Hacker News: arcfour

New comment by arcfour in "So You Want to Define a Well-Known URI"

arcfour — Fri, 19 Jun 2026 08:20:13 +0000

Why?

New comment by arcfour in "Many Let's Encrypt renewals had errors today"

arcfour — Fri, 19 Jun 2026 08:17:59 +0000

CRLs mostly still work for revoking non-expired certificates. They're a bit clunky, but they don't have to be: https://hacks.mozilla.org/2025/08/crlite-fast-private-and-co...

New comment by arcfour in "So You Want to Define a Well-Known URI"

arcfour — Fri, 19 Jun 2026 07:47:01 +0000

> Why discord domain verification instead of domain-verifications with a dynamic list on entries?

The TXT record itself is already a dynamic list of entries. It's far simpler and easier to iterate through the list and compare the start of each value with your search string until you find "discord domain verification" directly than it would be to do anything else.

Example:

    ;; ANSWER SECTION:
    ycombinator.com.        300     IN      TXT     "openai-domain-verification=dv-QbhxxK0G0JK0dnyZ4YTsNAfw"
    ycombinator.com.        300     IN      TXT     "v=spf1 include:_spf.google.com include:mailgun.org a:rsweb1-36.investorflow.com include:_spf.createsend.com include:servers.mcsv.net -all"
    ycombinator.com.        300     IN      TXT     "MS=ms37374900"
    ycombinator.com.        300     IN      TXT     "anthropic-domain-verification-0qe2ww=yK576oHdDgyTcXgkPfj1KXgGt"
    ycombinator.com.        300     IN      TXT     "ZOOM_verify_2ndw8KZxSRa8PT8NmdyXvw"
    ycombinator.com.        300     IN      TXT     "google-site-verification=KsI69Y_jEVkp4eXqSQ9R9gwxjIpZznvuvrus6UolB9Y"
    ycombinator.com.        300     IN      TXT     "ca3-4861b957e83847c188e45d04ec314ee3"
    ycombinator.com.        300     IN      TXT     "apple-domain-verification=WG0sP5Alm7N6h1Te"
    ycombinator.com.        300     IN      TXT     "dropbox-domain-verification=asc63coma4mv"
    ycombinator.com.        300     IN      TXT     "google-site-verification=GJKdQskycEclAGPua3yXB9m_nVhxbrsVps_y-t9SXV0"
    ycombinator.com.        300     IN      TXT     "Wayback verify for support request 741082"
    ycombinator.com.        300     IN      TXT     "google-site-verification=rivq8jKu6AADGtbbEzJhmOpcqq08B7QxIzXxYV8DtyU"
    ycombinator.com.        300     IN      TXT     "rippling-domain-verification=a660f7a4ab77a3de"

New comment by arcfour in "Stop Using JWTs"

arcfour — Wed, 17 Jun 2026 11:16:07 +0000

JWTs aren't stored in a backend though.

Session cookies you exchange an opaque value with the DB for the user info

JWTs the user hands you their driver's license, and you can verify that it's an authentic license for the person who's name is on it

New comment by arcfour in "Apple's weird anti-nausea dots cured my car sickness"

arcfour — Tue, 16 Jun 2026 16:48:41 +0000

Very interesting. I've noticed myself getting mildly car sick now that I'm a little older if I don't take breaks every so often. Does anyone know if there's a similar feature on Android?

New comment by arcfour in "Techno-libertarians are flocking to the Caribbean"

arcfour — Tue, 16 Jun 2026 00:34:42 +0000

Libertarianism is a spectrum. The majority believe in some form of government, just limited in what it can do to varying degrees. The are also anarchists, yes, but that's not all libertarians.

New comment by arcfour in "Windows 11 users are tired of MS account requirements creeping into everything"

arcfour — Mon, 15 Jun 2026 02:06:51 +0000

1. It's probably not hard to put her Chrome back where it was and set her homepage to Facebook.

2. These users wouldn't be the people referred to by the article though, right?

New comment by arcfour in "Yserver: A modern X11 server written in Rust"

arcfour — Mon, 15 Jun 2026 01:56:11 +0000

They are also roughly analogous to the modern DE concept of "Workspaces" which people seem to enjoy.

New comment by arcfour in "Yserver: A modern X11 server written in Rust"

arcfour — Mon, 15 Jun 2026 01:54:54 +0000

I agree it used to be fiddly at best but in recent years I had found it to be pretty easy in X11.

I haven't had complaints there for Wayland but I will say that it breaking other things has been annoying.

New comment by arcfour in "The RCE that AMD wouldn't fix"

arcfour — Thu, 11 Jun 2026 18:31:06 +0000

I think it's fair to say that requiring local administrative access to the device is out of scope, since you have already completely pwned the device in that case, which is what what you need to install a CA cert on any OSes.

New comment by arcfour in "Confidential submission of draft S-1 to the SEC"

arcfour — Tue, 09 Jun 2026 07:39:18 +0000

But it seems likely that in the coming years, people will expect Apple's products to include the latest cutting edge AI (I don't mean useless AI shoved into every possible thing, I mean something closer to a useful Siri). Giving everyone else a 10+ year head start on you is not a good position to be in.

If you choose to outsource your AI to OpenAI/Anthropic/whomever, now you're beholden to another (risky), and for a critical feature of your ecosystem that your customers have grown accustomed to and to expect. And it's not just that they might jack up prices on you, but they can just... get acquired, or go bankrupt, or fall behind on model development...

New comment by arcfour in "Five frontier LLMs disagree on 67% of 1k real-world fact-check claims"

arcfour — Thu, 28 May 2026 14:12:47 +0000

False makes sense if you are interpreting it strictly as "has this been proven?"

New comment by arcfour in "C array types are weird"

arcfour — Wed, 27 May 2026 11:38:23 +0000

The work of the mythical four star programmer? https://wiki.c2.com/?ThreeStarProgrammer

New comment by arcfour in "The worst job interview I ever had"

arcfour — Wed, 27 May 2026 10:33:54 +0000

At any point the interviewer could have clarified if they meant "at work" when they received an inappropriate answer. The fact they did not do this means they did not mean "at work," which makes sense because the questions they ask neither specify that nor are worded to make one believe they are work-related.

What would be the point of conducting an entire hour+ long interview where the candidate is only giving you irrelevant answers and you make no attempt to get them on track?

New comment by arcfour in "Air France and Airbus found guilty of manslaughter over 2009 plane crash"

arcfour — Mon, 25 May 2026 10:56:58 +0000

Because a court said it does not make it true. The captain made the correct choices. The first officer made inexplicably incorrect choices continuously; choices which nobody would ever make regardless of training, unless perhaps you had literally never flown a plane before.

At no point in time would the correct response to a stall warning be to pull the nose up. This is something taught well before you enter the cockpit of a commercial airliner. If you continue to pitch the nose up excessively, you will stall the aircraft. This is also something you learn on day 2 or 3 of flight school.

If the first officer had done literally nothing at all, 228 people would be alive.

New comment by arcfour in "Air France and Airbus found guilty of manslaughter over 2009 plane crash"

arcfour — Sun, 24 May 2026 20:12:48 +0000

Are you going to be performing a terrain escape maneuver or a stall recovery maneuver over the open ocean?

New comment by arcfour in "Air France and Airbus found guilty of manslaughter over 2009 plane crash"

arcfour — Sun, 24 May 2026 20:12:16 +0000

Then why was the captain pitching nose down? Why was the F/O ignoring the dual input warning?

New comment by arcfour in "Air France and Airbus found guilty of manslaughter over 2009 plane crash"

arcfour — Sun, 24 May 2026 06:16:14 +0000

Do you need to be to understand that nose up is not how to recover from a stall?

New comment by arcfour in "Google's Antigravity bait and switch"

arcfour — Sat, 23 May 2026 03:59:49 +0000

There's nothing wrong with writing CLI stuff in Node. It has interfaces to work with terminals built-in that aren't unlike what you'd find in any other language. I say this as someone who has worked with ncurses in C a decent amount (and there is a reason I try to avoid doing so anymore!)

React, however, I do find questionable, even having read about and understanding the idea behind Ink.

New comment by arcfour in "Show HN: I Dedicated 4 Years to Mastering Offline Password Cracking"

arcfour — Thu, 21 May 2026 20:41:29 +0000

An EC2 instance with lots of cores like a c6i.32xlarge should do the trick, no? You could even pay for spot instances and just checkpoint frequently and copy the progress file to S3 when you get the interruption warning.