Hacker News: jborean93

New comment by jborean93 in "Microsoft Edge stores all passwords in memory in clear text, even when unused"

jborean93 — Tue, 05 May 2026 04:41:29 +0000

This only works if credential guard has implemented a way to build a subsequent token/value from that secret. For things like basic auth the secret would need to eventually hit the userland process that needs it in some shape or form to then embed it in the HTTP payload which is plaintext.

New comment by jborean93 in "Sudo for Windows (2024)"

jborean93 — Mon, 20 Apr 2026 06:14:12 +0000

> *nix fanboys were totes fine with wget and ls being an aliases in PowerShell for years but when they found out what PS is coming to Linux they made a biggest stink

The curl and wget aliases don’t exist on the PowerShell 7 version which is the cross platform one. Only the old powershell.exe builtin to Windows has these aliases and it’s worse today because curl.exe is builtin and the curl alias takes priority when you run just curl.

New comment by jborean93 in "Sudo for Windows (2024)"

jborean93 — Mon, 20 Apr 2026 06:12:10 +0000

The runas command doesn’t elevate just runs as another user. This is a console executable that drives UAC and also provides a way to capture the stdout/stderr elevated process which isn’t natively possible today without your own wrapper.

New comment by jborean93 in "PowerShell MSI Package Deprecation"

jborean93 — Fri, 10 Apr 2026 23:43:27 +0000

Looks like Microsoft is trying to stop internal products from using MSI in favour of MSIX packages. MSIX is nice for interactive applications but has a few issues with dealing with system wide installations and automation scenarios that I doubt the PowerShell team will be able to solve by the time of the 7.7 release.

PowerShell MSI Package Deprecation

jborean93 — Fri, 10 Apr 2026 23:43:27 +0000

Article URL: https://devblogs.microsoft.com/powershell/powershell-msi-deprecation/

Comments URL: https://news.ycombinator.com/item?id=47725361

Points: 1

# Comments: 1

New comment by jborean93 in "The history of C# and TypeScript with Anders Hejlsberg [video]"

jborean93 — Sun, 01 Feb 2026 20:51:09 +0000

I don't mind NRT but I hate dealing with C# projects that haven't set < Nullable>Enable in their csproj. It's not perfect because I know at runtime it can still be nullable but it's nice when the compiler does most of the checks for you.

New comment by jborean93 in "Anthropic invests $1.5M in the Python Software Foundation"

jborean93 — Wed, 14 Jan 2026 02:35:23 +0000

They didn't just write the PEP, they implemented them.

New comment by jborean93 in "Anthropic invests $1.5M in the Python Software Foundation"

jborean93 — Tue, 13 Jan 2026 20:52:26 +0000

That's the thing, you don't have to :) While I think uv is a great tool and highly recommend it, you are more than welcome to use any of the other build backends or package management tools that fit your workstyle. By having these packaging PEPs (amongst) others, the ecosystem has been able to try out different approaches and most likely over time will consolidate on specific ones that work better than the others.

New comment by jborean93 in "Anthropic invests $1.5M in the Python Software Foundation"

jborean93 — Tue, 13 Jan 2026 19:48:25 +0000

> They refused to invest in packaging to the extent that a separate company (astral) had to do it for them

uv didn't just happen in a vacuum, there has been lots of investment in the Python packaging ecosystem that has enabled it (and other tools) to try and improve the shortcomings of Python and packaging.

There's PEP 518 [1] for build requirements, PEP 600 [2] for manylinux wheels, PEP 621 [3] for pyproject.toml, PEP 656 [4] for musl wheels platform identifiers, PEP 723 [5] for inline script metadata.

Without all this uv wouldn't be a thing and we would be stuck with pip and setuptools or a bunch of more bandaid hacks on top making the whole thing brittle.

[1] https://peps.python.org/pep-0518/ [2] https://peps.python.org/pep-0600/ [3] https://peps.python.org/pep-0621/ [4] https://peps.python.org/pep-0654/ [5] https://peps.python.org/pep-0723/

New comment by jborean93 in "Launch a Debugging Terminal into GitHub Actions"

jborean93 — Mon, 12 Jan 2026 20:14:11 +0000

There shouldn't be any difference between those two values. I'm not saying you are wrong and it didn't break but it's definitely surprising a parser would choke on that vs YAML itself being the problem.

Don't get me wrong I can empathise with whitespace formatting being annoying and having both forms be valid just adds confusion it's just surprising to see this was the problem.

New comment by jborean93 in "The Case for Nushell (2023)"

jborean93 — Fri, 09 Jan 2026 02:47:59 +0000

& has no special behaviour in strings, backticks and $ on the other hand do. For example "&Some String&" and '&Some String&' are all the literal value `&Some String&`. Backticks and $ are special in double quoted strings as they are the escape character and variable reference chars respectively.

New comment by jborean93 in "GitHub postponing the announced billing change for self-hosted GitHub Actions"

jborean93 — Thu, 18 Dec 2025 03:53:37 +0000

per-minute is really just a way to express the cost in a human friendly name. Doing per-hour, per-second, per-day could all result in the same total value just at a different number. If anything per-minute is better than per-hour as you won't be charge for minutes you don't use.

New comment by jborean93 in "Apple's slow AI pace becomes a strength as market grows weary of spending"

jborean93 — Wed, 10 Dec 2025 05:10:53 +0000

Maybe to you, I enjoy the fact that

> I don't knock it out of my head by having the wire catching on something > Dealing with the cable and having to pack it back up when I'm done > It auto connects to both my phone and laptop 99% of the time > It easily swap between the 2 as I change the focus

Now they aren't perfect, charging can be a bit fiddly over time but they certainly are nicer than the normal headphones. Maybe you just aren't the target audience but clearly they are popular enough for most people.

New comment by jborean93 in "A surprise with how '#!' handles its program argument in practice"

jborean93 — Thu, 20 Nov 2025 22:37:29 +0000

This seems a bit pedantic, while you may be correct (I honestly don't know what standard this is referring to) the UTF-8 BOM is a thing that some tools do know about. Even then in the context of OP's question the BOM with UTF-8 isn't the specific problem but rather how the shebang interpreter reads the actual ASCII byte sequences so a UTF-16 with a BOM "text" file would also fail.

New comment by jborean93 in "Linux and Windows: A tale of Kerberos, SSSD, DFS, and black magic (2018)"

jborean93 — Sun, 02 Nov 2025 19:17:42 +0000

That's the realm side which should be upper case. The comment reference was for hostname themselves which I've always just done as lower case and have never seen a reason to make it upper case. The krb5.conf has a [domain_realm] section which can map a DNS name/suffix to the actual realm

    [domain_realm]
    .domain.com = DOMAIN.COM
    domain.com = DOMAIN.COM

New comment by jborean93 in "Linux and Windows: A tale of Kerberos, SSSD, DFS, and black magic (2018)"

jborean93 — Sun, 02 Nov 2025 19:15:39 +0000

The problem I have with using a gMSA outside of Windows is you need a Kerberos principal and credential for that principal in the first place to allow retrieving the gMSA details. Why not just use that principal and avoid adding this next step.

It would be great if Linux had a mechanism where the host itself could act as the principal to retrieve the gMSA like on Windows but the GSSAPI worker model just works differently there and runs in process. A similar problem exists for using Kerberos FAST/armouring where Windows uses the hosts' ticket to wrap the client request but on Linux there is no privileged worker process that protects this ticket so the client needs to have full access to it.

The closest thing I've seen is gssproxy [1] which tries to solve the problem where you want to protect host secrets from a client actually seeing the secrets but can still use them but I've not seen anything from there to support gMSAs for armouring for client TGT requests.

[1] https://github.com/gssapi/gssproxy

New comment by jborean93 in "Athlon 64: How AMD turned the tables on Intel"

jborean93 — Fri, 26 Sep 2025 01:58:44 +0000

The subsystem in question would be the one to handle the logic for the syscall. So the POSIX subsystem would use the reparse data buffer as needed. It's just that the Win32 subsystem added its own symlink one in Vista/2008.

This is all a guess, the POSIX subsystems were a bit before my time and I've never actually used them. I just know how symlinks work on Windows/NTFS and when they were added.

New comment by jborean93 in "Athlon 64: How AMD turned the tables on Intel"

jborean93 — Fri, 26 Sep 2025 01:19:23 +0000

No idea if the POSIX subsystem used NTFS or some other filesystem but if it was NTFS it probably just used the same reparse data buffer. It's just that Windows only added a symlink buffer structure in Vista/2008. You can manually use the same data buffer in older Windows versions it just won't know what to do with them just like all the other reparse data structures.

New comment by jborean93 in "Athlon 64: How AMD turned the tables on Intel"

jborean93 — Fri, 26 Sep 2025 00:25:44 +0000

It had junction points and hard links but symbolic links were added in Vista/Server 2008.

New comment by jborean93 in "Fixing an old .NET Core native library loading issue on Alpine"

jborean93 — Fri, 29 Aug 2025 22:05:07 +0000

> Core biggest feature is running on Linux

There are so many features that .Net 5+ brings to the table. Even if features aren’t important the performance improvements you get with the newer versions should be enough to justify moving to it.

I agree the support side is annoying but honestly the support side is really just “security” fixes with security being a very hard thing to describe here and gives MS a lot of wiggle room to not actually support it.