Hacker News: eldridgea

New comment by eldridgea in "Ask HN: Share your personal website"

eldridgea — Wed, 14 Jan 2026 18:00:23 +0000

https://blog.eldrid.ge

New comment by eldridgea in "Quill OS: An open-source OS for Kobo's eReaders"

eldridgea — Tue, 16 Dec 2025 08:36:27 +0000

Thank you!

New comment by eldridgea in "Quill OS: An open-source OS for Kobo's eReaders"

eldridgea — Tue, 16 Dec 2025 05:14:02 +0000

I got a Boox Go Color 7 as a less locked in alternative to my Kindle a while back, and overall I've really enjoyed it.

It's apparently rootable, although I haven't done that personally. It's Google Play certified so anything from the Play store works, and side loading Android apps works too. I use it with the open source KOReader app and in tandem with Calibre Web Automated. I did a writeup[0] with some details if you're interested.

[0] https://blog.eldrid.ge/2025/03/12/self-hosted-ebook-manageme...

We Manage Cloudflare with Infrastructure as Code

eldridgea — Tue, 09 Dec 2025 19:43:37 +0000

Article URL: https://blog.cloudflare.com/shift-left-enterprise-scale/

Comments URL: https://news.ycombinator.com/item?id=46209612

Points: 3

# Comments: 0

How Cloudflare runs more AI models on fewer GPUs

eldridgea — Thu, 28 Aug 2025 13:24:14 +0000

Article URL: https://blog.cloudflare.com/how-cloudflare-runs-more-ai-models-on-fewer-gpus/

Comments URL: https://news.ycombinator.com/item?id=45051869

Points: 2

# Comments: 0

Message Signatures Now Part of Cloudflare Verified Bots Program

eldridgea — Wed, 02 Jul 2025 18:50:39 +0000

Article URL: https://blog.cloudflare.com/verified-bots-with-cryptography/

Comments URL: https://news.ycombinator.com/item?id=44447419

Points: 5

# Comments: 0

New comment by eldridgea in "That 'unsubscribe' button may be a scam"

eldridgea — Sun, 15 Jun 2025 14:38:58 +0000

I believe it strips everything after a "+" so you can use youraddress+servicename@gmail.com.

It ignores periods so you could also use your.address@gmail.com or y.ouraddress@gmail.com or whatever.

Some sides block plus addressing but that's what I use a lot of the time.

Start auditing and controlling the AI models accessing your content

eldridgea — Mon, 23 Sep 2024 22:27:09 +0000

Article URL: https://blog.cloudflare.com/cloudflare-ai-audit-control-ai-content-crawlers/

Comments URL: https://news.ycombinator.com/item?id=41631253

Points: 2

# Comments: 0

Leaving Google Voice but Taking My Messages with Me

eldridgea — Sat, 21 Sep 2024 23:10:45 +0000

Article URL: https://blog.eldrid.ge/2024/09/21/leaving-google-voice-but-taking-my-messages-with-me/

Comments URL: https://news.ycombinator.com/item?id=41613337

Points: 6

# Comments: 0

New comment by eldridgea in "DOJ sues realpage for algorithmic pricing scheme that harms renters"

eldridgea — Mon, 26 Aug 2024 19:02:26 +0000

~2019 I led a team of highly qualified security R&D folks inside Cisco (we were part of an acquisition), these folks were effectively highly specialized SWEs. But because the title was something like "security researcher" it was compared against the closet Radform ladder which was closer to to compliance officer.

This meant the specialists were on a ladder with often lower pay than a standard SWE, and I couldn't shift the bureaucracy enough to change that. People left for all sorts of reasons but a big part was being able to get 2x-4x the total compensation at other companies.

Cloudflare Cloud Connector

eldridgea — Fri, 16 Aug 2024 15:54:24 +0000

Article URL: https://blog.cloudflare.com/cloud-connector

Comments URL: https://news.ycombinator.com/item?id=41267490

Points: 2

# Comments: 0

Eliminating Hardware with Load Balancing and Cloudflare One

eldridgea — Tue, 16 Jul 2024 18:09:22 +0000

Article URL: https://blog.cloudflare.com/eliminating-hardware-with-load-balancing-and-cloudflare-one

Comments URL: https://news.ycombinator.com/item?id=40978834

Points: 1

# Comments: 0

New comment by eldridgea in "Ask HN: Those running K8s in house, can you please explain your architecture?"

eldridgea — Sun, 23 Jun 2024 16:55:27 +0000

I use a single node microk8s instance mainly so I can stay familiar with syntax and things for work rather than an actual high availability system.

But I use Portainer and store my files on Github so Portainer can auto-update a deployment if I submit a code change, so kind of rudimentary CI/CD which could be fleshed out more with some GitHub Actions probably.

I use iSCSI mounted storage from my NAS on the host and k8s volumes storing configs there. Actual app data is on the NAS accessed via NFS from the relevant apps.

So a new deployment is usually test locally on my laptop, once it's good commit the code to github and either let the deployment auto update or go to Portainer and do it manually if it's a new deployment. Ingress traffic is done via Cloudflare Tunnels deployed in k8s.

I keep most apps in a single namespace called prod unless they need more than 1-2 pods. If I was doing this again I'd use a namespace per app, I do use a dedicated namespace for anything with a Helm deployment or needs a lot of pods (e.g. Immich)

New comment by eldridgea in "Addressing Visibility Challenges with TLS 1.3 Within the Enterprise"

eldridgea — Thu, 28 Mar 2024 14:51:03 +0000

The biggest difference I'm aware of is TLS 1.3 encrypts the initial handshake[0] in a way to prevent eavesdropping the hostname of the destination. Prior to that, you could get the hostname via network monitoring if you wanted. Encrypting the TLS handshake didn't maker sense to prioritize though as DNS requests were sent in the clear.

However with DNS increasingly being encrypted with DoH and DoT, the TLS handshake was one of the only places you could eavesdrop on the destination hostname, until it was removed in 1.3.

Of course network monitoring will still give you the destination IP, but those are increasingly overwhelmingly destined for a major cloud or CDN provider which doesn't provide much context about the actual destination.

If you'll forgive the shameless self-promo, I covered a decent amount of this in my Blackhat talk about encrypted DNS a few years back: https://www.youtube.com/watch?v=XCnE2o2pfxs

0: https://blog.cloudflare.com/encrypted-client-hello/

Cloudflare WARP Connector: paving the path to any-to-any connectivity

eldridgea — Wed, 20 Mar 2024 15:03:09 +0000

Article URL: https://blog.cloudflare.com/introducing-warp-connector-paving-the-path-to-any-to-any-connectivity-2

Comments URL: https://news.ycombinator.com/item?id=39767616

Points: 3

# Comments: 0

Cloudflare Warp: Tunneling with Masque

eldridgea — Fri, 08 Mar 2024 17:27:25 +0000

Article URL: https://blog.cloudflare.com/zero-trust-warp-with-a-masque

Comments URL: https://news.ycombinator.com/item?id=39643376

Points: 2

# Comments: 0

New comment by eldridgea in "Tell HN: Google Drive for Mac deleted all my files"

eldridgea — Tue, 13 Feb 2024 21:17:37 +0000

I'm not certain but might be related to the desktop client deleting files issue they had in Dec?

https://www.theverge.com/2023/12/6/23991183/google-drive-los...

Privacy Pass Standard

eldridgea — Tue, 09 Jan 2024 15:55:45 +0000

Article URL: https://blog.cloudflare.com/privacy-pass-standard

Comments URL: https://news.ycombinator.com/item?id=38927532

Points: 3

# Comments: 0

New comment by eldridgea in "Ask HN: Why SSL certs are not decentralized?"

eldridgea — Mon, 18 Dec 2023 01:50:48 +0000

I asked a cloudflare engineer this and the answer was a bit vague but amounted to the failure rate being something like 0.5% which was too high for the amount of TLS sessions being initiated all the time.

Although I always thought it would be a nice feature for security conscious folks to be able to ennable. Or go ahead and use it on more sensitive sites only, e.g. banks.

New comment by eldridgea in "Firefox 120 Ready with Global Privacy Control, WebAssembly GC on by Default"

eldridgea — Mon, 20 Nov 2023 20:49:53 +0000

They work with Firefox for me on desktop (mac/linux). This is _very_ recent though.

Passkeys in Firefox also work for me on mobile but not with Bitwarden, Bitwarden's blog says passkey sync on mobile is "coming soon".