HackerTrans
TopNewTrendsCommentsPastAskShowJobs

netheril96

no profile record

comments

netheril96
·9 days ago·discuss
> Our builds went _down_ from 1 minute to 2 seconds.

Just curious, what might be the cause of such speedup?
netheril96
·15 days ago·discuss
> They need to live more active lives.

When I become more active, I also become more hungry due to the extra energy consumption. The net effect is little weight loss and more often than not weight gain. While being physically active is beneficial to health in many ways, it does little for losing or maintaining weight, at least for me.
netheril96
·last month·discuss
Is it possible to complete assignments with AMD GPUs? Preferably on Windows.
netheril96
·2 months ago·discuss
Channels are not for everything. Plenty of mutex cases cannot be rewritten as channels, or will be very unwieldy so. In fact, every large Go project I have seen uses mutex here or there.
netheril96
·2 months ago·discuss
I've swinged between Go and Rust for my personal projects multiple times. For work, it is decided by the management so not my problem.

The biggest gripe I have with Go is the lack of *any* compile time check for mutex. Even C++ has extensions like ABSL_GUARDED_BY. For a language so proud on concurrency, it is strange not to have any guardrails.
netheril96
·2 months ago·discuss
We need an easy way to ensure that only kernel modules in an whitelist can load. I’m tired of blacklisting modules I never need.
netheril96
·2 months ago·discuss
You are assuming that LPE only applies to the user that holds all the sensitive stuff. But it also applies to users created specifically for isolation. Without LPE they would not have access to anything important even if they were compromised.
netheril96
·2 months ago·discuss
You are misinterpreting my goal here. I have patched my kernel against copy fail but I am thinking of ways to harden my setup against future CVEs in the kernel.

So the question is, before I learned about copy fail, what could I have done that would have limited the possible damage this vulnerability could do to me? CapabilityBoundingSet is one answer and rootless podman as mentioned in this article is another. They don’t prevent all but at least `su` is useless.
netheril96
·2 months ago·discuss
If the goal is just preventing full root privileges, a CapabilityBoundingSet in a systemd unit will do.

However copy fail can be used in many other ways not contained by containers or the above settings. For example it can modify the /etc/ssl/certs to prepare for MitM attacks. If you have multiple containers based on the same image then one compromised CA set affects another.
netheril96
·3 months ago·discuss
Maybe it's time to tax IPv4 usages or holders.
netheril96
·3 months ago·discuss
Does this work from a fork? That is, can I file a stacked PR to a project not owned by me, by creating branches in my forked project? Previously I asked AI about how to contribute stacked PR, it told me that I can only do it when I have push privileges to the repo, not from a fork, and the doc here is ambiguous.

----

OK, I found this from official docs, so this feature is now quite useless to me:

> Can stacks be created across forks?

> No, Stacked PRs currently require all branches to be in the same repository. Cross-fork stacks are not supported.
netheril96
·3 months ago·discuss
ETH is not afraid of doing hard forks, so I'm expecting that they will lead in adopting post quantum cryptography. And then BTC ecosystem participants can learn from ETH.
netheril96
·3 months ago·discuss
It would still tank the price. Right now many Bitcoins are lost because no one holds the keys any more. When they can hack it, suddenly the sell pressure significantly goes up.
netheril96
·9 years ago·discuss
In my experience, IntelliJ has even worse performance. Xcode is better, at the cost of very limited features.