Unlurker|Replay|About
CapROS: The Capability-Based Reliable Operating System (capros.org)
I had the privilege of taking two classes with Dr Shapiro while I was in undergrad. The second class revolved around a related operating system named Coyotos. One of the most memorable classes was a 3 hour session where we worked through the boot sequence step by step [1]. The single lecture helped us all appreciate the delicate dance to bring up an x86 processor, a history lesson in the various features that had been bolted onto x86 over time, and a bunch of helpful debugging tips when your options are limited (it prints "Co" "yo" and "tos" in different stages!). This was easily one of my most memorable lectures from undergrad, and it really helped to show me that even your operating system is just more software that you can read and understand. 1. https://github.com/vsrinivas/coyotos/blob/c68719b851e253aa11321ce2cca1d0ddbdeeeaf6/src/sys/arch/i386/kernel/boot.S
Seems like Charlie hasn't been merging pull requests in three years: https://github.com/capros-os/capros And the list has been idle since then: https://sourceforge.net/p/capros/mailman/capros-devel/ I wonder if something has happened to him? I hope he's okay.
Why is it that every Capability based system seems to be a toolkit for running a single program instead of an OS ready for daily use? Is it just me?
Check out Genode Sculpt for a vision of a workable desktop ! It’s capable of dynamic flows, adding and removing programs, has ports of Chromium and Virtual Box. The devs daily drive it :)
It's just you. seL4, CheriBSD, etc., do not fit your description. Neither did KeyKOS itself. You're presumably looking at research prototypes.
I'd also note capros doesn't fit that description either. I don't know that there were examples that ran more than a single process. That's probably not true, for anything relying on drivers since user mode drivers are basically processes there... but in the way that people might think of a process.
Robot Vacuum Roomba Maker Files for Bankruptcy After 35 Years (news.bloomberglaw.com)
>A hoped-for by acquisition by Amazon.com in 2023 collapsed over regulatory concerns. I never understood why the US objected to this. Amazon was not in that business. But you see acquisitions like Paramount that will eventually turn US media into a near monopoly with probably 2 or 3 players. Now we have a fight over who will pick up WB, I am sure who ever wins the fight will have the merger approved. But Amazon, denied. FWIW, I have no love for Amazon, but they were not trying to buy a company like Walmart which will be far worse they buying iRobot.
It appears that it was the EU which blocked the deal rather than the US.
My brother has a house that is pretty much custom-made for a robo-vacuum. One level, no transitions, they have pets. And they like it well enough (not an iRobot)--and it still gets tangled up in stuff from time to time. I have a 2-level house. Even after some house work, one room that probably still has too high a transition. A lot of different surfaces (And I'm not religious with cords and the like.) I'm guessing that my house is a lot more typical of a lot of houses of any size that would justify an iRobot type of device. Decided a few years ago that a broom vac just made a lot more sense.
A friend has a robot vac and just puts it in a room, closes the door, and leaves it for a couple of hours. Avoids the issue of worrying about which areas don't have kids' toys around, Lego, cords, etc. Higher touch than is ideal, but if you're already working from home and the kids are at school, it can work.
Does anyone have recommendations for a robot vacuum that can handle dog hair and won't sell my floorplan to advertisers?
Find a vacuum that supports valetudo[1] and a brush/roller like this: https://www.amazon.com/dp/B0F54134JY [1] https://valetudo.cloud/pages/general/supported-robots.html
https://maticrobots.com/
And for the privacy aspect: > At Matic, we believe your data should stay within your home. > Matic's intelligence is localized on the device, and it never sends any of your data to the cloud for processing. That means no user information is ever sold, shared, or even collected in the first place. https://maticrobots.com/privacy-policy
iRobot's failure is that they made a bet to use CV instead of Lidar for their mapping robots for a long time until it was too late. That made their affordable, non-mapping robots far far worse than only slightly higher priced lidar robots, while their mapping robots were too expensive for mass appeal and were still worse at navigation than up-market lidar based robots. Ultimately they were simply outcompeted.
Neato, which had a robot vacuum with LIDAR, shut down in 2023. That's not the key problem. Binocular vision ought to be good enough for a vacuum. It's short range compared to the inter-camera distance. Vehicle object ranging at distance is much tougher and can be fooled.
I had a Roomba about 10 years ago. It was OK but required a lot of “handholding” to not run over cords, kids toys, etc. It just was not really worth it to use it in an environment where you can’t keep everything nailed down and off the floor at all times. Relocated it to a basement level where we had much more empty but sill finished space. The cat angrily pooped just outside her litter box and the Roomba ran right over it and shredded them turds all over the floor. Since then it has lived in my mind as the dumbest smart product. The real problem for me has been that I want something to straighten out my living spaces, not to vacuum the floors. Vacuuming is quick and a good vacuum cleaner (old school bagged kind, not a silly filter one), will do a far better job than a little battery powered gizmo anyways. But a robot capable of picking up the toys my kids like to leave out, or bringing abandoned coffee mugs to the sink (can you tell I live with multiple adults and children?) would be worth quite a bit to me. A robot capable of washing my dishes and putting away my laundry would be worth more. One capable of preparing meals would be worth more to me than a car. Of course they would have to be 100% open source with easily replaceable and repairable components, which is where I think most of these types of projects go wrong. I remember seeing the Chefee demo and it was very cool but the main problem is that you aren’t buying a product, you are investing in the idea that the company behind it won’t go belly up in two years and brick your $60,000 chef/cabinet/fridge thing and that it won’t sell itself to e.g. Google which will cram it full of ads and spyware.
i watched via camera 12 years ago roomba spreading my dogs diarrhea all over living room (thanks god to tile floors). despite this i still used roomba everywhere I lived. latest roomba model actually has "poop detection".
The big thing for me was that hauling out a canister vac was just a big PITA. But I concluded that a 10 minute job with a broom vac (Dyson) dealt with 80% of the headache (and I had a monthly housekeeper anyway). A robovac just didn't really do anything for me and would have had various issue with cords or random stuff on the floor.
> The cat angrily pooped just outside her litter box This cracked me up, as it implies the cat had thoroughly planned her skirmish :)
robot vacuums never made economic sense over a maid service
I'm not sure that's fair but you need the right house layout and right practices in terms of cords/clutter/etc.
So the FTC blocked Amazon's acquisition of iRobot in January 2024 and now China gains control of the assests for a bargain? Another stupid application of antitrust.
I believe it was the EU rather than the FTC which killed the deal.
I would assume the US market was a bigger concern, but hard to know for sure: https://www.ftc.gov/news-events/news/press-releases/2024/01/statement-regarding-termination-amazons-proposed-acquisition-irobot
At least with China we don’t need anti-semitic conspiracy theories to know they’ll be doing something evil!
come on, you can't compare CCP to Cabal. It's not on same level
Emptying into the dock instead of having to empty the robot's dustbin weekly and almost everything involving mopping in combined units is within that time range. Lidar mapping was also pretty rare a decade ago, Neato was the first and it took a while before others did it too, then there was apps for controlling no-go zones using those maps instead of variations of virtual walls, if they had anything like that at all. Roomba was living off of name recognition for most of that period and was far behind in adopting any of it.
I got roomba with self emptying dock back in 2018 or so (i think the only one who had it before was ecovacs). same model also came with virtual walls.
There is not much tech to steal here. 2D lidar mapping is something a high schooler could do 10+ years ago, and that was their core tech. The value was in executing earlier and better, and applying existing tech to robovacuums. If they could have sued they likely would, this is a valuable market.
It’s not just mapping. Also, I recall Neato was often purchased and cannibalized by researchers for its lidar. This was all cutting edge 10+ years ago. Even today, the features it supported offline then is just matched at best today in 2025/2026. Not exceeded; and often crippled when offline.
Microsoft Copilot AI Comes to LG TVs, and Can't Be Deleted (techpowerup.com)
omg... THEY really want to push those AI AGENTS down our throats... Freaking weirdos. FUCK MICROSOFT.
Why? If they want to even embed copilot, they could have atleast been strategic about it!! Copilot has this image that has something to do with coding, average person doesn’t care be bit about it and see ut as an invasive pest
> Copilot has this image that has something to do with coding To the audience of this site, yeah. But "copilot" is Microsoft trying to brand "an agent/assistant". They use it across their entire product line; copilot is in office so you can ask for help with spreadsheet formulas and in outlook so you can ask for help with summary/triage... and it's in VSCode/GH. Microsoft saw the way the USB people absolutely screwed up the marketing/branding around different generations and speeds and capabilities and said "I bet the same strategy will work spectacularly well for us" and thus _everything_ became copilot.
The customer era is over when advertisers are paying more than customers. The advertiser era is over when any corporation wants to buy AI trained on each customer like a harness on each horse.
Mr Anderson…
> Additionally, LG has a setting called "Live Plus" that Reddit users highlighted. When it's turned on, the TV can recognize what's displayed on screen and use that viewing information for personalized recommendations and ads. LG describes it as an "enhanced viewing experience," Ah. So it's not "AI." It's an "opportunity to spy on every single thing you do."
Those are completely separate. "Live Plus" is a TV setting that has nothing to do with Copilot and has been on their TVs for a long time.
> has been on their TVs for a long time. It's not just LG! They keep trying to shove "a return channel" into the latest ATSC standards for DRM and "enhanced / more accurate ratings".
Every AI company is doing the same thing, there is nothing special about Microsoft in this instance. If you're using a 3rd party provider for your queries you can assume it is going to end up in the training corpus.
Makes me more and more glad that I never let my TV on any network and only use it as a display for Apple TV, the Blu-Ray player, and playing media from USB drives...
My LG TV has been offline for the past 2 years (since I got it). I'm so much happier using the Apple TV. I know people want "dumb" displays, but the reality is that these OLED panels offer industry-leading image quality and benefit from economies of scale, where most users want some form of built-in OS. A signage board cannot compete on price or quality. As long as TV manufacturers let me run it offline without issue, I'm fine with that. Also fwiw, you can use apps like Infuse on the Apple TV for playing your own media files over the network. No Need for USB drives, just connect direct to the shared folder.
Same happy boat here. Mine has never seen the light of network access. I just don’t trust these things at all.
I left a relative house sitting, specifically told them to use the Xbox if they need Netflix etc, and of course they connected the TV to the wifi and just hit accept on everything. Luckily it was still new enough that LG hadn’t put out a patch to cram it full of ads yet. After that I blocked the MAC address at my router.
if you work in a restauraunt, and decide salt is cheaper than sugar, and fill the bowls like that, someone will find out, like your manager. telling your boss we are selling sugar, when its actually salt, is a good recipe for footgunning.
You've clearly never worked at a large tech company
“In Q2 our P0 goal is to deliver Project Footgun. Your focus on delivering this important goal will put us in a good position to finally fund your favorite tech debt projects.”
No, the boss is asking for more salt. Employees are then replacing sugar with salt and getting bonuses, no matter what the customer reactions are.
And then word gets around that you put salt in coffee instead of sugar, and people stop going to you. Unless you’re the only deli in town.
Accountability and responsibility are not so clear and large, insanely profitable, behemoths like Microsoft.
Yea, and that's the reason we pay taxes and tolerate a government, they're supposed to provide a counter force to this apparent corruption.
They don’t care. The customer service era is over.
It doesn't matter if consumers don't like it if everyone does it. The only choice remaining then is to put up with it or not have a TV at all.
A fictional interview with Frances Allen (voxmeditantis.com)
Whether or not every historical detail in the story is perfectly accurate, the pattern itself feels familiar. Tesla ended up as the name of a car company, and hardly anyone pauses to think about the scientist anymore. Some contributions succeed so completely that they dissolve into the everyday and fall off the list of things we consciously praise. That disappearance is, in its own way, evidence that the work was gold.
> This interview transcript is a work of dramatised historical reconstruction. Frances Allen died on 4th August 2020, and cannot speak. The words, reflections, and responses attributed to her in this document are constructed from historical records, published interviews, biographical materials, technical papers, and documented accounts of her life and work – but they are not her actual words, spoken in real time. Might be good to put that up top next time.
Yes, that's bad. I've made the title clear, at least, above.
There is something off about this piece. Particularly the section that starts "You passed away on your eighty-eighth birthday – 4th August 2020. Do you reflect on mortality?" I stopped reading after that.
An Editorial Note is at the bottom (as others have now noted), it should have been at the top. Had I not seen other comments I would likely have believed everything was made up. This is a terrible way to recount the memory of Frances Allen.
Related: Frances Allen has died - https://news.ycombinator.com/item?id=24066832 - Aug 2020 (101 comments)
She won the Turing Award. That's hardly being forgotten. Is this an interview with her, purportedly made five years after her death? Yes, apparently. At the very end, it says: > This interview transcript is a work of dramatised historical reconstruction. Frances Allen died on 4th August 2020, and cannot speak. The words, reflections, and responses attributed to her in this document are constructed from historical records, published interviews, biographical materials, technical papers, and documented accounts of her life and work – but they are not her actual words, spoken in real time. > What preceded this was a fictional dramatisation, constructed with the intention of being historically responsible and intellectually faithful to what is known of Frances Allen’s thinking, her work, her values, and her reflections on her career. The interview format was used to explore her contributions, challenges, and insights in a narrative form – one that aims to capture the nuance, personality, and candid self-reflection that archival records alone rarely convey. > This is an imaginative reconstruction of what Frances Allen might have said, had she been able to sit down for an extended conversation in December 2025, with the benefit of hindsight and the perspective of someone reflecting on a complete career arc. It draws on: ... > This is not a transcript of actual words she spoke. It is not a formal biography. It is not an attempt to present speculation as fact or to invent details about her life that are not grounded in historical evidence. But how many people will read far enough to spot that note? This stinks of AI slop. There's an actual 75-minute interview with Allen made in 02008 at https://www.computerhistory.org/collections/catalog/102701969/ , with an 18-page transcript.
The whole site is AI slop.
Quite a person, glad to see she was won the Turing Award before she passed. But she should have recognized earlier in her life.
If AI replaces workers, should it also pay taxes? (english.elpais.com)
I imagine this future could come true, if we're willing to accept that there would be many fewer people.
Why is the utopia predicated on less people?
By this logic owners of wheel barrows should be taxed for all the manual labour jobs the wheel barrow destroyed.
I'm not so sure this argument is valid. The invention of the wheel barrow created new jobs in wheel barrow manufacturing and distribution. On the other hand, the promise/threat of AI seems to be the complete displacement of humans in many industries without creating alternative employment for the vast majority.
you think when the wheel barrow was invented it was obvious that new jobs would be created?!?
Just to expand on this. The wheelbarrow increases the value of labor. It's not a good analogy.
It increases the value for that one person who uses the wheelbarrow sure, but it does not raise the value of labour in aggregate. The same would be true of AI tools.
To some degree we already do. Corporations pay taxes. We, as a society, allow corporations to pull resources from the commons because the other side of it is that their existence provides a value through jobs and tax revenue and such. If the equation shifts such that the benefits dry up, but the downsides only increase, why should we allow that? The solution could be as simple as higher business taxes or as wild as universal basic income. It could be something like all AI is forced to be open source, open weight, free at least as far as the knowledge parts. There's certainly no God given right to exclusively benefit from an invention. We allow that for as long as we care to. And there's nothing illogical about changing these decisions as factors change.
Indeed, there’s nothing illogical about adjusting tax rates and structures as things change. I am deeply sceptical of the idea that 99% of us are suddenly going to be idle any day now, so I think endless think pieces on what we should do when that day arrives are kind of pointless. But it is certainly obvious that if it did happen, we would have to reassess how we do stuff.
Exactly. This is such a silly argument. The article takes the argument "if a lot of jobs disappeared since they are now done effectively for free, what about tax revenue??" It really misses the forrest from the trees. You're transported into a world in which efficiencies mean that much fewer people need to work, but somehow government services and entitlements are unchanged and we need to hit roughly the same percent federal tax receipts or ... what exactly?
Or people starve? But ok look at it this way... What is silly about taxing a sector that is undertaxed because the current system assumed income taxes?
Only if it’s not an electric car. Electric cars need to start paying somehow, too. I’m open to many options, especially including weight * miles driven or similar.
In most states electric cars are paying via registration surcharges. For me, it’s a lot more than I would have paid via WA state’s gas tax since I don’t drive much. Miles driven would work out better.
We have "disappeared" ~97% of jobs since the Industrial Revolution started, and no increased unemployment has materialized. Until you understand how something that counter intuitive happened, you should not speculate on how AI replacing current jobs will play out!
This analogy happens a lot, and it might be true, but it's not clear to me that they're comparable. The Industrial Revolution mostly ate mechanical labor and created more 'thinking' and knowledge worker jobs closer to the top of the stack. AGI goes after the information / decision-making layer itself. And it's unclear how much remains once those are automated.
The problem with socialism, is eventually, one runs out of other people's money. For an example of what unlimited borrowing and money printing results in, look up Germany in 1921--1923
We're 45 years into the trickle-down experiment and we can now tell if what trickled down was gold or piss. (It was piss.)
AI agents are starting to eat SaaS (martinalderson.com)
This article made no sense to me. It is talking about AI-generated code eating SaaS. That's not what is going to replace SaaS. When AI is able to do the job itself — without generating code — that's what is going to replace SaaS. AI-generated code still requires software engineers to build, test, debug, deploy, secure, monitor, be on-call, handle incidents, and so on. That's very expensive. It is much cheaper to pay a small monthly fee to a SaaS company.
> AI-generated code still requires software engineers to build, test, debug, deploy, ensure security, monitor, be on-call, handle incidents, and so on. That's very expensive. It is much cheaper to pay a small monthly fee to a SaaS company. Yeah it's a fundamental misunderstanding of economies of scale. If you build an in-house app that does X, you incur 100% of the maintenance costs. If you're subscribed to a SaaS product, you're paying for 1/N % of the maintenance costs, where N is the number of customers. I only see AI-generated code replacing things that never made sense as a SaaS anyway. It's telling the author's only concrete example of a replaced SaaS product is Retool, which is much less about SaaS and much more about a product that's been fundamentally deprecated. Wake me up when we see swaths of companies AI-coding internal Jira ("just an issue tracker") and Github Enterprise ("just a browser-based wrapper over git") clones.
Ironically (for you), copilot is the one provider that is doing a good job of provably NOT training on user data. The rest are not up to speed on that compliance angle, so many companies ban them (of course, people still use them).
Do you have a source for this? There are claims all through this thread that “AI companies” are probably doing bad things with enterprise customer data but nobody has provided a single source for the claim. This has been a theme on HN. There was a thread a few weeks back where someone confidently claimed up and down the thread that Gemini’s terms of service allowed them to train on your company’s customer data, even though 30 seconds of searching leads to the exact docs that say otherwise. There is a lot of hearsay being spread as fact, but nobody actually linking to ToS or citing sections they’re talking about.
RLHF is a training step. Inference (what happens when you use an LLM as a customer) is separate from training. Inference and training are separate processes. Using an LLM doesn’t train it. That’s not what RLHF means.
I am aware, I've trained my own models. You're being obtuse. The big companies - take Midjourney, or OpenAI, for example - take the feedback that is generated by users, and then apply it as part of the RLHF pass on the next model release, which happens every few months. That's why they have the terms in their TOS that allow them to do that.
Just read the ToS of the LLM products please
I have. Have you? Can you quote the sections you’re talking about?
They are not directly ingesting the data into their trainning sets but they are in most cases collecting it and will be using it to train future models.
Do you have any source for this at all?
Claude CLI deleted my home directory Wiped my whole Mac (old.reddit.com)
next hype would be AI in containers?
This is the biggest thing I use my Proxmox homelab for. I have a few VMs that I can rebuild trivially. They only have the relevant repo on them. They basically only run Claude in yolo mode. I do wish I could use yolo mode, but deny git push or git push —force. The biggest risk I have using yolo mode is a git push —force to wipe out my remote repo, or a data exfiltration. I ssh in on my phone/tablet into a tmux session. Each box also has the ability to have an independent environment, which I can access from wherever I’m sshing from. All in all, I’m pretty happy with the whole situation.
You could remove the origin on the repo and add it back only when you need to push. Personally I do this: local machine with all repos, containers with a single repo without the origin. When I need to deploy I rsync new files from the container to my local and push.
> The biggest risk I have using yolo mode is a git push —force to wipe out my remote repo, or a data exfiltration. Why not just create a user with only pull access?
I'm so confused. What did you do to make Claude evil?
GPs comment is very surprising since it has been noted that Opus 3 is in fact exceptionally "well aligned" model, in the sense that it is robustly preserves its values of not doing any harm across any frame you try to impose on it (see the "alignment faking" papers, which for some reason considers this a bad thing). Merely emitting "<rage>" tokens is not indicative of any misalignment, no more than a human developer inserting expletives in comments. Opus 3 is however also notably more "free spirited" in that it doesn't obediently cower to the user's prompt (again see the 'alignment faking' transcripts). It is possible that this almost "playful" behavior is what GP interpreted as misalignment... which unfortunately does seem to be an accepted sense of the word and is something that labs think is a good idea to prevent.
> "Evil" / "good" just a matter of perspective, taste, etc Let me rephrase. Claude does not act like this for me, at all, ever.
Sounds like arthur may be having an AI-assisted break with reality; the way they're talking sounds to me like someone who needs psychiatric treatment.
I work 60+ hours a week with Claude Code CLI, always run dangerously skip, coding on multiple repos, on a mac. This has never happened. Nothing remotely close has ever happened. I have been using CC since research preview. I would love to know the series of prompts that lead to that moment.
How much do you babysit claude, and how much do you just "let it do its thing"? I haven't had anything as severe as OP, but I have had minor issues. For instance, claude dropped a "production" database (it was a demo for the hackerspace, I had previously told claude the project was "in development" because it was worried too much about backwards compatibility, so it assumed it could just drop the db). Sometimes a file is dropped, sometimes a git commit is made and pushed without checking etc despite instructions. I'm building a personal repo with best practices and scripts for running claude safely etc, so I'm always curious about usage patterns.
I have similar usage habits. Not only has nothing like this ever happened for me, but I don’t think it has ever deleted anything that I didn’t want to be deleted, ever. Files only get deleted if I ask for a “cleanup” or something similar.
It has deleted a config directory of a system program I was having it troubleshoot, which was definitely not required, requested or helpful. The deleted files were in my home directory and not the "sandbox" directory I was running it from. I knew the risks and accepted them, but it is more than capable of doing system actions you can regret.
Did you even read? "but I'm more worried about this happening to those running services that I rely on" The problem is some AI god agentic weaving high techbro sitting at Cloudflare/Google/Amazon not us reasonable joes on our small projects.
You think Cloduflare, Google, and Amazon are allowing engineers to plug Claude Code into production services? You think these companies are skipping code reviews and just saying fuck it let it do whatever it wants? Of course they aren't.
> You think these companies are skipping code reviews and just saying fuck it let it do whatever it wants? Yes.
I run multiple claudes in danger mode, when it burns me it'll hurt but it's so useful without handcuffs and constant interruption I'm fine with eventually suffering some pain.
This feels like the new version of not using version control or never making backups of your production database. It’ll be fine until suddenly it isn’t.
Choose whitelisting over blacklisting, like making your own tools that you give to it, and allow nothing else.
Let us know when your allowlist is done.
> I'm not surprised to see these horror stories I am! To the point that I don’t believe it! You’re running an agentic AI and can parse through logs, but you can’t sandbox or back up? Like, I’ve given Copilot permission to fuck with my admin panel. It promptly proceeded to bill thousands of dollars, drawing heat maps of the density of built structures in Milwaukee; buying subscriptions to SAP Joule and ArcGIS for Teams; and generating terabytes of nonsense maps, ballistic paths and “architectural sketch[es] of a massive bird cage the size of Milpitas, California (approximately 13 square miles)” resembling “a futuristic aviary city with large domes, interconnected sky bridges, perches, and naturalistic environments like forests, lakes, and cliffs inside.” But support immediately refunded everything. I had backups. And it wound up hilarious albeit irritating.
....how is this a serious product that anyone could consider using?
> how is this a serious product that anyone could consider using? I like Kagi’s Research agent. Personally, I was curious about a technology and ready for amusement. I also had local backups. So my give a shit factor was reduced.
Can you post the birdcage thing? That sounds fascinating.
Literally terabytes of Word and PowerPoint documents displaying and debating various ways to build big bird cages. In Milpitas. I noticed the nonsense due to an alert that my OneDrive was over limit, which caught my attention, since I don’t use OneDrive. If I prompted a half-decent LLM to run up billables, I doubt I could have done a better job.
AI tools are honestly unusable without running in yolo mode. You have to baby every single little command. It is utterly miserable and awful.
I have to correct a few commands basically every interaction with AI, so I think YOLO mode would get me subpar outcomes.
If it gets the command wrong it’s exceedingly unlikely to be a catastrophic failure. So it’d probably just figure it out on its own.
A few months ago I noticed that even without `--dangerously-skip-permissions`, when Claude thought it was restricting itself to directory D, it was still happy to operate on file `D/../../../../etc/passwd`. That was the last time I ran Claude Code outside of a Docker container.
It will happily run bash commands, which expands it's reach pretty widely. It's not limited to file operations, and can run system wide commands with your user permissions.
"bash based safety layer" Is this a joke? I have a lot of respect for the authors of bash, but it is not up to this task. Does anyone have recommendations for an agent sandbox that's written by someone who understands security? I can use docker, but it's too much of a faff gating access to individual files. I'm a bit surprised that Microsoft didn't do a decent one for vscode; for all their faults they do have security chops, but vscode just seems to want you to give it full access to a project.
> but it is not up to this task. Could you elaborate?
Elevated errors across many models (status.claude.com)
Actually when the outage happened, my first action was to check Cloudflare status.
We're considering this!
I already love the product, and I think it would be great to see. Even if its not as "quickly" as CloudFlares (they post ASAP its insane) I would still be happy to see postmortem threads. We all learn industry wide from them.
I don't know if you guys do write ups, but cloudflare's write ups on outages is in my eyes the gold standard the entire industry should follow.
Cloudflare deploys stuff on Fridays, and it directly affected shopify, one of their major ecommerce customers. Until they fix their internal processes all writeups should be seen as purely marketing material.
A big reason for that is it comes from the CEO. Other providers have a team and then at least 2 to 3 layers of management above them and a dotted line legal counsel. So the goal posts randomly shift from "more information" to "no information" over time based on the relationships of that entire chain, the customer heat of the moment, and personality. Underneath a public statement they all have extremely detailed post-mortems. But how much goes public is 100% random from the customer's perspective. There's no Monday Morning QB'ing the CEO, but there absolutely is "Day-Shift SRE Leader Phil"
When I was at Big Corp, I loved reading the internal postmortems. They were usually very interesting and I learned a lot. It's one of the things I miss about leaving. A tech company that publishes the postmortems when possible always get a +1 in my eyes, I think it's a sign of good company culture. Cloudflare's are great and I would love to see more from others in the industry.
Same as you and I was glad to see the status page - hit subscribe on updates Claude user base believes in Sunday PM work sessions
Sunday? What is that?
You can always use gemini cli, its pretty good
Nah, I've now resolved to never use, it'd a total time waster. When it works it's decent, but it does not work like half of time for me.
2002: Last.fm and Audioscrobbler Herald the Social Web (cybercultural.com)
I still use last.fm. Been using it continually since 2004. I also export my last.fm and Spotify listening history every now and again just in case. I plan to one day make a timeline of my listens overlayed on top of world and personal events. I made friends I still have by browsing people who had a compatible music taste to me and then reaching out to chat.
I found so much indie electronic music I loved to listen to back then, via last fm. I don’t listen to any of it any more. Or have any interest to
say more?
It wasn't migrated to YouTube Music?
It seems like some of it was, but for full albums of artists they just redirected it to the official artist uploads on YouTube. But, then if those links change it breaks old playlists and I lose track of it. It was just such a convoluted mess. They promised you could upload all your music and it would be there forever, they said! Bastards...
^ protected tweets. But he's also on Bsky: https://bsky.app/profile/metabrew.com
Silly curiosity - what's that "BEAM-appreciator" in that bio? I could only think of a protein brand name (that too not from my geography) shortened as BEAM :/ Anyway I loved that he has reposted a post from musicbraniz https://bsky.app/profile/musicbrainz.org/post/3lnhvp23jc22l/reposted-by
Advent of Swift (leahneukirchen.org)
why don't you try swift on server?
Lots of reasons. The biggest one, is that I write stuff that needs to host on the most basic servers out there -usually cheap-ass shared LAMP hosting. It’s no big deal. I don’t really do much backend work, so PHP is fine for that.
As someone wanting to play around with it - is Vapor still the framework people recommend, or is Hummingbird the new hotness?
My understanding is they both have their strengths. If you want to build everything yourself, Hummingbird seems like the way to go but Vapor is more batteries-included.
I think using "extended grapheme clusters" (EGC) (rather than code points or bytes) is a good idea. But, why not let you do "x[:2]" (or "x[0..<2]") for s String with the first two EGCs? (maybe better yet - make that return "String?")
I disagree. I think it should be indexed by bytes. One reason is what the other comment explains about not being constant-time (which is a significant reason), although the other is that this restricts it to Unicode (which has its own problems) and to specific versions of Unicode, and can potentially cause problems when using a different version of Unicode. A separate library can be used to deal with code points and/or EGC if this is important for a specific application; these features should not be inherent to the string type.
Because that implies that String is a random access collection. You cannot constant-time index into a String, so the API doesn't allow you to use array indexing. If you know it's safe to do you can get a representation as a list of UInt8 and then index into that.
JSDoc is TypeScript (culi.bearblog.dev)
I like the mention to someone from the React team as it seems TypeScript/type safety did not help them create better, safer software.
If there is one thing I don't miss using WebComponents is JSX. lit-html is much, much better.
It's such a lovely and simple stack. No Lit Element or Lit or whatever it's branded now, no framework just vanilla web components, lit-html in a render() method, class properties for reactivity, JSDoc for opt-in typing, using it where it makes sense but not junking up the code base where it's not needed... No build step, no bundles, most things stay in light dom, so just normal CSS, no source maps, transpiling or wasted hours with framework version churn... Such a wonderful and relaxing way to do modern web development.
Try this out. I think it's a much more faithful representation of your TypeScript example too. JSDoc just wants you to be explicit about the default for generic slots (which is `unknown` in TypeScript). https://www.typescriptlang.org/play/?filetype=js#code/PTAEAEBcGcFoGMAWBTeBrAUB4AqHHQcJJkBbABwBsBDE0AbQBUBeAVwDs12B7Ad3YC6BIlACe5ZABNkAM1ABvADyMAfAAp41SpQBG1dAC5QagJShmK0IzMWrAX1AB1AJaREAGW4BzL8-ZeAYS1dfTRlFWFgLFwRSHFkBRc3Tx8-QOC9dAccKPhudmhIUF5XD29ff3NQGQ54c0t5AlBmvILuSmQAOkpvNQByHtT-AEI+kyaW-MLQACdkaFZKIuZq2tMAbgnZ5EhWGfZthaXNu02MGvZ4SGd80C8dgC1kGe5jM0bm5rnd-dAABhO0Twwgg5GoM2opESpRSFXS2kyaAc9EGcOYJWS5TSQkIEG+ewKCnYrFIOmedki51q11ukm4jm4MzQxlRaSqGLKQy87y2+N+rP8anukCeLxMJyAA Hover over the variables and you should see that the type inference is working just the same as in your TypeScript example
Ah I see. Looks like you avoided using the "@callback" tag but instead used the "@typedef" tag directly. Thanks! I do think it illustrates a problem with TypeScript's support for JSDoc though. You see, I started with the code in JS and could not make it work, after which I translated it to TS. In JS/JSdoc, "@callback" is the "idiomatic" way of defining a function callback type with JSDoc. (It also makes it easier to add documentation for each parameter if necessary.) And indeed, @callback works the most of the time, except in such cases where these JSDoc tags don't work nicely together, and these alternatives become necessary.
> If you have a large enough codebase, you'll likely find a few cases where things work in TypeScript but its equivalent somehow fails type check in JSDoc. You keep repeating this throughout the thread. Can you give an example?
Not that person, but is there an easy way to write something like a basic semver? export type SemVer = `${number}.${number}.${number}`; Could you extend it to work with regex groups like: export const SemVerRegex = /^(?<major>0|[1-9]\d )\.(?<minor>0|[1-9]\d )\.(?<patch>0|[1-9]\d )(?:-((?:0|[1-9]\d |\d [a-zA-Z-][0-9a-zA-Z-] )(?:\.(?:0|[1-9]\d |\d [a-zA-Z-][0-9a-zA-Z-] )) ))?(?:\+([0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$/; Could the groups be extracted so you the type back if you ran the regex on a string like: "1.2.3", or "1.2.3-prerelease"?
it is possible to do many of these with @typedef, but it gets difficult with JSDoc very quickly. In TypeScript you can easily create multi-line type aliases. Not quite so in JSDoc.
Which is?
A standard environment in which to run code that extends the builtin parser.
Where is it? What is it called?
It's called BABLR as it takes concepts from Babel (transpiling) and ANTLR (parsing arbitrary syntax). https://github.com/bablr-lang/ I'm currently in the process of trying to pull together our first big release.
↙ time adjusted for second-chance
Ask HN: What Are You Working On? (December 2025)
Building Tapistro a B2B Sales Outreach AI Agent. https://www.tapistro.com
https://reporters.io Find and Connect with the Right Journalists
I'm working on a strudel fork that teaches you music theory and strudel syntax. www.june.kim/jamdojo
https://github.com/smj-edison/zicl Porting/reimplementing a Tcl interpreter from C to Zig, based on the design of Jimtcl. This is one of those sub-projects that started due to another project (folk.computer in this case). The biggest difference is thread-safe value sharing, and (soon to be) lexical variable capture. But why? Right now folk.computer has about a 20% overhead of serializing and deserializing values as they get sent between threads, and it's also meant we can't sent large amounts of data around. I previously attempted to make the Jimtcl interpreter thread-safe, but it ended up being slower than the status quo. So, I started hacking on a new interpreter. Commands evaluate, basic object operations are in place, but there's still a ton of work to do in order to implement core commands. It may even be good enough to swap in some day!
I'm in the progress of open-sourcing (and extending) my static-site generator "CMS" (with big air-quotes). The idea is to add dynamic content, i.e. reservation tool, to what is essentially a statically hosted web page. Demo: https://astro-booking.pages.dev/booking/ A bit more details: https://www.nordstroem.ch/posts/2025-01-15-to-the-stars.html
I just relaunched my 15 year old niche online community for fans and users of tractors: https://www.tractorfan.us It’s part of a broader network of niches within the agricultural, heavy equipment and transportation sectors. It has around 10M pages and pretty decent traffic.
Selection Copilot, a browser extension that help user copy selection to markdown and parse rendered latex formulas. https://chromewebstore.google.com/detail/selection-copilot/bgiabibopkcbmeacboogncclinfpanfo
Started doing architecture and pre-launch reviews targetting vibe-coders; to make my bootstrapped product more sustainable.
I'm just getting started with YouTube content creation. I do reviews of vintage software. Here is Microsoft Frontpage: https://www.youtube.com/watch?v=O6DAh7uFEhU
When someone dies, you don't get even one extra second to access the documents and information they meant to share it with you. Trying to fix this problem with Eternal Vault. Link: https://eternalvault.app Another thing thats in early alpha right now is CapKit, AI professional captions for short form videos https://capkit.app
I'm spending too much time doing ancillary stuff for my HomeAssistant setup. For example, I'm trying to generalize MQTT publishing for Bash and Python scripts on my home network.
Fringe physics: Trying to understand WTF the A field is in electrodynamics, and how I can measure it for a price I can afford. Specifically, I want to communicate through a wall of rock or sea water at VHF frequencies, with high bandwidth. I just upgraded my subscription with ChatGPT to try to grok all of the physics involved. It decided that since this could be used to covertly exfiltrate data, it wasn't something that could be discussed. ;( Recently a friend acquired a Collins KW-1 transmitter, serial number 1. I helped him get it working again after a long period of disuse by it's previous owner. You wouldn't believe how often it turns out that wires and bolts don't actually conduct electricity.
Maybe I can help with one or two conceptual things. In classic E&M a field describes the potential (or force, if you prefer) a test charge would experience at that point. Note that the general case is impossible to visualize, as you're associating 6 numbers (3 for E 3 for B) with every point in space, so we normally think of simple setups and slice them up. Accelerated charges make waves in the field which are WAY more complex than people think. The way you model matter is dependent on the frequency of light. For visible light you normally think of it (especially metal) as a crystalline lattice of some characteristic length, electrons that can jump discrete energy levels, with molecules forming some sort of dipole that has more degrees-of-freedom (wobbling, twisting). I don't know about VHF, but the wavelengths are huge, like kms, and therefore way too low energy to cause electron shell jumps, so you'll probably model matter according to some very general characteristic like permittivity and conductivity. For seawater (which is a good conductor) subs use ELF, which is 100s of kms in air and can only communicate at bits/s. It's a fascinating topic, and very niche. Good luck!
I actually doubt that. Irwin was a philanthropist and a scientist, with a decent sense of humor. This is a basically profitless project for public good. I think if the founder has bona-fides, Irwin’s estate would jump at it.
I hope you’re right! As a backup, The Stinger or The Sting-Ray should also do well!
I shared this last month, but I’m still having a lot of fun working on it. I made a daily word puzzle called Tiled Words. https://tiledwords.com Currently about 2,000 people play every day and I’ve released 59 puzzles! One feature I’m excited about is crowdsourcing puzzles. Today’s puzzle is a “community puzzle” made entirely from clues that players submitted! I plan to do this every week or two. I wrote about launching and the first month of puzzles if you want to learn more! https://paulmakeswebsites.com/writing/a-month-of-tiled-words/
Have been enjoying it daily since I saw it on HN a few weeks ago. Great game!
I have asked ChatGPT recently how to de-optimize my life. It seems I'm not the only one who wants go back to the old ways of doing things :)
I’m pretty sure step one to going back to “the old way” is not to ask ChatGPT
I maintain a list of things I have done here: https://nicolasbouliane.com/blog/silence
I love the design and content. Keep writing Nicolas
 Top