hash collision limitation for keys is the most questionable part of design. Usually thats handled by forcing key lookup to verify that what you looked up matches what you tried to lookup.
Resolving this perf hit is probably doable by having an extra table of conflicting hashes
Readit Newstarasglek commented on Lite^3, a JSON-compatible zero-copy serialization format github.com/fastserial/lit... · Posted by u/cryptonector
Minisign and Age entirely dodge the actually hardest problem with humans using cryptography, that PGP puts front and center: identity and public key discovery. You cannot just skip these!
If a human focused cryptography tool gives a user no way to know if they are encrypting to the correct public key of someone else, or no way to distinguish a real signature from one of an impersonator, then the tools failed to do their job.
Age is maybe useful for personal encryption use cases, but it is no way a replacement for all encryption use cases of PGP, especially between humans. Let alone signing and authentication which would be a prerequisite to do this safely.
I love that age lets one reuse ssh identities and thus identity sharing systems. The single most useful thing I ever wrote was a tool to sync github identities with age.
https://github.com/tarasglek/github-to-sops
This way you get git for change tracking on your secrets and who-has-access-to-secrets and key rotation and this can be trivially expanded to other forges.
Its easy to introduce age this way into any modern project whereas gpg would-ve been a non started on most teams I worked on.
disclaimer: this was mostly vibe-coded because I really did not want to work on this and wasnt sure if teammates would adopt it. Then it just worked, so stayed ugly inside
tarasglek commented on Why I love my Boox Palma e-reader minimal.bearblog.dev/why-... · Posted by u/pastel5
I still don't understand why this needs to run Android. If you're looking for a much simpler and much cheaper device ($70 vs $200-$300) I would recommend the xteink x4.
my $100 mobiscribe lets me read HN. I only read online on my eink devices. LCD is much less enjoyable
tarasglek commented on Show HN: Open-Source Voice AI Badge Powered by ESP32+WebRTC github.com/VapiAI/vapicon... · Posted by u/Sean-Der
To make it open source in the fullest sense one needs to document what youve done. This esp repo could use some details on what protocols the hardware speaks, sequence diagrams, auth, etc. I doubt you running webrtc on esp
tarasglek commented on Building the heap: racking 30 petabytes of hard drives for pretraining si.inc/posts/the-heap/... · Posted by u/nee1r
tarasglek commented on Building the heap: racking 30 petabytes of hard drives for pretraining si.inc/posts/the-heap/... · Posted by u/nee1r
i am still confused what their software stack is, they dont use ceph but bought netapp, so they use nfs?
tarasglek commented on Show HN: Open-sourcing our text-to-CAD app github.com/Adam-CAD/CADAM... · Posted by u/zachdive
It would be killer to be able to integrate this with 3d scans. Eg "make me a mount that hugs this shape" where you can draw both render the scan and mark it with a 2d paint tool
tarasglek commented on Show HN: Zeekstd – Rust Implementation of the ZSTD Seekable Format github.com/rorosen/zeekst... · Posted by u/rorosen
You can decompress a complete file with "zeekstd d seekable.zst".
Piping a seekable file for decompression via stdin isn't possible unfortunately. Decompression of seekable files requires to read the seek table first (which is usually at the end of the file) and eventually seek to the desired frame position, so zeekstd needs to able to seek the file.
If you want to decompress the complete file, you can use the regular zstd tool: "cat seekable.zst | zstd -d"
But you can probably tail -F quite well! Which is perfect for logs (eg gimme last day i can get grep through)
tarasglek commented on Focus and Context and LLMs taras.glek.net/posts/focu... · Posted by u/tarasglek
Context is all you need :-)
Indeed, that was my original working title