Pup Biru

enron sold plenty of gas and real things too: it’s the double handling that’s the problem; not the nature of the goods or services

openai has practically no value and that’s well known… nvidia is paying companies to buy their chips and playing bullshit shell games

the difference is openai is a pretty well known unprofitable company, and they aren’t doing quite as much of the bullshit shell games. nvidia is selling to basically everyone, taking stakes in companies, giving weird deals… it’s bloody impossible to track how much of their sales are real and how much those real sales are actually worth, or if those sales are loss leaders for some investment then those investments look a lot like openai

so nvidia not only is invested in a lot of very questionable AI bubble companies, but also their own sales figures are… unreliable

they’re making billions upon billions because they’re using their own money multiple times. it’s kinda like leveraged trading with all the risk and it’s incredible arrogant at the scale that nvidia is doing it

and both positions are wrong. nobody ever said that the ROC wasn’t imperialist in the exact same way

chinas stance towards the south china sea and taiwan is what this exaggeration for the purposes of comedy is based on

perhaps… i guess the single directional execution model would help to prevent memory leaks, and components would help keep things relatively contained… and also javascript in general avoids whole classes of c/c++ bugs… but it’s also incredibly slow. imo it’s just not something you should write core system components in

to be clear, it’s not react that’s the problem here: its execution model is an excellent way of structuring UI… but something as core as the start menu just really isn’t something you should fuck around with slow languages with

and also, that’s not to say that FOSS shouldn’t do it - they’re open, and thus something like react makes it easier for devs to write plugs and extend etc… but that’s not an engineering concern for windows: they don’t get the luxury of using extensibility as an excuse

little measurable difference? the last time they rewrote something they replaced the start menu with fucking react

the difference will be measurable and enormous

yeah they do certainly exist, but bog standard “red light cameras”… ie single purpose cameras are not that kind of problem… imo, as long as they’re deployed to combat actual issues they’re very much a beneficial tool

i think it’s important to differentiate these new kinds of cameras from the single purpose cameras so that arguments against them can be made independently

red light cameras - at least in australia - are stock standard canon DSLRs… they take images, but not video

there are some newer ones that do things like photos of people using their phones stopped at lights etc, but generally speed/red light and “single purpose” cameras will just be doing stills, and wouldn’t be too useful for anything other than a single photo when the sensor triggers it

that’s all irrelevant though… the rule is the rule and they got caught

people should be allowed to have awards for games which only use humans, and if a game is caught cheating they should be disqualified

if they want to compete for some awards, these aren’t the awards for them: there are others

it’s kinda irrelevant to the make it to production part though: the rule is no gen ai used during development… there’s no ifs, buts, or maybes here: there definitively was, and nobody is denying that

it’s irrelevant whether you agree with the rule or not… the award is for games that didn’t use AI during development. the game should not have originally been in contention for the award

i tend to agree this is the right way to use AI assets, but this isn’t the award for them… it doesn’t matter if it was accidental, if it was removed before release, or anything else

The software had a limit on the size of the feature file that was below its doubled size. That caused the software to fail.

this is not a rust problem… nor was the original problem of code writing entries to a file multiple times, and nor is the thing that made it worse: propagation of the poisoned file

the cloudflare issues were configuration… they have nothing even remotely relayed to any of this

github copilot is fantastic for exactly this reason… completes a few lines, auto corrects, automatic find and replace, automatically fills a 3 line function body that would otherwise be an extra dependency

and these browsers are specifically not that… these browsers are intended to do things like categorise tabs, complete forms, etc automatically without your interaction

of course they’ll ask before they do things they consider destructive, but what they consider destructive and what a malicious actor can use are very different things

some of that is certainly benign, but the point with prompt injection is that it can take benign things and make them plausibly malicious

imo anything firefox-based until servo or ladybird matures

i use waterfox, i know a lot of people use librewolf

remember that switching to anything chromium (like vivaldi, brave) still gives google power. on web standards at least, mozilla still fights for us (and is arguably the only one protecting us from shit like putting tracking stabdards directly into the web spec)

sometimes stores have sales that includes gift cards so you can get $500 of apple credit for 20% off

the vuln afaik is for remote code execution via basically a mechanism that’s kinda like a transparent RPC to the server (think like you just write frontend code with like a “getUsers” and it just automatically retrieves and deserializes the results so you can render the UI without worrying about how that data exists in the browser)

i’m not a front end engineer, and haven’t used react server components, but i am a principal software engineer, i do react for personal projects, and have written react professionally

i can’t think of a way it’d be exploitable via purely client-side means

i THINK what they mean is that you can use some of the RSC stuff without the RPC-style interfaces, and in that case they say the server component is still vulnerable, but you still need react things running on your server

a huge majority of react code is client-side only, with server-side code written in other languages/frameworks and interfaces with something like REST or GraphQL (or even RPC of course)

it looks like this only applies react server components, and it doesn’t look like element uses react server components

but i only had a quick skim; could be wrong, but personally i wouldn’t shut it down - not that im running a server myself

most things scale if you throw enough resources at them. we generally say that things don’t scale if the majority case doesn’t scale… it costs far fewer resources to scale with multiple repos that it does to scale a monorepo, thus monorepo doesn’t scale: i’d argue even the google case proves that… they’ve already sunk so much into dev tooling to make it work… it might be beneficial to the culture (in that they like engineers to work across the entire google codebase), but it’s not a decision made because it scales: scale is an impediment