Readit News logoReadit News
augusto-moura commented on I run a full Linux desktop in Docker just because I can   howtogeek.com/i-run-a-ful... · Posted by u/redbell
ponsfrilus · a day ago
Just to brag about it, did it 10 years ago: https://github.com/ponsfrilus/arch-novnc
augusto-moura · a day ago
I did a similar thing some years ago, when trying to hack my own cloud gaming setup by using AWS GPU Linux instances. While it worked the price per hour wasn't worth it compared to just buying a good GPU.

My idea was very similar, using TigerVNC and just launching Steam without a WM. Unfortunately I think I lost the code for it

augusto-moura commented on Crimes with Python's Pattern Matching (2022)   hillelwayne.com/post/pyth... · Posted by u/agluszak
sitkack · 3 days ago
There is a way to make it work. Python has no problem breaking things across major versions.
augusto-moura · 2 days ago
Breaking {} to be an empty set would be a HUGE breaking change, a _lot_ of code is already written where it is expected to be an empty dict. I don't think anyone in the Python committee would agree with breaking that
augusto-moura commented on Crimes with Python's Pattern Matching (2022)   hillelwayne.com/post/pyth... · Posted by u/agluszak
kurtis_reed · 3 days ago
{:} should have been the empty dict, now there's no good solution
augusto-moura · 3 days ago
I agree that {:} would be a better empty expression for dicts, but that ship has already sailed. {/} looks like a good enough alternative
augusto-moura commented on Crimes with Python's Pattern Matching (2022)   hillelwayne.com/post/pyth... · Posted by u/agluszak
charlieyu1 · 3 days ago
More and more dubious things were designed in Python these days. A recent PEP purposes to use {/} as the empty set
augusto-moura · 3 days ago
Problem is, we already have a syntax for empty lists [], empty tuples (), and {} is taken for an empty dict. So having a syntax for an empty set actually makes sense to me
augusto-moura commented on How I use Tailscale   chameth.com/how-i-use-tai... · Posted by u/aquariusDue
dijit · 14 days ago
A game of battleship is indeed a good analogy!

Just because its a finite space that may eventually be discovered is a poor reason to announce where things are!

augusto-moura · 14 days ago
Battleship sounds like a good analogy, but is very different because you don't have other options to "secure your ship" besides obscurity. If you had other options, let's say a sonar or moving your ship, they would definitely be used along with obscurity.

Besides, the time to scan the whole board is too time consuming in a battleship game, but scanning the whole internet on the other hand only take a few minutes[1]

[1]: https://github.com/robertdavidgraham/masscan

augusto-moura commented on How I use Tailscale   chameth.com/how-i-use-tai... · Posted by u/aquariusDue
homebrewer · 15 days ago
IME, moving ssh off the standard port reduces bot scanning traffic by >99%. Not only it means less noise in the logs (and thus higher SNR), but also lowers the chance you're hit by spray-and-pray in case there's a zero day in sshd (or any other daemon really).
augusto-moura · 15 days ago
True, but I hardly open any ssh to the wide world. I would only allow it inside a closed network anyways. HTTP on the other hand _needs_ to be exposed on 80 or 443 (not technically, but in practice)
augusto-moura commented on How I use Tailscale   chameth.com/how-i-use-tai... · Posted by u/aquariusDue
dijit · 15 days ago
I wish this trend of “security through obscurity” should mean that all info should just be exposed would die, its silly and lacks basis in reality.

Even within infosec, certain types of information disclosure are considered security problems. Leaking signed up user information or even inodes on the drives can lead to PCI-DSS failures.

Why is broadcasting your records treated differently? Because people would find the information eventually if they scanned the whole internet? Even then they might not due to SNI; so this is actually giving critical information necessary for an attack to attackers.

augusto-moura · 15 days ago
The issue is not that obscurity per se is bad, but relying _only_ on obscurity is absolute the same as not having any security measures at all.

With the public ledger or not, you will still need to implement proper security measures. So it shouldn't matter if your address is public or not, in fact making it public raises the awareness for the problem. That's the argument.

augusto-moura commented on Cursor CLI   cursor.com/cli... · Posted by u/gonzalovargas
enobrev · 16 days ago
I think I'd be happier with a standard .agents directory and have all of these in there. I imagine each agent is going to need its own tweaks to get it to work just right with their system prompts, just as Claude already has it's project-specfic .claude directory for hooks and commands and whatnot.

I'd rather .agents/claude or something so we can get these files out of the root directory, which, at least for typescript projects, is already a confetti-like jumble of json files for every little "simple" tool that needs its own configuration file.

I get why package.json isn't enough. But would a .config directory standard really have hurt us so much?

augusto-moura · 16 days ago
Ideally (and in practice, so far) they shouldn't change that much. The agent instructions should be close to a human explanation, and they are pretty good at parsing instructions anyway. In my experience you can symlink the same file to all paths and they work as expected.
augusto-moura commented on Modern Node.js Patterns   kashw1n.com/blog/nodejs-2... · Posted by u/eustoria
joaohaas · 20 days ago

  try {
    // Parallel execution of independent operations
    const [config, userData] = await Promise.all([
      readFile('config.json', 'utf8'),
      fetch('/api/user').then(r => r.json())
    ]);
    ...
  } catch (error) {
    // Structured error logging with context
    ...
  }
This might seem fine at a glance, but a big grip I have with node/js async/promise helper functions is that you can't differ which promise returned/threw an exception.

In this example, if you wanted to handle the `config.json` file not existing, you would need to somehow know what kind of error the `readFile` function can throw, and somehow manage to inspect it in the 'error' variable.

This gets even worse when trying to use something like `Promise.race` to handle promises as they are completed, like:

  const result = Promise.race([op1, op2, op3]);
You need to somehow embed the information about what each promise represents inside the promise result, which usually is done through a wrapper that injects the promise value inside its own response... which is really ugly.

augusto-moura · 20 days ago
You are probably looking for `Promise.allSettled`[1]. Which, to be fair, becomes quite convulated with destructuring (note that the try-catch is not necessary anymore, since allSettled doesn't "throw"):

  // Parallel execution of independent operations
  const [
    { value: config, reason: configError },
    { value: userData, reason: userDataError },
  ] = await Promise.allSettled([
    readFile('config.json', 'utf8'),
    fetch('/api/user').then(r => r.json())
  ]);

  if (configError) {
    // Error with config
  }

  if (userDataError) {
    // Error with userData
  }
When dealing with multiple parallel tasks that I care about their errors individually, I prefer to start the promises first and then await for their results after all of them are started, that way I can use try catch or be more explicit about resources:

  // Parallel execution of independent operations
  const configPromise = readFile('config.json', 'utf8')
  const userDataPromise = fetch('/api/user').then(r => r.json())

  let config;
  try {
    config = await configPromise
  } catch (err) {
    // Error with config
  }

  let userData;
  try {
    userData = await userDataPromise
  } catch (err) {
    // Error with userData
  }
Edit: added examples for dealing with errors with allSettled

[1]: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Refe...

augusto-moura commented on Using Microsoft's New CLI Text Editor on Ubuntu   omgubuntu.co.uk/2025/06/m... · Posted by u/jandeboevrie
augusto-moura · 2 months ago
I vividly remember using edit on an Windows XP (or was it a 98?) when I was a kid. It was one of those hidden commands that I learned while watching my uncles and father do trickery in CMD

Edit: just read https://devblogs.microsoft.com/commandline/edit-is-now-open-... and it seems that all 32bit windows versions had edit. I was probably using Windows XP 32 the last time I remember using edit

augusto-moura · 2 months ago
I also remember that tried running edit on windows 8 and got surprised that it was removed
a

u/augusto-moura

KarmaCake day940April 22, 2017
About
Brazilian developer, interested in hacking anything, from container orchestration to breadboards. I also know a lot of JavaScript
View Original