> Why is the HN crowd so anti-AI?

For most software engineers LLMs represent future financial uncertainty, pushing them into a tailspin. For a substantial subgroup the challenge runs deeper IMO. They are experiencing an identity crisis, as a central component of their self-concept is being violently stripped away on top of the financial uncertainty.

Yeap and still has bugs (reports say that the base system bin in 7.9 doesn't work properly): https://marc.info/?l=openbsd-misc&m=178070682043839&w=2

And here: https://marc.info/?l=openbsd-tech&w=2&r=1&s=rsync&q=b you can quite a few other bugs...

I use OpenBSD for routers and love it :-) but it is software, hence it has bugs .-

Doesn’t depend on the language? Actually I am thinking of the standard library… Python’s in kinda huge and some are hard (for me) to grasp. Golangs seem pretty simple.

Language’s own native data structures isn’t limited to just the standard library.

> Two, the HA story is so much more complicated than it should be.

Really? I am curious, how would simplify it? It’s a very well defined problem and all the “solutions” are very complicated and with many strings attached. I have managed one or two systems that came in different modalities and you had to pick your poison and had to make sure the other engineering teams understand the trade offs. Some were more successful than others, but “easy” never crossed my mind.

Redis is single threaded and doesn’t concern itself with these things, directly, exactly because Antitez understood the trade offs and made all the right choices.

How would you improve the HA story without sacrificing ease of use and performance on a single thread?

For anyone else interested, here’s the link to the newsletter: https://www.bloomberg.com/opinion/authors/ARbTQlRLRjE/matthe...

> Finally, on May 13th, after ~36,000 km across 12 countries over 42 days, the laptop had arrived.

This is by all means amazing. Kudos.

...long standing indeed. It can be traced back to Plato's works.

"The European philosophical tradition consists of a series of footnotes to Plato."

The 90% of the Phillosophical tradition it's just bad discrete math.

I’m using middleman for ages and been pretty happy with it. It’s a ruby-based static side generator framework.

I have no idea about speed. Markdown support sure, I use HAML as well. There are search plugins but you can use any a publicly available search engine (Google, DuckDuckGo, etc) for that if you want to avoid JS or backend DBs.

tl;dr: switch to podman :-) or (for docker, not mention in the post but...) just `allowPrivilegeEscalation=False` in the deployment's SCC and you'll be fine at the pod level. Most deployments don't need priv escalation anyway, the ones that do need to either limits perms through capabilities or make sure the node (meaning the kernel) is patched.

How does allowPrivilegeEscalation=False help?

Have you tested running the PoC in a pod with and without proviEsc set?

No, I haven’t.

My concern is to try to understand the mechanisms of the exploit.

Copy Fail is not simply ”hey, kernel, give me root”. I would say it’s more general than that. It’s rather: ”Hey, kernel, when you present file /foo to a process, make the contents of that file appear according to my wishes”. Which can be used (in various ways) to advance the attacker’s position.

That’s why I think it’s interesting to ponder if that power allows the attacker to simply sneak past security policies such as allowPrivilegeEscalation=false.

>How is creating low value, quickly depreciating products good?

You might have better luck having a conversation without using a leading question.