1. 9029 Jan 3, 2026 parent

   I thought it worked just fine on LTSC 2021 (21H2)
2. 9029 Jan 2, 2026 parent

   I think it could be interesting to explore Universal Blue based distros such as Bazzite for this kind of use cases. The OS comes from a standard OCI container image, which means you can create your own customized one by layering changes on top of an upstream base image.

   I feel bad for the unsolicited distro plug though especially since you already have a solution that works well and you are familiar with, but I thought it might still be useful to mention it. I'm not sure if uBlue would even be better vs your current setup. Seems like netboot would still be needed to get the latest version without an extra reboot.

3. 9029 Jan 1, 2026 parent

   It seems this vuln was already publicized in june, or is that interview from earlier?
4. 9029 Dec 31, 2025 parent

   > For a lot stuff on my local network I don’t want the hassle and there are loads of use cases in local networks for normal people to just have port 80 no certs on something like 192.x.x.x because there is no easy way to set up public certificates for that and I don’t want everything hostem on cloud - some stuff I want to still host for myself in my local network.

   Tbh I don't see what's hard about this. All you need is an A record pointing to your 192.x.x.x, acme capable dns host and a modern reverse proxy. You can even use a free ddns service if you want. Wouldn't bother with this for development, but anything hosted for longer than a few days absolutely yes. Imo not getting browser warnings is alone worth the few minutes it takes nowadays.

5. 9029 Dec 30, 2025 parent

   > But also, rewriting history only works if you haven't pushed code and are working as a solo developer.

   Weird, works fine in our team. Force with lease allows me to push again and the most common type of branch is per-dev and short lived.

6. 9029 Dec 27, 2025 parent

   I like that Zig allows using relaxed floating point rules with per block granularity to reduce the risk of breaking something else where IEEE compliance does matter. I think OpenMP simd pragmas can be used similarly for C/C++, but that's non-standard.
7. 9029 Dec 20, 2025 parent

   C++ lambdas can be used to achieve a similar result, not as pretty though https://isocpp.github.io/CppCoreGuidelines/CppCoreGuidelines... But in general I agree!
8. 9029 Nov 19, 2025 parent

   Tangential but funnily enough calling std::expected::error is ub if there is no error :D
9. 9029 Nov 12, 2025 parent

   This is exactly where Bazzite is convenient since it comes with the latest drivers (including 32-bit) out of the box.
10. 9029 Nov 6, 2025 parent

    I have used this setup for 6 years or so with KeePassXC and it's fine. Just being mindful of not editing stuff on other devices before the first one has had the chance to sync has been enough to avoid pretty much all sync conflicts. I have only had to resolve those a few times so far, iirc my android client was misconfigured at the time or something.

    I still recommend Bitwarden for password management for any "laypeople" since it will just work. Also worth noting that the basic functionality is free.

11. 9029 Nov 4, 2025 parent

    Seeing such pivotal announcement be poorly vetted slop doesn't really inspire confidence in the quality of their product.
12. 9029 Nov 3, 2025 parent

    Do you have an opinion on the keyboard firmware ZMK? They seem to use LESC but MITM during pairing is still a concern: https://zmk.dev/docs/features/bluetooth
13. 9029 Oct 31, 2025 parent

    While we are at it, here are some more useful warning flags I have used: https://github.com/cpp-best-practices/cppbestpractices/blob/.... Some C++-only though, some are a bit opinionated (like -Wsign-conversion) and some useful C-only flags might be missing.

    Few C-specific references I found just now, but haven't tried myself yet:

    https://github.com/systemd/systemd/blob/0885e4a6e7ca93d3aef8... https://github.com/airbus-seclab/c-compiler-security

    Also a good idea to regularly run the program with sanitizers, using them in tests is a good way to do that I think. Why not during development as well if the performance is acceptable for that specific program.

14. 9029 Oct 31, 2025 parent

    It has now been changed to

      if (rtt < 0.0)
      {
          fprintf(stderr, "Warning: Negative RTT detected (%.3f ms) - clock issue?\n", rtt);
          rtt = 0.0;
      }
    

    https://github.com/davidesantangelo/fastrace/blob/e8b19407a4...
15. 9029 Oct 31, 2025 parent

    Is this vibe coded or is it just the readme that's AI-generated?
16. 9029 Oct 27, 2025 parent

    > a parser may reject the document entirely if it occurs

    Ah, that's what I was missing. Thanks! The relevant part of the spec:

    > user agents, while parsing an HTML document, may abort the parser at the first parse error that they encounter for which they do not wish to apply the rules described in this specification.

    (https://html.spec.whatwg.org/multipage/parsing.html#parse-er...)

17. 9029 Oct 27, 2025 parent

    Maybe a dumb question but I have always wondered, why does the (authoring?) spec not consider e.g. "doctypehtml" as valid HTML if compliant parsers have to support it anyway? Why allow this situation where non-compliant HTML is guaranteed to work anyway on a compliant parser?
18. 9029 Oct 25, 2025 parent

    > I am curious what their editing process was

    They said:

    > I typed in the new code as that's faster than modifying the existing code

19. 9029 Oct 18, 2025 parent

    Update on power draw for anyone interested: measured with a cheap AC power meter, I get 2.8-4.2W idle with occasional jump to up to 8W on my M720q with i5-8400T, 16GB ram and a single nvme drive. This is on Debian 13 with ASPM enabled for everything and a few containers running (home assistant, esphome, bookstack, tailscale). According to powertop stats on C-states, it's mostly in package C9 and core C10.
20. 9029 Oct 14, 2025 parent

    Used Intel 8th gen based mini PCs seem like a pretty good value. 100-150 bucks for a pc from a somewhat reputable brand (lenovo, dell, hp) with slightly better multi core than N150 and ~6W idle if you manage to get it to stay in C10. Some of them have a low profile pcie slot, like M720q and M920q. Also the CPU is socketed so you could technically upgrade it to e.g. i9-9900K, at least the M920q is known to take one as long as you use a powerful enough PSU. Few of them (at least M920q) also support coreboot due to an Intel Boot Guard vuln which could be fun, I'm planning to look into whether it could be ported to my M720q as well.
21. 9029 Oct 12, 2025 parent

    The difference is that unlike Brave and Vanadium, Firefox doesn't come with an ad blocker. You will have to install uBO. If you want to also trim tracking query params, you will have to enable a non-default filter list. Modifications like these will make you stand out from the average Firefox user. It's the reason why installing more extensions and messing with settings is not recommended when using Tor browser or Mullvad browser. The GrapheneOS project also discourages it (https://grapheneos.org/usage#web-browsing).

    But you are still right, I don't have data for this or even a measure for uniqueness, it's just a guess.

22. 9029 Oct 11, 2025 parent

    While I still use Firefox on desktop, on Android I recently switched from Firefox mobile to Brave out of security concerns and frustrations with performance. It has built-in tracker, query param and ad blocking, and is recommended by the GrapheneOS people as a decent alternative to their Vanadium browser [0]. Additionally, I have a gut feeling a Brave user blends in a bit better with its default ad blocking vs say a Firefox user with extensions and filter lists of their choice, but this might be negligible.

    On the other hand the affiliate, crypto and AI shit in Brave are quite disgusting tbh, but at least they can be disabled. I also miss Firefox sync a bit.

    [0] https://grapheneos.social/@GrapheneOS/111966258971400137

23. 9029 Oct 8, 2025 parent

    I have been planning to get either Witrn K2 or Power-Z KM003C. If just cable testing is enough, the Treedix one is probably good.

    Related: If you are looking for cables, this guy has tested a bunch (mainly for charging capabilities) https://www.allthingsoneplace.com/usb-cables-1

24. 9029 Oct 2, 2025 parent

    Very cool project, I feel inspired to try something like this myself!

    I noticed there seems to be a use-after-return with the creds returned from CredentialManager::retrieveCredentials (C-arrays can't be passed/returned by value). One solution could be to return Arduino Strings instead

25. 9029 Sep 27, 2025 parent

    LLM rizzmaxxing is crazy
26. 9029 Sep 19, 2025 parent

    I don't know how to feel about that. To me it sounds like an awful direction for the desktop experience on macOS, but on the other hand iPads are currently held back by iPadOS
27. 9029 Sep 17, 2025 parent

    I very much enjoy Everything whenever I use Windows. I wonder what's the equivalent for Linux, plocate?
28. 9029 Sep 16, 2025 parent

    Fwiw this has been my setup for ~10 years now and I don't really see an issue with it. Screen locker crashing would have been a concern back in the Xorg days but I don't think it's an issue nowadays with the ext-session-lock-v1 Wayland protocol. I value startup speed and simplicity of my setup and have no use for features provided by a DM, so this has always felt like a no-brainer to me.
29. 9029 Sep 11, 2025 parent

    Where does it say the app comes with Graphene???
30. 9029 Sep 2, 2025 parent

    It sounds good but I feel little uneasy about them paying Yandex

This user hasn’t submitted anything.