Aussie living in the San Francisco Bay Area.
Coding since 1998.
.NET Foundation member. C# fan
https://d.sb/
Mastodon: @dan@d.sb

  • 1 Post
  • 326 Comments
Joined 3 years ago
cake
Cake day: June 14th, 2023

help-circle

  • There’s some Chinese EVs in the USA - you can buy BYD busses, trucks and forklifts (we use BYD busses at work for transportation between buildings), and Waymo’s new van-looking cars are manufactured by Zeekr.

    The Polestar 4 and Volvo EX30 are also both built on a Chinese platform (Geely / Zeekr) but the US is OK with them since they’re partially manufactured in South Korea and partially in the USA at Volvo’s factories.

    The issue is that there’s huge tariffs, it’s hard to get Chinese cars approved to sell in the US, plus the US is still mostlyl holding on to the legacy dealership model. The Chinese cars are so much better and cheaper than US brands, but the US has to protect the dying legacy US brands.






  • This is good to know. I haven’t had issues with using a USB drive though, since it doesn’t receive many reads or writes - the system is copied to a RAM drive on boot and runs off that rather than the USB.

    I assume this means I’d need another drive to boot it from? My current setup is that I have 2 x 22TB drives in a ZFS mirror for data storage, and 2 x 2TB NVMe SSDs in a ZFS mirror for things like VMs, Docker containers, documents, etc.



  • Bitwarden’s the only “cloud-based” password manager I trust, since their entire stack is open-source.

    For self-hosting, they recently released Bitwarden Lite, which is a lot simpler to host than their regular server. One Docker image and you can use SQLite for the database. Different design decisions compared to the regular server which is designed to scale up to handle businesses with tens or hundreds of thousands of employees.

    There’s also Vaultwarden, which is an unofficial third-party server implementation.



  • Claude is very good at figuring out how to work around limitations (which is probably one reason why it’s also good at finding security issues).

    At work, the monorepo is enormous and files are loaded on-demand as needed. This isn’t uncommon with huge repos - Microsoft have VFS for Git (although I hear that’s deprecated now), Meta have EdenFS, and Google has some proprietary solution.

    We have a hook that blocks find and grep because they can be extremely slow, and tells it to instead use some significantly faster MCP tools to search the codebase, powered by a search index with local changes overlaid.

    GPT-5.5 has no problem with this. Claude Opus mostly does it, but sometimes it loves to find workarounds rather than following the instructions. Things like: Try alternative commands like egrep. Create a symlink to grep and run that to see if it bypasses the filtering. Run it with a different shell like zsh. Write a Python script that execs grep. Write a Python script to reimplement grep.

    I’m trying Hermes Agent at home, but I have it in its own VM with restricted permissions.





  • Does it use http or MQTT?

    Home Assistant uses HTTP for this. Realistically, you won’t see much difference between HTTP and MQTT for this use case.

    MQTT is harder to secure than HTTP, and has some limitations (eg it normally only supports username and password auth - no SSO, no 2FA) so I’d avoid it for anything public-facing unless you have a specific reason to use it. Using it via a VPN is fine, but you’d still need to configure a separate MQTT username and password per user.