HackerTrans
TopNewTrendsCommentsPastAskShowJobs

netheril96

no profile record

comments

netheril96
·قبل 9 أيام·discuss
> Our builds went _down_ from 1 minute to 2 seconds.

Just curious, what might be the cause of such speedup?
netheril96
·قبل 15 يومًا·discuss
> They need to live more active lives.

When I become more active, I also become more hungry due to the extra energy consumption. The net effect is little weight loss and more often than not weight gain. While being physically active is beneficial to health in many ways, it does little for losing or maintaining weight, at least for me.
netheril96
·الشهر الماضي·discuss
Is it possible to complete assignments with AMD GPUs? Preferably on Windows.
netheril96
·قبل شهرين·discuss
Channels are not for everything. Plenty of mutex cases cannot be rewritten as channels, or will be very unwieldy so. In fact, every large Go project I have seen uses mutex here or there.
netheril96
·قبل شهرين·discuss
I've swinged between Go and Rust for my personal projects multiple times. For work, it is decided by the management so not my problem.

The biggest gripe I have with Go is the lack of *any* compile time check for mutex. Even C++ has extensions like ABSL_GUARDED_BY. For a language so proud on concurrency, it is strange not to have any guardrails.
netheril96
·قبل شهرين·discuss
We need an easy way to ensure that only kernel modules in an whitelist can load. I’m tired of blacklisting modules I never need.
netheril96
·قبل شهرين·discuss
You are assuming that LPE only applies to the user that holds all the sensitive stuff. But it also applies to users created specifically for isolation. Without LPE they would not have access to anything important even if they were compromised.
netheril96
·قبل شهرين·discuss
You are misinterpreting my goal here. I have patched my kernel against copy fail but I am thinking of ways to harden my setup against future CVEs in the kernel.

So the question is, before I learned about copy fail, what could I have done that would have limited the possible damage this vulnerability could do to me? CapabilityBoundingSet is one answer and rootless podman as mentioned in this article is another. They don’t prevent all but at least `su` is useless.
netheril96
·قبل شهرين·discuss
If the goal is just preventing full root privileges, a CapabilityBoundingSet in a systemd unit will do.

However copy fail can be used in many other ways not contained by containers or the above settings. For example it can modify the /etc/ssl/certs to prepare for MitM attacks. If you have multiple containers based on the same image then one compromised CA set affects another.
netheril96
·قبل 3 أشهر·discuss
Maybe it's time to tax IPv4 usages or holders.
netheril96
·قبل 3 أشهر·discuss
Does this work from a fork? That is, can I file a stacked PR to a project not owned by me, by creating branches in my forked project? Previously I asked AI about how to contribute stacked PR, it told me that I can only do it when I have push privileges to the repo, not from a fork, and the doc here is ambiguous.

----

OK, I found this from official docs, so this feature is now quite useless to me:

> Can stacks be created across forks?

> No, Stacked PRs currently require all branches to be in the same repository. Cross-fork stacks are not supported.
netheril96
·قبل 3 أشهر·discuss
ETH is not afraid of doing hard forks, so I'm expecting that they will lead in adopting post quantum cryptography. And then BTC ecosystem participants can learn from ETH.
netheril96
·قبل 3 أشهر·discuss
It would still tank the price. Right now many Bitcoins are lost because no one holds the keys any more. When they can hack it, suddenly the sell pressure significantly goes up.
netheril96
·قبل 9 سنوات·discuss
In my experience, IntelliJ has even worse performance. Xcode is better, at the cost of very limited features.