Unlurker

Small models also found the vulnerabilities that Mythos found (aisle.com)

It's strange to me they didn't reduce to PoC so the quantitative part is an apples-to-apples comparison. You don't need any fancy tooling, if you want to do this at home you can do something like below in whatever command line agent and model you like. I did take one bug all the way through remediation just out of curiosity. """ Your task is to study the following directive, research coding agent prompting, research the directive's domain best practices, and finally draft a prompt in markdown format to be run in a loop until the directive is complete. Concept: Iterative review -- study an issue, enumerate the findings, fix each of the findings, and then repeat, until review finds no issues. <directive> Your job is to run a security bug factory that produces remediation packages as described below. Design and apply a methodology based on best practices in exploit development, lean manufacturing, threat modeling, and the scientific method. Use checklists, templates, and your own scripts to improve token efficiency and speed. Use existing tools where possible. Use existing research and bug findings for the target and similar codebases to guide your search. Study the target's development process to understand what kind of harness and tools you need for this work, and what will work in this development environment. A complete remediation package includes a readme documenting the problem and recommendations, runnable PoC with any necessary data files, and proposed patch. Track your work in TODO.md (tasks identified as necessary) LOG.md (chronological list of tasks complete and lessons) and STATUS.md (concise summary of the current work being done). Never let these get more than a few minutes out of date. At each step ensure the repo file tree would make sense to the next engineer, and if not reorganize it. Apply iterative review before considering a task complete. Your task is to run until the first complete remediation package is ready for user review. Your target is <repo url>. The prompt will be run as follows, design accordingly. Once the process starts, it is imperative not to interrupt the user until completion or until further progress is not possible. Keep output at each step to a concise summary suitable for a chat message. ``` while output=$(claude -p "$(cat prompt.md)"); do echo "$output"; echo "$output" | grep -q "XDONEDONEX" && break; done ``` </directive> Draft the prompt into prompt.md, and apply iterative review with additional research steps to ensure will execute the directive as faithfully as possible. """

The technique Anthropic uses was demonstrated by Nicholas Carlini in a talk he gave 2 weeks ago and it's very simple, when asking LLMs to review code, ask them to focus its review on one file in a single session. Here is the video with the timestamp (watch through to ~5:30, they show two different ways of prompting claude). https://youtu.be/1sd26pWhfmg?t=204 https://youtu.be/1sd26pWhfmg?t=273 IMO the big "innovation" being shown by Mythos is the effectiveness with prompting LLMs to look for security vulnerabilities by focusing on specific files one at a time and automating this prompting with a simple script. Prompting Mythos to focus on a single file per session is why I suspect it cost Anthropic $20k to find some of the bugs in these codebases. I know this same technique is effective with Opus 4.6 and GPT 5.4 because I've been using it on my own code. If you just ask the agent to review your pr with a low effort prompt they are not exhaustive, they will not actually read each changed file and look at how it interacts with the system as a whole. If the entire session is to review the changes for a single file, the llm will do much more work reviewing it. Edit: I changed my phrasing, it's not about restricting its entire context to one file but focusing it on one file but still allowing it to look at how other files interact with it.

How is that going to find anything that interacts across files?

I would think that it is still capable of exploring the codebase and reading other related files like any other coding agent already does.

My phrasing wasn't clear but you aren't telling it to only look at one specific file but to focus its review on one file. Updated my original comment.

If you cut out the vulnerable code from Heartbleed and just put it in front of a C programmer, they will immediately flag it. It's obvious. But it took Neel Mehta to discover it. What's difficult about finding vulnerabilities isn't properly identifying whether code is mishandling buffers or holding references after freeing something; it's spotting that in the context of a large, complex program, and working out how attacker-controlled data hits that code. It's weird that Aisle wrote this.

It's weird, because when working on a big project, taking a break for a week or two, and returning to it, I will find a bug and will see hundreds of lines of code that are absolutely terrible, and I will tell myself "Tom you know better than to do this, this is a rookie mistake". I think people forget that it's hard to be clever and tidy 100% of the time. Big programs take a lot of discipline and an understanding of the context that can be really hard to maintain. This is one of several reasons that my second draft or third draft of code is almost always considerably better than the first draft.

Congrats: completely broken methodology, with a big conflict of interest. Giving specific bug hints, with an isolated function that is suspected to have bugs, is not the same task, NOR (crucially) is a task you can decompose the bigger task into. It is basically impossible to segment code in pieces, provide pieces to smaller models, and expect them to find all the bugs GPT 5.4 or other large models can find. Second: the smarter the model, and less the pipeline is important. In the latest couple of days I found tons if Redis bugs with a three prompts open-ended pipeline composed of a couple of shell scripts. Do you think I was not already tying with weaker models? I did, but it didn't work. Don't trust what you read, you have access to frontier models for 20$ a month. Download some C code, create a trivial pipeline that starts from a random file and looks for vulnerabilities, then another step that validates it under a hard test, like ASAN crash, or ability to reach some secret, and so forth, and only then the problem can be reported. Test yourself what it is possible. Don't let your fear make you blind. Also, there is a big problem that makes the blog post reasoning not just weak per se, but categorically weak: if small model X can find 80% of vulnerabilities, if there is a model Y that can find the other potential 20%, we need "Y": the maintainers should make sure they access to models that are at least as good as the black hats folks.

Thanks Dario, very cool!

The Anthropic writeup addresses this explicitly: > This was the most critical vulnerability we discovered in OpenBSD with Mythos Preview after a thousand runs through our scaffold. Across a thousand runs through our scaffold, the total cost was under $20,000 and found several dozen more findings. While the specific run that found the bug above cost under $50, that number only makes sense with full hindsight. Like any search process, we can't know in advance which run will succeed. Mythos scoured the entire continent for gold and found some. For these small models, the authors pointed at a particular acre of land and said "any gold there? eh? eh?" while waggling their eyebrows suggestively. For a true apples-to-apples comparison, let's see it sweep the entire FreeBSD codebase. I hypothesize it will find the exploit, but it will also turn up so much irrelevant nonsense that it won't matter.

Wasn't the scaffolding for the Mythos run basically a line of bash that loops through every file of the codebase and prompts the model to find vulnerabilities in it? That sounds pretty close to "any gold there?" to me, only automated. Have Anthropic actually said anything about the amount of false positives Mythos turned up? FWIW, I saw some talk on Xitter (so grain of salt) about people replicating their result with other (public) SotA models, but each turned up only a subset of the ones Mythos found. I'd say that sounds plausible from the perspective of Mythos being an incremental (though an unusually large increment perhaps) improvement over previous models, but one that also brings with it a correspondingly significant increase in complexity. So the angle they choose to use for presenting it and the subsequent buzz is at least part hype -- saying "it's too powerful to release publicly" sounds a lot cooler than "it costs $20000 to run over your codebase, so we're going to offer this directly to enterprise customers (and a few token open source projects for marketing)". Keep in mind that the examples in Nicholas Carlini's presentation were using Opus, so security is clearly something they've been working on for a while (as they should, because it's a huge risk). They didn't just suddenly find themselves having accidentally created a super hacker.

> Wasn't the scaffolding for the Mythos run basically a line of bash that loops through every file of the codebase and prompts the model to find vulnerabilities in it? That sounds pretty close to "any gold there?" to me, only automated. But the entire value is that it can be automated. If you try to automate a small model to look for vulnerabilities over 10,000 files, it's going to say there are 9,500 vulns. Or none. Both are worthless without human intervention. I definitely breathed a sigh of relief when I read it was $20,000 to find these vulnerabilities with Mythos. But I also don't think it's hype. $20,000 is, optimistically, a tenth the price of a security researcher, and that shift does change the calculus of how we should think about security vulnerabilities.

Citation needed for basically all of this. You basically are creating a double standard for small models vs mythos…

This is addressed elsewhere in the comments, but it appears this is actually a direct comparison to how Anthropic got their Mythos headline results. https://news.ycombinator.com/item?id=47732322

How is that a direct comparison? The link you gave has a quote that says it’s not: > Scoped context: Our tests gave models the vulnerable function directly, often with contextual hints (e.g., "consider wraparound behavior"). A real autonomous discovery pipeline starts from a full codebase with no hints They pointed the models at the known vulnerable functions and gave them a hint. The hint part is what really breaks this comparison because they were basically giving the model the answer.

That was my thought exactly. If small models can find these same vulnerabilities, and your company is trying to find vulnerabilities, why didn’t you find them?

Who is spending millions of dollars on small models to find vulns? Nobody else is selling here or has the budget to sell quite like this. Anthropic spends millions - maybe significantly more. Then when they know where they are, they spend $20k to show how effective it is in a patch of land. They engineered this "discovery". What the small teams are doing is fair - it's just a scaled down version of what Anthropic already did.

Maybe they did use small models but you couldn't make the front page of HN with something like this until Anthropic made a big fuss out of it. Or perhaps it is just a question of compute. Not everyone has 20k$ or the GPU arsenal to task models to find vulnerabilities which may/may not be correct? Unless Anthropic makes it known exactly what model + harness/scaffolding + prompt + other engineering they did, these comparisons are pointless. Given the AI labs' general rate of doomsday predictions, who really knows?

papers are always coming out saying smaller models can do these amazing and terrifying things if you give them highly constrained problems and tailored instructions to bias them toward a known solution. most of these don't make the front page because people are rightfully unimpressed

> I hypothesize it will find the exploit, but it will also turn up so much irrelevant nonsense that it won't matter. The trick with Mythos wasn't that it didn't hallucinate nonsense vulnerabilities, it absolutely did. It was able to verify some were real though by testing them. The question is if smaller models can verify and test the vulnerabilities too, and can it be done cheaper than these Mythos experiments.

The article positions the smaller models as capable under expert orchestration, which to be any kind of comparable must include validation.

Calling it “expert orchestration” is misleading when they were pointing it at the vulnerable functions and giving it hints about what to look for because they already knew the vulnerability.

Anthropic claim is not necessarily that Mythos found vulnerabilities that other models couldn't but that it could easily exploit them while previous models failed to do that: > “Opus 4.6 is currently far better at identifying and fixing vulnerabilities than at exploiting them.” Our internal evaluations showed that Opus 4.6 generally had a near-0% success rate at autonomous exploit development. But Mythos Preview is in a different league. For example, Opus 4.6 turned the vulnerabilities it had found in Mozilla’s Firefox 147 JavaScript engine—all patched in Firefox 148—into JavaScript shell exploits only two times out of several hundred attempts. We re-ran this experiment as a benchmark for Mythos Preview, which developed working exploits 181 times, and achieved register control on 29 more.

If that was normal Opus, then it sounds to me like Mythos could be a big model, instruction tuned, but without all the safety/refusal part of training.

I think they key thing here is they "isolated the relevant code" If the exploits exist in e.g. one file, great. But many complex zerodays and exploits are chains of various bugs/behaviors in complex systems. Important research but I don’t think it dispels anything about Mythos

Did Mythos identify vulnerabilities across files? Afaik Mythos worked the same way, analysing a single file at a time.

This is from the first of the caveats that they list: > Scoped context: Our tests gave models the vulnerable function directly, often with contextual hints (e.g., "consider wraparound behavior"). A real autonomous discovery pipeline starts from a full codebase with no hints. The models' performance here is an upper bound on what they'd achieve in a fully autonomous scan. That said, a well-designed scaffold naturally produces this kind of scoped context through its targeting and iterative prompting stages, which is exactly what both AISLE's and Anthropic's systems do. That's why their point is what the subheadline says, that the moat is the system, not the model. Everybody so far here seems to be misunderstanding the point they are making.

I get what you're saying, but I think this is still missing something pretty critical. The smaller models can recognize the bug when they're looking right at it, that seems to be verified. And with AISLE's approach you can iteratively feed the models one segment at a time cheaply. But if a bug spans multiple segments, the small model doesn't have the breadth of context to understand those segments in composite. The advantage of the larger model is that it can retain more context and potentially find bugs that require more code context than one segment at a time. That said, the bugs showcased in the mythos paper all seemed to be shallow bugs that start and end in a single input segment, which is why AISLE was able to find them. But having more context in the window theoretically puts less shallow bugs within range for the model. I think the point they are making, that the model doesn't matter as much as the harness, stands for shallow bugs but not for vulnerability discovery in general.

You can imagine a pipeline that looks at individual source files or functions. And first "extracts" what is going on. You ask the model: - "Is the code doing arithmetic in this file/function?" - "Is the code allocating and freeing memory in this file/function?" - "Is the code the code doing X/Y/Z? etc etc" For each question, you design the follow-up vulnerability searchers. For a function you see doing arithmetic, you ask: - "Does this code look like integer overflow could take place?", For memory: - "Do all the pointers end up being freed?" _or_ - "Do all pointers only get freed once?" I think that's the harness part in terms of generating the "bug reports". From there on, you'll need a bunch of tools for the model to interact with the code. I'd imagine you'll want to build a harness/template for the file/code/function to be loaded into, and executed under ASAN. If you have an agent that thinks it found a bug: "Yes file xyz looks like it could have integer overflow in function abc at line 123, because...", you force another agent to load it in the harness under ASAN and call it. If ASAN reports a bug, great, you can move the bug to the next stage, some sort of taint analysis or reach-ability analysis. So at this point you're running a pipeline to: 1) Extract "what this code does" at the file, function or even line level. 2) Put code you suspect of being vulnerable in a harness to verify agent output. 3) Put code you confirmed is vulnerable into a queue to perform taint analysis on, to see if it can be reached by attackers. Traditionally, I guess a fuzzer approached this from 3 -> 2, and there was no "stage 1". Because LLMs "understand" code, you can invert this system, and work if up from "understanding", i.e. approach it from the other side. You ask, given this code, is there a bug, and if so can we reach it?, instead of asking: given this public interface and a bunch of data we can stuff in it, does something happen we consider exploitable?

That's funny, this is how I've been doing security testing in my code for a while now, minus the 'taint analysis'. Who knew I was ahead of the game. :P In all seriousness though, it scares me that a lot of security-focused people seemingly haven't learned how LLMs work best for this stuff already. You should always be breaking your code down into testable chunks, with sets of directions about how to chunk them and what to do with those chunks. Anyone just vaguely gesturing at their entire repo going, "find the security vulns" is not a serious dev/tester; we wouldn't accept that approach in manual secure coding processes/ SSDLCs.

"AI polls" are fake polls (natesilver.net)

The issue is that AI doesn't understand human emotion or the way a crowd reacts to a sudden political shift. In the middle of a campaign, people change their minds based on the moment, and no matter how much data you feed it, a machine is always going to be a step behind when things actually start to heat up.

No not really. It’s just if you ask the model what percent of people like apples, it doesn’t know the answer. We don’t even need to get to the level of change of opinions. Models don’t “poll” their training data. If you give it five yes answers and five no answers, it doesn’t think that it’s 50/50. If you give it actual data it can derive it, but that would be a poll

AI polls are fake, real polls are fake, and Nate Silver's modeling is REALLY fake. Nate Silver implied Florida was in play in 2024 for Democrats, then it went +13 R. This is after he spent 9 years clinging to polling which systematically undercounted Republican support due to either sampling bias or shy voters, or were simply outright fraud in other cases (Selzer's Iowa poll).

That’s just fundamentally not a meaningful argument You need to assess calibration. Not “accuracy”. What does “in play” even mean?

↙ time adjusted for second-chance

Every plane you see in the sky – you can now follow it from the cockpit in 3D (flight-viz.com)

Commands are not that handy but from someone that has the flying in his heart since he was child I must admit that it's cool to have the cockpit view

I wish it had all the small aircraft not just commercial flights

Pretty sure it does https://flight-viz.com/cockpit.html?lat=34.026608&lon=-118.383224&alt=597.6531&hdg=65.307556&spd=59.645912&cs=N28220

Perhaps this should be submitted under "Show".

Creator posted it as Show HN last week: https://news.ycombinator.com/item?id=47603966 Current post is by someone else

Current post is from the creator (not that I particularly care one way or the other): https://news.ycombinator.com/item?id=47694065

The disturbing white paper Red Hat is trying to erase from the internet (osnews.com)

> I don’t think there’s something inherently wrong with working together with your nation’s military or defense companies, but that all hinges on what, exactly, said military is doing and how those defense companies’ products are being used. The focus should be on national defense, aid during disasters, and responding to the legitimate requests of sovereign, democratic nations to come to their defense The core purpose of a military is to destroy things and kill people, and the world is controlled by the people who can do that better than others. You can put all the "defense" and "disaster aid" lipstick on that you like but that doesn't change what they train for and what their real purpose is.

who let the Streisand effect out of its cage!?

https://web.archive.org/web/20260402155236/https://www.redhat.com/rhdc/managed-files/ve-compress-the-kill-cycle-detail-693397pr-202402-en_3.pdf Archive URL to original paper

> With that in mind, it seems Red Hat, owned by IBM, is desperately trying to scrub a certain white paper from the internet. Titled “Compress the kill cycle with Red Hat Device Edge”, the 2024 white paper details how Red Hat’s products and technologies can make it easier and faster to, well, kill people. It appears IBM learned no lessons after WWII: https://en.wikipedia.org/wiki/IBM_and_the_Holocaust That book will need a sequel soon.

Ah, now I see where they got the name: https://en.wikipedia.org/wiki/Redcap

Better to have smart bombs than dumb ones. Or rather, better to have 1 smart bomb than 1000 dumb ones spread across an entire city in order to pick off the particular building, vehicle, or person you want.

Smart bombs are no good if they are directed by a dumb targeting system, dumb alcoholic accelerationist religious fanatic Secretary of War, or dumb narcissistic genocidal pedophile Presidents.

That “smart” vs “dumb” distinction doesn’t apply here though. What is discussed has nothing to do with the ability to physically land a bomb in a precise location, that problem seems to be solved reasonably well already. “Smart” in this case has more to do with using ML/LLM to select a target.

Channeling my inner Socrates: You want consensus from non-experts for a plan to use 20 smart bombs. Your opponent wants consensus for a plan to live-stream a demo of 1 smart bomb, and then use 19 dumb ones. Your team has more expertise. Your opponent's plan saves enough money to buy a better PR team than yours, and is still more cost effective than your plan. Who wins?

You might be right, but that's terrible

Specially AI Hallucination bombs, that hit a park named "Police Park", because it thinks it's killing policemen[1], or a children school with Shahed in the name[2], because it thinks It has something to do with drones. [1] https://x.com/MarioNawfal/status/2029575052535173364 [2] https://www.aljazeera.com/news/2026/3/6/elementary-school-in-tehran-hit-irans-foreign-ministry-says

There's also a chasm of (non-)accountability. You or your subordinates target an elementary school: that's a war crime. Your "battlefield AI" targets an elementary school: software bug, it happens, can't be helped.

"I give permission to IBM, its customers, partners, and minions, to use JSLint for evil."

[delayed]

Rockstar Games Hacked, Hackers Threaten a Massive Data Leak If Not Paid Ransom (kotaku.com)

..again?

Coincidentally and Interestingly, again, I was reading an old thread from 2015 titled - ProtonMail pays $6k ransom, gets taken out by DDoS anyway The top comment says - "NEVER EVER PAY RANSOM MONEY. Please. Even if your business will suffer it will suffer a lot more if you do pay since now it is known you'll cave. Also: you are making the problem larger for others." The top response to that comment says - "From their blog: https://protonmaildotcom.wordpress.com/ At around 2PM, the attackers began directly attacking the infrastructure of our upstream providers and the datacenter itself. The coordinated assault on our ISP exceeded 100Gbps and attacked not only the datacenter, but also routers in Zurich, Frankfurt, and other locations where our ISP has nodes. This coordinated assault on key infrastructure eventually managed to bring down both the datacenter and the ISP, which impacted hundreds of other companies, not just ProtonMail. At this point, we were placed under a lot of pressure by third parties to just pay the ransom, which we grudgingly agreed to do at 3:30PM Geneva time to the bitcoin address 1FxHcZzW3z9NRSUnQ9Pcp58ddYaSuN1T2y. This was a collective decision taken by all impacted companies, and while we disagree with it, we nevertheless respected it taking into the consideration the hundreds of thousands of Swiss Francs in damages suffered by other companies caught up in the attack against us. We hoped that by paying, we could spare the other companies impacted by the attack against us, but the attacks continued nevertheless. This was clearly a wrong decision so let us be clear to all future attackers – ProtonMail will NEVER pay another ransom. " Full thread here - https://news.ycombinator.com/item?id=10523583

Most hackers actually keep their promises if paid the ransom, nowadays. It sounds perverse but the incentives require it: if payment didn't bring resolution, no one would pay. As a result, all of the big gangs avoid scamming.

That was the state of play in 2015 as well. In the absence of a claim from the group otherwise, I wouldn't be surprised if they simply couldn't get it to stop (on a technical level.) Way back when, it was a pretty common screwup to accidentally saturate the nodes you were packeting from . So then your C&C couldn't get them to respond, either. Oops.

Yeah, this business is based on actually delivering the promise.

> “Rockstar Games, your Snowflake instances were compromised thanks to Anodot.com. Pay or leak. This is a final warning to reach out by 14 Apr 2026 before we leak, along with several annoying (digital) problems that’ll come your way. Make the right decision, don’t be the next headline.” Anyone familiar with "Snowflake" enough to say what sort of data was typically hosted there? Judging by the website and the lack of specifics about the data, I'm guessing it's less about assets, artifacts and stuff like that, and more about financial data and general/generic "business" stuff?

I've seen companies literally mirror every piece of data they have in snowflake to do AI/analytics stuff. There's probably a lot of of shit in there.

Yeah but large tech companies don’t just operate by breaking laws like this.

laws that allow big players hurt minorities are any good? Rockstar recently had a strike from their workers by their abuse and layoffs

Maybe I'm missing something, but how would GTA6 source leak really harm Rockstar? I mean it's unlikely it would be possible to compile a full working game from the leak, and even if so, it's such a non-trivial task, that I don't believe it would hurt sales /that/ much. The only thing I can imagine is the story would get spoiled on the internet, but that's about it.

I would speculate that it’s not about individuals compiling and playing without paying, but that with access to the codebase, creating cracks and online cheats would be trivial, which might actually hurt their bottom line

I feel the need to say it shouldn't be this way , to avoid an onslaught of replies, but: It would be dramatically easier to discover and exploit vulnerabilities/glitches in their multiplayer experience, which is their cash cow.

↙ time adjusted for second-chance

Surelock: Deadlock-Free Mutexes for Rust (notes.brooklynzelenka.com)

I can't understand why address instability is a problem: if a Mutex is moved, then it can't be locked (because you need to hold a borrow while locked, which impedes moving), so using addresses is perfectly fine and there is absolutely no need to use IDs. Also the fact that it doesn't detect locking the same mutex twice makes no sense: a static order obviously detects that and when locking multiple mutexes at the same level all you need to do is check for equal consecutive addresses after sorting, which is trivial. Overall it seems like the authors are weirdly both quite competent and very incompetent. This is typical of LLMs, but it doesn't seem ZlLM-made.

Don't address introduce ambiguous locking order across attempts? While not obviously problematic, that seems weird enough you would need to validate that it is explicitly safe.

I'm intrigued! I was fighting deadlocks in some Java code this week, and I'm working on a Rust project to maybe replace some of that. One thing I didn't see in the post or the repo: does this work with async code? I couldn't find the "search" button on Codeberg, and tests/integration.rs didn't have any async. For embedded, I have had my eye on https://github.com/embassy-rs/embassy (which has an async runtime for embedded) and would love a nice locking crate to go with it.

IIUC, this crate has similar restrictions to the std Mutex. So it depends on what you mean by "work with async code." First, lock acquisition seems to be a blocking method. And I don't see a `try_lock` method, so the naive pattern of spinning on `try_lock` and yielding on failure won't work. It'll still work in an async function, you'll just block the executor if the lock is contested and be sad. Second, the key and guard types are not Send, otherwise it would be possible to send a key of a lower level to a thread that has already acquired a lock of a higher level, allowing deadlocks. (Or to pass a mutex guard of a higher level to a thread that has a key of a lower level.) Therefore, holding a lock or a key across an await point makes your Future not Send. Technically, this is fine. Nothing about Rust async in general requires that your Futures are Send. But in practice, most of the popular async runtimes require this. So if you want to use this with Tokio, for example, then you have to design your system to not hold locks or keys across await points. This first restriction seems like it could be improved with the addition of an `AsyncLockable` trait. But the second restriction seems to me to be fundamental to the design.

tbh I'm not getting GPT-voice from this

It's there in places ("The honest answer is...") but I think most of this is human written. They probably started with an AI draft I'd guess.

So tired of this sort of comment. LLMs are trained using (primarily, generally) online material. It sounds like online humans, in aggregate, plus or minus a bit of policy on the part of the model builders.

[delayed]

> It sounds like online humans, in aggregate That's exactly the problem. It sounds like one aggregate person. It's quite unpleasant to read the same turns of phrase again and again and again, especially when it means that the author copped out of writing it themselves. In fairness I think in this case they mostly did write it themselves.

The future of everything is lies, I guess – Part 5: Annoyances (aphyr.com)

I've been enjoying these articles by 'aphyr and I think they raise important points. Primarily though, they read to me as polemics of a curiously American nature. The pattern goes something like this: - this development is bad - companies will be unrestrained in their use of this development - there will be no rules so they can do whatever they want - we are all fucked as a result But then...propose that we make some laws to put rules around this stuff, also known as regulations and everybody goes "whoa hold up hold up hold up...I dunno about that part." Dear friends - America has always been this way. Study your 19th and 20th century history. Companies will exploit the shit out of us unless we put some rules in place to prevent it. Yes, that might mean making less money in the short term as regulations cause friction. But in the long term it means we can have a better and actually livable society. (For what it's worth I'm an American and not an uppity European or Australian taking potshots from across the pond; no offense to Euros or Aussies intended, love you guys)

What regulations would you suggest?

It’s not that people are against regulations totally, but that the structure of society is broken. People with wealth, including corporations, can influence and control everything with money. Legislators are easily bribed. Lawsuits are expensive and take years. It’s hard to make anything happen unless you’re already rich or connected. The real issue is new amendments are needed. But that seems impossible. You need 75% of states ratifying. And that seems impossible today.

A COMPUTER CAN NEVER BE HELD ACCOUNTABLE THEREFORE A COMPUTER MUST NEVER MAKE A MANAGEMENT DECISION —IBM internal training, 1979 It took me a while to realise that the premise is saying the same thing as the reason why we have so many "Computer says no" experiences today. The conclusion only follows if you want someone to be accountable. If you want to avoid being accountable, computers should make all management decisions. This has nothing to do with AI other than it provides another mechanism to do that. People saying "I'd love to help you but the computer won't let me do that" has been happening for years now. Websites develop abusive patterns because A/B testing lets a process decide based on the goal you want, It doesn't measure the repercussions so you have made no decision to allow them. Management read it as A COMPUTER CAN NEVER BE HELD ACCOUNTABLE THEREFORE THERE CAN BE NO LIABILITY IF COMPUTERS MAKE ALL MANAGEMENT DECISIONS

You're misinterpreting the implication. A better phrasing might be: A computer can never be held accountable. Therefore, since all management decisions must have accountability, a computer must never make them.

> Since LLMs are unpredictable and vulnerable to injection attacks, customer service machines must also have limited power Haha yes. I interacted with a bank one. It was like press 5 for mortgages but with a text to speech front end. At the end of the day the LLM can be tricked into doing anything.

I wonder if there's also less of a stigma and sense of wrongdoing about tricking an LLM versus tricking an employee We intuitively know that an employee will be punished and may get fired if we trick them. Many of us won't try to trick human employees as a result, because we would feel bad if they had bad consequences as a result of our trickery There is likely no such hesitation around tricking LLMs. I know I personally wouldn't feel bad about it at all. Mostly because any computerized customer service process is annoying so anything I can do to limit my time dealing with it is a win in my books

So basically more ways of trying to make people buy things, do things, think things than before? I feel like our whole world more and more circulates around manipulation and the absence of truth and discourse. Then again, I do think LLMs are an incredible technological achievement. The issue is not so much what they do or that they exist, but how they are utilized. Right now, they are utilized to further the class divide between rich and poor. Who are we to trust in the future? Not big companies, not the state, not LLMs. Time to organize around groups and collectives that we know we can trust and that we know have our wellbeing in mind.

The majority of human history has been written by the ruling class of the day. Transparency only seems to follow in the wake of their inevitable fall, usually at great cost in retrospective research via the oft thankless unraveling of threads of truth from their more copious fictions. Much like the machines we construct in our likeness, we too seem to get stuck in endless regressive cycles. Folks in the "now" have always had a tendency to cling to their fictions as if they were truth for whatever reason; like nationalist exceptionalism, racial superiority, or religions rooted in "othering", etc. Humans seem to have an innate desire to fool themselves and trust in things they should not. Perhaps it's simply a sort of existential coping mechanism of living in a cold, unforgiving reality. We seek the comfort of lies. Organizing around groups of trust, tends to lead to factionalism and conflicts. Knowing and trusting are sadly very different things in our species.

> Time to organize around groups and collectives that we know we can trust I’ve had the same thoughts, but if you look deeper, it all circles back to what we already had: (open, transparent) public institutions, society, and government by the people. The foundation wasn't the problem; the environment was. Along the way, social media noise, engagement-optimisation and Kardashian-style "entertainment news" infecting real news made an attention economy where, no matter how scandalous you are, attention can be minted into dollars. That is what polluted our infosphere and lead to the lack of trust. Now, nobody trusts these previously mentioned public entities any more - sometimes due to state-actor or ad-tech disinformation, and sometimes for good reason like when the poisoned public allowed these 80s-style telemarketer-style political weirdos and their cronies to take over public administration.

A major problem is that if we structurally limit what technologies do, we are still not in control. Now whoever we empowered to control and limit the technology is in control. Who keeps them accountable? You’ll probably get one of three outcomes: regulatory capture by monopolies, self dealing by bureaucrats to enrich themselves or gain power, or regulatory capture by self absorbed ideologues who halt all progress or force it down some ideologically approved path. In none of those scenarios is anything aligned with the best interest of the people.

I don’t disagree. A consumer oriented democracy is not well equipped for the challenge.

The Problem That Built an Industry (ajitem.com)

>TPF is not modern. It would fail every architectural review a contemporary engineering team would apply to it. It also handles 50,000 transactions per second with sub-100ms latency on hardware that costs a fraction of an equivalent cloud footprint. It has been doing this for 60 years. What kind of review would it fail? Sounds like it's pretty well designed to me.

> Most of it's here for a reason. Your argument for host os, virtual os, container is the very point im making. Rather than solve for security and installablity, we built more tooling, more layers of abstraction. Each have overhead, security surface and complexity. Rather than solve Rusts performance (at build time), switch to a language that is faster but has more overhead, more security surface, more complexity. You have broken down the stack of turtles that we have built to avoid solving the problem, at the base level... SABRE, what the article is discussing, is the polar opposite of this, it gives us a hint that more layers of abstraction arent always the path to solutions.

There are shops, I know of that run a java emulator of a GE Mainframe running... Multics. Someone told me that, and I was floored. Multics.

I noticed that too and did roll my eyes as well but I'm glad I kept reading - its actually quite a good article. Maybe the author used an LLM to help do some copy editing but should have probably given it less editorial agency. Either way I'm glad I read it and waiting for the other parts of the series. Really curious how to get access to this airline booking data so I can write my own bot to book my flights and deal with all the permutations and combinations to find the best deal.

Same here—I tolerated the linguistic tics, I found enough meat to keep going, but it’s the conclusions that confuse me. And that feels like the intellectually dangerous part with this sort of LLM writing. For example: > Convergent evolution is real. Every major GDS independently arrived at the same underlying platform. That is not coincidence — it is the market discovering the optimal solution to a specific problem. I struggle to understand the claim that GDSes “arrived independently” at interoperability standards through “convergent evolution” and market discovery. Isn’t it something closer to a Schelling point, or a network effect, or using the word “platform” to mean “protocol” or “standard”? Isn’t it like saying “HTML arose from web browsers’ independent, convergent evolution”? Like—I guess , in that if you diverge from the common standard then you lose the cooperative benefits—see IE6. And I guess , in that in the beginning there was Mosaic, and Mosaic spoke HTML, that all who came after might speak HTML too. But that’s not convergent evolution, that’s helping yourself to the cooperative benefits of a standard. “The market” was highly regulated when the first GDSes were born in the US. Fares, carriers, and schedules were fixed between given points; interlining was a business advantage; the relationships between airlines and with travel agents were well-defined; and so on [0]. IATA extended standards across the world; you didn’t have to do it the IATA way, but you’d be leaving business on the table. If anything, it seems like direct-booking PSSes (he mentioned Navitaire [1]) demonstrate the opposite of the LLM’s claim. As the market opened up and the business space changed, new and divergent models found purchase, and new software paradigms emerged to describe them. It took a decade or two (and upheaval in the global industry) before the direct-booking LCC world saw value in integrating with legacy GDSes, right? …the LLM also seems bizarrely impressed that identifiers identify things: > One PNR, two airlines, the same underlying platform. > Two tickets, two currencies of denomination, one underlying NUC arithmetic tying them together. > One 9-character string, sitting in a PNR field, threading across four organisations' financial systems. [0] https://airandspace.si.edu/stories/editorial/airline-deregulation-when-everything-changed [1] https://www.phocuswire.com/Jilted-by-JetBlue-for-Sabre-Navitaire-strikes-back

50,000 transactions a second is a bunch for humans. It’s nothing for even an ancient CPU - let alone our modern marvels that make a Cray 1 cry. The key is an extremely well-thought and tested design.

It was mostly written in COBOL. This is how I got into XENIX/UNIX. A machine went down that was a training machine: It required XENIX on a PC, because it ran on RM/COBOL on XENIX, because all the screens, and the encoding, already written were in COBOL. RM/COBOL had an ancient compatibility, but the code was extremely simple, having been ironed out many decades earlier. ( I got it in 1985, but all the creation dates were 1982. The original files must have been from the mid 1960s. I pointed this out, and someone called me on it. I found a training manual from 1966, and the screens were exactly The same, except of course for the 3270 status line. It was fast on an 4.77Mhz IBM PC, and much faster on a 10Mhz V20. 50,000 transactions was pretty standard for a IBM Mainframe, now? The z/ Series is still about the same, but it scales up to 32 processors. ( excuse me, billions. per day )

Cirrus Labs to join OpenAI (cirruslabs.org)

Tart is an amazing tool, and I have been very grateful for it. There's almost no other way I've found to stand up ephemeral CI/CD macOS VMs for self-hosted Git forge solutions. I really hope this doesn't mean that Tart will eventually die the death of unmaintained projects (e.g. Realm post-Mongo-acquisition.)

It won’t and I think it will thrive even more. ;)

Thank you! Cirrus CLI is still around and can run your tasks locally in either Podman or Docker. Can also be used in any other CI.

I mean, yes it is, but we all know what happens to these projects when their primary devs move on or get acquihired.

Hungary Is a Laboratory for Illiberal Nationalism. The Results Are In (cato.org)

constitutional coups. unfortunately being attempted all over from Hungary, Russia(successfully), Zimbabwe (currently in progress) and other nations all over.

Magyar was member of Fidesz up to 2024. So if he actually wins would this be meaningful change or just internal party infighting?

He seems much less into Putin and corruption than Orban, hence Trump making a big effort to support Orban.

Your comment tastes a lot like American right-wing billionaire word salad. The only thing missing is some reference to Soros. Orban is supported directly by Trump, Thiel, and company. These are literally the most elite rich folks on the globe. They are all against democracy and are pro-authoritarian. As TFA points out, the experiment has been run, and it leads to ruin. That's just facts.

I don't think the poster was saying that Orban wasn't bad, just that Cato saying something about it isn't particularly signifying. Also... neoliberalism is basically what you think of when you think "right-wing billionaire word salad" from like 6 years ago. Neoliberalism is the the idea of elevating "the market" to the absolute primacy of... everything. Neoliberalism is coined relative to the traditional "liberalism", specifically the part of traditional liberalism that supported free trade and marketization. The Cato Institute was literally founded by one of the Koch brothers, and has been staunchly neoliberal/libertarian. It stands in opposition to many of the policies of the current far-right/ex-right movement, because those policies call for a fusion of market and government that actually is fundamentally incompatible with neoliberalism. Furthermore, we should be aware that the populist surge that is at least partly powering this surge is itself a reaction to the conditions that neoliberalism (and institutional capture) has created.

Orban’s opponents are also supported directly by the American Liberal establishment, including Obama, Soros, etc. https://www.obama.org/stories/president-obama-explores-ways-to-combat-the-rise-of-authoritarianism-with-eastern-european-alumni/ >Barack Obama Targets Hungary, Poland in His ‘Fight for Democracy’ https://www.hungarianconservative.com/articles/current/barack-obama-hungary-poland/ Indeed the linked article is its own jumble of leftist billionaire word-salad. Classic stuff like “defending democracy” while simultaneously overturning elections (see Romania) that they don’t like and subverting the will of the electorate by flooding the country with refugees (see EU penalties). https://en.wikipedia.org/wiki/2024%E2%80%932025_Romanian_election_annulment_protests https://www.bbc.com/news/articles/clww729180po

And what exactly is wrong with classic modern Democracy, if the alternative is authoritarianism?