What are the most upvoted users of Hacker News commenting on? Powered by the /leaders top 50 and updated every thirty minutes. Made by @jamespotterdev.
The security side of OpenSSL improved significantly since Heartbleed, which was a galvanizing moment for the maintenance practices of the project. It doesn't hurt that OpenSSL is now one of the most actively researched software security targets on the Internet.
The software quality side of OpenSSL paradoxically probably regressed since Heartbleed: there's a rough consensus that the design of OpenSSL 3.0 was a major step backwards, not least for performance, and more than one large project (but most notably pyca/cryptography) is actively considering moving away from OpenSSL entirely as a result. Again: while security concerns might be an ancillary issue in those potential migrations, the core issue is just that OpenSSL sucks to work with now.
It has C style interfaces, meaning structs with function pointers.
Which is basically how most device drivers in OSes that happen to be written in C, including UNIX flavours, work.
> don't understand how people are compelled to violence by a technology they barely understand
Altman has literally been preaching AI as an agent of impending doom since ChatGPT [1]. If you keep telling folks the thing you’re building might mean “lights out” for humanity, some people will take you seriously.
To be clear, this doesn’t excuse the idiot attempted murderer. But dialing up hysteria to scare up investors doesn’t come for free.
[1] https://fortune.com/2023/06/08/sam-altman-openai-chatgpt-wor...
Only if you're all playing the same game. Corruption usually happens because some players have higher priorities.
> The other big thing was making research actually persist across sessions. Most agents treat a single deliverable (a PDF, a spreadsheet) as the end goal. In investing that's day one.
This is a problem with pretty much everything beyond easy single-shot tasks. Even day-to-day stuff, like e.g. I was researching a new laptop to buy for my wife, and am now enlisting AI to help pick a good car. In both cases I run into a mismatch with what the non-coding AI tools offer, vs. what is needed:
I need a persistent Excel sheet to evolve over multiple session of gathering data, cross-referencing with current needs, and updating as decisions are made, and as our own needs get better understood.
All AI tools want to do single session with a deliverable at the end, that they they cannot read, or if they can read it, they cannot work on it, at best they can write a new version from scratch.
I think this may be a symptom of the mobile apps thinking that infects the industry: the best non-coding AI tools offered to people all behave like regular apps, thinking in sessions, prescribing a single workflow, and desperately preventing any form of user-controlled interoperability.
I miss when software philosophy put files ahead of apps, when applications were tools to work on documents, not a tools that contain documents.
This is stupid thinking indulged in by westerners who were born in the lap of luxury. The market is incredibly moral. When my dad was born in a village in Bangladesh, 1 out of 4 kids didn’t live past age 5. Thanks to market reforms and the resulting economic growth, child mortality in Bangladesh has plummeted. Bangladesh’s under-5 morality rate is better today than America’s was at the same time my dad was born.
If India and Bangladesh hadn’t fucked around with socialism for decades after independence, we could have reached the same point many years ago. Millions of children would have been saved. Talk about immorality.
Get an old Prusa MKIII and stick a Revo in there, then learn everything there is to know about 3D printing without spending a fortune or getting locked in. Once you have processed a couple of rolls of filament you'll be much wiser about your needs and that would be the moment to pull the trigger on a 'proper' printer.
Bambu AI is a very good printer (we have 10's of them, and 10's of Prusas as well), but the Bambu eco-system is not ideal and they push really hard to get you to use their cloud connect, the printers have cameras and send footage to servers in China if you get them connected to the point that they are usable. In contrast, there are many open source solutions that will connect a Prusa to your LAN and allow various degrees of remote management (Octoprint, for instance).
Prusa's are extremely hackable, I've adapted them to do all kinds of stuff they were never meant for (1x1x.25 meter for instance, or standard width and height but 65 cm tall). Bambu's are quite closed, though in theory you could hack on their slicer but it's infuriatingly bad compared to the alternatives.
Wait, is it your data? If you drive your car in front of a Ring camera on my house (I don't have a Ring camera don't @ me), is it your claim that you own the data on that camera?
To go further there is a difference between “Zionism” and the way they go about it. I have no problem with the state of Israel per se, and I even think they have the right to defend themselves, but I think the way they treat the Palestinians is terrible.
"Hey, let's try something new!" without a plan for success is just a recipe for failure.
I honestly don't understand the desire for municipal grocery stores at all. Grocery stores famously operate on super slim margins, so it's not like they're raking in the dough. Many of them are often run extremely well. In Texas, HEB is so beloved that a lot of people consider it far better at disaster recovery operations than the actual government.
I'm not against plans to better help people afford groceries, but somebody needs to at least explain how the plan is economically rationally viable, not just "let's try something new!"
In a nutshell, nodes enable arbitrary programming. This is one of the big success stories for visual programming. Nothing would stop you from doing all that in a text programming language but there's definitely an appeal to the graphical layout when you have modules getting input from half-a-dozen different sources and then outputting to just as many.
> https://en.wikipedia.org/wiki/Noe_Valley_public_toilet
Mamdani has clearly taken lessons like these to heart.
https://www.nytimes.com/2026/04/07/nyregion/how-to-build-a-r...
"The Transportation Department workers arrived at 9:15 p.m., right on time. Mr. Boyce and his crew were ready, having fitted the roof and rear wall panel 30 minutes before. By Monday, the structure was nearly complete. “This is all like synchronized swimming,” Mr. Mansylla said. “To build a structure in New York City in, what, 48 hours? That’s as fast as it gets.”
In Seattle, the proposal for a government grocery store included exemption from paying property taxes and rent.
Similar molecules have been found in meteors for a long time so it is not a surprise. There is no proof life started off planet but it is also possible.
In a roundabout way this article captures well why I don't really like thinking in terms of "normal forms", especially as a numbered list like that. The key insights are really 1. Avoid redundancy and 2. This may involve synthesizing relationships that don't immediately obviously exist from a human perspective. Both of those can be expanded on at quite some length, but I never found much value in the supposedly-blessed intermediate points represented by the nominally numbered "forms". I don't find them useful either for thinking about the problem or for communicating about it.
Someone, somewhere writing down a list and that list being blessed with the imprimatur of Academic Approval (TM) doesn't mean it is actually useful... sometimes it just means that it made it easy to write multiple choice test questions. (e.g., "What does Layer 2 of the OSI network model represent? A: ... B: ... C: ... D: ..." to which the most appropriate real-world answer is "Who cares?")
Now they only have to spread all games across the full week, to make it even better. /s
Smoking (even of tobacco) can generally be banned in the CC&Rs of properties (multifamily complexes is the case where this makes the most sense) and by the landlord in any rented property, multifamily or subject to CC&Rs or not.
Given the alleged recent extreme reduction in Claude Code usage limits (https://news.ycombinator.com/item?id=47739260), how do these more autonomous tools work within that constraint? Are they effectively only usable with a 20x Max plan?
EDIT: This comment is apparently [dead] and idk why.
Customer/fan/concertgoer.
> Somewhere around 2005-2007, when people were wondering if the Internet was done
Literally who wondered that? Drives me nuts when people start off an argument with an obvious strawman. I remember the time period of 2005-2007 very well, and I don't remember a single person, at least in tech, thinking the Internet was done. I don't know, maybe some ragebait articles were written about it, but being knee-deep in web tech at that time, I remember the general feeling is that it was pretty obvious there was tons to do. E.g. we didn't necessarily know what form mobile would take, but it was obvious to most folks that the tech was extremely immature and that it would have a huge impact on the Internet as it progressed. That's just one example - social media was still in its nascent stages then so it was obvious there would be a ton of work around that as well.
Somewhere around 2005-2007, when people were wondering if the Internet was done, PG was fond of saying "It has decades to run. Social changes take longer than technical changes."
I think we're at a similar point with LLMs. The technical stuff is largely "done" - LLMs have closer to 10% than 10x headroom in how much they will technologically improve, we'll find ways to make them more efficient and burn fewer GPU cycles, the cost will come down as more entrants mature.
But the social changes are going to be vast. Expect huge amounts of AI slop and propaganda. Expect white-collar unemployment as execs realize that all their expensive employees can be replaced by an LLM, followed by white-collar business formation as customers realize that product quality went to shit when all the people were laid off. Expect the Internet as we loved it to disappear, if it hasn't already. Expect new products or networks to arise that are less open and so less vulnerable to the propagation of AI slop. Expect changes in the structure of governments. Mass media was a key element in the formation of the modern nation state, mass cheap fake media will likely lead to its fragmentation as any old Joe with a ChatGPT account can put out mass quantities of bullshit. Probably expect war as people compete to own the discourse.
The GPC spec does not say "no cookies will be set" [1], and does not mention cookies at all. It merely provides a way for the user to indicate their preference that their information not be shared or tracked. The spec even says:
> In the absence of regulatory, legal, or other requirements, websites can interpret an expressed Global Privacy Control preference as they find most appropriate for the given person, particularly as considered in light of the person's privacy expectations, context, and cultural circumstances.
The CCPA [2] also never explicitly mentions cookies or forbids them from being set. The relevant passages about opting out on the sale of personal information are:
> a) A business shall provide two or more designated methods for submitting requests to opt-out, including an interactive form accessible via a clear and conspicuous link titled “Do Not Sell My Personal Information,” on the business’s website or mobile application. Other acceptable methods for submitting these requests include, but are not limited to, a toll-free phone number, a designated email address, a form submitted in person, a form submitted through the mail, and user-enabled global privacy controls, such as a browser plug-in or privacy setting, device setting, or other mechanism, that communicate or signal the consumer’s choice to opt-out of the sale of their personal information
How would you respond to their claim that you are fundamentally misunderstanding GPC, and that the spec and the law do not mean you never set cookies, they mean that you must honor the preferences expressed by the header in backend processes that involve tracking or sale of personal information?
[1] https://w3c.github.io/gpc/
[2] https://www.oag.ca.gov/sites/all/files/agweb/pdfs/privacy/oa...?
Many software companies in the 80s were quiet about their software being bootlegged because it turned out to be great for building a critical mass of users of their software.
The interesting question to me at the moment is whether we are still at the bottom of an exponential takeoff or nearing the top of a sigmoid curve. You can find evidence for both. LLMs probably can't get another 10 times better. But then, almost literally at any minute, someone could come up with a new architecture that can be 10 times better with the same or fewer resources. LLMs strike me as still leaving a lot on the table.
If we're nearing the top of a sigmoid curve and are given 10-ish years at least to adapt, we probably can. Advancements in applying the AI will continue but we'll also grow a clearer understanding of what current AI can't do.
If we're still at the bottom of the curve and it doesn't slow down, then we're looking at the singularity. Which I would remind people in its original, and generally better, formulation is simply an observation that there comes a point where you can't predict past it at all. ("Rapture of the Nerds" is a very particular possible instance of the unpredictable future, it is not the concept of the "singularity" itself.) Who knows what will happen.
It is another niche language looking for a project to kick off adoption.
Kind of hilarious that our Treasury will be better defended against cyber threats than our DoD.
To add a new backend, there's a trait that you implement for your backend: https://github.com/jj-vcs/jj/blob/713a0d0898448392d38fdcbaba...
I suspect if you came by the jj discord, folks could help you with more detail than that.
Dropping them like I accidentally picked up shit...
>The short of it is that there’s no money in photography, compared to videography.Movies routinely have 8 or 9 digit budgets, with teams of hundreds of people who have to collaborate to make footage coming from dozens of different cameras look seamless and consistent.
Movies are not where BlackMagic makes their money. It's from the millions and millions of small videographers, news teams, ad teams, and content creators.
Same for photos.
>Class warfare generalizations have become the safe outlet for internet rage because going after CEOs and billionaires is most “punching up” construction that is generally relatable.
Mainly because "CEOs and billionaires" have fucked us over time and again, with their with their lobbying and bribing, with their power grabs, with their consolidation of news, entertainment, streaming, and social media properties, with their participation in the millitary industrial complex, with their censorship and partisanship, and with their rent seeking and worsening of their products...
People get what they pay for.
(There could be a long discussion here about expectations placed on unpaid maintainers, and what the real purpose of Open Source / Free Software is beyond merely being zero cost at the point of use, but those tend to just go round forever. There's even a paid alternative to Jellyfin: Plex.)
All of these features sound like the recipe for a confusing nightmare!
"You can switch branches halfway through resolving conflicts and then come back later and pick up where you left off. You can also just ignore the conflicts and continue editing files on the conflicted branch and then resolve the conflicts later."
"Similar to stashes, but each "stash" is just a normal branch that can have multiple commits. If I want to test something but I have current changes, I just `jj new`. And if I want to go back, I just make a new commit off of the previous one. And all these commits stick around, so I can go back to something I tried before."
The architect’s role is what is left for us as developers, when putting out lines of code no longer matters.
And for any ML inspired language, OCaml, Haskell, Grain, Roc.
Especially Grain, as it was also developed as an ML for WebAssembly.
And just as dangerous: 50 employees. Because quite frequently these 50 employee companies have responsibilities that they can not begin to assume on the budgets that they have. Some business can really only be operated responsibly above a certain scale.
> While that kind of flexibility is tempting, it comes with a significant complexity tax as well: it means that reasoning through and implementing classical compiler analyses and transforms is more difficult, at least for existing compiler engineers with their experience, because the IR is so different from the classical data structure (CFG of basic blocks). The V8 team wrote about this difficulty recently as support for their decision to migrate away from a pure Sea-of-Nodes representation.
Note that the Sea of Nodes author, Cliff Click, is the opinion they weren't really using the way they should, and naturally doesn't see a point on their migration decision.
There is a Coffee Compiler Club discussion on the subject.
jj is great and while it was an adjustment at first, I've never looked back. I feel like when you're working with other people, things never get reviewed and merged as quickly as you'd like. With jj, it's pretty low-cost to have a bunch of PRs open at once, and you can do something like `jj new <pr1> <pr2> <pr3>` to build stuff that requires all 3. This lets me do things like... not do a big refactoring in the same PR as adding a feature. I can have them both self-contained, but still start on the next step before they're all merged. It's easy to add changes on top, switching between the individual PRs as comments come up, etc.
I always liked doing things like this. At Google where we used a custom fork of Perforce, I told myself "NEVER DO STACKED CLs HAVE YOU NOT LEARNED YOUR LESSON YET?" If one CL depended on another... don't do it. With git... I told myself the same thing, as I sat in endless interactive rebases and merge conflict commits ("git rebase abort" might have been my most-used command). With jj, it's not a problem. There are merge conflicts. You can resolve them with the peace of mind as a separate commit to track your resolution. `jj new -d 'resolve merge conflict` -A @` to add a new commit after the conflicted one. Hack on your resolution until you're happy. jj squash --into @-. Merge conflict resolved.
It is truly a beautiful model. Really a big mental health saver. It just makes it so easy to work with other people.
Additionally there is still too much performance left on the table by not properly using CPU vector units.
Disaster response is a lie researchers tell themselves when building military hardware. The purpose of such robots would be to e.g. burrow into the collapsed tunnels at Fordow and confirm the uranium is there. (Or, alternatively, burrow into military tunnels to identify targets.)
At risk of being labeled a "blast-haver" I'd say it was always a blast to go to Funspot in the 1980s. It had the latest cabinets, it was the first where I saw Star Wars and Dragon's Lair
You missed Taligent, Opendoc, A/UX, Mk Linux, Copland,...
Unfortunately the actual solution will probably have to mirror real world, which means balkanizing the Internet to clarify legal jurisdiction, maybe some international police task force to aid with cross-border investigation, but ultimately it all hinges on whether and how much the countries with most nuclear aircraft carriers are willing to pressure other countries to take this seriously.
Because in real life deployments, outside of winning benchmarking charts, a JIT is fast enough, and the burden of multiple languages cake layer isn't worth the trouble.
Thanks for sharing the link.
> We asked AI to find the conflict's biggest boosters in Washington
I suppose it's a substitute for doing your own reading. The answer turns out to be exactly the organizations you'd expect. "Think tank" is an odd euphemism for "private propaganda organization"; they don't do a great deal of thinking, mostly marketing bad ideas to gullible politicians.
As a semi-pro photographer I look at the $295 pricing and think that is a very reasonable price for something that could help my photos look like my photos. I bought DxO PhotoLab for $235 and color grade with it all the time. Right now I use LUTs that other people made and have been thinking I’d like to learn to be more systematic and make my own.
I don’t really do video but I have in the past so a video editor coming in a box sweetens the deal in the same sense that Adobe CC comes with, say, Premiere, which I use just occasionally. I can totally shoot video with my Sony and there is definitely a lot of demand for it on the internet these days. I also know Divinchi resolve is a product that many people in film/video are enthusiastic for and that counts too.
> as a VC you have a deeply emotional attachment to encouraging people not to resort to violence
…why? Most of Silicon Valley’s elites are itching for violence in politics. To the degree they’re putting thumbs on the scale, on the net, it’s for more violence.
> the mob also has access to jets
No. It doesn’t. In zero civil breakdowns in the last half century did the mob get the jets during breakdown. The closest one can get is the Taliban seizing U.S. materiel.
> More than 2/3rds of the French aristocracy was killed in the French Revolution
Source? The majority of those killed were commoners.
> They aren't, unless you're referring to the weapons dealers, warlords, or the complicit
Complicit. A breakdown in violence would give the authoritarians a bona fide Reichstag fire.
> inevitable result though is that when they lose that power, they tend to lose their lives (see e.g., Syria and South Africa)
The former president of Syria is in Russia. Much of the South African elite is complaining about white genocides in the U.S.
I have my doubts on the story. I consulted on a medtech project in the recent past in similar space, and at various points different individuals vibe-coded[0] not one but three distinct, independent prototypes of a system like the article describes, and neither of them was anywhere near that bad. On the frontend, you'd have to work pretty hard to force SOTA LLMs to give you what is being reported here. Backend-side, there's plenty of proper turn-key systems to get you started, including OSS servers you can just run locally, and even a year ago, SOTA LLMs knew about them and could find them (and would suggest some of them).
I might be biased by my experience, because we actually cared about GDPR and AI act and proper medical data processing, and I've spent my fair share of time investigating the options that exist. Still, I'm struggling to imagine how one could possibly screw it up anywhere near as what the article described. Like, I can't think of a way to do it, to the point I might need to ask an LLM to explain it to me.
--
[0] - Not as a means of developing an actual product, but solely to see if we can, plus it was easier to discuss product ideas while having some prototypes to click around.
> the number of bugs and hacks observed are far enough from the desired value of zero
Zero is not the desired number, particularly not when discussing "hacks". This may not matter in current situation, but there's a lot of "security maximalism" in the industry conversations today, and people seem to not realize that dragging the "security" slider all the way to the right means not just the costs becoming practically infinite, but also the functionality and utility of the product falling down to 0.
That's why you should never trust a time traveler. They probably know as much about your time as you about theirs.
Is there even a working definition of what a "filter" is in Instagram, or mobile photo editors targetting social media users (which is approximately all of the mobile photo editors), beyond "a script that fucks up your photo in some trivial but also undocumented ways"?
I'm yet to see a filter that makes your photo look like taken from a specific camera (old or otherwise). Smearing colors and sticking a frame that imitates camera film border does not count.
Why would encouraging non-insider training be desirable in the first place, other than to create a more high-status form of gambling, with higher spouse acceptance factor than smoke-filled room poker games? People with no inside knowledge[0] are just trading on vibes, how is that useful for the economy?
--
[0] - Or external knowledge, but actual knowledge - thinking of hedge funds stalking CEOs as they fly in private jets, or counting cars in parking lots from satellite photos, to get some probability estimates on factors actually relevant to the performance of a business and possible future events.
Japan's railroad system has a big geographic advantage - the country is long and narrow. The railroad system is primarily a long end to end line with short crosswise branches.[1] That's an efficient structure. The branch lines don't have to be fast. Many are still narrow gauge, at 3 ft 6 in.
The US had to fill a huge area in the railroad era. That left a lot of underutilized track once the road network got good.
Old Reddit doesn't do this, it's the "new" one that pretends to be an app, that does it and host of other stupid/user-hostile shit.
The real question is, can it keep the plane in one piece?
> "shootings that happen at schools" with "shootings that target a school".
I don't understand this analogy or distinction at all?
Now to prevent scroll bar hijacking.
The tiny MIPS (or compatible) cores in things like cheap router SoCs might still be like that.
And again Stuttgart City Library. It has almost become the default image of a library.
I'm not sure if LLMs can be ashamed of themselves.
/s
When I last looked a few years ago, there were some efforts and successes in the far East doing "chimera Windows", mostly based on running an older userland (like XP) on a newer kernel (10).
Note the mention of "systems of record" being unsuitable for the present level of AI. The real question is whether the costs of AI mistakes and hallucinations can be dumped on some external party who can't impose costs on you. If not, there's a problem.
Compression/decompression is a good problem for proof of correctness. The specification is very simple (you must get back what you put in), while the implementation is complex.
What seems to have happened here is that the storage allocator underneath is unverified. That, too, has a relatively simple spec - all buffers disjoint, no lost buffers, no crashes.
It would be great to get one of these that supports the OpenSubsonic API, which has become a defacto standard for opensource music servers.
Would be music-only, which is sometimes ideal for older devices.
This prevents uploading pictures, with chain of custody data attached, of law enforcement misbehaving. Was there pressure from ICE to install this feature?
I'm glad this is the top comment. I'm ambivalent about a bunch of writing I've seen from Steve Blank - some of his stuff I've loved and some I thought was awful.
But this I just thought was vacuous. I agree with what you wrote, but more to the point, I didn't find any real advice about how a startup should actually change that passed my sniff test. I left the tech startup world about 2 years ago myself, and I'm glad I did, because I just think there are way fewer differentiable opportunities now. That is, even if I accept what Blank says is true, what are all these 2+ year old startups supposed to do - just create some model wrapper/RAG chatbot product like the million other startups out there?
Even in defense, like the article says, there are now a bajillion drone companies, and it looks like a race to the bottom. The most successful plan at this point just looks like the grifter plan, e.g. getting the current president to tweet out your stock ticker.
I'm honestly curious what folks think are good startup business plans these days. Even startups that looked they were "knock it out of the park" successes like Cursor and Lovable just seem like they have no moat to me - I see very few startups (particularly in the "We're AI for X!" that got a ton of funding in the past two years) with defensible positions.
... or to believe that you can't be lovable if you aren't perfect.
>The aura of complexity/difficulty around Obsidian seriously baffles me, because to me Obsidian from the go felt like the most intuitive thing in the world
/proceeds to write 10 steps
How easy is it really?
I mean, you might say your wages were stolen and you might be right but to do something about it there has to be some due process to confirm that and isn't that expensive and complicated?
Today I used AI to help code a feature and it worked pretty well. I am not doing any of this gaslight town stuff, and I went back about 4-5 times with it to make sure we had a mutual understanding -- it's a nice clean patch.
As of the end of the day there was still a bug left, there probably would have been a bug left if I did it myself. Tomorrow i will fix the bug, maybe with some help, and I am on to another ticket.
I treat Junie as a coding buddy (think pair programming) and I don't delude myself that 20 slaves are going to create the Great American Javascript while I sleep. AI coding makes my life better.
I'd happily provide one but I've had enough of being repeatedly trashed and denigrated here for posting too many archive links.
I think the AI backlash is strong enough that "AI-Free" might be a powerful marketing tool, whether that is fair or not.
But in the meantime you prefer privately-controlled monopsony datacenters?
> the FBI got this man killed with a sloppy indictment
How do we know that’s how they discovered Garrison was cooperating?
> That's what you voted for, freedumb-loving right-wingers
The right is worse. But policing language has been going on in the far left for about a decade, too. There is an illiberal strain poisoning the population through social media.
> There is clearly a temperature at which this planet will not support human life, and we could definitely get the planet to that temperature
There is such a temperature. We are not getting to it in half a century at current emission rates, even with zero curtailment. If you have a source that shows the opposite, I’d be happy to read it.
There is a huge wetware problem too. Like if I can send you an email or other message that tricks you and gets you to send me $10k, what do I care if the industry is 100% effective at blocking RCE?
“…the F.A.A. determined that the risk would be minimal even if the laser came into contact with an airplane”
I’m curious to know more about the testing. Was it only done on airliners, or GA aircraft, too?
> boundary of who shares 'stake' grows likewise
But that shared stakeholding doesn’t naturally drive alignment. You need journalists, fiction writers, organizers and delegates. Travel and curiosity. These each take effort, resources and organization. It’s something we do well. But it isn’t spontaneous in the way small-group kinship is—it literally emerges if you put people in proximity.
In most places photosynthesis is limited by (1) the availability of water and (2) the availability of bio-available Nitrogen. Sunlight is less limiting by far.
It's probably the most important storage API in the industry. Implementing it gives you on-prem storage, AWS S3 (the Hoover Dam of Internet storage megaprojects, arguably the most reliable store of any kind available to any normal programmer), and a whole ecosystem of S3-compatible options with different features and price points.
It's a little like asking why you'd use SQL.
Your statement is a bit contradictory. That is, the article about "the growing disconnect between AI insiders and everyone else" pretty clearly states that "everyone else" is scared about job losses and the extreme inequality they see advanced AI causing. This is in line with your second to last sentence.
But the first part of your comment is basically saying "AI insiders think the tech is super awesome and powerful, while other engineers think it doesn't stand up to the hype." Well, if the AI is indeed not as good a tech as its boosters are saying, well, this would be great news for everyone scared about job losses and widening inequality if AI turned out to be a nothing burger.
>It is completely coherent to both think that an extremely bad thing is coming, and yet that does not justify any particular action.
Yes, it's called "fatalism".
How much extra on your electricity bill are you prepared to pay to not see it?
LTCM doing that was an early example of "too big to fail". In the late 90s.
I think we get a "S3 clone" about once every week or two on the Golang reddit.
It strikes me as a classic case of "we need all the interested people to pull in one project, not each start their own". AI may have made this worse then ever.
I was talking recently to someone who teaches AI-adjacent courses at a US university (not in a computer science department) and they said that enrollment in their class is lower than expected, which they think is likely due to the severity of the AI backlash among students on campus.
Needs a beauty strip of trees around the panels.
> They admit no returns.
So it's not a useful trading strategy. Good to know.
It might have worked out that the human tendency towards optimism biased the Yes side, but Polymarket is watched closely enough by traders that the pricing is apparently realistic.
Now if you could bet against minor crypto coins, which almost always go down... But if you could, there would be traders pricing them realistically. Everybody has analytics now, and mispriced markets are detected and exploited quickly.
Notably if you believe this it does not matter so much what your site looks like and does matter if it is easy to crawl and easy for AI to interpret.
"It resolved its C2 domain through an Ethereum smart contract, querying public blockchain RPC endpoints. Traditional domain takedowns would not work because the attacker could update the smart contract to point to a new domain at any time."
Does this mean firewalls now have to block all Ethereum endpoints?
And the clean environment as a whole. That's a massive investment and there are a million ways to mess that up.
Up for me ... now.
I'm in the UK, and it's four hours since you asked. I suspect it's suffering the occasional HN "Hug of Death".
And because it is surprisingly difficult to distinguish between 'oops' and 'malice' a lot of the actual perps get away with it too, as long as they limit their involvement. In-house threats are an under appreciated - and somewhat uncomfortable - topic for many companies, they don't have the funds to do things by the book but they do have outsized responsibilities and pray that they can trust their employees.
I count "figuring out how to do it" as part of the work of programming, personally.
Make sure you have a run of govulncheck [1] somewhere in your stack. It works OK as a commit hook, it runs quickly enough, but it can be put anywhere else as well, of course.
Go isn't immune to supply chain attacks, but it has built in a variety of ways of resisting them, including just generally shorter dependency chains that incorporate fewer whacky packages unless you go searching for them. I still recommend a periodic skim over go.mod files just to make sure nothing snuck in that you don't know what it is. If you go up to "Kubernetes" size projects it might be hard to know what every dependency is but for many Go projects it's quite practical to know what most of them are and get a sense they're probably dependable.
[1]: https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck - note this is official from the Go project, not just a 3rd party dependency.
I don't think companies appreciated just how much they gave up when they outsourced "IT".
Almost all those events were on Hacker News. This hasn't been a secret.
Companies need to get serious about levels of security. Only some things need to be protected, and you have to accept a substantial level of inconvenience and cost for those items. In my aerospace days, we had a bidding rule of thumb that running a project at SECRET doubled the cost. Running a project at TOP SECRET had an even bigger cost multiplier. A surprising amount of material was not classified at all, for cost reasons.
Banks and credit card processors get this. Most other businesses don't.
> moves the scales toward abiogenesis
Or the warm early universe hypothesis. In its early life, the entire universe was at a temperature that could sustain liquid water literally anywhere. The idea being, in this hypothesis, life was literally everywhere and then went dormant.