HackerTrans
TopNewTrendsCommentsPastAskShowJobs

waste_monk

no profile record

comments

waste_monk
·17 dni temu·discuss
Just reading the first word of the title made me think about what a lift (elevator) simulator a la Elevator Saga[1] but in 4 spatial dimensions would look like.

[1] https://play.elevatorsaga.com
waste_monk
·3 miesiące temu·discuss
>How many of the strikes in Iran were 100% organic Navy assets?

Not sure if they're organic, but they sure are free range.
waste_monk
·6 miesięcy temu·discuss
I have mostly stopped reading AI related posts here, because everytime I see something like what the OP is doing it gives me the horrors.
waste_monk
·6 miesięcy temu·discuss
>There's no legitimate purpose in bringing crayons and a coloring book

Presumably there might be children (or very bored adults) at the event?
waste_monk
·7 miesięcy temu·discuss
I think the usual argument is that you don't own the digital good, you have a license to use it, and that license is between you and the originator (or their reseller) directly. And you aren't allowed to resell the license.

E.g. this sort of thing https://www.tomshardware.com/video-games/pc-gaming/steam-che...
waste_monk
·7 miesięcy temu·discuss
Ooh, how about instead of being able to author a commit message, you're forced to let an LLM write it for you based on the diff since last commit. And that the LLM runs distributed on the blockchain, so it's monstrously slow, and has to be paid for with a 'gas' analogue so there's huge transaction fees as well.

That's the most techbro-brained idea I could come up with.
waste_monk
·7 miesięcy temu·discuss
In my country you can prepend '*31#' when dialling to mask your phone number.

Seems like this app could do something similar (assuming a similar dialing code is available wherever it is being used? I'd think it's a common enough feature), prepending the masking sequence to the patient's number before dialling.
waste_monk
·8 miesięcy temu·discuss
As opposed to the current 100% defects approach they seem to have adopted.
waste_monk
·8 miesięcy temu·discuss
>I'd love to see an actual bug-free codebase.

cat /dev/null .
waste_monk
·8 miesięcy temu·discuss
The printers still exist, but the branding is deprecated.

Xerox -> Fuji-Xerox -> FUJIFILM Business Innovation
waste_monk
·8 miesięcy temu·discuss
Or, simply open up the sales of tanks to the civilian market.

That's a joke, of course, but even if they were demilitarised variants there'd probably still be a market for it.
waste_monk
·8 miesięcy temu·discuss
Comedy option: Give them Linux From Scratch [1] and the minimum set of tools and packages required to bootstrap it.

App store? Yeah we have one, it's called make.

[1] https://www.linuxfromscratch.org/lfs/view/stable/
waste_monk
·8 miesięcy temu·discuss
I appreciate the attempt, but have never seen the point personally.

That is, many physical media collectors do it to have nice box sets to display, or in an attempt to have off-line copies of media, but I have never met anyone who goes to the effort of ensuring long-term readability - which is understandable, it is a huge hassle. Unless you are copying the content to new physical media every so often it will eventually rot and become unplayable.

For example, for optical media the expected lifetime is only a couple of decades depending on the type of media [1]. I believe commercially pressed DVD and blueray are somewhere around 10-20 years.

[1] https://www.canada.ca/en/conservation-institute/services/con... , see table 2.
waste_monk
·8 miesięcy temu·discuss
>I think that is a little entitled. They should be happy google isn't just straight up emailing full-disclisure.

Google has literally billions of dollars in profits (in part because they use FFmpeg in a bunch of commercial products like Youtube and Chrome), and one of the largest software workforces in the world, including expertise on secure software and vulnerability remediation.

If anyone can afford to contribute back a fix instead of just raising a report, and has the ethical responsibility to do so, it's Google.
waste_monk
·8 miesięcy temu·discuss
>That way when your CA private key leaks (the key which we never ever rotate, of course)

As with X.509, any serious usage will involve a hardware security module, so that compromise of the CA host does not allow the key to be leaked. You'd still have a very bad day, but it can be mitigated.

I do think it's a fairly significant flaw that SSH CA doesn't support intermediate CA's (or at least didn't last time I looked into it) to enable an offline root CA.

>Bonus points if the same CA is also used for authenticating users.

The SSH CA mechanism can be used for both Host and User auth, yes.

Keeping in mind, in a real use case this would be tied to something like active directory / LDAP, so you can automate issuance of ssh keys to users and hosts.

Systems configured to trust the SSH CA can trust that the user logging in is who they say they are because the principal has already been authenticated and vouched for by the identity provider, no more manually managing known_hosts and authorized_keys, or having to deal with Trust On First Use or host key changed errors.

You can also set the CA's endorsement of the issued keys to fairly short lifetimes, so you can simplify your keymat lifecycle management a great deal - no worrying about old keys lying around forever if the CA only issues them as valid for an hour / day / etc. .

Overall I think you still come out ahead on security.
waste_monk
·8 miesięcy temu·discuss
I just want the damn fridge to keep food cold, I never want it to do anything else .

It's bad enough I have to see ads outside the house and on tv/internet, I don't need to see them on my fucking appliances. We are living in hell.
waste_monk
·8 miesięcy temu·discuss
I understand there is an "Exclude Top Choices" algorithm which helps combat this sort of thing.
waste_monk
·9 miesięcy temu·discuss
Also worth noting that FTPS (FTP over TLS) exists and obviates the fuss around SSH TOFU and key management etc. Especially given we're in the era of free certificates via Let's Encrypt, this is a great option.

The main downside is people will sometimes assume you mean SFTP (not having heard of FTPS or realising they are different), and then get upset when it doesn't work as they expect. However good tooling will support both e.g. Filezilla.
waste_monk
·9 miesięcy temu·discuss
I'm not a firmware dev but the one's I've seen working usually have all sorts of fancy test kits, debug instrumentation, Software (chip scope?), etc. to debug with, not just relying on print debugging.

Not to say it isn't a valid way to debug, but there are definately better options available.
waste_monk
·9 miesięcy temu·discuss
♫ It's the most blunderful time of the year

There'll be much admin moaning

And servers not glowing

and the NOC crew in tears

It's the most blunderful time of the year ♫