I mean… I’m flattered you think I’m making some kind of statement here but there is no claim. I literally stated an opinion I hold in a comment on HN, I didn’t write a you a thesis. Followed by explaining further the details of that opinion.
I’ve asked what background leads to your conclusion, because if you have eg written some sandboxing tooling, I’d be curious to give it a look. Always up to learn things, and I am more than a little baffled by how upset the comments I’m replying to here sound. You’ve linked me to Wikipedia, and another commenter asserts I can ‘just look it up on google scholar’. That seems pretty dismissive and reductive overall.
I’m saying I don’t think sandbox is a noun, I think it’s a verb. I also don’t get why this is such an issue to you? A container simply is not a sandbox by itself. The collection of technologies that can sandbox can be used to sandbox a container, or an app running in a container, or whatever you want. A door lock isn’t security, a door lock is used to lock your door, which gives you part of a security strategy. Same principle.
To me ‘a sandbox’ is a secured context, which is specific to whatever is in it. It is not a generic thing unless we are literally referring to a real-world box with sand in it, and I’ve kinda hit the breaking point with the term in tech. ‘A sandboxed application’ to me is an instrumented and controlled deployment of an application that can only make the sys/network/ipc calls the deployer expects and appreciates, which are then themselves filtered and monitored. A sandboxed deployment of an application? Sure. That’s a thing to me. But each application needs different privileges and does different things. Sandboxing an application may involve lots of different technologies. Eg the way I think about it, things like seccomp, apparmor, et al also aren’t themselves ‘sandboxes’, they’re enforcement mechanisms which rely on knowing and configuring them to monitor and enforce what the app should and shouldn’t do. A lot of things that assist with sandboxing may also be combined in different ways to get to a more secure environment, in which the app is sandboxed.
I am so sick of the ‘sandboxed’ AI-infra meme. A container is not a sandbox. A chroot is not a sandbox. A VM is also not a sandbox. A filesystem is also also not a sandbox. You can sandbox an application, you can run an application in a secure context, but this is not a secure context the author is describing, firstly, and secondly they haven’t described any techniques for sandboxing unless that part of the page didn’t load for me somehow.
Who cares if they’re wrong? The point is respect for their opinions and feelings since you’ll have to work with them for twenty years. If you respect them, you get to do what you want to do and they won’t fuck with you or shoot down your proposal.
To be clear this is Japan we’re talking about with the twenty years part. The same thing applies in the US but on smaller timescales though. If people feel appreciated and respected and you have good relationships, they will basically back whatever you want.
The thing that makes someone trustworthy is taking accountability for your own self and actions, but having boundaries such that you don’t take accountability for the selves and actions of others. That’s basically all I want to see from a manager, a direct report, or a peer.
Not really if they don’t have any security or even devsecops yet… if they just have devs and those devs are people who are relatively junior / just out of school, I could unfortunately absolutely see this happening
Literally all they have to do is make sure all women have maternity leave, and paid childcare for the first three years, and set limits on how high prenatal and birth medical bills can be. You’d think a bunch of supposedly “pro” “natalists” who are “pro” “life” in or adjacent to the government would be gagging at the bit to make it as easy as possible to have babies.
/fit/ and /mu/ were good to me in my late teens, and /ck/ is the reason I actually asked my roommate’s mom to show me cooking basics when I was in college!
Well as shown by the original Communists, total redistribution just lets greedy people on the inside skim off the top. A taxation system with a properly constructed social safety net on the other hand, which is what I think you’re describing, is one where the wealthiest pay in the most and the least wealthy receive sufficient aid to get by.
LLMs are not a miracle, they are a type of tool. The hype I am angry about is the “black magic? Well, clearly that can solve every problem” mode of thought.
Mine used to and I went back to the optometrist a few times about it last year but… turned out I was getting tension headaches and blurry vision working from home not because of screens or my glasses, but because the radon in my home was regularly about 6x the EPA limit. What’s solved my headaches has been moving away, not changing my prescription. OP, consider if something else in your environment is bugging you.
While I’m surprised to see they aren’t writing about https://www.inf.puc-rio.br/~roberto/lpeg/ it looks like they’ve covered LPEG in a previous post, and their chosen method this time around is neat anyway!
If only every copyright lawyer in the world could suddenly band together and descend on them in a horde. This is such a disgusting abuse of book authors, who are usually not the big guys. As a non-author myself, I don’t care about the publishers and whatnot but most people who are authors only have written one book and should get the royalties they deserve from their work.
I’ve asked what background leads to your conclusion, because if you have eg written some sandboxing tooling, I’d be curious to give it a look. Always up to learn things, and I am more than a little baffled by how upset the comments I’m replying to here sound. You’ve linked me to Wikipedia, and another commenter asserts I can ‘just look it up on google scholar’. That seems pretty dismissive and reductive overall.