Hacker News: Gh0stRAT

New comment by Gh0stRAT in "The Futility of Lava Lamps: What Random Means"

Gh0stRAT — Mon, 18 May 2026 23:17:51 +0000

It's been quite a while since I first heard about it, but IIRC they were seeding cryptographic PRNGs with entropy from multiple sources, one of which was allegedly this art installation.

Seeding PRNGs with sufficiently unpredictable data was a real security concern for a while. New cloud instances have a small entropy pool space for attackers to enumerate due to lack of a real source of randomness. (See the Debian/OpenSSL issue for what can happen when your entropy pool is too small/predictable)

One fun fact about XOR is that anything XOR'd with a uniform random distribution results in a uniform random distribution, so there isn't any harm in mixing additional non-attacker-controlled entropy sources in as long as at least one of them is sufficiently unpredictable. The lava lamps provide a potentially hard-to-predict source of entropy for this, but if it's not available then it certainly doesn't "take down the internet". They'll still use packet arrival timing, interrupt timing, etc to seed their CSPRNGs.

New comment by Gh0stRAT in "Gemini Robotics brings AI into the physical world"

Gh0stRAT — Wed, 12 Mar 2025 16:56:36 +0000

Ian Banks' Culture series is the only one that comes to mind.

New comment by Gh0stRAT in "How far can you get in 40 minutes from each subway station in NYC?"

Gh0stRAT — Sat, 25 Jan 2025 18:06:19 +0000

You missed Adelaide's O-Bahn, which is another way to mitigate the "buses get stuck in traffic" problem.

https://en.m.wikipedia.org/wiki/O-Bahn_Busway

New comment by Gh0stRAT in "Take the pedals off the bike"

Gh0stRAT — Tue, 14 Jan 2025 18:12:34 +0000

That's not countering the argument that steering is what is preventing the bike from falling over rather than the gyroscopic effect of the wheels. You'd have to tie off the handlebars with a static line before rolling it in order to prove that it was the gyroscopic effect keeping the bike upright.

New comment by Gh0stRAT in "Launch HN: Double (YC W24) – Index Investing with 0% Expense Ratios"

Gh0stRAT — Tue, 10 Dec 2024 17:24:30 +0000

IIRC if your brokerage reports everything to the IRS properly, you only need to fill out net short- and long-term capital gains on your schedule D rather than specifying every single transaction on a bunch of Form 8949 copies.

Not sure if Double's underlying brokerage is reporting everything necessary for this to be the case though, as I believe some brokerages don't.

New comment by Gh0stRAT in "What does this button do? – My new car has a mysterious and undocumented switch"

Gh0stRAT — Sat, 30 Nov 2024 14:51:40 +0000

This is exactly how Toyota's AWD works in the Sienna these days.

It gets 35mpg city and highway, 1mpg less than the front wheel drive Sienna (which, to be fair, is also a hybrid)

New comment by Gh0stRAT in "Cryptographic Right Answers: Post Quantum Edition"

Gh0stRAT — Thu, 15 Aug 2024 16:38:24 +0000

If your threat model includes someone with a quantum computer intercepting all of your traffic and storing it to decrypt later, you probably don't want to share your keys over a non-PQC channel unless you can guarantee that they haven't started eavesdropping on your traffic yet.

New comment by Gh0stRAT in "Apple introduces M4 chip"

Gh0stRAT — Wed, 08 May 2024 12:22:55 +0000

They fought the FBI over unlocking iPhones when they could have just quietly complied with the request. I'd say they have a decent track record.

New comment by Gh0stRAT in "John Michell: Country Parson Described Black Holes in 1783 (2000)"

Gh0stRAT — Sun, 14 Jan 2024 08:41:27 +0000

IIRC backpropagation was a very significant breakthrough on how to update weights when training neural nets.

New comment by Gh0stRAT in "WPA3 Enterprise 192-bit mode at home"

Gh0stRAT — Fri, 05 Jan 2024 00:41:06 +0000

I want my guests to be able to cast to my TV, add songs to the Spotify queue, etc. As far as I can tell, these sorts of features work via broadcast frames and thus require the relevant devices to be on the same subnet.

Things like my printer and wifi-connected grill live on a much more restrictive VLAN. (with some firewall rules to allow devices on the trusted network to still print to my printer's hard-coded IP address)

New comment by Gh0stRAT in "Uniqlo's Automated Self-Checkout"

Gh0stRAT — Sat, 23 Dec 2023 06:54:10 +0000

Amazon Fresh also used it in a handful of locations. (and still does) IIRC there are 2 Whole Foods locations that use it as well.

New comment by Gh0stRAT in "Nvidia CEO: We bet the farm on AI and no one knew it"

Gh0stRAT — Thu, 21 Dec 2023 15:56:15 +0000

Yeah, I'm going to be honest: I'm a cryptocurrency doomer so I've not followed things super closely, but a quick Google search turned up this article[0] from 2022:

>While it is true that Nvidia cards are generally preferred by miners due to better price-to-performance, AMD GPUs such as the Radeon RX 6600 XT could still be mined on profitably until recently. […] So yes, carefully consider the condition of all used graphics cards—Nvidia or AMD.

[0] https://www.pcworld.com/article/395149/should-you-buy-a-used...

New comment by Gh0stRAT in "Nvidia CEO: We bet the farm on AI and no one knew it"

Gh0stRAT — Thu, 21 Dec 2023 15:47:49 +0000

IIRC people were already converting their data into texture maps and writing their SIMD instructions as shaders operating on those textures before Nvidia released CUDA.

New comment by Gh0stRAT in "Nvidia CEO: We bet the farm on AI and no one knew it"

Gh0stRAT — Thu, 21 Dec 2023 15:37:42 +0000

There's a quote that I love:

>I'm a great believer in luck. The harder I work, the more of it I seem to have.

Nvidia has been working hard(er than their competition) on the software side for almost 2 decades to be in the position they find themselves today. 16 years ago, they released CUDA for general-purpose computing on GPUs, and then 9 years ago they followed that up with cuDNN. They have a consistent pattern of making a intentional, long-term bets to diversify their market exposure and unlock new product areas while building a software ecosystem moat.

Yes, they obviously got super lucky with the cryptocurrency frenzy, but there's a reason all the miners were mostly buying Nvidia cards instead of AMD cards.

New comment by Gh0stRAT in "Artificial glacier growing in the desert (2017)"

Gh0stRAT — Mon, 27 Nov 2023 04:44:00 +0000

Is the term you're looking for "cupping", ie the formation of "sun cups"?

New comment by Gh0stRAT in ""Useless Ruby sugar": Argument forwarding"

Gh0stRAT — Fri, 24 Nov 2023 19:24:59 +0000

Haha yeah, I was being charitable to avoid starting a flamewar ;)

New comment by Gh0stRAT in ""Useless Ruby sugar": Argument forwarding"

Gh0stRAT — Fri, 24 Nov 2023 17:45:41 +0000

I think that Javascript's massive success with the terrible syntax it used to have goes a long way toward confirming your hypothesis.

New comment by Gh0stRAT in "From email to phone number, a new OSINT approach (2019)"

Gh0stRAT — Thu, 16 Nov 2023 21:00:58 +0000

So that they can seamlessly upsell you on upgrading to a new phone that you'll pay off in installments over the next couple years.

Also, many postpaid plans (like my home ISP) require SSN because they are providing you service on credit. Postpaid cell paone plans have been the "default" in the US for a long time, though prepaid seems to be gaining market share.

New comment by Gh0stRAT in "Lessons Learned from Twenty Years of Site Reliability Engineering"

Gh0stRAT — Sun, 29 Oct 2023 07:00:16 +0000

If you practice bringing a new datacenter online without any connectivity on the existing deployment, and you practice then joining two disjoint "clouds", then you've pretty much covered your bases.

Are you making a rate limiting/ddos argument about "turning them all on at the same time"?

New comment by Gh0stRAT in "Lessons Learned from Twenty Years of Site Reliability Engineering"

Gh0stRAT — Fri, 27 Oct 2023 19:09:36 +0000

Azure has procedures in place to prevent circular dependencies, and regularly exercises them when bringing new regions online.

IIRC some of the information about their approach is considered sensitive so I won't elaborate further.