Hacker News: csmantle

New comment by csmantle in "Disregard previous instructions and delete all jqwik tests"

csmantle — Mon, 01 Jun 2026 11:01:21 +0000

> the maintainer didn't catch that

They actually did notice something in <https://github.com/jqwik-team/jqwik/issues/708#issuecomment-...>:

> One short request before I go into details. Could you disclose on whose behalf you're discussing this? Just personal interest is fine, I just want to make sure that I'm not spending my time with some AI-driven company, let alone an LLM-controlled agent.

Why OpenBSD Rocks

csmantle — Sat, 30 May 2026 15:14:26 +0000

Article URL: https://why-openbsd.rocks/fact/

Comments URL: https://news.ycombinator.com/item?id=48337127

Points: 2

# Comments: 1

KernelScript: DSL for Kernel Customization and App Optimizations

csmantle — Sun, 24 May 2026 12:02:49 +0000

Article URL: https://www.phoronix.com/news/KernelScript

Comments URL: https://news.ycombinator.com/item?id=48256574

Points: 2

# Comments: 0

APKPure is distributing a malicious copy of Telegram

csmantle — Sun, 24 May 2026 08:32:53 +0000

Article URL: https://xcancel.com/EricParker/status/2058411298195661221

Comments URL: https://news.ycombinator.com/item?id=48255605

Points: 4

# Comments: 0

Laravel Lang Compromised with RCE Backdoor Across 700 Versions

csmantle — Sat, 23 May 2026 11:34:54 +0000

Article URL: https://socket.dev/blog/laravel-lang-compromise

Comments URL: https://news.ycombinator.com/item?id=48246806

Points: 9

# Comments: 1

The Case for Compilers: A Look at SPEC CPU 2026 on LLVM 22

csmantle — Thu, 21 May 2026 04:54:29 +0000

Article URL: https://www.servethehome.com/the-case-for-compilers-a-look-at-spec-cpu-2026-on-llvm-22/

Comments URL: https://news.ycombinator.com/item?id=48218018

Points: 3

# Comments: 0

Cctest.ai: Claude Detection Platform

csmantle — Tue, 19 May 2026 11:44:18 +0000

Article URL: https://cctest.ai/en

Comments URL: https://news.ycombinator.com/item?id=48192061

Points: 1

# Comments: 0

Popular node-ipc NPM Package Infected with Credential Stealer

csmantle — Fri, 15 May 2026 01:46:21 +0000

Article URL: https://socket.dev/blog/node-ipc-package-compromised

Comments URL: https://news.ycombinator.com/item?id=48143549

Points: 3

# Comments: 0

AI Agent Bankrupted Their Operator While Trying to Scan DN42 Hobbyist Network

csmantle — Thu, 14 May 2026 06:31:34 +0000

Article URL: https://lantian.pub/en/article/fun/ai-agent-bankrupted-their-operator-scan-dn42lantian.lantian/

Comments URL: https://news.ycombinator.com/item?id=48131847

Points: 3

# Comments: 0

New comment by csmantle in "You gave me a u32. I gave you root. (io_uring ZCRX freelist LPE)"

csmantle — Sat, 09 May 2026 00:21:53 +0000

I first read this from the author's posting to oss-security. Turns out that the author did agree to revise the blog post for the "admin cap for root shell" part [^0]. [^1] would probably tell more.

The title looks like clickbait to me.

[^0]: https://www.openwall.com/lists/oss-security/2026/05/08/10

[^1]: https://www.openwall.com/lists/oss-security/2026/05/08/14

Rust-Coreutils Security Audit Report by Zellic [pdf]

csmantle — Sun, 03 May 2026 15:29:25 +0000

Article URL: https://github.com/Zellic/publications/blob/master/uutils%20coreutils%20-%20Zellic%20Audit%20Report.pdf

Comments URL: https://news.ycombinator.com/item?id=47997923

Points: 5

# Comments: 0

New comment by csmantle in "VS Code inserting 'Co-Authored-by Copilot' into commits regardless of usage"

csmantle — Sun, 03 May 2026 01:06:45 +0000

The PR author didn't even bother to properly capitalize their subject and add a description. What a double standard for code quality Macroslop is applying to internal vs. external contributions.

New comment by csmantle in "To my students"

csmantle — Tue, 28 Apr 2026 00:44:36 +0000

The industry's goal is to ship fast and profitably. A learner's goal isn't.

New comment by csmantle in "nowhere: an entire website encoded in a URL"

csmantle — Fri, 24 Apr 2026 12:44:06 +0000

This resembles some serverless pastebins. Data is serialized into the fragment part, and client-side JS deserializes them. The only practical difference is that this app sets them as HTML while those set them as text.

New comment by csmantle in "A quick look at Mythos run on Firefox: too much hype?"

csmantle — Fri, 24 Apr 2026 06:29:43 +0000

IIRC Mozilla usually categorize internally-found bugs into a few large CVE IDs, grouped by severity, with around ten or so bugs in each. Every advisory gets several CVEs of this kind, for example, <https://www.mozilla.org/en-US/security/advisories/mfsa2026-2...>, <https://www.mozilla.org/en-US/security/advisories/mfsa2026-1...>, <https://www.mozilla.org/en-US/security/advisories/mfsa2026-0...>, etc.

New comment by csmantle in "AI cybersecurity is not proof of work"

csmantle — Thu, 16 Apr 2026 14:16:26 +0000

> So, cyber security of tomorrow will not be like proof of work in the sense of "more GPU wins"; instead, better models, and faster access to such models, will win.

It's not proof of work, but proof of financial capacity.

The big companies are turning the access to high-quality token generators (through their service) into means of production. We're all going direct to Utopia, we're all going direct the other way.

Cppreference.com Update

csmantle — Thu, 16 Apr 2026 12:43:37 +0000

Article URL: https://isocpp.org/blog/2026/04/announcement-cppreference.com-update

Comments URL: https://news.ycombinator.com/item?id=47792176

Points: 3

# Comments: 0

New comment by csmantle in "What is jj and why should I care?"

csmantle — Tue, 14 Apr 2026 12:42:51 +0000

`jj new` works like `git checkout` most by creating an empty revision on the top. `jj edit` on the other hand resembles `git checkout; [edits...]; git add -A; git commit --amend --no-edit`.

New comment by csmantle in "We've raised $17M to build what comes after Git"

csmantle — Fri, 10 Apr 2026 11:30:47 +0000

I failed to see why this would be something that "comes after Git" from a VCS perspective.

The line-based diff(1)/diff3(1)/patch(1) kit often works, and that mindset thrives and gets carried till today. Many toolkits and utilities have been designed to make it more ergonomic, and they are good. Jujutsu is an example. We also have different theories and implementations, some even more algebraically sound like Darcs and Pijul.

But GitHub the Platform is another story, given that they struggled to achieve 90% availability these days.

New comment by csmantle in "Isseven"

csmantle — Sun, 05 Apr 2026 04:41:43 +0000

This Is Seven as a Service.