of companies selling enterprise software that later attempt to solicit a FedRAMP authorization that would benefit from planning ahead and building a compliant version from the jump. Worth considering and having a conversation internally.
I presume it's a product strategy to provide a box of "compliant" libraries/services, so other companies can quickly tick and sign a checkbox saying "we use compliant VPN", because someone else is going to look whether the checkbox is ticked and signed, because someone else is going to...
Have you seen how bad flight booking sites can get? I've had to download airline apps a majority of the time because the website failed to finish payment properly.
I don't think we should call presentations visionless or fault them for wanting to solve this UX nightmare.
> Have you seen how bad flight booking sites can get?
Claude is pretty amazing, but it still goes down rabbit holes and makes obvious mistakes. Combining that with "oops I just bought a non-refundable flight to the wrong city" seems... unfun.
I'm with you and feel your anger. So tired of California's useless virtue signaling about housing and homelessness while no progress is made for decades. California, stop messing around and start living up to your virtue signals! It's infuriating to live in California, hear all day about caring about poor people, then do nothing at all for the bottom line and in fact endeavor to make it harder and discriminate against poor people as much as possible.
And then they'll act so surprised when the populists without a plan show up and win the national elections.
Some of the problem in California is that the population of want-to-buyers is all focused on a small number of extremely geographically constrained areas.
Their answer is always "more density" but more density isn't going to solve it - the demand is not fixed and density will not alleviate it, so there is natural pushback on ruining the area and not actually solving the problem.
The real answer here is that the valley needs to extend further south, as in the 1990s plans for companies to start building campuses in Silver Creek or further, which would require the government to incentivize such moves.
Had the dotcom lasted another two years or so, IBM, Cisco, and many others would have done the capital investment in campuses further out, and the viable housing area would have increased dramatically, but it didn't work out that way.
I just want to say that despite the AI negativity in other places, this highlights the positive aspect of it. I'm sure this could have been done without it, but I'm glad OP could get it out faster for a low-risk use case, shared it with us, and in the process taught a little bit of refining to others. It's a fun minigame.
Thank you, almost like you read my manifest for this haha. I was concerned the learning would get overshadowed by the LLM use. Hope you learned some interesting facts that help you understand the why of refining a little bit more. I started developing this before the conversation around oil became mainstream media again.
"Show HN: Clitly - My API for locating the clitoris using Node.js [github.com]"
reply