HackerTrans
トップ新着トレンドコメント過去質問紹介求人

nicce

5,388 カルマ登録 5 年前

コメント

nicce
·2 時間前·議論
> Wow. Makes me see OpenAI in an entirely different light.

Based on what has been already going on there, not even surprised anymore.
nicce
·2 時間前·議論
Too late.
nicce
·一昨日·議論
But is TigerBeetle then even reasonable reference as an argument for Zig? Maybe they could have reached the same with plain C.
nicce
·一昨日·議論
RAII in C++ is optional and not enforced everywhere. It certainly helps if you use it. In Rust you can't turn it off.
nicce
·一昨日·議論
> It's similar to saying that Linux could not have become a serious project because of the way Linus communicated in his emails.

Linus being rude was actually contributing for Linux becoming a serious project. Because that changed the quality of the code and the seriousness of the contributions. If you were sloppy or did not do good job, Linus became rude. So there is a correlation, and this is an excellent demonstration how it goes to opposite direction. Whether it was professional or not, it correlated for the quality of the project. For that reason, it is not ad hominem.
nicce
·一昨日·議論
> This is false, it was done many months before (Nov 20 2025). There is some irony in your comment being in reply to a thread about verifying claims before posting them...

There is no evidence for this. It is integration PR to support fuzzing with one tool. The public repository does not have CI pipeline for it. Fuzzing is done privately somewhere, and the first linked issues are around April.
nicce
·一昨日·議論
I agree that ""an outright fabrication" is a bit too much.

But also the claims about the fuzzing in the original blog post are kinda too misleading. Fuzzing harness is basically just coverage-guided random bytes towards Bun's JS APIs and it will not really catch anything in depth from the code. Just the most obvious from the surface. And 24/7 fuzzing is introduced likely around the same time when Rust rewrite seemed to be main focus, as then the first issues were created. Current fuzzing does not give much trust about the code stability, but indeed the fuzzing has been started and likely improves in the future if someone puts some work for the harness.
nicce
·一昨日·議論
> Countering the accusation of "an outright fabrication" on the other hand is worthwhile because it's a claim that can be countered.

Hmm, fuzzing integration was merged 8 months ago. First found bug mentioned 3 months ago. Bun is 4 years old. I think both arguments can be true at the same time based on this evidence. It is entirely possible that for more than 3 years team has said that no fuzzing was done, and the first fuzzing was done just 3 months ago, and this information did not travel.
nicce
·一昨日·議論
> Type checking and lifetime ownership eliminate some, but not all of them.

They actually remove certain classes completely. E.g. lifetime ownership in Rust removes all bugs related to the reason why it is in the code syntax (a.k.a. lifetime markers remove use-after-free completely in Rust.)
nicce
·一昨日·議論
Can you criticize a project which is mainly contributed and managed by one person without criticizing the same person who does the decisions that cause criticisms?
nicce
·一昨日·議論
Do they mention about how much revenue comes from selling parts and maintenance? That is what is directly impacted.
nicce
·一昨日·議論
> Most extensive test suites are exactly production scars: every time you have a bug or a regression, you write a test that confirms correct behaviour.

If you can be 100% guaranteed that there indeed is a test for every occurred bug. Sometimes maintainers are not so strict about it.

And some programmers are so good that some issues are self-explanatory and they write good code to note a thing but don't write a test, because implementing the test is more expensive.
nicce
·一昨日·議論
> - No LTS support for the Zig version regarding CVEs etc.

Every release would have tons of CVEs and would take so much effort. E.g. the example from blog with memory issues. Better just think that Zig version was not there what comes to security. Use at your own risk.

> Jarred basically keeps operating as if he was a lone hacker working on his personal project.

They have right to do it, however. It is expected, especially if company owns it.
nicce
·3 日前·議論
But that did not really carry data out from the device, other than hashes. I think Apply knew this was coming, and tried to do it better.
nicce
·4 日前·議論
> The second is the Apple style on-device CSAM scanner?

This is exactly what has been proposed. E.g. WhatsApp has a piece of code that scans images and texts before sending. After that, they are "encrypted".
nicce
·4 日前·議論
Rolling auth by yourself is very messy. Storing tokens correctly, rotating and using correct tokens, with correct parameters and so on. Endless footguns.
nicce
·4 日前·議論
> A lot of these US vendors have data centers in the EU operating under EU law via legal entities in the EU.

Didn’t even Microsoft say that they can’t guarantee that they can follow these laws? Because the US laws take over. So, legal entities are just some smoke screen. They don’t help if the US government wants access to something.
nicce
·4 日前·議論
> It's completely the opposite stance to (a) the actions being taken by chinese companies and (b) the public stance taken by their govt https://english.www.gov.cn/news/202601/08/content_WS695f1b55...

That source is very old, considering how fast everything is changing. It is not impossible if US actions for banning have changed something.
nicce
·5 日前·議論
> A desktop computer does not source POE power.

Well, mine does. Look for PCIe, PoE+/PSE cards.
nicce
·5 日前·議論
Yes, POE with helps that. You don't need to plug in the power cable. Commenting "This reeks of LLM-generated content." is not helpful in general.