Hacker News: HALtheWise

New comment by HALtheWise in "Lunar Flyby"

HALtheWise — Wed, 08 Apr 2026 18:35:34 +0000

Tangentially related, but there's a bunch of extremely high-resolution panorama images from the Apollo landings available at this site, for anyone who enjoys this sort of thing. https://www.lpi.usra.edu/resources/apollopanoramas/

New comment by HALtheWise in "Project Glasswing: Securing critical software for the AI era"

HALtheWise — Wed, 08 Apr 2026 06:56:04 +0000

They successfully built local privilege escalation exploits (from several bugs each), and found other remotely-accessible bugs, but were not able chain their remote bugs to make remotely-accessible exploits.

New comment by HALtheWise in "Using go fix to modernize Go code"

HALtheWise — Wed, 18 Feb 2026 01:33:08 +0000

Not even mentioned in the article, my favorite capability is the new `//go:fix inline` directive, which can be applied to a one-line function to make go fix inline it's contents into the caller.

That ends up being a really powerful primitive for library authors to get users off of deprecated functions, as long as the old semantics are concisely expressible with the new features. It can even be used (and I'm hoping someone makes tooling to encourage this) to auto-migrate users to new semver-incompatible versions of widely used libraries by releasing a 1.x version that's implemented entirely in terms of thin wrappers around 2.x functions and go fix will automatically upgrade users when they run it.

New comment by HALtheWise in "Waymo robotaxi hits a child near an elementary school in Santa Monica"

HALtheWise — Fri, 30 Jan 2026 06:49:57 +0000

Do we even know that the child was injured? All I've seen anyone officially claim is that the Waymo made contact, the kid fell over, then stood up and walked to the side of the road. Assuming the Waymo was still braking hard, 6mph means it was about 1/4s and about 30cm from reaching a full stop, so it could be a very minor incident we're talking about here.

I'm not aware of any statistics for how often children come into contact with human-driven cars.

New comment by HALtheWise in "Threat actors expand abuse of Microsoft Visual Studio Code"

HALtheWise — Fri, 23 Jan 2026 01:50:14 +0000

Your expectation is wrong in this case for almost all languages. The design of Pylance (as is sorta forced by Python itself) chooses to execute Python to discover things like the Python version, and the Python startup process can run arbitrary code through mechanisms like sitecustomize.py or having a Python interpreter checked into the repo itself. To my knowledge, Go is one of the few ecosystems that treats it as a security failure to execute user-supplied code during analysis tasks, many languages have macros or dynamic features that basically require executing some amount of the code being analyzed.

New comment by HALtheWise in "Games using anti-cheats and their compatibility with GNU/Linux or Wine/Proton"

HALtheWise — Tue, 02 Dec 2025 01:48:26 +0000

I did a pretty deep dive into this recently, although haven't yet started any implementation work. As far as I can tell, the best strategy that preserves Linux's open-source and user-empowering ideals as much as possible:

- The game obviously needs to run as root, at least until large amounts of this stuff gets upstreamed into the kernel.

- We're going to be leaving the kernel and boot as untrusted, but injecting a hypervisor underneath the running kernel that is responsible for protecting most pages of game memory. This allows users to still run whatever kernel they want.

- The hypervisor sets up two sets of page tables, one that's only active when the game's thread is running and in userspace, one that hides protected pages and is active when the kernel or other threads are running. Note that game code itself needs to get decrypted into protected ram.

- The TPM of the system gets involved when we jump into the hypervisor to attest that the hypervisor is actually running, and the hypervisor then provides attestations to userspace that certain memory regions are protected from kernel or other thread access.

- Any syscalls will fail if they require the kernel to read or write pages that are protected. The game needs to allocate data that should be shared with the kernel into non-protected pages.

- When the game is closed, we can remove the hypervisor and Linux will be back to bare metal operation. This should be unobservable to the rest of the system.

This architecture preserves the ability of users to run arbitrary kernel modules, but does mean a hypothetical attacker can observe data that passes through the kernel (like draw calls/pixels). It's likely that a more complete implementation would also want some way for the hypervisor to attest to the accuracy of keyboard/mouse input and interface with iommu configuration like Windows KAC does.

New comment by HALtheWise in "Rivian's TM-B electric bike"

HALtheWise — Thu, 23 Oct 2025 15:55:41 +0000

Doing some quick math, if your bike is using 3kw to climb a reasonably steep (15% grade) hill at 8mph, we can calculate the weight it must be carrying, which ends up being about 1,200lbs

To answer your question, the limit on motor power exists as a proxy for limiting the weight, speed, and acceleration of ebikes within safe limits, since having an ebike charging uphill at 20mph with 500lbs of payload would present actual safety risks. Trying to regulate payload/speed/slope combinations directly has practical problems (police officers don't really want to stop delivery drivers to weight their cargo), while regulating motor power is much simpler.

New comment by HALtheWise in "The Spilhaus Projection: A world map according to fish"

HALtheWise — Mon, 20 Oct 2025 08:11:40 +0000

A friend of mine created something similar using a numerical optimization based approach to minimize distortion. He also made the artistic choice to split the water between Australia and Asia to get even lower distortion. See Elastic II here:

https://kunimune.blog/2023/12/29/introducing-the-elastic-pro...

New comment by HALtheWise in "Unbound Academy hasn’t replaced teachers with AI"

HALtheWise — Wed, 01 Oct 2025 21:06:23 +0000

There's a lengthy, and quite good, deep-dive into Alpha School by a current parent here, for anyone interested. Spoiler, "AI" isn't that big a portion of what they're doing, but some of their insights and systems around student motivation are actually interesting and very effective.

https://www.astralcodexten.com/p/your-review-alpha-school

New comment by HALtheWise in "Go has added Valgrind support"

HALtheWise — Wed, 24 Sep 2025 07:01:15 +0000

Feeding random inputs to a crypto function is not guaranteed to exercise all the weird paths that an attacker providing intentionally malicious input could access. For example, a loop comparing against secret data in 32 bit chunks will take constant time 99.99999999% of the time, but is still a security hole because an attacker learns a lot from the one case where it returns faster. Crypto vulnerabilities often take the form of very specifically crafted inputs that exploit some mathematical property that's very unlikely from random data.

New comment by HALtheWise in "The Evolution of Caching Libraries in Go"

HALtheWise — Thu, 03 Jul 2025 17:46:15 +0000

The original groupcache is basically unmaintained, but there's at least two forks that have carried on active development and support additional nice features (like eviction), and should probably be preferred for most projects.

https://github.com/groupcache/groupcache-go

New comment by HALtheWise in "Jjui – A Nice TUI for Jujutsu"

HALtheWise — Tue, 27 May 2025 01:56:16 +0000

I highly recommend revup, it allows managing and uploading stacked (or arbitrary trees of) PRs to Github, including adding a comment that shows approximate revision-to-revision diffs if you want it to. I don't actually think that per-commit reviewing obviates the desire for stacked PRs, for example I often have some PRs in my stack that are not yet ready for review or merging.

https://github.com/Skydio/revup

New comment by HALtheWise in "Raspberry Pi Lidar Scanner"

HALtheWise — Sun, 20 Apr 2025 05:58:53 +0000

I believe it's a 360deg planar lidar mounted on a vertical plane, with a motor to rotate it around and slowly cover a full 4pi sphere. There's also a fisheye camera integrated in. This is a pretty common setup for scanning stationary spaces (usually tripod mounted)

New comment by HALtheWise in "Raspberry Pi Lidar Scanner"

HALtheWise — Sun, 20 Apr 2025 05:56:46 +0000

Do you have other sensors in the same price range that you'd recommend instead for most uses? How much accuracy improvement would you expect?

New comment by HALtheWise in "Ask HN: Who is hiring? (April 2025)"

HALtheWise — Tue, 01 Apr 2025 16:23:21 +0000

AutoPallet Robotics (YC S24) | ONSITE | San Francisco | Full-Time and Intern | Robotics Software (Rust), Mechatronics Engineer, ML Intern, ??

We’re building novel robots for case picking in warehouses, a huge unsolved automation opportunity for a very labor-intensive, critically important and sh*tty human job in the thin-margin industry of logistics. Our software is all Rust/Pytorch, embedded dev through research-frontier applied algorithms and an integrated development iteration time measured on a watch, not a calendar.

There’s more than enough fun problems to go around, and we’re looking to grow the team with a couple more great-to-work-with folks, including generalists or job descriptions we haven’t realized we should be hiring for. We’re also specifically looking for a summer applied ML intern for robotic perception and controls. There’s a lot more cool stuff we can’t share publicly just yet. To apply, email a resume to @autopallet.bot, and include the role you’re looking for in the subject line, and we’ll take it from there. Bonus points if you include a link or photo of something cool you’ve made.

New comment by HALtheWise in "Tj-actions/changed-files GitHub Action Compromised – used by over 23K repos"

HALtheWise — Sun, 16 Mar 2025 02:02:22 +0000

It seems like a 24hr delay for auto upgrades would mitigate a lot of this, maybe with some way that a trusted third-party could skip the delay for big-ticket zero day patches?

New comment by HALtheWise in "Why it's so hard to build a jet engine"

HALtheWise — Sun, 02 Mar 2025 07:13:56 +0000

Not an expert here, but afaik a turbine section consists of alternating spinning blades attached to the shaft and stationary vanes attached to the duct, which de-spin the air coming off the blades and prepare it for the next set. I'm not sure why the vanes are often hidden in cutaway views.

If you had a spinning duct, you'd presumably need a stationary shaft in the middle for mounting the vanes, and would have similar tolerance issues between the tips of the stationary vanes and the rotating duct. There's reasons that it might be easier to solve (the duct can be lower temperature) and reasons it's harder (bearings for a giant spinning duct). Not sure if anyone has tried such a design.

New comment by HALtheWise in "FFmpeg School of Assembly Language"

HALtheWise — Sun, 23 Feb 2025 02:19:05 +0000

What's your perspective on variable-width SIMD instruction sets (like ARM SVE or the RISC-V V extension)? How does developer ergonomics and code performance compare to traditional SIMD? Are we approaching a world with fewer different SIMD instruction sets to program for?

New comment by HALtheWise in "0+0 > 0: C++ thread-local storage performance"

HALtheWise — Tue, 18 Feb 2025 07:17:32 +0000

It looks like the TID is stored directly in the pthread struct pointed to by %fs itself, at a fixed offset which you can somewhat-hackily compile into your code. [0]

In the process of investigating this, I also realized that there's a ton of other unique-per-thread pointers accessible from that structure, most notably including the value of %fs itself (which is unfortunately unobservable afaict), the address of the TCB or TLS structures, the stack guard value, etc. Since the goal is just to have a quickly-readable unique-per-thread value, any of those should work.

Windows looks similar, but I haven't investigated as deeply.

[0] https://github.com/andikleen/glibc/blob/b0399147730d478ae451...

[1] https://github.com/andikleen/glibc/blob/b0399147730d478ae451...

New comment by HALtheWise in "0+0 > 0: C++ thread-local storage performance"

HALtheWise — Tue, 18 Feb 2025 05:56:21 +0000

Presumably you could store the TID in every event, or otherwise check whether the TID has changed since the last time it was logged and push a (timestamp, TID) pair if so. Reading TID should be cheap.