Need to let loose a primal scream without collecting footnotes first? Have a sneer percolating in your system but not enough time/energy to make a whole post about it? Go forth and be mid: Welcome to the Stubsack, your first port of call for learning fresh Awful you’ll near-instantly regret.
Any awful.systems sub may be subsneered in this subthread, techtakes or no.
If your sneer seems higher quality than you thought, feel free to cut’n’paste it into its own post — there’s no quota for posting and the bar really isn’t that high.
The post Xitter web has spawned soo many “esoteric” right wing freaks, but there’s no appropriate sneer-space for them. I’m talking redscare-ish, reality challenged “culture critics” who write about everything but understand nothing. I’m talking about reply-guys who make the same 6 tweets about the same 3 subjects. They’re inescapable at this point, yet I don’t see them mocked (as much as they should be)
Like, there was one dude a while back who insisted that women couldn’t be surgeons because they didn’t believe in the moon or in stars? I think each and every one of these guys is uniquely fucked up and if I can’t escape them, I would love to sneer at them.
(Semi-obligatory thanks to @dgerard for starting this)
I don’t think people get how reactionary the captain vimes books are. look at what’s happening in them. in plain english, you have a cop and his band of good apples + adorably bad apples saving the ass of a dictator again and again, because sometimes you just need a clever steady hand in charge. Pratchett was informed by liberal humanist values, and there’s plenty of great stuff about tolerance in there. but the foundation of any vimes novel is an institutionalist urge to bootlicking. it just has to be the right boot
It sucks to have to decolonise your darlings. It sucks that a lot of our most enjoyable stories are copaganda. Even the most redeemable stories about cops have probably inspired people to become cops.
I think Pratchett understood that, despite people romanticizing revolution, revolutions often end up opening the door to something as bad or worse. Especially in a place like Discworld.
In Night Watch:
“Vimes/Keel tells Ned Coates not to put his trust in revolutions “They always come around again. That’s why they’re called revolutions. People die, and nothing changes” This is a common theme in Pratchett regarding authority figures”That said Vimes does participate in a revolution of sorts in that book, as “John Keel”, in the past.
yeah that’s the conservative spirit right there
Books would be really boring if the protagonists were all just the author speaking as themself but using various funny voices.
there’s not a lot of ambiguity in what the novels are getting at, so no offense but this line of argument is not worth engaging directly. but I will point out that I didn’t say what pratchett’s views were. part of why people don’t look askance at these books is that his other work is at odds with the realpolitik message I’m pointing out. I can’t and I don’t draw conclusions about his ‘real’ views based on the vimes novels
Friend-of-the-show JZW rips a YC backed startup a new one:
The terms, concerningly, don’t give a firm data retention time frame, and say that LineLeap may be “unable to fully delete or de-identify” user data due to “technical” or “other operational reasons.”
My villain arc is going to be turning into Thanos and collecting them stones just to enforce GDPR forever into cosmic law with a snap of my fingers.
This person is as correct as they are committed to the vibes. Great sneer.
the very first thing I thought of as I started reading this is this track by a small ZA artist I discovered a while back, and I started it to play as backtrack for reading
other-other-other-other scott tweeted again. apologies, it’s slightly US-pol
it’s a doozy:
spoiler of the image too, just in case
transcript of insane scott adams, creator of dilbert, tweet
I’m revising my debate scoring. My first impression was a tie, which I called a Harris victory.
But the only thing I recall about the debate today is “They’re eating the dogs.”
Visual. Scary. Viral. Memorable. Repeatable. And directionally correct in terms of unchecked immigration risk.
It’s the strongest play of the election.
Trump won the debate.
I gotta stop underestimating his game. Trump had no base hits in the debate but his long ball is still rising. Incredible. 6:32 :::
as a reminder, this is the same guy that’s so keen on thinking the llm can hypnotize him into orgasm
Hillary is going to assassinate him for sure this time for revealing the hidden dog lore.
Saw this gem of a plaintive plea from a promptfan:
can’t you just train a LLM to only output “sorry, I can’t answer your question”?
- sleep( math.rand(15,20));
- print(“I’m sorry. I’m afraid I don’t know the answer to that question.”);
I call it HonestGPT, and will accept my billions in VC money now.
deleted by creator
The New Yorker gamely tries to find some merit, any at all in the writings of Dimes Square darling Honor Levy. For example:
In the story “Little Lock,” which portrays the emotional toll of having to always make these calculations, the narrator introduces herself as a “brat” and confesses that she can’t resist spilling her secrets, which she defines as “my most shameful thoughts,” and also as “sacred and special.”
I’m really scraping the bottom of the barrel for extremely online ways to express the dull thud of banality here. “So profound, very wow”? “You mean it’s all shit? —Always has been.”
She mixes provocation with needy propitiation
Right-click thesaurus to the rescue!
But the narrator’s shameful thoughts, which are supposed to set her apart, feel painfully ordinary. The story, like many of Levy’s stories, is too hermetically sealed in its own self-absorption to understand when it is expressing a universal experience. Elsewhere, the book’s solipsism renders it unintelligible, overly delighted by the music of its own style—the drama of its own specialness—and unable to provide needed context.
So, it’s bad. Are you incapable of admitting when something is just bad?
“They would like you to believe that their indecision reflects a particular attunement to ambiguity and nuance. But in truth they just won’t know where they stand until they’ve figured out where you do.”
This is exactly why these people always feel so weird. Like, have you considered not hanging out with assholes?
Honor Levy
someone tell me it isn’t just me who always parses this person’s name as “honour tax” and has a doubletake first thinking “…yeah, accurate” before remember it’s actually their name-name not and not a byname
Yeah, just give it to the feller who reviewed Guy Fieri’s restaurant. It’s better to just rip the bandaid off.
Sadly, he’s left the game just the last month: https://www.nytimes.com/2024/08/06/dining/pete-wells-how-restaurants-have-changed.html
alas!
Edit: Also, very much in our wheelhouse!
Do not taunt Happy Fun Ball
Pay no attention to the three LLMs stacked together behind the curtain!
Please, no sneers till a few weeks have passed, we are still in the gratitude for magical intelligence from the sky period.
felon: the most divorced man to ever live
sammy: the most swirly-short edgelord to ever walk
that tweet is as unhinged as felon tweets tho
You just might be a techbro if you’re worth billions and still can’t resist mouthing off on Xhitter.
Mouthing off in a way that makes me go ‘ow god it IS all a scam and he knows it!’ all hype and showmanship. I wonder if he practices this type of writing like this stance was also so obviously practiced.
(When it all implodes and the final step of the grift is the drama movies about it, I’m at least happy that Rick Gomez will make a passable Sam Altman (No idea why that blog didn’t use a normal picture of Sam, but they decided to put Sam and Rick in the teleporter))
remember all the fucking rubes saying Proton’s LLM wasn’t a problem cause only business and visionary accounts had access to it? well, only one month later of fucking course they went back on that and now it’s included with duo and family accounts, and my soon to be cancelled unlimited account just popped an ad for it on the compose window trying to get me to opt into the free trial for the fucking thing (and also the button’s purple just as a last dark pattern to try and fool users into clicking it)
Why do I get the feeling we’re gonna see a colossal tech crash
@self I wonder what “popular demand” and “overwhelming number of requests”. Are there actually a lot of people asking for this? Are there more than there are people begging them not to? Maybe I just live in an anti-AI bubble, because I sure don’t encounter a lot of pro-AI views.
it’s not just you — I can dig up the posts if you’re curious, but Proton wrote their last user survey so it was impossible to say no to this LLM crap directly, and they still got caught massively fudging the numbers to make this needless bullshit look popular. I can promise you it’s just the same people doing that again, except this time there’s no publicly accessible numbers they can be called out over
@self I can understand Microsoft and Google chasing this fad, but I would expect most of Proton’s users to be exactly the type of person who’s against this. But of course it’s easy to fudge with numbers.
I would expect most of Proton’s users to be exactly the type of person who’s against this
that’s very true! unfortunately, we’ve discovered that a lot of the foundational members of Proton’s board and engineering team are huge LLM fans (and gigantic Bitcoin fans too — that’s why Proton released a Bitcoin wallet, of all things, almost simultaneously with this LLM bullshit)
we’re not sure if something changed that suddenly made them go all in on their bad ideas, but the initial communication around Scribe was how much Proton’s business users wanted it — and the survey was very much crafted to get what looked like a pro-LLM response from that demographic. Proton has essentially admitted that they’re doing this for their tiny number of enterprise whales rather than their normal privacy-conscious users; it’s a shame they’re willing to burn their business down for that kind of short-term gain. I can only imagine them enabling the LLM for all their paid accounts this quickly is either a desperation move because the feature didn’t do the numbers they hoped for, or it’s a sign that Proton’s otherwise compromised.
is this the bad place?
Yes.
Ffs I just swapped to Proton for drive and email. Thankfully only done a couple of email migrations.
Its worse for me - I’ve got a metric shitload of emails on Proton. Thankfully, I’m not using them for anything particularly important.
from the last time this came up, Tuta is of the few that aren’t, although there’s not really anyone with feature match on some of proton’s features afaik
I agree; Tuta is the only real replacement, and they’ve promised (for what that’s worth) they don’t have any plans for AI features. I may migrate to Tuta myself, but I can’t truly recommend it — as always, I have to point out that Tuta is still a single point of failure like Proton, and one day I hope we’re able to design a federated, e2e encrypted replacement for email (that crucially isn’t gpg or anything like it — imagine teaching your grandma and your drug dealer (assuming they’re not the same person) to use that kind of thing)
@froztbyte
I forgot I’m using their VPN too, and they accept bitcoin (not a big deal, but useful). I was aware of Tuta and fastmail when I chose Proton.For now I’ll prioritize moving to a self managed domain to make swapping provider easier in future.
wtf is a posteo
Possibly this https://mail.post.io/ @froztbyte @ivy
Posteo is from Germany and they’re reasonably popular here. Their offer is quite different from Proton, though. If you want full E2E encryption you need to use GPG or S/MIME and handle that yourself (and obviously so does your recipient), so it’s not as batteries included as what Proton offered.
I like their focus on green energy and sustainability though.
Another option like that is mailbox.org. They’re presenting themselves as a bit more business-like.
Posteo is from Germany
That’s significantly less comforting than Proton’s Switzerland. It’s in 14 Eyes after all.
Switzerland may not be in 14 Eyes, but it’s still got its own surveillance apparatus and Swiss companies are still required to respond to lawful requests from the Usual Agencies. It’s also a signatory to various mutual aid treaties. So I’m not sure how much difference this actually makes in practice beyond “marketing”.
I have thought about this guy every day since I saw this post
I immediatelly knew who and what you were talking about without even clicking.
May the fact that he also lives inside my head rent-free be some solace to you.
If only all my snark could elicit such absurd perfection.
Every day? I dont think I have read that post at all. (This is both a joke and not a joke, as I had not read it, I did now and I was amused, so thanks).
I was reading David and Amy’s stuff on energy costs of AI and ended up skimming the MSFT “environment sustainability report” and… god
Like I don’t even know how to satirise this. Help me sneer pros, for I am too depressed to make fun of this.
Additionally, we are exploring how technology, like savory vapes and cocaine, can help me kick my meth habit.
Google also said something similar in one of their reports. Something along the lines of sure AI wrecked their sustainability report this year, but just you wait until it optimizes the data centers! As if the robots could find holes in thermodynamics or something.
Anyway it’s not that great but here’s my attempt at the sneer you asked for:
“Additionally, we are exploring how attaching flame-throwers to the bottom of private jets and flying over the tree-tops of forests can further increase the accountability and traceability for our Scope 3 carbon emissions.”
Appreciate, but flamethrowers on jets still sounds somehow less idiotic than tracking CO2 emissions with BLOCKCHAIN
Like a century of science: yeah we’re pretty sure where carbon emissions come from. Everyone needs to slow the fuck down. There’s no need to pontificate about the specifics, especially if that somehow produces even more emissions. That would be catastrophic, you see.
MSFT: hold my beer
this isn’t surprising, but now it’s confirmed: in addition to the environmental damage generative AI does by operating, and in spite of all attempts to greenwash it and present it as somehow a solution to climate change, of course Microsoft’s been pushing very hard for the oil and gas industry to use generative AI to maximize resource exploitation and production (via Timnit Gebru)
tbh i don’t see a single sane way that genai could be used for anything like they say it can be, if it works it’s gotta be something more or less custom. but ms doesn’t care, because they’re selling shovels so it doesn’t matter if their shit doesn’t work as long as someone’s buying. it sorta starts looking like cryptobros in 2020-ish trying to insert themselves as middlemen everywhere where there’s already some money
Habsburgs are good, actually: https://news.ycombinator.com/item?id=41497419
I think Zizek is a super nice guy, despite disagreeing with 90% of what he says. I still think he’s a great person with a nice soul.
The sentences these people post, man.
Anyway, it’s great that he chose a cryptofascist crank who tries to pass himself off as a communist to show how open minded he is. Damn, you respect Habsburg, Orban and Zizek, let me guess how you feel about Putin.
Basing my opinions on who seems nice or not. I’m visualizing a very angry Taleb shouting about how these assholes learned nothing from him.
Anyway, it’s great that he chose a cryptofascist crank who tries to pass himself off as a communist
oh thank fuck I’m not the only one who knows about Zizek. there’s still so many people whose first introduction to leftist thought was The Pervert’s Guide to Film on Netflix or whatever who never went back to check if Zizek was maybe a fucking asshole
I’m still blissfully clueless as to who zizek is
although saying that here now might cause an accidental crash course
I mean, my awareness extends as far as “pure sniff ideology” and basically no context. Definitely heard some extremely bad takes on Ukraine though, which has quickly turned into my number one red flag for “actually pretty okay with Nazis when you get down to it”
EDIT: special thanks to skillissuer below for the correction re: Ukraine takes. Please trust his actual sources over my half-remembered reddit nonsense.
wait wdym as extremely bad takes on ukraine, because some of these i’ve been able to find before going to darknet (second page of startpage search results) seem rather sane
If we pressure Ukraine now, demanding peace, it will mean creating space for Russian expansion.
https://www.instagram.com/slavojzizeks/p/C8g0yYRvLFL/
The paradox of this combination is that what presents itself as a principled stance – peace at any price – is a mask for the worst ethnic egotism and ignorance of the other’s suffering: are we aware that, although Ukraine has defended its independence, it has already lost up to a third of its population through emigration, kidnapping and death?
It is not just with respect to the oligarchs and the cultural conservatives that Ukraine must go to war with itself.
https://www.newstatesman.com/ideas/2023/08/ukraine-must-go-to-war-with-itself
We now know what the call to allow Putin to “save his face” means. It means accepting not a minor territorial compromise in Donbas but Putin’s imperial ambition.
What is absolutely unacceptable for a true leftist today is not only to support Russia but also to make a more “modest” neutral claim that the left is divided between pacifists and supporters of Ukraine, and that one should treat this division as a minor fact which shouldn’t affect the left’s global struggle against global capitalism.
…huh. Your sources are certainly more credible than my half-remembered reddit posts. I think I was probably mistaken on this one.
my bias against self-described hegelians is reinforced, bonus points for lacanism. every single one i’ve heard of in some detail (not that i’m looking for them) turns out to be a crank in some capacity. n=3
Maybe it’s because I’ve started reading a book about Germany and Austro-Hungary in WW1 (Ring of Steel) but I’ve suddenly started pattern-matching a bunch of pro A-H comments in HN. “It was a peaceful multi-national nation” well yeah until they pointlessly insisted on invading Serbia (and fucking that up twice before being bailed out by Germany) thus setting of the wider war. And when refugees from Galicia had to flee the Russians they were not happily accepted by the rest of the Empire.
Anyway, A-H was teetering on the edge before WW1 and signed their own death warrant willingly.
As always in HN you can find links to new horrifying examples of fascism: https://theworthyhouse.com/2021/06/17/the-foundationalist-manifesto-the-politics-of-future-past/
I guess if we’re doing the rise of fascism again it’s inevitable that we’re doing fucking austro-hungarian empire discourse again. somehow the 1940s returned
Jesus Christ that was the most on-the-nose distillation of tech fascism that I’ve ever seen. Can’t wait for the book to get published and see Elon et al endorsing it.
We need a high-quality Guards! Guards! movie so that monarchists can be given the Clockwork Orange treatment with it.
oh boy, some of the comments there
I think that the people in the breadline would have better things to do than be rude on twitter. Or maybe not, it is a fun way to pass the time for some.
how to instantly identify someone with a social circle barely stretching past their own nose. and I’d bet there’s some “work = moral” thinking held there, too
followed up by a real winner of a comment:
If you’re in the breadline, hobbies and other idle time activities cost money in comparison to twitter that is “free”. Don’t be surprised the rhetoric is toxic like 4chan and its hordes of basement dwelling NEETs.
“dont be surprised that rhetoric is toxic”
mr pot, I have a call for you from mr kettle
Missed this spirited defense of landlords: https://news.ycombinator.com/item?id=41536119
generally my rule is “don’t read the comments” and super double triple-mega-bonus so for the orange site, so I only glance-scan through some when I do happen to open comment threads (such as from here)
Apparently it implements chain-of-thought, which either means they changed the RHFL dataset to force it to explain its ‘reasoning’ when answering or to do self questioning loops, or that it reprompts itsefl multiple times behind the scenes according to some heuristic until it synthesize a best result, it’s not really clear.
Can’t wait to waste five pools of drinkable water to be told to use C# features that don’t exist, but at least it got like 25.2452323760909304593095% better at solving math olympiads as long as you allow it a few tens of tries for each question.
Some of my favorite reactions to this paradigm shift in machine intelligence we are witnessing:
bless you Melanie.
Mine olde friend, the log scale, still as beautiful the day I met you
Weird, the AI that has read every chess book in existence and been trained on more synthetic games than any one human has seen in a lifetime still doesn’t understand the rules of chess
^(just an interesting data point from Ernie, + he upvotes pictures of my dogs on FB so I gotta include him)
Dog tax
Would there ever be a way to tell that they didn’t just feed the answers into the training data?
When [musk’s new] supercomputer gets to full capacity, the local utility says it’s going to need a million gallons of water per day and 150 megawatts of electricity — enough to power 100,000 homes per year.
The locals might get ornery about this, and I’d be willing to make the trip to help.
There are some steam turbine power plants (like coal-fired) (on smaller side) with power output like that
Why are you saying that LLMs are useless when they’re useless only most of the time
I’m sorry but I’ve been circling my room for an hour now seeing this and I need to share it with people lest I go insane.
Valsorda was on mastodon for a bit (in ‘22 maybe?) and was quite keen on it , but left after a bunch of people got really pissy at him over one of his projects. I can’t actually recall what it even was, but his argument was that people posted stuff publicly on mastodon, so he should be able to do what he liked with those posts even if they asked him not to. I can see why he might not have a problem with LLMs.
Anyone remember what he was actually doing? Text search or network tracing or something else?
I was utterly amazed at so many people in that thread advocating that LLM’s were supposed to, like, superglue the internet and thereby somehow make it available to people in the global south? When an LLM is just quite literally a faster autocomplete and doesn’t actually connect people to anything. I wonder what these people will think when these “AI” companies decide they want money and they’re done burning cash. They think internet is expensive? Just wait until these LLM makers are tired of spending money. @rook @V0ldek
(e: apologies, this turned into more of a wall-of-text sneer than I meant to, but I’ll leave it for flavour and detail)
superglue the internet and thereby somehow make it available to people in the global south
as someone from (and living in) the global south (fairly familiar with but not myself at worse end of the resources spectrum), I cannot tell you how fucking ridiculous it sounds each time I see some North American Fuckwit post shit like that. whether it was the coiners going “banking the unbanked!!!” or the llm trash “can help you write professional!!!”, it’s always some Extremely Resourced thinking that just does. not. apply. this side of the world
I probably should make this a long detailed post sometime somewhere, demonstrating just how utterly fucking wrong some of these presumptions are, because oh god they’re many:
the amount of data it takes to communicate with this trash (in a number of markets, you get people buying data bundles in 10/50/100MB increments in day or hour units because that’s what they can afford at that point (there is another rant here to be had about exploitative behaviour on the part of telcos but separate rant))
just reaching the servers for this shit requires a good network connection, nevermind the interaction latency (higher base latencies = much longer cumulative = much slower “experience”… and this shit was already slow from US networks)
hell, just having the hardware that’s capable is sometimes a big blocker - so-called “feature phones” are somewhat common (how much depends on where you are). sideline mention: locally in some areas they’re called “trililis”, after the way they ring, which I fucking love. and even when you have users with smartphones, the devices are not necessarily good. sometimes it’s low resourced (because cost), sometimes it’s buggy as fuck (vendors, cost), sometimes it’s just plain fucked (because hard knocks life)
and don’t even get me goddamn started on the language. the phenomenon of nigerian english being Too Florid For USA has already featured here previously, but it goes so much beyond that. show me one of these fucking prompts working even half-well in Pedi, Sotho, Swazi, Tsongo, Tswana, Venda, Xhosa, Zulu, or Afrikaans. and those are just the other national (spoken/textual) languages here (in ZA). one single border away there’s 25+ more that I know of
and that’s to just look at the resource/technical/implementation side of it, and saying nothing about the Northern Saviour dynamic - so many of these fucking people advertise working for a non-profit, wearing it like a badge. wandering around DC a few years back, running into many of these, with so-called focuses on places in africa I’ve been to and worked in… it was surreal how wide the gap was between reality and what they had in their heads
oh! was he the guy doing a search engine archiving as much of the fediverse as possible, over the objections of the people being indexed?
yeah that tracks
So many techbros have decided to scrape the fediverse that they all blur together now… I was able to dig up this:
“I hear I’m supposed to experiment with tech not people, and must not use data for unintended purposes without explicit consent. That all sounds great. But what does it mean?” He whined.
yeah, that’s the fucker. as a large language model, he does not have a data type for consent
I always wondered why he was at google for so long, and cut a teeny bit of hypothetical slack in light of “hmm maybe it gave a significantly better life than what he could in italy” (which honestly I can understand as a drive, if not necessarily agree with)
that slack’s gone now
I find the polygraph to be a fascinating artifact. most on account of how it doesn’t work. it’s not that it kinda works, that it more or less works, or that if we just iron out a few kinks the next model will do what polygraphs claims to do. the assumptions behind the technology are wrong. lying is not physiological; a polygraph cannot and will never work. you might as well hire me to read the tarot of the suspects, my rate of success would be as high or higher.
yet the establishment pretends that it works, that it means something. because the State desperately wants to believe that there is a path to absolute surveillance, a way to make even one’s deepest subjectivity legible to the State, amenable to central planning (cp. the inefficacy of torture). they want to believe it so much, they want this technology to exist so much, that they throw reality out of the window, ignore not just every researcher ever but the evidence of their own eyes and minds, and pretend very hard, pretend deliberately, willfully, desperately, that the technology does what it cannot do and will never do. just the other day some guy way condemned to use a polygraph in every statement for the rest of his life. again, this is no better than flipping a coin to decide if he’s saying the truth, but here’s the entire System, the courts the judge the State itself, solemnly condemning the man to the whims of imaginary oracles.
I think this is how “AI” works, but on a larger scale.
see also voice stress analysis, another thing that doesn’t work but is sold as working with AI
that dude advocates LLM code autocomplete and he’s a cryptographer
like that code’s gotta be a bug bounty bonanza
From 2018 to 2022, I worked on the Go team at Google, where I was in charge of the Go Security team.
Before that, I was at Cloudflare, where I maintained the proprietary Go authoritative DNS server which powers 10% of the Internet, and led the DNSSEC and TLS 1.3 implementations.
Today, I maintain the cryptography packages that ship as part of the Go standard library (crypto/… and golang.org/x/crypto/…), including the TLS, SSH, and low-level implementations, such as elliptic curves, RSA, and ciphers.
I also develop and maintain a set of cryptographic tools, including the file encryption tool age, the development certificate generator mkcert, and the SSH agent yubikey-agent.
I don’t like go but I rely on go programs for security-critical stuff, so their crypto guy’s bluesky posts being purely overconfident “you can’t prove I’m using LLMs to introduce subtle bugs into my code” horseshit is fucking terrible news to me too
but wait, mkcert and age? is that where I know the name from? mkcert’s a huge piece of shit nobody should use that solves a problem browsers created for no real reason, but I fucking use age in all my deployments! this is the guy I’m trusting? the one who’s currently trolling bluesky cause a fraction of its posters don’t like the unreliable plagiarization machine enough? that’s not fucking good!
maybe I shouldn’t be taking this so hard — realistically, this is a Google kid who’s partially funded by a blockchain company; this is someone who loves boot leather so much that most of their posts might just be them reflexively licking. they might just be doing contrarian trolling for a technology they don’t use in their crypto work (because it’s fucking worthless for it) and maybe what we’re seeing is the cognitive dissonance getting to them.
but boy fuck does my anxiety not like this being the personality behind some of the code I rely on
Oh shit, that’s where I recognize his name from. Very disappointing he’s full on the LLM train.
cryptographers: need strict guarantees on code ordering and timing because even compiler optimizations can introduce exploitable flaws into code that looks secure
the go cryptographer: there’s no reason not to completely trust a system that pastes plagiarized code together so loosely it introduces ordering-based exploits into ordinary C code and has absolutely no concept of a timing attack (but will confidently assert it does)
yeah. Been following valsorda for a while because reasons, but there’s a certain type of thing they frequently go for. “It’s popular and thus worth it, who cares about the side effects” isn’t something they seem to concern themselves with in respect to the gallery of shit
I know that rage exists, but haven’t really tried to make serious use of it yet. Probably worth checking out
I know that rage exists, but haven’t really tried to make serious use of it yet.
oh I make serious use of rage all the time in my work
not the program, but that looks cool too
samesies
Some ok anti-AI voices in that thread. But mostly a torrent of shit
Criticizing others for not being perfectly exacting with their language and then jumping in front of the LLM headlights all at once, truly the human mind has no limits.
Ok this might be a bit petty of me but, yes this HN comment right here officer.
A group pwns an entire TLD with a fair amount of creativity, and this person is like (paraphrasing) “if you think that’s bad news just wait until you hear AIs can find trivial XSS and SQL injections 😱”.
Aside: have I ever mentioned here that you should really stick with .com / .net / .org / certain country domains? Because this sort of stuff is exactly why. Awful.systems can get a pass since the domain name is just that good.
Fuck it, we’re going back to bang paths. ficix!hetzner!awful!self please add support for this.
you have no idea how much I’ve been tempted to do UUCP
quoted because this is fucking gold and paraphrasing isn’t doing it:
Do you have any references/examples of this?
tons
rapid7 for example use LLMs to analyze code and identify vulnerabilities such as SQL injection, XSS, and buffer overflows.
Can you point me to a blog or feature of them that does this? I used to work at R7 up until last year and there was none of this functionality in their products at the time and nothing on the roadmap related to this.
must’ve been another company then which i got confused with the name
Good thing you have tons of examples.
Right?
e: you’ll never guess what a bunch of DEI Steve’s other posts are about
I wonder if he got standard ML and LLM confused. (I did hear there was some usage of LLM/ML to help with some documentation stuff I think on a riskybusiness podcast, but I would have to relisten for the details. It could also just have been promotional stuff, while they are not actually using it).
Poor DeiSteve, it always sucks when you have a decades old username which suddenly takes up political meaning.
“created: 51 days ago”
Oh no.
Standard ML the programming language or standard as in conventional and ML as in machine learning?
Machine learning.
E: Turns out the DEI guy might have been right btw. https://www.rapid7.com/about/press-releases/rapid7s-ai-engine-supercharges-security-operations-with-generative-ai/ if by generative AI they mean a LLM.
And from their blog: https://www.rapid7.com/blog/post/2023/11/29/rapid7-takes-next-step-in-ai-innovation-with-new-ai-powered-threat-detections/ so there could be a chance the ‘I used to work there’ person didn’t know everything going on in Rapid7. “Rapid7 Has Been an AI Innovator for Decades”
Awful.systems can get a pass since the domain name is just that good.
a new source of anxiety has formed
in all seriousness, a backup domain name might not be the worst idea one day. I don’t think Lemmy’s federation particularly likes being ripped out of one FQDN and migrated to another, but it’s probably preferable to shutting down cause the owners of our TLD thoroughly shit the bed
awful’s probably okay, .systems is run by Donuts and they’re one of the bigger operations around
pro-tip: do not learn things about how TLDs work (and I mean the bit beyond dns architecture), it is cursed knowledge you can’t unlearn
and with that warning delivered, y’all may freely run to hyperfocus on this, and realize too late it’s a gateway drug
regarding backup domain: yeah always handy to have something, but nfi how to port it. AP’s identity design there really leaves something to be desired :/
(e: good lord I was out of it when I wrote this post)
the original post is fucking amazing
here in the future, nothing fucking works
.mobi? They became the admins of the file format? And they paid for it? Good luck with that. ;)
E: me after reading the article. Ow god nothing fucking works indeed, that is dire. I actually checked the date to see if this wasn’t some old post. Nope 9/11 2024. Buffer overflow + lapsed domains.
I liked this comment on the HN post:
Our computer security analogies are modeled around securing a home from burglars, but the actual threat model is the ocean surging 30 feet onto our beachfront community. The ocean will find the holes, no matter how small. We are not prepared for this.
