HackerTrans
TopNewTrendsCommentsPastAskShowJobs

r4indeer

no profile record

comments

r4indeer
·il y a 18 jours·discuss
Let me support your argument by telling you what you just reminded me of...

I was briefly subscribed to the NYT from Germany. To my surprise, I couldn't cancel online, but had to call. (The EU has a law which requires that if you can subscribe online, you must be able to cancel online.)

They have national numbers for many countries, but they're just forwarders to the same call center, with notably mangled audio quality presumably due to multiple lossy compression algorithms applied at each hop of the call.

Additionally, there was lots of background noise when I got connected to a rep. Over this barely usable line, I was now asked to spell out my email address, which naturally took multiple attempts of painfully slow spelling before the rep was able to locate my account. (My very limited knowledge of the NATO alphabet didn't help.)

Of course, I then had to go through the spiel of declining alternative offers and providing a reason for my cancellation (all of which I never had to do in Germany before) before they finally confirmed it. Yeah, I'm glad about consumer protection law in the EU.
r4indeer
·il y a 2 mois·discuss
I'm conflicted on the use of AI in CTFs. On the one hand, they are supposed to mirror real-life scenarios, so of course you should be able to use any tool that would be available to you in real life.

On the other hand, CTFs are fundamentally a game and a competition which are supposed to be fun and compare and improve ones skill. So when I let an LLM generate the entire solution for me, what's the point anymore? I did not learn anything. I did not work for that place on the leaderboard, I just copied the solution. And worst of all, I did not have any fun. It's boring.

So how does using AI as a solver not feel like cheating?
r4indeer
·il y a 2 mois·discuss
The deal is in contrast to Anthropic and OpenAI who wanted additional restrictions regarding the use of their models for autonomous weapon control and domestic mass surveillance. The US government agreed to these terms in the case of OpenAI [0], yet publicly denounced Anthropic for wanting the same thing [1].

[0] https://openai.com/de-DE/index/our-agreement-with-the-depart...

[1] https://www.anthropic.com/news/statement-comments-secretary-...
r4indeer
·il y a 3 mois·discuss
If QC gets to the point where breaking RSA and ECC in the real world is actually going to happen, I'd imagine you will find a consensus rather quickly.
r4indeer
·il y a 4 mois·discuss
Ok, fair point. However, I would consider any MDM-enabled device fully "compromised" in the sense that the org can see and modify everything I do on it.
r4indeer
·il y a 4 mois·discuss
The argument regarding no certificate pinning seems to miss that just because I might be on a network that MITM's TLS traffic doesn't mean my device trusts the random CA used by the proxy. I'd just get a TLS error, right?
r4indeer
·il y a 4 mois·discuss
Bubblewrap is exactly what the Claude sandbox uses.

> These restrictions are enforced at the OS level (Seatbelt on macOS, bubblewrap on Linux), so they apply to all subprocess commands, including tools like kubectl, terraform, and npm, not just Claude’s file tools.

https://code.claude.com/docs/en/sandboxing