Felipe O. Carvalho

28.4K posts

Felipe O. Carvalho banner
Felipe O. Carvalho

Felipe O. Carvalho

@_Felipe

@ApacheArrow / Databases / Compilers. (past @SDFLabs, VoDa, @Spotify). Rust/C++/TLA⁺🇧🇷 → 🇸🇪 → 🌎 https://t.co/vxbdByfADI

Katılım Haziran 2008
2.4K Takip Edilen5.2K Takipçiler
Simon Willison
Simon Willison@simonw·
I still sometimes see people saying "if you know how to write the code, it's faster to write it yourself" I'd argue the exact opposite: if you know how to write it, you gain nothing from doing the typing yourself - outsource that to a coding agent!
English
55
29
420
16.9K
Keith Adams // Pebblebed
Keith Adams // Pebblebed@keithmadams·
Man, I hope Bjarne Stroustrup never finds out about some of the stuff I've done with my life. This blog post about me and C++ would be like 15x more withering; I never really grokked "concepts", for instance. Fun fact: people talk to each other. andrewkelley.me/post/my-though…
English
2
0
14
1.1K
@abdimoalim.bsky.social
@abdimoalim.bsky.social@abdimoalim_·
A lambda with no capture list can be converted to a function pointer, [](){} can be passed where a raw function pointer is expected but [x](){} cannot.
English
2
0
7
1.4K
Felipe O. Carvalho
Felipe O. Carvalho@_Felipe·
@ShriramKMurthi @JoePolitz Yep. Same idea. The trick is that since this is a security thing, the system should never produce or allow Macaroons with no caveats at all. e.g. the Macaroon should have at least the UserCaveat.
English
1
0
2
24
Felipe O. Carvalho
Felipe O. Carvalho@_Felipe·
Macaroons (2014) hasn’t been widely adopted as JWTs and I can see why. It requires programmers to start thinking about AuthZ in a very non-intuitive way. Each item in a Macaroon shrinks the set of allowed actions. More perms are “added” by not having caveats that forbid actions.
Felipe O. Carvalho tweet media
English
2
0
9
488
Felipe O. Carvalho
Felipe O. Carvalho@_Felipe·
@msimoni I've looked at it because it is cited by the Macaroon paper. It is like Macaroons in this aspect and is more complex because it aspires to be decentralized and based on asymmetric encryption. Macaroons are a central database + HMAC signatures based on a secret.
English
0
0
1
15
Manuel Simoni
Manuel Simoni@msimoni·
@_Felipe This is also how rights work in SPKI: #section-6.3.1" target="_blank" rel="nofollow noopener">datatracker.ietf.org/doc/html/rfc26… "additional elements of [an authorization tuple] must restrict the permission granted"
English
1
0
2
80
Felipe O. Carvalho
Felipe O. Carvalho@_Felipe·
@mgill25 @glcst Not as much as they should (my judgement) though. Talking about IRs with database people is like talking about alien technology.
English
1
0
1
53
Manish Gill
Manish Gill@mgill25·
@glcst Even databases drew lessons from it. Umbra IR is one such intermediate representation.
English
1
0
2
229
Glauber Costa
Glauber Costa@glcst·
LLVM is such a cool technology. Easy to miss the point: By having an intermediate representation of your program, you can very easily add new frontends. It allows improvements in one ecosystem to make all others better, and it allows for amazing experimentation because you don't start from scratch. Amazing tech. I wish more people would draw lessons from it.
English
6
3
100
6.9K
Felipe O. Carvalho
Felipe O. Carvalho@_Felipe·
C programmers finding, through LLMs, that there are higher level ways of telling the computer exactly what it should do.
English
7
2
75
5.6K
Felipe O. Carvalho
Felipe O. Carvalho@_Felipe·
@GergelyOrosz Grok, the model that is famous for undressing* women on X, not suitable for serious applications should not be a big surprise. * due to a deployment with no guardrails or thinking about consequences to vibes on this site
English
0
0
2
192
Darren Shepherd
Darren Shepherd@ibuildthecloud·
I swear, I just hate the TUI coding agents soooooo much. They are so ridiculously obnoxious and not at all what I want.
English
15
0
32
10.4K
Felipe O. Carvalho
Felipe O. Carvalho@_Felipe·
Nothing is more wasteful than reading an infographic posted on LinkedIn at this point.
English
1
0
17
1K
Felipe O. Carvalho
Felipe O. Carvalho@_Felipe·
We write more .md files now because we finally have someone or something reading them all the time.
English
0
0
22
862
Phil Eaton
Phil Eaton@eatonphil·
@yawaramin I do not see any connection between how someone pays the bill and how they organize their code or project. Ghostty seems like a well done project and I think others can aspire to its quality too.
English
3
0
35
2.3K
Phil Eaton
Phil Eaton@eatonphil·
I mostly see the Bun and Zig situation the same way Ray described, if you'd actually like to understand it. I would differ in not mentioning TigerBeetle as a Zig flagship because their standards are so strict, and so few teams could do this, and basically no other Zig teams do (including the Zig team themselves), that the fact that they use Zig basically doesn't matter. Ghostty is probably a better flagship to talk about if one must.
Frank@jedisct1

Zig Creator Calls Spade a Spade, Anthropic Blows Smoke raymyers.org/post/zed-creat…

English
8
13
257
61.2K
Felipe O. Carvalho
Felipe O. Carvalho@_Felipe·
Daniel Colascione@dcolascione

Uh.... is everyone just not talking about how modern NVMe drives keep a log of your daily activity and don't let you delete it? In 2017, NVMe 1.3 introduced a set-timestamp command to tell the drive on each power-up what real-world time it is. In 2019, NVMe 1.4 introduced the PEL (Persistent Event Log), a "flight recorder" inside the drive recording various management events, including power-on, power-off, and timestamp changes. Both Windows and Linux tell the drive the current time whenever your system starts. Consequently, inside the drive's firmware is a record of when machine was turned on. The log is a ring buffer with hundreds of entries. You can't erase it. By observing shifts in work intervals, an adversary can guess when you've traveled to a different time zone. nvme(1) (at least as of 2.16) mis-parses the nvme persistent-event-log output, BTW. Get the raw dump with -b and parse it yourself (or get your favorite LLM to do it). You'll find event types 0x3 (timestamp change) events intermingled with power-on and power-off events, providing all the information you need to correlate power-on clock with wall-clock time and discover when, calendar time, you were working and when you were asleep. Linux kernel really needs a way for the user to lie to the drive about real-world time. P.S. as a bonus, the drive also increments an indelible counter every time you *read* the log. LOL.

QME
0
0
1
35
Joseph Garvin
Joseph Garvin@joseph_h_garvin·
Computers should have odometers for all their resources. How many miles am I putting on this cpu/disk/etc?
English
3
1
13
929