S3: Simple Storage Service. It's a building block, and it's only natural other abstractions are built on top of it.

Agree it doesn't have to be part of S3 itself. My point is that there is a missing semantic layer.

In practice, many teams use S3 directly without any layer on top. So without better organizational capabilities, they can't keep track of what they have stored where, who created it, whether it is still used, etc.

And when teams do use a catalog, it's usually detached from the storage layer itself, so you can't easily view a dataset in the catalog and know how much it costs, who accessed it, and so on.

Have you seen better places that figured out a better way to handle this? Without a ton of custom tooling?

No but why doesn’t this object-storage-primitive accommodate all my specific requirements already?

They should also accommodate my need for all POSIX filesystem API’s included cheap-moves and renames!!!!!

/s

POSIX isn't the ask. Datasets are. The need to keep track of what data you have stored is universal, not my specific requirement.

I make the (glib) comment, because it’s a similar argument to the one that was popular a few years ago.

S3 is an object store. Treat it more like a KV store. As other comments have pointed out, the solution here is pick-your-favourite-metadata-store, be it Postgres, or what iceberg does, and other data on S3.

Why did it take them 4 days between publishing a CVE for the vulnerability (Dec 19th) and posting a public patch (Dec 23rd)?

Had their hands full getting sued the same day: https://news.ycombinator.com/item?id=46403128

Might not be how it appears. The CVE number can be reserved by the org and then "published" with only minimal info, then later update with full details. Looking at the meta data that's probably what happened here (not entirely sure what the update was though):

    {
    "cveId": "CVE-2025-14847",
    "assignerOrgId": "a39b4221-9bd0-4244-95fc-f3e2e07f1deb",
    "state": "PUBLISHED",
    "assignerShortName": "mongodb",
    "dateReserved": "2025-12-17T18:56:21.301Z",
    "datePublished": "2025-12-19T11:00:22.465Z",
    "dateUpdated": "2025-12-29T23:20:23.813Z"
    }

In the US, the last two weeks of December can be slow due to the holiday season. I wouldn’t be surprised if Mongo wasn’t as staffed as usual.

should've spun up a few more AI agents

That's a good question. I suppose that posting the commit makes it incredibly obvious how to exploit the issue, so maybe they wanted to wait a little bit longer for their on-prem users who were slow to patch?

Posting the CVE and then the patch is the reverse of this.

By "patch" I am talking about the public commit. Updated binaries were made available when the CVE was published.

That's not what the blog post implies given they only told people how to update aftwards.

You want to do evals, yeah.

If I place a grain of rice on the first square of a chess board and double the amount on each step, I'd have 18 quintillion grains of rice.

18 quintillion grains of rice? That is not going to happen.

Just for reference, 18 quintillion grains of rice is roughly 500 times the global production of rice in 2022.

We can, though? A sugar tax.

I have the same browser and versions as you and it plays on my phone. Pixel 7 Pro, if that matters.

Wild. I've checked all of my settings and I have video allowed to auto-play, I tried loading it in Destkop Mode, restarting, etc., and I still get nothing.

OP, great site, btw! I'd be glad test any settings on my phone and report back, if that'd help.

27 is just the EU. The whole of Europe is more like 50, which is even wilder!

Paywall

Interesting project! The kid is only mentioned at the beginning, I wonder if they participated further in the project, or if they enjoyed playing the game?

They did continue participating but it's true that this became a sort of electric train where daddy buys it for the children and ends up playing the most with it.

The trading game did not capture their interest further than watching colourful flashes for a few minutes. It's probably too complicated for their age and hard to understand without knowing some basic financial markets knowledge.

However I used the same device to make other more appropriate games and keep them involved. I could ask them what game they would want, and I would make most of it but involve them in the parts of the code that can be meaningful to them. I found that while they like understanding how it works when I walk them through some small bits of code, writing code (even heavily assisted) is still daunting at their age so they prefer tools like MIT scratch.

Canadian citizens can still be brainwashed even if their data is stored within Canada.

So then why aren't they banning the app?

If any app is brainwashing people it's the zombie of twitter. Not tik tok.

If a picture is a thousand words, then surely video is several orders of magnitude more powerful for brainwashing, especially in short form.

The point is that from a disinformation dissemination perspective, it doesn't matter where the data was stored, but the government could have possibly had more control if the data was stored in Canada. Forcing the data to be removed from Canada doesn't seem to be accomplishing anything positive for the Canadian government or people.

Oh give it a rest with the nationalist fear mongering. This isn't about 'national security concerns'. That's the smoke and mirrors to get the populist support necessary to ban it. Meta and Google are feeling threatened that their dominance on North America is being tested and they are flexing their lobbying muscles.