The context in which that statement was made, and in which I’m repeating it, I think, is just to say that any bug has the potential to be used maliciously. Ignore it, fine, but also don’t overreact to the intended…
Actually, Mudge of the l0pht (and later DARPA) once famously made the claim that all bugs are security issues waiting to be exploited in some way (I’m probably paraphrasing). I kind of agree. Although, the bugs on this…
Ack Yep my bad. Actually my bad for reading the “comment” incorrectly and being out of the loop with the cursor sale til now.
This was just ~10% of boston dynamics at that price. HN pro-tip: before commenting, read the articles not just the headlines.
This! … Is why I picked my name.
You are leaping to the assumption that I don’t actually believe in the tech. This is incorrect. I am griping with the way it is being recklessly and stupidly deployed by poeople who really don’t know what they’re doing.
I actually agree somewhat with jatora. However a large segment of the top ~20% of security folks are being forced to become reverse centaurs, as opposed to centaurs (disempowered vs empowered) due to the factors I…
I was reviewing a HTTP proxy implementation emitted from Claude Code 4.6 or 7. Don’t remember. I saw that it could rapidly create convincingly plausible code with tons of rationalizing that further strengthened all of…
Me too precisely. But after getting acclimated to a self hosted vaultwarden for the backend and beginning to explore some of the 3rd party Bitwarden frontends that implement its API, I’d recommend hanging in there a bit…
https://github.com/doy/rbw Is an alternative Bitwarden cli front end. Probably has plenty of scaffolding to build a GUI frontend based on it. Edit: Just a bit of googling turned up these as well.…
I have my vaultwarden running on a container on my home-lab server acessible only from Tailscale. The container itself is only accessible as its own node on my Tailscale private network and can’t be reached any other…
I was thinking about Brave too while reading this thread. I’m not on a memory constrained system exactly but Brave seems to be tons snappier due to its as blocking. I wonder too if Brave is a case where you can pull it…
It really shines for navigating history. <esc>/ searches history the same way as the editor search function
It’s strange. I have heard this from lots of others too. I think I am an anomaly here. I can’t live without shell vi mode
set -o vi <esc> puts you into vi mode at the cli prompt with all the semantics of the editor. These carpal tunnel riddled hands can’t be bothered to reach for ctrl or alt let alone arrow keys.
It’s almost like we need some deterministic set of instructions that can be fed to a machine and followed reliably? Like… I don’t know… a “programming language”?
The advice that everyone seemed to agree on at least just a few months ago was to make sure _you_ write the comprehensive tests/specs and this is what I still would recommend doing to anyone asking. I guess even this…
Nope. Those are not the only answers I am seeing. I’m still curious though. 2x was nice because nobody really questioned it. Now that we have there doesn’t seem to be one “answer”. This is a fun/interesting question…
Why was this downvoted? I’m generally curious what current recommendations for swap are too! Edit: oh and I don’t have an actual personal system with swap configuration on it anymore to give my own answer anymore either.
LLMs may occasionally turn bad code into better code but letting them loose on “good” or even “good enough” code is not always likely to make it “better”.
Groan…
Public Linux rootkits have been around a very very long time. Nothing new here in that regard. Also Linux AV has been around almost as long… This effort is more useful to up and coming defenders and security researchers…
I’m beginning to think maybe I’m the only one that read this whole thing. The firmware storage isn’t the security through obscurity problem being talked about here. The hardcoded TLS private key definitely is though.…
I think maybe you’re reading this wrong. Reverse-engineering blog posts like this are just a fun and instructive way of telling the story of how someone did a thing. Having written and read a bunch of these in the past…
Probably something closer to ripgrep, if not actually ripgrep.
The context in which that statement was made, and in which I’m repeating it, I think, is just to say that any bug has the potential to be used maliciously. Ignore it, fine, but also don’t overreact to the intended…
Actually, Mudge of the l0pht (and later DARPA) once famously made the claim that all bugs are security issues waiting to be exploited in some way (I’m probably paraphrasing). I kind of agree. Although, the bugs on this…
Ack Yep my bad. Actually my bad for reading the “comment” incorrectly and being out of the loop with the cursor sale til now.
This was just ~10% of boston dynamics at that price. HN pro-tip: before commenting, read the articles not just the headlines.
This! … Is why I picked my name.
You are leaping to the assumption that I don’t actually believe in the tech. This is incorrect. I am griping with the way it is being recklessly and stupidly deployed by poeople who really don’t know what they’re doing.
I actually agree somewhat with jatora. However a large segment of the top ~20% of security folks are being forced to become reverse centaurs, as opposed to centaurs (disempowered vs empowered) due to the factors I…
I was reviewing a HTTP proxy implementation emitted from Claude Code 4.6 or 7. Don’t remember. I saw that it could rapidly create convincingly plausible code with tons of rationalizing that further strengthened all of…
Me too precisely. But after getting acclimated to a self hosted vaultwarden for the backend and beginning to explore some of the 3rd party Bitwarden frontends that implement its API, I’d recommend hanging in there a bit…
https://github.com/doy/rbw Is an alternative Bitwarden cli front end. Probably has plenty of scaffolding to build a GUI frontend based on it. Edit: Just a bit of googling turned up these as well.…
I have my vaultwarden running on a container on my home-lab server acessible only from Tailscale. The container itself is only accessible as its own node on my Tailscale private network and can’t be reached any other…
I was thinking about Brave too while reading this thread. I’m not on a memory constrained system exactly but Brave seems to be tons snappier due to its as blocking. I wonder too if Brave is a case where you can pull it…
It really shines for navigating history. <esc>/ searches history the same way as the editor search function
It’s strange. I have heard this from lots of others too. I think I am an anomaly here. I can’t live without shell vi mode
set -o vi <esc> puts you into vi mode at the cli prompt with all the semantics of the editor. These carpal tunnel riddled hands can’t be bothered to reach for ctrl or alt let alone arrow keys.
It’s almost like we need some deterministic set of instructions that can be fed to a machine and followed reliably? Like… I don’t know… a “programming language”?
The advice that everyone seemed to agree on at least just a few months ago was to make sure _you_ write the comprehensive tests/specs and this is what I still would recommend doing to anyone asking. I guess even this…
Nope. Those are not the only answers I am seeing. I’m still curious though. 2x was nice because nobody really questioned it. Now that we have there doesn’t seem to be one “answer”. This is a fun/interesting question…
Why was this downvoted? I’m generally curious what current recommendations for swap are too! Edit: oh and I don’t have an actual personal system with swap configuration on it anymore to give my own answer anymore either.
LLMs may occasionally turn bad code into better code but letting them loose on “good” or even “good enough” code is not always likely to make it “better”.
Groan…
Public Linux rootkits have been around a very very long time. Nothing new here in that regard. Also Linux AV has been around almost as long… This effort is more useful to up and coming defenders and security researchers…
I’m beginning to think maybe I’m the only one that read this whole thing. The firmware storage isn’t the security through obscurity problem being talked about here. The hardcoded TLS private key definitely is though.…
I think maybe you’re reading this wrong. Reverse-engineering blog posts like this are just a fun and instructive way of telling the story of how someone did a thing. Having written and read a bunch of these in the past…
Probably something closer to ripgrep, if not actually ripgrep.