Web Excursions 2021-05-12
Can I email… Support tables for HTML and CSS in emails
Email Client Support Scoreboard
This page ranks email clients based on their support among the 182 HTML and CSS features listed on Can I email.
Apple Mail (macOS) : 169/182
Apple Mail (iOS) : 168/182
Outlook (macOS) : 162/182
Samsung Email (Android) : 160/182
SFR (Desktop Webmail) : 159/182
Can I Email? | Hacker News
jorangreef: Another way of looking at this scoreboard is as an approximate inverse ranking of webmail client security and leak vectors, with Gmail stripping far more dangerous elements than most webmail clients.
SVG is a minefield so massive it's hard to give an exhaustive list of everything that could go wrong.
Especially when these kinds of assets might be hosted on user content domains and where webmail clients might allow access to the SVG content with inline disposition but outside of an IMG tag (most browsers enable/disable various SVG features such as JS or an app cache manifest according to context).
There are also a ton of weird rendering modes that can be triggered for SVG (or MathML) and these can be used to bypass XSS sanitizers by means of mXSS which exploits differences in browser renderings when roundtripping content.
traspler: In older Outlook versions they've used IE to render the received mails but used a custom engine when you were writing/editing an email.
You could even use Word as an editor so you could generate the HTML using Word as your WYSIWYG IDE.
Microsoft Outlook - The Power of Word in Outlook
There is no widely-recognized consensus in the industry about what subset of HTML is appropriate for use in e-mail for interoperability.
The “Email Standards Project” does not represent a sanctioned standard or an industry consensus in this area.
Should such a consensus arise, we will of course work with other e-mail vendors to provide rich support in our products.
What is the OSI model?
It seems like there are at least 3 different ways to think about it:
A literal description of how TCP/IP works
An abstract model that you can use to describe and compare a lot of different networking protocols
A literal description of some computer networking protocols from the 1980s that are mostly no longer used today
a literal description of how TCP/IP works
Some layers of the OSI model are really easy to map to TCP/IP
L2 - Ethernet
L3 - IP
L4 - TCP/UDP
L7 - content of packets
This mapping makes a lot of sense for layers 2, 3, and 4 - TCP packets have 3 headers corresponding to these 3 layers (the Ethernet header, the IP header, and the TCP header).
layers 5 and 6 don’t really correspond to anything in TCP/IP
some parts of TCP/IP don’t fit well into the OSI model even around layers 2-4
ARP packet (send some data with an Ethernet header)
an abstraction for comparing networking protocols
to draw analogies between lots of different networking protocols
how Bluetooth fits into the OSI model: https://flylib.com/books/en/4.215.1.116/1/
a list of OSI layers and which specific networking protocols correspond to those OSI layers: https://en.wikipedia.org/wiki/List_of_network_protocols_(OSI_model)
a literal description of some obsolete protocols
the OSI model also contained a bunch of specific protocols implementing those layers
happened during the Protocol Wars in the 70s and 80s, where the OSI model lost and TCP/IP won.
TSMC bailed Qualcomm out of a jam earlier this year when the Snapdragon 888 produced by Samsung caused overheating issues
The overheating problem of Qualcomm's "Snapdragon 888" processor was caused by Samsung's manufacturing process, which affected the performance of Qualcomm's chips.
The report noted that it wasn't the first time that Samsung’s smartphone processors had such issues.
When Samsung and TSMC shared the A9 processor orders for Apple’s iPhone 6 and iPhone 6s, there was the "chip gate" incident.
Qualcomm's 5G chip operated by Samsung not only has an overheating problem.
According to a recent report from mainland China, a security vulnerability has appeared in Qualcomm’s Mobile Station Modem chip as well.
Why you can’t buy a thermapen on Amazon (2016)
jjeaff: The real reason they don't want their thermometers sold on amazon is because they are merely official US distributors of the Thermapen which is made by a British company, ETI. https://thermometer.co.uk/99-thermapen-thermometers
Amazon Sidewalk | Hacker News
squarefoot: So, if I buy a so called Smart-TV (not because I like it but because traditional ones are getting harder to find) but don't set up it on my home network so it can't phone home, it could scan around anyway and find other open devices more than willing to participate in my personal data exfiltration?
If the Amazon project succeeds, I would expect in a few months most home devices manufacturers, to partner to implement it so they have a way to circumvent users choices.
A New History of Asian Anti-Colonialism, Reviewed | The New Yorker
In “Underground Asia” (Harvard), Tim Harper provides the first comprehensive look at this dense web of resistance.
The Asian underground laid long-burning fuses across great distances—attacking colonial officials, organizing strikes, founding schools, plotting insurrections, and raining down tracts and pamphlets.
The new book, covering the first three decades or so of the twentieth century, serves as a prologue to the previous ones and is, if anything, more ambitious—concerned not only with the shape that Asia took but also with roads not travelled.
The story of the Asian underground has rarely been told, because no one has had much incentive to tell it.
Victorious anti-colonial nationalists in Indonesia and India had little interest in underscoring their debts to an earlier coterie of ghostly figures, many of whom had been their bitter rivals.
In the era of globalization, many historians preferred a narrative in which colonialism itself—fostering trade and cosmopolitanism in Asia’s port cities—brought about the conditions that allowed anti-imperial consciousness to flourish.
Others shied away from questioning the purity and the grassroots bona fides of the national revolutions, even if many of the uprisings were kindled by men and women who might have been disappointed by the patchwork of nations that Asia became.
[In Benedict Anderson’s classic book “Imagined Communities”,] Anderson argued that,
since most members of any nation are unlikely ever to encounter one another directly,
nationalism relies on the ability of the populace to imagine the nation as a whole,
and that its spread in modern times was therefore fuelled by the proliferation of newspapers and other media.
These allowed for “long-distance nationalism,” diasporic solidarities that could leap over international borders—or that today exist online.
Anderson and his generation of scholars saw nationalism in Asia as the work of,
on the one hand, élites who were educated by colonialism and then turned against it, and,
on the other, mobilizations by peasants and urban youth, whose national consciousness merely needed to be stirred.
In “Republicanism, Communism, Islam” (Cornell), a new book that complements Harper’s account,
the political scientist John Sidel, a student of Anderson’s,
adds fresh background to this picture.
Sidel thinks that the nationalist revolutions of Asia can be fully explained only if we understand how activists profited from older, non-colonial forms of organization that their societies provided.
In the Dutch East Indies, these were the Islamic schools that Communists and nationalists built upon;
in China and Vietnam, there were Confucian networks to draw on.
The more empires tried to cultivate loyal subjects capable of working in the colonial bureaucracy, the more they produced frustrated, overeducated, dangerous students, who coördinated across borders.
Thousands of men and women died in colonial jails and prison camps, but these places also became informal universities for the very ideological indoctrination they had been built to prevent.
All this might lead one to believe that nationalism was always the main driving force in postwar Asia, no matter how Red it once appeared.
The underground’s record of internationalism and its promise of equality still haunt these post-revolutionary states.
Booting an M1 Mac: external disks and local boot policy
Unlike a T2 Mac, M1 Macs don’t set one boot security policy for the Mac, but a policy for each bootable disk.
you can still ensure that, when it boots from its internal SSD it does so in Full Security, but your M1 Mac can be more relaxed when it boots from an external disk instead.
This is implemented in per-disk LocalPolicy files which are stored in the iSCPreboot container of the internal SSD at /[volume-group-uuid]/LocalPolicy/[policy-hash].img4.
the version of macOS installed on it must be the same as (or more recent than) that installed on the internal SSD
you can change this by dropping the boot policy for an external disk to Reduced Security.