HackerTrans
TopNewTrendsCommentsPastAskShowJobs

SEJeff

11,194 karmajoined 15 tahun yang lalu
I <3 Linux.

Submissions

The Queen's Duck

bwiggs.com
1 points·by SEJeff·2 bulan yang lalu·0 comments

LavaMoat – securing JavaScript supply chains

github.com
1 points·by SEJeff·2 bulan yang lalu·0 comments

Static Analysis for GitHub Actions

github.com
1 points·by SEJeff·2 bulan yang lalu·1 comments

I won a championship that doesn't exist

ron.stoner.com
232 points·by SEJeff·2 bulan yang lalu·132 comments

Don't Trust, Verify

daniel.haxx.se
5 points·by SEJeff·4 bulan yang lalu·0 comments

Everyone is wrong about NotebookLM

medium.com
5 points·by SEJeff·4 bulan yang lalu·0 comments

Caddy Server Release Process

github.com
3 points·by SEJeff·5 bulan yang lalu·3 comments

Testing the Pugilism Hypothesis for the Evolution of Human Facial Hair

pubmed.ncbi.nlm.nih.gov
3 points·by SEJeff·5 bulan yang lalu·0 comments

comments

SEJeff
·5 hari yang lalu·discuss
It isn’t really a meme if it’s true is it?

Note: am not furry, but have worked with several.
SEJeff
·bulan lalu·discuss
You win the internet friend
SEJeff
·bulan lalu·discuss
I’m 42, never went to college (I joined the army) and am now a Principal Security Engineer at a serious computer security firm. I’ve got a background in Linux high performance computing and software engineering.

If I can do this, anyone can. I believe in you internet friend. In tech, every day’s a school. Embrace it and learn something new daily, or get left behind. You’ve got this
SEJeff
·bulan lalu·discuss
Pick a problem you’re interested in and just work on solving it, in go. The best way to learn is to hit the rough edges and just keep going.

If an oldie like me can learn go well so can you
SEJeff
·bulan lalu·discuss
Oh yes, because the well documented clean syntax of sys v init shell scripts was so nice.

If I never recall hacking in ulimit calls in the top of buggy shell scripts for crappy old services that done respect pam_limits it won’t be soon enough.
SEJeff
·bulan lalu·discuss
This is why Ukraine is so excited to get up to 150 Gripens (with Meteor loadout) from the Swedes.
SEJeff
·2 bulan yang lalu·discuss
Their action is also super handy: https://github.com/zizmorcore/zizmor-action

Use pinact (you can brew install it) to pin it by checksum: https://github.com/suzuki-shunsuke/pinact
SEJeff
·2 bulan yang lalu·discuss
Just gonna leave this absolute gem from Thomas Ptacek on DNSSEC here:

https://sockpuppet.org/blog/2015/01/15/against-dnssec/
SEJeff
·2 bulan yang lalu·discuss
https://graphify.net and trail of bits’s trail mark https://github.com/trailofbits/trailmark

Both use treesitter and create knowledge graphs for llm use. It results in way less tokens spent as well.
SEJeff
·3 bulan yang lalu·discuss
The US Navy has been working on their idea of a holy grail they have deemed the free electron laser[1]

[1] https://boeing.mediaroom.com/2010-03-18-Boeing-Completes-Pre...
SEJeff
·3 bulan yang lalu·discuss
I believe tools like graphify cut down the tokens in thinking dramatically. It makes a knowledge graph and dumps it into markdown that is honestly awesome. Then it has stubs that pretend to be some tools like grep that read from the knowledge graph first so it does less work. Easy to setup and use too. I like it.

https://graphify.net/
SEJeff
·3 bulan yang lalu·discuss
Michael Meek’s referenced blog post. The irony is I remember him championing openness for OpenOffice and I remember how transparent he was when he helped found libreoffice and TDF. What a shame we have devolved to this situation.

https://www.collaboraonline.com/blog/tdf-ejects-its-core-dev...
SEJeff
·3 bulan yang lalu·discuss
https://docs.npmjs.com/trusted-publishers/#recommended-restr... This helps mitigate spear phished privileges employees pushing hacked npm packages entirely.
SEJeff
·4 bulan yang lalu·discuss
Palantir maven uses Claude. This is not misinformation, but fact.

https://www.reuters.com/technology/palantir-faces-challenge-...
SEJeff
·4 bulan yang lalu·discuss
Fun fact: Palantir is powered entirely by Claude and was what was used for the Venezuela operation and for targeting for the Iranian operation.
SEJeff
·4 bulan yang lalu·discuss
It definitely has profiling client libraries https://grafana.com/docs/pyroscope/latest/configure-client/l...
SEJeff
·4 bulan yang lalu·discuss
I wonder how this compares to grafana pyroscope, which is really good for this sort of thing and already quite mature:

https://grafana.com/oss/pyroscope/

https://github.com/grafana/pyroscope
SEJeff
·4 bulan yang lalu·discuss
Well played good sir, well played
SEJeff
·4 bulan yang lalu·discuss
That’s not a builtin, so wouldn’t it be:

   #include <old-man-shouting-at-clouds.h>
SEJeff
·4 bulan yang lalu·discuss
man -k, apropos, but less to type