HackerTrans
TopNewTrendsCommentsPastAskShowJobs

lima

8,794 karmajoined 10 năm trước

comments

lima
·5 ngày trước·discuss
Even if you can't authenticate at the application level, it's still much better to encrypt/authenticate traffic on the wire (using a VPN or something like Tailscale) instead of 802.1x auth.
lima
·5 ngày trước·discuss
Non commercial licenses are not generally considered open source
lima
·7 ngày trước·discuss
Google solved credential phishing a long time ago using hardware tokens (gnubby - the predecessor to FIDO/U2F/Passkeys...).

There's other types of social engineering, but phishing is mostly an engineering issue.
lima
·7 ngày trước·discuss
Probably 802.1x, but it's easy to bypass if you have access to an authorized device. This kind of authentication has to be done at the application level, treating the network as a perimeter doesn't work.
lima
·8 ngày trước·discuss
The company also should have restricted network access to the port in the conference room so that an unknown device like a Raspberry Pi could not make an Ethernet connection from that spot

Bad take - the actual problem is that there was a trusted network in the first place. This kind of network access control is trivial to bypass, and trusted devices can get compromised.
lima
·8 ngày trước·discuss
This. It's easy to forget that Postgres is fundamentally a single-node database without distributed transactions. It won't pass the Jepsen test suite with multiple nodes. DBOS, Temporal and friends inherit this limitation.

Something like Restate actually implements distributed transactions.
lima
·8 ngày trước·discuss
[dead]
lima
·10 ngày trước·discuss
Gerrit's new UI comes pretty close, and it's also what Google uses for projects living outside of google3.

GitHub's PR review workflow is archaic in comparison, especially now that every page takes 2-3 seconds to load.
lima
·10 ngày trước·discuss
Don't worry, they accept PRs on that repo. They just merge them internally and then re-export them.

There are some variations, but this is generally the same with all open source projects which live in their internal monorepo, such as gVisor or Bazel.
lima
·tháng trước·discuss
Yes it will, there's a clear purpose and the customer explicitly agrees.
lima
·tháng trước·discuss
Fable on GCP requires accepting a 60-day retention policy: https://cloud.google.com/terms/advanced-ai-safety-addendum

I don't think it mentions sharing the data with third parties such as Anthropic?
lima
·tháng trước·discuss
Higher IO latencies in HDs might actually make this attack easier - more contention means more bits of data.
lima
·2 tháng trước·discuss
Shor published multiple quantum algorithms, including one for discrete logarithms. The term is sometimes used interchangeably.

They're closely related, ECC and RSA are both instances of the hidden subgroup problem.
lima
·3 tháng trước·discuss
> How do you know the clanker respects the instruction not to search the internet?

You can't, but given that it's a previously unsolved problem, it doesn't seem relevant? (nor are the author's potential biases - the claims are easily verified independently)
lima
·4 tháng trước·discuss
We tried this, but the quota for Opus models defaults to 0 on VertexAI and quota increase requests are auto-rejected.

Any tips?
lima
·4 tháng trước·discuss
No, unless you count tricks which are explicitly against ToS
lima
·4 tháng trước·discuss
They use a buffer battery, it's quite feasible with that.
lima
·4 tháng trước·discuss
You can still use OpenCode with the Anthropic API.
lima
·4 tháng trước·discuss
Fun fact: In Germany, the civil courts will usually take the case anyways if it has merit, but the winner ends up paying for the whole lawsuit if they failed to make an effort to resolve the case before suing.
lima
·4 tháng trước·discuss
And Hungary is pretty much a rogue EU state - their government did go full authoritarian and is aligned with Russia.