HackerTrans
TopNewTrendsCommentsPastAskShowJobs

hleszek

no profile record

Submissions

Show HN: Notebook page on llama.cpp official webui

github.com
1 points·by hleszek·5 bulan yang lalu·0 comments

comments

hleszek
·2 bulan yang lalu·discuss
I just completed the course and a big part of it was in fact to warn not to use it to send private data.
hleszek
·2 bulan yang lalu·discuss
No, it works using Malta eID identification system which needs you to be a citizen or a resident.
hleszek
·2 bulan yang lalu·discuss
Why are tiles small BTW? Could we use tiles as big as normal solar panels?
hleszek
·2 bulan yang lalu·discuss
It is not a meme, it's an xkcd: https://xkcd.com/810/
hleszek
·2 bulan yang lalu·discuss
Like the Delamain AI in Cyberpunk. You would need to allow anonymous payments with cryptocurrencies for that, but it's coming for sure.
hleszek
·2 bulan yang lalu·discuss
For open-weights models, censorship removal is now a "solved" problem. If you wait a few days after a new model release, someone will have made a heretic ( https://github.com/p-e-w/heretic ) version with the censorship removed, so in a way the only use for censorship now is to avoid lawsuits, not reduce improper usage.
hleszek
·2 bulan yang lalu·discuss
Please mention and support llama.cpp directly instead of ollama.
hleszek
·3 bulan yang lalu·discuss
Why not try to find a successor instead of archiving the repo and forbidding the use of the name? I'm sure with a 3.8k stars repo you'll find competent people willing to continue the work.
hleszek
·3 bulan yang lalu·discuss
The latest Qwen3.6 model is very impressive for its size. Get an RTX 3090 and go to https://www.reddit.com/r/LocalLLaMA/ to see the latest news on how to run models locally. Totally fine for coding.
hleszek
·3 bulan yang lalu·discuss
I completely understand why measuring the length of coastlines is not possible but surely measuring a trail should be doable quite easily, you could simply use a gps tracker and it would be precise enough.
hleszek
·3 bulan yang lalu·discuss
Thanks! I works. I modified my ~/.tmux.conf file to be like this:

# Activate mouse mode

set -g mouse on

# Enter copy mode and scroll up with PageUp

bind-key -n Pageup copy-mode -u

# Scroll down with PageDown; if at the bottom, it will exit copy mode automatically

bind-key -T copy-mode-vi Pagedown send-keys -X page-down

bind-key -T copy-mode-vi Pageup send-keys -X page-up
hleszek
·3 bulan yang lalu·discuss
I love tmux but one thing which really annoys me is the fact that I cannot use the mouse wheel or the scroll back to see the previous content. I know there are shortcuts to go forward and back but I always forget them and they are not easily accessible on my keyboard and cumbersome.
hleszek
·3 bulan yang lalu·discuss
[dead]
hleszek
·4 bulan yang lalu·discuss
https://xcancel.com/BarakRavid/status/2027830773328302396
hleszek
·5 bulan yang lalu·discuss
you can see them in the report at the bottom, but I counted four. See my post above.
hleszek
·5 bulan yang lalu·discuss
That's much better, thanks. According to the Bitwarden blog post: https://bitwarden.com/blog/security-through-transparency-eth... which contains its full cryptography report at the end, all the issues have been fixed except a few which are considered part of the design (see below), so if I understand correctly you have nothing to worry about if you don't use organizations and use a strong password.

Issue 5: Organisation Key Injection (Medium)

When users interact with organizations, a trust relationship is established through the exchange of cryptographic keys. A malicious server could add users to arbitrary organizations by encrypting an organization symmetric key under the user's public key and including it in sync responses. The client would silently accept the new organization membership. Alternatively, when a user creates an organization, the malicious server could substitute the newly created organization's keys with attacker-controlled keys during the post-creation sync.

Issue 7: Disable KDF Bruteforce Protection (Low)

Bitwarden uses Password-Based Key Derivation Functions (PBKDF2 or Argon2id) to derive the master key from the user's master password. The iteration count – currently defaulting to 600,000 for PBKDF2 – provides brute-force resistance. The researchers identified that KDF settings are stored on the server without authentication, allowing a malicious server to reduce the iteration count and receive a master key hash that is faster to brute-force.

Issue 9: Malleable Vault Format and Unencrypted Metadata (Low)

The researchers identified that while individual fields are encrypted, metadata about field positions and item structure is not integrity-protected, potentially allowing field reordering or item manipulation

Issue 10: Access Violation in Organisation Collections (Low)

Organization collections enable shared access to vault items among organization members. By design, the organization symmetric key is shared with all organization members, allowing them to access collection contents to which they have specifically been granted access
hleszek
·5 bulan yang lalu·discuss
Why not allow the user to provide the seed used for the generation. That way at least we can detect if the model has changed if the same prompt with the same seed suddenly gives a new answer (assuming they don't cache answers), you could compare different providers which supposedly use the same model, and if the model is open-weight you could even compare yourself on your own hardware or on rented gpus.
hleszek
·5 bulan yang lalu·discuss
That has always been a thing since the invention of computers. The great thing about computers is that they do exactly what you ask them to do. The problem with computers is that they do exactly what you ask them to do.
hleszek
·5 bulan yang lalu·discuss
The first Dune game (https://en.wikipedia.org/wiki/Dune_(video_game)) was the first video game I played as a child, it was amazing and it aged a bit better than Dune II in my opinion.
hleszek
·5 bulan yang lalu·discuss
Why would they do that? When I started learning VIM more than 20 years ago, one of the main reason was that it (or vi) was already present and installed in every possible Linux system.