Niet eerder in zijn leven had Gustav von Aschenbach zo’n mooie jongen gezien

Onstuimige, verboden, onuitgesproken verliefdheid. Deze zomer zoekt NRC de beste boeken over zomerse liefde. Deze aflevering: De dood in Venetië.

Liveblog wapenstilstand. Gisteren twee Amerikaanse aanvalsgolven, 'Amerikaanse vrouw bevrijd uit Iran'

Social

Trump schrijft bovenstaand dat er een 'Amerikaanse vrouw' die sinds 2024 'onwettig' vastzat in Iran het land veilig heeft verlaten. Hij noemt haar identiteit niet, maar de New York Times sprak in augustus 2025 van een vrouw met een Iraans en Amerikaans paspoort die in december 2024 in Iran gearresteerd was, maar vervolgens werd vrijgelaten nadat haar paspoorten waren afgenomen, waardoor ze het land niet kon verlaten. De New York Times beschreef haar destijds als volgt: "De vrouw werkt voor een Amerikaans technologiebedrijf en leidt een liefdadigheidsorganisatie voor kansarme kinderen in Iran. Maar na de recente oorlog heeft de Iraanse rechterlijke macht haar zaak opgeschaald en haar aangeklaagd wegens spionage, aldus haar advocaat – een ernstig misdrijf waarop jarenlange gevangenisstraf en zelfs de doodstraf kan staan."

Dan even over de Amerikaanse aanvalsgolven van gisteren. Dat waren er twee, maar die daarvoor eindigde pas om 22:00 de vorige avond, dus het zat erg dicht op elkaar allemaal. CENTCOM schrijft:

"CENTCOM beëindigde op 15 juli om 21.00 uur (Eastern Time) een reeks aanvallen op Iran die in de avonduren plaatsvond. Amerikaanse strijdkrachten vielen Iraanse commandocentra, luchtverdedigingslocaties, faciliteiten voor raketten en drones, en kustbewakingsposten aan. Hiermee werd beoogd het vermogen van Iran verder te ondermijnen om een ​​bedreiging te vormen voor onschuldige zeevarenden aan boord van commerciële schepen die door de Straat van Hormuz varen. CENTCOM zette precisiewapens in om doelen op meerdere locaties, waaronder Bandar Abbas, te raken. Eerder die ochtend hadden Amerikaanse strijdkrachten tijdens een aanvalsgolf van 90 minuten al installaties voor kustverdediging en kruisvluchtwapens op het eiland Greater Tunb bestookt."

Ook heeft CENTCOM als onderdeel van de opnieuw ingevoerde maritieme blokkade van Iraanse havens een olietanker uitgeschakeld die weigerde om te keren: "Strijdkrachten namen waar dat de onder de vlag van Curaçao varende tanker M/T Belma door internationale wateren richting Kharg-eiland voer. Het commerciële schip negeerde herhaalde waarschuwingen toen het probeerde de Amerikaanse blokkade te doorbreken. Een Amerikaans toestel schakelde het schip uit door Hellfire-raketten op de schoorsteen af ​​te vuren. Het schip is niet langer onderweg naar Iran."

Iran reageerde met de traditionele aanvallen op Amerikaanse doelen in Golfstaten. Benieuwd wat vandaag brengt, wij gaan weer live!

CENTCOM sfeerbeeld

Social

CENTCOM schakelt olietanker uit die weigerde om te keren

SocialSocial

Unauthorized low passes will continue until morale improves

Social

The Daily WTF

Curious Perversions in Information Technology

CodeSOD: Wait Longer

Karen was maintaining some specification tests that were flaky. Not extremely flaky, but three or four times out of a thousand, the tests would just fail. The tests were complicated, and some of the operations were timing sensitive, so it wasn't precisely surprising- but the problem was that they were actually generous with their timing windows. The unit tests passed consistently, it was only these functional, specification-based tests that failed.

So, for example, there were sections in the tests where they wanted to wait at least 2ms. Since the code and tests were in TypeScript, they used the setTimeout function, which per standard JavaScript documentation warns that it may wait longer. But again, Karen was fine with longer.

Unfortunately for Karen, the documentation for NodeJS is less specific, as it makes no guarantees about when the timeout function gets invoked. This means that it can fire the timeout before the time has elapsed.

After many, many hours of debugging, that was exactly the situation that Karen found herself in. Which is why her very simple wait function went from:

export const wait = (ms:number) => new Promise((complete) => setTimeout(complete, ms));

To the much more awkward:

export const wait = (ms: number) {
    const target = performance.now() + ms;
    return new Promise((complete) => {
        const checkReady = () => {
            if (performance.now() > target) {
                complete();
            } else {
                setTimeout(checkReady, 1);
            }
        }
        setTimeout(checkReady, 1);
    });
}

This version of the function checks the time every millisecond, and only completes the operation if we've waited at least as long as our target duration. This ensures that the timeout never fires too soon and it fixes the janky tests. But it's also terrible. Terrible that it exists. Terrible that this is the best solution. Terrible that our functional tests need to be so time sensitive. And terrible that the Node runtime actually breaks the one consistent scheduling guarantee that pretty much every other scheduler does: that it'll wait at least as long as you asked, but might wait much longer.

At best, we can say, "at least it's only testing code."

[Advertisement] Picking up NuGet is easy. Getting good at it takes time. Download our guide to learn the best practice of NuGet for the Enterprise.

The Register

Biting the hand that feeds IT — Enterprise Technology News and Analysis

Tech support scam caused massive data breach at Australian airline Qantas

Australia’s Privacy Commissioner has revealed a tech support scam was the cause of the massive 2025 data breach at Australian airline Qantas and found the carrier didn’t breach its privacy obligations despite leaking personally identifiable information for 5.7 million customers. The Commissioner reached that conclusion, and a decision not to open a formal privacy probe, in a report published today. Qantas has previously admitted the incident was the result of a social engineering attack on a contact center. The Commissioner’s report goes deeper, explaining a crook who claimed to represent “Qantas IT help” made the call and told a contact center agent to access a CRM system and perform certain actions needed to close a support ticket. Those actions instead connected the CRM to a data extraction tool which the crooks used to siphon off customer records. The Commissioner considered whether Qantas observed the Australian Privacy Principles (APPs), the binding rules that govern how businesses safeguard PII, and found the airline did the right thing. The report found that Qantas audited the operator of the contact center and tested the security awareness of its employees – and had done so in the months before the incident. Qantas also conducted mandatory and recurring training on how to handle PII. The Commissioner was therefore satisfied Qantas took adequate steps to ensure the contact center observed the APPs and didn’t fail in its obligations. The regulator made a similar finding regarding the airline’s cross-border data-sharing practices. “Our inquiries did not identify any omissions in the steps Qantas took that, if addressed, would have prevented the breach that occurred in this incident,” the report states. The APPs include a requirement to take reasonable steps to protect personal information from unauthorized access. Again, the Commissioner decided Qantas complied because it used role-based access controls, among other techniques to protect data. Another issue the regulator considered was whether Qantas took reasonable steps to destroy or de-identify the personal information it didn’t need. The carrier told the Privacy Commissioner that it scheduled annual data removal runs from its CRM, and that no records that deserved deletion or removal were present at the time of the attack. That clean record saw the Commissioner decide not to launch a deeper investigation. “I have a broad discretion to commence an investigation of an act or practice where it may be a contravention of the APPs and where it is desirable to do so,” the report states. The first-person pronoun is presumably the work of Commissioner Carly Kind, who observed “it does not appear that Qantas could have reasonably foreseen and prevented the breach in the manner that it occurred. The way in which the threat actor gained access was through a vishing attack which could not have been prevented by a strengthening of Qantas’ current role-based access controls.” It’s possible the Commissioner will revisit the matter at another time, and class-action lawsuits are also in train regarding the incident. Qantas may therefore still have to fight through plenty of turbulence before this matter lands. One thing the report doesn’t address is the identity of the attackers. Pundits have suggested the Scattered Spider gang did the deed after it started attacking the aviation industry in the weeks before the Qantas incident. ®

Even HP resellers thought the price of toner and ink was too high – so HP India facilitated an illegal cartel

The Competition Commission of India (CCI) has fined HP Inc. and some of its resellers, for what it calls “cartelisation” activities that inflated the cost of PCs and printers – and which it says HP used to head off threats from resellers to sell counterfeit ink cartridges. The ₹138.85 crores/$14.4 million fine won’t be a massive inconvenience to HP. The facts of the case may be, as the CCI found HP told its resellers what prices to charge when they bid for tenders posted to a government procurement site. The PC and printer giant also prohibited some of its resellers from bidding on tenders. In its order related to HP’s bids to sell printer supplies, the regulator reveals it accessed WhatsApp records that show HP staff and some of its resellers “were operating in a collusive arrangement and shows the practice of bid rigging including cover bidding, price fixation, and customer allocation, during 2017-2020.” Cover bidding is the practice of having one reseller make a ridiculously high bid that a vendor knows won’t win a deal, in the hope other resellers who offer more reasonable quotes will get the sale. The order also claims that HP would decide in advance which of its resellers would sell to which customer. The CCI found that one of HP’s motives was to ensure that it remained competitive with other PC and printer makers, rather than to favor a particular reseller. Another motive was to stop resellers from selling counterfeit ink and toner. “Due to constant downward pressure on pricing because of new resellers, Tier-2 resellers threatened a shift to low-cost counterfeit products to compete on price,” the order states. Some of those resellers formed an “understanding” about the prices they would charge, so they would not undercut each other’s bids. The order says HP “facilitated” development of that understanding to defend its printer supplies business. “HP India was commercially forced into a position where it had to support the collusive arrangement adopted by the Tier-2 resellers,” the order states. In a second order regarding the sale of PCs, the CCI found HP’s actions helped HP to navigate the reverse auction process used to determine the winner of some tenders. “HP India faced the risk if its resellers exited early due to unsustainable downward pricing pressure resulting in no sale for HP India,” the order states. “The coordination amongst HP India’s reseller was accordingly designed to ensure that at least one HP reseller remained present in the final round.” The orders compel HP, and the resellers it worked with, to cease all such activity. ®

Ius Mentis

Internetrecht door Arnoud Engelfriet

Wat als een Vinted-verkoop misgaat? ‘Ineens had ik 817 euro verlies gemaakt’

Vinted is een van de populairste platforms voor tweedehands kleding, maar niet iedereen houdt daar een positieve ervaring aan over. Dat meldde TROS Radar onlangs. Ze onderzochten de uiteindelijk toch juridische vraag: hoe goed zijn verkopers op Vinted eigenlijk beschermd als er iets misgaat?

Kern van het probleem is dat het platform (net als diverse andere) met kopersbescherming werkt, waarbij verkopers eigenlijk met lege handen staan als het platform meent dat de koper een punt heeft:

Radar ontving de afgelopen tijd meerdere klachten over Vinted. Gebruikers vertellen onder meer dat zij onterecht worden geblokkeerd, dat zij namaak- of beschadigde artikelen ontvangen, en dat betalingen soms niet worden vrijgegeven of juist wel terwijl dat niet zou moeten. Ook wordt vaak genoemd dat contact met Vinted lastig is en dat besluiten niet goed worden uitgelegd of besproken.
Het idee van kopersbescherming is even sympathiek als eenvoudig. De betaling van de consument wordt in depot (escrow) gehouden tot je je producten hebt. Blijkt de zending kwijt, dan lost Vinted dat op door je geld terug te geven. Ook bemiddelen zij bij een geschil, en omdat de winkel het geld dan nog niet heeft, zal die sneller meewerken aan een oplossing.

Het probleem is even eenvoudig: als verkoper heb je nu geen enkele kans meer als de koper (te) makkelijk gelijk krijgt. Bezwaar is moeilijk, bewijslast torenhoog en contact krijgen wil vaak ook niet lukken. Al sinds 2022 zijn klachten van deze aard te lezen.

Juridisch is hier weinig over geregeld. De Digitaledienstenverordening (DSA) kent wel regels over online marktplaatsen, maar die gaan vooral over de consument meer informatie en waarborgen bieden. De wat minder bekende platform-to-business verordening (P2B) kent wél een beschermende regel voor bedrijven:

Onlinetussenhandelsdienstverleners zorgen voor een intern systeem voor het afhandelen van de klachten van zakelijke gebruikers.
Alleen gaat dat dan weer niet over klachten voortvloeiend uit de koopovereenkomst met de consument op het online platform. (Het is meer bedoeld voor zaken als je account dat zomaar gesloten wordt, of onduidelijkheden bij je app in de store geplaatst te krijgen.)

Arnoud

 

 

Het bericht Wat als een Vinted-verkoop misgaat? ‘Ineens had ik 817 euro verlies gemaakt’ verscheen eerst op Ius Mentis.

DNA Lounge: Wherein another artifact comes to light

I found another 36-year-old VHS tape on eBay! D.O.A.'s final concert, live at DNA Lounge, in 1990.


Slashdot

News for nerds, stuff that matters

US Suffered a Major Power Outage Every Month of 2026

An anonymous reader quotes a report from Electrek: A Reddit post making the rounds this week claims the U.S. has experienced at least one major power outage every month of 2026 -- but is it true? I dug into several outages, the extreme weather behind them, and what we can do to help keep the lights on. [...] The claim that hundreds of thousands of Americans were without power over extended periods at least once per month, every month of 2026 surprised be in two ways. First, because I had no idea if it was true -- and, second, because it felt true. We try to do better than writing about things that feel true around here, however, so I did a bit of research (translation: I Googled power outages by month) and came up with the following examples in about sixty seconds

January: More than 296,000 customers still without power as winter storm freezes much of the US
February: More than 380,000 customers without power as winter storm hits US Northeast
March: Storms Cut Power to Over 1 Million Customers in U.S. Midwest, Mid-Atlantic; Ohio Hardest Hit
April: At least 29 tornadoes touched down in Central Illinois on April 17th
May: Energy Secretary Issues Emergency Order to Deploy Backup Generation in the Mid-Atlantic Amid Heatwave
June: More than 373,000 U.S. customers without power due to extreme weather
... and that list is far from comprehensive, and how you feel about it might depend on what you consider a "major" outage, of course -- but consider that there are tens of thousands of Americans without power right now, and that's not making the news. [...] The lesson here is that weather-related grid outages -- whether they're caused by wildfires, mudslides, derechos, tornadoes, ice storms, hurricanes, heat waves, or some other disaster I'm lucky enough to have forgotten about -- read like statistics when they're happening over there, but get personal real quick when they're happening to you.

Read more of this story at Slashdot.

Found Photograph

Thomas Hawk posted a photo:

Found Photograph

Found Photograph

Thomas Hawk posted a photo:

Found Photograph