Hacker News: bflesch

New comment by bflesch in "OpenAI raises $110B on $730B pre-money valuation"

bflesch — Fri, 27 Feb 2026 14:39:01 +0000

If you make a billion but only pay $2M for a pardon it might be worth it: https://www.independent.co.uk/news/world/americas/us-politic...

New comment by bflesch in "The Wolfram S Combinator Challenge"

bflesch — Thu, 26 Feb 2026 20:30:17 +0000

Coincidental timing for Wolfram to pop up here just as it becomes clearer that he might actually have met Epstein after all.

New comment by bflesch in "Show HN: SNKV – SQLite's B-tree as a key-value store (C/C++ and Python bindings)"

bflesch — Tue, 24 Feb 2026 13:27:12 +0000

Did you measure the performance impact of having multiple trees in a single file vs. having one tree per file? I'd assume one per file is faster, is that correct?

New comment by bflesch in "Spain’s LaLiga has blocked access to freedom.gov"

bflesch — Sun, 22 Feb 2026 21:43:58 +0000

What are the odds that the Cloudflare CEO will have a twitter meltdown about this?

New comment by bflesch in "Web Components: The Framework-Free Renaissance"

bflesch — Fri, 20 Feb 2026 16:47:00 +0000

> Home Assistant [1] has been written using web components and it has been great.

That could explain why the percentage slider is not showing a current value tooltip when sliding it :P

New comment by bflesch in "DNS-Persist-01: A New Model for DNS-Based Challenge Validation"

bflesch — Thu, 19 Feb 2026 00:15:56 +0000

> But I don't understand why they chose to include the account as a plain-text string in the DNS record.

Simple: it's for tracking. Someone paid for that.

New comment by bflesch in "Don't pass on small block ciphers"

bflesch — Wed, 18 Feb 2026 19:06:38 +0000

Are you serious?

The CPU firmware blobs are encrypted and nobody except Intel can see what is running there. A handful of people on the planet have the tools and skills to analyze the chip for backdoors.

A small section of CPU cache could stay powered even though the OS is shut down, persisting the keys that were passed to the AES CPU instruction. As CPU is directly linked to wifi/bluetooth and USB chipsets, exfiltration could be possible both wirelessly and via special USB payload.

New comment by bflesch in "Don't pass on small block ciphers"

bflesch — Wed, 18 Feb 2026 14:26:29 +0000

Yes but it's much easier to tell devs "put your keys here" and then just take that.

New comment by bflesch in "Don't pass on small block ciphers"

bflesch — Wed, 18 Feb 2026 14:25:44 +0000

I think Linux/LUKS software encryption was a very big challenge and they solved it with multiple approaches

- 2004: Linux LUKS disk encryption [0]

- 2008: ring −3 / intel management engine [1]

- 2010: AES instruction set [2]

- 2009: TPM [3]

[0] https://en.wikipedia.org/wiki/Linux_Unified_Key_Setup

[1] https://en.wikipedia.org/wiki/Intel_Management_Engine

[2] https://en.wikipedia.org/wiki/AES_instruction_set

[3] https://en.wikipedia.org/wiki/Trusted_Platform_Module

New comment by bflesch in "Don't pass on small block ciphers"

bflesch — Tue, 17 Feb 2026 23:50:28 +0000

Good points, but might be mitigated by knowing that the first key after boot is for HDD encryption and if storage is limited then keep counter for each key, and always overwrite least frequently observed key.

New comment by bflesch in "Gentoo on Codeberg"

bflesch — Tue, 17 Feb 2026 19:52:42 +0000

That's what happens when the whole company uses high-end macbooks and nobody has an older PC. It's been noted thousands of times on HN but these US companies make money head over fist and do not give a single damn about people on "lower" end devices.

New comment by bflesch in "Claude Sonnet 4.6"

bflesch — Tue, 17 Feb 2026 19:50:03 +0000

That's a bad argument, did Anthropic have a liquidity event that made employees "rich"?

New comment by bflesch in "Don't pass on small block ciphers"

bflesch — Tue, 17 Feb 2026 19:41:05 +0000

Are you suggesting a very large custom blocksize? I don't think this would be feasible beyond a few megabytes.

New comment by bflesch in "Don't pass on small block ciphers"

bflesch — Tue, 17 Feb 2026 19:36:12 +0000

Slightly unrelated, but aren't these AES-specific custom CPU instructions just a way to easily collect the encryption keys? There is a speedup but is it worth the risks?

If I were a nation state actor, I'd just store the encryption keys supplied to the AES CPU instruction somewhere and in case the data needs to be accessed you just read the stored keys.

No need to waste time deploying a backdoored CPU firmware and wait for days or weeks, and then touch the hardware a second time to extract the information.

When all AES encryption keys are already stored somewhere on the CPU, you can easily do a drive-by readout at any point in time.

Linux kernel has a compile time flag to disable use of custom CPU instructions for encryption, but it can't be disabled at runtime. If "software encryption" is used, the nation state actor needs to physically access the device at least two times or use a network-based exploit which could be logged.

New comment by bflesch in "Claude Sonnet 4.6"

bflesch — Tue, 17 Feb 2026 19:27:10 +0000

Wasn't that most likely related to the US government using claude for large-scale screening of citizens and their communications?

New comment by bflesch in "Oxide raises $200M Series C"

bflesch — Tue, 10 Feb 2026 14:55:10 +0000

Can you name some people who are working there and who you look up to? I need some new idols after the old idols all went up in MAGA and Epstein files .

New comment by bflesch in "Oxide raises $200M Series C"

bflesch — Tue, 10 Feb 2026 14:54:25 +0000

Their website is so nice and smooth even on my shitty computer, not like the other announcement pages of major companies that only work on state of the art macbooks.

New comment by bflesch in "The RCE that AMD won't fix"

bflesch — Fri, 06 Feb 2026 12:59:45 +0000

AFAIK a lot of linux packet repositories are http-only as well. Convenient for tracking what package versions have been installed on a certain system.

New comment by bflesch in "xAI joins SpaceX"

bflesch — Mon, 02 Feb 2026 21:59:36 +0000

> By directly harnessing near-constant solar power with little operating or maintenance costs, these satellites will transform our ability to scale compute. It’s always sunny in space! Launching a constellation of a million satellites that operate as orbital data centers is a first step towards becoming a Kardashev II-level civilization, one that can harness the Sun’s full power, while supporting AI-driven applications for billions of people today and ensuring humanity’s multi-planetary future.

Apparently optimus robots don't work and he needs to start his final grift, space datacenters, while his datacenters on earth are powered by gas turbines.

Most likely he's just trying to bury his epstein involvement where was exposed lying by his own daughter.

New comment by bflesch in "Show HN: PolliticalScience – Anonymous daily polls with 24-hour windows"

bflesch — Mon, 02 Feb 2026 21:37:41 +0000

GDPR is not about cookies it is about you giving user data to another company, and by including plausible.io you are doing that.