Hacker News: attilagyorffy

New comment by attilagyorffy in "Last.fm is now independent"

attilagyorffy — Wed, 27 May 2026 16:03:10 +0000

This is very exciting. The music landscape is just as chaotic as it was back in 2007 (when CBS acquired Last.fm) if not even more complex these days. Can't wait to see what's next. <3

New comment by attilagyorffy in "Ask HN: Is Slack having some trouble?"

attilagyorffy — Thu, 27 Jul 2023 09:38:20 +0000

If we have high availability connectivity for servers, I feel like corporations should also consider applying the same principles for inter-personal communication. A distributed and encrypted protocol with a similar feature set to Slack would come handy. Any suggestions?

New comment by attilagyorffy in "OpenSSL SSL3_AL_WARNING undefined alert remote DoS"

attilagyorffy — Mon, 24 Oct 2016 14:31:34 +0000

there's currently no post on openssl.org but i expect them to publish one soon. Also, now with all the OpenSSL sh*tstorm this year, I really wonder if LibreSSL is vulnerable to this security problem...

OpenSSL SSL3_AL_WARNING undefined alert remote DoS

attilagyorffy — Mon, 24 Oct 2016 14:30:05 +0000

Article URL: http://seclists.org/oss-sec/2016/q4/224

Comments URL: https://news.ycombinator.com/item?id=12779082

Points: 79

# Comments: 17

New comment by attilagyorffy in "A TCP weakness in Linux systems allows network traffic hijack"

attilagyorffy — Wed, 10 Aug 2016 09:22:14 +0000

I vaguely remember something around a potential fix but I lost track of it. The strange thing is that this appeared yesterday. I haven't had time to actually test this, am just looking to see what the community knows, whether someone could confirm this.

New comment by attilagyorffy in "A TCP weakness in Linux systems allows network traffic hijack"

attilagyorffy — Wed, 10 Aug 2016 08:56:49 +0000

I've found this on isssource and am surprised that it has not spread like wildfire. If the claims are true then this is an issue that should be taken seriously. Posting here for discussion.

A TCP weakness in Linux systems allows network traffic hijack

attilagyorffy — Wed, 10 Aug 2016 08:53:49 +0000

Article URL: http://www.isssource.com/fixing-an-internet-security-threat/

Comments URL: https://news.ycombinator.com/item?id=12260364

Points: 129

# Comments: 23

An up-to-date TodoMVC with Ember and a Phoenix backend using JSONAPI

attilagyorffy — Sun, 24 Jul 2016 13:48:49 +0000

Article URL: https://attilagyorffy.com/2016/07/24/todomvc-with-ember-and-phoenix-using-jsonapi/

Comments URL: https://news.ycombinator.com/item?id=12153288

Points: 4

# Comments: 0

New comment by attilagyorffy in "The state of LibreSSL in FreeBSD"

attilagyorffy — Sun, 03 Jul 2016 18:07:59 +0000

This really is a more complex question then it may seem. One of the reasons I haven't yet upgraded my production system is because I want to be able to keep my system up-to-date. Now, having to manually patch the FreeBSD source tree once a new upgrade lands is a bit of a pain. The point of the article is really about exploring where we are and where the FreeBSD community is headed.

New comment by attilagyorffy in "The state of LibreSSL in FreeBSD"

attilagyorffy — Sun, 03 Jul 2016 14:29:47 +0000

I know this is just nitpicking but you may want to use capital V instead: `ssh -V`.

And indeed the SSH command originates from OpenBSD and uses LibreSSL 2.1.8.

The state of LibreSSL in FreeBSD

attilagyorffy — Sun, 03 Jul 2016 11:13:06 +0000

Article URL: https://attilagyorffy.com/2016/07/02/the-state-of-libressl-in-freebsd/

Comments URL: https://news.ycombinator.com/item?id=12025638

Points: 104

# Comments: 21

New comment by attilagyorffy in "FreeBSD 10.3 officially supported on Microsoft Azure"

attilagyorffy — Thu, 09 Jun 2016 09:47:21 +0000

ha, funnily just one day before code freeze of freebsd 11 :) nevertheless it's great that freebsd is getting more attention these days.

New comment by attilagyorffy in "The Rails Doctrine"

attilagyorffy — Tue, 19 Jan 2016 18:27:06 +0000

I've been a Rails developer for 10 years now and I have to say it is still my favourite tool of choice (yes even in 2016). There are other interesting tools and frameworks out there (I'd love to put my hands on Phoenix and Elixir if I had the time) but for now I have to be honest: When I start a new client project I have to consider a few things:

* Using a well-known framework is favourable over new shiny toys in a commercial system

* An ecosystem that has good 'defaults' is essential. A single web framework won't do everything for you. You need stuff around that for testing, deployments, etc.

For mainly the reasons above Rails is still my primary tool of choice. Yes, it has pinpoints but the reasons above far outweigh the new and shiny.

New comment by attilagyorffy in "Show HN: ied – an alternative package manager for Node"

attilagyorffy — Mon, 16 Nov 2015 00:25:00 +0000

if you can make this work in a way that it's capable of reinstalling a precise snapshot (like using a Gemfile.lock in Ruby's Bundler world) and keep it stable then I once again will have faith in JS package management.

New comment by attilagyorffy in "Microsoft Is Said to Evaluate Possible Bid for Salesforce.com"

attilagyorffy — Tue, 05 May 2015 20:09:25 +0000

my thoughts exactly. whilst i don't care about Salesforce's CRM, i wouldn't want MS to put their hands on heroku. Once MS bought one of my favourite companies (Rareware, now Rare as part of MS Game Studios), effectively they killed creativity. I'm not saying that MS is necessarily evil, all I'm saying is that I've seen this once and I have been really disappointed.

New comment by attilagyorffy in "Pirate Bay to Open Its Own .PIRATE Domain Name Registry"

attilagyorffy — Wed, 01 Apr 2015 09:48:40 +0000

I'm a little bit disappointed that the TLD is .PIRATE instead of .YARR

Bringing npm functionality to the Ruby ecosystem

attilagyorffy — Wed, 01 Apr 2015 09:47:48 +0000

Article URL: https://github.com/npm-ruby/npm-ruby

Comments URL: https://news.ycombinator.com/item?id=9302596

Points: 1

# Comments: 0

New comment by attilagyorffy in "List of April Fools' Day Announcements"

attilagyorffy — Wed, 01 Apr 2015 08:58:23 +0000

https://github.com/npm-ruby/npm-ruby - Bringing npm functionality to Ruby applications

New comment by attilagyorffy in "Npm install could be dangerous"

attilagyorffy — Thu, 29 Jan 2015 11:23:04 +0000

That's also a good solution I think. One of the main advantages of using containers though is real portability. This means in theory you could just push your container in development into production without too much hassle and making administrators nervous :) That's not the same level of portability a full VM would give you.

Admittedly this is more of a discussion about containers and security than npm itself but I'm interested in discovering the options out there. I may attempt to move all my stuff to containers for a bit and write about my findings.

New comment by attilagyorffy in "Npm install could be dangerous"

attilagyorffy — Mon, 26 Jan 2015 16:24:30 +0000

This is exactly why i think modern kernel level security layers, such as FreeBSD jails (or Docker/LXC) were born. Provided your app runs within a jail, it wouldn't matter much anymore:

> Once inside the jail, a process is not permitted to escape outside of this subtree

You could also develop within isolation, therefore your development env would be safer and even similar to a production environment. Needless to say, that has additional benefits.