Hacker News: tdullien

New comment by tdullien in "Safer vibecoding via old hacker habits"

tdullien — Wed, 25 Mar 2026 11:58:49 +0000

That's a clever and intriguing idea. I have to think through the security implications a bit though - I don't actually know much about how git operates with regards to hooks etc.

I'd imagine you lose the ability to have the coding agent do the commits for you? E.g. if you just mount the code directory, then an agent running on the remote side can't commit anything, right?

So you'd have to mount the .git directory from the remote side to then push?

Safer vibecoding via old hacker habits

tdullien — Wed, 25 Mar 2026 04:03:08 +0000

Article URL: http://addxorrol.blogspot.com/2026/03/slightly-safer-vibecoding-by-adopting.html

Comments URL: https://news.ycombinator.com/item?id=47513092

Points: 1

# Comments: 3

New comment by tdullien in "SCiZE's Classic Warez Collection"

tdullien — Tue, 06 Jan 2026 13:02:45 +0000

The old warez cracking scene had an outsize impact on computer security. GRSecurity, Heartbleed vulnerability, most reverse engineering tools for security, etc. etc. etc.

There's so much history here, touching on all sorts of insanity including selling 0-day to the US government that was then used to apprehend high-level Al-Qaida personnel, random warez busts leading to people taking oversea jobs, etc. etc. etc.

If anyone still has old .NFO archives from 1990-2000, I'd be very interested in getting as many as possible.

New comment by tdullien in "Kidnapped by Deutsche Bahn"

tdullien — Mon, 29 Dec 2025 15:57:33 +0000

The privatization of the train system in Germany was a particularly insane disaster that is only now, 30 years later, being undone/repaired.

If you look at an org chart of the DB these days, the most fascinating part is that DB consists of almost 600 separate corporate entities that are all supposed to invoice each other.

Speaking with insiders, it appears that when the privatization happened, the new corporate structure took what was essentially every mid-size branch of the org chart and created a separate corporate entity, with cross-invoicing for what would normally normal intra-company cooperation. I think the (misguided) goal was to obtain some form of accountability inside a large organisation that had been state-funded and not good at internal accounting.

This fragmentation lead to insane inflexibility, as each of the 600 entities has a separate PnL and is loathe to do anything that doesn’t look good on their books.

Add to this a history of incompetent leadership (Mehdorn, who also ran AirBerlin into the ground, and who was also responsible for the disastrous BER airport build-out), repeated rounds of cost-cutting that prioritized “efficiency” over “resiliency of the network” etc. etc.

DB is currently undergoing a massive corporate restructuring to simplify the 600+ entity structure, but there has been a massive loss of expertise, underinvestment in infrastructure, poor IT (if you see a job ad for a Windows NT4 admin, it’s likely DB), etc. etc. — it’ll take a decade or more to dig the org out of the hole it is in.

New comment by tdullien in "How does a "you interview for US company, we do the work" scam work?"

tdullien — Fri, 12 Dec 2025 11:20:16 +0000

There's been an ongoing issue with North Korean state agents infiltrating SV companies, and this proposal helps them pass the interview process more easily.

There's multipronged benefit for them: Access to company infrastructure to potentially cause harm or ransom in the future, access to technology / intelligence, but also simply foreign currency.

Ask your LLM for receipts: What I learned teaching Claude C++ crash triage

tdullien — Fri, 12 Dec 2025 11:17:59 +0000

Article URL: http://addxorrol.blogspot.com/2025/12/ask-your-llm-for-receipts-what-i.html

Comments URL: https://news.ycombinator.com/item?id=46243037

Points: 3

# Comments: 0

New comment by tdullien in "Broccoli Man, Remastered"

tdullien — Wed, 26 Nov 2025 13:30:55 +0000

Xoogler here (2011-2018). It's heartwarming that a core part of Google culture ("for every problem we have 3 solutions: 2 that are deprecated and 1 that is experimental") is alive and well.

New comment by tdullien in "Leaving Meta and PyTorch"

tdullien — Fri, 07 Nov 2025 10:11:33 +0000

I only remember 2015 TF and I was wondering: why would I use Python to assemble a computational graph when what I really want is to write code and then differentiate through it?

Tongyi Deep Research – relatively lightweight hi-perf open-source model

tdullien — Thu, 30 Oct 2025 15:22:09 +0000

Article URL: https://tongyi-agent.github.io/blog/introducing-tongyi-deep-research/

Comments URL: https://news.ycombinator.com/item?id=45761047

Points: 1

# Comments: 0

New comment by tdullien in "ChkTag: x86 Memory Safety"

tdullien — Tue, 21 Oct 2025 08:25:47 +0000

So there's a long intellectual history behind these technologies, and Intel had multiple chances of taking the leadership on this around 2018 - they failed to do so, some of the talent went to Apple, and now Intel has to play catch-up.

I'm pretty certain it'll be the x86 variant of either MTE or MIE.

New comment by tdullien in "ChkTag: x86 Memory Safety"

tdullien — Tue, 21 Oct 2025 08:20:36 +0000

I don't know tbh, and I gave that talk when I was in terrible shape, so I'm not upset ;).

If people care a lot, I can record a YouTube video on the topic.

New comment by tdullien in "ChkTag: x86 Memory Safety"

tdullien — Mon, 20 Oct 2025 22:32:53 +0000

With all the negative comments here: This is existing technology on ARM64 (MTE) and on modern iPhones (https://security.apple.com/blog/memory-integrity-enforcement...).

For a good intuition why this (coupled with instrumenting all allocators accordingly) is a game-changer for exploitation, check https://docs.google.com/presentation/d/1V_4ZO9fFOO1PZQTNODu2...

In general, having this come to x86 is long-overdue and very welcome.

New comment by tdullien in "Spyware maker NSO Group confirms acquisition by US investors"

tdullien — Sun, 12 Oct 2025 11:01:33 +0000

The usual story they tell themselves is that the software is used against criminals and child pornography and terrorism. Which is not wrong, the majority of the use cases are probably that, in the majority of jurisdictions.

New comment by tdullien in "Anthropic raises $13B Series F"

tdullien — Tue, 02 Sep 2025 16:47:27 +0000

It's just off by a factor of 35?

New comment by tdullien in "Exit Tax: Leave Germany before your business gets big"

tdullien — Fri, 08 Aug 2025 08:52:25 +0000

The obvious solution is for the state to accept illiquid securities as payment for tax.

New comment by tdullien in "Exit Tax: Leave Germany before your business gets big"

tdullien — Thu, 07 Aug 2025 19:32:52 +0000

German here. I fully agree that German companies tend to be crazy hierarchical.

New comment by tdullien in "Leonardo Chiariglione – Co-founder of MPEG"

tdullien — Thu, 07 Aug 2025 11:55:31 +0000

Every predictor is a compressor, every compressor is a predictor.

If you're interested in this, it's a good idea reading about the Hutter prize (https://en.wikipedia.org/wiki/Hutter_Prize) and going from there.

In general, lossless compression works by predicting the next (letter/token/frame) and then encoding the difference from the prediction in the data stream succinctly. The better you predict, the less you need to encode, the better you compress.

The flip side of this is that all fields of compression have a lot to gain from progress in AI.

New comment by tdullien in "EPA says it will eliminate its scientific research arm"

tdullien — Sat, 19 Jul 2025 06:37:39 +0000

Thank you for pointing out that it was Nixon that created the EPA.

Comparing PyTorch code optimization Gemini vs. Claude

tdullien — Fri, 11 Jul 2025 13:42:09 +0000

Article URL: http://addxorrol.blogspot.com/2025/07/understand-neural-nets-better-post-5-of.html

Comments URL: https://news.ycombinator.com/item?id=44532047

Points: 3

# Comments: 0

New comment by tdullien in "A non-anthropomorphized view of LLMs"

tdullien — Tue, 08 Jul 2025 14:30:29 +0000

I think the Anthropic "omg blackmail" article clearly talks about both LLMs and their "goals".