HackerTrans
TopNewTrendsCommentsPastAskShowJobs

moonlet

no profile record

comments

moonlet
·6개월 전·discuss
I mean… I’m flattered you think I’m making some kind of statement here but there is no claim. I literally stated an opinion I hold in a comment on HN, I didn’t write a you a thesis. Followed by explaining further the details of that opinion.

I’ve asked what background leads to your conclusion, because if you have eg written some sandboxing tooling, I’d be curious to give it a look. Always up to learn things, and I am more than a little baffled by how upset the comments I’m replying to here sound. You’ve linked me to Wikipedia, and another commenter asserts I can ‘just look it up on google scholar’. That seems pretty dismissive and reductive overall.
moonlet
·6개월 전·discuss
What background or context do you have that you base this claim on?
moonlet
·6개월 전·discuss
I’m saying I don’t think sandbox is a noun, I think it’s a verb. I also don’t get why this is such an issue to you? A container simply is not a sandbox by itself. The collection of technologies that can sandbox can be used to sandbox a container, or an app running in a container, or whatever you want. A door lock isn’t security, a door lock is used to lock your door, which gives you part of a security strategy. Same principle.
moonlet
·6개월 전·discuss
No worries! And I definitely appreciate you taking time to write up your work, it’s a good blog.
moonlet
·6개월 전·discuss
To me ‘a sandbox’ is a secured context, which is specific to whatever is in it. It is not a generic thing unless we are literally referring to a real-world box with sand in it, and I’ve kinda hit the breaking point with the term in tech. ‘A sandboxed application’ to me is an instrumented and controlled deployment of an application that can only make the sys/network/ipc calls the deployer expects and appreciates, which are then themselves filtered and monitored. A sandboxed deployment of an application? Sure. That’s a thing to me. But each application needs different privileges and does different things. Sandboxing an application may involve lots of different technologies. Eg the way I think about it, things like seccomp, apparmor, et al also aren’t themselves ‘sandboxes’, they’re enforcement mechanisms which rely on knowing and configuring them to monitor and enforce what the app should and shouldn’t do. A lot of things that assist with sandboxing may also be combined in different ways to get to a more secure environment, in which the app is sandboxed.
moonlet
·6개월 전·discuss
I am so sick of the ‘sandboxed’ AI-infra meme. A container is not a sandbox. A chroot is not a sandbox. A VM is also not a sandbox. A filesystem is also also not a sandbox. You can sandbox an application, you can run an application in a secure context, but this is not a secure context the author is describing, firstly, and secondly they haven’t described any techniques for sandboxing unless that part of the page didn’t load for me somehow.
moonlet
·8개월 전·discuss
Why aren’t less intelligent people also happier? I dunno mate, could be the shape of society right now…
moonlet
·8개월 전·discuss
Who cares if they’re wrong? The point is respect for their opinions and feelings since you’ll have to work with them for twenty years. If you respect them, you get to do what you want to do and they won’t fuck with you or shoot down your proposal.

To be clear this is Japan we’re talking about with the twenty years part. The same thing applies in the US but on smaller timescales though. If people feel appreciated and respected and you have good relationships, they will basically back whatever you want.
moonlet
·작년·discuss
/fit/ and /mu/ were good to me in my late teens, and /ck/ is the reason I actually asked my roommate’s mom to show me cooking basics when I was in college!