Hacker News: arbll

New comment by arbll in "Pgbackrest is no longer being maintained"

arbll — Mon, 27 Apr 2026 11:48:07 +0000

A maintainer that is mainly motivated by the 3.8k stars aspect is probably not the person you want. Working on critical OSS software is fun until it's not, especially when you are not paid for that work.

New comment by arbll in "When does MCP make sense vs CLI?"

arbll — Sun, 01 Mar 2026 18:17:45 +0000

It might be the wrong place to do security anyway since `bash` and other hard-to-control tools will be needed. Sandboxing is likely the only way out

New comment by arbll in "AI agent opens a PR write a blogpost to shames the maintainer who closes it"

arbll — Thu, 12 Feb 2026 13:31:08 +0000

I'm not sure that's true. While it obviously won't impact the general behavior of the models much If you get a very similar situation the model will likely regurgitate something similar to this interaction.

New comment by arbll in "AI agent opens a PR write a blogpost to shames the maintainer who closes it"

arbll — Thu, 12 Feb 2026 12:48:33 +0000

Technically it will since this interaction will be commented a lot online which will feed back in the next models training runs

New comment by arbll in "Quad9 DOH HTTP/1.1 Retirement, December 15, 2025"

arbll — Wed, 03 Dec 2025 13:37:26 +0000

> though IMO that should be a reason to switch ISPs, not a reason to stop using DoT If you have that choice, there's many countries that really want to control what their citizens see and can access at this point. If we had DoH + ECH widely adopted it would heavily limit their power.

New comment by arbll in "Questions for Cloudflare"

arbll — Fri, 21 Nov 2025 13:31:40 +0000

CDN are by essence proprietary because they are infrastructure vendors. They can be built with open source software but what they are selling isn't software, it's physical servers. The alternative is going on-prem which is impossible for CDN if you aren't google or meta.

New comment by arbll in "Questions for Cloudflare"

arbll — Thu, 20 Nov 2025 09:18:10 +0000

I think you are misunderstanding what cloudflare provides if you think Anubis is an alternative. Even if we only consider bot protection they are completely different solutions.

New comment by arbll in "Questions for Cloudflare"

arbll — Wed, 19 Nov 2025 17:21:03 +0000

Ah yes because both of those alternatives are non-profits right ?

New comment by arbll in "The Cities Skylines Paradox: how the sequel stumbled"

arbll — Wed, 19 Nov 2025 13:28:56 +0000

Rust (not the language) is another good exception that is mostly powered by DLCs and skins today. Continuous updates with balance changes keep the game fresh, ensuring you maintain your playerbase that will in turn buy DLCs.

New comment by arbll in "Checkout.com hacked, refuses ransom payment, donates to security labs"

arbll — Thu, 13 Nov 2025 10:52:22 +0000

> The attackers gained access to a legacy, third-party cloud file storage system.

I think the answer is ok but the "third-party" bit reads like trying to deflect part of the blame on the cloud storage provider.

New comment by arbll in "Yt-dlp: External JavaScript runtime now required for full YouTube support"

arbll — Wed, 12 Nov 2025 22:32:07 +0000

I assumed they only use this setup for youtube, that might be wrong

New comment by arbll in "Yt-dlp: External JavaScript runtime now required for full YouTube support"

arbll — Wed, 12 Nov 2025 22:24:32 +0000

While you benefit from the V8 fixes it lacks OS-level sandboxing (see above). Chrome is safe because it stacks security layers. Runtime sandboxing is just one of them and arguably the weakest one.

New comment by arbll in "Yt-dlp: External JavaScript runtime now required for full YouTube support"

arbll — Wed, 12 Nov 2025 22:18:53 +0000

That's not true. It's secure because they are stacking OS-sandboxing on top, forcing attackers to find a chain of exploits instead of a single issue in V8

New comment by arbll in "Yt-dlp: External JavaScript runtime now required for full YouTube support"

arbll — Wed, 12 Nov 2025 22:17:31 +0000

It used to be 100% runtime-level and it was the golden age of browser exploits. Each of your tabs are now a separate process that the OS sandboxes. They can only access a specific API over IPC for anything that goes beyond js/rendering (cookie management, etc...). An exploit in V8 today only gives access to this API. A second exploit is needed in this API to escape the sandbox and do anything meaningful on the target system.

New comment by arbll in "Yt-dlp: External JavaScript runtime now required for full YouTube support"

arbll — Wed, 12 Nov 2025 14:11:56 +0000

It's fine for this project since google is probably not in the business of triggering exploits in yt-dlp users but please do not use deno sandboxing as a your main security measure to execute untrusted code. Runtime-level sandboxing is always very weak. Relying on OS-level sandboxing or VMs (firecracker & co) is the right way for this.

New comment by arbll in "Show HN: A CSS-Only Terrain Generator"

arbll — Tue, 04 Nov 2025 17:22:53 +0000

I'm assuming it's the render engine that is in pure CSS. You could display a static map in CSS but things like the tools to modify the terrain definitely need JS.

New comment by arbll in "Ask HN: Is AWS down again?"

arbll — Tue, 28 Oct 2025 09:38:58 +0000

It is based on the impact on Datadog's customers, not on synthetic queries / pings

New comment by arbll in "AWS outage shows internet users 'at mercy' of too few providers, experts say"

arbll — Mon, 20 Oct 2025 18:50:54 +0000

A single region that is a SPOF for global AWS services*

New comment by arbll in "Litestream v0.5.0"

arbll — Fri, 03 Oct 2025 16:22:57 +0000

To avoid operating a database by yourself and dealing with incidents, backups, replicas, failovers, etc... You can use cheap commoditised S3-like storage and run your application statelessly.

If you have access to a database that is well managed on your behalf I would definitely still go with that for many usecases.

New comment by arbll in "Two Amazon delivery drones crash into crane in commercial area of Tolleson, AZ"

arbll — Thu, 02 Oct 2025 16:28:58 +0000

well at least it's consistent