HackerTrans
トップ新着トレンドコメント過去質問紹介求人

lima

8,794 カルマ登録 10 年前

コメント

lima
·5 日前·議論
Even if you can't authenticate at the application level, it's still much better to encrypt/authenticate traffic on the wire (using a VPN or something like Tailscale) instead of 802.1x auth.
lima
·5 日前·議論
Non commercial licenses are not generally considered open source
lima
·7 日前·議論
Google solved credential phishing a long time ago using hardware tokens (gnubby - the predecessor to FIDO/U2F/Passkeys...).

There's other types of social engineering, but phishing is mostly an engineering issue.
lima
·7 日前·議論
Probably 802.1x, but it's easy to bypass if you have access to an authorized device. This kind of authentication has to be done at the application level, treating the network as a perimeter doesn't work.
lima
·8 日前·議論
The company also should have restricted network access to the port in the conference room so that an unknown device like a Raspberry Pi could not make an Ethernet connection from that spot

Bad take - the actual problem is that there was a trusted network in the first place. This kind of network access control is trivial to bypass, and trusted devices can get compromised.
lima
·8 日前·議論
This. It's easy to forget that Postgres is fundamentally a single-node database without distributed transactions. It won't pass the Jepsen test suite with multiple nodes. DBOS, Temporal and friends inherit this limitation.

Something like Restate actually implements distributed transactions.
lima
·8 日前·議論
[dead]
lima
·10 日前·議論
Gerrit's new UI comes pretty close, and it's also what Google uses for projects living outside of google3.

GitHub's PR review workflow is archaic in comparison, especially now that every page takes 2-3 seconds to load.
lima
·10 日前·議論
Don't worry, they accept PRs on that repo. They just merge them internally and then re-export them.

There are some variations, but this is generally the same with all open source projects which live in their internal monorepo, such as gVisor or Bazel.
lima
·先月·議論
Yes it will, there's a clear purpose and the customer explicitly agrees.
lima
·先月·議論
Fable on GCP requires accepting a 60-day retention policy: https://cloud.google.com/terms/advanced-ai-safety-addendum

I don't think it mentions sharing the data with third parties such as Anthropic?
lima
·先月·議論
Higher IO latencies in HDs might actually make this attack easier - more contention means more bits of data.
lima
·2 か月前·議論
Shor published multiple quantum algorithms, including one for discrete logarithms. The term is sometimes used interchangeably.

They're closely related, ECC and RSA are both instances of the hidden subgroup problem.
lima
·3 か月前·議論
> How do you know the clanker respects the instruction not to search the internet?

You can't, but given that it's a previously unsolved problem, it doesn't seem relevant? (nor are the author's potential biases - the claims are easily verified independently)
lima
·4 か月前·議論
We tried this, but the quota for Opus models defaults to 0 on VertexAI and quota increase requests are auto-rejected.

Any tips?
lima
·4 か月前·議論
No, unless you count tricks which are explicitly against ToS
lima
·4 か月前·議論
They use a buffer battery, it's quite feasible with that.
lima
·4 か月前·議論
You can still use OpenCode with the Anthropic API.
lima
·4 か月前·議論
Fun fact: In Germany, the civil courts will usually take the case anyways if it has merit, but the winner ends up paying for the whole lawsuit if they failed to make an effort to resolve the case before suing.
lima
·4 か月前·議論
And Hungary is pretty much a rogue EU state - their government did go full authoritarian and is aligned with Russia.