HackerLangs
トップ新着トレンドコメント過去質問紹介求人

dboreham

17,861 カルマ登録 11 年前
[ my public key: https://keybase.io/dboreham; my proof: https://keybase.io/dboreham/sigs/lC9hM5haXXukH2rF_cFeB6gdtV0kXfHF7jZdZUdlkE4 ]

Verifying my Blockstack ID is secured with the address 1L7ikyCFhG5zyVSosrQYDs2ZG4ikEFqgBQ https://explorer.blockstack.org/address/1L7ikyCFhG5zyVSosrQYDs2ZG4ikEFqgBQ

投稿

Incident review for TanStack NPM supply chain ransom incident

grafana.com
2 ポイント·投稿者 dboreham·15 日前·0 コメント

[untitled]

1 ポイント·投稿者 dboreham·先月·0 コメント

Fast16: Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations

security.com
4 ポイント·投稿者 dboreham·2 か月前·0 コメント

Aether: High-performance, formally-verified storage engine written in Rust

codeberg.org
37 ポイント·投稿者 dboreham·2 か月前·14 コメント

Rapid snow melt-off in American west stuns scientists

theguardian.com
6 ポイント·投稿者 dboreham·3 か月前·1 コメント

CISA Urges Hardening After Cyberattack Against Stryker

cisa.gov
5 ポイント·投稿者 dboreham·4 か月前·0 コメント

Show HN: An application stack Claude coded directly in LLVM IR

github.com
10 ポイント·投稿者 dboreham·4 か月前·0 コメント

Why Is Anything Conscious?

arxiv.org
3 ポイント·投稿者 dboreham·4 か月前·0 コメント

Show HN: An Occam to Go transpiler (LLM-generated)

2 ポイント·投稿者 dboreham·5 か月前·4 コメント

Google played key role in recovering video from Nancy Guthrie's nest camera

cnn.com
1 ポイント·投稿者 dboreham·5 か月前·1 コメント

Midair collision near Washington DC followed years of ignored warnings

theguardian.com
3 ポイント·投稿者 dboreham·5 か月前·0 コメント

Surface optimization governs the local design of physical networks

nature.com
2 ポイント·投稿者 dboreham·6 か月前·0 コメント

How AI Fixed My Procrastination

devblogs.microsoft.com
2 ポイント·投稿者 dboreham·7 か月前·1 コメント

Epstein

justice.gov
5 ポイント·投稿者 dboreham·7 か月前·1 コメント

Aptos: Free software for me, but not for thee

github.com
3 ポイント·投稿者 dboreham·7 か月前·0 コメント

Airbus grounds A320 aircraft amid solar radiation risk

aerospaceglobalnews.com
20 ポイント·投稿者 dboreham·7 か月前·6 コメント

NTSB DC-10-10 Aircraft Accident Report (1979) [pdf]

ntsb.gov
3 ポイント·投稿者 dboreham·8 か月前·2 コメント

[untitled]

1 ポイント·投稿者 dboreham·8 か月前·0 コメント

It Is All about Token: Towards Semantic Information Theory for LLMs

arxiv.org
3 ポイント·投稿者 dboreham·8 か月前·0 コメント

Consequences of Undecidability in Physics on the Theory of Everything

arxiv.org
1 ポイント·投稿者 dboreham·8 か月前·2 コメント

コメント

dboreham
·17 分前·議論
I saw the title and assumed an article by Wolfram. But it's by Tim Roughgarden who I know from algorithmic game theory. Anyway, I'll register my membership in the "it's more fundamental than that" camp.
dboreham
·1 時間前·議論
My experience has been that Claude/Opus will ask me questions, although sometimes I have to step in and redirect a bit. Codex/GPT just dives in and cranks code out, which after using Claude for a year I found rather concerning. It wrote working code though. Claude/Fable does something similar (asks far fewer questions than Opus) fwiw.
dboreham
·1 時間前·議論
Ok thanks. Executed on that. I had it build a simple project (actually not so simple since it involved domain knowledge about snowpack and ice) and also gave the same prompt to Opus and to Fable. When I get some spare time I'll write an article highlighting the differences between all three.
dboreham
·昨日·議論
Many projects that were done by humans and took a year can certainly not be trusted.
dboreham
·昨日·議論
Egads surely Mozilla can produce a blog post that isn't written in AI-speak?
dboreham
·昨日·議論
Nudged by this thread, I've decided to switch from Claude to Codex for a bit to see what happens. But...I immediately became lost in their marketing vortex of confusion on plans and pricing. Anyone care to tell me which plan I should be using? On the other side I use the $100 Claude Code plan. We actually have a "Business" ChatGPT subscription already, which seems to be $50/mo/seat. OpenAI's web site offers a set of individual subscriptions (for parity with CC presumably) which I suspect weren't available when we signed up for ChatGPT. I think that in turn happened due to some web site feature it didn't allow for free users (uploading PDFs, something like that). Perhaps I should switch from that business account to an individual subscription for Codex?
dboreham
·昨日·議論
But aren't the politicians also corrupt? (or at least most of them) One therefore assumes that any action by congress must be corrupt. This appears borne out by the evidence over the past few decades.
dboreham
·一昨日·議論
Because it's used in addition to, not in place of, the better RAM.
dboreham
·一昨日·議論
C also has sum types.
dboreham
·一昨日·議論
You need to meet some people who argue that types are positively bad!
dboreham
·3 日前·議論
More usually expressed as "if he only played golf".
dboreham
·3 日前·議論
I pay $200/mo and they provide me a tool that writes all the code I want. Seems like a great deal to me.
dboreham
·3 日前·議論
They have an IPO to launch, so they're not going to do that.
dboreham
·3 日前·議論
Ok but my understanding from the article was that the bug is "it always allows what shouldn't be allowed", therefore any negative outcome test should have failed (or at least a very very simple one). Again I'm sure I'm misunderstanding something about the context here.
dboreham
·3 日前·議論
Well, no. That's the bug. The fix is to "not do that", although one does wonder what the original author was smoking!

https://github.com/cloudflare/circl/commit/f7d2180d6a77cfb28...
dboreham
·3 日前·議論
If the author is here: thanks for that, interesting read, and also nice to note the absence of a marketing name for the bugs. If you have time, couple (edit: three) questions:

1. Could you expand on this? "That human-in-the-loop step still matters a lot, because AI candidate findings are cheap while trustworthy reports are not." Roughly how many candidate reports did the LLMs create vs the eventual 7 true vulnerabilities?

2. As I was reading "CP-ABE access-control break via AND-share bug" I thought "why wasn't this caught with a test?", which was going to be my question but clicking through to the commit (thanks for that too btw) I see there was a regression test added: https://github.com/cloudflare/circl/commit/def2fd35b8535b0b8... but I'm wondering why there isn't a test further up the stack that is simply checking "can't decrypt if the required attribute isn't present"? Seems similar to those situations where nobody thought to test an auth system for "user can't log in when they present the wrong password"!! Perhaps I'm missing some subtlety though.

3. This is probably a dumb question, but I wasn't sure (even after reading the linked article on zkao) exactly what zkao actually is. One description seems to be "a system for continuously running an LLM audit pass on a codebase". But that can't be right because this article talks about running it on the LLM-found vulnerability reports. Is it an LLM? (but better than the frontier LLMs?) Anyway, bit confused and would appreciate some clarity.
dboreham
·4 日前·議論
I think you could ignore their legal argument in the civilized world but in the USA perhaps not. The very concept of a "formally recognized diagnosis" is American health insurance industry gaslighting (also not a formal diagnosis fwiw). It means nothing in other countries.
dboreham
·4 日前·議論
Three really, but otherwise yes.
dboreham
·5 日前·議論
For the similarly confused: it displays times in your local browser time zone, not the time zone of the actual train. I'm pretty sure this is an oversight since there's no universe in which I want train times not in their native time zone.
dboreham
·5 日前·議論
I suspect there are many things AI can do to help people and make their lives better. But that's not how business works: products get made and marketed because they make their owners more money. Totally different goal.