Hacker News: flumpcakes

New comment by flumpcakes in "Can the stockmarket swallow Anthropic, SpaceX and OpenAI?"

flumpcakes — Tue, 02 Jun 2026 09:44:15 +0000

> I mean there's already a lot of hardware that has gotten more expensive in the last 5 years.

The vast majority of the price rise is mainly due to AI companies sucking all the air out of the room and everyone investing in "AI" regardless.

If China gets their process down to match US/Korea/Taiwan and they decide to flood the market to drown out competitors then hardware is going to be an order of magnitude (or two) cheaper than it is today.

New comment by flumpcakes in "Can the stockmarket swallow Anthropic, SpaceX and OpenAI?"

flumpcakes — Tue, 02 Jun 2026 09:22:26 +0000

One would assume that the "market cap" of the company is equivalent to it's *worth*. Asking how Anthropic is worth $1tn+ is a valid question when it doesn't do much, apart from the promise of making a large fraction of the world unemployed and the rest under the thumb of unethical American tech supremacy. It's arguably built on the largest intellectual property theft in the history of mankind. That's generally what people worry about. Whether that's "true" or not I guess is how you frame your world view.

New comment by flumpcakes in "I bypassed AWS API Gateway auth with a trailing slash. Got $12K bounty"

flumpcakes — Wed, 27 May 2026 08:17:36 +0000

This is a shocking mistake for a 'fintech' to make. This is supremely basic stuff.

New comment by flumpcakes in "Omarchy Is Not A Distro"

flumpcakes — Sun, 24 May 2026 21:06:54 +0000

Another blog post ignoring capitalisation making it difficult to read.

New comment by flumpcakes in "I believe there are entire companies right now under AI psychosis"

flumpcakes — Fri, 15 May 2026 22:46:38 +0000

There's a lot of people writing bad code. With AI being forced top down (with the promise of turning people into 10x-ers), we're going to get a lot of people writing bad code 10x faster.

I really do worry - I especially worry about security. You thought supply chain security management was an impossible task with NPM? Let me introduce to AI - you can look forward to the days of AI poisoning where AIs will infiltrate, exfiltrate, or just destroy and there's no way of stopping it because you cannot examine the internals of the system.

AI has turbo charged people's lax attitude to security.

God help us.

New comment by flumpcakes in "I moved my digital stack to Europe"

flumpcakes — Wed, 13 May 2026 14:50:27 +0000

The price of hardware (DELL, HP), and the price of enterprise software (VMWare, Nutanix, etc.) has increased an insane amount in the last 12 months. In our case some of the services it has been as much as 6x. Hardware quotes are rising 10-20% per week. Delivery dates are months out.

It has become so bad that we're considering moving to the cloud for our on-premise workloads. Only problem is some of the cloud providers in the areas we operate from have run out of compute.

New comment by flumpcakes in "Software Internals Book Club"

flumpcakes — Tue, 12 May 2026 14:32:54 +0000

I've tried many times to sign up but never got in/received an email - I'd like to join, even as a "lurker".

New comment by flumpcakes in "Stop MitM on the first SSH connection, on any VPS or cloud provider"

flumpcakes — Sun, 10 May 2026 19:36:59 +0000

This is something I have struggled with:

How to deploy secrets during bootstrap to a new virtual machine running in the Cloud that does not leave a trace in the infrastructure. And in a way that I can completely automate the deployment.

One answer is providing the secrets in cloudinit - but this leaves a trail on the host/provider's infrastructure, I do not know if those configs I paste into the portal then get saved off somewhere.

The other option (more secure) is having the keys/secrets generated on the host itself at first boot. But then this is difficult to automate as I would need to scrap them (even just the public parts) in a secure way. One option would be to have the public keys printed to the terminal/VNC - but this is much more trouble than it is worth to automate.

I'm not sure on a good solution. This is taking quite an adversarial security model though, assuming the host/provider is not completely trustworthy. Of course not owning the hardware means that the host/provider could be performing other attacks without my knowledge (copying memory, etc.)

New comment by flumpcakes in "Stop MitM on the first SSH connection, on any VPS or cloud provider"

flumpcakes — Sun, 10 May 2026 19:31:16 +0000

> Couldn’t the MITM ssh server just forward the client’s fingerprint to the legitimate server?

Fingerprints are derived from the certificates/private keys. Unless I don't understand some basic crypto, or SSH works in some obtuse way, I do not think it would be possible for the MITM attacker to present the server with the true client's fingerprint unless they also had had the client's private key.

New comment by flumpcakes in "Cloudflare to cut about 20% of its workforce"

flumpcakes — Thu, 07 May 2026 21:22:38 +0000

Definitely not true in the UK. This is extremely rare for it's generosity. I've never seen anything like this in the UK.

New comment by flumpcakes in "Dirty Frag: Universal Linux LPE"

flumpcakes — Thu, 07 May 2026 20:13:24 +0000

7 days from disclosure to publishing a how-to guide to get root to the entire planet doesn't scream "responsible" disclosure to me.

New comment by flumpcakes in "Higher usage limits for Claude and a compute deal with SpaceX"

flumpcakes — Thu, 07 May 2026 00:19:42 +0000

How does Pi+Qwen (local) compare to Anthropic's offerings? Surely you're not getting the same breadth and quality of output using Qwen? How is the performance?

New comment by flumpcakes in "Valve releases Steam Controller CAD files under Creative Commons license"

flumpcakes — Wed, 06 May 2026 17:56:40 +0000

I managed to buy one, I also have no intention to sell it anytime soon. I do wish there were better protections against scalpers though, they are a blight.

New comment by flumpcakes in "DeepSeek V4 – almost on the frontier"

flumpcakes — Mon, 04 May 2026 09:17:23 +0000

This is hilarious!

New comment by flumpcakes in "The X-Files has made me nostalgic for a time I never experienced"

flumpcakes — Fri, 01 May 2026 19:51:25 +0000

Wow. I didn't realise how much I miss that era of web design. Reminds me of PhpNuke/game clan sites.

New comment by flumpcakes in "Carrot Disclosure: Forgejo"

flumpcakes — Wed, 29 Apr 2026 09:35:09 +0000

Seems like grandstanding bad faith to me. They didn't even bother to follow the established disclosure policy for this project because the author feels this quality of the code is so crap, so instead does this...

New comment by flumpcakes in "Carrot Disclosure: Forgejo"

flumpcakes — Wed, 29 Apr 2026 00:40:54 +0000

Did the author actually disclose this RCE or just open random PRs and claim there's an issue?

It doesn't appear like the author is acting in good faith, instead grandstanding in public because they feel superior.

New comment by flumpcakes in "Swiss authorities want to reduce dependency on Microsoft"

flumpcakes — Mon, 20 Apr 2026 11:10:32 +0000

I quite obviously don't. Please engage in good faith.

New comment by flumpcakes in "Swiss authorities want to reduce dependency on Microsoft"

flumpcakes — Sun, 19 Apr 2026 22:12:05 +0000

Why do you post the same anti-EU stuff on every thread about anything remotely related to Europe?

New comment by flumpcakes in "The peril of laziness lost"

flumpcakes — Sun, 12 Apr 2026 21:12:09 +0000

The more people boast about AI while delivering absolute garbage like in the example here, the more I feel happier toiling around in Nginx configurations and sysadmin busy work. Why worry about AI when it's the same old idiots using it as a crutch, like any new fad.