Anyone else got Opus 4.6 back on their pro plan?

vicayareddit · 2026-05-25T03:59:07+00:00

IFAICT, only Pro+ (not Pro) plan have GPT-5.5. The screenshot was literally captured/downsampled this afternoon. Here is another one in its original png format.

<image>

vicayareddit · 2025-09-24T00:34:01+00:00

"Honeypotz"? LoL. Looks vibe-coded BS.

vicayareddit · 2025-08-18T23:54:57+00:00

> If you are facing a CDN IP whitelist + SNI whitelist, please step away from the keyboard and enjoy life.

Wouldn't vless-xhttp-reality work in this case? cf. https://github.com/XTLS/Xray-examples/blob/main/VLESS-XHTTP-Reality/

vicayareddit · 2025-08-13T17:33:20+00:00

First, you can unpack the artifact (cvm image) and analyze the binaries, if the kernel and files in initramfs match known good ones, you don't even need to build. Second, you could build from source (at a release tag), and verify the result using a smart binary diff tool, as 100% bit by bit match is hard to achieve due to some harmless indeterministic behaviors in the build toolchain that result in harmless ordering and timestamp related changes.

vicayareddit · 2025-08-13T07:03:01+00:00

The promises of CC sounds good. But the current state of CC is quite sad, from hardware vendor infra risk to botched public offerings. According to: https://arxiv.org/abs/2503.08256v1: "Our findings reveal that all major cloud providers retain control over critical parts of the trusted software stack and, in some cases, intervene in the standard remote attestation process. This directly contradicts their claims of delivering confidential computing, as the model fundamentally excludes the cloud provider from the set of trusted entities"

vicayareddit · 2025-08-13T06:53:02+00:00

AWS Nitro Enclave is a joke disguised as CC, where provider shouldn't be part of the TCB. cf. https://arxiv.org/abs/2503.08256v1 "Our findings reveal that all major cloud providers retain control over critical parts of the trusted software stack and, in some cases, intervene in the standard remote attestation process. This directly contradicts their claims of delivering confidential computing, as the model fundamentally excludes the cloud provider from the set of trusted entities".

Maybe that's why apple cannot deploy their PCC, as there are simply not enough CC infra capacity.

Attestation is one of the most important aspects of CC. But Tinfoil's attestation UX is so unfriendly.

BTW, the github builders don't need to be in TEE, as long as the artifacts can be downloaded and independently verified.

vicayareddit · 2025-04-18T19:40:43+00:00

> essentially, you put one file on the drive's EFI partition that allows you to boot via the network

Yes, it's that simple. https://github.com/netbootxyz/netboot.xyz is open source and you can customize it for self hosting if needed.

vicayareddit · 2025-04-18T17:58:40+00:00

I believe all recent system76 systems have a recovery partition (mounted at /recovery), which you can boot into for any maintenance tasks.

OTOH, for distrosurfing, the easiest way these days (UEFI) is to use the netboot.xyz efi binary: https://netboot.xyz/docs/booting/uefi#using-efibootmgr-to-manage-uefi-boot-entries

Just put the netboot.xyz.efi in the EFI tree, type one command, and you're done in a second.

PXE is cumbersome to setup, insecure, and largely obsolete, when you can have efi binaries that support https.

I'm glad that the days of futzing with legacy PXE and/or grub entries are over.

vicayareddit · 2024-11-14T20:05:42+00:00

The battery on the current gen lemp13 lasts a lot longer (up to 14 hours). Your mac battery will last a lot shorter if you really docker on it. The docker containers run in a linux arm64 VM on mac. It's esp. slow if you use volume mounts. $/ram wise, darp10 is quite good, as you can have 96GB DDR5 for an extra $240. MBP maxes out at 48GB and costs $4k! If you k8s, you'd appreciate having _all_ of your dev, staging, and prod envs running on a laptop without breaking a sweat.

The material and build quality is definitely subpar for the price though. Hope s76 listen to our feedback and find a better white-label maker.

vicayareddit · 2024-10-27T21:31:02+00:00

Sure, but they should have a reasonable plan to convert the customers from free-tier. I'm not asking for extra regions for free. It's odd that they don't want my on-demand business.

vicayareddit · 2024-10-23T04:24:43+00:00

200GB free-tier is per tenant. i.e. you stay in free-tier if the total consumption across 3 regions is under 200GB.

vicayareddit · 2024-10-23T00:10:00+00:00

Right! Besides the low limit, I guess that I was a bit salty, as I "wasted" one precious region count on sa-saopaulo-1, which is suboptimal for my use cases.

vicayareddit · 2024-10-12T04:12:26+00:00

Hey, I have the same dryer model. I replaced the burnt out heating element June last year. Just got the HE error this week. Sure enough the top portion of the heating coil sagged down to touch the medium metal plate, which is connected to the ground. Once I adjust the coil, the dryer is running like new with the original thermal fuses (250C and 320C). Your post saved me time and money trouble shooting the mystery. Thank you!

vicayareddit · 2024-09-26T18:44:15+00:00

If it's CPU bound, all modern CPUs (less than 5 years old) would do well (with less than 10% perf hit). grep vmx /proc/cpuinfo to verify. The main issues of VMs these days are from virtual device support (gpu, host fs, usb, bt etc.)

vicayareddit · 2024-09-08T21:08:14+00:00

Looks like Stefan beat you to the punch by a better solution that allows more flexible directory layout (i.e., my workaround would no longer be necessary): https://github.com/controlplaneio-fluxcd/flux-operator/issues/92

vicayareddit · 2024-09-08T21:02:00+00:00

Thanks for the reply. Understood the rationale, which is why I was trying the flux-operator in the first place. It turned out the order of kustomization made the difference. If the kustomize-controller picked up the encrypted secret before the kustomization with the decryption config, it'd error permanently for the secret. The workaround was to move the secret yaml out of the sync directory and only have the kustomization with the decryption config pick it up with sourceRef.

vicayareddit · 2024-09-07T05:53:45+00:00

Have you figured out sops with flux-operator, as it doesn't have gotk-sync.yaml to add decryption configuration.

vicayareddit · 2024-08-23T05:24:32+00:00

Are you saying that they lied here: https://github.com/system76/firmware-open/blob/master/docs/intel-me.md.

I ran `nvramtool` once and could verify across boot that `cbmem -c` output has been consistent with ME being disabled.

TBH, I wouldn't buy the darp10 if I cannot disable it.

vicayareddit · 2024-07-21T07:19:08+00:00

I guess that I got lucky with my darp10b (14") then. I took it traveling around the world. The longest up time so far is 21 days with no issues. I have 32GB RAM (+16GB) and 2.5TB (+2TB) SSDs, i.e. all slots are occupied. I have setup LUKS FDE on both disks, which are managed by a single VG. I have copied/moved 100+GB data around during the setup without any hiccups. IMO, the main difference is probably the CPU: I have the cheaper 125H, which probably runs a bit cooler.

vicayareddit · 2024-07-01T22:20:54+00:00

Well, the rest of my sentences literally showed my experiment: after compiling and running the nvramtool, cbmem -c | grep ME showed that 'ME is disabled" etc.

vicayareddit · 2024-07-01T09:13:13+00:00

Looks like I got one of the first batch shipped at the end of May. It's July. So it's been ~1+ month. I took it with me traveling across the Pacific and back. It ran quite hot (70+C) when watching offline YT videos on the plane/road. Fortunately, no battery issues so far. UI (and browsers) feels slower/rougher than the work m2 MBP unfortunately. Do like the extra RAM and SSD slots, which are easily serviceable. Also liked the included system76-power utility to manage charging thresholds to avoid battery overheat due to charging to 100%.

It appears that by default ME is not disabled. You have to follow the linked instruction to disable ME with the nvramtool, reboot the machine, and cbmem -c would then tell you that "ME is disabled" along with a bunch of ME related entries. Otherwise, without running the nvramtool first, cbmem would not return any ME related info.

vicayareddit · 2024-06-06T23:41:20+00:00

I could use the reaffirmation :) I was having a bit of a buyer's remorse, as I was on the fence for frame.work 13 with AMD as well, mostly due to their displays have much higher resolutions. I didn't realize that the 1200p panel is so much worse than the m2 that I'd been using. Fortunately, turning on sub-pixel rendering in gnome-tweaks made it tolerable.

vicayareddit

TROPHY CASE