What are the most upvoted users of Hacker News commenting on? Powered by the /leaders top 50 and updated every thirty minutes. Made by @jamespotterdev.
Apparently the rule change also affects CRSP, which is the index behind Vanguard's Total Stock Market (VTI) index funds.
https://finance.yahoo.com/markets/stocks/articles/spacex-ipo...
VTI in turn is the primary holding of most of Vanguard's Target Date retirement funds, which are widely held in 401ks.
> The majority of open source devs aren't giving away the source without a license.
100% of open source devs aren’t giving away the source without a license, since a licence—the grant of permissions for what is otherwise exclusive to author under the law—is what makes something open source.
> That license is how they specify what they want in return.
No, the license is how they legally give away permission to use material that is legally subjejct to their exclusive rights by virtue of creation. The license may be a contract license that, as you suggest, involves mutual exchange of value, but for many (especially permissive) open source licenses it is a gratuitous bounded grant of permission which has limits but does not involve giving something of value back to the creator.
"Below it you are doing high-school physics. Above it you are running a small particle accelerator with a missile attached." is where I clocked out.
(Also "honest" assessments; the word "honest" has gone the way of "delve".)
Use LLMs to proofread and critique structure. Don't take a single word they generate and put it in your copy, not even simple vocabulary suggestions. The more work you put into a piece, the more important this rule is.
The staccato style is often effective for emphasis, but the paragraphing is wrong on this article. It should've been:
> The headlines say yes.
> Patriot crews shot down a Kinzhal over Kyiv on the night of May 4, 2023. Arrow-3 batteries killed Iranian ballistic missiles over Tel Aviv in April and October 2024. A pair of THAAD batteries in Israel emptied something close to a quarter of the US national inventory across twelve days of war in June 2025. The headline word in every one of those engagements was hypersonic.
> The headline is wrong.
> No maneuvering boost-glide hypersonic vehicle has ever been fired in combat against a defended target. Every “hypersonic intercept” the press has reported in the last three years was a different class of weapon: an air-launched aeroballistic missile, a quasi-ballistic short-range ballistic missile with a maneuvering reentry vehicle, or in one case a MIRV bus on an intermediate-range ballistic missile that the press could not stop calling hypersonic. The Avangard, the only Russian vehicle that meets the strict definition, has sat in silos in Orenburg since 2019 without being touched. The Chinese DF-17 has never been used. The American Dark Eagle has not yet been ordered to fire.
> So when we ask “can you stop a hypersonic,” we are partly asking “what would happen if anyone fired one.”
There are assorted other issues with the article as well, like excessive use of passive voice, lack of parallelism, and too much meta-talk.
When calorie dense food and gas powered vehicles came on the scene, humans (generally) got fat and out of shape. "Why eat that salad and go for a run?" one might say, "This cheesecake tastes much better and I can just drive wherever I want to go."
Getting fat is one thing, but getting stupid is another, and I really fear for the future of humanity when it becomes so easy to sidestep the processes that let us actually learn and grow because stuff like "using agent ai coding is trivial".
Hah, I like that these are presented as a CLAUDE.md.
(They have the same content duplicated in an AGENTS.md as well - I really wish Anthropic would hurry up and teach Claude Code to check for that file too.)
I manage customer identity and access management ("CIAM") for a financial services firm. Passkeys are primary, recovery can be performed by providing a government credential remotely (which costs us ~$2-3 per recovery). I do not think it is hard, based on what we have built and spent to enable these capabilities. NIST Special Publication NIST SP 800-63 Digital Identity Guidelines is a helpful resource on this topic.
https://pages.nist.gov/800-63-4/
I think Meta just does not care if they're enabling AI attack surface and vulnerabilities into these customer journeys. It's...certainly a choice, versus deterministic journeys with hard guardrails. They could make different choices.
Things is, most orgs cannot throw random KPIs to target for AI usage, and then complaint too much is being used.
I certainly am not meeting KPIs, because even if I wanted, there is no way I could outsource all my work to AI, which is kind of what is being pushed.
"Wait, we're getting an influx of new users, and they actively don't want us to run the most expensive part of our search results page?"
Where can I find such accommodating customers myself?
"He's out of line, but he's right": while Iran are an extremely bad actor, before Trump the situation was stable. And the start of conventional hostilities was clearly from the US+Israel side.
(open question as to how much the October 2023 attack is the fault of Iran, specifically?)
Those have always offered career progression, though. Whether the industry is growing is a different variable to whether someone is growing in competence.
Some environments require progression as a sort of anti-stasis measure. Famously including army officers, not exactly a growth industry either. https://en.wikipedia.org/wiki/Up_or_out
If your math does not involve multiplying 20 digit numbers, modern LLMs can "do" math even without a Python tool despite the counterintuition of next token prediction.
Indeed, but justice requires that we recursively continue all the way to the base case, until all 32-bit integers are products of 16-bit integers, all 16-bit integers are products of 8-bit integers, all 8-bit integers are products of 4-bit integers, all 4-bit integers are products of 2-bit integers, and all 2-bit integers are products of 1-bit integers. Only when we have reach all the way down that list to the very, very smallest of the numbers around us and brought justice to them will the future be able to arrive. I literally can not wait for that day.
You rely on the security companies scanning the packages.
... or just considering the even numbers almost all of them are 2 x N where N>2^32 and that gets you to within a hair of "most" and if you add in the odd thirds for which the same is true you get a bound of 2/3 - epsilon.
There is something deeply stupid about assuming that naming your bluetooth device "bomb" is a real threat, let alone that it's going to be a real bomb. Reminds me of all those post Columbine "zero tolerance" policies where kids were punished for marginal doodles of guns. Or the "twitter joke trial". It's as is people are string matching for threat shaped words, not the semantics of a threat.
Mind you, this gets harder when powerful people have got in the habit of making mostly-joking threats on social media themselves.
>Physical evident strongly supports the 13-ish billion year age. Radioactive decay shows that a young earth could not exist, as there would be lots of short-lived primordial radioactive isotopes.
Well, if one ascribes to this God thing, of course Earth could just as well be created 6000 years ago, with exactly the shape and vintage material properties to appear to us as it does now.
If you can create a baby Earth from nothing, you can also just create a middle-aged Earth from nothing.
That's some primo-grade flamebait even by The Register's standards; wrapping a fairly common, perhaps mundane at this point, observation about how what answers the AI favors will affect what answers people tend to be given if AI use increases around the religion flame flash point is definitely going to get some views.
Look for the followup article where they wrap the mundane observation around the politics drumbeat (people who use AIs may be exposed to political beliefs you don't believe in) once they notice the article's view count.
>Otherwise it would be like Intel and Microsoft had decided in the year 2000 that computers are "good enough" now and we would have explored what's possible with that hardware ever since.
That would be the dream... no fucking Electron! No lockdown modules.
Now that we have AI, can we go back to real apps and native tech stacks? And revert the browser to a text-display interface?
Not everyone of us wants to live in tier 1 cities, and not all countries have apartment buying culture.
Since we are talking about accountability and transparency... who wrote this article?
The article doesn't credit an author.
The "about" page just says:
> Sigma Zero is a weekly, independent publication on technology, AI, and cloud. Each issue delivers a precise briefing on the week’s most important developments, followed by a deep dive on one high-impact topic.
The best defense against both AI slop and human-written junk content is reputation. I like to know who wrote something so I can learn to trust their editorial judgement over time.
First we need to actually still be employed, and have them at affordable price.
The death of consensus reality is also the death of democratic politics. Too many people regard that as a positive.
One of my coworkers once told me that, unless I changed our hardware design, he'd be forced to add a buggy part to our bill of materials to handle the use case.
I had to call in a BOM threat.
There is apparently a court order involved:
"Meta, which owns Facebook and Instagram, secured an emergency legal order on the eve of publication preventing her from publicly discussing aspects of the book, and she faces fines of $50,000 (£37,000) each time she breaches the order."
This is what AOL/Compuserve were in the very old dialup days. Curated spaces.
Haven’t seen it yet, but it’s a fun trope from what I’ve read, there’s an old Tales from the Crypt episode that is a shorter version of it.
Not really, I tend to avoid computer appliances, other than phones and tablets.
I certainly am not paying 800 euros for a travel laptop, when a 350 euros Asus 1215B, that could be upgraded, was able to survive about a decade, with 8GB in 2011!
I didn't dislike the article for its content. I disliked it for its insincerity - see the piece I quoted for an example.
"Marc Andreeseen brags about what a cool innovator personality he has, presenting it as advice"
Mobile version
Actually, I don't think it's a good idea to bring your politics into a an enclosed pace like this where people are forced to be a captive audience, notwithstanding that I agree with theparticular sentiment expressed.
> you have the right to express it
Out in public sure. In an airplane you're in someone else's private space (ie the airline's) and everyone is not only confined with you in minimal comfort, they have no way to leave. Trying to 'own' the space in this context is a dick move. If I'm a traveling passenger I don't want to be subject to your political ideas/religious sentiments/music preferences/sporting affiliation or whatever else. Besides the irritation it may or may not inflict on other passengers, it's an unnecessary burden for the flight crew, who are going to have to field any complaints about it.
In short, please stow your rights in the overhead container or in your checked baggage and respect other peoples' right to be left alone.
I actually find the "AI idioms" rather less grating than emoji-vomit. That said, I don't know why certain LLM output seems to be full of the latter; certainly no real human writing I've seen has that style, but perhaps it's a result of training on data that probably should've been done without.
> This is a fundamental architectural design concession; LLMs are this way as it enabled their training directly on materialscraped from the internet, rather than needing to spend trillions of dollars manually preparing separated instruction/data training material.
No, its even more fundamental than that: the entire goal of broad reasoning over input data makes it impossible to have a sharp instruction/data division.
The structured input that every modern chat-focussed model expects makes it very clear that they can be trained to distinguish different kinds of input, and some of those patterns now include different priority levels of instruction.
I'm rereading the Iliad right now and was just reflecting on the fact the first time you see Odysseus at work he's selling two incompatible flavors of bullshit to officers and their men, in service of a third flavor of bullshit that was decided upon in advance at a war council.
Some keys won’t work right away – you are responsible for making this keyboard work
Do not use any beam spring keyboard in a mission-critical environment.
I can say this is the first time I've seen this in the sales description for a keyboard. Are these assembled from NOS parts?
It's a very specific style of condescending journalism that US media has been nurturing and recycling for decades now. I was going to write this this whole comment as a parody of it, starting with some literary hook like 'Call it Ouroboros syndrome:' but I can't bring myself to add to the pile.
I have not done the textual and statistical analysis to verify this, but I feel like it's something you could trace back to east coast journalism schools and publishers mediated via television, which long predates mass adoption of AI. Think how many news articles you've read with titles like 'Anatomy of a murder' os 'Inside the meeting that changed everything.' The hooky, slightly pompous tone is something you can find back as far as the 1960s or 1970s; browsing through old issues of Readers Digest and you'll find tons of it. When I say it's mediated through television, I'm talking about both the dramatic and heavily conclusory style of fictional prosecutors and narrators, and the extremely shallow style of TV news reports (often transcribed to the web) which are only one or two sentences per paragraph. And this is before we consider the stylistic impact of ad copywriting on communication in general.
And there's something else.
The one sentence paragraph interjection, designed to refocus your attention in a surprising new direction after two paragraphs of stuff you already know. 'I never thought I'd end upere,' said Sally Nocontext, hooking you in for another paragraph or two where you try to figure out who this woman is, where she ended up, and what it has to do with the article you are already halfway through reading. After all, I've come this far, the reader through. I might as well see it through to the end.
And that's just what publishers wanted.
One sentence can also validate a truism that the reader already suspects, flattering their beliefs in their own analytical powers....
...well you get the idea. When I'm using LLMs for any sort of extended session, I find myself reaching for the same few prompts to break it of such clicheed expression; I'm especially averse to the habit of adding zippy-sounding nicknames to complex or potentially dull concepts. I don't have a favorite starting prompt, but I generally find that asking for 'a concise, academic tone' does wonders to de-fluff its output. Remember, it defaults toward being as widely accessible as possible, and much journalism is aimed at consumers with only a high school education and maybe middle-school reading comprehension, math ability, and appetite for depth over sensation.
Yes, circumstantial is exactly the point; it's easy to use AI as a scapegoat because it's something popular to hate on.
The key point (which I believe static analysers these days can easily check for) is to check the sizes of the source and destination.
You know you're in trouble with all these kinds of analyses when they try to square up cost of care with life expectancy.
The principal components in life expectancy difference between the US and the other OECDs are car accidents, homicides, and CVD. Obviously, accidents and homicides aren't a function of the health care system; they're a function of the atypical dependence the US has on cars and its wildly atypical availability of firearms. Though: it is worth noting that the OECD definition of "preventable deaths" includes vehicular accidents!
But even the CVD statistics are misleading in a comparison like this. CVD outcomes are heavily regionalized in the US. The New England states have CVD outcomes comparable to western Europe. But go to Mississippi and Alabama and we look like a developing country. There's a lot of stuff going into that difference, but the key thing here is that the structural design of the health system is the same in both regions.
There's a lot not to like about the US system of employer-paid health insurance. But these kinds of critiques are frustrating and a little unserious, and it annoys me that this article assumes its readers won't dig into the crosstabs and will just take the comparison on faith. That's disrespectful to readers.
>Recent overuse by language models has led many to declare it bad writing. I'm not so sure.
It is bad writing.
I understand they are restarting production from scratch for a product that no longer exists and that nobody actually knows how to make, but being openly unreliable is a significant problem at this price point.
This lack of driver support for hardware that’s still functional and available in reasonable quantities is annoying.
I was very close to buying a retired POWER7+ server with an ungodly amount of memory, but decided being unable to run a modern Linux kernel would be more work than I wanted to have. Modern kernels need POWER8 and above.
> we should have a letter writing campaign
The state should be able to collect damages for frivolous NIMBY lawsuits. I don’t care if they’re ashamed. If they’re fine paying more taxes to behave like idiots, who cares.
Local governments are obsolete, a holdover from when you had to have a government entity over areas within a day’s horseback ride. States should disestablish these towns and counties and reorganize them as administrative subdivisions of the state that answer directly to the governor and state legislature.
I've never been able to figure out what's so great about Atherton. The houses are big, but other than that, it's nothing special. Woodside is a nice horse community with hills and sequoias. Los Altos Hills used to be; there was a time when the Los Altos Hunt ran the town. Palo Alto is next to Stanford. Portola Valley used to have more patent holders per capita than anywhere else in the US. Atherton is just a bedroom town on flatland with big houses.
It’s not just scale. Do you accept user generated content? If so, more of a target.
Fundamentally, a direct device has fewer transformation losses.
> Every country has for-profit elements in their healthcare system
You’re right. The Swiss system is deeply privatized, down to compulsory private insurance [1]. It just isn’t as opaque and corrupt as the American one.
Part of the problem with the American system is everyone is cynical with respect to reform, and has a singular bogeyman they’re convinced explains all of the problem, with zero room for multiple causation.
> This attack occurs when any untrusted data source (e.g., from an imported sheet or ChatGPT connector) manipulates ChatGPT to run an attacker-controlled external script, which executes leveraging permissions the user has granted to the ChatGPT for Google Sheets extension.
Yeah, I don't like the sound of that at all.
> Do you think terrorists are really going to name their Bluetooth speaker "bomb"?
If they knew it was a BT speaker, they wouldn’t have returned.
OTOH, who would name a bomb with a Bluetooth transceiver in a way that advertises its function. I’d use something like “pacemaker” so that nobody would ask me to turn it off.
It's really not surprising that letting websites run arbitrary code on your machine, even in a sandbox, would lead to things like this.
Basically, yes. We are on a website, after all.
Shareholder returns, the demand for which is insatiable and never ending.
What a prescient video, and I wonder what happened to the consultancy with the remote programmers with their Texas Instruments terminals.
I wonder what OS was the BASIC programmer using - Nixdorf’s NIROS?
It will not change on your time horizon. If you want better healthcare, move to a developed country today. It will take a half decade or more for US healthcare to improve in any meaningful capacity, assuming the necessary events take place to enable improvement in the system.
(to improve US healthcare, laws will need to change; when those laws change is a function of election outcomes and cadence; those election outcomes are a function of the electorate, who they vote for, and the rate of cohort turnover; think in systems)
Interesting that you are hearing "dismissal" in the antecedent response. I read it as the poster "studying more" the data, and finding a lot of flaws in both the experimental design and the data analysis.Typically things a reviewer would do when a publication was submitted (or in our case posted here). The author, then goes back and answers the questions raised to show that the effect they are suggesting is durable in face of the flaws. Or perhaps they run an additional experiment and augment their data. After a bunch of back and forths either the effect is sufficiently well expressed in the data or the paper is withdrawn for more work.
When I go through the process of reading the entire paper, analyzing the data myself, and the experimental design. That is the opposite of dismissing the claim. That is me, positing that the claim as stated is 'true,' and then asking the questions if the claim is supported by the provided evidence. If it isn't, then doing the work to express what evidence would be needed to support the claim is the feedback needed to help prove the science.
Can you help me understand what the "cost" of other people producing garbage is? Prototypes are generally shop jigs. You'd feel weird gold-plating a stop block.
And if you think you discovered a bomb accidentally left discoverable, you don’t ask for it to be please turned off
That was the most hilarious part for me.
You might also want to have a look into Dylan.
It was the first mainstream attempt to an ALGOL style Lisp.
https://opendylan.org/documentation/index.html
Pity it didn't went down well at Apple.
> make it a point to hold up the whole line until it is my turn to go through the xray
How? I’ve seen idiots do this. I just go around and ahead of them.
With a nationwide effort in swing to dismantle corporate surveillance, the follow up is to pass legislation state by state that prohibits its implementation in the future. Federal legislation on this matter is unlikely to occur until sometime after midterms, and so state legislation is the path to success in the interim.
The exact same thing has happened with IPR.
I've started making most of my prototypes single HTML documents with inline CSS and JavaScript, because a single file is a lot easier to store somewhere and share and will probably keep on working forever (browsers are really good at backwards compatibility).
I chuck some of them on my public tools.simonwillison.net collection, others in their own GitHub repos with GitHub Pages enabled, and some I just share in a Gist (served via gisthost.github.io) or stick in a public S3 bucket so I have a URL for them.
If a prototype is against an existing project sometimes I'll leave it to silently rot in a branch on GitHub.
Nothing. TSA is a joke. At first, the security theater arguably had a legitimate psychological purpose. The airline industry nearly collapsed after 9/11 because people were so scared of filing. But that was a generation ago—the psychological trauma in the aftermath of 9/11 dissipated ago. But we’re still stuck with the TSA because in the meantime it turned into a massive jobs program.
We’d be better off spending TSA’s $8 billion budget on paying people to dig holes and fill them back in.
I assume it's something like this:
Attacking website periodically makes random reads from a large file in localStorage. Other tabs and websites open have Javascript running that periodically performs operations that will result in SSD traffic. For example, GMail has a certain polling interval to check for new mail, and each request is going to result in a cache write that makes the SSD busy and delays other conflicting IO operations. Reddit checks for new chat messages. Large memory-heavy websites get paged out of RAM.
The pattern of IO operations that a website makes creates a fingerprint of interference with the IO ops that the attacking website is doing, showing up as differing amounts of latency as the SSD is periodically busy. This fingerprint can then be reconstructed to a specific website by training a CNN on it, basically using a neural net to classify a certain pattern of delays to the IO ops that other websites are doing.
In theory it makes sense, but it seems very noisy. Anything that makes absolutely zero requests or IO operations in the background (like say HN, or most old-school text sites) wouldn't show up, and would be indistinguishable from any other zero-request site. And having other sources of IOps on the same computer - say you're running an Ethereum client that's perpetually updating the blockchain, or you're downloading a bunch of torrents, or you've got DropBox and it's syncing your directory - would introduce noise that throws off the classifier.
See "The Making of the Atomic Bomb" by Rhodes.
https://www.amazon.com/Making-Atomic-Bomb-Richard-Rhodes/dp/...
Also, the Apollo lunar landing. 400,000 people worked on it.
I think it's mostly emergent. I can even point to a plausible mechanism, which is that if you think of an organization as a network of people and how they are connected together, you can think of "responsibility" as something that arcs through an organization like electricity and burns out whatever it courses through, prompting the creation of alternatives to avoid getting zapped the same way in the future.
It isn't completely inevitable, I think it's possible for relatively strong leadership to understand that the processing of responsibility through an organization is a necessary feature and people handling it without external forces conspiring to make it even more like that it will "burn out" a part of the org is a necessity and a good thing. But it's really easy for an organization to just default to burning out the path and evolving ways to avoid it in the future, and it is very motivated to make it happen.
Is there a deal between Google and Cloudflare to make non-Chrome browsers harder to use? The pressure to use Chrome keeps increasing, and the amount of ad filtering you can do in Chrome keeps decreasing.
"It's free and always will be" - Facebook
> If the developer wants to move the project beyond that, it requires domain knowledge and a lot of hacking.
Reminds me a bit of this blog post[0].
I remember doing a Drupal project around that time and being astonished at how powerful it was.
I also remember feeling more like a technician connecting various components than like a software engineer, writing code.
I totally saw the value for the client but I really disliked my experience, so I avoided it afterwards.
0: https://www.rickmanelius.com/p/the-website-rfp-and-the-impos...
Note that Microsoft "cl /clr" also does this. It's a bit of a niche use case.
In my view, these were less about liberal causes and more about general humanitarian efforts, such as vaccinations, education and fighting world hunger—things that were generally considered good regardless of political affiliation, before the GOP was completely taken over by a madman.
We have electric vehicles, batteries, solar, wind, etc, but the US gave up on those because there is no grift to be had via a capital market bubble manufacturing and deploying those techs at scale.
The US puts on a theater performance of “innovation” via AI while China is 1/3rd of global manufacturing capacity.
Shades of https://xkcd.com/1319/
Reading these comments, "The Tragedy of the Commons" [https://pages.mtu.edu/~asmayer/rural_sustain/governance/Hard...] comes to mind: those who frequent London's many little known free roof terraces know that mentioning them here instantly blows their cover.
I don't understand this angst over AI replacing humans. We already have models like the Gulf states, where only 10% of the population is citizens and all the work is done by people who are, from the perspective of citizens, quasi-human automatons. That arrangement seems to work fine for the citizens. It seems to me that AI and robots solves the principal problem with that arrangement (the mistreatment of the non-citizen population that does the work).
This isn't, like, TikTok. It's a firm that provides a transformative improvement in quality of life to diabetics.
(Not above criticism, of course, but weird to lump them together as insidious "tech companies").
It deprives for example the LLVM community to profit from PlayStation compiler optimizations.
These kind of posts always miss the point that in a team of 10 not everyone needs to be a domain expert, and that now the same work can be delivered with a team of five or less.
Bad luck for the remaining ones.
Let's just not get blinded by this to the true nature of the problem. The web being hard for agents isn't an accident - it was done on purpose. More specifically, it's a consequence of the web evolving to defeat automation and limit access.
Most websites are exist to make money from specific audiences in specific ways, often defined in contracts between hundreds of business entities, and none of them want you to be able to automate access, or interact with the website in any way other than the one that spins the money-making machine. Consider that the flip side of "basic tabular interface" is "skip website entirely, access underlying database"; the flip side of "screen readers" is "ad blockers"; the flip side of APIs is "competitors can scrape my listings and use them against me", etc.
Agents are hot right now, the whole business side is still blinded by hype, so things like MCP and .md endpoints are not just getting a pass, but are even pursued by the business people ("we have to do something with AI!"). This won't last long, though - they'll soon realize their mistake, close off access, and enshittify the web some more.
Just like they did in the past - e.g. when APIs and mashups briefly became a hot thing, then went away as businesses realized this defeats the very thing that makes them money: total control over platform/user channel.
--
[0] - Even your most basic blog showing some ads creates a money-making chain, made up of dozens or hundreds of business entities, bound by actual contracts, and the "blog author that just wants to show some ads" is merely one party at the end of that chain.
Why is writing inline Assembly considered an advantage of C, a language extension even not part of ISO, and always used to point out issues when other languages make use of it?
Naturally there had to be a balance, until mid-90s what we consider AAA games, were mostly Assembly.
None. It's sometimes possible for people to say something positive about a project without being paid!
(If they were paying me they got a bad deal, since I called out the flaws in their leaderboard approach half way through my post.)
No, I mean what is missing is an AI solution to "nobody cares to pay for what you generated".
Who would use a coding tool that said "I've used library X out of all the alternatives, please pay the license now"?
We had several of such languages in the 2000's. C# is basically becoming what Modula-3 already offered.
That hack is because of C.
Definitely true when using VC++ with C++20 modules and MSBuild.
It also helps not compiling everything from source as many UNIX folks do.
While I agree that domain expertise has always been a moat, I believe the author is missing something critical: there is a big difference between being able to verify the output of a system is correct, and being able to tell a system how to generate the correct output to begin with.
Personal example: I had a software engineering colleague who was the best coder of financial management systems I've ever encountered. He gained these skills through years of in-the-trenches development. One of the things he told me, and that I also observed, was that the vast majority of financial experts (basically, the people in the accounting department of companies) had an extremely difficult time just telling him what the rules of any particular transaction should be. But what they could do was tell him whether the handling of any particular transaction was right or wrong. So often times he would sit down with these accounting folks and go through lots of example transactions he came up with, and from there he essentially built up the requirements spec.
In my experience, that is the primary difference between people I've known who are good software engineers and those who aren't: people who can specify the detailed rules of any system, vs. folks who take a "well, I know it when I see it" approach.
I have a strong suspicion that folks who have a high degree of domain expertise in a particular area will fail as software builders even in an agentic world because they will struggle to elucidate clearly the rules in their head that they've learned over years. As an analogy, it's kind of like asking a native speaker for the grammar rules of their language. Often times they can't, but they'll just say "well, that sounds wrong." They may be "domain experts" in their language, but they'd have a hell of a time prompting an AI system on how to grade a test for grammar correctness.
> Surely there exist experimental aircraft
What was the last aircraft anyone kept secret? Modern satellites and smartphones just make this incredibly hard.
I mean, sure. Just let people and cargo walk in. Sanctuary cities become tariff free.
That might be true in the short-term, but I'd be very surprised to see that hold for the long-term.
We've had plenty of technology trends in the past that have promised faster development but has later turned out to have problems. Organizations that stick around learn lessons about what works and what doesn't.
If in a year's time organizations aren't feeling severe downsides from all of the unreviewed vibe-coded junk they put into production then maybe the vibe-coders were right. I'll believe that when I see it.
I did. SunOffice, then OpenOffice, then LibreOffice. It still isn't very good, though.
'cum' is latin for 'with', and it is commonly hyphenated when inserted in between other words.
It's also a slang word for semen, but that's not relevant here.
> All the Telegram groups have quieted down as Meta seems to have patched it already, but it appears this particular method was active for weeks, if not months.
Is that for real? I find it hard to believe that an exploit THIS simple and easy to abuse managed to stay live for weeks or months.