1. hvenev Nov 14, 2025

   Don't they already sell servers? https://www.nvidia.com/en-us/data-center/dgx-platform/
2. hvenev Nov 12, 2025

   Back when my job involved using Kubernetes and Helm, the solution I found was to use `| toJson` instead: it generates one line that happens to be valid YAML as well.
3. hvenev Oct 28, 2025

   From what I remember, the quality of a safe is measured in minutes, with "15-minute" safes being OK for general use.
4. 9 points Oct 13, 2025

   Show HN: A fast quantum circuit simulator

   0 comments hvenev qblaze.org
5. hvenev Sep 9, 2025

   English also changes, so the only way to be safe is to quote all identifiers.
6. hvenev Sep 5, 2025

   What I personally do is

       User=per-service-user
       ExecStart=!podman-wrapper ...
   

   where podman-wrapper passes `--user=1000:1000 --userns=auto:uidmapping=1000:$SERVICE_UID:1,gidmapping=1000:$SERVICE_GID:1` (where the UID/GID are set based on the $USER environment variable). Each container runs as 1000:1000 inside the container, which is mapped to the correct user on the host.
7. hvenev Sep 4, 2025

   Our GCP VMs are also not responding (europe-west4-a and us-central1-b).

   edit: Seems to be a network problem. We can't connect to them from Bulgaria, but we can connect to them from the US.

8. hvenev Aug 31, 2025

   I wonder when quantum computers will be able to target post-quantum RSA [1]. Normal RSA operations (key generation, encryption, decryption) have an asymptotic advantage over Shor's algorithm, so it is not unreasonable to just use large enough keys. The advantage is similar to Merkle's puzzles [2], with the added bonus that the attacker also needs to run their attack on a quantum computer.

   A while ago I generated a gigabit RSA public key. It is available at [3]. From what I remember, the format is: 4-byte little-endian key size in bytes, then little-endian key, then little-endian inverse of key mod 256**bytes. The public exponent is 3.

   [1] https://eprint.iacr.org/2017/351.pdf

   [2] https://dl.acm.org/doi/pdf/10.1145/359460.359473

   [3] https://hristo.venev.name/pqrsa.pub

9. 118 points Aug 17, 2025

   It’s OK to block ads (2015)

   112 comments hvenev ac.uk
10. hvenev Jul 13, 2025

    I'm struggling to understand how this has anything to do with borrow checking. Borrow checking is a way to reason about aliasing, which doesn't seem to be a concern here.

    This post is about memory management and doesn't seem to be concerned much about safety in any way. In C3, does anything prevent me from doing this:

      fn int* example(int input)
      {
          @pool()
          {
              int* temp_variable = mem::tnew(int);
              *temp_variable = input;
              return temp_variable;
          };
      }

11. hvenev Jul 11, 2025

    In `libnvidia-nvvm.so` the string `cutlass` appears right after `Memory Dependence Analysis` and `memdep`. Perhaps it acts as an optimization attribute of some sort, where the compiler is allowed to make assumptions about the kernel's behavior that are not valid in general?
12. hvenev Jul 8, 2025

    > can be implemented in terms of `openat` + `fgetxattr`

    Except for symlinks. `fgetxattr` requires a file opened for read or write, but symlinks can only be opened as `O_PATH`.

13. hvenev May 3, 2025

    Sadly the inclination of the orbit prevents it from falling that far north.
14. hvenev Feb 15, 2025

    I think git is quite nice and easy to work with once you realize one thing: git is first and foremost a filesystem. Version control is built on top.
15. hvenev Feb 8, 2025

    For local communication Microsoft Visual Studio Code often uses TCP sockets (bound to localhost) even though UNIX sockets are available. What's more, old versions used to pass the authentication token as a command-line argument, exposing it to all users on the system.

    I wonder how many other security disasters it contains that nobody has discovered yet.

16. hvenev Dec 5, 2024

    Despite the sad context, this seems refreshing -- an alert is raised due to a real and serious concern.
17. hvenev Nov 10, 2024

    I don't know, to me it just seems like a plausible interpretation:

    - In GitHub, forks of public repositories are themselves public repositories.

    - GitHub repositories can be cloned, which is a form of distribution.

    - Therefore any fork that implements, for example, a change to the programming language itself, but still uses the name "Rust", is distributing a modified version of the programming language in a manner that is not allowed.

    I sincerely hope that this is not the interpretation taken by the Rust Foundation, but I cannot know for sure. It seems very open to selective enforcement.

18. hvenev Nov 10, 2024

    The part of the policy about distributing modified versions of the Rust compiler seems interesting:

    > Publicly distributing a modified version of the Rust programming language, compiler, or the Cargo package manager, provided that the modifications are limited to:

    > - code adjustments for the purpose of porting to a different platform, architecture, or system, or integrating the software with the packaging system of that platform

    It looks like distributing a modified version with any change that isn't related to compatibility with a different platform/architecture/system is not allowed. This would probably make almost all GitHub forks of Rust non-compliant.

19. hvenev Oct 6, 2024

    The demo appears too stateful for me. The real power of `jq` is its reliability and the ability to reason about its behavior, which stateful tools inherently lack.

This user hasn’t submitted anything.