Hacker News: paffdragon

New comment by paffdragon in "BMW Group to deploy humanoid robots in production in Germany for the first time"

paffdragon — Wed, 04 Mar 2026 23:56:23 +0000

It's not how it works. You suppose to contract a consulting company that contracts some offshore company to connect you to SAP.

New comment by paffdragon in "I'm reluctant to verify my identity or age for any online services"

paffdragon — Wed, 04 Mar 2026 11:49:40 +0000

We also used to run spyware and adware scanner and removal tools, but now the ad/spyware rebranded and became mainstream...

New comment by paffdragon in "I'm reluctant to verify my identity or age for any online services"

paffdragon — Wed, 04 Mar 2026 11:44:03 +0000

I often click accept, at least for site banners that get through ublock. But my browser blocks 3rd party cookies and then it clears all cookies on close (except for trusted sites). I also use private browsing for random sites where I dont bother rejecting cookies usually.

I really think this cookie consent concept should have been a browser functionality, so I can make my default choice for all sites and be done with it.

New comment by paffdragon in "Disable Your SSH access accidentally with scp"

paffdragon — Wed, 04 Mar 2026 11:16:19 +0000

Well, maybe not everybody

  $ ls -ld /tmp
  drwxrwx--x. 2 shell shell 40 Jan 15  2022 /tmp

edit: sorry, I should have added this is termux :)

New comment by paffdragon in "Leaving Google has actively improved my life"

paffdragon — Fri, 27 Feb 2026 22:14:30 +0000

I also ditched Google years ago for DuckDuckGo, but its not without problems for sure. Often times still full of obviously fake sites in results, that I try to report them. Many times it just returns nothing where Google still manages to give results. And I still have to scroll through their ads when I am on a machine without an adblocker (like Firefox Focus/Klar on Android). But I still rather use them than Google, if I don't find something it is usually not the end of the world and I just move on. Recently, I switched all my browsers to their noai site, on some I still have the lite version, I think.

New comment by paffdragon in "Native FreeBSD Kerberos/LDAP with FreeIPA/IDM"

paffdragon — Fri, 20 Feb 2026 11:41:37 +0000

Awesome, it definitely helps. I realized I have your blog already bookmarked, I subscribed to the RSS feed now as well :) I am new to FreeBSD and these kind of practical articles are really helpful. Thank you very much for sharing your knowledge with others.

New comment by paffdragon in "I tried building my startup entirely on European infrastructure"

paffdragon — Fri, 20 Feb 2026 09:59:56 +0000

If it works for you, it works. I just see the same phrases used repeatedly so frequently nowdays - including my own LLM conversations.

Regarding the use of LLM for picking infra. The issue I usually have with such task is that they frequently omit things - either from the list of options or the features compared. And depending on my familiarity with the topic, I might never notice, which might steer my decision making into a different direction. Basically a certain bias. Sometimes prompting it to repeat reveals more, but ultimately I end up hitting the search and doing my own research, then I might use the LLM again with now more knolwedge and data. Did you run into this too? What was your process?

New comment by paffdragon in "I tried building my startup entirely on European infrastructure"

paffdragon — Fri, 20 Feb 2026 09:40:28 +0000

I was kind of interested in the content, but I am so overloaded with AI slop by now, that reading this generated text gives me nausea.

I was looking to see why they landed on this stack, but there are no alternatives or evaluation criteria listed - given the generated article, I wonder how much of the infra was selected by an LLM.

New comment by paffdragon in "Native FreeBSD Kerberos/LDAP with FreeIPA/IDM"

paffdragon — Wed, 18 Feb 2026 12:44:30 +0000

Hah, what a coincidence, just started to look into yesterday how do I setup LDAP/OIDC on FreeBSD and today I was going to try FreeIPA or Keycloak. Thanks for sharing.

New comment by paffdragon in "When internal hostnames are leaked to the clown"

paffdragon — Fri, 06 Feb 2026 15:29:37 +0000

I belive even for gluetun I had to add the WG kernel module. I think I used this to compile it for myself https://github.com/runfalk/synology-wireguard

I know there are userspace implementations, but can't remember the specifics rn and don't have my notes with me.

> kernel modules for iptables-nft

I think you meant nftables. The iptables-nft package is meant to provide iptables interface for nftables for code that still expects that, afaik. I didn't run into that issue yet (knock-knock). According to docs nftables is available since kernel 3.13, so in theory it might be possible to build the modules for Synology.

However, I don't think I will be buying another Synology in the future, mainly because of other issues like they restricting what RAM I can use or what I want to use the M2 slots for, or their recent experiment with trying to push their own drives only, etc. I might give TrueNAS a try if I am not bored enough to just build one on top of a general purpose OS...

New comment by paffdragon in "When internal hostnames are leaked to the clown"

paffdragon — Thu, 05 Feb 2026 18:06:25 +0000

I have a fairly recent DS920+ and never had issues with containers - I have probably 10+ containers on it - grafana, victoriametrics/logs, jellyfin, immich with ML, my custom ubuntu toolboxes for net, media, ffmpeg builds, gluetun for vpn, homeassistant, wallabag,...

Edit: I just checked Grafana and cadvisor reports 23 containers.

Edit2: 4.4.302+ (2022) is my kernel version, there might be specific tools that require more recent kernels, of course, but I was so far lucky enough to not run into those.

New comment by paffdragon in "150 MB Minimal FreeBSD Installation"

paffdragon — Thu, 05 Feb 2026 17:52:56 +0000

Thanks for mentioning this, I am just beginning my FreeBSD journey and wanted to setup a small pre-boot env with mfsBSD[1], didn't know FreeBSD has a tool already to do something like that.

[1]: https://github.com/mmatuska/mfsbsd

New comment by paffdragon in "When internal hostnames are leaked to the clown"

paffdragon — Thu, 05 Feb 2026 09:05:23 +0000

You can run a container on Synology and install your custom services, tools there. At least that is what I do. For custom kernel modules you still need a Synology package for something like Wireguard.

If you have OPNSense, it has an ACME plugin with Synology action. I use that to automatically renew and push a cert to the NAS.

That said, since I like to tinker, Synology feels a bit restricted, indeed. Although there is some value in a stable core system (like these immutable distros from Fedora Atomic).

New comment by paffdragon in "Notepad++ supply chain attack breakdown"

paffdragon — Wed, 04 Feb 2026 00:48:49 +0000

Sublime maybe?

New comment by paffdragon in "CSRF protection without tokens or hidden form fields"

paffdragon — Thu, 25 Dec 2025 10:28:57 +0000

I think it still works if you set your user agent to something like lynx. I had a custom UA set for Google search in Firefox just for this purpose and to disable AI overviews.

New comment by paffdragon in "[dead]"

paffdragon — Mon, 01 Dec 2025 16:15:37 +0000

Concerns were raised regarding the authorship of this paper, validity of the research findings in the context of misrepresentation of the contributions by the authors and the study sponsor and potential conflicts of interest of the authors.

New comment by paffdragon in "Cognitive and mental health correlates of short-form video use"

paffdragon — Thu, 20 Nov 2025 16:39:48 +0000

Are there also similar studies on short-form text like Tweets, HN comments, etc?

Axiom introduces metrics: High-cardinality without the cost

paffdragon — Wed, 19 Nov 2025 13:10:32 +0000

Article URL: https://axiom.co/blog/metrics

Comments URL: https://news.ycombinator.com/item?id=45979150

Points: 2

# Comments: 0

New comment by paffdragon in "Denmark reportedly withdraws Chat Control proposal following controversy"

paffdragon — Fri, 31 Oct 2025 21:27:01 +0000

It is also hard for me to understand this angle. While in Russia at the moment and China the "they" is pretty much constant, it is not the case in EU. Why would be in their interest something that can be used against them the moment the tide turns?

New comment by paffdragon in "FBI Agents Visit Anti-ICE Protester: "Your name was brought up.""

paffdragon — Sat, 25 Oct 2025 10:19:45 +0000

Algolia can also be used as an alternative for the front page, it shows this at #6 for the past 24h

https://hn.algolia.com/?dateRange=last24h&page=0&prefix=fals...