The proper way to work with Claude or Codex is, IMO, to load up the context with a discussion about what you're doing and why. You go back and forth, pushing back on its opinions and shaping the context until the tokens are ready to flow into the right shape. Every angle you miss is an opportunity for them to slop out all over the place, and, until Codex was mature, the longer you ran the task for, the more it'd spread out and lose shape.
Re-shaping the context sometimes involves severe pressures like "wtf is this ugly crap?" or "did I just spot you laying a turd in my codebase again?" and other strong forms of disapproval, mixed with "hmm not sure I like the sound of that"s, to "yea that's much better" to pull it back in the other direction.
The trick is to shape the flow before the tide comes in and you end up like King Canute
I didn't actually read any code. I generated spec documents using Claude, then later on used Codex to generate from the spec docs. Are the specs tainted? If someone else independently develops from my spec, is that also tainted? What if they hear it second hand? It's an interesting legal situation for sure.
Yeah the main things are DoS attacks and path traversal issues. I intentionally guarded against these with resource limits and checks, but I can't guarantee that it's safe. I mean, basically anyone who carefully reads it knows more about it than me - you play the AI slot machine at this scale and who knows what prizes you'll win!
I guess you could save the state to a file on SIGINT, flush what's been written and pick it back up again if the state file exists when you restart, and use the CRCs of the files to abort if things have changed. I don't fancy doing that for so many versions of RAR, but it would be a cool feature to add it to an `xz` fork. I like the idea.
I compressed thousands of files, went through libarchive's and Sembiance's test data at least for the decompressor side. I recompressed the files, and round-tripped them against 7zip, unrar, every later version of winrar.
It failed a lot at the start, and codex burned a lot of tokens instrumenting the binaries and dividing and conquering until things settled down and round-trips worked properly.
I can't really say it works in every case as I honestly didn't spend that much time on it. But it works in the majority of cases. There's likely some nasty bugs hiding in there.
I generally don't anyway. Since the WTFPL came out I've been licensing under that with a warranty clause (don't blame me).
My main goal here was an experiment to see how far I could push the technique, and learn things along the way. Regardless of whether people dare to use it commercially or not, we have interoperability for the foreseeable future. As an archivist/computing historian I think that's important.
Well, it is every version of RAR. Documenting the quirks of rar 1.4, 1.5, 2.0, 2.9, 3.0, 4.0, 5.0 and 7.0, multiple compression strategies, PPMd, RARVM, compression levels, encryption, multi volume support, a huge test corpus, round trips for compatibility... The spec docs are linked.
This is about gut bacteria and debunks the practice of vaginal seeding. I remember my friend and father of five crudely telling an expectant mother that "first comes the poo, then comes the baby" and thinking he was joking until I saw it for myself.
This discovery will likely lead to a surge of people intentionally shitting on newborns.
When I was six I learned that variables are little boxes, strings are made of bunting and there was some kind of octopus called INKEY$ that grabbed keys from the keyboard.
I think the most important thing to learn is enthusiasm, if you've not got that then proper methods are of no use. This book looks like it'll be great tool for nurturing that.
I once dropped my work laptop and snapped the plastic housing on the charger plug. I only discussed it verbally with my manager and said that I, as a consultant, would replace it at my own expense. Before I'd had chance to search for and price one up adverts for laptop chargers started following me around the web.
It could have been that she then searched for a charger and being a small company we all shared an external IP address, that we also shared the ads... or it could have been that spy software on my phone had sold our conversation to advertisers. Either way, mic privileges were locked down and ad and tracker blocking efforts doubled after that.
Also dodgy files can contain multiple exploits, potentially for different platforms. Problem here from the malicious actor's point of view is that each vector for attack is also a vector for detection, so rather than a cesspool of exploits it makes more sense to use single new and mostly unknown exploit that targets software used by the greatest number of victims.
Or put it anywhere a vulnerable PDF viewer or OS might stumble upon, where an overzealous scanner has write access to, or where some snitch might grab a copy from and blacklist your domains.
Well yes, and in this case we're talking files that contain an exploit for a version of Acrobat from 2006 or so and an infection vector that only works on Windows XP, and connects to a botnet that is either long dead or now an NSA/CIA asset.
But Windows Defender quite rightly still quarantines the file.
There are several ebooks that have been uploaded to libgen that contain PDF exploits, and from what I understand there's no way to remove them.
The way that their library database works is by linking a book number to a file's md5 sum. On the filesystem they are stored something like `$drive:\$batch\$sum` where `$drive` is a Windows drive letter, `$batch` is the primary key of the document rounded to the nearest 1k, 10k or 100k depending on collection and `$sum` is the `md5sum` of the file data. The archive's file data is shared via torrents, usenet and other means in those batches, and to keep that in sync they have a policy of the primary key and sum of each file being immutable.
So if you do happen to download the literary works of mankind via their torrents, you have to do so with your antivirus turned off and hope nobody has uploaded anything too illegal over the last decade.