<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Hacker News: PaoloBarbolini</title><link>https://news.ycombinator.com/user?id=PaoloBarbolini</link><description>Hacker News RSS</description><docs>https://hnrss.org/</docs><generator>hnrss v2.1.1</generator><lastBuildDate>Thu, 02 Jul 2026 20:44:35 +0000</lastBuildDate><atom:link href="https://hnrss.org/user?id=PaoloBarbolini" rel="self" type="application/rss+xml"></atom:link><item><title><![CDATA[New comment by PaoloBarbolini in "Ubuntu 26.04"]]></title><description><![CDATA[
<p>Why do we still put up with GNOME?<p>I've spent the last 10 years off and on from Linux. Had I used something other than GNOME, I believe my experience would have been better.<p>I've been on KDE for the last 3-4 years and things work so well I could never imagine going back to GNOME.</p>
]]></description><pubDate>Fri, 24 Apr 2026 07:21:50 +0000</pubDate><link>https://news.ycombinator.com/item?id=47886766</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=47886766</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47886766</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "Jepsen: NATS 2.12.1"]]></title><description><![CDATA[
<p>There are many things they don't seem to understand about their own product.<p><a href="https://github.com/nats-io/nats.rs/issues/1253#issuecomment-2063047468" rel="nofollow">https://github.com/nats-io/nats.rs/issues/1253#issuecomment-...</a></p>
]]></description><pubDate>Tue, 09 Dec 2025 08:36:11 +0000</pubDate><link>https://news.ycombinator.com/item?id=46202639</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=46202639</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=46202639</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "Rootless Pings in Rust"]]></title><description><![CDATA[
<p>The repo link goes to a 404 page.</p>
]]></description><pubDate>Tue, 02 Dec 2025 08:29:23 +0000</pubDate><link>https://news.ycombinator.com/item?id=46118959</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=46118959</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=46118959</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "EXIF orientation info in PNGs isn't used for image-orientation: from-image"]]></title><description><![CDATA[
<p>The image could have been encoded with a high compression ratio, or even something like  OxiPNG. In that case, while re-encoding it wouldn't lose quality, it could still have the side-effect of making the file bigger.</p>
]]></description><pubDate>Fri, 21 Nov 2025 14:42:15 +0000</pubDate><link>https://news.ycombinator.com/item?id=46005049</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=46005049</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=46005049</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "Ghost 6.0"]]></title><description><![CDATA[
<p>A few years ago I convinced a friend to make their blog using Ghost 4. Very bad decision. I haven't kept up with it but at the time they supported only 1 mailing list service. What kind of open source project does that kind of vendor lock-in to their users.</p>
]]></description><pubDate>Tue, 05 Aug 2025 02:05:53 +0000</pubDate><link>https://news.ycombinator.com/item?id=44793581</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=44793581</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=44793581</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "Raspberry Pi 5 Gets a MicroSD Express Hat"]]></title><description><![CDATA[
<p>That's "easy" when all they have to do is to package <a href="https://github.com/raspberrypi/linux">https://github.com/raspberrypi/linux</a></p>
]]></description><pubDate>Fri, 01 Aug 2025 08:41:23 +0000</pubDate><link>https://news.ycombinator.com/item?id=44754345</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=44754345</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=44754345</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "Postgres LISTEN/NOTIFY does not scale"]]></title><description><![CDATA[
<p>I've had the same experience and I fixed part of the problem by writing my own Rust client, Watermelon. It's still missing a lot of features but at least I'm not blocked by weird decisions taken by upstream.</p>
]]></description><pubDate>Fri, 11 Jul 2025 08:57:10 +0000</pubDate><link>https://news.ycombinator.com/item?id=44529863</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=44529863</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=44529863</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "Protecting NATS and the integrity of open source"]]></title><description><![CDATA[
<p>See also the issue: <a href="https://github.com/nats-io/nats-server/issues/6832">https://github.com/nats-io/nats-server/issues/6832</a>
Archived version: <a href="https://web.archive.org/web/20250425154144/https://github.com/nats-io/nats-server/issues/6832" rel="nofollow">https://web.archive.org/web/20250425154144/https://github.co...</a></p>
]]></description><pubDate>Fri, 25 Apr 2025 15:43:56 +0000</pubDate><link>https://news.ycombinator.com/item?id=43794833</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=43794833</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=43794833</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "GitHub Phishing Campaign making use of OAuth and render.com hosted site"]]></title><description><![CDATA[
<p>I'm also finding that this has happened already in the past and GitHub didn't cleanup the spam entirely, like: <a href="https://github.com/Xyntax/1000php/issues/1#issuecomment-2318000552" rel="nofollow">https://github.com/Xyntax/1000php/issues/1#issuecomment-2318...</a></p>
]]></description><pubDate>Sun, 16 Mar 2025 17:19:14 +0000</pubDate><link>https://news.ycombinator.com/item?id=43380581</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=43380581</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=43380581</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "GitHub Phishing Campaign making use of OAuth and render.com hosted site"]]></title><description><![CDATA[
<p>Before this event, I've has another encounter with GitHub.
What happened is that an AI coding assistance startup seemed to have created bots that would:<p>1. find new GitHub issues on random repos<p>2. fork the repo<p>3. make a commit, trying to implement whatever was requested in the issue<p>4. reply to the issue with a link to the commit, indemnifying themselves of the code quality (which was very poor), and linking to their platform<p>I reported a few of those issues to GitHub. To me, the problem seemed almost obvious:<p>1. they were using sketchy GitHub usernames<p>2. there was evidence of similar replies having been mass-deleted in the past<p>3. some of the issues also seemed to have been opened by sketchy users<p>GitHub took a few days to reply and didn't seem to understand how bad the situation was, and basically allowed them to continue. I don't expect to have to spend a lot of time writing an elaborate "criminal case" to convince GitHub that they are allowing their platform to be abused by these bots.</p>
]]></description><pubDate>Sun, 16 Mar 2025 16:16:01 +0000</pubDate><link>https://news.ycombinator.com/item?id=43380136</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=43380136</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=43380136</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "GitHub Phishing Campaign making use of OAuth and render.com hosted site"]]></title><description><![CDATA[
<p>Amazing work!
This is the first time I've seen this kind of issue fixed so quickly.<p>GitHub should learn from this.</p>
]]></description><pubDate>Sun, 16 Mar 2025 15:57:23 +0000</pubDate><link>https://news.ycombinator.com/item?id=43380015</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=43380015</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=43380015</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "GitHub Phishing Campaign making use of OAuth and render.com hosted site"]]></title><description><![CDATA[
<p>Link to search results: <a href="https://github.com/search?q=%22We+have+detected+a+login+attempt+on+your+GitHub+account+that+appears+to+be+from+a+new+location+or+device.%22&type=issues&s=created&o=desc" rel="nofollow">https://github.com/search?q=%22We+have+detected+a+login+atte...</a></p>
]]></description><pubDate>Sun, 16 Mar 2025 15:43:57 +0000</pubDate><link>https://news.ycombinator.com/item?id=43379899</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=43379899</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=43379899</guid></item><item><title><![CDATA[GitHub Phishing Campaign making use of OAuth and render.com hosted site]]></title><description><![CDATA[
<p>A phishing campaign has been ongoing in the last 4 hours, opening more than 11.5k issues containing the wording "We have detected a login attempt on your GitHub account that appears to be from a new location or device." and links to a render.com hosted site.<p>Do not click any of the links!<p>Every once in a while this seems to reoccur, and I realize how slow GitHub is at deleting the spam issues or comments. Why doesn't GitHub fix this?</p>
<hr>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=43379885">https://news.ycombinator.com/item?id=43379885</a></p>
<p>Points: 8</p>
<p># Comments: 7</p>
]]></description><pubDate>Sun, 16 Mar 2025 15:42:14 +0000</pubDate><link>https://news.ycombinator.com/item?id=43379885</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=43379885</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=43379885</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "The owner of ip4.me/ip6.me, Kevin Loch, has died"]]></title><description><![CDATA[
<p>`curl <a href="https://myip.wtf/json" rel="nofollow">https://myip.wtf/json</a>` too is nice to use when debugging things</p>
]]></description><pubDate>Tue, 04 Mar 2025 16:43:47 +0000</pubDate><link>https://news.ycombinator.com/item?id=43257063</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=43257063</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=43257063</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "From xz to ibus: more questionable tarballs"]]></title><description><![CDATA[
<p>Same for Rust. In the short term we're trying to solve it on the user's side with <a href="https://crates.io/crates/cargo-goggles" rel="nofollow">https://crates.io/crates/cargo-goggles</a>, but in the long term the registry should probably do it.</p>
]]></description><pubDate>Tue, 02 Apr 2024 10:12:49 +0000</pubDate><link>https://news.ycombinator.com/item?id=39904030</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=39904030</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=39904030</guid></item><item><title><![CDATA[cargo-goggles: verify reproducibility of Rust libs releases]]></title><description><![CDATA[
<p>Article URL: <a href="https://crates.io/crates/cargo-goggles">https://crates.io/crates/cargo-goggles</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=39898359">https://news.ycombinator.com/item?id=39898359</a></p>
<p>Points: 8</p>
<p># Comments: 0</p>
]]></description><pubDate>Mon, 01 Apr 2024 19:48:25 +0000</pubDate><link>https://crates.io/crates/cargo-goggles</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=39898359</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=39898359</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "Testcontainers"]]></title><description><![CDATA[
<p>Could you provide an example?</p>
]]></description><pubDate>Wed, 28 Feb 2024 02:27:45 +0000</pubDate><link>https://news.ycombinator.com/item?id=39533172</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=39533172</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=39533172</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "Netlify just sent me a $104k bill for a simple static site"]]></title><description><![CDATA[
<p>It means they protect themselves from layer 3 and 4 DDoS. For layer 7 you're mostly on your own. That's what most companies mean when they talk about DDoS anyway.</p>
]]></description><pubDate>Tue, 27 Feb 2024 07:06:43 +0000</pubDate><link>https://news.ycombinator.com/item?id=39520996</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=39520996</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=39520996</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "Netlify just sent me a $104k bill for a simple static site"]]></title><description><![CDATA[
<p>This is the reason I've never used all of these user-facing serverless services. The price depends on the usage, but if anything goes wrong they are the ones to decide what you pay. It's not comfortable thinking that you could screw up, or get DDoS'd, and the remedy is hoping they wave the bill.</p>
]]></description><pubDate>Tue, 27 Feb 2024 07:01:17 +0000</pubDate><link>https://news.ycombinator.com/item?id=39520962</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=39520962</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=39520962</guid></item><item><title><![CDATA[New comment by PaoloBarbolini in "DNS over HTTPS is not what I thought"]]></title><description><![CDATA[
<p>Certificates can be issued for IPs too, CAs don't usually do it though.</p>
]]></description><pubDate>Thu, 01 Feb 2024 05:46:58 +0000</pubDate><link>https://news.ycombinator.com/item?id=39213062</link><dc:creator>PaoloBarbolini</dc:creator><comments>https://news.ycombinator.com/item?id=39213062</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=39213062</guid></item></channel></rss>