Readit News logoReadit News
gusmd commented on Sign in as anyone: Bypassing SAML SSO authentication with parser differentials   github.blog/security/sign... · Posted by u/campuscodi
TZubiri · 6 months ago
Is SSO salvageable at all? It seems like the idea of just logging into different accounts is fine.

Also just the idea of connecting your accounts together such that you can get megacompromised is foundationally riskier

gusmd · 6 months ago
One can use OIDC instead of SAML for SSO.
gusmd commented on Grok 3 claims its system prompt includes censorship about Musk/Trump   old.reddit.com/r/OpenAI/c... · Posted by u/mambodog
mandmandam · 6 months ago
The story goes, at least a few people don't like hearing about Musk so often, and so we need to let all news about the rapid strip-mining of our government and economy be flagged without question.

The capital class are set to receive trillions in tax breaks off the gutting of things like Medicaid and foreign aid to the poorest and most vulnerable people in the world. The CEO of YC and Paul Graham are cheer-leading the provably racist and inexperienced DOGE team. That dozens of stories about their incredibly damaging antics are being flagged on HN is purely for the good of us tech peasants, and nothing to do with the massive tax breaks for billionaires.

Remember, dang wants us all to know that these flags are for the good of the community, and by our own hand. All the flaggers of these stories that he's seen are 'legit'. No you can't look at the logs.

And no, you can't make a thread to discuss this without it getting flagged; how dare you even ask that. Now let Musk reverse Robin Hood those trillions in peace, and stop trying to rile up the tech-peasantry.

gusmd · 6 months ago
I've always held dang in pretty high regard seeing his answers on controversial topics, and haven't seen what you said above.

Do you actually have to provide a reason for flagging a post? If so, I would love to see the reasoning behind flagging this one, and dang's reason for keeping it that way. But of course, this is a private website, so I'd understand, albeit disappointingly so, if this is buried.

gusmd commented on Grok 3 claims its system prompt includes censorship about Musk/Trump   old.reddit.com/r/OpenAI/c... · Posted by u/mambodog
gusmd · 6 months ago
This is very relevant w.r.t. HN being LLM-related and to the current political climate. It is also easily verifiable as a few X/Grok links on this thread show. Why is it flagged?
gusmd commented on Grok 3 claims its system prompt includes censorship about Musk/Trump   old.reddit.com/r/OpenAI/c... · Posted by u/mambodog
amrrs · 6 months ago
It still answers Elon Musk as the biggest misinformation spreader - https://x.com/i/grok/share/5N2eKM8sRiaCQB6eOoYZUUwIv
gusmd · 6 months ago
I wonder how that differs from the sibling post with the exact same prompt? https://x.com/i/grok/share/fov27TB0Zn9jH5ZYIV70nTqN2

Is there some entropy or randomness at play here? Or some sort of RAG? Even if it was RAG, the "reasoning" is very different and doesn't mention the clear censorship in the initial prompt that the one I linked mentions.

gusmd commented on Trump wins presidency for second time   thehill.com/homenews/camp... · Posted by u/koolba
xp84 · 10 months ago
I also remember her endorsing an unrealized capital gains tax! The stupidest thing I've ever heard. "Hi, government here! We're going to have to ask you to (if necessary) sell this farm/land/house/boat so you can pay us 10% of its value this year. They tried to pretend this would "only" be for people worth over $100M but we know that line would start to come down especially once they noticed how little money that version would bring in, since people with that much money are the same set of people who can afford expensive lawyers to shelter their income and assets.

This destructive policy was the final straw and prevented me from voting for Harris. (I also didn't vote for Trump).

gusmd · 9 months ago
Property taxes work like that. People sometimes sell houses because they can't afford their property taxes when their assets increase in value substantially. Not saying I agree with that or not, but it is reality today.
gusmd commented on Amazon is bricking $2,350 Astro robots 10 months after release   arstechnica.com/gadgets/2... · Posted by u/elsewhen
lisper · a year ago
Discontinuing the product is one thing, but intentionally bricking the existing ones (and leaving it up to the former owners to dispose of the resulting e-waste) seems uncalled for to me.
gusmd · a year ago
They are taking the devices back for recycling.
gusmd commented on How to find the AWS account ID of any S3 bucket   tracebit.com/blog/2024/02... · Posted by u/tracebit
corytheboyd · 2 years ago
You only need the bucket name to do that. You should include a randomly generated prefix/suffix in bucket names to prevent against such enumeration attempts. Another good idea (as well as, not instead of) is to expose objects in buckets publicly with a non-default host name, such that the bucket name isn’t leaked at all.
gusmd · 2 years ago
Or, for read scenarios, putting a CloudFront distribution in front of the bucket!
gusmd commented on Building and operating a pretty big storage system called S3   allthingsdistributed.com/... · Posted by u/werner
anderspitman · 2 years ago
The things we could build if S3 specified a simple OAuth2-based protocol for delegating read/write access. The world needs an HTTP-based protocol for apps to access data on the user's behalf. Google Drive is the closest to this but it only has a single provider and other issues[0]. I'm sad remoteStorage never caught on. I really hope Solid does well but it feels too complex to me. My own take on the problem is https://gemdrive.io/, but it's mostly on hold while I'm focused on other parts of the self-hosting stack.

[0]: https://gdrivemusic.com/help

gusmd · 2 years ago
You can get close with a Cognito Identity Pool that exchanges your user's keys for AWS credentials associated with an IAM role that has access to the resources you want to read/write on their behalf. Pretty standard pattern.

https://docs.aws.amazon.com/cognito/latest/developerguide/co...

edit: I think I misread your comment. I understood it as your app wanting to delegate access to a user's data to the client, but it seems like you want the user to delegate access to their own data to your app? Different use-cases.

gusmd commented on DreamBerd is a perfect programming language   github.com/TodePond/Dream... · Posted by u/Davidbrcz
gusmd · 2 years ago
The best gem in all of it is this:

> You can make classes, but you can only ever make one instance of them. This shouldn't affect how most object-oriented programmers work.

This describes my experience with most OOP code very well.

u/gusmd

KarmaCake day530April 10, 2015
About
Hi, I'm an engineer.

Find me at augusto (dot) med (at) gmail

Opinions expressed are solely my own and do not express the views or opinions of my employer.

View Original