Archive for April 6, 2023

Thursday, April 6, 2023

Bitcoin PDF in macOS

Andy Baio (Hacker News, MacRumors):

While trying to fix my printer today, I discovered that a PDF copy of Satoshi Nakamoto’s Bitcoin whitepaper apparently shipped with every copy of macOS since Mojave in 2018.


If you’re on a Mac, open a Terminal and type the following command:

open /System/Library/Image\ Capture/Devices/


In the Image Capture utility, the Bitcoin whitepaper is used as a sample document for a device called “Virtual Scanner II,” which is either hidden or not installed for everyone by default.

It’s unclear whether this a test file that wasn’t intended to ship or an Easter egg of some kind.

Violation of Undo in Apple Mail

Daniel Jackson:

Appropriately, Apple synchronized this action with the undo action of the general Undo concept. So if you send a message and then immediately execute an undo, it is interpreted as undo send, even without clicking the special transient button carrying that label.

But Apple went further. The undo action is synchronized with undo send for as long as the message has not been sent, even if another action has been performed in the meantime.


Initially, I thought that the effect of the undo was to pop the undo-stack all the way back to the send. In fact, it’s not that bad, and what it does instead is to keep the send action on the top of the stack even as other actions are performed. Either way, this violates the simple and intuitive operational principle of Undo that executing undo reverses the last action performed.

Web Fingerprinting Is Worse Than I Thought

Bitestring (via Hacker News):

But companies found another way to uniquely identify you across different sessions and websites without using cookies or other persistent storage. It’s called web fingerprinting. Fingerprinting is a more sophisticated approach to identify a user among millions of others. It works by studying your web browser and hardware configuration. Many websites use a fingerprinting library to generate a unique ID. This library collects data from multiple JavaScript APIs offered by your web browser. For example, websites can see web browser version, number of CPUs on your device, screen size, number of touchpoints, video/audio codecs, operating system and many other details that you would not want a typical news website to see.

All of these values are combined to generate a unique ID. Surprisingly, each user’s device and browser specifications differ so much that they get a unique ID among millions.

I did not think web fingerprinting is serious until I came across a company which is actually selling fingerprinting as a service to other websites. I tried their demo and shocked how accurate it is. Many ecommerce websites use it because these fingerprinting companies sell it, saying it prevents credit card frauds and increases security of the websites.

Nick Heer:

My visitor ID was stable in Safari after visiting only in private windows across two separate sessions. This, despite using Safari’s anti-tracking features, having iCloud Private Relay switched on, and using browser extensions which limit what kinds of scripts are able to run in my browser — and, again, accessing it only in private windows. On its homepage, FingerprintJS says the “VisitorID will remain the same for years, even as browsers are upgraded”. It can be, near as makes no difference, a permanent personal identifier.


Update (2023-04-07): Kuba Suder:

There are some tools that let you check how you’re fingerprinted and exactly what data provides how many bits of information / how much uniqueness, e.g.: and

Zippyshare Closing


Since 2006 we have been on the market in an unchanged form, that is, as ad financed/free file hosting. However, you have been visiting in less and less over the years, as the arguably very simple formula of the services we offer is slowly running out of steam.


All sorts of adblockers, whether built into the browser, as add-ons, or in the form of DNS services. Sure, we all use them, but they take away any control the site owner has over the site. Eventually we get to the point where a vicious cycle begins, in order to pay for the server infrastructure you are forced to place more and more ads, then users fire up more and more adblockers and we get to a point like today.


Over the past year, electricity prices have gone up 2.5 times, which, with a large number of servers, gives a significant increase in costs that we have no way to balance.

Via Andy Maxwell (Hacker News):

Zippyshare’s success was built on solid yet basic foundations; straightforward free hosting of files, via a clean interface, at zero cost to the user.


Almost three years after the surprise 100mb limit was introduced, Zippyshare doubled its filesize limit to 200mb. A little later, when the internet was consumed with Megaupload being taken down, Zippyshare carried on as if nothing had happened, or it did once its email servers had been fixed.


Nominated for “notorious market” status by the RIAA in 2013, Zippyshare became a magnet for rightsholder complaints, regular referrals to the U.S. government, and millions of DMCA notices.

To date, rightsholders have requested the removal of more than 14.5 million Zippyshare URLs but for internet users in Europe, worse was on the horizon.


I used to send files by way of zippy, no fuss password protected obviously small stuff I wanted to send over - but it became really NSFW and I had to change to another.

Of course it also means people aren’t using it to share files to people who may have children in the same room - it really was over the top stuff[…]


Update (2023-06-02): Nick Heer:

All of these services have been historically used by, among others, plenty of old-school music blogs. There are many reasons to object to file sharing, but I do think there is something special about that era of online publishing.

Ernesto Van der Sar (via Hacker News):

RARBG, one of the world’s largest torrent sites, has said “farewell” to millions of users.