HackerLangs
TopNewTrendsCommentsPastAskShowJobs

lima

8,794 karmajoined 10 lat temu

comments

lima
·5 dni temu·discuss
Even if you can't authenticate at the application level, it's still much better to encrypt/authenticate traffic on the wire (using a VPN or something like Tailscale) instead of 802.1x auth.
lima
·5 dni temu·discuss
Non commercial licenses are not generally considered open source
lima
·7 dni temu·discuss
Google solved credential phishing a long time ago using hardware tokens (gnubby - the predecessor to FIDO/U2F/Passkeys...).

There's other types of social engineering, but phishing is mostly an engineering issue.
lima
·7 dni temu·discuss
Probably 802.1x, but it's easy to bypass if you have access to an authorized device. This kind of authentication has to be done at the application level, treating the network as a perimeter doesn't work.
lima
·8 dni temu·discuss
The company also should have restricted network access to the port in the conference room so that an unknown device like a Raspberry Pi could not make an Ethernet connection from that spot

Bad take - the actual problem is that there was a trusted network in the first place. This kind of network access control is trivial to bypass, and trusted devices can get compromised.
lima
·8 dni temu·discuss
This. It's easy to forget that Postgres is fundamentally a single-node database without distributed transactions. It won't pass the Jepsen test suite with multiple nodes. DBOS, Temporal and friends inherit this limitation.

Something like Restate actually implements distributed transactions.
lima
·8 dni temu·discuss
[dead]
lima
·10 dni temu·discuss
Gerrit's new UI comes pretty close, and it's also what Google uses for projects living outside of google3.

GitHub's PR review workflow is archaic in comparison, especially now that every page takes 2-3 seconds to load.
lima
·10 dni temu·discuss
Don't worry, they accept PRs on that repo. They just merge them internally and then re-export them.

There are some variations, but this is generally the same with all open source projects which live in their internal monorepo, such as gVisor or Bazel.
lima
·w zeszłym miesiącu·discuss
Yes it will, there's a clear purpose and the customer explicitly agrees.
lima
·w zeszłym miesiącu·discuss
Fable on GCP requires accepting a 60-day retention policy: https://cloud.google.com/terms/advanced-ai-safety-addendum

I don't think it mentions sharing the data with third parties such as Anthropic?
lima
·w zeszłym miesiącu·discuss
Higher IO latencies in HDs might actually make this attack easier - more contention means more bits of data.
lima
·2 miesiące temu·discuss
Shor published multiple quantum algorithms, including one for discrete logarithms. The term is sometimes used interchangeably.

They're closely related, ECC and RSA are both instances of the hidden subgroup problem.
lima
·3 miesiące temu·discuss
> How do you know the clanker respects the instruction not to search the internet?

You can't, but given that it's a previously unsolved problem, it doesn't seem relevant? (nor are the author's potential biases - the claims are easily verified independently)
lima
·4 miesiące temu·discuss
We tried this, but the quota for Opus models defaults to 0 on VertexAI and quota increase requests are auto-rejected.

Any tips?
lima
·4 miesiące temu·discuss
No, unless you count tricks which are explicitly against ToS
lima
·4 miesiące temu·discuss
They use a buffer battery, it's quite feasible with that.
lima
·4 miesiące temu·discuss
You can still use OpenCode with the Anthropic API.
lima
·4 miesiące temu·discuss
Fun fact: In Germany, the civil courts will usually take the case anyways if it has merit, but the winner ends up paying for the whole lawsuit if they failed to make an effort to resolve the case before suing.
lima
·4 miesiące temu·discuss
And Hungary is pretty much a rogue EU state - their government did go full authoritarian and is aligned with Russia.