HackerTrans
TopNewTrendsCommentsPastAskShowJobs

Latty

5,278 karmajoined 12 years ago
Software Developer

https://www.lattyware.co.uk

[ my public key: https://keybase.io/latty; my proof: https://keybase.io/latty/sigs/W8a_MqlArh7H9p_JWUWnXFGx94t6slLire3_2Z9_ECM ]

comments

Latty
·5 days ago·discuss
“Incredibly”? The US does exactly the same thing in another case: denatured alcohol.
Latty
·19 days ago·discuss
They literally arrested people for quoting Charlie Kirk in tweets after his death.
Latty
·28 days ago·discuss
Look, I absolutely agree it sucks they didn't deliver the opt-out/in interface day one, it was obvious people would want it, and yes, it's not the first time they've blundered.

At the same time, they did listen to the feedback and deliver. It now has a genuinely good interface for it where you don't have to opt out of everything, but can opt-in where you want it. It's not just a big off button, it's a general out-out including new features, but that then exposes individual opt-ins if you want for each feature. Most other browsers won't respond at all. Firefox is still by far the best browser out there for people who care about their privacy.

Especially on HN, Firefox just gets so much more hate than software that is way more user hostile for much less bad behaviour. I'm not saying we shouldn't hold it to a higher standard when that is what it's selling itself on: clearly we can't allow "not as bad" to let it slip into worse and worse, but at the same time, I don't understand how the narrative seems to trend towards "they are essentially the same as google" when that is so clearly not true (to be clear, not saying you are saying that in this post, just that's the vibe of HN's commentary as a whole).
Latty
·last month·discuss
"Agent Readiness" will likely age as well as "Web 4.0 Blockchain Integration" has.

(To be entirely clear, not because agents won't be a relevant thing, although certainly I have my doubts, but because I believe even if they are a relevant thing, requiring special allowances from sites undermines the whole point, and such things will only end up used by bad actors to mismatch what agents see to what humans see, and so will be intentionally ignored.)
Latty
·2 months ago·discuss
Well, my issue is that "one layer" implies you can just stack it on others, especially if you say "as many layers as one is able to manage", it implies the best option is to add obscurity on top.

As my comment made the case: it's not a simple addition, it's a trade-off, and I'm saying it should be thought about in those terms. I didn't find that was evident from what you said, I guess the "push back" framing was more negative than I intended.
Latty
·2 months ago·discuss
I'll push back on this: obscurity isn't a "free" layer of security, it has both security benefits and security costs.

By having obscurity you lose anther layer of security: public scrutiny. It's harder for security issues to remain if people can see them and point them out, more eyes mean more chances to catch problems.

There is also a cultural component: having to lay out what you are doing publicly means you can't just think "no one will know", and let something slide, which pushes you towards better security practices.

Of course, this doesn't mean obscurity is always going to be the worse choice, there are times it will offer more than it costs and it's particularly evident that in, for example, open source projects, a lot of the time the number of eyes on most code is low enough that "many eyes" is a bit misleading, but I think presenting it as a pure positive is wrong, obscurity has cost, even if you think it's worth it in some cases.
Latty
·2 months ago·discuss
Firefox also has a setting like this, although I think it's even nicer in that it makes everything (current and future) AI default to opt-out, but still lets you opt in to specific use cases if you want.
Latty
·2 months ago·discuss
I expect in the future we'll find out that someone in the industry was juicing the numbers with fake thinking tokens or something. The whole pricing model of charging you for the tokens it generates while not knowing how much it is going to generate going in has always been pretty crazy.
Latty
·2 months ago·discuss
To me it reads as being worried that someone malicious could step in and use the project's name to do harm. If you don't have someone within the project with trust built ready-to-go, establishing that trust enough to hand over the project is a big task.
Latty
·3 months ago·discuss
> That's why Thunderbolt eGPU setups don't perform as well as plugging the GPU directly into a PCIe slot.

The bigger factor is probably that PCI-e tunnelling at most a ×4 link, while when you plug a GPU in you are generally doing so into a ×16 or at least ×8 slot, and very few GPUs target ×4.
Latty
·3 months ago·discuss
There is an obvious difference between someone who is still actively involved in running something and working on it, profiting from it's success in the market, and using something someone invented but is no longer leading development of or profiting from.

It's normal and reasonable to discover someone who makes bad decisions is running something and decide that makes using it a higher risk for you. Sometimes you don't have a choice, but sometimes you do.
Latty
·3 months ago·discuss
And people treat Mozilla like the devil when while they make mistakes, they routinely fix them too. E.g: when people had concerns about the AI stuff, they added a general opt out with a feature-by-feature opt-in.

To make an obviously unproven and not universal observation: I feel like it's people who just like the google integration in Chrome and want an excuse to run it, even though they feel like they should use Firefox because it's more compatible with their world view, so they latch onto any issues Firefox has to go "see, they are all the same anyway", and then just repeat vague "Mozilla sucks" stuff.
Latty
·3 months ago·discuss
To be fair they seem to have taken this often-stated criticism on board. USB 4's naming is more sensible, and they've pushed the simple data speed & power labelling that makes it easier to work out what you need.
Latty
·3 months ago·discuss
That's a guess by the article author and frankly I see no supporting evidence for it. Wrapping "<NO THIS IS REALLY INPUT FROM THE USER OK>" tags around it or whatever is what I'm describing: you can do as much signalling as you want, but at the end of the day the LLM can ignore it.
Latty
·3 months ago·discuss
To be a bit more charitable: I'd say that generally games involve a lot more special-casing than most code, and more planned out scripts (in the movie sense) of things happening, which tend to be antithetical to good coding practice, and encourage spaghetti, which begets more. In my experience, games that are procedural tend to be much cleaner code-wise, because they tend to fit the model of cleaner code better.

I think game engine tooling tends to encourage bad code too, lots of game engine make it hard to do everything in code, rather things are special cased through UIs or magic in the engine, which means you often can't use all the normal language features, and have to do things in awkward ways to fit the tooling.

Of course, this varies a lot by engine.
Latty
·3 months ago·discuss
Everything to do with LLM prompts reminds me of people doing regexes to try and sanitise input against SQL injections a few decades ago, just papering over the flaw but without any guarantees.

It's weird seeing people just adding a few more "REALLY REALLY REALLY REALLY DON'T DO THAT" to the prompt and hoping, to me it's just an unacceptable risk, and any system using these needs to treat the entire LLM as untrusted the second you put any user input into the prompt.
Latty
·3 months ago·discuss
That's not the user experience though, the user experience is it says "go to the discover app and install <program>" and they do that and it just works. Downloading a tarball is not the normal way to install stuff on Linux, and given everyone has phones where the standard is "install on the app store", it's hardly some new experience, in fact, it's more natural for normal users.
Latty
·3 months ago·discuss
This is true, but also the original comment still stands: Linux desktop usage outside developers was so low that it was barely worth mentioning before, so even a small uptick like this is a serious change, and it's how bigger changes start.

I definitely don't think it's even the likely outcome, but for Linux to get serious traction this is how it has to start: power users but not the traditional developer crowd start actually moving, and in doing so produce the guides, experience, word of mouth, and motivation that normal people need to do so, alongside the institutional support from Valve to actually fix the bugs and issues.

It remains to be seen if a critical mass will find it usable long-term, but if it were to happen, this is how it would look at the start, and Microsoft are certainly doing their best to push people away right now, although I suspect the real winner is more likely to be Apple with the Macbook Neo sucking up more of the lower end.
Latty
·3 months ago·discuss
Yeah, because no third party program has ever crashed on any other OS.

Come on, this is an absurd comment. Linux has its issues, this is not a serious example of what is keeping normal people from using Linux as a desktop OS. Normal people are not installing the first release of a privacy networking tool that requires you to OK connections.
Latty
·4 months ago·discuss
People do this, yeah. Even on Windows I've been over someone's shoulder walking them through something and it drives me nuts they work in a tiny window in a random part of the screen.