Hacker News: RVuRnvbM2e

New comment by RVuRnvbM2e in "When Dawkins met Claude – Could this AI be conscious?"

RVuRnvbM2e — Sun, 03 May 2026 00:59:21 +0000

It is terribly sad when someone undeniably brilliant in a particular field fails to recognize their own incompetence in other areas - in this case mistaking advanced technology for magic.

New comment by RVuRnvbM2e in "Glassworm is back: A new wave of invisible Unicode attacks hits repositories"

RVuRnvbM2e — Mon, 16 Mar 2026 07:27:43 +0000

Vigilant mode exists, and would have flagged the malicious commit as unverified in this case. Maybe it should be the default.

https://docs.github.com/en/authentication/managing-commit-si...

New comment by RVuRnvbM2e in "Glassworm is back: A new wave of invisible Unicode attacks hits repositories"

RVuRnvbM2e — Mon, 16 Mar 2026 07:23:24 +0000

Someone has maintainer/admin access to the repository and has force-pushed to master overwriting the git history.

Notice that the original commit is verified: https://github.com/pedronauck/reworm/commit/df8c1803c519f599...

While the malicious one is not: https://github.com/pedronauck/reworm/commit/d50cd8c8966893c6...

New comment by RVuRnvbM2e in "How I use Claude Code: Separation of planning and execution"

RVuRnvbM2e — Sun, 22 Feb 2026 05:05:11 +0000

This is just Waterfall for LLMs. What happens when you explore the problem space and need to change up the plan?

New comment by RVuRnvbM2e in "I started programming when I was 7. I'm 50 now and the thing I loved has changed"

RVuRnvbM2e — Wed, 11 Feb 2026 06:09:15 +0000

Another victim of the LLM-induced malaise many are calling "Deep Blue".

New comment by RVuRnvbM2e in "Thoughts on Go vs. Rust vs. Zig"

RVuRnvbM2e — Fri, 05 Dec 2025 02:05:07 +0000

> There's also no way to shrink the memory underlying a slice.

Sorry, that is incorrect: https://pkg.go.dev/slices#Clip

> It's a common newbie mistake to think they do work like that, and write "append(s, ...)" instead of "s = append(s, ...)". It might even randomly work a lot of the time.

"append(s, ...)" without the assignment doesn't even compile. So your entire post seems like a strawman?

https://go.dev/play/p/icdOMl8A9ja

> So (generalizing) Go won't implement a feature that makes mistakes harder, if it makes the language more complicated

No, I think it is more that the compromise of complicating the language that is always made when adding features is carefully weighed in Go. Less so in other languages.

New comment by RVuRnvbM2e in "Americans no longer see four-year college degrees as worth the cost"

RVuRnvbM2e — Sun, 30 Nov 2025 05:04:17 +0000

The reason for US economic domination starting in the 50s is the fact that society and infrastructure in the rest of the developed world had been utterly devastated by the second World War. The rate of college education is utterly irrelevant.

New comment by RVuRnvbM2e in "Exploring the Fragmentation of Wayland, an xdotool adventure"

RVuRnvbM2e — Fri, 21 Nov 2025 04:46:35 +0000

This is analogous to calling unix account separation "fragmentation". Why can't I just run all my services as root? It has worked for years!?

The answer is that it is a fragile, unmaintainable security nightmare.

Wayland has separation of concerns to fix that problem, with the tradeoffs described in the blog post.

New comment by RVuRnvbM2e in "State of Terminal Emulators in 2025: The Errant Champions"

RVuRnvbM2e — Tue, 04 Nov 2025 09:12:24 +0000

I'm quite confused why this article tests foot v1.16.2, which is two years old at this point. The latest version is 1.25.0.

By contrast, the tested version of ghostty v1.2.3 is two weeks old.

New comment by RVuRnvbM2e in "We all dodged a bullet"

RVuRnvbM2e — Tue, 09 Sep 2025 22:06:32 +0000

Fucking this.

I have seen so many takes lamenting how this kind of supply chain attack is such a difficult problem to fix.

No it really isn't. It's an ecosystem and cultural problem that npm encourages huge dependency trees that make it impractical to review dependency updates so developers just don't.

New comment by RVuRnvbM2e in "XZ Utils Backdoor Still Lurking in Docker Images"

RVuRnvbM2e — Tue, 19 Aug 2025 02:51:24 +0000

I don't understand the point of this article. Container images are literally immutable packaged filesystems so old versions of affected packages are in old Docker images for every CVE ever patched in Debian.

How is this news?

New comment by RVuRnvbM2e in "XZ Utils Backdoor Still Lurking in Docker Images"

RVuRnvbM2e — Tue, 19 Aug 2025 02:41:13 +0000

This is hyperbolic.

Unpatched long-lived VMs are much more cumbersome to fix than an outdated Docker image. And good luck reproducing your long-lived VM with years of mutation-via-patch.

New comment by RVuRnvbM2e in "Show HN: unsafehttp – tiny web server from scratch in C, running on an orange pi"

RVuRnvbM2e — Sun, 17 Aug 2025 02:20:05 +0000

Obviously you aren't one of them with an attitude like that.

New comment by RVuRnvbM2e in "Debian 13 “Trixie”"

RVuRnvbM2e — Sat, 09 Aug 2025 22:21:01 +0000

Why would you want to do this?

New comment by RVuRnvbM2e in "What to expect from Debian/Trixie"

RVuRnvbM2e — Wed, 23 Jul 2025 20:01:29 +0000

I've been using this combination successfully for a long time with no issues. In fact it is the only way to handle complex DNS setup on Linux.

If you have specific issues, please file them over at systemds GitHub issue tracker.

New comment by RVuRnvbM2e in "Stop Hiding My Controls: Hidden Interface Controls Are Affecting Usability"

RVuRnvbM2e — Sun, 06 Jul 2025 02:12:37 +0000

Notion is horrendous for this. Hiding every control behind an invisible hover target. No, I don't want my company documentation to have a minimalist aesthetic. I just want to use it.

New comment by RVuRnvbM2e in "Cloudflare to introduce pay-per-crawl for AI bots"

RVuRnvbM2e — Tue, 01 Jul 2025 15:22:37 +0000

By Cloudflare inserting themselves as a "HTTP market maker", is this step one in the enshittification of the web?

New comment by RVuRnvbM2e in "I Dropped the Production Database on a Friday Night"

RVuRnvbM2e — Sat, 21 Jun 2025 05:03:24 +0000

This is a good story and something everyone should experience in their career even just for the lesson in humility. That said:

> Here's the technical takeaway: Never use CASCADE deletes on critical foreign keys. Set them to NULL or use soft deletes instead. It's fine for UPDATE operations, but it's too dangerous for DELETE ones. The convenience of automatic cleanup isn't worth the existential risk of chain reactions.

What? The point of cascading foreign keys is referential integrity. If you just leave dangling references everywhere your data will either be horribly dirty or require inconsistent manual cleanup.

As I'm sure others have said: just use a test/staging environment. It isn't hard to set up even if you are in startup mode.

New comment by RVuRnvbM2e in "(On | No) Syntactic Support for Error Handling"

RVuRnvbM2e — Wed, 04 Jun 2025 02:24:36 +0000

Reduces the vertical space by vastly increasing the horizontal space and inserting line noise into the syntax. I don't even understand what that code would do.

New comment by RVuRnvbM2e in "CVE program faces swift end after DHS fails to renew contract"

RVuRnvbM2e — Wed, 16 Apr 2025 03:34:40 +0000

NVD != CVE