Hacker News: raggi

New comment by raggi in "Vibe-Coded Ext4 for OpenBSD"

raggi — Fri, 27 Mar 2026 19:50:49 +0000

that's not a statement from a lawyer, and it's confused. there is one true thing in there which is that at least under US considerations the LLM output may not be copyrightable due to insufficient human involvement, but the rest of the implications are poorly extrapolated.

there are lots of portions of code today, prior to AI authorship, that are already not copyrightable due to the way they are produced. the existence of such code does not decimate the copyright of an overall collective work.

New comment by raggi in "Passengers who refuse to use headphones can now be kicked off United flights"

raggi — Sat, 21 Mar 2026 18:14:22 +0000

Ok, but how about kicking sick people off of flights, particularly trans continental?

New comment by raggi in "Ask HN: How do you deal with people who trust LLMs?"

raggi — Thu, 19 Mar 2026 02:07:45 +0000

this. llm's aren't that special, access _maybe_, but there's plenty of access to terrible rumor mills.

Path Traversal in the UniFi Network Application (CVE-2026-22557)

raggi — Wed, 18 Mar 2026 23:54:44 +0000

Article URL: https://community.ui.com/releases/Security-Advisory-Bulletin-062-062/c29719c0-405e-4d4a-8f26-e343e99f931b

Comments URL: https://news.ycombinator.com/item?id=47432884

Points: 4

# Comments: 0

New comment by raggi in "No, it doesn't cost Anthropic $5k per Claude Code user"

raggi — Wed, 11 Mar 2026 14:02:20 +0000

Many techniques are documented in papers, particularly those coming out of the Asian teams. I know of work going on in western providers that is similarly advanced. In short, read the papers.

New comment by raggi in "Is legal the same as legitimate: AI reimplementation and the erosion of copyleft"

raggi — Tue, 10 Mar 2026 12:59:56 +0000

If that occurs and it’s a substantial enough body of output that it is itself copyrightable and not covered by fair use. Confluence of those conditions is intentionally rare.

New comment by raggi in "No, it doesn't cost Anthropic $5k per Claude Code user"

raggi — Tue, 10 Mar 2026 12:49:51 +0000

Deployments like bedrock have no where near SOTA operational efficiency, 1-2 OOM behind. The hardware is much closer, but pipeline, schedule, cache, recomposition, routing etc optimizations blow naive end to end architectures out of the water.

New comment by raggi in "Fast-Servers"

raggi — Fri, 06 Mar 2026 06:02:10 +0000

Exactly this. The kernel alloc’d buffers can help but if that was a primary concern you’re in driver territory. Anything still userspace kind of optimization domain the portion of syscalls for large buffers in a buffered flow is heavily amortized and not overly relevant.

New comment by raggi in "No right to relicense this project"

raggi — Thu, 05 Mar 2026 16:54:43 +0000

That certainly probably would have reduced the noise.

New comment by raggi in "No right to relicense this project"

raggi — Thu, 05 Mar 2026 16:39:18 +0000

LGPL applies to the LGPL’d code, not to every piece of code someone might add to the repository or under the same name implicitly.

The claim being made is that because some prior implementation was licensed one way, all other implementations must also be licensed as such.

AIUI the code has provenance in Netscape, prior to the chardet library, and the Netscape code has provenance in academic literature.

Now the question of what constitutes a rewrite is complex, and maybe somewhat more complex with the AI involvement, but if we take the current maintainers story as honest they almost certainly passed the bar of independence for the code.

New comment by raggi in "No right to relicense this project"

raggi — Thu, 05 Mar 2026 16:23:52 +0000

Look, forget the details, step back and consider the implications of the principle.

Someone should not be able to write a semi-common core utility, provide it as a public good, abandon it for over a decade, and yet continue to hold the rest of the world hostage just because of provenance. That’s a trap and it’s not in any public interest.

The true value of these things only comes from use. The extreme positions for ideals might be nice at times, but for example we still don’t have public access to printer firmware. Most of this ideology has failed in key originating goals and continues to cause headaches.

If we’re going to share, share. If you don’t want to share, don’t. But let’s not setup terminal traps, no one benefits from that.

If we flip this back around though, shouldn’t this all be MPL and Netscape communications? (Edit: turns out they had an argument about that in the past on their own issue tracker: https://github.com/chardet/chardet/issues/36)

New comment by raggi in "Fast-Servers"

raggi — Thu, 05 Mar 2026 16:07:11 +0000

It’s not a good idea and that’s where I’d really start with the dated commentary here rather than focusing on the polling mechanism. It depends on the application but if the buffers are large (>=64kb) such as a common TCP workload then uring won’t necessarily help that much. You’ll gain a lot of scalability regardless of polling mechanism by making sure you can utilize rss and xss optimizations.

New comment by raggi in "Relicensing with AI-Assisted Rewrite"

raggi — Thu, 05 Mar 2026 14:11:16 +0000

The human driver of the project has a comment that is reporting that the project has no structural overlap as analyzed by a plagarism analysis tool. Were comments excluded from that analysis? Is your comment here based on the data in the repo?

New comment by raggi in "If AI writes code, should the session be part of the commit?"

raggi — Mon, 02 Mar 2026 04:02:31 +0000

nope. Someones going to leak important private data using something like this.

Consider:

"I got a bug report from this user:

... bunch of user PII ..."

The LLM will do the right thing with the code, the developer reviewed the code and didn't see any mention of the original user or bug report data.

Now the notes thing they forgot about goes and makes this all public.

New comment by raggi in "Robust and efficient quantum-safe HTTPS"

raggi — Sun, 01 Mar 2026 20:39:19 +0000

> You can already configure your initial congestion window, and if you are connecting to a system expecting the use of PQ encryption, you should set your initial congestion window to be large enough for the certificate; doing otherwise is height of incompetence and should be fixed.

The aggressive tone is no defense against practical problems such as the poor scalability of such a solution.

> You could also use better protocols like QUIC which has a independently flow controlled crypto stream and you can avoid amplification attacks by pre-sending adequate amounts of data to stop amplification prevention from activating.

Not before key exchange it doesn't. There's no magic bullet here.

A refresher on the state of TFO and QUIC PMTU might be worthwhile here before jumping this far ahead.

Syzkaller AI agentic framework and MCP server

raggi — Mon, 23 Feb 2026 15:52:55 +0000

Article URL: https://groups.google.com/g/syzkaller/c/EOcnMJmX9NI

Comments URL: https://news.ycombinator.com/item?id=47123988

Points: 1

# Comments: 0

New comment by raggi in "Tailscale Peer Relays is now generally available"

raggi — Thu, 19 Feb 2026 23:42:29 +0000

This problem space is not small enough to stay within current LLM attention span. A sufficiently good agent setup might be able to help maintain docs somewhat through changes, but organizing them in an approachable way covering all the heuristics spread across so many places and external systems with a huge amount of time and versioning multivariate factors is hugely troublesome for current LLM capabilities. They're better at simpler problems, like typing the code.

New comment by raggi in "Tailscale Peer Relays is now generally available"

raggi — Thu, 19 Feb 2026 08:48:49 +0000

It's difficult for us to maintain documentation of exactly the kind you'd want there, though we do try to keep up with docs as best we can. In particular there is a fairly wide array of heuristics in the client to adapt to the environment that it's running in - and this is most true on Linux where there are far far too many different configuration patterns and duplicate subsystems (example: https://tailscale.com/blog/sisyphean-dns-client-linux).

To try and take a general poke at the question in more of the context you leave at the end:

- We use rule based routing to try to dodge arbitrary order conflicts in the routing tables.

- We install our rules with high priority because traffic intended for the tailnet hitting non-tailscale interfaces is typically undesirable (it's often plain text).

- We integrate with systemd-resolved _by preference_ on Linux if it is present, so that if you're using cgroup/namepsace features (containers, sandbox runtimes, etc etc) then this provides the expected dns/interface pairings. If we can't find systemd-resolved we fall back to modifying /etc/resolv.conf, which is unavoidably an area of conflict on such systems (on macos and windows they have more broadly standard solutions we can use instead, modulo other platform details).

- We support integration with both iptables and nftables (the latter is behind manual configuration currently due to slightly less broad standardization, but is defaulted by heuristic on some distros/in some environments (like gokrazy, some containers)). In nftables we create our own tables, and just install jumps into the xtables conventional locations so as to be compatible with ufw, firewalld and so on.

- We do our best in tailscaled's sshd to implement login in a broadly compatible way, but again this is another of those places the linux ecosystem lacks standards and there's a ton of distro variation right now (freedesktops concerns start at a higher level so they haven't driven standardization, everyone else like openssh have their own pile of best-guesses, and distros go ham with patches).

- We need a 1360 byte MTU path to peers for full support/stability. Our inner/interface MTU is 1280, the minimum MTU for IPv6, once packed in WireGuard and outer IPv6, that's 1360.

I can't answer directly based on "very custom" if there will be any challenges to deal with. We do offer support to work through these things though, and have helped some users with fairly exotic setups.

New comment by raggi in "Ex-GitHub CEO launches a new developer platform for AI agents"

raggi — Tue, 10 Feb 2026 21:28:53 +0000

Which CEO?

Deobfuscation and Analysis of Ring-1.io

raggi — Sun, 08 Feb 2026 19:09:28 +0000

Article URL: https://back.engineering/blog/04/02/2026/

Comments URL: https://news.ycombinator.com/item?id=46937427

Points: 57

# Comments: 25