HackerLangs
TopNewTrendsCommentsPastAskShowJobs

pamcake

289 karmajoined hace 6 meses

Submissions

Linux Kernel 6.12.86 and 6.18.27 released

linuxcompatible.org
3 points·by pamcake·hace 2 meses·1 comments

The watchers, pt. 2: the correspondence

vmfunc.re
6 points·by pamcake·hace 5 meses·2 comments

Konform Browser

codeberg.org
2 points·by pamcake·hace 5 meses·0 comments

What is happening to the Internet in Venezuela? Did U.S. use cyber capabilities?

securityaffairs.com
10 points·by pamcake·hace 6 meses·4 comments

[untitled]

1 points·by pamcake·hace 6 meses·0 comments

comments

pamcake
·ayer·discuss
Anyone using or been trying out Radicle recently?

https://radicle.dev

EDIT: https://news.ycombinator.com/item?id=48147603
pamcake
·hace 12 días·discuss
Yes you should. It will come naturally if you go down the road of separating code from data and properly isolating dev and prod environments, applying principle of least privilege as you do.

.env files for creds are a convenience for dev and testing. They were never supposed to be used for security or carried around with sensitive stuff inside. None of this is new.
pamcake
·hace 12 días·discuss
The answer is the same: You give it either read-only or its own copy separate from the one you care about.

The requested feature wouldn't be a robust solution here either for the same reasons.

Besides, have you noticed the amount of other amateur-hour bugs anf jank in Codex going for weeks or months without proper resolution? Given that, why would you want and trust their solution here over alternatives, specifically?
pamcake
·hace 13 días·discuss
It's not their problem to solve. Don't give it access to sensitive files on the first place.
pamcake
·hace 2 meses·discuss
Are those things you are personally struggling with (if you are considering quitting open source contribitions wholesale: don't let this make you) or is this a showcase of rationalization?
pamcake
·hace 2 meses·discuss
You can test this locally yourself with mitmproxy, opensnitch, or whatever.

You can try building the (supposedly) open-source apps you use from source.

Everyone opining here should MitM themselves every now and then. If not for your own security then maybe to make sure you're not participating in psyop when opining online and resharing hearsay or old truisms.
pamcake
·hace 2 meses·discuss
> Obviously playing Kasparov on the board requires more planning ability than managing a McDonald's

Not obvious and in fact I think the opposite is way more likely. Chess is well-defined and self-contained in a way that managing a restaurant with fleshy customers never will be.
pamcake
·hace 2 meses·discuss
At what point did/does it start feeling naive to trust the integrity and output of Github Actions on general? Does it feel unlikely that an attacker would be able to get a foothold in that infrastructure?
pamcake
·hace 2 meses·discuss
I really hope this pushes users (here: devs and maintainers) to decrease their reliance on Microsoft and especially stop outsourcing security to them.

Migrate off vscode already.
pamcake
·hace 2 meses·discuss
What of it?

You are not responding to the debunking of your "Value doesn't have anything to do with utility" claim.

The only relevant thing I can see here is that yes, the volume is too low to provide any sense of untracability for the scenario discussed. It might for paying your VPN subscription.
pamcake
·hace 2 meses·discuss
Guess: 30B MOA with 3B active
pamcake
·hace 2 meses·discuss
In this case it does. You can't funnel huge amounts through a coin with usually small volume and market cap and expect any sense of anonymity or privacy. The delta makes it obvious. It would probably be visible via movements on markets too.

For smaller amounts this is not a problem for the same coin and network.

Your volume might support $10k but not $10m.
pamcake
·hace 2 meses·discuss
docs: https://github.com/feder-cr/invisible-firefox/blob/12b3a6d44...
pamcake
·hace 2 meses·discuss
> I put together these annotated slides from my five minute lightning talk at PyCon US 2026

Is there a video or audio of this talk?
pamcake
·hace 2 meses·discuss
This kind of post really shouldn't require client-side js — from third-party domain — to read...

static markdown version: https://raw.githubusercontent.com/ze3tar/ze3tar.github.io/9d...
pamcake
·hace 2 meses·discuss
https://www.theregister.com/software/2026/04/30/mozilla-push...

Remember AMP?
pamcake
·hace 2 meses·discuss
I don't understand this choice at all. What do you base your trust on here?
pamcake
·hace 2 meses·discuss
> I'm announcing the release of the 6.12.86 kernel.

> All users of the 6.12 kernel series must upgrade.

https://lwn.net/Articles/1071571/
pamcake
·hace 2 meses·discuss
Alternative readable rendering: https://www.terrygodier.com/the-boring-internet/ascii
pamcake
·hace 2 meses·discuss
Another good introduction, full-nonsense: http://landoflisp.com/