HackerLangs
TopNewTrendsCommentsPastAskShowJobs

comex

20,686 karmajoined 16 yıl önce
[email protected]

https://mas.to/@comex

https://github.com/comex

[ my public key: https://keybase.io/comex; my proof: https://keybase.io/comex/sigs/zqyU4M2sWbnebjbK6rSSPEKZTFCW-LzNNW4ODMbaOOM ]

comments

comex
·dün·discuss
I addressed some of these points in my reply to a sibling comment:

https://news.ycombinator.com/item?id=48856158

I may have been a little overly specific, since there are other issues besides cycles that also block splitting crates apart, but from what I’ve seen it’s very common for modules within a crate to have cyclic dependencies and therefore not be easily factorable into separate crates.
comex
·dün·discuss
You’re thinking at the wrong scale. Rust allows circular dependencies just fine, within modules in a crate. And it’s extremely common for modules within a crate to have at least some circular dependencies - type X has some method (trait impl of inherent impl) that mentions type Y, and type Y has some method that mentions type X. In fact, I would be surprised if you could name me a single medium-size-or-larger popular crate that doesn’t have at least one cyclic reference between modules! Though, sometimes those cycles are not essential and could be avoided by splitting up modules. But sometimes they are. Either way, in C or C++ those modules would probably be their own compilation units.

That said, you also run into related parallelism blockers without cycles. For example, the orphan rules force most trait impls for a type to be in the same crate as the type definition. Also, a module which has no source-level cycles will often have cycles after monomorphization. In this case, Rust doesn’t prevent you from splitting the code into crates like it does with source-level cycles, but you do lose most of the actual codegen parallelization unless you can switch from generics to trait objects.
comex
·dün·discuss
> The issue is just that coding anything which uses shared memory is a lot of work.

Doesn’t that kind of prove the parent’s point though? In theory shared memory can do anything that threads can do. But if in practice some feature doesn’t get implemented in the multi-process design (because shared memory is hard), when it likely would have been implemented in a threaded design, then that’s still an advantage for threads.
comex
·evvelsi gün·discuss
The forbidding of circular dependencies is exactly what makes it hard to achieve parallelism! It means you have to draw nice clean module boundaries and split your compilation units there. Clean boundaries sound nice, except… what if the module is getting large? Can you just take half the module, ctrl-x, ctrl-v into a new file, and get faster compilation times without having to do any massive refactors?

In C, usually yes.

In C++, sometimes yes. It depends on how template-heavy the code is, but if you have some discipline you can keep most logic out of headers and thus easily splittable.

In Rust, almost always no, because of circular dependencies. You can try to work around it by adding `dyn Trait` everywhere, but that requires a lot of code changes and comes at big ergonomic costs (and a small runtime cost).

Which is why in practice, Rust compilation units are almost always larger than C++ or C compilation units. Rust can sometimes be competitive with C++ on compilation speed anyway, thanks to a smarter build system and not having to re-parse headers a billion times, but usually it's slower.
comex
·evvelsi gün·discuss
I wonder how this post was composed. It's full of LLM-isms, but is also pretty informative and not too fluffy - basically, higher-quality than I'm used to seeing from LLM blog posts, especially at this length. Perhaps it was composed based on a detailed human outline? Or perhaps, could this be the power of Fable?
comex
·8 gün önce·discuss
I don’t know about “almost all”.

If the key has been purged but you can read RAM, then you can do two things:

1. You can extract whatever user data happens to be in RAM.

2. If you can either write RAM or reboot into your own OS, and then return the device to the unsuspecting user who will put in their password, then you can run a fake password dialog and get everything.

1 is bad, since there may be quite a lot of user data in RAM. But it’s not quite as bad as having the disk key, which gives the attacker all the data plus the future ability to decrypt or modify user data given only the physical disk. (Still, a better solution would be encrypting the hibernation image, preventing this attack entirely.)

2 is fully bad, but in many plausible scenarios (e.g. seized device) the attacker cannot just return the device to the user without them knowing something happened. Or even if they can, the method of RAM access may be one where reads are much more practical than writes, such as cold boot attacks involving physically swapping out the RAM.
comex
·23 gün önce·discuss
> It just seems much much higher than what it would cost to get a human to play 30 rounds

I suspect $482 was the total cost for all the models, so more like 11 humans.

But still true.
comex
·28 gün önce·discuss
It happened a year ago in this country, with IRS sharing data with ICE (breaking a longstanding policy of keeping taxpayer data private within the government).
comex
·28 gün önce·discuss
Beware: As of a few months ago, when I tried to use the lifetime features shown off in this post, I ran into constant compiler crashes with very simple programs, until I gave up and wrote off the features as unusable. This happened on both stable and nightly compilers. I guess they work well enough for this TrueType interpreter, but I suspect they’re using a narrow subset of what the features are supposed to support. Or maybe things have been fixed very recently.

That said, I’m looking forward to using Swift lifetimes once they actually work!
comex
·29 gün önce·discuss
Disabling SIP still leaves the root filesystem as read-only and signature-checked (this is referred to as SSV, 'signed system volume'). There is a separate command to disable SSV, but it breaks the ability to install OS updates and is rarely used. /usr/local is one of the paths that's redirected to the read-write data volume.
comex
·29 gün önce·discuss
It's true that UEFI and ACPI cover a lot of ground whose equivalent on Apple Silicon is undocumented. But note that Linux on x86 does still rely on lots of reverse-engineered drivers to talk to various devices - not necessarily on servers which are designed to run Linux, but very much so on desktops and (especially) laptops.
comex
·29 gün önce·discuss
Gotta walk before you can run.
comex
·geçen ay·discuss
Yes. [1]

[1] https://www.apple.com/newsroom/2026/06/due-to-dma-siri-ai-de...
comex
·geçen ay·discuss
It's because of the DMA. [1]

The "privacy" angle here is that Apple wants to give Siri access to user data across the system, without offering any way for competitors to get at that data.

[1] https://www.apple.com/newsroom/2026/06/due-to-dma-siri-ai-de...
comex
·geçen ay·discuss
Not that Raymond.
comex
·geçen ay·discuss
I worry that this post is itself the type of sensationalized gossip it condemns.
comex
·geçen ay·discuss
(Just FYI, polices is not a noun. The plural of police is police.)
comex
·geçen ay·discuss
It doesn’t need to be that complex, but it can be that complex without being slow. Claude Code’s interface is extremely simple. It has tons and tons of headroom to tack on performance overhead without it being noticeable at all. You just have to not do dumb things like redraw the entire UI every time a spinner spins.
comex
·2 ay önce·discuss
Depends entirely on the forum.

I remember it being somewhat common for people to make forum posts consisting entirely of a joke image. However, they weren’t called memes at the time as the word had yet to be popularized.
comex
·2 ay önce·discuss
Personally I think I've developed a pretty good sense of when a question is easy enough that I can just trust the AI overview, and when I need to dig deeper. Google's original AI overviews were not reliable enough to ever trust, but now they are usually accurate summaries of the cited sources.

Job market statistics are actually probably a strong point for the AI overview. I just Googled 'us job market last month' and got an AI overview that accurately summarized a New York Times article for qualitative information ("surprisingly strong 115,000 jobs", "no-hire, no-fire"), followed by accurately summarizing the official Bureau of Labor Statistics website for raw stats, followed by some other stuff I didn't check. Not everyone would prefer The New York Times' take, but the citation prominently displays their name and logo, so you can tell what you're getting.

Weak points are when the topic is obscure enough that the AI overview conflates two different things or overgeneralizes, or trusts the wrong sources.