HackerTrans
TopNewTrendsCommentsPastAskShowJobs

alanfranz

no profile record

Submissions

Physical Disc Production to End for New Games Releasing on PlayStation Consoles

ign.com
2 points·by alanfranz·10 ngày trước·1 comments

Data Infrastructure for All: Free Kafka and $5 PostgreSQL

aiven.io
33 points·by alanfranz·7 tháng trước·2 comments

Developer Tier for Aiven for PostgreSQL Services

aiven.io
3 points·by alanfranz·8 tháng trước·0 comments

comments

alanfranz
·2 tháng trước·discuss
> How good are you at writing assembly?

This is a false equivalence.

A compiler is a predictable, testable, deterministic piece of software.

An LLM is not.

Sure, all abstractions leak; so, at some point in time, for some reason, you may need to check its compiled code ( cough cough gcc 2.96 ). But, if today your code compiles properly, it will properly compile tomorrow as well.
alanfranz
·3 tháng trước·discuss
they are not bricking the units. just kindle store won't be available anymore, and the azw/epub version which is supported on your kindles won't be provided anymore by amazon anywhere.

what is on the kindle will stay and keep working.

if you reset the kindle, DRMed content won't work anymore.
alanfranz
·4 tháng trước·discuss
Looks like they'd like something git repositories (maybe with transparent compression on top) rather than .tar.gz files. Just pull the latest head and you're done.
alanfranz
·4 tháng trước·discuss
And?

Did I claim something different? I just didn’t use that feature on other OSes.
alanfranz
·4 tháng trước·discuss
Well...

I'm not sure what the author really wants to say. mmap is available in many languages (e.g. Python) on Linux (and many other *nix I suppose). C provides you with raw memory access, so using mmap is sort-of-convenient for this use case.

But if you use Python then, yes, you'll need a bytearray, because Python doesn't give you raw access to such memory - and I'm not sure you'd want to mmap a PyObject anyway?

Then, writing and reading this kind of raw memory can be kind of dangerous and non-portable - I'm not really sure that the pickle analogy even makes sense. I very much suppose (I've never tried) that if you mmap-read malicious data in C, a vulnerability would be _quite_ easy to exploit.
alanfranz
·5 tháng trước·discuss
You are right. I linked a differently formatted article with the same content. I don’t know why I didn’t initially notice such text.
alanfranz
·5 tháng trước·discuss
I’ll answer to myself: an RCE is very unlikely on any modern platform. DoS is possible.

“ Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution.”

From: https://openssl-library.org/news/secadv/20260127.txt
alanfranz
·5 tháng trước·discuss
Is this really exploitable? Is stack smashing really still a thing on any modern platform?
alanfranz
·6 tháng trước·discuss
…and they did really guess an ipv6 address? Full scans of the ipv6 address space looks infeasible. Or did the sbc reach out to the internet thus having its address exposed?

Otherwise just the huge amount of addresses should make ipv6 “more secure” imho.
alanfranz
·6 tháng trước·discuss
> the Max plan combines Claude desktop and mobile apps and Claude Code in one subscription

That's what was always offered.
alanfranz
·6 tháng trước·discuss
Italian here.

If somebody wants to read the full document about the fine (in italian) it's here: https://www.agcom.it/sites/default/files/provvedimenti/delib...

Part of this doc states:

``` The rights holders also declared, under their own responsibility, providing certified documentary evidence of the current nature of the unlawful conduct, that the reported domain names and IP addresses were unequivocally intended to infringe the copyright and related rights of the audiovisual works relating to live broadcast sporting events and similar events covered by the reports. ```

So, I'm not sure anybody verified that what the right holders claimed was actually true. While I understand what AGCOM (the italian FCC, more-or-less) is trying to do, it seems that, as usual, a law was created without verifying how the implementation of such law would work in practice (something very common in Italy), and this is the result.

Cloudflare CEO seems irate, and some of his references are not great, but I'd be inclined at thinking he's got at least _some_ reason on his side.
alanfranz
·7 tháng trước·discuss
I'd probably want some way to understand whether secret.Do is launched within a secret-supporting environment so that I'm able to show some user warning / force a user confirmation or generate_secrets_on_unsupported_platforms flag.

But, this is probably a net improvement over the current situation, and this is still experimental, so, changes can happen before it gets to GA.
alanfranz
·7 tháng trước·discuss
I have noticed the same for a lot of long-running software projects. The estimate is created at the start an never revised.

Projects can and will fail or run late; but heck; a 6-months projects cannot found late after 5 months and 29 days; things must be discovered early, so that the most important issues can be addressed.
alanfranz
·8 tháng trước·discuss
I think this should become harder to do in general, not just for copyright infringement. A third party alleges an infringement, they do little work since it's AI generated, and then you need to do TONS of work to fix their s*t. THAT needs to be fixed by AI legislation - use AI at your own peril and under your own responsibility.
alanfranz
·9 tháng trước·discuss
One thing the article doesn’t mention is that a lot of certs are revoked for purely admin reasons. CeasedOperations seems to be the case for Flair - nothing bad happened to the key, but the cert was revoked nevertheless.

This seems to be a common practice for some CAs or companies, but it’s not required AFAICT; and it contributes to the gigantic CRLsets that we have - most of those revocations wouldn’t actually be needed from a security pov.
alanfranz
·9 tháng trước·discuss
A final mention of the “simplifying” Lamping-Veach algorithm would have been great: https://arxiv.org/ftp/arxiv/papers/1406/1406.2294.pdf?ref=fr...
alanfranz
·9 tháng trước·discuss
Afaik there are some ways to get approval for individual vehicles to be imported in the EU, even if non compliant with EU rules, for specific purposes and with a case-by-case basis, which grants such vehicles an exemption.

This requires a per-vehicle (not per model) specific flow which may take long and cost a lot, and you may be fined if you use the vehicle outside its stated purpose.

I can remember some collectors importing cybertruck indeed, I don’t know the limitations for its use.
alanfranz
·10 tháng trước·discuss
> our team of three is averaging about $12k on opus per month

That’s usd 150k per year. Probably low for SF, but may be a lot in other areas.
alanfranz
·10 tháng trước·discuss
lifetime, no-ads deals that are supposed to sustain a for-profit company are mostly a scam, unless it's a free tier designed to upsell (e.g. Dropbox). That's it.

Give me a good 3y or 5y deal, then we're friends.
alanfranz
·10 tháng trước·discuss
> So my only advice would be to make closer to 50% actually skin cancer.

If I were to code this for "real training" of a dermatologist, I'd make this closer to "real world" training rate. As a dermatologist, I'll imagine that probably just 1 out of 100 (or something like that) skin lesions that people could imagine are cancerous, actually are so.

With the current dataset, there're just too many cancerous images. This makes it kind of easy to just flag something as "cancerous" and still retain a good "score" - but the point is moot, if as a dermatologist you send _too many_ people without cancer to do further exams, then you're negating the usefulness of what you're doing.