HackerTrans
TopNewTrendsCommentsPastAskShowJobs

guiambros

10,725 karmajoined 17 anni fa
Hacker, developer, entrepreneur.

@guiambros on twitter.

nospamHN at wrgms.com.

Comments are my own, and do not represent my employer or anyone else.

--

[ my public key: https://keybase.io/guiambros; my proof: https://keybase.io/guiambros/sigs/XWO9Wth2q7MSNMQLcZ83jqGh-kXYcfINRphBE6NxZ6s ]

Submissions

Under the Hood of "Sum Ergo Demonstro" Demo [video]

youtube.com
3 points·by guiambros·mese scorso·0 comments

[untitled]

1 points·by guiambros·mese scorso·0 comments

Analysis of X algorithm

twitter.com
1 points·by guiambros·2 mesi fa·0 comments

The latest X algorithm has been published to GitHub

twitter.com
52 points·by guiambros·2 mesi fa·23 comments

[untitled]

1 points·by guiambros·2 mesi fa·0 comments

"Security problems are just bugs" (2017)

lkml.org
3 points·by guiambros·2 mesi fa·1 comments

Database Turing Award Winner Mike Stonebraker [video]

youtube.com
3 points·by guiambros·3 mesi fa·0 comments

Air Powered Segment Display [video]

youtube.com
14 points·by guiambros·3 mesi fa·0 comments

AI's Next Frontier: Insights from Jeff Dean and Bill Dally In

youtube.com
1 points·by guiambros·3 mesi fa·0 comments

ChatGPT vs. Electrical Engineering Graduate-Level Course Final Exam

youtube.com
3 points·by guiambros·3 mesi fa·0 comments

Paul Graham, Founder Y Combinator [video]

youtube.com
3 points·by guiambros·3 mesi fa·0 comments

Nothing new to see here

feld.com
11 points·by guiambros·3 mesi fa·13 comments

The result of Joe Grand's $75M bulk hack [video]

youtube.com
2 points·by guiambros·3 mesi fa·0 comments

Andrej Karpathy's lab has received the first DGX Station GB300

twitter.com
1 points·by guiambros·4 mesi fa·2 comments

Ask HN: What is thick black row above top of header?

4 points·by guiambros·4 mesi fa·6 comments

How Michael Abrash doubled Quake framerate

fabiensanglard.net
2 points·by guiambros·5 mesi fa·0 comments

Biggest Computer Science Breakthroughs in 2025 [video]

youtube.com
2 points·by guiambros·5 mesi fa·0 comments

South Korean crypto firm accidentally sends $44B in Bitcoin to users

cnbc.com
3 points·by guiambros·5 mesi fa·0 comments

The Tragedy of Supernatural

theverge.com
4 points·by guiambros·5 mesi fa·1 comments

[untitled]

1 points·by guiambros·6 mesi fa·0 comments

comments

guiambros
·7 giorni fa·discuss
You missed the point (and I should have clarified better). It's not that 1 Gbps is bad; it's pretty good, actually. And I do think Verizon is one of the least bad options.

The problem is that there's zero competition. And while many other countries have 2, 5, 8Gbps available, there's zero reason for Verizon to offer it, despite being a densely populated area.

And 1 Gbps has been the max available for 10 years. It's very likely in 2036 we'll be in the exact same situation.

I wish we had a model like Switzerland, where the fiber is centrally managed, and providers compete just to connect you to the network.
guiambros
·8 giorni fa·discuss
I live in NYC, one of the most densely populated cities in the world, and yet Verizon Fios 1 Gbps is my only option. I tried to upgrade to Fios 2 Gbps, but it's not available. Spectrum only goes to 200Mbps; no other providers in my area.

I have no idea if Switzerland is any better, but the US situation in 2026 is appalling. If we're this bad in NYC, imagine what someone in rural America goes through.
guiambros
·mese scorso·discuss
Dec 2022:

Articulating ideas: https://x.com/GuiAmbros/status/1598897735955988481

Code: https://x.com/GuiAmbros/status/1599282083838296064
guiambros
·mese scorso·discuss
Dave Jones didn't spare words [1] on how insane it was to have a jellybean component changing specs so significantly, particularly the input voltage from 22V to 18V, the removal of offset trim, and more.

[1] https://www.youtube.com/watch?v=22ZmmZ67SMY
guiambros
·mese scorso·discuss
Direct link, to save others a search: https://store.steampowered.com/app/4252730/Cosmic_Gold_Rush/

Well done! Reminds me of Atari's Asteroids, with a modern take.
guiambros
·mese scorso·discuss
It doesn't seem the case; the study was made purely on behavioral conditioning. And mosquitoes don't live very long, so it's unlikely they'd learn this in practice, outside of a very controlled environment.

But there's a natural selective pressure, and it's plausible that mosquitoes would eventually evolve their sensors to become attracted to DEET, over multiple generations. And with each generation lasting only 20-30 days and a single female mosquito laying 300-500 eggs in total, they can evolve orders of magnitude faster than us.
guiambros
·2 mesi fa·discuss
It works well on Android. Just zoom in and click the number, and you can breakdown per state. Click on any state number and it breaks down per city.

Pretty functional design.
guiambros
·2 mesi fa·discuss
It's really unfortunate that FPGA development is still stuck in the 90s. The incentives between IP owners and hobbyists are so misaligned that I don't see the possibility of this ever improving.

The market is full of dark patterns, and vendors like AMD/Xilinx can pull shitty moves like what OP highlighted, knowing there is no decent alternative (Altera is another disaster). Lattice had the opportunity to fully embrace opensource toolchain and try to disrupt from the bottom, but they seem stuck in the middle, not wanting to commit one way or another.

I'm grateful to SymbiFlow, and IceStorm and others, even though they obviously lack support for proprietary hardware features.
guiambros
·2 mesi fa·discuss
Plus now you get access to Safari books, and you also have their online library, so virtually any books you may need are accessible for free.

(That's for the CS graduate program; not sure about others)
guiambros
·2 mesi fa·discuss
Well, it certainly wasn't for lack of warning about the glaring risks...

https://github.com/microsoft/vscode/issues/52116
guiambros
·2 mesi fa·discuss
What a horrible title. This has nothing to do with PyTorch (other than the relationship you mentioned).

A better title would be the Github repo title: "Computational Refutation of Quantum Superactivation"
guiambros
·2 mesi fa·discuss
This is awesome news. Thank you for the great work, and being so open to suggestions from the community. That's what makes Obsidian a world apart from all its competitors and predecessors.
guiambros
·2 mesi fa·discuss
This is fantastic news. Just a few days ago I mentioned [1] the Obsidian Community Plugins model was broken and needed an overhaul. This is a step in the right direction.

If I may, two suggestions:

1) Allow the user to filter for plugins based on the desired level of strictness (manually reviewed, safety rating, etc).

2) The Disclosures seems a bit too lenient. For example, the popular Templater plugin [2] gets a 92 rating, with Excellent Health and Satisfactory review. But the disclosures are pretty concerning: dynamic code execution, network calls, wasm blobs, malware scan not available, etc.

I know it's tricky to boil this down to a single numerical score that works for everyone, but I think the bar needs to be higher than this. And Plugin developers should be held to a higher standard (e.g. don't use eval()) or at least thoroughly document why you need it.

[1] https://news.ycombinator.com/item?id=48089793

[2] https://community.obsidian.md/plugins/templater-obsidian
guiambros
·2 mesi fa·discuss
Also:

- Think Python

- Think Data Structures

- Think Java

- Think Perl6 (!)

- Modeling and Simulation in Python

- Probably Overthinking It

And more [1]. He's a prolific writer, and very generous for offering many of them for free. I read several of them online or through O'Reilly, and bought printed copies just to appreciate his work. Really enjoyed Think DSP, Think Complexity, Think Bayes, etc.

[1] https://www.amazon.com/stores/Allen-Downey/author/B001O8NBPS
guiambros
·2 mesi fa·discuss
Yes, in this specific case.

Obsidian Plugins are still incredibly vulnerable. A compromised plugin will essentially take over your machine. There's no sandboxing of any kind. It's even more insecure than browser extensions (that could steal your auth tokens, but at least don't have unfettered access to your filesystem).

This is really unfortunate. I love Obsidian and am a paid subscriber for many years, but the community plugins needs a security overhaul asap, before someone gets hurt.
guiambros
·2 mesi fa·discuss
Not sure why you were downvoted. From the last paragraph:

"I spent a total of 35 days here. The first arrest was 3 days of processing, the initial 10 days followed by the 10 days extension for a total of 23 days before my case was dropped. But the same time my case was dropped my accusers found a another reason to issue a second arrest keeping me there for an additional 12 days!

Both cases were ultimately dropped and the second arrest was essentially tied to the first and shouldn’t have even been possible.
"
guiambros
·2 mesi fa·discuss
The answer is in your question:

"...through a vulnerable WordPress plugin, a web shell, weak SSH credentials, or a compromised container"

DirtyFrag alone doesn't help an attacker; they need to get in first. But the blast radius is much wider now. A wordpress flaw, or a prompt injection in your OpenClaw skills, or a supply chain compromise in npm librarires means they now have full root access to your system.
guiambros
·2 mesi fa·discuss
Also hilarious to see Drew Houston responding a bit later on the same thread:

> we're in a similar space -- http://www.getdropbox.com (and part of the yc summer 07 program) basically, sync and backup done right (but for windows and os x). i had the same frustrations as you with existing solutions.

> let me know if it's something you're interested in, or if you want to chat about it sometime.

>drew (at getdropbox.com)
guiambros
·2 mesi fa·discuss
Oh bummer, I was really enjoying the series. Hope they bring it back.
guiambros
·2 mesi fa·discuss
Posting this to remind folks of Linus' and the kernel team's longstanding stance on security vulnerabilities, given the recent CopyFail discussion [1].

The researchers followed the standard disclosure process of 90+30, but distros were not notified. The kernel had a bug, but kernel developers did not (and will not) notify downstream distros.

The real discussion we should be having is: what should be the responsible disclosure process, and who should be accountable for contacting the downstream projects?

And should the Linux kernel be treated differently than other opensource projects? And if yes, where do we draw the line? If, for example, I find a bug in OpenSSL, is it reasonable to expect that I contact every single operating system, device maker, or library developer that packages openssl in their gizmos?

[1] https://news.ycombinator.com/item?id=47965108