HackerTrans
TopNewTrendsCommentsPastAskShowJobs

emilfihlman

675 karmajoined 9 tahun yang lalu
emil.fi Aalto EE/ECE

Submissions

Google asking many to select a client certificate erroneously

15 points·by emilfihlman·26 hari yang lalu·8 comments

comments

emilfihlman
·14 jam yang lalu·discuss
I'm quite willing to bet it can be done in this era of enabling developers with slob, which still usually works.
emilfihlman
·3 hari yang lalu·discuss
Until this bug is fixed, there's no trusting Bun

This is also not a memory issue but an actual logic issue, so Rust doesn't help there.

https://github.com/oven-sh/bun/issues/14144
emilfihlman
·3 hari yang lalu·discuss
I hope they fixed the models in that they don't interrupt and jump in and that you can order them to be silent. Previous model could not be silent and always cut me off and spoke over me.
emilfihlman
·22 hari yang lalu·discuss
I would just like to point to a single issue that has major ramifications in using Bun:

https://github.com/oven-sh/bun/issues/14144
emilfihlman
·26 hari yang lalu·discuss
I have no vpn on my part.
emilfihlman
·26 hari yang lalu·discuss
Yeah I would definitely hit no. Should have collected network information while it happened.

What was also interesting is that it prompted me to select a certificate that was definitely not for that page, ie. it accepted any and all certs, not just ones that are for a certain page (I have incus web generated certificates that should be only for that domain and page, which definitely have nothing to do with Google).
emilfihlman
·bulan lalu·discuss
It's akin to an SCP infohazard or memetics.

The way llms are right now, and the way humans are, there is no side channel.

It's all about training, but even with extensive training, output breaks down if it's probability based and not hard logic and state machine.
emilfihlman
·bulan lalu·discuss
Any text generation model can easily be made to support tool calls.
emilfihlman
·bulan lalu·discuss
It reduces their credibility if they misrepresent the story.
emilfihlman
·bulan lalu·discuss
Yes I agree that it's quite silly, of course if we assume they acted in a reasonable way (which I can't say for certain if the security had to result to forcefully ejecting them).

It very badly damages credibility to misrepresent what happened. It doesn't further the cause, only damages it.
emilfihlman
·bulan lalu·discuss
>“They were respectfully given the opportunity to cease this behavior and chose not to which is why they were escorted out.”

I understand the want to protest, but you do know that misrepresentation doesn't help, right?

Refusing to cease by an even organisers order will, yes, result in being escorted out forcefully by security.
emilfihlman
·2 bulan yang lalu·discuss
Actually, maybe you are correct and I should.
emilfihlman
·2 bulan yang lalu·discuss
[flagged]
emilfihlman
·2 bulan yang lalu·discuss
Civil servant's info is public information (at least in Finland it is).

It's good that bureaucrats can't hide behind bureaucracy.
emilfihlman
·2 bulan yang lalu·discuss
>They are not the ones with the power to decide what happens

This is a very naive interpretation. Bureaucrats have MASSIVE amount of power and control, and in actuality decide many things and how the law is written.
emilfihlman
·2 bulan yang lalu·discuss
Same. Without that I could remove all npm dependence, which would greatly improve security.
emilfihlman
·2 bulan yang lalu·discuss
Because it entirely removes dependency for external libraries and package repositories, like npm, for basic internet interoperability.

I (also) basically use only one package: ws.
emilfihlman
·2 bulan yang lalu·discuss
It's so sad that node refuses to add websocket server support.

Adding websocket would simplify stuff tremendously, as well as make deployments much, much more secure.
emilfihlman
·2 bulan yang lalu·discuss
I very much don't think this blog post passes any sniff test for anything to be taken seriously or given much thought, it's just political agenda posting.

However, there is an interesting question on how presidential physical and mental fitness is evaluated. Does anyone have insight into what rules and regulations govern this and do they have any (preferably supreme court validated) backing?
emilfihlman
·2 bulan yang lalu·discuss
Rust is a passing faux, safe C will just overtake it.