Readit News logoReadit News
matsur commented on Show HN: Exponent, a collaborative AI programming agent   exponent.run/... · Posted by u/sthupukari
cdecarolis · 5 months ago
Seems interesting. I feel like cursor currently places too _much_ emphasis on AI tooling for how often I use it; and claude code, while nice; is vendor locked + has no UI. Seems like an interesting combo of the two.

Anyone have experience with it yet?

matsur · 5 months ago
I've used it quite a bit/have vibe coded quite a few "real" things with it in various languages. It's a really nice complement to Cursor-style and claude-code style interaction modalities.
matsur commented on Ask HN: Who is hiring? (March 2025)    · Posted by u/whoishiring
matsur · 6 months ago
Firetiger | Software Engineers (full-stack, ML, systems) | Full-time | ONSITE San Francisco

Join Firetiger to build a next-generation observability platform that:

1) Gives businesses customer-level visibility - You should see when your most important customers are having issues, not just system-level metrics

2) Makes observability affordable and secure with a Bring Your Own Cloud architecture - own your data, and scale up without billing surprises

3) Stores your data in an open format (Apache Iceberg) so you can join observability data with other business datasets, unlocking insights that siloed observability vendors can't provide

Learn more: https://firetiger.com, https://firetiger.notion.site

matsur commented on Cloudflare auto-mitigated world record 3.8 Tbps DDoS attack   blog.cloudflare.com/how-c... · Posted by u/beefman
theideaofcoffee · a year ago
Enh. I try to be positive in my comments as much as I can. Whenever the subject of DDoS mitigation by cloudflare comes up, and it seems like they're always tooting their own horn, I struggle to be impressed. By their own info, they have approximately 330 global locations [0]. 3800Gbps divided roughly (remember, anycast, and if their upstreams are well mixed, they're going to see pretty consistent splitting) equally across 330 locations is 'only' ~11.5 Gbps each location. I'm guessing within each PoP is more than a handful of machines dedicated to DDoS mitigation. So sure, they're doing computation on each bit of all of that, but it still doesn't seem all that significant. Toss half a cabinet at mitigation and continue on with your day. These capabilities are available at such commodity prices nowadays it's hardly worth the effort of a full page blog post.

And ok, I'll give some leeway in those numbers looking at the map on the linked page, 35% or so of source traffic is clustered over five countries so that distribution skews and some pops around those source countries are going to be hit harder than others. Still, maybe add an order of magnitude and I'll be a little less dismissive.

[0] https://www.cloudflare.com/network/

matsur · a year ago
The amount of work required to stand up 330 well connected locations and then operate infrastructure to filter traffic at that scale profitably is more than "tossing" cabinets at problems.

This is on the level of BrandonM's famous comment on Dropbox. https://news.ycombinator.com/item?id=9224

matsur commented on Show HN: I made a super-simple image CDN   magecdn.com/... · Posted by u/shubhamjain
matsur · a year ago
Congrats on the launch. A small nit re: your pricing: you're charging for data transfer (bytes transferred over a long period of time), not bandwidth (bits transmitted at a point in time).

Deleted Comment

matsur commented on Polyfill supply chain attack hits 100K+ sites   sansec.io/research/polyfi... · Posted by u/gnabgib
akira2501 · a year ago
> But not to increase cache hit rate (what CDNs were originally intended for)

Was it really cache hit rate of the client or cache hit rate against the backend?

matsur · a year ago
Both.
Posted by u/matsur a year ago
Anchor Brewing has been bought by billionaire behind Chobani. Here are his planssfchronicle.com/sf/articl...
matsur commented on Hacker confirms access through infostealer infection [withdrawn]   hudsonrock.com/blog/snowf... · Posted by u/zbangrec
aurum · a year ago
The article doesn't seem very consistent with the headline of "hundreds of breached customers"

1. The password for lift/okta is only allowing access to a servicenow portal and not customer accounts, so the refresh token issue seems restricted to the servicenow portal and unrelated to any actual customer data being exposed from customer Snowflake accounts

2. The screenshot with 10 corporate accounts compromised shows 4 different Snowflake account credentials (one of which appears to be a personal demo account) so that might explain up to 3 customers being compromised but there's no details showing other customers being compromised.

Assuming all of the SE's credentials were compromised for all of the customers they were working with, we can probably say the total customers compromised would be in the low double digits (each customer account would have had to provision access to the SE individually)

Big leap to say that literally the entirety of Snowflake's customer base is compromised from a "refresh token issue" (in the internal Okta portal) that isn't even linked to any customer Snowflake account

matsur · a year ago
Very possible there were creds etc accessible in Servicenow that could have been used to move laterally from there. Conjecture, obviously.
matsur commented on Timeline of the xz open source attack   research.swtch.com/xz-tim... · Posted by u/todsacerdoti
__float · a year ago
Where are the email addresses visible? I've also seen this a few times, but never the actual addresses.
matsur · a year ago
eg "Hans Jansen" is <hansjansen162@outlook.com>

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067708

matsur commented on Meta outage   metastatus.com/... · Posted by u/geocrasher
boring_twenties · 2 years ago
Beyond unbelievable that going on an hour later, they're still showing "incorrect password" errors. How many hundreds of millions of people have wasted time frantically trying (in vain) to reset their passwords and pointlessly freaking out that their account might be compromised? What a bunch of careless, incompetent excuses for engineers.
matsur · 2 years ago
Major outages are periods of intense stress and extremely difficult to operate in. The folks troubleshooting may be many things, but careless and incompetent are unlikely to be among them.
m

u/matsur

KarmaCake day915January 31, 2011
About
rusty@lalkaka.com and @lalkaka on twitter.

working on something new!

formerly VP product at cloudflare focused on networking (CDN, IP networking as a service) and analytics products. spire (yc w15) before that.

View Original