More

billywhizz · 2025-12-31T03:13:32 1767150812

i played around with this a while back. you can see a demo here. it also lets you pull new WAL segments in and apply them to the current database. never got much time to go any further with it than this.

https://just.billywhizz.io/sqlite/demo/#https://raw.githubus...

billywhizz · 2025-12-29T21:50:09 1767045009

> We are just dumber than them.

you are, for sure.

billywhizz · 2025-12-11T21:27:40 1765488460

is it not obvious?

> These issues are present in the patches published last week.

> The patches published last week are vulnerable.

> If you already updated for the Critical Security Vulnerability, you will need to update again.

billywhizz · 2025-12-08T21:45:30 1765230330

the OP was specifically about jetstream so i guess you just didn't read it?

KaiserPro · 2025-12-08T22:19:01 1765232341

just imagine I'm claude,

smoke bomb

nickpeterson · 2025-12-15T13:31:15 1765805475

He Vanished!? Find him you fools!

billywhizz · 2025-12-04T20:47:06 1764881226

is this really the best use case you could come up with? says it all really if so.

billywhizz · 2025-09-08T19:49:47 1757360987

> When a package in the npm registry has established provenance, it does not guarantee the package has no malicious code. Instead, npm provenance provides a verifiable link to the package's source code and build instructions, which developers can then audit and determine whether to trust it or not

OptionOfT · 2025-09-08T21:06:43 1757365603

It prevents the npm publish from locally modified source code.

billywhizz · 2025-08-27T19:00:03 1756321203

if you want to look at existing implementations on top of kvm then these might be useful - rust-vmm is a core library for AWS' firecracker vmm.

https://github.com/rust-vmm/kvm https://github.com/kvmtool/kvmtool https://github.com/sysprog21/kvm-host

billywhizz · 2025-08-24T19:54:29 1756065269

yes. most folks don't seem to understand this. but, you can get something approaching such guarantees if you are able to limit yourself to something as (seemingly) simple as updating a ledger. this approach is used in a lot of places where high performance and strong consistency is needed (see e.g. LMAX disruptor for similar). https://tigerbeetle.com/

billywhizz · 2025-07-24T21:12:39 1753391559

i can't see how these numbers can be anywhere near correct (nor the ones above). in JavaScript on an old Core i5 the overhead of a simple ffi call is on the order of 5 nanoseconds. on a recent x64/arm64 cpu it's more like 2 nanoseconds.

you can verify this easily with Deno ffi which is pretty much optimal for JS runtimes. also, from everything i have seen and read, luajit should be even lower overhead than this.

you really shouldn't be asking chatgpt questions like this imo. these are facts, that need to be proven, not just vibes.

throwaway7783 · 2025-07-25T03:36:32 1753414592

I agree. was just following the parents pattern, to make it work for me :)

billywhizz · 2025-05-31T22:35:32 1748730932

is there anything good written up on this?

tptacek · 2025-05-31T23:55:05 1748735705

I don't think so? It's not complicated. Most LPEs get you the local kernel. The KVM security model assumes an untrusted local (guest) kernel. To compromise KVM, they either need to be fundamental architectural flaws (rare) or bugs in KVM itself (also rare).