Hacker News new | past | comments | ask | show | jobs | submit | marcopolo's comments login

https://abseil.io/about/design/swisstables I found more useful in explaining the details of Swiss Tables.

Also of note: - Go's Swiss Table implementation is inspired by Cockroachdb's Swiss Table implementation which is inspired by Google's Abseil Swiss Table.


Masking in the WebSocket protocol is kind of a funny and sad fix to the problem of intermediaries trying to be smart and helpful, but failing miserably.

The linked section of the RFC is worth the read: https://www.rfc-editor.org/rfc/rfc6455#section-10.3


How is this a problem of WebSockets and not HTTP in general?

The RFC has a link to a document describing the attack, but the link is broken.


Sure you can. The bool is a signal telling the thing yielding values to stop.


This looks great. Meta question, does Safari enforce the privacy policy of extensions in anyway? Besides trusting that this doesn’t leak any data, is there another mechanism that guarantees this?


Nope I couldn’t go more granular with the permissions!

I would have loved to. I would like the Web extension API to be less locked down with more fine grained permissions.

I can and will put more details into the privacy policy after the Christmas celebrations!


You may be interested in Nix. It can track all the dependencies of your project. So you d an copy them to a server, or Tarball them, or just run them with Nix on the server. It also has a nice property that you only ship what is necessary, since it keeps track of all dependencies.


I too am surprised with the amount of negative feedback. This isn't a post about locking you into AWS. Pulumi, Terraform, and friends are tools that work across cloud providers, and even your own infrastructure.

The real meat of this argument is that in the future DevOps won't be managing infrastructure to hand off to application developers. It will be creating meta programs that are designed to be used by application developers to let them build their own infra securely and reliably. This is what the `awsx` package in pulumi is. A predefined set of best practices that can be used by the application developer to create.

As someone who's worked as various stages of sysadmin throughout the past 10 years, I see this (pulumi-like) as the future. And I agree with the article in general.


"The reference-types proposal is now supported. It provides a new type, externref, which can hold any JavaScript value, for example strings, DOM references, or objects."

This is exciting! It opens up faster possibilities for wasm apps


Cryptic.io Founder here, SSL is far from perfect, and the recommended practices really should be standard. Especially if they want us to trust them with our personal files. But thank you EFF for putting pressure. (mini-plug: if you want a completely encrypted solution checkout https://cryptic.io)


Yes! It's using the excellent Stanford Javascript Crypto Library. Source here: https://github.com/cryptic-io/web


Thanks! It's been open sourced since conception, here's the repo: https://github.com/cryptic-io/web. We choose a website because it has the smallest barrier of entry. We are planning on releasing a browser extension that would verify the code on the website against the open source repo to prevent tampering. We are planning on making a native app in the future as well.


Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: