HackerTrans
トップ新着トレンドコメント過去質問紹介求人

jand

no profile record

投稿

Wolfspeed prepares to file for bankruptcy within weeks

reuters.com
4 ポイント·投稿者 jand·昨年·0 コメント

コメント

jand
·3 か月前·議論
> Too many of these projects become viral hits that stop making any progress after the first symbolic success. Cynics would say these projects all too often stop exactly at the point where the actual challenges start.

What can you do to ensure the "real work" can actually be done, more precise paid for? Well, you could demo early in hope to attract coins. Maybe that is happening here.
jand
·8 か月前·議論
I have not test-driven adk-go. But if you - like me - have not toyed around with agents until now, there is a readable, nice example in [1] which explains itself.

[1] https://github.com/google/adk-go/tree/main/examples/web
jand
·8 か月前·議論
This becomes much clearer with a balance sheet in front of you.

What is saving? _Spending less_, that's all. Saving generates no income, it makes you go broke slower.

Independent of the price or the product, you can never save more than factor 1.0 (or 100%).

Wasn't there a guy on TV who wanted to make prices go down 1500%? Same BS, different flavor.
jand
·10 か月前·議論
Who do you mean with "many people"? Developers who do not care or middle management that oversold features and overcommitted w.r.t. deadlines? Or both? Someone else?
jand
·12 か月前·議論
> Even if you don't notice the pot being boiled there are those of us that do.

Tangent: To me that sounds like a reference to the "frog boiling" story. This has been debunked [1], a healthy frog will not remain in a gradually heated pot of water. We need a better analogy for this.

[1] https://en.wikipedia.org/wiki/Boiling_frog
jand
·12 か月前·議論
I get your point, but according to [1] ASML was a bad example.

There is no kill switch which might be pressed only under circumstances that may never be "adapted to current situations". So who does said plow belong to?

[1] https://www.bloomberg.com/news/articles/2024-05-21/asml-tsmc...
jand
·昨年·議論
Are users allowed to copy the referenced egg-shell.png and host it themselves or is this connected to some sort of metric you like to gather?
jand
·昨年·議論
And it enjoyed some popularity. [1]

[1] https://en.wikipedia.org/wiki/Beer_boot
jand
·昨年·議論
More than US. From EU i can't even reach https://github.com/<user>/<repo>.
jand
·昨年·議論
> I am a bit confused on the "bypass" though. Wouldn't the adversary need push access to the repository to edit the workflow file? So, the portion that needs hardening is ensuring the wrong people do not have access to push files to the repository?

I understand it that way, too. But: Having company-wide policies in place (regarding actions) might be misunderstood/used as a security measure for the company against malicious/sloppy developers.

So documenting or highlighting the behaviour helps the devops guys avoid a wrong sense of security. Not much more.
jand
·昨年·議論
The community edition is not robbed of its value by this move. They provide a CLI tool (mc) for those admin tasks which previously could be solved via dashboard.

I have several minio instances deployed to k8s for small to medium, and non-profit projects. Easy to deploy, no problems or outages, yet.

But anecdotally i remember multiple occasions, where a quick tour of the dashboard convinced peers, that minio was the right tool for the job.

From my point of view it is much more questionable, that they "dare" to advertise the paid version with a 96.000 USD p.a. "platform fee" plus additional cost if you use more than 400TB. Small fish need tools, too.
jand
·昨年·議論
> How is this not the same issue?

Although not explicitly stated, i read previous comments as using [email protected] to cancel his personal Netflix account. (Let's say that privateequity.com allowed personal usage of company email.)

I see a difference between accessing an email account and impersonating the previous account holder.
jand
·昨年·議論
As we are sharing anecdotes:

One of my school math teacher had the same approach in another way: We were expected to use greek letters, not latin ones.

Same reasoning: It showed us kiddos that the letter was insignificant compared to the concept expressed by the letter.

So my take would be: Your friend taught the students for the first time what they were actually doing while handling equations with "a letter in it". That is no problem of algebra in itself. It just means their previous teachers sucked.
jand
·昨年·議論
"Unreliable" is a bit harsh - the problem arises imho not from the websocket ping itself, but from the fact that client-side _and_ server-side need to support the ping/pong frames.
jand
·昨年·議論
sry to be that guy (with a snarky comment):

> Over the 20+ years, I witnessed a few security incidents.

As you said, the attackers who breached your system had ssh root access and you had no chance to detect them.
jand
·2 年前·議論
> ... because you cannot attach an Authorization: Bearer header to a websocket.

Well, not properly. You can abuse the Sec-Websocket-Protocol header to pass an initial token to the server.
jand
·2 年前·議論
Was there a specific reason to use AGPL-3.0? Not critizing, just asking.

Tried to read about the license and was greeted by a tl;dr summary of the AGPL-3.0 license [1]. I am no lawyer but my gut tells me that providing such a summary is an invitation to strange disputes. Take care.

[1] https://mercure.rocks/docs/hub/license
jand
·2 年前·議論
Another option is to have a read-, and a write-pump goroutine associated with each gorilla ws client. I found this useful for gateways wss <--> *.
jand
·2 年前·議論
> They will still be a game changer for workplace safety.

Sure. The robots could be used to distribute shoes and safety equipment to the less fortunate child laborers around the world.
jand
·2 年前·議論
"support or engage in terrorist or violent extremist offences"

What constitutes "support"? Hopefully your next government is OK with you back then liking the post of that one organization previously not classified as terroristic.