HackerTrans
TopNewTrendsCommentsPastAskShowJobs

josnyder

no profile record

comments

josnyder
·2 maanden geleden·discuss
Sylvan Dr and Forest View Dr are two blocks from each other.
josnyder
·2 jaar geleden·discuss
While it can't be done server-side, this can be done straightforwardly in a signer service, and the signer doesn't need to interact with the payloads being uploaded. In other words, a tiny signer can act as a control plane for massive quantities of uploaded data.

The client sends the request headers (including the x-amz-content-sha256 header) to the signer, and the signer responds with a valid S3 PUT request (minus body). The client takes the signer's response, appends its chosen request payload, and uploads it to S3. With such a system, you can implement a signer in a lambda function, and the lambda function enforces the content-addressed invariant.

Unfortunately it doesn't work natively with multipart: while SigV4+S3 enables you to enforce the SHA256 of each individual part, you can't enforce the SHA256 of the entire object. If you really want, you can invent your own tree hashing format atop SHA256, and enforce content-addressability on that.

I have a blog post [1] that goes into more depth on signers in general.

[1] https://josnyder.com/blog/2024/patterns_in_s3_data_access.ht...
josnyder
·2 jaar geleden·discuss
Most jurisdictions make a distinction between moving violations, which are issued to the driver, and parking violations, which are issued to the car (and its owner, by extension). This is why, in most places, you cannot get points on your license from parking illegally.

This situation would have been a moving violation. It sounds like the law has not caught up with the concept that a company might hold a driver's license and be issued moving violations.
josnyder
·3 jaar geleden·discuss
Yes, by design. One major goal is to prevent a landowner from squatting on an empty lot while their neighbors build prosperity around it. The "squatter" then cashes in, having done nothing themselves. "Everyone works but the empty lot" is the commonly used phrase.

The goal of an LVT is to insulate a landowner's tax bill from being affected by their own improvements. Its anti-goal is to insulate a landowner from changes in land use around them.
josnyder
·3 jaar geleden·discuss
(I'm a big proponent of LVT)

The two downsides I'm aware of are difficulty in transitioning to an LVT and difficulty in valuing the land.

Transitioning to an LVT means that landowners no longer capture land rents for themselves, which is a massive overnight loss in the value they hold. The solutions there typically tax only the difference in land value versus a baseline assessment. So if a lot is worth $100 before LVT and $105 after, the tax is calculated only on the $5 difference.

Valuing the land is tricky because the whole point of LVT is to tax only the location itself. So the value of any structures should be excluded from taxation, and even improvements in soil quality (e.g. on a farm) should be excluded. This is problematic because the market for bare land is significant less liquid than improved land, especially in suburbs and cities. So there isn't always good data on comparable land, and there isn't a way to hold a straightforward auction to value a given lot. Of course, most present systems of property taxation are subject to the exact same issue.
josnyder
·4 jaar geleden·discuss
This was great in 2012. In 2022, most use-cases should be using parallelized zstd.
josnyder
·4 jaar geleden·discuss
I'm a big fan of privacy.com: they provide me with a spend-limited debit card number that varies by vendor. I use them especially for newspaper subscriptions that make it difficult to cancel and have balloon renewal payments.
josnyder
·4 jaar geleden·discuss
OP appears to be Jack O'Connor, one of the designers of BLAKE3, which is the fastest full-strength cryptographic hash function currently available. It's always nice to see practicing cryptographers also producing digestible cryptography content.
josnyder
·5 jaar geleden·discuss
PoW systems rely on the "phone a friend method" as well. When you download a Bitcoin client from a "friend", you are trusting them to honestly introduce you to the network. If you fall asleep for a period of years, you have to trust your friends to honestly inform you of all of the PoW forks and policy changes that have occurred over that interval. The only difference is that PoS blockchain clients must be bundled with a modestly-recent block hash along with the thousands of lines of code that you have no practical way to audit.

The problem eventually reduces to Ken Thompson's "Trusting Trust" [1] problem. There's no way to externally validate the honesty of any system (cryptocurrency, or otherwise).

[1] https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_Ref...