RISC-V is sloooow – Marcin Juszkiewicz

143 vs 36 minutes is far too big difference

Security Vulnerabilities fixed in Firefox 148

New accounts on HN 10x more likely to use EM-dashes

I’ve had this sense that HN has gotten absolutely innundated with bots last few months. First most obvious giveaway is the frequency with which you see accounts posting brilliant insights like 13 60 well and t6ctctfuvuh7hguhuig8h88gd to f6gug7h8j8h6fzbuvubt GB I be cugttc fav uhz cb ibub8vgxgvzdrc to bubuvtxfh tf d xxx h z j gj uxomoxtububonjbk P.l.kvh cb hug tf 6 go k7gtcv8j9j7gimpiiuh7i 8ubg or 1662476506 or Аё Beyond the accounts that are visibly glitching out, the vibe is also seriously off.

GitHub - olvvier/apple-silicon-accelerometer: reading the undocumented mems accelerometer on apple silicon macbooks via iokit hid

reading the undocumented mems accelerometer on apple silicon macbooks via iokit hid - olvvier/apple-silicon-accelerometer

DNS-PERSIST-01: A New Model for DNS-based Challenge Validation

When you request a certificate from Let’s Encrypt, our servers validate that you control the hostnames in that certificate using ACME challenges. For subscribers who need wildcard certificates or who prefer not to expose infrastructure to the public Internet, the DNS-01 challenge type has long been the only choice. DNS-01 works well. It is widely supported and battle-tested, but it comes with operational costs: DNS propagation delays, recurring DNS updates at renewal time, and automation that often requires distributing DNS credentials throughout your infrastructure.

Outsourcing thinking – Erik Johannes Husom

Personal website.

The Cathedral, the Megachurch, and the Bazaar

If you’re of a certain age, you probably remember the essay The Cathedral and the Bazaar. The TL;DR was that old open source was the cathedral of exclusive developers and groups. Then the Bazaar showed up (which was the Linux Kernel for example) and that freed us from the shackles of the cathedral. Except if we look at how things evolved, it wasn’t actually a bazaar. It was a bunch of roadside churches that are now megachurches. But there is still a bazaar, and it’s holding up our modern infrastructure.

Don't fall into the anti-AI hype - <antirez>

Decorative Cryptography

All encryption is end-to-end, if you’re not picky about the ends. config TCG_TPM2_HMAC bool "Use HMAC and encrypted transactions on the TPM bus" default n select CRYPTO_ECDH select CRYPTO_LIB_AESCFB select CRYPTO_LIB_SHA256 select CRYPTO_LIB_UTILS help Setting this causes us to deploy a scheme which uses request and response HMACs in addition to encryption for communicating with the TPM to prevent or detect bus snooping and interposer attacks (see tpm-security.rst). Saying Y here adds some encryption overhead to all kernel to TPM transactions. Last year, I came agross a Linux kernel feature called TCG_TPM2_HMAC. It claims to detect or prevent active and passive interposer attackers. That’s one of my sleeper agent activation phrases, so I dug in.

gpg.fail