As I understand it Mythos’ “big leap” is not in finding specific flaws it is in chaining them together into a “bigger” flaw. So finding a minor issue in curl that lets you put a file where you shouldn’t, plus a flaw in something that assumes some file location is “safe” and it doesn’t have to parse things with an advassery in mind, plus a flaw in something that relies on that thing, and so on.

When doing that kind of security work you don’t need to find a bunch of significant flaws in each tool, just a minor flaw in places that turn out to be useful when combined with say up to 9 other minor flaws. So from the viewpoint of cUrl which doesn’t rely on a lot of other tools to provide its services nothing has changed. The pain is experienced on a wider scale like over a whole OS where there are a lot of tools any of which might contribute a minor flaw so Mythos can find way to gain “the prize” (maybe remote execution, or a privilege escalation, or both).

Maybe a better way to think about Mythos is it doesn’t have to hyper focus on one tool like “can I break into the system using cUrl?” (and is not actually any better at that question then prior AI), but it does a far far better job at answering the question “can I break into the system using up to a dozen or so flaws together out of this pool of 1000+ tools?”. I assume it may be a bit better at finding flaws in single tool if the flaws require putting more bugs together or more steps to reach the state where an existing flaw shows up, but again that isn’t the big deal. The big deal is at a system level it puts multiple sub-critical flaws together to combine into a critical flaw. (queue transformers joke here)

Is Cuda a lock in because there is a critical mass of solutions written in Cuda and people that think about problems in terms of Cuda already so nothing is really going to unseat it that isn’t a close clone of Cuda and making one of this is for some reason impossible, or is the problem that you can make something else that lets you be expressive in the imprint ways Cuda is while giving the backend the same kind of flexibility to schedule operations, but nobody else has made one that isn’t “too buggy” to use on real world problems?

In the distant past very few C/C++ complies existed, they were “too complex” for small companies to make, and now we have very few commercial compilers and a billion open source projects that are all forks of gcc or llvm (or a fork of a fork of the llvm derived clang). We don’t have a billion non-C derived programming environments though (we have a few, JavaScript is popular, and I’ll argue Java is C-derived, although removing pointers form C doesn’t leave a lot, so I’ll also accept it as a distinct environment, but if so, so is Swift, and Rust also counts as distinct...still that is only handful). It doesn’t prove a lot, but I would say even the moat of a programming language and environment only lasts so long.

Do you actually believe that? I mean, yeah sure “we asked them what was up and they gave a flimsy excuse” doesn’t mean you have to believe it!

The only thing that points towards them maybe telling the truth is it might be obvious if the data center were operating and you don’t want to get caught in a provable lie. However it is also possible the data center is partly operating while construction continues and they figure “hey there aren’t people coming and going, who will know if the data center is operating as opposed to testing equipment if we get caught!”.

Is there room for consciousness to manifest in a brain?

If the data center is primarily intended for use by (exclusively or nearly exclusively) the people in the neighborhood, sure, it could make sense. I know this is quaint and out-of-date but one can imagine a neighborhood squid cache, NNTP server, modern Netflix cache, etc for the neighborhood. Have it be connectable by a high-speed neighborhood LAN, to share the 'hood's WAN.

Just a classic neighborhood network coop, but with some added caching services, which is what would cause it to be called a "datacenter" instead of a "router." ;-)

As if that would really happen. And that's sure not what this is.

Wasn't reddit where the glue on pizza came from?

It uses a magic system called ext4. It can store and lookup stuff for a long time.

Once again, I'm not shocked by the percentage laid off, but I'm shocked by the number of individuals. If 700 people was 14% of their workforce, then this company had about a hundred times as many employees as I would have guessed. Not that my guesses are particularly well-informed, but when I look at what this company's product appears to be and compare it to my own experiences, I can't help but make guesses that are apparently 99% off! (I'm that dumb!?)

What do employees at these large companies do all day? Why were they hired in the first place, or why weren't they laid off many years ago? I just don't get it.

I don't mean it as a put-down of their products, but on the surface it just doesn't look like their thousands of employees do anything bigger or more complicated than my dozen-developers-sized team (which is, itself, much larger than the teams I've been on in previous decades). Is everyone's productivity just .. eaten up by labor-not-scaling problems? Do I need to really read the Mythical Man Month instead of treating it as distant folklore that I'll some day get to?

Or is the answer in some other direction? Part of me thinks I should just drop it, and accept that I really don't know jack shit about the profession I've had for the last 40 years.

I can't really say it's bad for it to be doing these seemingly-bad things, until I know the answer to this: what is the app's intended purpose? Why would/should a person use it?

If it's intended to inconvenience/expose/punish users for trying to find out things about the White House, then maybe the application is doing the right thing.

Restore the repo from backup at the filesystem level, and the hash will be valid because it was valid at the time you backed up.

I really think Roblox is missing the point.

Sure, age-verification might impede underage use of their product, but there are a lot of adults that understand the age-verification movement to be an invasion of their privacy. Whether or not this is true, "perception is reality".

Even if this crazy minimum-age shit weren't happening, it's generally a good idea to give incorrect information. Have one birthday for site x and a different birthday for site y. Use one of your parent's birthdays here, and a celebrity's birthday there. Pollute the public data and cause confusion.

If minimum age laws help to encourage data public data pollution (all of which arguably shouldn't be public at all anyway), then at least one good thing will have come out of it.

Let's get it up to 84% of parents helping their kids bypass age checks.

do you think YouTube's subtitles are "appallingly bad"?

No, they're much, much better than having no generated titles at all, and by a lot.

mpv won't generate any subtitles for me; it can only show what's included in the data.

The LLMs weren't trained on a story about who won. How TF is it supposed to predict it in advance? That's not how LLMs work. Just train it on one more thing, a story about who won in 2026, and I'm sure you'll see its accuracy go up.

If you want to keep up, learn to ~~code~~ hablar los idiomas más de moda.