Hacker News: technion

New comment by technion in "Ripgrep AI Policy"

technion — Fri, 29 May 2026 05:47:58 +0000

Ten times shorter just means "readable without losing an excess of time on ramble" and I feel like someone's comeback to this will be "you should ask an AI to summarise".

New comment by technion in "GitHub bans security researcher who posted zero-day Windows exploits"

technion — Thu, 28 May 2026 23:56:23 +0000

The researcher's own statements note that the zero days were not found with AI.

And honestly I think that's the part that Microsoft is most upset about, because every internal partner conversation I've had has been about needing to buy Security Copilot because all the advanced attacks are coming from AI, and just suggesting vulnerabilities existed before AI seems to make salespeople uncomfortable continuing the conversation.

New comment by technion in "GitHub is investigating unauthorized access to their internal repositories"

technion — Wed, 20 May 2026 09:34:56 +0000

The problem with all these permissions ideas: VSCode in most cases is expected to be able to push to a git repo. Many developers these days use it over the CLI for pushes and pulls.

So if it has a "minimal" set of access, it has access to a Github key. That's enough.. to do this sort of damage.

New comment by technion in "Microsoft surprises with its first server Linux distribution: Azure Linux 4.0"

technion — Tue, 19 May 2026 06:17:08 +0000

Note that despite being named here as "Azure Linux" and being described as a "General purpose Linux OS for Azure", once you go to the product documentation it's referred to as "Microsoft Azure Linux Container Host for AKS", and the Quickstart guide is about how to deploy a Kubernetes cluster. It doesn't seem very capable of general use.

New comment by technion in "I believe there are entire companies right now under AI psychosis"

technion — Fri, 15 May 2026 23:35:56 +0000

A hospital could not learn a bigger lesson from this person than their existing big players.

(Screams in "deployed in 2026 a new product that only works in internet explorer" in healthcare).

New comment by technion in "The X-Files has made me nostalgic for a time I never experienced"

technion — Fri, 01 May 2026 23:26:49 +0000

Yeah, all my friends watched it when it was new. After an episode played we would talk about it the next day.

Im pretty sure none of us saw the final few seasons, with it moving to a late night time slot and noone caring.

New comment by technion in "GitHub RCE Vulnerability: CVE-2026-3854 Breakdown"

technion — Wed, 29 Apr 2026 02:16:20 +0000

I guess I woukd say youre fortunate to have not worked in a "we cannot use github.com because we take security very seriously" environment. Because always tells me you'll be running a on prem product that might get updated once a year.

New comment by technion in "Claire's closes all 154 stores in UK and Ireland with loss of 1,300 jobs"

technion — Tue, 28 Apr 2026 04:11:27 +0000

I think it says something about what tech is delivering: The article claims the main reason for closing was competition from online stores like Temu.

New comment by technion in "I bought Friendster for $30k – Here's what I'm doing with it"

technion — Mon, 27 Apr 2026 08:45:46 +0000

Yes this is what im confused about. They described it as a parking domain, but the old strategy of "buy a popular domain and put ads on a one pager" hasn't been something that pays substantively for a long time. Ads sales have plummeted in general but not being able to use adsense would make it worse.

New comment by technion in "2,100 Swiss municipalities showing which provider handles their official email"

technion — Mon, 20 Apr 2026 05:41:49 +0000

The first example I looked at was haute-sorne.ch, which is reported by this tool as "Self hosted/other". Whilst it's true that they appear to self host, https://mails.haute-sorne.ch will land you on a Microsoft Exchange server, patch level 15.2.1748.39.

This is better than typical, being an October 2025 patch. But that leaves open CVE-2025-64667, CVE-2025-64666 and CVE-2026-21527. Which are vulnerabilities with patches out going back months.

Now are these RCEs? No, but this was also the first example I looked at.

New comment by technion in "Hospital at centre of child HIV outbreak caught reusing syringes in Pakistan"

technion — Fri, 17 Apr 2026 03:39:54 +0000

Surely there is a cost to sterilising too.

New comment by technion in "RedSun: System user access on Win 11/10 and Server with the April 2026 Update"

technion — Thu, 16 Apr 2026 20:35:38 +0000

Seriously this is my bugbear with code for windows: how did you figure that invocation out?

Anything for Linux you just type "make". If the author skipped a makefile, theres rarely much to it.

But when someone has a cpp file for Windows it looks like this.

New comment by technion in "The APL programming language source code (2012)"

technion — Sun, 12 Apr 2026 06:45:08 +0000

Im running APL only stickers on my keyboard because it seemed more entertaining than blank caps for touch typing. Freaks people out, but really enjoy it.

New comment by technion in "WireGuard makes new Windows release following Microsoft signing resolution"

technion — Fri, 10 Apr 2026 23:03:13 +0000

Outside of these unfortunuate situations, a lot of people are quite happy for developers of eg kernel anti cheat to have a difficult time.

We do need to recognise, a long history of "windows always bluescreens" was somewhat reigned in by this policy with a lot of crashes coming down to third party drivers.

New comment by technion in "Veracrypt project update"

technion — Wed, 08 Apr 2026 09:31:28 +0000

There's more to it. Signed desktop software can be signed by any CA.

Veracrypt has kernel drivers. Microsoft's ability to control what you can sign is specific to kernel drivers, and Microsoft's trigger finger around bans exists in the world where bad drivers BSOD machines.

In general this isn't your problem.

New comment by technion in "After 20 years I turned off Google Adsense for my websites"

technion — Tue, 07 Apr 2026 01:18:18 +0000

My experience deploying at blockers in the enterprise is the average non tech user feels the Internet is "broken" when it's not covered in ads and will tell helpdesk it needs to be fixed.

New comment by technion in "F-15E jet shot down over Iran"

technion — Sat, 04 Apr 2026 01:25:52 +0000

The easy example is that meta was full of influencers confirming the war was over, with the us having won, at a time Iran's own statements declared otherwise. That was a while back.

New comment by technion in "ChatGPT won't let you type until Cloudflare reads your React state"

technion — Mon, 30 Mar 2026 05:24:06 +0000

Whilst true, "validate the right state is loaded" would surely be something not done without developer input.

New comment by technion in "ChatGPT won't let you type until Cloudflare reads your React state"

technion — Sun, 29 Mar 2026 22:52:53 +0000

To prompt a discussion that's purely technical: I'm interested in how this was done.

Specifically, Turnstile as far as I'm aware doesn't do anything specifically configurable or site specific. It works on sites that don't run React, and the cookie OpenAI-Sentinel-Turnstile-Token is not a CF cookie.

Did OpenAI somehow do something on their own API that uses data from Turnstile?

New comment by technion in "I decompiled the White House's new app"

technion — Sat, 28 Mar 2026 22:20:41 +0000

If you go down this path you argue desktop browsing https is broken, which i dont think is a serious argument.