HackerLangs
TopNewTrendsCommentsPastAskShowJobs

lima

8,794 karmajoined 10 वर्ष पहले

comments

lima
·5 दिन पहले·discuss
Even if you can't authenticate at the application level, it's still much better to encrypt/authenticate traffic on the wire (using a VPN or something like Tailscale) instead of 802.1x auth.
lima
·5 दिन पहले·discuss
Non commercial licenses are not generally considered open source
lima
·7 दिन पहले·discuss
Google solved credential phishing a long time ago using hardware tokens (gnubby - the predecessor to FIDO/U2F/Passkeys...).

There's other types of social engineering, but phishing is mostly an engineering issue.
lima
·7 दिन पहले·discuss
Probably 802.1x, but it's easy to bypass if you have access to an authorized device. This kind of authentication has to be done at the application level, treating the network as a perimeter doesn't work.
lima
·8 दिन पहले·discuss
The company also should have restricted network access to the port in the conference room so that an unknown device like a Raspberry Pi could not make an Ethernet connection from that spot

Bad take - the actual problem is that there was a trusted network in the first place. This kind of network access control is trivial to bypass, and trusted devices can get compromised.
lima
·8 दिन पहले·discuss
This. It's easy to forget that Postgres is fundamentally a single-node database without distributed transactions. It won't pass the Jepsen test suite with multiple nodes. DBOS, Temporal and friends inherit this limitation.

Something like Restate actually implements distributed transactions.
lima
·8 दिन पहले·discuss
[dead]
lima
·10 दिन पहले·discuss
Gerrit's new UI comes pretty close, and it's also what Google uses for projects living outside of google3.

GitHub's PR review workflow is archaic in comparison, especially now that every page takes 2-3 seconds to load.
lima
·10 दिन पहले·discuss
Don't worry, they accept PRs on that repo. They just merge them internally and then re-export them.

There are some variations, but this is generally the same with all open source projects which live in their internal monorepo, such as gVisor or Bazel.
lima
·पिछला माह·discuss
Yes it will, there's a clear purpose and the customer explicitly agrees.
lima
·पिछला माह·discuss
Fable on GCP requires accepting a 60-day retention policy: https://cloud.google.com/terms/advanced-ai-safety-addendum

I don't think it mentions sharing the data with third parties such as Anthropic?
lima
·पिछला माह·discuss
Higher IO latencies in HDs might actually make this attack easier - more contention means more bits of data.
lima
·2 माह पहले·discuss
Shor published multiple quantum algorithms, including one for discrete logarithms. The term is sometimes used interchangeably.

They're closely related, ECC and RSA are both instances of the hidden subgroup problem.
lima
·3 माह पहले·discuss
> How do you know the clanker respects the instruction not to search the internet?

You can't, but given that it's a previously unsolved problem, it doesn't seem relevant? (nor are the author's potential biases - the claims are easily verified independently)
lima
·4 माह पहले·discuss
We tried this, but the quota for Opus models defaults to 0 on VertexAI and quota increase requests are auto-rejected.

Any tips?
lima
·4 माह पहले·discuss
No, unless you count tricks which are explicitly against ToS
lima
·4 माह पहले·discuss
They use a buffer battery, it's quite feasible with that.
lima
·4 माह पहले·discuss
You can still use OpenCode with the Anthropic API.
lima
·4 माह पहले·discuss
Fun fact: In Germany, the civil courts will usually take the case anyways if it has merit, but the winner ends up paying for the whole lawsuit if they failed to make an effort to resolve the case before suing.
lima
·4 माह पहले·discuss
And Hungary is pretty much a rogue EU state - their government did go full authoritarian and is aligned with Russia.