Hacker News: StrauXXhttps://news.ycombinator.com/user?id=StrauXXHacker News RSShttps://hnrss.org/hnrss v2.1.1Tue, 07 Apr 2026 08:49:54 +0000<![CDATA[New comment by StrauXX in "Why Switzerland has 25 Gbit internet and America doesn't"]]>Switzerland is one of the least homogenous countries in Europe! Four languages, relatively weak federal government with strong local (canton) governments. Most state services are handled on a localized (canton) level.

]]>Mon, 06 Apr 2026 08:06:11 +0000https://news.ycombinator.com/item?id=47658163StrauXXhttps://news.ycombinator.com/item?id=47658163https://news.ycombinator.com/item?id=47658163<![CDATA[New comment by StrauXX in "LibreOffice – Let's put an end to the speculation"]]>I had the same impression. The introduction reads really unprofessionally.

]]>Sun, 05 Apr 2026 21:11:33 +0000https://news.ycombinator.com/item?id=47653930StrauXXhttps://news.ycombinator.com/item?id=47653930https://news.ycombinator.com/item?id=47653930<![CDATA[AI Wafer Timeline]]>Article URL: https://xcancel.com/aakashgupta/status/2038813799856374135

Comments URL: https://news.ycombinator.com/item?id=47594448

Points: 2

# Comments: 0

]]>Tue, 31 Mar 2026 22:43:57 +0000https://xcancel.com/aakashgupta/status/2038813799856374135StrauXXhttps://news.ycombinator.com/item?id=47594448https://news.ycombinator.com/item?id=47594448<![CDATA[Organizational Politics and the Security Program]]>Article URL: https://www.philvenables.com/post/organizational-politics-the-security-program

Comments URL: https://news.ycombinator.com/item?id=47566221

Points: 3

# Comments: 0

]]>Sun, 29 Mar 2026 19:16:08 +0000https://www.philvenables.com/post/organizational-politics-the-security-programStrauXXhttps://news.ycombinator.com/item?id=47566221https://news.ycombinator.com/item?id=47566221<![CDATA[New comment by StrauXX in "My minute-by-minute response to the LiteLLM malware attack"]]>If your requirements are just to load balance between selhosted AI servers: nginx. If you want a more thorough system with configurability, logging, etc.: Bifrost from MaximAI

]]>Sat, 28 Mar 2026 08:48:20 +0000https://news.ycombinator.com/item?id=47552779StrauXXhttps://news.ycombinator.com/item?id=47552779https://news.ycombinator.com/item?id=47552779<![CDATA[New comment by StrauXX in "My minute-by-minute response to the LiteLLM malware attack"]]>LiteLLM isn't a good choice for a proxy in any case. It introduces a lot of lag amd latency and the features are often half baked. To me, it looks like a vibecoded application without a product owner. And the code itself isn't very organized either. I evaluated it for a project a few months ago and will never use it for anything production. Theres a few much better alternatives out there.

]]>Fri, 27 Mar 2026 08:28:42 +0000https://news.ycombinator.com/item?id=47540217StrauXXhttps://news.ycombinator.com/item?id=47540217https://news.ycombinator.com/item?id=47540217<![CDATA[New comment by StrauXX in "More common mistakes to avoid when creating system architecture diagrams"]]>You shouldn't! The official writings explicitly discourage creating third and fourth layer diagrams!

]]>Mon, 23 Mar 2026 07:50:48 +0000https://news.ycombinator.com/item?id=47486498StrauXXhttps://news.ycombinator.com/item?id=47486498https://news.ycombinator.com/item?id=47486498<![CDATA[Clearing Member 991]]>Article URL: https://no01.substack.com/p/clearing-member-991

Comments URL: https://news.ycombinator.com/item?id=47486441

Points: 1

# Comments: 0

]]>Mon, 23 Mar 2026 07:37:44 +0000https://no01.substack.com/p/clearing-member-991StrauXXhttps://news.ycombinator.com/item?id=47486441https://news.ycombinator.com/item?id=47486441<![CDATA[New comment by StrauXX in "Polymarket gamblers threaten to kill me over Iran missile story"]]>The "market" isn't a zero-sum-game though. Polymarket is.

]]>Fri, 20 Mar 2026 12:59:52 +0000https://news.ycombinator.com/item?id=47453921StrauXXhttps://news.ycombinator.com/item?id=47453921https://news.ycombinator.com/item?id=47453921<![CDATA[New comment by StrauXX in "Meta’s AI smart glasses and data privacy concerns"]]>They are! This Tesla feature is illegal to use in Germany and Austria.

[1] (in German) https://www.derstandard.at/story/3000000215526/aktueller-fal...

]]>Tue, 03 Mar 2026 08:07:02 +0000https://news.ycombinator.com/item?id=47229572StrauXXhttps://news.ycombinator.com/item?id=47229572https://news.ycombinator.com/item?id=47229572<![CDATA[New comment by StrauXX in "AI Made Writing Code Easier. It Made Being an Engineer Harder"]]>This tracks with the way a lot of heavily vibecoded projects have issues with beeing feature heavy, while those features often don't fully work and most importantly don't fit together cohesively. In other words, the quality is low.

]]>Sun, 01 Mar 2026 14:51:15 +0000https://news.ycombinator.com/item?id=47207228StrauXXhttps://news.ycombinator.com/item?id=47207228https://news.ycombinator.com/item?id=47207228<![CDATA[New comment by StrauXX in "Danish government agency to ditch Microsoft software (2025)"]]>That's "just" the interpretation of TU Berlin. Here is the FOI request that was never answered: https://fragdenstaat.de/anfrage/onlyoffice-sanktionen/

Just to be clear: TU Berlin is probably right. But according to some sources (which I don't believe) OnlyOffice no longer has any connections to Russia and is now really from an EU company.

]]>Thu, 26 Feb 2026 14:11:40 +0000https://news.ycombinator.com/item?id=47166338StrauXXhttps://news.ycombinator.com/item?id=47166338https://news.ycombinator.com/item?id=47166338<![CDATA[New comment by StrauXX in "Danish government agency to ditch Microsoft software (2025)"]]>OnlyOffice had some controversy around being owned and operated by a Russian company through shell companies. They might even fall under EU sanctions. There is an open German information request to the government that was never answered.

Wether those connections are true or not I can't say, but I do know people that dropped OnlyOffice in their evaluations for this reason.

]]>Wed, 25 Feb 2026 12:42:11 +0000https://news.ycombinator.com/item?id=47150775StrauXXhttps://news.ycombinator.com/item?id=47150775https://news.ycombinator.com/item?id=47150775<![CDATA[New comment by StrauXX in "I verified my LinkedIn identity. Here's what I handed over"]]>Do you have a reference with more information on that?

]]>Sat, 21 Feb 2026 12:53:59 +0000https://news.ycombinator.com/item?id=47100365StrauXXhttps://news.ycombinator.com/item?id=47100365https://news.ycombinator.com/item?id=47100365<![CDATA[New comment by StrauXX in "cURL removes bug bounties"]]>Simple. You multiple instances with different flags covering different threat models. RCE, file read, etc. You then expose a webapplication for every instance that lets users control only those curl flags, that must be safe to be user controlled in the reapective threat model.

]]>Thu, 22 Jan 2026 08:04:15 +0000https://news.ycombinator.com/item?id=46716471StrauXXhttps://news.ycombinator.com/item?id=46716471https://news.ycombinator.com/item?id=46716471<![CDATA[New comment by StrauXX in "cURL removes bug bounties"]]>The process of finding bugs is still slow and time consuming. The kinds of vulnerabilities you find in codebases like cURL are still beyond AI. Binary exploitation is still a human only field.

]]>Wed, 21 Jan 2026 09:36:48 +0000https://news.ycombinator.com/item?id=46703211StrauXXhttps://news.ycombinator.com/item?id=46703211https://news.ycombinator.com/item?id=46703211<![CDATA[New comment by StrauXX in "cURL removes bug bounties"]]>The solution for this, IMO, is flags. Just like with CTFs, host an instance of your software with a flag that can only be retrieved after a successful exploit. If someone submits the flag to you, there is no argueing about wether or not they found a valid vulnerability.

Yes, this does not work for all vulnerability classes, but it is the best compromise in my mind.

]]>Wed, 21 Jan 2026 09:32:55 +0000https://news.ycombinator.com/item?id=46703188StrauXXhttps://news.ycombinator.com/item?id=46703188https://news.ycombinator.com/item?id=46703188<![CDATA[New comment by StrauXX in "Dead Internet Theory"]]>That is actually something I quite like about Discord. Whatever I write and post, while not "private" is not indexed or searchable by anyone other tgan those people that have been vetted (invited) by the respective community. Not that I'm mostly on small friendgroup Discords with 10 - 100 members.

]]>Mon, 19 Jan 2026 16:05:30 +0000https://news.ycombinator.com/item?id=46680507StrauXXhttps://news.ycombinator.com/item?id=46680507https://news.ycombinator.com/item?id=46680507<![CDATA[New comment by StrauXX in "True explanation behind the Guidance project"]]>When I looked into to the then common libraries back in 2024, Guidance seemed to be by far the most technically sound. Their approach of token masking seems moch more "engineering minded" than what most libraries back then did: repromting.

I don't know if other libraries hace since adapted Guidances approach. It's also somewhat sad that their approach isn't mentioned more prominently in their readme.

]]>Mon, 19 Jan 2026 10:35:32 +0000https://news.ycombinator.com/item?id=46677348StrauXXhttps://news.ycombinator.com/item?id=46677348https://news.ycombinator.com/item?id=46677348<![CDATA[True explanation behind the Guidance project]]>Article URL: https://github.com/guidance-ai/guidance/issues/1040

Comments URL: https://news.ycombinator.com/item?id=46677322

Points: 1

# Comments: 1

]]>Mon, 19 Jan 2026 10:33:10 +0000https://github.com/guidance-ai/guidance/issues/1040StrauXXhttps://news.ycombinator.com/item?id=46677322https://news.ycombinator.com/item?id=46677322