Hacker News: RVuRnvbM2e

New comment by RVuRnvbM2e in "From Australia to Europe, countries move to curb children's social media access"

RVuRnvbM2e — Fri, 19 Jun 2026 12:36:02 +0000

Where's the regulation of addictive dark patterns that hook kids and adults alike? Most jurisdictions regulate gambling to reduce societal harm. Social media is little different; it just has an advertising middle man.

New comment by RVuRnvbM2e in "The Token Compression Illusion: Why I'm Skeptical of RTK"

RVuRnvbM2e — Thu, 18 Jun 2026 23:27:24 +0000

Agree. I've watched agents go around in circles or use ridiculous workarounds after being confused by rtk output.

New comment by RVuRnvbM2e in "Zero-Touch OAuth for MCP"

RVuRnvbM2e — Thu, 18 Jun 2026 23:24:16 +0000

I don't quite understand the advantage of this over regular oauth. I think I need an example comparison of the authz flows.

New comment by RVuRnvbM2e in "Conventional Commits encourages focus on the wrong things"

RVuRnvbM2e — Sat, 06 Jun 2026 05:42:37 +0000

Yeah the article is wrong

New comment by RVuRnvbM2e in "Conventional Commits encourages focus on the wrong things"

RVuRnvbM2e — Fri, 05 Jun 2026 16:14:16 +0000

The thing conventional commits are really helpful for is continuous delivery. Every merge to main can be automatically tagged with semver and shipped because the thought that goes into tagging and versioning has already been done by the developers when they wrote the commit message.

I fully recognise that it doesn't make sense for huge projects like the Linux kernel to do this. But for 99% of projects conventional commits combined with semver vastly improves the release process status quo and makes it easy to automate.

New comment by RVuRnvbM2e in "When Dawkins met Claude – Could this AI be conscious?"

RVuRnvbM2e — Sun, 03 May 2026 00:59:21 +0000

It is terribly sad when someone undeniably brilliant in a particular field fails to recognize their own incompetence in other areas - in this case mistaking advanced technology for magic.

New comment by RVuRnvbM2e in "Glassworm is back: A new wave of invisible Unicode attacks hits repositories"

RVuRnvbM2e — Mon, 16 Mar 2026 07:27:43 +0000

Vigilant mode exists, and would have flagged the malicious commit as unverified in this case. Maybe it should be the default.

https://docs.github.com/en/authentication/managing-commit-si...

New comment by RVuRnvbM2e in "Glassworm is back: A new wave of invisible Unicode attacks hits repositories"

RVuRnvbM2e — Mon, 16 Mar 2026 07:23:24 +0000

Someone has maintainer/admin access to the repository and has force-pushed to master overwriting the git history.

Notice that the original commit is verified: https://github.com/pedronauck/reworm/commit/df8c1803c519f599...

While the malicious one is not: https://github.com/pedronauck/reworm/commit/d50cd8c8966893c6...

New comment by RVuRnvbM2e in "How I use Claude Code: Separation of planning and execution"

RVuRnvbM2e — Sun, 22 Feb 2026 05:05:11 +0000

This is just Waterfall for LLMs. What happens when you explore the problem space and need to change up the plan?

New comment by RVuRnvbM2e in "I started programming when I was 7. I'm 50 now and the thing I loved has changed"

RVuRnvbM2e — Wed, 11 Feb 2026 06:09:15 +0000

Another victim of the LLM-induced malaise many are calling "Deep Blue".

New comment by RVuRnvbM2e in "Thoughts on Go vs. Rust vs. Zig"

RVuRnvbM2e — Fri, 05 Dec 2025 02:05:07 +0000

> There's also no way to shrink the memory underlying a slice.

Sorry, that is incorrect: https://pkg.go.dev/slices#Clip

> It's a common newbie mistake to think they do work like that, and write "append(s, ...)" instead of "s = append(s, ...)". It might even randomly work a lot of the time.

"append(s, ...)" without the assignment doesn't even compile. So your entire post seems like a strawman?

https://go.dev/play/p/icdOMl8A9ja

> So (generalizing) Go won't implement a feature that makes mistakes harder, if it makes the language more complicated

No, I think it is more that the compromise of complicating the language that is always made when adding features is carefully weighed in Go. Less so in other languages.

New comment by RVuRnvbM2e in "Americans no longer see four-year college degrees as worth the cost"

RVuRnvbM2e — Sun, 30 Nov 2025 05:04:17 +0000

The reason for US economic domination starting in the 50s is the fact that society and infrastructure in the rest of the developed world had been utterly devastated by the second World War. The rate of college education is utterly irrelevant.

New comment by RVuRnvbM2e in "Exploring the Fragmentation of Wayland, an xdotool adventure"

RVuRnvbM2e — Fri, 21 Nov 2025 04:46:35 +0000

This is analogous to calling unix account separation "fragmentation". Why can't I just run all my services as root? It has worked for years!?

The answer is that it is a fragile, unmaintainable security nightmare.

Wayland has separation of concerns to fix that problem, with the tradeoffs described in the blog post.

New comment by RVuRnvbM2e in "State of Terminal Emulators in 2025: The Errant Champions"

RVuRnvbM2e — Tue, 04 Nov 2025 09:12:24 +0000

I'm quite confused why this article tests foot v1.16.2, which is two years old at this point. The latest version is 1.25.0.

By contrast, the tested version of ghostty v1.2.3 is two weeks old.

New comment by RVuRnvbM2e in "We all dodged a bullet"

RVuRnvbM2e — Tue, 09 Sep 2025 22:06:32 +0000

Fucking this.

I have seen so many takes lamenting how this kind of supply chain attack is such a difficult problem to fix.

No it really isn't. It's an ecosystem and cultural problem that npm encourages huge dependency trees that make it impractical to review dependency updates so developers just don't.

New comment by RVuRnvbM2e in "XZ Utils Backdoor Still Lurking in Docker Images"

RVuRnvbM2e — Tue, 19 Aug 2025 02:51:24 +0000

I don't understand the point of this article. Container images are literally immutable packaged filesystems so old versions of affected packages are in old Docker images for every CVE ever patched in Debian.

How is this news?

New comment by RVuRnvbM2e in "XZ Utils Backdoor Still Lurking in Docker Images"

RVuRnvbM2e — Tue, 19 Aug 2025 02:41:13 +0000

This is hyperbolic.

Unpatched long-lived VMs are much more cumbersome to fix than an outdated Docker image. And good luck reproducing your long-lived VM with years of mutation-via-patch.

New comment by RVuRnvbM2e in "Show HN: unsafehttp – tiny web server from scratch in C, running on an orange pi"

RVuRnvbM2e — Sun, 17 Aug 2025 02:20:05 +0000

Obviously you aren't one of them with an attitude like that.

New comment by RVuRnvbM2e in "Debian 13 “Trixie”"

RVuRnvbM2e — Sat, 09 Aug 2025 22:21:01 +0000

Why would you want to do this?

New comment by RVuRnvbM2e in "What to expect from Debian/Trixie"

RVuRnvbM2e — Wed, 23 Jul 2025 20:01:29 +0000

I've been using this combination successfully for a long time with no issues. In fact it is the only way to handle complex DNS setup on Linux.

If you have specific issues, please file them over at systemds GitHub issue tracker.