Hacker News: steve_rambo

New comment by steve_rambo in "Bossware is a big legal risk"

steve_rambo — Thu, 16 May 2024 10:19:31 +0000

This is crazy to read. I live in what you consider a highly authoritarian and non-free society and can't imagine something like this happening here. Lower paid jobs are even more privileged in some ways: for example, in many companies you can just not show up for work for a couple of days if you feel like it, and the worst thing you can expect is a small pay cut at the end of the month.

New comment by steve_rambo in "Protecting your email address via SVG instead of JavaScript"

steve_rambo — Wed, 15 May 2024 16:24:46 +0000

Don't, there are many smaller email providers that will take that load off your shoulders for a small fee. I've been using purelymail and have had good experience with it, and heard good things about migadu and fastmail. The latter two are more well known and better staffed, but also expensive.

I've been using similar aliases for years (paypal@domain.tld, ebay@domain.tld, etc), but make sure you have a contingency plan for when you're no more. I've received lots of account info from previous owners of the domain by setting up a catchall mailbox. We will obviously not care, but when someone takes over your account, they might use it to do harm to others (spam or fraud or whatever else).

New comment by steve_rambo in "ChatGPT consumes 25 times more energy than Google"

steve_rambo — Tue, 14 May 2024 16:31:03 +0000

> ChatGPT consumes 25 times more energy than Google

> ChatGPT consumes a lot of energy in the process, up to 25 times more than a Google search

New comment by steve_rambo in "Apple and Google deliver support for unwanted tracking alerts in iOS and Android"

steve_rambo — Tue, 14 May 2024 12:25:52 +0000

I've also used phones which haven't received any updates for years without any obvious problems. Just maintaining basic digital hygiene like you do. In theory, one could use a zero-day in a web browser (like the recent libwebp vulnerability), then exploit one of the numerous CVEs in one of the system libraries or the kernel, and own the phone that way even without you doing anything worse than visiting a random website. For example, that's how one of the the first methods of jailbreaking PlayStation 4 operated.

Your average Joe six-pack like myself probably shouldn't really worry about it though, it seems more likely to be used against really high value targets.

You might want to try out another web browser that has aggressive ad blocking (Firefox, Brave, or Vivaldi should do it) since ads are one of the major methods of spreading malware.

New comment by steve_rambo in "Using ARG in a Dockerfile – beware the gotcha"

steve_rambo — Tue, 14 May 2024 11:49:20 +0000

https://www.bram.us/2022/01/11/yaml-the-norway-problem/

New comment by steve_rambo in "Using ARG in a Dockerfile – beware the gotcha"

steve_rambo — Tue, 14 May 2024 11:06:52 +0000

I wish we would rather get rid of Dockerfile in favor of what something like buildah does:

https://github.com/containers/buildah/blob/main/examples/lig...

Since Dockerfile is a rather limited and (IMHO) poorly executed re-implementation of a shell script, why not use shell directly? Not even bash with coreutils is necessary: even posix sh with busybox can do much more than Dockerfile, and you can use something else (like Python) and take it very far indeed.

New comment by steve_rambo in "Why use ECC? (2015)"

steve_rambo — Wed, 08 May 2024 22:56:05 +0000

ECC is fully supported by consumer AMD processors (at least Ryzen 7000, and I think earlier ones too). You need to pick a matching motherboard, most boards from ASRock will do. And you need to find unbuffered ECC RAM, this is more difficult than the previous two and is why I had to give up on the whole idea.

https://sunshowers.io/posts/am5-ryzen-7000-ecc-ram

New comment by steve_rambo in "Why use ECC? (2015)"

steve_rambo — Wed, 08 May 2024 22:38:19 +0000

What was the difference between CPU and video card vendors (if you can talk about that at all)?

New comment by steve_rambo in "The best way to have complex discussions?"

steve_rambo — Tue, 07 May 2024 10:22:34 +0000

aerc sometimes breaks on non-compliant email because the author of the header parser refuses to introduce kludges to handle broken email. When it happens, the mail in question simply doesn't show up in the list. I fully understand that position, but it's not really ideal as a user who can't simply refuse to deal with broken crap. So after using it for a couple of months I reverted to neomutt.

New comment by steve_rambo in "Hacking on PostgreSQL Is Hard"

steve_rambo — Sun, 05 May 2024 10:37:32 +0000

Another discussion a couple of days ago:

https://news.ycombinator.com/item?id=40231332

New comment by steve_rambo in "Dear Europe, please wake up"

steve_rambo — Tue, 30 Apr 2024 17:41:20 +0000

For what's it worth, the page is unreadable without JavaScript disabled on an overclocked desktop 7900X. I think it's the slowest one by far among all the crap I've seen in two decades of browsing the web.

New comment by steve_rambo in "What if null was an Object in Java?"

steve_rambo — Sun, 28 Apr 2024 21:23:47 +0000

https://openjdk.org/projects/valhalla

New comment by steve_rambo in "Passkeys: A shattered dream"

steve_rambo — Sat, 27 Apr 2024 08:33:32 +0000

Use a better token. YubiKey is the most popular one, not the best one by a long shot. My (cheaper) alternative supports 300 resident keys per each hardware key.

New comment by steve_rambo in "A BSD person tries Alpine Linux"

steve_rambo — Fri, 26 Apr 2024 15:21:27 +0000

iptables has been with us for more than 20 years and is only now being replaced (pretty slowly I might add). The old rules are still supported through iptables-nft, you can just import them and forget nft exists.

Distributions I prefer have never used NetworkManager and haven't changed network configuration in a long time. RHEL and its rebuilds have used NM for what feels like an eternity. Ubuntu is the odd one out here with its constant churn, afaik.

Same with firewall wrappers like ufw and firewalld. Either your distribution uses one and you just use whatever has been chosen for you, or it doesn't and you go with nftables (or iptables-nft if you prefer).

This is all only really a problem if your organization uses a bunch of distributions instead of standardizing on one, but then you probably have a lot more other serious problems than learning how to configure your firewall...

As a counterpoint, I evaluated FreeBSD for a project about a year ago and was really put off by its primitive service management (compared to systemd which I know pretty well and use its features extensively, they really do help in your daily work), and the three firewalls which all seem to be approximately equally supported and you never really know where to put your time. (Unfortunately, I had to pass the OS for other reasons which have no relation to its technical merit.)

New comment by steve_rambo in "Cops can force suspect to unlock phone with thumbprint, US court rules"

steve_rambo — Thu, 18 Apr 2024 21:48:54 +0000

I had a chuckle at this being a "non-issue". Where I am from, you'll get a severe beating (or worse) if you refused to provide the authentication credential, whatever it might be. It's like we're living on different planets. I can only humbly suggest fighting for your rights tooth and nail while you have them.

New comment by steve_rambo in "A disk so full, it couldn't be restored"

steve_rambo — Thu, 04 Apr 2024 07:01:23 +0000

btrfs does reserve some space for exactly this issue, although it might not always be enough.

https://btrfs.readthedocs.io/en/latest/btrfs-filesystem.html

> GlobalReserve is an artificial and internal emergency space. It is used e.g. when the filesystem is full. Its total size is dynamic based on the filesystem size, usually not larger than 512MiB, used may fluctuate.

New comment by steve_rambo in "Some notes on Firefox’s media autoplay settings in practice as of Firefox 124"

steve_rambo — Sat, 30 Mar 2024 13:14:01 +0000

about:config → media.videocontrols.picture-in-picture.enabled → false

New comment by steve_rambo in "Simon Riggs has died"

steve_rambo — Fri, 29 Mar 2024 12:02:50 +0000

Multi-master replication out of the box. Very useful, very occasionally.

New comment by steve_rambo in "Managing Linux Servers with Cockpit"

steve_rambo — Fri, 29 Mar 2024 11:25:34 +0000

Somewhat related: if someone whose technical proficiency you don't hold in high regard needs to perform a limited number of administrative actions on a network-connected Linux machine (like restarting a specific service or installing updates), there's OliveTin. You pre-program it with the list of actions you need by writing a small yaml config, and it builds a simple web interface which the person in question can use to solve simple problems without calling you all the time.

https://www.olivetin.app

New comment by steve_rambo in "Show HN: Auto-generate an OpenAPI spec by listening to localhost"

steve_rambo — Tue, 26 Mar 2024 08:27:21 +0000

You don't need annotations for descriptions, they get picked up from javadoc-style comments which you should have anyway. Same with asp.net.