Hacker News: nym375

New comment by nym375 in "The fascinating world of HTTP Strict-Transport-Security"

nym375 — Thu, 30 Mar 2023 19:51:02 +0000

Not directly answering re: DNS, but even if you get correct DNS results, at the IP layer there is always a risk of BGP hijacking (https://en.wikipedia.org/wiki/BGP_hijacking#Public_incidents).

New comment by nym375 in "Why the conventional wisdom on how to grow muscles is wrong"

nym375 — Mon, 06 Feb 2023 18:30:46 +0000

Agreed. This article doesn't try to navigate the nuance around why someone still may actually want to follow a program that sounds like disproven broscience. Whether it's about better understanding your limits, familiarizing yourself with the feel of much heavier weight, or trying to make the most of a very short workout, it often makes a lot of sense to include things that aren't the biological optimal choice.

Jeff Nippard does a much better job a presenting things as a trade-off that you should consider when choosing or designing your program.

New comment by nym375 in "Google Pixel 7 and Pixel 7 Pro"

nym375 — Thu, 06 Oct 2022 15:15:00 +0000

Includes "5 years of Pixel updates."

Great news --- long overdue!

New comment by nym375 in "Ex-Twitter exec blows the whistle, alleging reckless cybersecurity policies"

nym375 — Tue, 23 Aug 2022 21:05:56 +0000

Read the report of the problems he was trying to surface: https://www.washingtonpost.com/technology/interactive/2022/t...

This doesn't seem like he was "butthurt and caught slackin'." The tone of the report seems like he's frustrated that he was hired to do a job, and not given the resources / authority to make the necessary sweeping changes. Perhaps someone with a more political approach could have influenced leadership better. But they hired an extremely technical person, not an extremely political person.

New comment by nym375 in "Alphabet Q2 FY2022 Earnings [pdf]"

nym375 — Tue, 26 Jul 2022 21:50:00 +0000

I think you might be mixing quarterly and yearly numbers.

New comment by nym375 in "Benchmarking Malloc with Doom 3"

nym375 — Tue, 07 Jun 2022 16:04:34 +0000

> I don't think Doom 3 has a benchmark mode

id Tech games have "timedemo" mode, where they replay a pre-recorded demo as fast as possible, and report how many FPS it was able to process. These were very popular benchmarks long ago.

New comment by nym375 in "Should you use Let's Encrypt for internal hostnames?"

nym375 — Wed, 05 Jan 2022 17:52:42 +0000

You really don't actually want this. This intermediate CA would still be subject to the same extensive CAB Forum / vendor root program requirements (audited yearly via WebTrust) as a root CA. There are a ton of requirements, including mandatory response times, that inevitably makes this require a fully staffed team to operate.

New comment by nym375 in "So You Want to Do an Infrastructure Package [pdf]"

nym375 — Tue, 16 Mar 2021 22:07:13 +0000

https://www.mercurynews.com/2015/09/25/sunnyvale-drive-throu...

New comment by nym375 in "Hackers Can Clone Millions of Toyota, Hyundai, and Kia Keys"

nym375 — Sat, 07 Mar 2020 22:11:03 +0000

Exponential backoff could DoS someone from opening their own car.

New comment by nym375 in "LinkedIn accesses Gmail contacts via ‘auto-authorization’"

nym375 — Sat, 22 Oct 2016 18:21:12 +0000

It would not surprise me if one of their signals for recommendations is whether that party has viewed your profile.

New comment by nym375 in "Off-the-Record Messaging – encrypt your instant messages"

nym375 — Sat, 15 Jun 2013 21:17:04 +0000

Have you tried recently? libotr version 4.0 (released last year) added handling of this very issue. Both parties need to be running >=4.0, but it shouldn't break down horribly in this scenario.