HackerTrans
TopNewTrendsCommentsPastAskShowJobs

hnjst

no profile record

comments

hnjst
·2 ปีที่แล้ว·discuss
Farage cage maybe?
hnjst
·3 ปีที่แล้ว·discuss
Leslie didn't steal his Turing award ;)
hnjst
·3 ปีที่แล้ว·discuss
On the contrary, I'd start without any remote.
hnjst
·3 ปีที่แล้ว·discuss
https://github.com/bigscience-workshop/petals
hnjst
·3 ปีที่แล้ว·discuss
https://discord.gg/dwXDHMGY for example.
hnjst
·4 ปีที่แล้ว·discuss
https://f-droid.org/en/packages/com.menny.android.anysoftkey...
hnjst
·4 ปีที่แล้ว·discuss
I'd ask myself another set of questions: - can they extract information from conversations and exfiltrate it in a stealthy or obfuscated enough way so that they won't be noticed or have plausible deniability - do they have incentives to do so (assuming the absence of liability described above) - do they have a track record on related topics that makes you confident in the fact that they wouldn't act that way

My answers being yes - yes - no, the question of 'do they listen to target the ads they try to make me display' is pretty irrelevant to me. I can't trust them not to nor check reliably if they do.

If you try to address a different question such as 'do they really encrypt reliably to protect your conversations from being snooped on without their authorization', the threat analysis may differ. In that case they have incentives aligned with yours and are probably faithfully trying to effectively protect your/their data.

At the end, I'd estimate the probability of the scenario and how I value the consequent loss of privacy. Then accept/mitigate/refuse the risk accordingly.
hnjst
·4 ปีที่แล้ว·discuss
Don't forget checking for the evil bit too! https://www.rfc-editor.org/rfc/rfc3514
hnjst
·4 ปีที่แล้ว·discuss
I'm still completely baffled that we nowadays almost all have in our pocket a device able to run something like https://f-droid.org/en/packages/jp.yhonda/.
hnjst
·4 ปีที่แล้ว·discuss
Currently in a large private bank: Keepass, hardware tokens in physical safes accessed supervised by another team, Hashicorp Vault, a few HSMs and managed key vaults for the cloud workloads.

Paranoid levels of security are relevant in some cases but unnecessary in others. Physical security and organisational processes are also an important complement to technological solutions.
hnjst
·4 ปีที่แล้ว·discuss
I recently tried https://github.com/yewstack/yews that looks very much like "React in Rust". It is web oriented through WASM compilation and integration with web technologies, Tauri can be used to bridge the gap and use it for desktop apps but it is probably an excessively complex and impure assembly for that goal.
hnjst
·4 ปีที่แล้ว·discuss
For theoretical foundations, I'd recommend reading about the FLP result (https://dl.acm.org/doi/pdf/10.1145/3149.214121), the reduction of the state machine replication problem to consensus (https://dl.acm.org/doi/pdf/10.1145/78969.78972) and the different consistency criteria.

To climb on the shoulders of giants you can dive into the work of (incomplete list, irrelevant order but these have been eye openers to me) :

- Leslie Lamport

- Maurice Herlihy

- Eli Gafni

- Rachid Guerraoui

- Michel Raynal

- Petr Kuznetsov

- Hagit Attiya

- Sergio Rajsbaum

- Nancy Lynch
hnjst
·4 ปีที่แล้ว·discuss
WET -> Write Everything Twice (before premature factorization).