It's not a cost for me to scrape LLM.

It is a cost for me for LLM to scrape me.

Why should I care about costs that have when they don't care about the costs I have?

Memory safety doesn't mean it's safe. And C++ doesn't mean it's unsafe.

Browsers are in C++, do you not use them? Curl is in C, do you not use it? Kernel is C...

"Memory safe" means that there are no memory safety issues. One of the most critical areas targeted by exploits is just gone. And this in turn leads -- according to the numbers published by Google -- to a severe reduction of exploitable issues.

C++ means you can not know whether code is safe or not. That does not mean it is unsafe, but assuming it is is the only sane way to handle this. Incidentally this is exactly what browsers do: They typically require two out of these three to be true for any new piece of code: "written in a memory-safe languge", "sandboxed" and "no untrusted inputs". This blocks C++ from some areas in a browser completely.

Chrome uses sandboxing and a lot of safe tooling (wuffs, rust) for untrusted data.

curl is heavily fuzzed and you still mostly control what you are downloading unless the target is compromised.

With logs the attacker controls what goes into your logs.

And you don't need to really look very hard, there are a fair number of very recent stack and heap overflows: https://github.com/tstack/lnav/issues?q=is%3Aissue%20heap%20...

I think android is a big difference here. What about excel or Google sheets? Word?

If you're building win32 you're not targeting android.

When would you want that when it wouldn't be covered by more domain-specific use cases?

Oh good. So you'll still be dead, and they might get a reprimand. If you're lucky they'll lose their job.

You want to know why so many people either jump straight to comments or use alternate sources (archive, llms)? Because if you load the actual site, it freaking blows to use the damn thing.

So much hostile user design.

Edit: NPR gets a little shout out for being able to close their annoying pop-ups by clicking anywhere that's not the notification. So it's still crappy that it hijacks the screen, but not awful I guess?

Who are the bagholders in these scenarios?

The PE sales pitch is often that the target company can benefit from expertise management and/or there is value locked in it that can be captured. Both of these claims are... marginal? Studies around the "expert management" claim tend to show this is not true, based on pre/post returns, but it's hard to account for the long term, because PE also tends to focus on sales with very specific characteristics & time horizons (and associated cost savings) that benefit a 5-7 year fund that sells the portfolio company (wait for it) around years 3-5.

Which is a long-winded way of saying the bag holders are anyone invested in the long-term success of the company: 1. employees, 2. customers, 3. owners (i.e. the next PE fund) when the music stops, i.e. what we saw when interest rates went up impacting debt financing, and (real or not) AI-eats-SaaS impacted valuations. I'll add 4. "the public" if the company is big enough, with various levels of goverment and employment, taxes, etc. lost but I think it's more the smaller organizations in aggregate that hurt at this level than any specific company.

What's the betting that it's (somehow, eventually) the taxpayers?

If it's a completely binary choice of "election was valid" and "election was invalid" without any partial verifications of results, I think it's still a massive step back.

By which I mean: paper ballots have problems. But a fault in a handful of ballots doesn't mean the rest of the ballots need to get tossed out.

I do not believe that a system managed by humans can be faultless.

You would still be getting partial counts by district right? Isn't that a partial result? Make the validation algorithms open source. And I imagine there's some kind of independent auditing of the voting systems. I think it would be neat to have multiple competing implementers of the voting system, where ballots are sent to each, and results are compared. And hey, why not, maybe after voting you get an anonymized receipt, that could then be human-counted as well

Having reviewed a lot of Ai-written python code, I think it's absolute nonsense.

It never picks a style, it'll alternate between exceptions and then return codes.

It'll massively overcomplicate things. It'll reference things that straight up don't exist.

But boy is it brilliant at a fuzzy find and replace.

if it wasn't so maddening it would be funny when you literally have to tell it to slow down, focus and think. My tinfoil hat suggests this is intentional to make me treat it like a real, live junior dev!

"you literally have to tell it to slow down, focus and think" - This soo much! When I get an unexpected result from claude, I ask it why - what caused it to do such-and-such. After one back and forth session like this putting up tons of guardrails on a prompt, claude literally said "you shouldn't have to teach me to think every session" !!

> When I get an unexpected result from claude, I ask it why - what caused it to do such-and-such.

No LLM can answer this question for you, it has no insight into how or why it outputted what it outputted. The reasons it gives might sound plausible, but they aren't real.

It's a reputation economy. Like review sites. They start off truthful, and then as time goes on incentives shift to bad actors to subvert it. Or they just sell out their reputation.

Yelp, TripAdvisor, wire cutter, hell even Google results themselves.

Once you start poisoning that well, it's difficult if not impossible to claw it back.