Hacker News: tsujamin

New comment by tsujamin in "Microsoft terminates VeraCrypt account, halting Windows updates"

tsujamin — Wed, 08 Apr 2026 18:09:28 +0000

For what it’s worth, Trusted Signing verification has been a moving target over the last 12 months. It was open for individuals, then it was closed to anyone except (iirc) US businesses with DUNS numbers, then it opened again to US based individuals (and a few other countries perhaps).

My completely uninformed guess was that someone had done something naughty with Trusted Signing-issued code signing certificates.

Anyway, when I first saw the VeraCrypt thing this morning my initial reaction was “I wonder if this is them pushing developers onto trusted signing the hard way?”

New comment by tsujamin in "Microsoft terminates VeraCrypt account, halting Windows updates"

tsujamin — Wed, 08 Apr 2026 17:08:14 +0000

They did, just further into the article:

> According to a post on Hacker News, the popular VPN client WireGuard is facing the same issue.

New comment by tsujamin in "Mobile carriers can get your GPS location"

tsujamin — Sun, 01 Feb 2026 01:18:52 +0000

It could be a flag in the per-network CarrierConfig bundle. I imagine that would help with jurisdictions that might require this protocol for legislative reasons

New comment by tsujamin in "Cloudflare claimed they implemented Matrix on Cloudflare workers. They didn't"

tsujamin — Tue, 27 Jan 2026 17:28:24 +0000

That the original post to HN linked in the blog was done on a throwaway kind of implies a level of awareness (on the part of the dev) that the code/claims were rubbish :)

https://news.ycombinator.com/item?id=46780837

Azul 9.0 is Open Sourced (Australian Cyber Security Centre)

tsujamin — Mon, 12 Jan 2026 10:29:49 +0000

Article URL: https://australiancybersecuritycentre.github.io/azul/

Comments URL: https://news.ycombinator.com/item?id=46586537

Points: 1

# Comments: 0

New comment by tsujamin in "Microsoft kills official way to activate Windows 11/10 without internet"

tsujamin — Sat, 03 Jan 2026 04:46:17 +0000

To name a few (presumably): drivers, proprietary protocols, vendor warranties/support, licensing/relicensing, paying you to do the work, waiting for the work to be done/tested, paying for workforce re-training, justifying this to management etc.

All these reasons suck, but they’re all reality in one industry or another sadly.

New comment by tsujamin in "Loss32: Let's Build a Win32/Linux"

tsujamin — Wed, 31 Dec 2025 17:21:18 +0000

There’s also API Sets: where DLLs like api-win-blah-1.dll acts as a proxy for another DLL both literally, with forwarder exports, and figuratively, with a system-wide in-memory hashmap between api set and actual DLL.

Iirc this is both for versioning, but also so some software can target windows and Xbox OS’s whilst “importing” the same api-set DLL? Caused me a lot of grief writing a PE dynamic linker once.

https://bookkity.com/article/api-sets

New comment by tsujamin in "Ask HN: What did you read in 2025?"

tsujamin — Sat, 27 Dec 2025 05:06:02 +0000

Strong recommendation for Alistair Reynold’s Century Rain if you want another of his. It’s part 20th century alternate history, part hard boiled crime noir, and part hard space opera.

New comment by tsujamin in "Ask HN: What did you read in 2025?"

tsujamin — Sat, 27 Dec 2025 04:58:57 +0000

Cutting a long list short, the _best_ thing I read this year was W. Somerset Maugham’s Of Human Bondage.

It’s not a book where the world changes greatly or great things are done, but honestly that’s kind of nice: It’s a compelling story of a life, the characters were engrossing (one in particular stands out for how strongly _dislikeable_ they are) and the I loved the prose.

Also shoutout to Standard EBook’s excellent, public domain edition (and all their volunteers other work!): https://standardebooks.org/ebooks/w-somerset-maugham/of-huma...

New comment by tsujamin in "Microsoft please get your tab to autocomplete shit together"

tsujamin — Thu, 25 Dec 2025 00:49:06 +0000

I thought I was going crazy, but it started feeling materially worse sometime in last few weeks.

New comment by tsujamin in "Recovering Anthony Bourdain's Li.st's"

tsujamin — Sat, 13 Dec 2025 23:55:06 +0000

> Great Dead Bars of New York:

> 1. SIBERIA in any of its iterations. The one on the subway being the best.

Timely, as the latest reincarnation of SIBERIA just re-opened in 59th Street/Columbus Circle station

Simple trick to increase coverage: Lying to users about signal strength

tsujamin — Mon, 03 Nov 2025 01:27:48 +0000

Article URL: https://nickvsnetworking.com/simple-trick-to-increase-coverage-lying-to-users-about-signal-strength/

Comments URL: https://news.ycombinator.com/item?id=45795036

Points: 439

# Comments: 181

New comment by tsujamin in "Compiler Bug Causes Compiler Bug: How a 12-Year-Old G++ Bug Took Down Solidity"

tsujamin — Fri, 15 Aug 2025 19:08:23 +0000

So long as you’re writing your smart contracts with a chisel, into a stone tablet, with no compilers or assemblers in sight!

New comment by tsujamin in "When DEF CON partners with the U.S. Army"

tsujamin — Thu, 14 Aug 2025 01:14:44 +0000

A Pwnie for "unilaterally shutting down a counterterrorism operation”

New comment by tsujamin in "New adaptive optics shows details of our star's atmosphere"

tsujamin — Sun, 01 Jun 2025 02:42:58 +0000

You say beautiful, I say existentially terrifying, let’s split the difference

New comment by tsujamin in "Google AI Ultra"

tsujamin — Tue, 20 May 2025 20:05:21 +0000

Obviously not speaking for others experience, but it all makes me feel pretty fatigued, and as if this growing expectation of "AI-enhanced productivity" is coming at the expense of a craft and process (writing software) that I enjoy.

Using AI to Create an Exploit for CVE-2025-32433 Before Public PoCs Existed

tsujamin — Thu, 24 Apr 2025 18:26:54 +0000

Article URL: https://platformsecurity.com/blog/CVE-2025-32433-poc

Comments URL: https://news.ycombinator.com/item?id=43785870

Points: 2

# Comments: 1

New comment by tsujamin in "Cross-Platform P2P Wi-Fi: How the EU Killed AWDL"

tsujamin — Fri, 28 Mar 2025 16:46:56 +0000

> wireless file transfers between Android and iOS being completely impossible at the moment

P2P proximal wireless transfer, sure, but there's half a dozen apps on your phone that'll let you punt a document, a photo, an invite to someone on the other phone OS platform.

Maybe I'm an edge case, but probably 90% of my Airdrop usage is between my own devices, so the platform taking care of the authentication story is of more utility than cross-platform transfers. If someone isn't on iOS I'll just send them the file on Signal since, if the source is my phone in the first place, it's probably not a huge transfer anyway.

New comment by tsujamin in "Leaked Apple meeting shows how dire the Siri situation is"

tsujamin — Sun, 16 Mar 2025 22:07:26 +0000

They already have a compostable automation api with 3rd party integrations: Shortcuts!

It’s not perfect, but surely you could natural language -> llm -> temporary shortcut script and that gets you a decent part of the way to a smarter Siri

New comment by tsujamin in "Tj-actions/changed-files GitHub Action Compromised – used by over 23K repos"

tsujamin — Sat, 15 Mar 2025 02:06:34 +0000

How does SBOM and such account for this? If you’re a package maintainer, do you need to include CI pipeline plugins, their dependencies, going down as far as the pipeline host, in your security-relevant dependencies? Hard problems :/