Readit News logoReadit News
uriah commented on Breaking into apartment buildings in five minutes on my phone   ericdaigle.ca/posts/break... · Posted by u/ChrisArchitect
jorts · a year ago
I’m comfortable doing mechanical work and when my Honda Fit said I had to remove a shitload of parts just to replace a spark plug I said fuck it and traded it in.
uriah · a year ago
I've had a knee-jerk reaction to that job too. But realistically optimizing spark plug changes isn't really important like the old days where you needed to change them every 10k miles or less. It's maybe 2-3 times in the entire life of the car.

Removing the wipers and windshield cowl is generally easy, just takes some extra time. Dealers/mechanics charge for time, not difficulty. So that simple 2hr job can easily be 500-600+. Still something that could be a rewarding Saturday morning project for someone who likes doing DIY type stuff.

uriah commented on Caddy – The Ultimate Server with Automatic HTTPS   caddyserver.com/... · Posted by u/huang_chung
justin_oaks · a year ago
I was checking into using Caddy for new projects instead of NGINX or Apache HTTPD, but my new projects require OAuth2/OIDC authentication. It seems there's not built-in support for that kind of thing. There's the caddy-security plugin, but people online have been saying it has disclosed security vulnerabilities that aren't being fixed.

Are you using caddy-security? Or is there a better alternative?

uriah · a year ago
With nginx I'm assuming you would use something like Vouch or oauth2-proxy? Something like the architecture described here:

https://github.com/vouch/vouch-proxy?tab=readme-ov-file#what...

Can't speak for caddy-security, but the forward_auth feature is the caddy equivalent to nginx's auth_request

uriah commented on ML in Go with a Python Sidecar   eli.thegreenplace.net/202... · Posted by u/zdw
daniel-thompson · a year ago
> Completely bespoke models are typically trained in Python using tools like TensorFlow, JAX or PyTorch that don't have real non-Python alternatives

The article outlines some interesting ways to evade this problem. What's the latest thinking on robustly addressing it, e.g. are there any approaches for executing inference on a tf or pytorch model from within a golang process, no sidecar required?

uriah · a year ago
These frameworks are C++ under the hood. A far as I know (not too experienced with go) you can use cgo to call any C++ code. So you should be able to serialize the model (torchscript) then run it with libtorch. Tensorflow also similarly has a C++ api
uriah commented on M4 MacBook Pro   apple.com/newsroom/2024/1... · Posted by u/tosh
daveisfera · a year ago
Once they get a MacBook Air with an M4, it will become a viable option for developers and other users that want/need 2 external monitors. Definitely looking forward to that happening.
uriah · a year ago
The M3 Air does support 2 but only with the lid closed
uriah commented on Fuckthis.app – Software products for exasperated people   justin.searls.co/shots/20... · Posted by u/craigkerstiens
morpheuskafka · a year ago
> My favorite example is expense-tracking software.

> some angel investor . . . said, "what if we issued our own credit cards and then kept all the swipe fees for ourselves?" [in lieu of a monthly fee]

> employees were strong-armed into . . . those corporate cards . . . even if it meant losing out on literal thousands of dollars in cash back and rewards from their personal cards

So the employee should be able to benefit from allocating the company's spending to their card's swipe fees (where said rewards come from), but it's wrong when the company itself wants to benefit from the swipe fees on the transactions that they are actually paying for (via discounted expense software)?

uriah · a year ago
It would be one thing if they were paying for the transactions directly. Companies with this arrangement make you get a "corporate card" under your own name which shows up on your personal credit report. I've had to pay off the card myself (and get reimbursed later) because the company was nearing 30 days late processing expense reports due to turnover/incompetence.
uriah commented on Ask HN: Why is Pave legal?    · Posted by u/nowyoudont
wing-_-nuts · 2 years ago
If they want my info, they can ask me. I would rather them not have this info before an offer is made.
uriah · 2 years ago
That's normally how it goes. At least, I've always had the background check happen after an offer is signed. It's usually a separate company and they just report back whether your job titles/employment dates match your resume
uriah commented on Ask HN: Why is Pave legal?    · Posted by u/nowyoudont
wing-_-nuts · 2 years ago
I downloaded a personal report from the work number website and found to my horror that my employer was reporting every. single. paystub. gross and net, to equifax.

That felt like a huge breach of privacy. Given that equifax had already proven incompetent at keeping my data secure, I immediately sent HR a request to stop sending my supposedly 'confidential' pay info. They politely told me to kick rocks, so I went on TWN's website and froze that report so no one would be able to request it, and it will be a cold day in hell before I thaw it.

uriah · 2 years ago
Many if not most companies outsource employment verification to The Work Number. When you get a new job, a frozen report will complicate your background check.

They don't give out salary info in employment checks though. AFAIK they require your explicit permission except for government agencies who use it to verify your eligibility for benefits. I would be surprised if they are not selling aggregate salary data though

uriah commented on KeePassXC Debian maintainer has removed all network features   fosstodon.org/@keepassxc/... · Posted by u/CuriousIndian
Dah00n · 2 years ago
They are not "features that are turned off by default" but plugins that are now actually plugins and not built-in features that are turned off. Why on earth would they include plugins that aren't plugged in as a default?

How anyone could see a smaller attack surface as a bad thing on HN baffles the mind. Could he have made a -minimal version? Sure, but the default version should be the clean, secure, without plugins version so he did the right thing.

uriah · 2 years ago
Compile-time flags are by definition not plugins. All optional features were removed indiscriminately.
uriah commented on California could ban Clear, which lets travelers skip TSA lines   cbsnews.com/news/airport-... · Posted by u/lxm
fifteenforty · 2 years ago
Clear exists because the TSA have made life bad for everyone.

Economy class passengers in Australia have a better experience than Clear passengers in the USA and don't have to pay extra for it.

uriah · 2 years ago
Clear doesn't let you skip TSA screening, it let's you skip the ID check before the screening. Clear verifies your identity instead.

You're probably thinking of TSA precheck which is a more streamlined screening you pay extra for.

uriah commented on Ask HN: Those who have recently undertaken a job hunt, what was your experience?    · Posted by u/icdtea
spuzz · 2 years ago
IDK about this guy, maybe just trolling, but when I was hiring I realized you can really tell from indirect information. Name and college name will give you a real strong guess.

It was weird because I was just trying to avoid h1-b applicants since I was told we weren't doing that, but I quickly realized that I was optimizing against indian people and also that taking bias out of the hiring process is a lie that HR tells itself for legal liability reasons.

uriah · 2 years ago
Yeah, you can’t really filter based on resume without risking legal liability. There are plenty of people who look like they would need a visa sponsorship but don’t necessarily (e.g. spouses of H1B or green card holders)
u

u/uriah

KarmaCake day76August 30, 2011View Original