HackerLangs
トップ新着トレンドコメント過去質問紹介求人

rarisma

331 カルマ登録 9 か月前
hope they have git in hell.

投稿

Getty's Shutterstock merger falls apart

theverge.com
2 ポイント·投稿者 rarisma·10 日前·0 コメント

Applications are open for OpenAI DevDay 2026

devday.openai.com
2 ポイント·投稿者 rarisma·17 日前·0 コメント

Anthropic apologizes for invisible Claude Fable guardrails

theverge.com
511 ポイント·投稿者 rarisma·30 日前·445 コメント

コメント

rarisma
·5 時間前·議論
I feel like we will end up with a future that equally disappoints everyone and is somehow not covered in any plan here.
rarisma
·一昨日·議論
"Grok 4.5 has an advantage on CursorBench because an earlier snapshot of the Cursor codebase was accidentally included in training. The exact impact is unclear. That data has been removed for future models, and in parallel we are working on a larger update to CursorBench, hence the exclusion here."

Not enough people are noticing this, they juiced the benches
rarisma
·5 日前·議論
Their api stability genuinely makes no sense, how are they a near trillion dollar company with models so good they are treated as weapons yet have almost no 9's of uptime.

If agi why not agi shaped?
rarisma
·16 日前·議論
Elon is epstein weird, dario is we are all gonna die weird, slight difference
rarisma
·23 日前·議論
Welcome back theranos
rarisma
·29 日前·議論
All major providers use a small safety classifer, the model itself does not handle safety in cases like this
rarisma
·先月·議論
The subscription bit makes no sense has capacity appeared for these 2ish weeks out of thin air that'll vanish? why is it available now but wont be in 2ish weeks?

am i missing something?

why would I pay 200 out of pocket and then some for the best model, it seems very silly.
rarisma
·先月·議論
I found that quitting and restarting cc appears to fix this
rarisma
·2 か月前·議論
I think with turbo quant forks eventually being merged, its becoming more feasible on mid tier consumer h/w

Dont quite think its ready yet.
rarisma
·2 か月前·議論
I think GitHub has completely lost the plot over the last year or so, I don't think the stuff I work on will leave any time soon but I'm slowly losing my patience with github.

The other week I spent about an hour trying to figure out why my actions jobs were just stuck on waiting and not starting.

For my personal stuff, I think I'm going to migrate to either my own selfhosted instance of something like gitea or codeberg, the juice just isn't worth the squeeze anymore imo for GitHub, even with stuff like free runners and pages.

I personally think this is mainly attributed to GH Copilot and I would love to know if MS/GH even makes a profit on it.
rarisma
·3 か月前·議論
I like that its more consistent than the 4o and o4 days but still 5.4, 5.3, 5.2, etc still are a mess, for example 5.2 and 5.1 don't have mini models and 5.3 was codex only.

Anthropic is slightly better but where is 4.6 or 4.7 haiku or 4.7 sonnet etc.
rarisma
·3 か月前·議論
I've used claude cowork a bit, which I believe is pretty similar to claw.

Can't think of much use for it at the moment but I have it just read and summarise my email, calendar events and git repo in a daily briefing format, it only has readonly access to both, as I dont trust it to do stuff for me or on my behalf.

The briefing thing is nice though not super useful.
rarisma
·4 か月前·議論
I love AI, think its super useful, I use claude daily and follow the industry closely but I would love to go a day without hearing about it
rarisma
·4 か月前·議論
No 100b model.

My disappointment is immeasurable and my day is ruined.
rarisma
·4 か月前·議論
Give me a graphene os phone moto, my money will be yours.
rarisma
·5 か月前·議論
Every man and his dog can vibe code.
rarisma
·5 か月前·議論
I swear this happens at least once a year.

Wheres my futuristic storage guys?
rarisma
·5 か月前·議論
Reality is tearing at the seams.
rarisma
·6 か月前·議論
Great, I can now combine the potential maliciousness of a script with the potential vulnerabilities of an AI Agent!

Jokes aside, this seems like a really wierd thing to leave to agents; I'm sure its definitely useful but how exactly is this more secure, a bad actor could just prompt inject claude (an issue I'm not sure can ever be fixed with our current model of LLMs).

And surely this is significantly slower than a script, claude can take 10-20 seconds to check the node version; if not longer with human approval for each command, a script could do that in miliseconds.

Sure it could help it work on more environments, but stuff is pretty well standardised and we have containers.

I think this part in the FAQ wraps it up neatly:

""" What about security? Isn't this just curl | bash with extra steps? This is a fair concern. A few things make install.md different:

    Human-readable by design. Users can review the instructions before execution. Unlike obfuscated scripts, the intent is clear.

    Step-by-step approval. LLMs in agentic contexts can be configured to request approval before running commands. Users see each action and can reject it.

    No hidden behavior. install.md describes outcomes in natural language. Malicious intent is harder to hide than in a shell script.
Install.md doesn't eliminate trust requirements. Users should only use install.md files from sources they trust—same as any installation method. """

So it is just curl with extra steps; scripts aren't obfuscated, you can read them; if they are obfuscated then they aren't going to use a Install.md and you (the user) should really think thrice before installing.

Step by step approval also sorta betrays the inital bit about leaving installing stuff to ai and wasting time reading instructions.

Malicious intent is harder to hide, but really if you have any doubt in your mind about an authors potential malefeasance you shouldn't be running it, wrapping claude around this doesn't make it any safer really when possible exploits and malware are likely baked into the software you are trying to install, not the install.

tldr; why not just have @grok is this script safe?

Ten more glorious years to installer.sh
rarisma
·6 か月前·議論
I think this was writen wholly by deep research.

It just reads like a clunky low quality article