Readit News logoReadit News
m3047 commented on When internal hostnames are leaked to the clown   rachelbythebay.com/w/2026... · Posted by u/zdw
m3047 · 4 days ago
This is exactly why I have a number of "appliances" which never get clown updates: have addresses in a subnet I block at the segment edge, have DNS which never answers, and there are a few entries in the "DNS firewall" [0] (RPZ) which mostly serve as canaries.

This is the problem with the notion that "in the name of securitah IoT devices should phone home for updates": nobody said "...and map my network in the name of security"

[0] Don't confuse this with Rachel's honeypot wildcarding *.nothing-special.whatever.example.com for external use.

m3047 commented on When internal hostnames are leaked to the clown   rachelbythebay.com/w/2026... · Posted by u/zdw
jerf · 4 days ago
DNS naming rules for non-Unicode are letters, numbers, and hyphens only, and the hyphens can't start or stop the domain. Unicode is implemented on top of that through punycode. It's possible a series of bugs would allow you to punycode some sort of injection character through into something but it would require a chain of faulty software. Not an impossibly long chain of faulty software by any means, but a chain rather than just a single vulnerability. Punycode encoders are supposed leave ASCII characters as ASCII characters, which means ASCII characters illegal in DNS can't be made legal by punycoding them legally. I checked the spec and I don't see anything for a decoder rejecting something that jams one in, but I also can't tell if it's even possible to encode a normal ASCII character; it's a very complicated spec. Things that receive that domain ought to reject it, if it is possible to encode it. And then it still has to end up somewhere vulnerable after that.
m3047 · 4 days ago
Rules are just rules. You can put things in a domain name which don't work as hostnames. Really the only place this is enforced by policy is at the public registrar level. Only place I've run into it at the code level is in a SCADA platform blocking a CNAME record (which followed "legal" hostname rules) pointing to something which didn't. The platform uses jython / python2 as its scripting layer; it's java; it's a special real-time java: plenty of places to look for what goes wrong, I didn't bother.

People should know that they should treat the contents of their logs as unsanitized data... right? A decade ago I actually looked at this in the context of a (commercial) passive DNS, and it appeared that most of the stuff which wasn't a "valid" hostname was filtered before it went to the customers.

m3047 commented on Rev up the viral factories   science.org/content/blog-... · Posted by u/etiam
m3047 · 7 days ago
Intracellular viral particle factories in a particular class of viral families.
m3047 commented on Aging muscle stem cells shift from rapid repair to long-term survival   phys.org/news/2026-01-spr... · Posted by u/bikenaga
m3047 · 8 days ago
There's some rather woo woo stuff out there about an evolutionarily conserved mechanism for intercellular signaling as a danger response which involves the mitochondria shifting their metabolism to help cells repel invaders, but which also interferes with the cells' normal activity. TLDR: if there's chronic inflammation cells go into this mode but never get the "all clear". Could this be the qi? Pun intended. It's just anecdata, haven't spent any time looking into it per se.

Stumbled onto this because I've been using TCM (in consultation with an herbalist) for blood pressure, relatively successfully, for a couple of years. Of course they didn't have blood pressure cuffs in the Ming or Han dynasties, so we're not really treating blood pressure... Researching astragalus and di huang is what led me to it.

m3047 commented on My Mom and Dr. DeepSeek (2025)   restofworld.org/2025/ai-c... · Posted by u/kieto
tedggh · 11 days ago
My experience with doctors in the US is that they often not only give you contradictory advice but just bad plain advice with complete lack of common sense. It feels like they are regurgitating medical school textbooks without a context window. I truly believe doctors, most specialists and definitely all general practitioners, are easily replaceable with the tech we have today. The only obstacle is regulations, insurance and not being able to sue a LLM. But it is not a technical issue anymore. Doctors would only be necessary to perform more complicated procedures such as surgery, and that’s until we can fully automate it with robots. Most of the complicated medical issues I have had, some related to the immune system, were solved by myself by seeing them as engineering problems, by debugging my own body. Meanwhile doctors seeing me had no clue. And this was before having the tools we have today. It’s like doctors often cannot think beyond the box and focus only in treating symptoms. My sister is a doctor by the way and she suffers from the same one-size-fits-all approach to medicine.
m3047 · 10 days ago
Yeah it's bad. That doesn't mean it's necessarily uniformly bad. But if it's bad where you are, yeah it's bad.

You can see multiple doctors (among the ones you're allowed to see by your insurance). The doctors are all in an echo chamber which reinforces their thinking. Their cognitive load and goal seeking is burdened by what they can determine they can bill insurance for (there is still no price transparency). You don't have a "regular" / primary care physician because they rotate through the provider network constantly.

Symptoms which don't fit the diagnosis are ignored / dealt with by deflecting that you should "see your regular physician". "Stare decisis" rules the second opinion. In their minds they believe they have no place to write down e.g. drug interactions with things which they didn't prescribe and don't believe in (the one time I got a call from quality control working for the umbrella organization I utilized this as an example of why I was looking for a different doctor and the QA person, who was, they said, a licensed nurse, said "they can add that to the record, I'll do it right now").

You might get fired as a patient for passing out or having a seizure during a blood draw, hard to say whether that's because they failed to follow SOP and call the meatwagon or because you upset staff by acting unusually. You might get into a conversation with a physician which goes strange and they end up telling you that their clinic gets health inspections like a restaurant... they don't. There's a "wet work" inspection (just like a butcher shop) before occupancy is allowed, but there's no posted inspection report because... there is no inspection! But there's more. There are relatively "safe" and common procedures which still have ooopsies and people end up in the hospital or die. The hospitalization rate might be 1:5000 and the death rate 1:100000 but if you do a million of these there are going to be a few. If the procedure took place in a clinic it's supposed to be reported, and the reports are public record; but surprise surprise, the reported rates for serious complications are far far below what the actuarial tables show.

If you're seeing constellations of incidents similar to these, you need to get a second opinion from somewhere / somebody who is not caught up in that particular bubble. It can be very hard to see what's happening, and also to find a measurable proxy for "in / not in the bubble".

m3047 commented on Ode to the AA Battery   jeffgeerling.com/blog/202... · Posted by u/Brajeshwar
m3047 · 10 days ago
Ahh the Sony Walkman. Yes, still useful. I bought one specifically for the AM radio, I use it in conjunction with a radio frequency generator (so old it uses vacuum tubes) to trace wires. Had to tape gauze over the headphones, the foam is long gone.
m3047 commented on What came first: the CNAME or the A record?   blog.cloudflare.com/cname... · Posted by u/linolevan
sebastianmestre · 21 days ago
I kind of wish they start sending records in randomized order to take out all the broken implementations that depend on such a fragile property
m3047 · 21 days ago
That would be a Flag Day initiative. ;-)

Honestly, it shouldn't matter. Anybody who's using a stub resolver where this matters, where /anything/ matters really, should be running their own local caching / recursing resolver. These oftentimes have options for e.g. ordering things for various reasons.

m3047 commented on What came first: the CNAME or the A record?   blog.cloudflare.com/cname... · Posted by u/linolevan
m3047 · 21 days ago
DNS is a wire protocol, payload specification, and application protocol. For all of that, I personally wonder whether its enduring success isn't that it's remarkably underspecified when you get to the corner cases.

There's also so much of it, and it mostly works, most of the time. This creates a hysteresis loop in human judgement of efficacy: even a blind chicken gets corn if it's standing in it. Cisco bought cisco., but (a decade ago, when I had access to the firehose) on any given day belkin. would be in the top 10 TLDs if you looked at the NXDOMAIN traffic. Clients don't opportunistically try TCP (which they shouldn't, according to the specification...), but we have DoT (...but should in practice). My ISPs reverse DNS implementation is so bad that qname minimization breaks... but "nobody should be using qname minimization for reverse DNS", and "Spamhaus is breaking the law by casting shades at qname minimization".

"4096 ought to be enough for anybody" (no, frags are bad. see TCP above). There is only ever one request in a TCP connection... hey, what are these two bytes which are in front of the payload in my TCP connection? People who want to believe that their proprietary headers will be preserved if they forward an application protocol through an arbitrary number of intermediate proxy / forwarders (because that's way easier than running real DNS at the segment edge and logging client information at the application level).

Tangential, but: "But there's more to it, because people doing these things typically describe how it works for them (not how it doesn't work) and onlookers who don't pay close attention conclude "it works"." http://consulting.m3047.net/dubai-letters/dnstap-vs-pcap.htm...

m3047 commented on More sustainable epoxy thanks to phosphorus   empa.ch/web/s604/flamm-he... · Posted by u/JeanKage
HardCodedBias · 22 days ago
when I hear of industrial uses of phosphorus my ears prick up since phosphorus is a key limiting factor for life.

A world where this actually became industrially very successful combined with a lack of recycling could potentially add large new sink for phosphorus.

In general, be careful when creating a process which locks meaningful amount of phosphorus out of the biosphere.

m3047 · 22 days ago
> industrial uses of phosphorus

There seems to be a memory hole about what follows. Probably not the "key limiting factor for life" you had in mind.

There have been various incidents where soldiers or people generally in third world countries have developed neurological diseases when machine oil contaminates (or is mistaken for) cooking oil. This isn't new, it's been happening for 100 years. There have also been cases of pilots becoming, or allegedly becoming, disabled due to inhalation of jet engine lubricants which find their way into the cabin air supply (passengers are notably not mentioned in most reporting).

Although intentional use of the more toxic compounds is generally avoided, machine oils are subjected to harsh environments and compounds can change, new compounds created. Kind of like dioxin contamination in herbicides, I don't see much evidence that oil additives are rigorously tested for unusually toxic compounds incidentally occurring during the manufacturing process.

I'm glad they're burning that shit under an exhaust hood in the picture in the article, hope it's turned on!

Apropos the memory hole remark above, here are some articles I found briefly looking around although none of them were ones I remember previously seeing / reading (such as the "famous" case of the British machinegunners in North Africa).

https://en.wikipedia.org/wiki/Oil_soldiers

https://en.wikipedia.org/wiki/Organophosphate_poisoning

https://www.machinerylubrication.com/Read/30448/know-lubrica...

https://www.researchgate.net/publication/11254977_The_Toxici...

m3047 commented on No knives, only cook knives   kellykozakandjoshdonald.s... · Posted by u/firloop
giorgioz · 22 days ago
Guys guys please. Adamantium knives or get the hell out of my kitchen!
m3047 · 22 days ago
https://en.wikipedia.org/wiki/Adam_Ant
m

u/m3047

KarmaCake day684November 2, 2019
About
Internet Plumber, Data Sous Chef, Python Ninja

https://github.com/m3047/

    ...or...
hackernews3047as@m3047.net

meet.hn/city/us-Tacoma

Socials:

- github.com/m3047

---

View Original