HackerTrans
TopNewTrendsCommentsPastAskShowJobs

shortsunblack

no profile record

comments

shortsunblack
·5 เดือนที่ผ่านมา·discuss
Anthropic has no authority to do as such. Users and third apps are protected by interoperability exceptions found in copyright case law.

Trying to prevent competitors from interoperating with the service also may be construed as anticompetitive behaviour.

The implementation details of an authentication process do not beget legal privileges to be a monopolist. What an absurd thought.
shortsunblack
·6 เดือนที่ผ่านมา·discuss
Open source community detests dilettante attempts at rent seeking by building mediocre wrappers over commodity software.

Docker did not invent Linux containers. They did not invent namespaces or chroots.

You'll be hard pressed to name the things they did invent and those things have long ago left Docker to hang dry (OCI imagespec).

OrbStack is built by a single person and it provides an objectively better experience than Docker Desktop, built presumably by dozens of full time engineers.

People detest incompetence and rent seeking. That they do.

The lack of important contributions of Docker can be best summarized by all the alternatives that popped up in no time. With Kubernetes now defaulting to CRI-O, modern container stack has precisely zero Dockerisms.
shortsunblack
·6 เดือนที่ผ่านมา·discuss
OpenCode is doing nothing wrong and adversarial interoperability is the cornerstone of hacker ethos.

As such, the sentiment in this thread is chilling.
shortsunblack
·9 เดือนที่ผ่านมา·discuss
Yes. HMAC extension allows for this use case.
shortsunblack
·9 เดือนที่ผ่านมา·discuss
Android to this day does not support CTAP 2.1, hence it does not support hardware-bound passkeys with PIN via NFC as transport. You can only do PIN via USB.

Google does not care about FIDO or standards compliance. They care about vendor lock-in their proprietary passkey offerings allow.
shortsunblack
·10 เดือนที่ผ่านมา·discuss
KVM was made because Citrix made moves against Xen that spooked Linux community, hence KVM. Then Red Hat ran with it and based its virtualization platform on it.

Citrix involvement has subsided in meantime and the ecosystem is much healthier (governance is actually under Linux Foundation), but the damage was done.

Xen to this day lacks in features, also.
shortsunblack
·10 เดือนที่ผ่านมา·discuss
The current reference design is not compatible with existing law. eIDAS regulation that is the legal basis for digital wallet mandates unlinkability. GDPR has a general requirement for technical controls to be state of the art. Inherent reliance on American monopolies is incompatible with Digital Markets Act.

The current design and usage of cryptographic primitives does not allow for unlikability (it is actually quite easy to for verifiers and relying parties to collude) and it certainly is not state-of-the-art. BBS signatures would achieve actual unlinkability, but those have been outright rejected by the designers.

Current implementation is poised to not comply with the regulation that established the mandate for the wallet and it violates GDPR. The best one could hope for is for CJEU to strike down the whole project.

The GitHub organization of the OP's post has various issues that discuss these ills. Here is a position of several cryptographers against the current design: https://github.com/eu-digital-identity-wallet/eudi-doc-archi...
shortsunblack
·2 ปีที่แล้ว·discuss
Pretty much proof that OSS != automatically more secure. And proof that OSS projects can get backdoored. See this for more ideas on this issue: https://seirdy.one/posts/2022/02/02/floss-security/