Hacker News: jurschreuder

New comment by jurschreuder in "Ask HN: Due to spam on GitHub, what platforms can I move my projects?"

jurschreuder — Sat, 20 Jun 2026 20:06:28 +0000

Codeberg. They ONLY host open source software, it's sponsored by European institutions, Zig moved there too.

In the near future I'm also adding Forgejo to our Kexxu servers. Forgejo is basically Codeberg (but you need to host it). If you want a private repo on Kexxu just ask.

New comment by jurschreuder in "The beauty and simplicity of the good old C-style void* in C++"

jurschreuder — Tue, 16 Jun 2026 22:26:56 +0000

Nobody uses void* in C++ you will get lectured if you do that.

New comment by jurschreuder in "How memory safety CVEs differ between Rust and C/C++"

jurschreuder — Tue, 16 Jun 2026 22:25:35 +0000

Yes all of them have sources.

Look for example top 500 CVEs of this year (after many fixes in C++, not right when the 70% memory issues in Chrome came out).

Look at top 10 CVE github 2025 (zero memory related does not make it).

Look at that sudo-rs was not allowed in Ubuntu because it's not as safe (way worst track record) than the C version, almost all is input sanitation.

Look at wordpress plugins hacks, all PHP all memory safe language. Compare that to HAProxy and Nginx (C).

Etc.

New comment by jurschreuder in "How memory safety CVEs differ between Rust and C/C++"

jurschreuder — Tue, 16 Jun 2026 22:21:04 +0000

You can also write inline assembly in C++ and then it's not safe.

But no developers working on projects that have been so ultimately battle tested that only memory safety issues remain do that. Professional C++ developers use RAII and containers. If you use raw pointers or raw arrays in C++ you will get 200 code reviewers lecturing you. You will never be able to for long.

New comment by jurschreuder in "How memory safety CVEs differ between Rust and C/C++"

jurschreuder — Tue, 16 Jun 2026 22:18:07 +0000

In highly specific programs like browser sandboxes. Not in things like wordpress plugins or nodejs servers.

New comment by jurschreuder in "How memory safety CVEs differ between Rust and C/C++"

jurschreuder — Tue, 16 Jun 2026 22:15:58 +0000

PHP is garbage collected for reference. So rewriting wordpress plugins in Rust would not make them more secure but rewriting HAProxy or Nginx would? It's delusional.

New comment by jurschreuder in "How memory safety CVEs differ between Rust and C/C++"

jurschreuder — Tue, 16 Jun 2026 22:14:14 +0000

In Chromium which is the condom of the internet, already millions of developer hours of the most highly paid developers have spent their days trying to make it water tight. This is not your average software project.

New comment by jurschreuder in "How memory safety CVEs differ between Rust and C/C++"

jurschreuder — Tue, 16 Jun 2026 22:11:12 +0000

Then you're looking at very old data, recent top 500 CVE's 100% of the use-after-free exploits where escalation to Admin on Windows.

New comment by jurschreuder in "How memory safety CVEs differ between Rust and C/C++"

jurschreuder — Tue, 16 Jun 2026 22:09:55 +0000

Google Chromium but not it's not even in the top 10 of vulnerabilities in Github

New comment by jurschreuder in "GPT‑NL: a sovereign language model for the Netherlands"

jurschreuder — Tue, 16 Jun 2026 22:07:47 +0000

What are they going to train with 13.5M really? We're a tiny company in Amsterdam in Holland and we've got "only 64x B300 to train on" so we could never make an LLM I thought, since we've got only 4M in compute.

And they're going to train an LLM with all kinds of extra difficulties compared to OpenAI for just 13.5M?

The very first Llama was 16M for one training.

New comment by jurschreuder in "How memory safety CVEs differ between Rust and C/C++"

jurschreuder — Mon, 15 Jun 2026 17:30:09 +0000

Just want to remind everyone that only 1% of vulnerabilities are memory related in the average Joe's code.

And only 20% of memory related bugs are use-after-free which the borrow checker fighting is for.

And 100% of the use-after-free exploits were to gain admin rights on an already hacked Windows (all windows) computer.

So for the vast majority of people the borrow checker adds nothing.

The vast majority of memory safety bugs (extreme pro level, super hard to exploit, only worth it in massively adopted evil outer world facing software) can be fixed by using C++26 with array bounds checking and forced initialisation.

These last two things that Rust forces catch 70-80% of the memory problems the borrow checker only 20-30% only use-after-free.

Most problems by far for normal developers are supply chain attacks, exposing api keys, remote code execution, wrong input validation, wrong auth-flow.

You're reading the CVEs of sudo and ssh and think your code will be hacked like that.

PHP is memory safe and still many people hack wordpress plugins.

New comment by jurschreuder in "The beauty and simplicity of the good old C-style void* in C++"

jurschreuder — Tue, 09 Jun 2026 20:45:45 +0000

I would argue that you would not really know what the compiler would be up to with the memory void* points to.

To make sure I would put it in some kind of container.

New comment by jurschreuder in "Show HN: Gitdot – a better GitHub. Open-source, written in Rust"

jurschreuder — Tue, 09 Jun 2026 05:54:03 +0000

Too bad it's written in Rust so I won't use it.

New comment by jurschreuder in "Investigation: Russian censorship systems (TMCT) expose Chinese DPI signatures"

jurschreuder — Fri, 05 Jun 2026 17:44:50 +0000

This was already published many countries use Chinese internet censoring technology this is no secret

New comment by jurschreuder in "Can the stockmarket swallow Anthropic, SpaceX and OpenAI?"

jurschreuder — Tue, 02 Jun 2026 05:22:26 +0000

They're doing an IPO now because the war in Europe with Ukraine is almost over it seems, and after that a big percentage of capital will relocate from the USA to Europe again. They are just cashing out right before the tide turns.

New comment by jurschreuder in "The dead economy theory"

jurschreuder — Fri, 29 May 2026 23:47:27 +0000

We seem to live in a collective lie that people have to work. No other animal has to work.

New comment by jurschreuder in "Migrating from Go to Rust"

jurschreuder — Mon, 25 May 2026 20:51:16 +0000

I'm moving more and more from Python and Golang to C++.

C++ also forms a natural barrier to entry.

New comment by jurschreuder in "EU Parliamentary Research Service calls VPNs "a loophole that needs closing""

jurschreuder — Sun, 10 May 2026 11:43:18 +0000

No I would propose to ban all smart phones and the entire internet

New comment by jurschreuder in "EU Parliamentary Research Service calls VPNs "a loophole that needs closing""

jurschreuder — Sun, 10 May 2026 06:54:09 +0000

The internet is not the nice place it used to be with personal blogs. When we get younger employees they almost cannot work because of their phone addictions.

There is billions of research going into making children addicted through the window of their phone screen to watch apps, and now with AI this is getting even more dangerous.

It's not only children, also many elderly people are targeted. They are very lonely and then develop a Claude addiction.

New comment by jurschreuder in "This Month in Ladybird – April 2026"

jurschreuder — Sun, 03 May 2026 08:27:08 +0000

Too bad LadyBird is being translated to LLM generated Rust.

It's nice that Rust is so beginner friendly but it would be nicer to have a pure C++ browser for the more experienced developers, to use as a basis for their projects like Chromium is used.