HackerTrans
TopNewTrendsCommentsPastAskShowJobs

cataflam

no profile record

comments

cataflam
·지난달·discuss
Congrats gaeld and team

The demo is very impressive!

disclaimer: I've known the founder for a while, as legitimate as it gets in deep tech, real years of research and engineering behind this, not vaporware
cataflam
·2개월 전·discuss
> For monitoring I use and recommend UpDown.io, which doesn’t seem to be listed there.

It doesn't seem very well known, but I've been a happy user. Most of the others have become over-bloated with a shitty UI.
cataflam
·2개월 전·discuss
> Nicholas Carlini, a researcher at Anthropic, orchestrated 16 parallel Claude agents to write a production C compiler in Rust.

To write a proof-of-concept C compiler, not a production-grade one...

Hard to take the article seriously after this
cataflam
·3개월 전·discuss
You misinterpreted the comment you are citing.

This non-determinism would not and did not cause replays to diverge (the PRNG seed was most likely stored and would reproduce exactly the same results).
cataflam
·4개월 전·discuss
Your AI powered comment is wrong. Le monde has been doing this for years. They have a series of articles about this. There is no "gap closing."
cataflam
·4개월 전·discuss
it cannot email your secret key to an attacker because of prompt injection etc.
cataflam
·4개월 전·discuss
Almost a month old, original source: https://cybernews.com/security/global-data-leak-exposes-bill...

and I've never seen any confirmation elsewhere

Looks like CyberNews have edited the article with more info since first I saw it, it used to look quite suspicious and untrustworthy, it now has more info. Still doesn't say exactly what a record is, or how many uniques there are.
cataflam
·4개월 전·discuss
You're getting downvoted because you didn't read the article.

It is specifically about cleaning up the data by removing these 3 and showing a clearer picture of acceleration without these 3 factors.
cataflam
·6개월 전·discuss
Great series of articles!
cataflam
·8개월 전·discuss
Don't they?

https://git.ffmpeg.org/gitweb/ffmpeg.git?a=search&h=HEAD&st=...
cataflam
·9개월 전·discuss
Wow. Maybe I'm missing something but it seems really weird to replace a tool with a rewrite that doesn't pass the test suite!
cataflam
·9개월 전·discuss
This comment[0] explains it.

The core bug seems to be that support for `date -r <file>` wasn't implemented at the time ubuntu integrated it [1, 2].

And the command silently accepted -r before and did nothing (!)

0: https://lwn.net/Articles/1043123/

1: https://github.com/uutils/coreutils/issues/8621

2: https://github.com/uutils/coreutils/pull/8630
cataflam
·10개월 전·discuss
Amazing they are still alive and kicking. Started using them with Windows 95 (different specific ones, same general concept)

These and Sysinternals (bought by Microsoft around 2006) were must have when I was still using Windows.

https://learn.microsoft.com/en-us/sysinternals/
cataflam
·10개월 전·discuss
> update your password, update your 2FA

should practice it for ENTER your password, ENTER your 2FA ;)

> Still, I don’t understand how npmjs.help doesn’t immediately trigger red flags

1. it probably did for quite a few recipients, but that's never going to be 100% 2. not helped by the current practices of the industry in general, many domains in use, hard sometimes to know if it's legit or not (some actors are worse in this regard than others)

Either way, someone somewhere won't pay enough attention because they're tired, or stressed out, or they are just going through 100 emails, etc.
cataflam
·10개월 전·discuss
Indeed.

At least the crowd here should _know_ that TOTP doesn't do anything against phishing, and most of the critical infrastructure for code and other things support U2F so people should use it.
cataflam
·10개월 전·discuss
My apologies, somehow after all these years, I didn't know that (and first time I've done it)!
cataflam
·10개월 전·discuss
Yes! Here is the whitepaper (from 2017 I think), I read that and used it, it's excellent

https://karla.io/files/ichthyology-wp.pdf

> At Stripe, rather than focusing on mitigating more basic attacks with phishing training, we decided to invest our time in preventing credential phishing entirely. We did this using a combination of Single Sign On (SSO), SSL client certificates, and Universal Second Factor (U2F)
cataflam
·10개월 전·discuss
Still would have done nothing in this case, as they pulled the correct email address he uses for npm from another source (public API I think?).

That's exactly why I said all the other "helpful" recommendations and warning signs people are using are never foolproof, and thus mostly useless given the scale at which phishing campaigns operate.

Great if it helps you in the general case, terrible if it lulls you into a sense of confidence when it's actually a phishing email using the right email address.
cataflam
·10개월 전·discuss
As for any of these cases, we do receive legitimate emails that require being logged in, Google or otherwise

The answer is simple: use your bookmarks/password manager/... to login yourself with a URL you control in another tab and come back to the email to click it

(and if it still asks for a login then, of course still don't do it)
cataflam
·10개월 전·discuss
In that case

1. You just requested it, I'm not saying to never click link on transactional emails you requested. You still need to click on those verify email links

2. It replaces entering your password, so you're not entering your password on a link from an email, which is the very wrong thing.