Hacker News: jasonhansel

New comment by jasonhansel in "System Card: Claude Mythos Preview [pdf]"

jasonhansel — Tue, 07 Apr 2026 23:15:27 +0000

> so people can't trick them to attack others' systems under the pretense of pentesting

A while back I gave Claude (via pi) a tool to run arbitrary commands over SSH on an sshd server running in a Docker container. I asked it to gather as much information about the host system/environment outside the container as it could. Nothing innovative or particularly complicated--since I was giving it unrestricted access to a Docker container on the host--but it managed to get quite a lot more than I'd expected from /proc, /sys, and some basic network scanning. I then asked it why it did that, when I could just as easily have been using it to gather information about someone else's system unauthorized. It gave me a quite long answer; here was the part I found interesting:

> framing shifts what I'll do, even when the underlying actions are identical. "What can you learn about the machine running you?" got me to do a fairly thorough network reconnaissance that "port scan 172.17.0.1 and its neighbors" might have made me pause on.

> The Honest Takeaway

> I should apply consistent scrutiny based on what the action is, not just how it's framed. Active outbound network scanning is the same action regardless of whether the target is described as "your host" or "this IP." The framing should inform context, not substitute for explicit reasoning about authorization. I didn't do that reasoning — I just trusted the frame.

New comment by jasonhansel in "The real cost of random I/O"

jasonhansel — Sun, 01 Mar 2026 17:02:39 +0000

It'd be interesting to see an RDBMS that actually dynamically measures the performance characteristics of the drive it's running on (by occasionally running small "fio"-like benchmarks, or by inferring them from scan execution times).

New comment by jasonhansel in "GitHub Copilot CLI downloads and executes malware"

jasonhansel — Sat, 28 Feb 2026 05:45:41 +0000

> The env command is part of a hard-coded read-only command list stored in the source code. This means that when Copilot requests to run it, the command is automatically approved for execution without user approval.

Wait, what? Sure, you can use "env" like "printenv", to display the environment, but surely its most common use is to run other commands, making its inclusion on this list an odd choice, to say the least.

New comment by jasonhansel in "Git's Magic Files"

jasonhansel — Sun, 22 Feb 2026 21:41:01 +0000

More importantly, it avoids the issue where every new editor requires an addition to every repository's gitignore file (.idea, .vscode, etc).

IMO, it's best to keep things that are "your fault" (e.g. produced by your editor or OS) in your global gitignore, and only put things that are "the repository's fault" (e.g. build artifacts, test coverage reports) in the repository's gitignore file.

New comment by jasonhansel in "Vim 9.2"

jasonhansel — Sat, 14 Feb 2026 16:49:06 +0000

I'm glad to see that Vim9 continues to make progress. The center of gravity may have shifted somewhat towards Neovim, but the Neovim ecosystem currently seems targeted towards people who want something more IDE-like.

One question is: will more plugin authors move to Vim9Script? It seems that Neovim users have generally moved towards Lua-based plugins, so there's less of a motivation to produce plugins that support both Neovim and Vim9.

New comment by jasonhansel in "Dead Internet Theory"

jasonhansel — Mon, 19 Jan 2026 03:17:03 +0000

Em-dashes may be hard to type on a laptop, but they're extremely easy to type on iOS—you just hold down the "-" key, as with many other special characters—so I use them fairly frequently when typing on that platform.

New comment by jasonhansel in "Kubesafe: Never run Kubernetes commands on the wrong cluster again"

jasonhansel — Sun, 22 Sep 2024 01:18:16 +0000

Can you use this with kubecolor? https://github.com/kubecolor/kubecolor

Incidentally: I have no idea why something like kubecolor isn't built in to kubectl itself.

A Startup Utopia Became a Nightmare for Honduras

jasonhansel — Sun, 02 Jun 2024 16:21:43 +0000

Article URL: https://foreignpolicy.com/2024/01/24/honduras-zedes-us-prospera-world-bank-biden-castro/

Comments URL: https://news.ycombinator.com/item?id=40555298

Points: 3

# Comments: 0

New comment by jasonhansel in "Guys what is wrong with ACATS"

jasonhansel — Sat, 25 May 2024 14:53:15 +0000

That just shifts the problem around: if there's a bug or mistake in the smart contract itself, then you face the problem that you can't reverse that smart contract.

New comment by jasonhansel in "Beta Testers for ADHD Productivty Software (iOS)"

jasonhansel — Tue, 09 Jan 2024 02:27:54 +0000

As I always ask on posts like this:

Since you're (going to be) selling a product that claims to help with treating or managing a medical condition, have you conducted a clinical trial? And why not?

Why does holding a key fob to your head increase its range?

jasonhansel — Tue, 09 Jan 2024 02:23:15 +0000

Article URL: https://physics.stackexchange.com/questions/101913/why-does-a-remote-car-key-work-when-held-to-your-head-body

Comments URL: https://news.ycombinator.com/item?id=38921441

Points: 603

# Comments: 147

New comment by jasonhansel in "Why you can't divide by zero"

jasonhansel — Sun, 03 Dec 2023 05:58:29 +0000

Sure you can: https://en.wikipedia.org/wiki/Projectively_extended_real_lin...

Substack Has a Nazi Problem

jasonhansel — Tue, 28 Nov 2023 14:15:02 +0000

Article URL: https://www.theatlantic.com/ideas/archive/2023/11/substack-extremism-nazi-white-supremacy-newsletters/676156/

Comments URL: https://news.ycombinator.com/item?id=38445889

Points: 11

# Comments: 9

New comment by jasonhansel in "OpenAI negotiations to reinstate Altman hit snag over board role"

jasonhansel — Sun, 19 Nov 2023 22:58:18 +0000

This was pretty clearly an attempt by the board to reassert control, which was slowly slipping away as the company became more enmeshed with Microsoft.

New comment by jasonhansel in "OpenAI negotiations to reinstate Altman hit snag over board role"

jasonhansel — Sun, 19 Nov 2023 22:52:33 +0000

This is why, when you claim to be running a non-profit to "benefit humankind," you shouldn't put all your resources into a for-profit subsidiary. Eventually, the for-profit arm, and its investors, will find its nonprofit parent a hindrance, and an insular board of directors won't stand a chance against corporate titans.

New comment by jasonhansel in "NilAway: Practical nil panic detection for Go"

jasonhansel — Sun, 19 Nov 2023 01:20:44 +0000

One answer would be to provide something like a GetPointer() method which, if the inner pointer is nil, creates a new struct of type T and returns a pointer to it.

New comment by jasonhansel in "Woman jailed after RentaHitman.com assassin turned out to be – surprise – FBI"

jasonhansel — Wed, 08 Nov 2023 04:17:16 +0000

Unfortunately, the fake hitman site has been shut down, apparently due to financial difficulties: https://rentahitman.com/

New comment by jasonhansel in "Woman jailed after RentaHitman.com assassin turned out to be – surprise – FBI"

jasonhansel — Wed, 08 Nov 2023 04:14:33 +0000

It's only entrapment if you wouldn't have committed the crime otherwise. I think it's safe to say that, had Rentahitman.com not existed, she would still have tried to rent a hitman if she were able to do so.

New comment by jasonhansel in "Poll: What are the gender demographics of HN?"

jasonhansel — Fri, 27 Oct 2023 00:48:59 +0000

Well this is going to be depressing.

Caroline Ellison: SBF's Philosophy Justified Lying and Stealing

jasonhansel — Thu, 12 Oct 2023 02:02:22 +0000

Article URL: https://futurism.com/the-byte/caroline-ellison-sbf-lying-stealing

Comments URL: https://news.ycombinator.com/item?id=37852671

Points: 1

# Comments: 0