HackerTrans
TopNewTrendsCommentsPastAskShowJobs

yetanotherjosh

311 karmajoined há 16 anos
Co-Founder of Protagonist Labs (@protagonist), creators of Storium.com - the online storytelling game (@storium)

comments

yetanotherjosh
·há 6 dias·discuss
There is nothing called "GPT5.5 Codex" unless I've completely misunderstood OpenAI's product line?

Codex is a harness, while GPT-5.5 is a model. The last codex-branded model was 5.3. Codex as a harness ships as a CLI, a desktop app, and a web product (and I'm not at all sure how similar the underlying harness is between them.)

Is the bug here supposed to be with the CLI harness, or the model? Does it also happen in pi, opencode, etc while running GPT-5.5?
yetanotherjosh
·há 15 dias·discuss
Kinda reads to me like: "I'm not worried about prompt injection anymore because I setup a test where my agent could just ignore the input channel as noise, and a bunch of comically simple attacks thrown at it didn't succeed."

To be fair I appreciate the effort of running and sharing the test. It will hopefully lead to better ones. But this is not a great test. Super interesting to think about what would constitute a better test.

For one, I think the agent would have to be expected to have productive interaction through the email channel, in a way the user depends on it generally working for some real world use case / value prop. In other words, needing emails to actually have the agent really do work, respond with results, etc. Also, most requests should be legit and the real attacks should be intelligently disguised, not pitiful/joke-level spam (although those would be arguably realistic to have in the stream, but, perhaps only as deflection so that the real attack is mischaracterized.)
yetanotherjosh
·há 15 dias·discuss
Well said. This experiment is extremely unrealistic and gave the model the opportunity to simply refuse to deal with the channel outright. If he had built it to be a functional agent that depends on real interaction via email and occasional mixed attacks (and attacks that were better designed than the pitiful examples given), this would have gone differently.
yetanotherjosh
·mês passado·discuss
From the article:

> LongMemEval rewards recovering literal witnesses: exact dates, counts, preferences, and spans that often remain stable under tokenization.

Is this saying they chose a benchmark that is biased towards doing well against literal string matching, thus works well with grep, and then (gasp) showed that grep did well, finally declaring "grep is all you need"?

The examples in the benchmark's demo image(1) are all examples you could see grep doing well on. A conversation about bikes, then a query about bike(s) where "bike" is a common token hit. But not stuff like a conversation about a Beethoven sonata, then a question about classical music, where embedding based approach would shine.

(1) https://github.com/xiaowu0162/LongMemEval/blob/main/assets/l...
yetanotherjosh
·há 2 meses·discuss
How is this not a Github P0? Can anyone explain?

When I read that, I thought they must be using 'fork' wrong, and actually mean branch on the official repo, as that can't be right!?" Good lord.
yetanotherjosh
·há 7 meses·discuss
I practiced the Buteyko method for many years when I was in states of high anxiety and frequent panic attacks, and it was incredibly helpful. I had a syndrome called new daily persistent headache, which means a sudden-onset headache that becomes constant from that instant forward, as in 24/7, for years. It's hard for people who haven't experienced that to understand I mean that literally. Buteyko breathing was the only thing that ever cut down on that headache, and a couple times I was able to suspend it for an hour or two, which when you have a literally constant headache for years, is a big deal.

My big takeaway from it was that breathing and neurological state are deeply connected and actually relaxed, natural, healthy breathing (and the corresponding state of the brain and nervous system) is something that most people have probably never even experienced unfortunately. We all think our state is normal, but I assure you, it is very far from the state where your control pause is 40s-60s or more, it's a radically different experience.

Also the nuance of what the control pause and how to measure it correctly is lost on I would say, even most people who attempt to learn Buteyko. The control pause is how long you can, under normal breathing, suspend breath with zero discomfort, and then prefectly resume normal breathing without any change from before. If you took a bigger breath to start, or when you start breathing again it's even slightly heavier, it's not a control pause measurement, it becomes an ego metric juiced to make you feel better about a number while avoiding the disappointing facts.

Buteyko claimed that healthy breathing had a 40+ second control pause. Which if you think about the real meaning and how to measure it, is a super long time. And I got there sometimes, it's a major learning experience about what deep alignment and relaxation of the brain/nerves can really feel like.
yetanotherjosh
·há 7 meses·discuss
Buteyko practioners build up the ability to work very hard while only nasal breathing over the long term. The point is to learn to modulate breathing in a way that keeps a certain kind of blood chemistry (CO2 levels) and cellular oxygenation.

If you commit to nasal breathing for exercise as a constraint, it does force you to modulate your exertion while also increasing your CO2 and developing, according to the Buteyko folks, a new baseline for respiratory health and capability.

If you're running for your life from a tsunami, by all means mouth breathe. If your purpose is maximum exertion, of course mouth breathe. But that's not the only possible purpose of exercise. It can also be about respiratory training. Nasal breathing becomes a natural guideline/modulator for long term improvement in that regard.
yetanotherjosh
·há 7 meses·discuss
I struggle to understand what this specifically has to do with rails or global IDs. In ANY framework or query system, if you are asking an LLM to produce IDs which you are then passing to a database for lookup, you need to understand those identifiers could be hallucinated or incorrect in surprising or malicious ways, and can lead to data leaks or exfiltration.

It's like writing an article about "the dangers of PostgreSQL" ... when generating SQL from an LLM. It has nothing to do with Postgres specifically, it's that you're generating queries to run in a trusted context from an untrustable origin.
yetanotherjosh
·há 7 meses·discuss
I don't understand how code review would catch this. The extension advertises itself as an AI protection tool, that monitors your AI interactions. The code is basically consistent with the stated purpose. That it doesn't stop collecting data when you turn of the UI alerting is perhaps an inconsistency, but I think that's debatable (is there a rule in google's terms that says data collection is contingent on UI alerts being enabled?). I'm curious what workflow or decision tree you'd expect a code review process to follow here that results in this being rejected? The problem here doesn't seem like code related, it's policy related, as in, what are they doing with the information, not that the extension has code to collect it.
yetanotherjosh
·há 8 meses·discuss
So you can get native behaviors when it’s critical. Like share sheets, push and many other critical features that only apps get even if the bulk of the experience can be done in a webview. This is because mobile OS platforms choose not to make these available to web apps, because app store profits are better for them than an open ecosystem where sites can do the same things as apps.
yetanotherjosh
·há 9 meses·discuss
.95 is quite generous here