HackerTrans
TopNewTrendsCommentsPastAskShowJobs

oxcabe

no profile record

comments

oxcabe
·hace 11 meses·discuss
Obsidian Sync is the best way, as others commented. If you're just trying it out and you use Apple devices, you can also save the Vault in the iCloud Drive, which is what I used to do at the beginning.
oxcabe
·hace 11 meses·discuss
> Why do you think this?

From an uncertainty point of view, AI security is an _unknown unknown_, or a non-consideration to most product engineering teams. Everyone is rushing to roll the AI features out, as they fear missing out and start running behind any potential AI-native solutions from competitors. This is a hype phase, and it's a matter of time that it ends.

Best case scenario? the hype train runs out of fuel and those companies will start allocating some resources to improving robustness in AI integrations. What else could happen? AI-targeted attacks create such profound consequences and damage to the market that everyone will stop pushing out of (rational) fear of running the same fate.

Either way, AI security awareness will eventually increase.

> the general state of security has gotten significantly worse over time. More attacks succeed, more attacks happen, ransoms are bigger, damage is bigger

Yeah, that's right. And there's also more online businesses, services, users each year. It's just not that easy to state that things are going for the better or worse unless we (both of us) put the effort to properly contextualize the circumstances and statistically reason through it.
oxcabe
·hace 11 meses·discuss
It'll get better over time. Or, at least, it should.

The biggest concern to me is that most public-facing LLM integrations follow product roadmaps that often focus in shipping more capable, more usable versions of the tool, instead of limiting the product scope based on the perceived maturity of the underlying technology.

There's a worrying amount of LLM-based services and agents in development by engineering teams that haven't still considered the massive threat surface they're exposing, mainly because a lot of them aren't even aware of how LLM security/safety testing even looks like.
oxcabe
·el año pasado·discuss
It'd be interesting to compare the performance of the author's approach to an analogous design that changes CGI for WASI, and scripts/binaries to Wasm.
oxcabe
·el año pasado·discuss
What Kaldaien is trying to say is like:

"DRM means you don't own the product, and you'll eventually lose acces to it. Therefore, subscription based gaming plans are a preferred option, as they don't attempt to deceive you into thinking you're buying an ownable game, often with a real, ownable game price tag. The subscription starts at a given date, has a defined expiration date that depends on the offering you choose, and provides a clearer statement of non-ownership of games."

Personally I get the point, but this take is missing lots of important details that should've been considered before making such an impactful decision:

- Think, for instance, of some of the policies that are already present in some services, such as restrictions for offline play.

- And how much this opinion actually benefits videogame lobbies that are looking into pushing game-as-a-service practices that, very coincidentally, we're attempting to fight against in Europe with initiatives like "Stop Killing Games".

In fact, this message, at this time, could have counterproductive consequences for the non DRM market and overall customer rights exactly because of the surrounding situation.
oxcabe
·el año pasado·discuss
It's impressive how well laid out the content in this article is. The spacing, tables, and code segments all look pristine to me, which is especially helpful given how dense and technical the content is.
oxcabe
·el año pasado·discuss
I've been paying a premium subscription to Focumon (https://www.focumon.com/) for a year and a month. It's a small Pokémon themed productivity tool that I found promoted here on this site. The paid subscription doesn't really give you much, but is inexpensive and I want to support the creator.

Small web tools have some advantages that could make them sustainable as a business model. Off the top of my head, some of these are:

* Creators are way more reachable, they often get back to you directly when you send them feedback. Sometimes, even, you get to have longer conversations with them too.

* You have more impact on what the product evolves into. It's also likely that you get some minor features added if you ask for them.

* Smaller tools are able to resist against enshittification with less of an effort. Doesn't mean that it may not happen, of course.

If you're asking this because you want to create a small web tool, I'd say the best advice you could use is to make something you like, make it reliable, and be proactive in engaging with you clients / let them reach out easily, demonstrating that you can and will listen and care about their concerns.

And if you create something you're proud of and have value, feel more than welcome of posting it here!
oxcabe
·el año pasado·discuss
Just checked what's there for libs implementing local state management + server-side sync in vanilla JS. The best options I found were `@tanstack/query-core`[1] and `@signaldb/core`[2].

The former packs no dependencies, with a total size of 89.18 kB if you were to put all the module JS code together, unminified, on a single file. Which could be even smaller with an optimising bundler that tree-shakes and minifies the build.

[1]: https://www.npmjs.com/package/@tanstack/query-core [2]: https://www.npmjs.com/package/@signaldb/core
oxcabe
·el año pasado·discuss
Sometimes, though, you may get lucky, and find some tests for the code you want to use!

On a more serious note, I can't even blame library devs as long as they try. Type "hints" often are anything but _just_ hints. Some are expected to be statically checked; some may alter runtime behavior (e.g. the @overload decorator). It's like the anti-pattern of TypeScript's enums laid out here and there, and it's even harder to notice such side-effects in Python.
oxcabe
·el año pasado·discuss
> What do people find upsetting about Discord? It's free, there's no ads, it's reliable, it has many established communities, it's cross-platform and even works in the browser, supports voice chat and screen sharing.

It's an information black hole, as someone else mentioned in this comment section. Otherwise, it's a nifty communication tool.

I personally come from running and using {TeamSpeak,Ventrilo,Mumble} servers. Started using Discord in winter 2015, it was just trivial to open a browser tab and join a group session with your friends. The audio experience was an order of magnitude worse when compared to other solutions, but the overall UX and ease of use made up for it.

> What I mean is: What innovative functionality is missing to such a degree, that if it was introduces, would make people abandon Discord?

If you'd allow me to, I'm going to address this question from a different perspective, as this post is about Revolt: What could Revolt do that would make me, at least, start using it alongside Discord?

I'd love it if I could self-host a server, place it online and let people find it and join seamlessly, similar to how Fediverse works for other social networks. They don't seem to be interested in adding this: https://developers.revolt.chat/faq.html#admonition-does-revo...

Other than that, I'd see myself using it to run a workspace. Having used Discord as a work-related communication platform in the past, I've come to find voice-based channels very useful, these seem to transmit a better feeling of productivity somehow. Other tools (e.g Slack, Teams) make me feel kind of "alone" when working. Even if it's just for body doubling, I'd argue voice channels are underrated and actually quite helpful for remote workers.