True. For Claude Code, I disabled explore subagents globally by adding this to ~/.claude/settings.json: "permissions": { "deny": [ "Task(Explore)" ] }
"LGTM" That'll be $50 — please.
Ehh, AI makes plenty mistakes but they have a different vibe to it. In my mind an AI would do something the most popular way even when that's not appropriate. A human might do things in an unpopular way even when that's…
Maybe they added the comments to get a longer payload for the sake of the shirt's design. The comments can be more cute/awe inspiring for people who aren't as familiar with bash but like solving puzzles as well.
I don't think it was written by an LLM, some things stand out: The congratulations text is both in English and Japanese. Contains a single heart emoji. There was an intention to have a cyan to orange gradient, but the…
Sounds like a convenience feature for a dev that they forgot to remove before distribution, since it's this poorly hidden.
Use cases range from sending 100s of requests per second just to bring a website down to doing a montly request to a municipality's endpoint to get a local dashboard of when trash is picked up. I don't think you can…
If a vulnerability disclosure program has a good track record of paying out, and legitimate reports get refunded, why not? Again, the alternative might be shutting down the program entirely.
Have you considered requiring a small payment for vulnerability disclosure? Refund it on payout. This should be very effective at deterring spammers. It also sucks for real reports, but beats shutting down the program…
Both sides are not looking too pretty here.
Having their business transparent makes sense but by restricting people's personal lives like this would disincentivize good people from rising to power, which is not what we want.
People connect through cellphones more on weekends, and cellular has higher IPv6 usage.
> AI makes it cheap to write code. That is not the same as it being cheap to ship it, or to maintain it. One participant put it cleanly: cognitive debt is the new technical debt. It being expensive to ship or maintain…
I think the differentiator is whether someone cares about what they build or not. Someone who doesn't care wouldn't produce masterpieces without AI, and using AI isn't going to prevent someone who does care from…
Wow hang on, I'm suggesting to use AI as a code writing aid, not to increase scope until owning the design becomes unreasonable.
You can't, so you do read the code.
Own the design and let AI write the code. Spend the extra free time on becoming a better/broader architect.
Implementing a bot to do registration is not a "copy as curl " click away anymore, and creating millions of accounts maybe become computationally expensive. This is not much, but it could deter some low effort…
I don't think this would fly between enterprise usage of custom DNS, captive portals, privacy protection etc
Yes, and this might take some years to catch on. OTOH it's not out of the question that some open source non-extension Chrome mod emerges that will then block those kinds of ads. Brave is already shipping this anyway.
They should make it more clear that it's a concept. I could see a real version that sends the inputs to the backend where some analysis is done, but right now an adversary can just run the onVerify callback as "bypass".
Inflated egress costs might make this prohibitively expensive, $80 per TB at GCP and AWS
My gripe is that, if some additional authentication is then not required for deployments or SSH access, that whoever has access to the admin UI will still be able to access the box and extract all secrets, just with…
That works on a single persistent box, but unfortunately, that means giving up on autoscaling, which is not so nice for cloud applications.
But the encrypted API key doesn't work, it needs to be decrypted first. Let's give the server access to the private key so it can decrypt the API key. We can do this by putting the private key in an env var. But now the…
True. For Claude Code, I disabled explore subagents globally by adding this to ~/.claude/settings.json: "permissions": { "deny": [ "Task(Explore)" ] }
"LGTM" That'll be $50 — please.
Ehh, AI makes plenty mistakes but they have a different vibe to it. In my mind an AI would do something the most popular way even when that's not appropriate. A human might do things in an unpopular way even when that's…
Maybe they added the comments to get a longer payload for the sake of the shirt's design. The comments can be more cute/awe inspiring for people who aren't as familiar with bash but like solving puzzles as well.
I don't think it was written by an LLM, some things stand out: The congratulations text is both in English and Japanese. Contains a single heart emoji. There was an intention to have a cyan to orange gradient, but the…
Sounds like a convenience feature for a dev that they forgot to remove before distribution, since it's this poorly hidden.
Use cases range from sending 100s of requests per second just to bring a website down to doing a montly request to a municipality's endpoint to get a local dashboard of when trash is picked up. I don't think you can…
If a vulnerability disclosure program has a good track record of paying out, and legitimate reports get refunded, why not? Again, the alternative might be shutting down the program entirely.
Have you considered requiring a small payment for vulnerability disclosure? Refund it on payout. This should be very effective at deterring spammers. It also sucks for real reports, but beats shutting down the program…
Both sides are not looking too pretty here.
Having their business transparent makes sense but by restricting people's personal lives like this would disincentivize good people from rising to power, which is not what we want.
People connect through cellphones more on weekends, and cellular has higher IPv6 usage.
> AI makes it cheap to write code. That is not the same as it being cheap to ship it, or to maintain it. One participant put it cleanly: cognitive debt is the new technical debt. It being expensive to ship or maintain…
I think the differentiator is whether someone cares about what they build or not. Someone who doesn't care wouldn't produce masterpieces without AI, and using AI isn't going to prevent someone who does care from…
Wow hang on, I'm suggesting to use AI as a code writing aid, not to increase scope until owning the design becomes unreasonable.
You can't, so you do read the code.
Own the design and let AI write the code. Spend the extra free time on becoming a better/broader architect.
Implementing a bot to do registration is not a "copy as curl " click away anymore, and creating millions of accounts maybe become computationally expensive. This is not much, but it could deter some low effort…
I don't think this would fly between enterprise usage of custom DNS, captive portals, privacy protection etc
Yes, and this might take some years to catch on. OTOH it's not out of the question that some open source non-extension Chrome mod emerges that will then block those kinds of ads. Brave is already shipping this anyway.
They should make it more clear that it's a concept. I could see a real version that sends the inputs to the backend where some analysis is done, but right now an adversary can just run the onVerify callback as "bypass".
Inflated egress costs might make this prohibitively expensive, $80 per TB at GCP and AWS
My gripe is that, if some additional authentication is then not required for deployments or SSH access, that whoever has access to the admin UI will still be able to access the box and extract all secrets, just with…
That works on a single persistent box, but unfortunately, that means giving up on autoscaling, which is not so nice for cloud applications.
But the encrypted API key doesn't work, it needs to be decrypted first. Let's give the server access to the private key so it can decrypt the API key. We can do this by putting the private key in an env var. But now the…