HackerTrans
TopNewTrendsCommentsPastAskShowJobs

netheril96

no profile record

comments

netheril96
·hace 9 días·discuss
> Our builds went _down_ from 1 minute to 2 seconds.

Just curious, what might be the cause of such speedup?
netheril96
·hace 15 días·discuss
> They need to live more active lives.

When I become more active, I also become more hungry due to the extra energy consumption. The net effect is little weight loss and more often than not weight gain. While being physically active is beneficial to health in many ways, it does little for losing or maintaining weight, at least for me.
netheril96
·el mes pasado·discuss
Is it possible to complete assignments with AMD GPUs? Preferably on Windows.
netheril96
·hace 2 meses·discuss
Channels are not for everything. Plenty of mutex cases cannot be rewritten as channels, or will be very unwieldy so. In fact, every large Go project I have seen uses mutex here or there.
netheril96
·hace 2 meses·discuss
I've swinged between Go and Rust for my personal projects multiple times. For work, it is decided by the management so not my problem.

The biggest gripe I have with Go is the lack of *any* compile time check for mutex. Even C++ has extensions like ABSL_GUARDED_BY. For a language so proud on concurrency, it is strange not to have any guardrails.
netheril96
·hace 2 meses·discuss
We need an easy way to ensure that only kernel modules in an whitelist can load. I’m tired of blacklisting modules I never need.
netheril96
·hace 2 meses·discuss
You are assuming that LPE only applies to the user that holds all the sensitive stuff. But it also applies to users created specifically for isolation. Without LPE they would not have access to anything important even if they were compromised.
netheril96
·hace 2 meses·discuss
You are misinterpreting my goal here. I have patched my kernel against copy fail but I am thinking of ways to harden my setup against future CVEs in the kernel.

So the question is, before I learned about copy fail, what could I have done that would have limited the possible damage this vulnerability could do to me? CapabilityBoundingSet is one answer and rootless podman as mentioned in this article is another. They don’t prevent all but at least `su` is useless.
netheril96
·hace 2 meses·discuss
If the goal is just preventing full root privileges, a CapabilityBoundingSet in a systemd unit will do.

However copy fail can be used in many other ways not contained by containers or the above settings. For example it can modify the /etc/ssl/certs to prepare for MitM attacks. If you have multiple containers based on the same image then one compromised CA set affects another.
netheril96
·hace 3 meses·discuss
Maybe it's time to tax IPv4 usages or holders.
netheril96
·hace 3 meses·discuss
Does this work from a fork? That is, can I file a stacked PR to a project not owned by me, by creating branches in my forked project? Previously I asked AI about how to contribute stacked PR, it told me that I can only do it when I have push privileges to the repo, not from a fork, and the doc here is ambiguous.

----

OK, I found this from official docs, so this feature is now quite useless to me:

> Can stacks be created across forks?

> No, Stacked PRs currently require all branches to be in the same repository. Cross-fork stacks are not supported.
netheril96
·hace 3 meses·discuss
ETH is not afraid of doing hard forks, so I'm expecting that they will lead in adopting post quantum cryptography. And then BTC ecosystem participants can learn from ETH.
netheril96
·hace 3 meses·discuss
It would still tank the price. Right now many Bitcoins are lost because no one holds the keys any more. When they can hack it, suddenly the sell pressure significantly goes up.
netheril96
·hace 9 años·discuss
In my experience, IntelliJ has even worse performance. Xcode is better, at the cost of very limited features.