HackerTrans
トップ新着トレンドコメント過去質問紹介求人

thombles

no profile record

投稿

Tangled: Our €3,8M seed round

blog.tangled.org
12 ポイント·投稿者 thombles·4 か月前·7 コメント

RSS Guard v5.0.0

github.com
1 ポイント·投稿者 thombles·4 か月前·0 コメント

Experiments with Memory Integrity Enforcement

octet-stream.net
3 ポイント·投稿者 thombles·7 か月前·0 コメント

Bureau of Meteorology ordered to fix new website after torrent of complaints

abc.net.au
6 ポイント·投稿者 thombles·9 か月前·0 コメント

Polish top-performing language for complex AI tasks, finds study

notesfrompoland.com
2 ポイント·投稿者 thombles·9 か月前·1 コメント

Microsoft begins turning off uBlock Origin and other extensions in Edge

neowin.net
787 ポイント·投稿者 thombles·昨年·514 コメント

コメント

thombles
·9 日前·議論
Be cautious if you're using large databases on iOS. At least until fairly recently, iOS doesn't page dirty mmaped pages back to disk and after enough churn the app will OOM.
thombles
·9 日前·議論
One day Quinn will retire and Apple had better have a succession plan.
thombles
·14 日前·議論
I’m curious how a workplace ends up with a model policy like this. It seems like you’d spend more time trying to work out how to use a tiny number of Opus tokens than doing it yourself.
thombles
·21 日前·議論
Alas. Loved his work on Major Stryker.
thombles
·26 日前·議論
A low-risk way to dip your toes in is to email a blogger to say that you enjoyed their post or that you found it helpful. The message doesn’t have to have useful information in it, just be sincere. Per OP, often there won’t be a reply but also often it’s much appreciated - particularly by non-mainstream writers.
thombles
·26 日前·議論
There are already on-device models that you can use through this framework as a developer. Claude would just be an additional one.
thombles
·先月·議論
That's my initial experience, yes. It's hard to compare these things cleanly of course. I went through several new contexts on GPT and it just couldn't get traction -- it became hard to keep it focused on "yes there's clearly a race but what actual persistent state got broken"? It just wanted to change the thread priorities so that the problem didn't occur and kept doubling down on that as the solution. Opus made some missteps too but it responded well to my corrections - 2 or 3 significant ones along the way - and it was prepared to keep digging on my exact goal until it found the real issue.
thombles
·先月·議論
Today I was a few hours into chasing down a very tricky timing-dependent bug with GPT 5.5 and we were starting to go into circles. I noticed Opus 4.8 had showed up in GitHub Copilot so I switched over and pointed it at my notes so far. Another hour of steady progress and it tracked it down to some missing synchronisation in an upstream library which was occasionally corrupting a linked list. N=1 but worth every one of those rather expensive 15x requests today. 15x... yeah.
thombles
·2 か月前·議論
As one of those commenters on the previous post - yep, that theory appears to have been comprehensively trounced. Unless anything comes to light that mythos was applied poorly to curl, the evidence suggests that it’s not uniquely effective vs other AI-assisted approaches. I’ll be interested to see what’s reported in the next curl release.
thombles
·2 か月前·議論
We will see. As for "testing that could have been done before", Mozilla's posts indicate otherwise. Use of Opus 4.6 led to 22 security-sensitive bugs vs Mythos' 271 (https://blog.mozilla.org/en/privacy-security/ai-security-zer...). They already had the methodology in place when the more powerful model came along (https://hacks.mozilla.org/2026/05/behind-the-scenes-hardenin...):

> Once the end-to-end pipeline is in place, it’s trivial to swap in different models when they become available. Building this pipeline early helped us find a number of serious bugs using publicly-available models, and it also helped us hit the ground running when we had the opportunity to evaluate Claude Mythos Preview. In our experience, model upgrades increase the effectiveness of the entire pipeline: the system gets simultaneously better at finding potential bugs, creating proof-of-concept test cases to demonstrate them, and articulating their pathology and impact.
thombles
·2 か月前·議論
The question is how many security vulnerabilities are actually left in the code after all the recent AI attention. Either Mythos is a nothingburger, or it's substantially more powerful but there's nothing left to do. Even a large amount of C can be correct eventually. Curl has the _potential_ to become a good data point maybe 6-12 months from now - if researchers and new tools find many more vulnerabilities then Mythos is proved to be hype. If they don't, then maybe Mythos is overkill for today's curl and its capabilities are better deployed elsewhere (like Firefox, apparently).
thombles
·2 か月前·議論
Curl simply isn't a good data point. It's one of the most picked-over codebases in existence with extensive security testing practices. All the researchers using not-quite-Mythos models have had plenty of time to report bugs up to this point. Daniel may be right that Mythos hasn't been a game changer for curl but the preconditions are different for virtually any other codebase. Perhaps the real marketing here is his own modesty about curl's maturity.
thombles
·2 か月前·議論
The answer is in the next sentence: "Bun owns its event loop and syscalls." They clearly want to manage their use of threads explicitly, which is not _unusual_ for systems programming but probably less common. Note that `rayon` is different from most of these in that it has nothing to do with async Rust - it's a tool for spreading computation over a thread pool, very popular in non-async projects, but it would also go against their goals here.
thombles
·2 か月前·議論
Is the poster maybe confusing bandwidth (range of frequencies over which a single board can work) with bandwidth (data transfer speeds in bits per second)?
thombles
·2 か月前·議論
I saw this the other day and was pretty confused - I prefer to write my own commit messages and wondered if I’d accidentally let the AI do it this time. Nope, just MS changing things behind my back. Sigh.
thombles
·2 か月前·議論
I didn’t read this as a flex. More a rueful admission of his connection/addiction to GitHub.
thombles
·3 か月前·議論
It's a meaningful difference for SaaS. Most likely an attacker doesn't have access to your running binary let alone source code, and if they probe it like a pentester would it will be noisy and blocked/flagged by your WAF.
thombles
·3 か月前·議論
Microsoft could tone it down a bit (especially all the full screen harassment after windows updates) but I wonder how many casual users have had their bacon saved precisely because their documents and desktop got pushed to the cloud?
thombles
·3 か月前·議論
It’s super hostile. I realised I was going to press it by accident eventually so I switched to Fossify Gallery before I did.
thombles
·3 か月前·議論
It doesn’t? I use the OneDrive app for scanning documents all the time. + button then “Capture”