HackerTrans
TopNewTrendsCommentsPastAskShowJobs

mittermayr

no profile record

Submissions

SumUp down across Europe (again)

status.sumup.com
2 points·by mittermayr·15 dagen geleden·0 comments

All GitHub Copilot plans are now on usage-based billing

github.com
7 points·by mittermayr·vorige maand·4 comments

Cloudflare API and Pages down

cloudflarestatus.com
3 points·by mittermayr·2 maanden geleden·1 comments

Ask HN: We just had an actual UUID v4 collision...

479 points·by mittermayr·2 maanden geleden·347 comments

Ask HN: Why isn't there an open-source model trained by the community?

8 points·by mittermayr·4 maanden geleden·3 comments

comments

mittermayr
·13 dagen geleden·discuss
I’m sorry to hear about your very odd friends, but I suggest you consider traveling more yourself and gather some personal insights of the world. You should very quickly come to realize that Europe is not one place, one kind of people. This isn’t really something one would say, having spent even just a minute in one or two places here that aren’t Germany or France. Odd to read that.
mittermayr
·vorige maand·discuss
EU. iPhone 13 Pro. Not complaining, but I can't really.
mittermayr
·vorige maand·discuss
Coming this fall...

In "English" later this year...

We've heard that before, haven't we, Apple? I feel the right way to fix the trust issues would be to announce this when it's actually done. Like, here's Siri AI, and you can download and use it, right now.
mittermayr
·vorige maand·discuss
Burned through all the available Pro tokens in a day. What a wild rug pull!
mittermayr
·vorige maand·discuss
Browsing through the repo, I noticed this, and wondered if that isn't a recipe for disaster (code is condensed to showcase my concern)?

  app.get('/api/auth/callback', async (request: any, reply: any) => {
    const params: any = request.query || {};
    const code = params.code || '';
    const state = params.state || '';
    // Exchange code for token via curl
    const tokenResult = curlExec(
      'curl -s -X POST "https://github.com/login/oauth/access_token" -H "Accept: application/json" -d "client_id=' + GITHUB_CLIENT_ID + '&client_secret=' + GITHUB_CLIENT_SECRET + '&code=' + code + '"'
    );
Shell injection?
mittermayr
·2 maanden geleden·discuss
At least in Europe (likely globally), cached sites on Cloudflare Pages are currently returning 500 (Internal Server Error).

I am on the way to a client demo hosted on Cloudflare, amazing timing.
mittermayr
·2 maanden geleden·discuss
We should all send our already-generated UUIDs to a shared database, we could just put it on Supabase with a shared username/password posted on HN, so we can all ensure that after generating a UUIDv4 locally, it's not used by anyone else. If it's in the database, we know it's taken.

It's a super simple mechanism, check in common worldwide UUID database, if not in there, you can use it. Perhaps if we use a START TRANSACTION, we could ensure it's not taken as we insert. But that's all easy, I'll ask Claude to wire it up, no problem.
mittermayr
·2 maanden geleden·discuss
user-generated (as in: on the user's phone) was only at the very early stages of this product, and we've since moved to on-server. It's a cash-register type of app, where the same invoice must not be stored twice. So we used to generate a fresh invoice_id (uuidv4) on the user's device for each new invoice, and a double-send of that would automatically be flagged server-side (same id twice). This has since moved on to a server-only mechanism.

The database flagged it simply by having a UNIQUE key on the invoice_id column. First entry was from 2025, second entry from today.
mittermayr
·2 maanden geleden·discuss
oh, interesting, I didn't know that and this could possibly be part of the problem perhaps depending on what's used as the seed.
mittermayr
·2 maanden geleden·discuss
I knew it, we're all getting the same cheap UUIDs and the good ones are reserved for the big dogs.
mittermayr
·2 maanden geleden·discuss
yeah, any sort of additional semi-random data could've helped prevent this, I'm sure. That, however, is also kind of the idea of UUIDv4, it has lots of randomness and time built in already.
mittermayr
·2 maanden geleden·discuss
I fully agree. It makes no sense. Yet...

The only guesses I'm having is that we originally generated UUIDv4s on a user's phone before sending it to the database, and the UUID generated this morning that collided was created on an Ubuntu server.

I don't fully know how UUIDv4s are generated and what (if anything) about the machine it's being generated on is part of the algorithm, but that's really the only change I can think of, that it used to generated on-device by users, and for many months now, has moved to being generated on server.
mittermayr
·3 maanden geleden·discuss
20 solid years of experience, self-employed at the moment, but I got curious a while back and started browsing jobs, and it's ... well, tough to even find something unless you're an extreme specialist and trust to bank on that technology or niche sustaining you through the next few years.
mittermayr
·3 maanden geleden·discuss
just wanted to give you another perspective to consider: I teach a class where they're designing websites and small apps with ChatGPT, but we're failing to host this. I built a simply copy/paste HTML renderer, so they can at least share and try it outside of ChatGPT, but for our final project, I felt like it would've been nice if something like all those JS playgrounds would exist, but much, much simpler. I upload an HTML and it becomes accessible publicly so students can share their projects. The domain never matters, any subdomain is fine, but it needs to be without an account and that makes it incredibly hard to host (spam). Why without an account? Our onboarding of the same class (30 students or so) to Figma took us two full days, it was a disaster. Nobody wants to go through that again. That said, university budgets are nearly untouchable, so I'm not sure if and/or where there's reason enough to do this other than purely academical.
mittermayr
·3 maanden geleden·discuss
Just got a Wireguard update on Windows a minute ago, so seems resolved?
mittermayr
·3 maanden geleden·discuss
I teach a tech class to marketing students, and it definitely works very well. They are allowed to use ChatGPT and other tools, with one caveat: you remain responsible for the output. I hide white-text prompt injections in specs or longer task instructions (usually in PDFs, works well enough there with copy and paste), and sometimes place a phrase near the end of the text that prompts the LLM to append something like, "I submit this assignment without checking its output, and I accept point deductions as agreed."

I used to do this for a laugh and not deduct points, next year, I showed them this before class as an introduction to working with AI and kind of as a warning, I'll deduct points, expecting nobody falling for it, then they fell for it over and over again. Well.
mittermayr
·4 maanden geleden·discuss
Totally off-topic, and I may be wrong, but I immediately loved the non-LLM writing-style and felt glued to the content just through the writing alone. It's getting rare.
mittermayr
·4 maanden geleden·discuss
wow, thanks for all the links, I'll have a look and see if anything interesting with recent updates comes up there.
mittermayr
·4 maanden geleden·discuss
Amazing way to show-case a tool (all in-browser, can be done so simply), super disappointed in the result. I took care writing all the letters, but when I looked at the generated font, even some of the corner markers ended up as letters!?

Not sure if this was meant to work with cursive handwriting?
mittermayr
·4 maanden geleden·discuss
OpenClaw vs. OpenPaw? Seems like a very similar thing, or am I misunderstanding the concept here? Is the lock-in to Claude Code the feature here?

Can't be long until we see a BaseClaw repo, where everyone can clone and name their own local claw-like loop.