Hacker News: idorosen

New comment by idorosen in "Decisions that eroded trust in Azure – by a former Azure Core engineer"

idorosen — Fri, 03 Apr 2026 05:39:57 +0000

Or to simplify the product and rebuild.

New comment by idorosen in "An FAQ on Reinforcement Learning Environments"

idorosen — Sat, 21 Mar 2026 01:54:33 +0000

ai slop

New comment by idorosen in "Reverse-engineering the UniFi inform protocol"

idorosen — Mon, 09 Mar 2026 14:30:41 +0000

Using the network byte ordering (big endian) of UBNT as the magic number in the protocol is a nice touch.

New comment by idorosen in "Remotely unlocking an encrypted hard disk"

idorosen — Thu, 05 Mar 2026 21:32:44 +0000

There is an old but still reasonable solution with mkinitcpio hooks encrypt/sd-encrypt + ssh, which is very easy to set up with EFI or grub2 onward. Tailscale is probably overkill for this use case, given that you're already exposing pre-/early- boot to the network by setting up interfaces that early. This became much more hermetic with secureboot and TPMs, too.

New comment by idorosen in "Using proxies to hide secrets from Claude Code"

idorosen — Mon, 19 Jan 2026 02:53:46 +0000

try firejail insread

New comment by idorosen in "Ask HN: Share your personal website"

idorosen — Thu, 15 Jan 2026 04:58:12 +0000

https://ido.ai

New comment by idorosen in "iCloud Photos Downloader"

idorosen — Sun, 11 Jan 2026 19:59:58 +0000

https://github.com/libimobiledevice/ifuse might help.

New comment by idorosen in "Gentoo Linux 2025 Review"

idorosen — Sun, 11 Jan 2026 17:21:03 +0000

This is a remarkably small number given that Gentoo Portage is load bearing infrastructure under ChromeOS.

New comment by idorosen in "Clock synchronization is a nightmare"

idorosen — Sun, 28 Dec 2025 06:59:49 +0000

Amen. :)

New comment by idorosen in "Clock synchronization is a nightmare"

idorosen — Sun, 28 Dec 2025 00:07:36 +0000

In summary, with different business requirements you would build a different technical solution.

New comment by idorosen in "Clock synchronization is a nightmare"

idorosen — Sat, 27 Dec 2025 23:47:21 +0000

Yup! I was referring to the original TrueTime/Spanner papers, not whatever's currently deployed. The original paper makes reference to distributed ordering guarantees at the milliseconds' scale precision, which implies many more transactions in flight in the uncertain state and coarser distributed ordering guarantees than the much tighter upper bound you can set with nanoseconds' precision and microseconds' comms latency...

New comment by idorosen in "Clock synchronization is a nightmare"

idorosen — Sat, 27 Dec 2025 20:32:22 +0000

Alternatively, you could guarantee the same synchronization using PPS and PTP to each host's DCD pin of their serial port or to specialized hardware such as modern PTP-enabled smart NICs/FPGAs that can accept PPS input. GPS+PPS gets you to within 20-80ns global synchronization depending on implementation (assuming you're all mostly in the same inertial frame), and allows you to make much stronger guarantees than TrueTime (due to higher precision distributed ordering guarantees, which translate to lower latency and higher throughput distributed writes).

New comment by idorosen in "Exe.dev"

idorosen — Sat, 27 Dec 2025 17:45:05 +0000

Interesting interface. Some feedback:

  - Email delay to Gmail inboxes for verifying an SSH key used via SSH via email is longer than the timeout of the "Waiting for verification email..." stage in the SSH key registration. Wait longer or provide a non-email way to authorize a new key. You could imagine a few ways to do this: Allow users to add/delete SSH keys from the website or exe.dev shell; create a bearer token/random string that I can generate from the exe.dev shell or website to associate a new SSH key; SSH key signatures (existing key signs new key); SSH CAs (like @cert-authority); etc.
  - SSH U2F/FIDO2 authentication support has become mainstream, and offers you a way to have homogeneous auth across web and SSH interfaces. Maybe consider unifying authN this way?
  - exe.dev ssh interface does not allow me to list SSH keys, only to delete them. Consider moving all authN/authZ functionality into an "auth" subcommand/submenu (like you have for "share") and support SSH pubkey CRUD in there.
  - You make some strong assumptions about email addresses that aren't true -- what happens on email address changes, lost email access, etc. This will become more important when you start billing (and possibly costly).
  - How do I manage persistent disks? Any way to attach them to a different VM after I'm done with them on the original one? Is there always a single PD per VM or can these be managed separately? What about data or database volumes? Can PDs be attached to one or multiple VMs at a time?

At what scale do you break even on fixed costs (wages, rents, etc.)?

New comment by idorosen in "Ultrasonic Chef's Knife"

idorosen — Sun, 21 Sep 2025 18:00:09 +0000

They claim to be the first, but a simple google search shows several other ultrasonic kitchen knives out there. (369sonic, etc.) dating back years.

New comment by idorosen in "Nest 1st gen and 2nd gen thermostats no longer supported from Oct 25"

idorosen — Sat, 06 Sep 2025 04:05:23 +0000

Liability.

New comment by idorosen in "Wikipedia loses challenge against Online Safety Act"

idorosen — Wed, 13 Aug 2025 07:13:59 +0000

The point was that Wikipedia blocking the UK today would not have the same effect as blocking it a decade ago during previous similar censorship attempts. It would likely be less effective.

However, those aren’t not the only two options. Wikipedia could block editing from the UK, or it could simply not comply and wait for an enforcement action.

What recourse would the UK have in any case of such an enforcement action if the law or regulation Wikipedia faces does not exist in the US, where Wikipedia is ostensibly based if it removed all financial or physical presence from the UK?

New comment by idorosen in "Wikipedia loses challenge against Online Safety Act"

idorosen — Mon, 11 Aug 2025 22:21:52 +0000

To all of the commenters recommending that Wikipedia block UK visitors: This is incredibly short-sighted in the age of LLMs, where Wikipedia does not need to exist in a country in order for the benefit of its existence to be felt. Such a move would likely just drive people to obtain dubious regurgitations of Wikipedia’s (freely available) content via their favorite LLM chatbot, in my opinion.

New comment by idorosen in "Physical Media Is Cool Again. Streaming Services Have Themselves to Blame"

idorosen — Mon, 11 Aug 2025 08:24:37 +0000

Pure pedantry. The meaning in context was clear to a reasonable fluent reader such as yourself. Instead of focusing on pedantic form, I suggest focusing on the intent and content of TFA: Is physical media cool again and if so, why.

New comment by idorosen in "Physical Media Is Cool Again. Streaming Services Have Themselves to Blame"

idorosen — Sun, 10 Aug 2025 01:00:41 +0000

Vernacular shifts as society and technology change. As evidence, it doesn't seem like you or GP misunderstood the journalist's meaning. This is pedantry.

New comment by idorosen in "Physical Media Is Cool Again. Streaming Services Have Themselves to Blame"

idorosen — Sat, 09 Aug 2025 20:42:29 +0000

Languages change over time.