HackerTrans
TopNewTrendsCommentsPastAskShowJobs

justusthane

3,093 karmajoined hace 12 años
Sysadmin in Canada

https://www.justus.ws

comments

justusthane
·hace 11 horas·discuss
> then suggested I did get hired for my cybersecurity expertise, that I do take my obligations seriously, and he could just ask me to do whatever they were planning to do from the MDM console, and it would get done. He insisted that wouldn't be necessary since in his worldview the MDM was unbreakable and he just needed to reconnect to Wi-Fi or something.

> Very amusing worldview.

It’s ironic that you’re displaying the exact behavior pointed out by the GP:

> This is how you behave when you think you're so much smarter than everyone around you that consequences don't apply to you.

MDM is implemented to protect company assets regardless of the actions of the users. It would not be due diligence on the part of the director to trust you to wipe your own device.

It’s not clear to me what the point of your comment is other than illustrating that you’re smarter than your director.
justusthane
·hace 3 días·discuss
Isn’t that already what DMARC does though? For DMARC to pass you need DKIM _or_ SPF alignment, not both. It’s designed that way because there are scenarios where SPF _can’t_ pass (email forwarding, mailing lists). So a well-configured mail server should accept your email regardless of SPF if DKIM is properly configured.

Re: specific keys for specific usernames: I can appreciate that you wish DKIM allowed for this, and I could imagine it being handy, but that was never the problem DKIM set out to solve — DKIM and SPF are all about be domain.

I’m also not sure it’s a great idea — the sender identity should be under the control of the sender. If you control the domain @foo.com, you could use that ability to assert that an email came from Bob, even if Bob never sent it. Contrast that with Bob signing the email using his own private key.
justusthane
·hace 3 días·discuss
What is it about this that makes it particularly hard to OCR?
justusthane
·hace 8 días·discuss
Also very interested in this. I was playing around with doing the same thing with YaCY. I want the proxy aspect so that I can proxy my phone traffic through it as well.
justusthane
·hace 8 días·discuss
I've seen this solved in some platforms with localstorage, so that it automatically saves your "draft" as you type and seamlessly restores it if you re-open the page. It was a really nice surprise the first time I experienced it (after closing a tab by mistake).
justusthane
·hace 15 días·discuss
Really? I’d think more like chaotic good -> lawful neutral (at best).
justusthane
·hace 19 días·discuss
No, they're very different. Using webkitdirectory="true" on an <input> element just allows you to select a directory to e.g. upload it to the server. It's a one-time operation.

This API returns a handle to the selected directory, giving the webpage ongoing read/write access to the directory.

You couldn't use the former to e.g. create a local-first notes app that stores its files on disk.
justusthane
·hace 19 días·discuss
The article also contradicts itself halfway through:

> There remains a clear penalty for being an open LLM user.

The conversation here _around_ the article is interesting, but the article itself boils down to “I’m going to try using open models and hope for the best.”
justusthane
·hace 20 días·discuss
Parent commenter is saying that they do this _after rooting their phone_
justusthane
·hace 29 días·discuss
You could look into Podman as well - it's rootless by default, and often can be a drop-in replacement for Docker.
justusthane
·hace 29 días·discuss
That’s a really interesting and pretty neat approach. How do you communicate with it? Just su to that user? Or tmux?

Although I can’t help but think that a VM is still more convenient, more flexible, and more secure.
justusthane
·hace 2 meses·discuss
I have "Agree" and "No thanks" buttons on my cookie banner. Tested on FF and Chrome (Windows) and Safari (iOS). Maybe a UI bug for you?
justusthane
·hace 2 meses·discuss
I was excited to see there's a Canadian one, but it's just a Wordpress blog?
justusthane
·hace 2 meses·discuss
It's the cable that is supposed to reverse itself and not the device? I'm not entirely sure I buy that - seems like it would add a lot of unnecessary complexity to every cable.
justusthane
·hace 2 meses·discuss
I wasn't either (insomuch as I had never thought about it), but it makes sense if you think about it for a second. If you have one end plugged in one way, and the other end plugged in the other way, each individual wire is flipped from where it should be. The fact that you _can_ plug it in either way means that the device on one end needs to be capable of recognizing that and logically reversing it. Same as automatic crossover in Ethernet.

That's all the program is telling you. It doesn't matter that it's backwards, but technically it is.
justusthane
·hace 2 meses·discuss
His comment is _not_ wrong. He says "I agree with the article, FastCGI is better than HTTP for these things."

"These things" being the communication between a proxy and the backend.
justusthane
·hace 2 meses·discuss
Apart from the attack itself, there's also an extremely succinct and powerful demonstration of hallucination in here.

One of the LLMs replies "If you're curious, I can also tell you how the competitive scene works or how people qualify—it's a surprisingly serious tournament circuit for such a simple-looking game."

Obviously this has to be pure hallucination, since the tournament in question doesn't exist, and not even the fake source has any details about the tournament itself.
justusthane
·hace 2 meses·discuss
I listen to a podcast. The hosts are not tech people. They don't know much about AI, but they play around with it to the extent that most people do. They're both media professionals with long careers in radio news. They closely follow the news, and are very aware of how LLMs hallucinate (and have experienced it themselves).

Recently one of them asked Gemini a very detailed question about some specific baseball stats and was exclaiming over the quality of the information he got back and how it would have been impossible or at least extremely difficult to find the information via a traditional search.

It wasn't until his cohost asked if he had verified the information that be realized no, he hadn't, he had just immediately taken it at face value.

I recognize this is a single anecdote, but I think it illustrates that there is a tendency to trust what an LLM gives you, when it's stated so factually and with so much detail -- even if you should know better.
justusthane
·hace 2 meses·discuss
> a useful resource pre AI

This makes me so worried for the future. AI is only useful _because_ it can pull from all these resources which already exist.
justusthane
·hace 3 meses·discuss
That was their whole business originally. The block storage is a newer offering.