What are the most upvoted users of Hacker News commenting on? Powered by the /leaders top 50 and updated every thirty minutes. Made by @jamespotterdev.
Code isn't going anywhere. Code is multiple orders of magnitude cheaper and faster than an LLM for the same task, and that gap is likely to widen rather than contract because the bigger the AI gets the sillier it gets to use it to do something code could have done.
Compare the actual operations done for code to add 10 8-digit numbers to an LLM on the same task. Heck, I'll even say, forget the possibility the LLM may be wrong. Just compare the computational resources deployed. How many FLOPS for the code-based addition? How many for the LLM? That's a worst-case scenario in some ways but it also gives you a good sense of what is going on.
Humans may stop looking at it but it's not going anywhere.
This lens
https://7artisans.store/products/50mm-f1-05
is a fantastic wide aperture lens which is commercially available, affordable and a great value. Personally I tend to get bored if I am walking around with a 50mm lens but with that lens, the challenge of manual focus, the ability to take photos with hardly any light, and the ability to take dreamy photos like people have never seen I have so much fun. They make it for all the major camera brands.
Overall I am impressed with Chinese lens manufacturers who make other lenses like
https://www.venuslens.net/product/laowa-9mm-f-5-6-ff-rl/
which again are a great value and let me take pictures you haven't seen before.
AI being what it is, at this point you might be able to ask it for a token to put in a web page at .well-known, put it in as requested, and let it see it, and that might actually just work without it being officially built in.
I suggest that because I know for sure the models can hit the web; I don't know about their ability to do DNS TXT records as I've never tried. If they can then that might also just work, right now.
Back in the 80s, Zortech was located in London while I lived in the Seattle area. International phone calls were too expensive, so we would communicate by fax. Late at night, sending a fax cost about a dollar a page. (No email then.)
An unanticipated result is I have a record of our conversations, which would have all been lost if it was phone calls.
It will work great in Spain! /s
Idk but ironically, I had to re-read the first part of GP's comment three times, wondering WTF they're implying a mistake, before I noticed it's the car wash, not the car, that's 50 meters away.
I'd say it's a very human mistake to make.
Or JLPT N2. Which is quite difficult - approx 4000 words and 1000 kanji. That's several years of learning for all but the most proficient.
(The scale starts at N5 and lower numbers are harder)
my answer which seems to be increasingly unpopular is: "depression kills. attack it with all the tools available. see your pri care doc for an SSRI and be willing to work with them with dosage and medication for effectiveness and comfort. exercise, preferably exercise a lot. try the talking cure. go to church or something like that."
a lot of people have problems with some of those things and in that case do all the others. like personally i find it hard to not get exercise, i can't get it how people hate going to the gym, but i know a lot of people find it hard.
Yep, that is exactly what happens. It's a disgrace that their models aren't open, after training on everything humanity has preserved.
They should at least release the weights of their old/deprecated models, but no, that would be losing money.
I've been running this on my laptop with the Unsloth 20.9GB GGUF in LM Studio: https://huggingface.co/unsloth/Qwen3.6-35B-A3B-GGUF/blob/mai...
It drew a better pelican riding a bicycle than Opus 4.7 did! https://simonwillison.net/2026/Apr/16/qwen-beats-opus/
It doesn't matter how many can run it now, it's about freedom. Having a large open weights model available allows you to do things you can't do with closed models.
Not your money.
At least this furthers humanity's scientific and technological knowledge, whether it fails or succeeds, unlike most other things people would do with that money, like buy a house to flip it, or buy a car, or sth.
This is a neat trick that people have been doing with Yubikeys for a long time, but from an operational security perspective, if you have a fleet rather than just a couple of hosts, the win is only marginal vs. short-lived keys, certificates, and a phishing-proof IdP.
The reason AWS does that is because there is a lot of base level work to verify you as "not a spammer" and to keep verifying you. So this is their way of making sure you pay the base cost.
They could price per use, but it would have to start with a base fee that is about the same at 10,000 emails.
Supposedly (https://www.reddit.com/r/ClaudeAI/comments/1seune4/claude_ch...) they can't even see their own reasoning afterwards.
Pretty sure all partial offload systems I’ve seen work by layers, but there might be something else out there.
Me too. It had me genuinely wondering if the Brits have their own version of April Fools in the middle of the month.
Forget the AI -- I'm just as shocked to see that shares went from $500+ in 2021 to below $3 this year. That's insane. I had to verify it's actually real.
I thought this was just a normal shoe company that had invented a cool look with some good branding.
It's a crazy crowded space. Any entry into this field looks like a "me too" product driven by FOMO instead of being motivated by (a) serving customer needs, (b) serving social needs, or (c) making money. (All of which are fine with me) It will get 0.5% market share -- and I'm supposed to get excited?
If you lived in New York City you might think there are Duane Reades coast-to-coast but there are not. If you are based in the Bay Area you see billboards that are very different from anywhere else. I'd say the viewpoint is a lot like this famous artwork
https://en.wikipedia.org/wiki/View_of_the_World_from_9th_Ave...
but maybe instead of the rest of the US being 1/5 of the vertical space it is 1/25 of the vertical space. Problem is most customers do not live in the bay area and most web browser users do not live in the bay area and most web developers do not live in the bay area. Based in the Bay Area they can hop in their cars and drive the longest 40 miles in America to get to Google and Facebook's headquarters so Mozilla is talking to those people all the time and not talking to the rest of us.
We don't get costly signalling to show they care about the rest of us, we don't even get cheap talk.
They probably think René Girard is deep because they are surrounded by people who think René Girard is deep. If Mozilla wants to be relevant and not just an also-ran it needs to "think different" like the other 99.9% -- it's not that hard if you change your location.
Really the EU needs to apologize for those damned cookie popups and invest in a privacy-first browser. Whether that is "fully fund Firefox" or "fully a fund a Firefox fork" or pick up another browser engine or start a new one.
I see the warning lights flashing: a few years back web sites that didn't work with Firefox were few and far between, this weekend I bought tickets for a comic book convention and they took my money but didn't give me a ticket because the site didn't work with Firefox. I use Firefox as my daily driver so all the projects that I work on work with Firefox; the rest of my team doesn't give a damn and if you lose me another site will become Chrome-only.
That's not really how datacenter power works. It's usually a bulk buy with a 95th percentile usage.
Wait what? Opus 4.6 currently has a 3x multiplier and Opus 4.7 does not require more compute.
I'm finding the "adaptive thinking" thing very confusing, especially having written code against the previous thinking budget / thinking effort / etc modes: https://platform.claude.com/docs/en/build-with-claude/adapti...
Also notable: 4.7 now defaults to NOT including a human-readable reasoning token summary in the output, you have to add "display": "summarized" to get that: https://platform.claude.com/docs/en/build-with-claude/adapti...
(Still trying to get a decent pelican out of this one but the new thinking stuff is tripping me up.)
They could, in theory, have contracts that say the AI can't fire them.
> It has barely hit 50% and it's already plateauing.
Is it plateauing? From the chart it doesn't look that way at all to me.
You could say it's flat between August 2025 and now, but it also was from Jun 2024-Feb 2025, or August 2023-March 2024. There's just a lot of noise to it -- lots of short plateaus or even dips followed by lots of sudden jumps. Indeed, it seems to have a bit of a yearly cycle to it, suggesting we're at the inflection point of another jump upwards.
So it still seems to be growing strongly to me. The rate of growth has slowed maybe the tiniest bit 2024-2026 compared 2018-2023, but I don't see it anywhere close to plateauing yet.
Doesn't seem that new. I go to a meditation group each week where we do body scan + attention on breath, it seems you are putting together different elements that mediators are likely to put together. Communicating that it is mix and match is good but not new -- there are a lot of big words here for a subject which is actually simple and experiential.
I am interesting in meditations you don't find in the literature like the method I use to cut off the mind-body connection over the breath to deal with acute stress. (e.g. attention to the breath is good for a daily habit when things are basically calm, when you are tilted the mind causes chaos in the body and vice versa and that attention makes the problem worse not better.
The more efficient tokenizer reduces usage by representing text more efficiently with fewer tokens. But the lack of transparancy does indeed mean Anthropic could still scale down limits to account for that.
You mean I can see your medical records on the block chain?
Wow this is a confusing name.
At a glance it looks identical to Mozilla Thunderbird, but has nothing in common.
And then of course it's also the same as a well-known hardware interface.
I know it's hard to come up with names and pretty much everything is used by something else, but this seems particularly bad.
Isn’t twinax just “I heard you like coax so I put coax in your coax.”
Ooof. Yeah, this is not a good sign. I enjoy Laravel (and even Laravel Cloud), but this clearly doesn't belong in Boost.
Another cross-check I've run is, are the claims Anthropic is making for Mythos that out of line with the current status of AI coding assistents?
To which my answer is clearly, no, not even remotely. If Anthropic is outright lying about what Mythos can do, someone else will have it in a year.
In fact the security world would have to seriously consider the possibility that even if Mythos didn't exist that nation states have the equivalent in hand already. And of course, if Mythos does exist, nation states have it now. The odds that Antropic (and every other AI vendor) isn't penetrated enough by every major intelligence agency such that they have access to their choice of model approach zero.
I wonder about the overlap between people being skeptical of Mythos' capabilities, and those who are too skeptical of AI to have spent any time with it because they assume it can't be any good. If you are not aware of what frontier models routinely do, you may not realize that Mythos is just an evolution of existing capabilities, not a revolution. Even just taking a publicly-available frontier model, pointing it at a code base and telling it to "find the vulnerabilities and write exploits" produces disturbingly good results. I can see the weaknesses referenced by the Mythos numbers, especially around the actual writing of the exploits, but it's not like the current frontier models fall on their face and hallucinate wildly for this task. Most everything they produce when I try this is at least a "yeah, that's worth thinking about" rather than an instant dismissal.
It's becoming so ubiquitous, I highly doubt it. At worst I think a manager would just see it as fluff, but not a negative.
This doesn't look like John McWhorter to me. Does it look like McWhorter to you? It looks like Geoffrey Pullum. You know, that Geoffrey Pullum?
https://web.stanford.edu/~zwicky/aave-is-not-se-with-mistake...
There's no "proof" involved. That's the problem with the analogy. It's not about how much "financial capacity" you have. It's about how many bugs you find or fix. The bugs are there where the models help attackers/defenders or not.
In the Win 8 I thought Microsoft was visionary in integrating the tablet with the PC and in particular had a better vision than either Apple or Google. On the other hand I had a lot of weird ideas that turned out to be wrong or irrelevant: like I thought that 2-in-1s and other hybrids were just insane, like a conspiracy to confuse flight attendants, that Synoptics must be lording over the industry using patents to force every device to have a (worse than useless in my mind) trackpad, that the laptop hinge only existed because of the airline industry, or that the trackpads and insanely expensive cases with special-purpose keyboards just existed because there is so much QRM [1] at the consumer electronics show (CES) that you couldn't expect to demo something that depends on a bluetooth keyboard and mouse.
Around that time my hackathon kit was a bottom-of-the-line Android tablet with a $5 plastic clip and a cheap bluetooth keyboard and cheap mouse and with $75 of client hardware I would connect to a $2 hour machine in AWS and have a machine that was so sleek it made macbooks look clunky in comparison and also vastly more powerful than the bulky desktop replacement laptops and the gaudy gaming laptops -- it turned heads.
People thought my kit was fashionable but that's all the agreement I got with my vision. Laptops still have hinges, there is no resistance against crap trackpads [2] and those expensive cases, people are still surprised you can use a keyboard and mouse with your iPad, etc. I believed in Win 8 and told people "just hit that damn windows key on your keyboard" but I think I was the only one.
[1] ham radio jargon for "radio interference"
[2] even mac-ers admit that Apple trackpads are at best tolerable
> "What do such machines really do? They increase the number of things we can do without thinking. Things we do without thinking-there's the real danger" - Frank Herbert, God Emperor of Dune
I always preferred this take:
“Civilization advances by extending the number of important operations which we can perform without thinking of them.” ― Alfred North Whitehead
It's both opposite and complementary to your Frank Herbert quote.
I am not sure "fun" is the right term here!
Colour of bits isn't a property of bits. It's provenance. It's facts about history of the things.
There may be no trace from pure noise to original work, but you didn't get that particular noise randomly, you in fact got it from the original work.
Once you understand that law cares less about the thing itself, and more about the causal chain that led to it, it stops seeming magical and becomes perfectly reasonable.
(Also, FWIW, it's not that far conceptually from code = data, but there's still tons of technical people who can't comprehend the fact that there is no code/data distinction in reality. "Code" vs "data" too isn't a property of bits, it's only a matter of perspective.)
That's a built-in thing; Visa, MasterCard, Amex all have updater services that ensure trusted merchants get the replacement card seamlessly. This leads to annoying edge cases like yours.
https://stripe.com/resources/more/what-is-a-card-account-upd...
You can sometimes ask your bank to issue a card and not ping the updater service, but tier one support tends… not to know about it at all.
> On the other hand, this feels a bit like eugenics, and a slippery slope towards designer babies where you can pick and choose their attributes.
We can discuss pros and cons of freedom of choice of genetics for your children (an opposite spin on the same idea as calling it "designer babies"), but eugenics is a thought-terminating cliche at this point. There's whole space of useful genetics-based treatments and interventions that do not imply involuntary sterilization of people one group deems lesser.
I ate so much paste in elementary school, was probably one of the high points for me.
>Not everyone needs this? Nowadays, we go to AI first and then website. Even Google shows an AI summary first.
Who is "we"?
Why would I want to give AI companies, already a very closed club of 2-3 big players, the keys to the web?
Why would I trust them to show this info in their results over their sponsored results?
Why should the use have to actively work (ask questions to get it out of the LLM step by step) to learn about my product or services? What if they don't know what they should be asking about?
It's a famous problem, I've seen a a few tries at it, even tried my own, never saw any real solution. I think the issue of "looking back over the last few years" is the way.
For where this gets complex, you can look at the Deaf community.
Crippling disease? Or normal variation in humanity? There's significant debate, and a lot of Deaf people really bristle at the idea of eliminating their identity.
Atmosphere is the established name for all apps using the AT protocol. See https://atprotocol.dev/atmosphereconf/ for example.
That's a pretty big gimme!
You're not taking into account the thermal strain on the machine, though. A machine that's 100% utilized (even worse if it's in bursts) will last less than an idle machine.
don't mind if you do 'guv, don't mind at all.
Another trick when SIMD is not available, is pseudo SIMD via SWAR, one example,
https://lemire.me/blog/2022/01/21/swar-explained-parsing-eig...
For many use cases, maintenance doesn't matter. At this point, using LLMs to one-shot a tool/service for a single use or time-limited use case is becoming more appealing than signing up with some vendor, even for free.
Indeed, Mailchimp is a tool specifically built and advertised to send spam.
FIXAPL is an interesting spin on APL without overloading on arity.
Many array languages overload glyphs on arity so they basically behave depending on if you call them with 1 argument (in "monadic form") vs 2 arguments ("dyadic form")
monadic: G A1
dyadic: A1 G A2
where G is the glyph and AN are arguments
The overloading can lead to confusion (but is also interesting in its own way because you can reduce the number of glyphs in the language surface).
That overloading is I would say also one of the reasons array languages might not be as approachable and one aspect of the 'difficult to read' argument.
Maybe even more important: avoiding overloading on arity helps with composition (I still have to dig into this deeper).
Look at any other war in human history, when was this any different for the upper classes?
Increasingly of the opinion that "free service with no support that's structurally essential for an economy" is some kind of trap. Possibly just the most comfortable kind of trap, a local optimum from which it's difficult to escape.
This is starting to become important as countries (very unwisely!) start tying things like national ID and banking to smartphones.
This is a bit like saying stop using Ubuntu, use Debian instead.
Both llama.cpp and ollama are great and focused on different things and yet complement each other (both can be true at the same time!)
Ollama has great ux and also supports inference via mlx, which has better performance on apple silicon than llama.cpp
I'm using llama.cpp, ollama, lm studio, mlx etc etc depending on what is most convenient for me at the time to get done what I want to get done (e.g. a specific model config to run, mcp, just try a prompt quickly, …)
The fun bit is right at the start when the author notices that the compiler spots this and optimizes it away.
We didn't get into the deeper question of benchmarking it vs. a three-register swap, because I suspect the latter would be handled entirely by register renaming and end up being faster due to not requiring allocation of an ALU unit. Difficult to benchmark that because in order for it to make a difference, you'd need to surround it with other arithmetic instructions.
A meta question is why this persists. It has the right qualities for a "party trick": slightly esoteric piece of knowledge, not actually that hard to understand when you do know about it, but unintuitive enough that most people don't spontaneously reinvent it.
See also: https://en.wikipedia.org/wiki/Fast_inverse_square_root , which requires a bit more maths.
The other classic use of XOR - cursor overdrawing - has also long since gone away. It used to be possible to easily draw a cursor on a monochrome display by XORing it in, then to move it you simply XOR it again, restoring the original image.
Printing does not of its own cause inflation. In Japan it seems that efforts to inject money into the economy end up immediately stuck in low interest savings accounts.
I just don't idolize individuals.
I find rather strange the complaint about compatibility across JIT implementations, there is exactly the same problem across any programming language with multiple implementations, interpreters, compilers, JIT, whatever.
You can still do that, there are options available.
Even on my laptops I can at least change hard disks and memory modules.
It's been amazingly linear since 2014.
amazon.com needs to get with the program. Still IPv4 only.
Pity that the phones, tablets and major OSes are basically owned by foreign powers.
One way to complain, https://european-union.europa.eu/contact-eu/write-us_en
No smartphnone and dependent on two US companies, is there an official complaint form?
EDIT: A possible way, https://european-union.europa.eu/contact-eu/write-us_en
Obvious reminder that anybody can publish an Internet-Draft.
and a rare Motorola SC02SH007DK04 graphics chip. As far as I know, no datasheet or detailed documentation for that chip has survived, so its exact features are still unknown
The "SC" prefix indicates a custom chip that Motorola made for someone else - in this case Compaq. A quick search of the Internet shows that it's an SVGA-class card with a blitter and hardware cursor. Here's some register-level docs:
https://flint.cs.yale.edu/cs422/readings/hardware/vgadoc/COM...
BK's page is also completely unusable without JS. It's an "appsite", not a website.
McD's is readable with JS off, because the "meat" of the content is plain HTML. I also like how the other links here are to URLs of the form "/en/products/nnnn", which further reinforces the fact that the pages are server-side.
The 90s were so glorious. You could plug SRAM chips into sockets on the motherboard! Today, we're sheeple content with our soldered-down RAM and cricket flour cookies.
I can say I have seen a lot of cases where someone who was flagrantly guilty of abuse complained loudly that their account at some big tech company was unfairly canceled. I cannot say that's what is going on here, and I can also say I've seen plenty of cases where it was unfair and there was no due process.
There is a very fine line between dumb and provacative.
I'm kind of curious how long it will be before people start publishing copyrighted works on the TrumpCoin block chain. :-)
Just give them computers already...
What is with this BS idea of medieval jail conditions...
ROFL because there is no danger that I'm going to spend any time watching shorts. If they put some limit on other videos now that might be relevant... but shorts are just taking up real estate on the screen which could be filled with content I might engagement. I want to say it is like picking their shareholder's pockets except nobody profits from the existence of shorts in any way.
I, too, mark all positives and negatives obsessively, but still get the same obvious spam in my inbox too often for my liking. Still, though, I love Fastmail.
> and in the end it looks so similar to the other one:
Maybe if you are looking at it in a monospaced environment like the HN edit window; rendered in a proportional font, hyphens, en-dashes, and em-dashes are quite distinct from eachother.
> It's no surprise humans barely use them. Then why did it get picked up so much by AIs?
It got picked up by AIs because their training corpus includes plenty of professionally published work, not just informal, off-the-cuff communication, and professionally published work uses typographic dashes (em-dashes, en-dashes, and even 2-em- and 3-em-dashes) extensively. (3-em less so in newer works, it having, e.g., dropped out of the recommendations of the Chicago Manual of Style as of 2024.)
I'm very curious about this.
Google knows users care about their privacy, and it made the promise in its terms precisely for that reason. People pay attention to this stuff, as the popularity of this story shows.
Therefore, it's generally not going to be in Google's interest to break its own terms.
So what's going on? Did a Google employee simply mess up? Is the reporting not accurate or missing key details, e.g. Google truly is legally prohibited? Or is there some evidence that the Trump administration was putting pressure on Google, e.g. threatening to withhold some contract if this particular person were notified, or if Google continued notifying users belonging to some particular category of subpoenas?
Because Google isn't breaking its own terms just for funsies. There's more to this story, but unfortunately it's not clear what.
How is it picking the comments?
If it's all comments, including flagged/dead/downvoted/etc., then it's not reflective of the actual filtering HN does.
But if it's weighting comments by their likelihood of being read -- e.g. mostly top comments on popular stories -- then I'd be a lot more curious.
I'm not surprised AI spam has increased substantially. But I'd be surprised if it's affected the comments most people actually read to anywhere close to the degree shown in this graph.
Some of them, it seems like it could be to show the sauce more clearly:
https://www.mcdonalds.co.jp/en/products/4530/
But others, it's just inexplicable:
https://www.mcdonalds.co.jp/en/products/1010/
Burger King isn't doing this though (close the two popups to see the menu):
https://www.burgerking.co.jp/menu
Is it some kind of trendy style? It does feel kinda... cute.
This doesn't change things much, besides making domain name registration more difficult, but I continue to think this Spotify thing was a really dumb move on the part of Anna's Archive.
AA is providing a valuable service to tons of people who don't have access to these books otherwise. There's a strong argument to be made for the moral goodness of that -- that even if it's illegal, it's at least in the spirit of a public library. And they want to potentially jeopardize that to... release a bunch of music tracks, that are just entertainment and mostly widely available on YouTube already anyways? Major misstep.
Like, even if the same people are proud of scraping all these tracks and want to release them... at least do it under the name of a totally separate project? A separate domain, or just describe it and post the torrents somewhere else? Don't tie it to the AA site or identity. Don't tie things together when it creates no more benefit but does create more risk.
Is an external range extender feasible? Especially for a tuck, a tank and generator running on the flatbed would seem cheaper and more efficient than an integrated unit.
Not to mention an attacker motivated by financial gain doesn't even need a particular targer defender. One/any found available will do.
Give each brand a quota. 100,000 cars a year, or something. Enough to give Americans a taste of the competition. But not enough to suffocate domestic manufacturers.
If stolen via a crypto rugpull, it wasn't his to give to begin with.
> If you're trading, like, oil futures or wheat futures or whatever, you are likely doing so specifically because you have inside information about your business needs
Insider trading, in the U.S., is not legally about fairness but about theft. A firm hedging its own positions is using its information for its own purposes. A federal employee trading on what they heard is abusing the trust placed in them by the American people.
> A respectable software provider should warn you about this kind of behaviour at install time, and give you the opportunity to opt out
They honestly only need to disclose. Requiring contribution as part of the social contract is perfectly okay—if someone disagrees, they don’t get to use Gas Town.
Range extenders are not new. The BMW i3 could be equipped with one (which was loud and didn’t do much).
What influence does Vanguard or Blackrock have in corporate governance? They’re just vehicles for old peoples’ retirement funds. They’re not polling strings in corporate mergers.
Consolidation over the last 30 years is the fault of folks here on HN. Information technology moves the equilibrium point between economies of scale and diseconomies of scale. It enables huge companies to operate efficiently. That enables them to leverage their scale to deliver better services and cheaper prices.
Consider Amazon. Everyone loves to hate on Amazon, but they’re doing it while adding stuff to the delivery they already have coming tomorrow. Why can Amazon ship me stuff overnight, whereas it used to take a week back in the 1990s? It’s not the internet per se. You could call in or fax orders back in the day—it still took a week. And delivery is being done using the same planes and trucks we have been using for decades. Amazon happened because technology enabled it to completely restructure the entire warehousing and delivery vertical, rendering a huge swath of the economy obsolete.
That’s happening all over the place. Most of these mom and pop businesses suck. They have shitty service, high prices, limited selection, etc. The big companies are better and IT enables them to scale in ways that were impossible before.
> Requiring remote attestation on all internet-connected devices
Is that what this bill requires? If it’s just remote attenuation for social media, done by the OS, I think that’s fine.
A fact is a statement about past. A bet is contingent on the future.
Insiders can change the facts.
I've said for decades that, in principle, cybersecurity is advantage defender. The defender has to leave a hole. The attackers have to find it. We just live in a world with so many holes that dedicated attackers rarely end up bottlenecked on finding holes, so in practice it ends up advantage attacker.
There is at least a possibility that a code base can be secured by a (practically) finite number of tokens until there is no more holes in it, for reasonable amounts of money.
This also reminds me of what I wrote here: https://jerf.org/iri/post/2026/what_value_code_in_ai_era/ There's still value in code tested by the real world, and in an era of "free code" that may become even more true than it is now, rather than the initially-intuitive less valuable. There is no amount of testing you can do that will be equivalent to being in the real world, AI-empowered attackers and all.
It looks like it, but it isn't. It's the work itself that's valued in software security, not the amount of it you managed to do. The economics are fundamentally different.
Put more simply: to keep your system secure, you need to be fixing vulnerabilities faster than they're being discovered. The token count is irrelevant.
Moreover: this shift is happening because the automated work is outpacing humans for the same outcome. If you could get the same results by hand, they'd count! A sev:crit is a sev:crit is a sev:crit.
Are you a little concerned that by advocating a drastic change in policing extending far past ALPR cameras that you're creating room for proponents of the cameras to say that everyone who opposes them wants broadly to hamstring the police?
I watched ALPR proponents in Oak Park make exactly those kinds of arguments.
You can see all across the responses here the encoded premise that the point of a prediction market is to enable people to profit from making accurate predictions. No. The point is for the price to be accurate; for the market to make an accurate prediction. That someone with a P1 prediction can roll over people with less confidence is a feature.
"I am giving every cent of that crypto money to charity" - https://twitter.com/Steve_Yegge/status/2044114434348724351
This assumes that the relationship between "LLM tokens spent" and "vulnerabilities found" doesn't plateau, though.
Relevant Tony Hoare quote: “There are two approaches to software design: make it so simple there are obviously no deficiencies, or make it so complex there are no obvious deficiencies”.
Oh no, I remember those browser games, I will stay well away from them because they're the kind of thing that I will play for a month straight otherwise.
It's fine. We can't have it both ways. I prefer bad grammar to Claude blandness, so I think the author should just write how they write.
Is the datacenter going ahead? Who is building it and who is principally using it?
Has the state AG commented on this?
There's no mechanism for pressing politicians except threatening not to vote for them again, and politicians are exceptionally cowardly and avoid picking up hot potatoes that could incur criticism. I'm in a district with one of the safest seats in the country, and getting my representative to state a position on many issues is like getting blood out of a stone.
There's no formal mechanism of accountability for members of Congress. Representatives hold a few town halls a year where they might be subject to social shaming by their constituents, but there's no legal obligation to do so and even when they're publicly embarrassed they often dismiss public opposition as 'a few paid agitators' or the like.
This is doubly and triply true for complex policy issues which require a lot of explaining, making it virtually impossible to build grassroots support. So you just end up with a nonprofit industrial complex that needs to constantly raise funds for lobbying and publishes slates of endorsements at election time that relatively few people have the time or inclination to read.
So does talking to uninformed people. The size of the group is inversely correlated with deviation from the mean (of IQ, productivity, or whatever proxy for cognitive capability you care to specify).
I'm not sure why this is at the top of the page; it's not that it's wrong, it's just a sequence of truisms.
That's why I did the flamingo on a unicycle.
For a delightful moment this morning I thought I might have finally caught a model provider cheating by training for the pelican, but the flamingo convinced me that wasn't the case.