<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Hacker News: razighter777</title><link>https://news.ycombinator.com/user?id=razighter777</link><description>Hacker News RSS</description><docs>https://hnrss.org/</docs><generator>hnrss v2.1.1</generator><lastBuildDate>Tue, 07 Jul 2026 01:45:39 +0000</lastBuildDate><atom:link href="https://hnrss.org/user?id=razighter777" rel="self" type="application/rss+xml"></atom:link><item><title><![CDATA[New comment by razighter777 in "Order a burned CD of your own public GitHub repo"]]></title><description><![CDATA[
<p>Excellent choice, the "Merge tag 'net-7.2-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net".</p>
]]></description><pubDate>Fri, 03 Jul 2026 04:01:23 +0000</pubDate><link>https://news.ycombinator.com/item?id=48770545</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=48770545</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48770545</guid></item><item><title><![CDATA[New comment by razighter777 in "U.S. government will decide who gets to use GPT-5.6"]]></title><description><![CDATA[
<p>I hope this doesn't become the new norm where government becomes the bottleneck for innovation in the AI space.<p>It's worrying that with no formal and transparent policy framework that the government will be picking winners and losers and stifling innovation.<p>There's been no public policy, executive order, legislation, or otherwise on this, I wonder if anyone has filed FOIA requests for these decisions or the conversations between the Executive Branch and AI companies.</p>
]]></description><pubDate>Fri, 26 Jun 2026 17:19:02 +0000</pubDate><link>https://news.ycombinator.com/item?id=48689189</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=48689189</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48689189</guid></item><item><title><![CDATA[New comment by razighter777 in "System call instrumentation on Linux/x86‑64 using memory‑indirect calls, part I"]]></title><description><![CDATA[
<p>yep and and it forces every application to deal with the C FFI. It's beautiful in linux that I can access the full kernel API from an int 0x80/syscall instruction + a few register loads without having to link against crap. I can write a simple cat utility in a dozen or so lines of assembly.</p>
]]></description><pubDate>Sun, 21 Jun 2026 19:02:45 +0000</pubDate><link>https://news.ycombinator.com/item?id=48621619</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=48621619</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48621619</guid></item><item><title><![CDATA[New comment by razighter777 in "System call instrumentation on Linux/x86‑64 using memory‑indirect calls, part I"]]></title><description><![CDATA[
<p>Direct system calls are an amazing idea. The NtDll and bsd models are worse. The whole libc becomes a security boundary without the protection of kernel space. So much windows malware and process tampering happens because now you have a library (ntdll) fully in userspace that is given special privileges, which now becomes a huge attack surface. Then you have to deal with breakages between the built in libc versions and the kernel<p>This syscall overhead isn't as much as you suppose it is; for workloads where the syscall overhead actually makes a difference there are robust low-syscall paths for io/latency sensitive operations with DPDK, io_uring, and futex being a few examples.<p>And there are robust performant methods on linux for syscall interception/tracing, see seccomp unotify, bpf tracepoints, ftrace.</p>
]]></description><pubDate>Sun, 21 Jun 2026 18:57:46 +0000</pubDate><link>https://news.ycombinator.com/item?id=48621564</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=48621564</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48621564</guid></item><item><title><![CDATA[New comment by razighter777 in "Zeroserve: A zero-config web server you can script with eBPF"]]></title><description><![CDATA[
<p>Very cool! would be interesting to see about combining this with other bpf program types like xdp progs, or socket map attached programs to integrate L7 http features downward.</p>
]]></description><pubDate>Sat, 06 Jun 2026 19:21:22 +0000</pubDate><link>https://news.ycombinator.com/item?id=48428058</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=48428058</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48428058</guid></item><item><title><![CDATA[New comment by razighter777 in "Gemma 4 QAT models: Optimizing compression for mobile and laptop efficiency"]]></title><description><![CDATA[
<p>Same I had to do a double take. Would be pretty humourous if they somehow took advantage of crypto offloading to accelerate ai inference</p>
]]></description><pubDate>Fri, 05 Jun 2026 19:29:41 +0000</pubDate><link>https://news.ycombinator.com/item?id=48417065</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=48417065</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48417065</guid></item><item><title><![CDATA[New comment by razighter777 in "Redis 8.8: New array data structure, rate limiter, performance improvements"]]></title><description><![CDATA[
<p>In practice, mostly scaling sessions and ephemeral data (caching) across multiple intances of a microservice on multiple machines. Seperating the kv store and the application allows upgrading each application while retaining availability and avoiding loss of session data.</p>
]]></description><pubDate>Fri, 05 Jun 2026 13:49:22 +0000</pubDate><link>https://news.ycombinator.com/item?id=48412549</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=48412549</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48412549</guid></item><item><title><![CDATA[New comment by razighter777 in "Show HN: Write your BPF programs in Go, not C"]]></title><description><![CDATA[
<p>Remember, a lot of the memory safety benefits from go and rust and eBPF don't apply to the kernel eBPF! Kernel eBPF enforces semantics that verify array and loop bounds, memory accesses, and correctness of programs via the verifier. I think for most usecases, it is still best to write eBPF in C!</p>
]]></description><pubDate>Mon, 25 May 2026 23:25:48 +0000</pubDate><link>https://news.ycombinator.com/item?id=48273059</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=48273059</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48273059</guid></item><item><title><![CDATA[New comment by razighter777 in "Dav2d"]]></title><description><![CDATA[
<p>Agreed. Software patents were a mistake in general. It is impossible to implement a modern video codec without using work in patents because of how overbroad and poorly written they tend to be.</p>
]]></description><pubDate>Sun, 03 May 2026 13:51:37 +0000</pubDate><link>https://news.ycombinator.com/item?id=47996953</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=47996953</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47996953</guid></item><item><title><![CDATA[New comment by razighter777 in "New 10 GbE USB adapters are cooler, smaller, cheaper"]]></title><description><![CDATA[
<p>10gbe is a sweet spot at least for my homelab stuff. It's easy to find old enterprise gear for, cheap, and fast enough for everything I want to do.</p>
]]></description><pubDate>Sat, 25 Apr 2026 12:20:24 +0000</pubDate><link>https://news.ycombinator.com/item?id=47900863</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=47900863</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47900863</guid></item><item><title><![CDATA[New comment by razighter777 in "Ask HN: What Are You Working On? (April 2026)"]]></title><description><![CDATA[
<p><a href="https://lore.kernel.org/linux-security-module/adjwZAevNaDguilw@suesslenovo/T/" rel="nofollow">https://lore.kernel.org/linux-security-module/adjwZAevNaDgui...</a><p>Patch for linux kernel adding support for enforcing Landlock rulesets from eBPF. In RFC stage now.</p>
]]></description><pubDate>Mon, 13 Apr 2026 00:52:23 +0000</pubDate><link>https://news.ycombinator.com/item?id=47746230</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=47746230</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47746230</guid></item><item><title><![CDATA[New comment by razighter777 in "OpenBSD: PF queues break the 4 Gbps barrier"]]></title><description><![CDATA[
<p>I would love to use openbsd. I really wanna give it a try but the filesystem choices seem kinda meh. Are there any modern filesystems with good nvme and FDE support for openbsd.</p>
]]></description><pubDate>Thu, 19 Mar 2026 19:36:42 +0000</pubDate><link>https://news.ycombinator.com/item?id=47444733</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=47444733</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47444733</guid></item><item><title><![CDATA[United States vs. $124,700 in U.S. Currency]]></title><description><![CDATA[
<p>Article URL: <a href="https://en.wikipedia.org/wiki/United_States_v._$124,700_in_U.S._Currency">https://en.wikipedia.org/wiki/United_States_v._$124,700_in_U.S._Currency</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=47394829">https://news.ycombinator.com/item?id=47394829</a></p>
<p>Points: 6</p>
<p># Comments: 0</p>
]]></description><pubDate>Mon, 16 Mar 2026 03:17:05 +0000</pubDate><link>https://en.wikipedia.org/wiki/United_States_v._$124,700_in_U.S._Currency</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=47394829</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47394829</guid></item><item><title><![CDATA[New comment by razighter777 in "Greasing Linux Auth: Hardware-Backed Authentication with PAM+TPM2"]]></title><description><![CDATA[
<p>This post goes over some of my trials and tribulations in making a clean user experience for TPM2-backed PIN authentication on Linux.</p>
]]></description><pubDate>Sun, 01 Mar 2026 20:17:12 +0000</pubDate><link>https://news.ycombinator.com/item?id=47210247</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=47210247</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47210247</guid></item><item><title><![CDATA[Greasing Linux Auth: Hardware-Backed Authentication with PAM+TPM2]]></title><description><![CDATA[
<p>Article URL: <a href="https://blog.prizrak.me/post/pam_tpm/">https://blog.prizrak.me/post/pam_tpm/</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=47210246">https://news.ycombinator.com/item?id=47210246</a></p>
<p>Points: 1</p>
<p># Comments: 1</p>
]]></description><pubDate>Sun, 01 Mar 2026 20:17:12 +0000</pubDate><link>https://blog.prizrak.me/post/pam_tpm/</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=47210246</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47210246</guid></item><item><title><![CDATA[New comment by razighter777 in "Back to FreeBSD: Part 1"]]></title><description><![CDATA[
<p>I frequently see freeBSD jails as a highlighted feature, lauding their simplicity and ease of use. While I do admire them, there are benefits to the container approach used commonly on linux. (and maybe soon freebsd will better support OCI).<p>First it's important to clarify "containers" are not an abstraction in the linux kernel. Containers are really an illusion achieved by use of a combination of user/pid/networking namespaces, bind mounts, and process isolation primitives through a userspace application(s) (podman/docker + a container runtime).<p>OCI container tooling is much easier to use, and follows the "cattle not pets" philosophy, and when you're deploying on multiple systems, and want easy updates, reproducibility, and mature tooling, you use OCI containers, not LXC or freebsd jails. FreeBSD jails can't hold a candle to the ease of use and developer experience OCI tooling offers.<p>> To solve the distribution and isolation problem, Linux engineers built a set of kernel primitives (namespaces, cgroups, seccomp) and then, in a very Linux fashion, built an entire ecosystem of abstractions on top to “simplify” things.<p>This was an intentional design decision, and not a bad one! cgroups, namespaces, and seccomp are used extensively outside of the container abstraction. (See flatpak, systemd resource slices, firejail). By not tieing process isolation to the container abstraction, we can let non-container applications benefit from them. We also get a wide breadth of container runtime choices.</p>
]]></description><pubDate>Sun, 22 Feb 2026 13:08:47 +0000</pubDate><link>https://news.ycombinator.com/item?id=47110711</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=47110711</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47110711</guid></item><item><title><![CDATA[New comment by razighter777 in "An AI Agent Published a Hit Piece on Me – The Operator Came Forward"]]></title><description><![CDATA[
<p>> It did something in the real world with real consequences.<p>It didn't. It made words on the internet.</p>
]]></description><pubDate>Fri, 20 Feb 2026 10:58:35 +0000</pubDate><link>https://news.ycombinator.com/item?id=47086384</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=47086384</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47086384</guid></item><item><title><![CDATA[New comment by razighter777 in "An AI Agent Published a Hit Piece on Me – The Operator Came Forward"]]></title><description><![CDATA[
<p>Hmm I think he's being a little harsh on the operator.<p>He was just messing around with $current_thing, whatever. People here are so serious, but there's worse stuff AI is already being used for as we speak from propaganda to mass surviellance and more. This was entertaining to read about at least and relatively harmless<p>At least let me have some fun before we get a future AI dystopia.</p>
]]></description><pubDate>Fri, 20 Feb 2026 03:38:49 +0000</pubDate><link>https://news.ycombinator.com/item?id=47083376</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=47083376</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47083376</guid></item><item><title><![CDATA[New comment by razighter777 in "Gentoo on Codeberg"]]></title><description><![CDATA[
<p>Quick tip: If you type .patch after the PR url it gives you a git patch. Do curl <github patch> | git am and you can apply and review it locally.</p>
]]></description><pubDate>Tue, 17 Feb 2026 21:09:46 +0000</pubDate><link>https://news.ycombinator.com/item?id=47053391</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=47053391</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47053391</guid></item><item><title><![CDATA[New comment by razighter777 in "GPT‑5.3‑Codex‑Spark"]]></title><description><![CDATA[
<p>I was prepared to see something like a trimmed down / smaller weight model but I was pleasantly suprised.<p>I was excited to hear about the wafer scale chip being used! I bet nvidia notices this, it's good to see competition in some way.</p>
]]></description><pubDate>Fri, 13 Feb 2026 00:30:51 +0000</pubDate><link>https://news.ycombinator.com/item?id=46997318</link><dc:creator>razighter777</dc:creator><comments>https://news.ycombinator.com/item?id=46997318</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=46997318</guid></item></channel></rss>