1. infogulch 32 minutes ago

   ok fine, two passwords then
2. infogulch 1 hour ago

   For WireGuard in general, you provide it an AllowedIPs config which is a list of CIDR ranges that should be routed across the link. That could be `0.0.0.0/0` (aka everything), a single subnet, a union of several, or even individual IPs. This config is technically symmetric between the endpoints, though a prototypical implementation of "individual clients enable the VPN to access the internal network" may limit the "client" AllowedIPs to an individual address.
3. infogulch Dec 16, 2025

   Maybe don't drop the warranty disclaimer just yet.

   > The MMWA requires conspicuous disclosure of warranty terms (e.g., designations like "Full" or "Limited" as prominent titles).

   > The common practice of ALL-CAPS WARRANTY DISCLAIMERS (e.g., "AS IS, NO WARRANTY") stems primarily from state adoptions of UCC § 2-316, which requires disclaimers of implied warranties to be "conspicuous" (and suggests all-caps as one way, especially in plain text).

   - Grok https://grok.com/share/bGVnYWN5_5c7db73a-ffd2-48b2-bb36-296f...

   That said, maybe it wouldn't be too hard to argue there is obviously no implied warranty with a crass license like WTFPL.

4. infogulch Dec 16, 2025

   Unicode wants to be able to preserve round-trip re-encoding from this other standard which has separate letter-K and degree-K characters. Making these small sacrifices for compatibility is how Unicode became the defacto world standard.
5. infogulch Dec 16, 2025

   You don't need to invalidate anything if the cache is keyed on the hash of the served objects. To put it another way, a hash-keyed cache results in perfectly precise, instant, distributed cache invalidation. Read the code in my comment again.
6. infogulch Dec 15, 2025

   Automatic version detection, revalidation, prewarming... caching seems so complicated these days. Forgive me for starting a sentence with "why don't we just"... but why don't we just use the hash of the object as the cache key and be done with it? You get integrity validation as a bonus to boot.

       <link rel="stylesheet" href="main.css?hash=sha384-5rcfZgbOPW7..." integrity="sha384-5rcfZgbOPW7..."/>
   
       Etag: "sha384-5rcfZgbOPW7..."
       Cache-Control: max-age=31536000, immutable

7. infogulch Dec 15, 2025

   Now all servers can participate in Encrypted Client Hello for enhanced user privacy: if clients open TLS connections with ECH where the server IP is used in the ClientHelloOuter and the target SNI domain is in the encrypted ClientHelloInner, then eavesdroppers won't be able to read which domain the user is connecting to.

   This vision still needs a several more developments to land before it actually results in an increment in user privacy, but they are possible:

       1. User agents can somehow know they can connect to a host with IP SNI and ECH (a DNS record?)
       2. User agents are modified to actually do this
       3. User agents use encrypted DNS to look up the domain
       4. Server does not combine its IP cert with it's other domain certs (SAN)

8. infogulch Dec 15, 2025

   To quote the great Mr Sparrow:

   > The only rules that really matter are these: what a man can do and what a man can't do.

   When evaluating security matters, it's better to strip off the moral valence entirely ("rightly") and only consider what is possible given the data available.

   Another potential concerning implication besides citizenship status: a person changed their id when put in a witness protection program.

9. infogulch Dec 12, 2025

   A basic Brave install: "strong protection against Web tracking" / 18.58 bits
10. infogulch Dec 1, 2025

    Q: 3. Get a user to upgrade their app's dependencies to versions newer than 2010.

    A: Calculate the average age in years of all dependencies calculated by: (max(most recent version release date, date of most recent CVE on library) - used version release date). Sleep for that many seconds before the app starts.

11. infogulch Nov 25, 2025

    I couldn't find my birthday in the first 10 or so pages, so I clicked "Give up" and searched the page for it. Said my pi index was in the 100,000s. Went back to the ui to select it manually and gave up after clicking fast for minutes and I hadn't even hit index 50,000.
12. infogulch Nov 25, 2025

    I've been following Unison for a long time, congrats on the release!

    Unison is among the first languages to ship algebraic effects (aka Abilities [1]) as a major feature. In early talks and blog posts, as I recall, you were still a bit unsure about how it would land. So how did it turn out? Are you happy with how effects interact with the rest of the language? Do you like the syntax? Can you share any interesting details about how it's implemented under the hood?

    [1]: https://www.unison-lang.org/docs/fundamentals/abilities/

13. infogulch Nov 25, 2025

    The craziest thing in that video is realizing that the Entity Component architecture was actually invented for Sketchpad in 1963, but the whole idea was slept on until Looking Glass reinvented it in 1998 for Thief: The Dark Project.
14. infogulch Nov 20, 2025

    I wonder if a columnar storage format should implement sum types with a struct of arrays where only one array has a nun-null value for each index.
15. infogulch Nov 13, 2025

    Oh is this based on my favoritest data structure ever: zed's Sum Tree?
16. infogulch Nov 3, 2025

    True! If only grandma wouldn't insist on bringing 250kg of weapons and ammunition with her everywhere I'd get much better range in my EV, but alas this is the USA.
17. infogulch Nov 2, 2025

    Is it really that annoying?
18. infogulch Oct 23, 2025

    Ok so no magic goroutine interruption, just contexts all the way down.

    Still, this is nicer than hand-rolling a WG every time.

19. infogulch Oct 22, 2025

    Wow how did I not know of this?!

    How does it cancel in-progress goroutines when the provided context is cancelled?

This user hasn’t submitted anything.