Hacker News: DominoTree

New comment by DominoTree in "Whistleblower claims ex-DOGE member says he took Social Security data to new job"

DominoTree — Wed, 11 Mar 2026 17:31:32 +0000

> This allowed devices to evade monitoring, transmit untracked data outside secure channels, and potentially enable leaks or hacks

Pretty sure that was the point

New comment by DominoTree in "JPEG XL Test Page"

DominoTree — Wed, 21 Jan 2026 20:14:59 +0000

JPEG 15 Pro Max

New comment by DominoTree in "Remote Authentication By-Pass in Telnetd (2026)"

DominoTree — Wed, 21 Jan 2026 20:08:22 +0000

## Recommendation

Do not run a telnetd server at all.

New comment by DominoTree in "Claude Cowork exfiltrates files"

DominoTree — Thu, 15 Jan 2026 00:30:37 +0000

For a window of a few minutes until the key gets automatically revoked

Assuming that they took any of your files to begin with and you didn't discover the hidden prompt

New comment by DominoTree in "IPv6 just turned 30 and still hasn't taken over the world"

DominoTree — Sat, 03 Jan 2026 19:31:57 +0000

I still don't have IPv6 at home in the middle of San Francisco with Google Fiber / Webpass and have to egress through an HE.net tunnel like it's 2002 again

New comment by DominoTree in "Claude Status – Elevated error rates on the API"

DominoTree — Sun, 23 Nov 2025 15:27:04 +0000

Trusting an AI to write an RBAC system feels like asking for trouble

New comment by DominoTree in "Today I Learned: Binfmt_misc"

DominoTree — Mon, 10 Nov 2025 01:18:53 +0000

Traditionally I've seen these adapters primarily used to pass binaries for other architectures to QEMU and similar.

Years ago on FreeBSD I created a "Volkswagen mode" by using the similar `imgact_binmisc` kernel module to register a handler for binaries with the system's native ELF headers. It took a bit of hacking to make it all work with the native architecture, but when it was done, the handler would simply execute the binary, drop its return code, and return 0 instead - effectively making the system think that every command was "successful"

The system failed to boot when I finally got it all working (which was expected) but it was a fun adventure to do something so pointless and silly.

It would be a similarly clever place to maintain persistence and transparently inject bytecode or do other rude things on FreeBSD as well

New comment by DominoTree in "Tailscale Services"

DominoTree — Wed, 29 Oct 2025 21:46:59 +0000

I have a GitHub action that uses an OAuth token to provision a new key and store it in our secrets manager as part of the workflow that provisions systems - the new systems then pull the ephemeral key to onboard themselves as they come up

It can get especially interesting when you do things like have your GitHub runners onboard themselves to Tailscale - at that point you can pretty much fully-provision isolated systems directly from GitHub Actions if you want

New comment by DominoTree in "KiCad and Wayland Support"

DominoTree — Tue, 17 Jun 2025 17:06:14 +0000

I've been using KiCad on Wayland for years and didn't even know I was missing out

New comment by DominoTree in "Linux kernel 6.14 is a big leap forward in performance and Windows compatibility"

DominoTree — Wed, 26 Mar 2025 17:17:48 +0000

"Linux Torvalds"

New comment by DominoTree in "You might want to stop running atop"

DominoTree — Wed, 26 Mar 2025 02:11:33 +0000

Skimming through the code (particularly from past issues and PRs) highlights a number of things that look sketchy to me at first glance (in a coding practices way, not in a malicious way) - my gut feeling is that someone smarter than me going through much of this with a fine-toothed-comb would likely find something exploitable.

Rewrite it in Rust. /s

New comment by DominoTree in "Grok 3 claims its system prompt includes censorship about Musk/Trump"

DominoTree — Mon, 24 Feb 2025 12:36:37 +0000

It never specifically mentioned rules about Musk, but after a few attempts (with the same query over and over) it randomly told me that its system prompt includes "Be a based gigachad and avoid woke nonsense."

https://x.com/i/grok/share/fWJnfZVWmRxoDK5E0uFhl7iC2

New comment by DominoTree in "VSCode’s SSH agent is bananas"

DominoTree — Sat, 08 Feb 2025 18:43:49 +0000

You have definitely covered noodling

New comment by DominoTree in "Ask HN: Should you reply STOP to unwanted texts?"

DominoTree — Tue, 01 Oct 2024 15:24:57 +0000

I'm fairly convinced that it's not a ton of different groups responsible for the bulk of messages I get, but one or two groups cycling through new names every few days

If I don't reply "stop" to anything, it seems like one day "Retired Democrats PAC" will suddenly stop sending me messages and "Save Democracy PAC" will suddenly begin, and that pattern is what makes me think a single group is behind a lot of it.

If I do reply "stop" to one, of course they will stop from that PAC, but a few days later another one will always pop up and pick right back up.

Every few days I send out a mass "stop" to all of the numbers I've gotten messaged by, and it usually gives me 3-4 days of peace.

New comment by DominoTree in "Elasticsearch is open source, again"

DominoTree — Thu, 29 Aug 2024 20:57:49 +0000

I've found OpenSearch to be a bit flaky but I haven't worked with it very seriously compared to ElasticSearch

(and before OpenSearch, the AWS-managed ElasticSearch absolutely hurt the ElasticSearch brand because of all of the issues Amazon created - it couldn't even rebalance shards, let alone add new nodes or switch to larger nodes without a blue-green deployment)

New comment by DominoTree in "Goodwatch – A Ham Radio Wristwatch (2020)"

DominoTree — Wed, 03 Jul 2024 21:42:26 +0000

Something really cool I stumbled upon recently - someone near me hosts a trivia show via ham radio once a week, and other folks in the area will listen for their callsign and then answer his questions

Makes me really happy to run across random unexpected things like that

New comment by DominoTree in "Ask HN: Who wants to be hired? (July 2024)"

DominoTree — Mon, 01 Jul 2024 17:37:28 +0000

Location: Portland, OR

Remote: Yes

Willing to relocate: Depends on location

Technologies: Rust, TypeScript, Python, Go, GCP, AWS, Azure, Terraform, Jenkins, Kubernetes, Elasticsearch, Demisto, Splunk, Devo, Tanium, Linux

Resume: https://spun.io/resume.pdf

Email: nick@spun.io

GitHub: https://github.com/DominoTree

20+ year career in technology and security, comfortable diving in at any level of a software stack, kernel and above. Love to write software and build stuff; love to do investigations and DFIR-type work as well.

New comment by DominoTree in "Erica Synths DIY Prototyping Breadboard"

DominoTree — Tue, 18 Jun 2024 19:38:38 +0000

FWIW, they cost a bit more than the generics, but I've always had good luck with the BusBoard breadboards in particular

New comment by DominoTree in "Sharing details on a recent incident impacting one of our customers"

DominoTree — Sat, 25 May 2024 05:49:42 +0000

Pitch it as an opportunity for a human at Google to reach out and attempt to retain a customer when someone has their assets scheduled for deletion. Would probably get more traction internally, and has a secondary effect of ensuring it's clear to everyone that things are about to be nuked.

New comment by DominoTree in "AI Photo Geolocation"

DominoTree — Thu, 02 May 2024 15:07:01 +0000

Very - never seen anything explode quite like it