Hacker News: edelbitter

New comment by edelbitter in "The curious case of low-protein diets"

edelbitter — Sun, 07 Jun 2026 19:29:04 +0000

> all these data come from nonhuman lab animals

Though what I have see so far is far from everything that could be learned from these surprisingly-humanlike mammals. Still need more research on timing. Maybe protein metabolism is not that different from the better studied methods of derailing glucose metabolism. Maybe the damage is set and done after any prolonged phase of inappropriate diet, and later minor adjustments in consumption have very little additional effect, after controlling for weight and caloric intake.

Maybe all humans need to do is watch their protein intake until puberty.. and then only 60 years later, as failing to retain muscle strength becomes more likely to kill them than any detrimental effect of excessive protein intake.

New comment by edelbitter in "Parallel Reconstruction of Lawful TLS Wiretapping"

edelbitter — Sat, 30 May 2026 21:16:43 +0000

>the various ACME clients like acme.sh are run with elevated privileges

Its really not that difficult to not grant excessive privileges - at the very least for recurring ("cron") runs, once filesystem structure, cache invalidation triggers and web server configuration are in place. Its a shame this is still taught in the "just run as admin" style.

New comment by edelbitter in "Parallel Reconstruction of Lawful TLS Wiretapping"

edelbitter — Sat, 30 May 2026 21:11:33 +0000

CT indeed worked out pretty well. At least until bots started hammering crt.sh making it unreliable, and those that want to be alerted to newly issued certificated appeared in the logs need to pay for some purpose-built service instead of just adding a relevant query to their feed reader.

New comment by edelbitter in "CAPTCHAs can still detect AI agents"

edelbitter — Sat, 30 May 2026 07:01:41 +0000

The appendix lists what they were collecting, and the amount of samples needed for not just mathematically significant, but also practically useful distinguishing power implies collecting enough for a stable yet unique fingerprint. In that case you could just add a login form.. and still be less hostile than the increasing number of websites that will not let me browse (maybe my mouse movement does not match other humans in my region, idk).

New comment by edelbitter in "CAPTCHAs can still detect AI agents"

edelbitter — Fri, 29 May 2026 18:50:49 +0000

But.. the task was never "detect this" but always "detect this within acceptable constraints".

Sure, once you collect enough bits, you can tell that its me. And if you know from other sources that I am human, that solves your immediate problem. But if you do that, you have still failed at the task of detecting certain kind of abusive behavior without harming my anonymity.

New comment by edelbitter in "SpaceX not the behemoth everyone thought"

edelbitter — Fri, 22 May 2026 05:10:59 +0000

Is that not the commonly cited example for commodity trading, whereas meaningful comparison of fundamentals to market capitalization only started much later?

New comment by edelbitter in "How you probably will find Satoshi"

edelbitter — Fri, 22 May 2026 05:02:07 +0000

That particular alias is mildly interesting. The obsession is with finally making progress in understanding the "We kill people based on metadata" threat. Maybe we can please finally stop stuffing PII & timestamps into each "crash report" and every "telemetry ping" and get back to work towards 100% reproducible outputs. (Well, right after I "enable javascript and cookies" because Cloudflare/Fastly/Akamai refuse to talk to me before they can grab a unique fingerprint..)

New comment by edelbitter in "How you probably will find Satoshi"

edelbitter — Fri, 22 May 2026 04:47:40 +0000

Should not set it to nonsense, but rather low-entropy. If its unique, someone with access to old (browser, probably) crash reports might be able to cross-reference. Plus, not too long ago browsers did not care to sanitize the path for input[type="file"], so some websites remembered your account name somewhere in their database.

New comment by edelbitter in "GitHub is investigating unauthorized access to their internal repositories"

edelbitter — Wed, 20 May 2026 05:31:27 +0000

Also coincides with the time I started seeing Juniors installing "recommended extensions" into GitHub-hosted Visual Studio environments.. because there was a popup that helpfully suggested doing so, based on the programming languages used in the checked out repository.

New comment by edelbitter in "Railway Blocked by Google Cloud"

edelbitter — Wed, 20 May 2026 04:47:51 +0000

I continue to receive phishing via AWS pretending to be Amazon. And not even the Unicode-lookalike shenanigans that my spam filter refuses for excessive mixed scripts, no; literally claiming to be Amazon as in: the company that operates the relay.

New comment by edelbitter in "Copy Fail, Dirty Frag, and Fragnesia kernel vulnerabilities"

edelbitter — Tue, 19 May 2026 20:29:09 +0000

Easier: Do not start with a "allow all" configuration in the first place.

Maybe all of those userspace-work-done-in-kernel-because-muh-performance features should be restricted to (the "real") CAP_NET_ADMIN, unless positively enumerated as free-for-all-containers. And then subtract from that free-for-all list every time you learn that some kernel module in its currently available version cannot be trusted to do its own memory shuffling.

New comment by edelbitter in "Google changes its search box"

edelbitter — Tue, 19 May 2026 20:00:23 +0000

e.g. for a two keyword search, Google & DDG return results containing a similar (but more at the moment, more popular, so I understand why they do this) keyword as the first one, and no relation whatsoever with the second. Any search that manages to actually show results related to both of my input terms get the "better" award from me.

New comment by edelbitter in "Google changes its search box"

edelbitter — Tue, 19 May 2026 19:54:08 +0000

I wonder if the same coverage as before is now more economically feasible. The internet has gotten .. smaller, lately.

New comment by edelbitter in "Fabricked: Misconfiguring Infinity Fabric to Break AMD SEV-SNP"

edelbitter — Mon, 18 May 2026 10:15:57 +0000

/proc/cpuinfo shows whatever the hypervisor said, often simply "microcode : 0x1000065"

https://github.com/torvalds/linux/commit/518e7b94817abed94be... https://github.com/qemu/qemu/blob/ac6721b88df944ade0048822b2...

New comment by edelbitter in "Fabricked: Misconfiguring Infinity Fabric to Break AMD SEV-SNP"

edelbitter — Mon, 18 May 2026 00:38:25 +0000

What purpose does the "news" of finding another way to break "confidential computing" serve, other than proliferate the incorrect assumption that there even was a working concept beforehand?

New comment by edelbitter in "Postmortem: TanStack NPM supply-chain compromise"

edelbitter — Tue, 12 May 2026 04:13:40 +0000

If git in general would enforce pretending to not know about orphans, it would always need to know what you were meaning to consider the boundary, and/or you would end up waiting for useless duplicate network traffic. The fact that on GitHub, such references are visible irrespective of specified repo is not a bug, its a feature. Its the tools (including but not limited to: GitHub Actions) that cause dangerous misunderstanding in appearing to let you specify something they then never actually enforce.

specified: repo location, slightly-difficult-to-preimage hash

intended meaning: use this hash if and only if it is accessible from the default branch of that repo

actual meaning: use this hash. start looking at this location. I do not care whether it is accessible through that location by accident, by intent of merely its uploader, or by explicit and persisting intent of someone with write access to the location.

New comment by edelbitter in "Non-determinism is an issue with patching CVEs"

edelbitter — Sat, 09 May 2026 01:32:37 +0000

Not just shipping features - that part is little more than disk space, for features already neatly isolated into modules. I see potential in improved tooling to express "do not autoload anything below this tree" in a more reliable and manageable manner. I know my 15% (far below that, actually), and many more users could express theirs in some deploy config.. If only that did not incur the cost of watching upstream changing things for no reason, or for the recurring reason of kconfig being a fairly error-prone method of expressing & validating dependency trees.

New comment by edelbitter in "Poland is now among the 20 largest economies"

edelbitter — Sat, 09 May 2026 01:14:11 +0000

Notoriously difficult to portray correctly in EU money-shuffling statistics. Some money not granted to the grand duchy still filed under "beneficiary country: Luxembourg" due to some program or institution being headquartered there. And it is essentially impossible to compare apples to apples what happens in actual EU budget and what happens in Kirchberg, home to EIB.

New comment by edelbitter in "Non-determinism is an issue with patching CVEs"

edelbitter — Fri, 08 May 2026 23:44:02 +0000

I found that reducing my "Linux" lines from ~21000 (including net-pf-16-proto-21) down to those ~3000 I might actually use (e.g. udp_tunnel) to be a fairly effective method of not having to care about each and every newly discovered memory safety hazard.

New comment by edelbitter in "Google Cloud fraud defense, the next evolution of reCAPTCHA"

edelbitter — Wed, 06 May 2026 22:14:57 +0000

Then you have already have not been very present in the analytical data that these business decisions are based on.