Forgot your password?
typodupeerror

Comment Thought for the day (Score 1) 28

What if...

Someone (say someone who was familiar with doxygen and GCC) developed number of comment types, where some stipulated preconditions that must be true for the function to run correctly, postconditions that must be true once the function has run, kernel facilities that the function definitely needs, and kernel facilities that the function definitely doesn't need. These would all be optional for any given function.

A static checker could then validate if the code meets the behaviour expected by the programmer. This is precisely what is done in SPARK, a fork of Ada for high-reliability code. Combined with existing static checker capabilities, this would greatly increase the number of bugs that could be caught with all kinds of tools, AI included.

It could ALSO build a full fine-grained mapping for any fine-grained mandatory access controls system. You'd also want includes that you could import for precompiled libraries. This would allow someone to verify if the code was making unanticipated/undesirable calls but would also make SELinux possible to develop for at the application level.

It would not be trivial. If it was trivial, it would have been done simply because it already IS done in other languages and that makes it "obvious" to anyone who has been programming for a while. However, it should not be massively complicated, simply because you can use AI as the static checker. Once it has a definite set of bounda that must be satisfied, it should be much more capable of knowing what paths would violate those bounds. Which means that the checker stage essentially is trivial today, leaving only the markup stage.

Comment Re:Yeah OpenAI is a scam (Score 1) 68

You simply cannot make solar financially viable there.

What makes solar financially un-viable in Austin? I live a long ways from Texas so there might be something really obvious here that I'm missing. I know the solar power arguments are older than the hills at this point (I remember roof top solar panels from many decades ago) but I'm interested in what about that location makes it doomed to not work out.

Or is there just no way for Tesla to make it financially viable? Could a more honest company pull it off in a different way?

Comment Re:Solar fricken roadways all over again (Score 1) 115

It's a trade off: you get abundant free energy to run the server, with extreme constraints on cooling because your server is running in the most perfect Thermos bottle ever.

Others are taking the opposite tack: undersea data centers for abundant free cooling at the expense of having to get the power down to your servers.

If had to bet on which one is more practial, I'd go with undersea servers. Build them off the coast of Chile, run cables out from batery-backed solar plants in the Atacama desert.

Comment The challenge (Score 1) 107

Is to set coursework and exams that are specifically crafted to exploit where AI is weak or prone to hallucinate.

You do not ban cheating, because those who cheat will inevitably find ways to circumvent the ban.

Rather, you exploit the properties of the mechanisms of cheating to ensure that those who actually understand the ideas are marked relatively highly (regardless of whether they reach the textbook conclusion) and whose who do not understand the ideas cannot do well even if they give what is in the textbook.

The interest should not be in precise answers, but in precise use of tools of reasoning and analysis, because this is what actually matters when it comes to understanding. Yes, it means you can't standardise so easily, and you have to devise things in ways that don't penalise intuitive thinkers over methodical thinkers, but you cannot teach a subject properly if you are only concerned about the surface.

Submission + - Cloudflare, Netlify and Vercel with new toys for phishers and threat actors (cloudflare.com)

D,Petkow writes: Web Bros’ Latest Genius Move: Drop a Zip, Ship Malware

Cloudflare, Vercel, and Netlify have all launched their own “Drop” services: upload a zip, get a live site instantly on their edge networks.
Authentication and abuse protection? That’s for later. Right now it’s pure vibes.

This is peak industry brain rot. In a world already drowning in phishing, malware, and scam sites, these platforms just rolled out the easiest, fastest way for bad actors to host malicious content.
Drag-and-drop phishing kits on workers.dev, instant fake login pages on Vercel, malware droppers on Netlify — all live in seconds with zero friction.

No real verification. No serious upfront checks. Just “move fast and let the internet clean up our mess."
The hopium these web bros are smoking must be nuclear grade quality. They’ve spent years building trust in their platforms, only to turn them into free malware CDNs for anyone with a zip file.This isn’t democratizing the web.
This is handing phishers and scammers the keys with a smile.
Brilliant strategy, truly.

Nota bene — apparently real world bad actors beat red teams in abusing those new "services".

Slow clap

Apparently all the web bros are drinking the same hopium-flavored cool aid, where no phishers, c2s, implants and bad actors exist whatsoever.
https://cloudflare.com/drop/
Same concept from vercel and netlify
https://vercel.com/drop
https://app.netlify.com/drop

https://x.com/JCyberSec_/statu...

Try a DAP.LIVE or URLSCAN.IO query to see abuse and workers.dev (and pages.dev and r2.dev for that matter) — for each valid deployment, there are hundreds of confirmed fraud scams.
Nice statistics, which will only get worse now.
Good job.

Comment Bleagh, (Score 1) 72

You can get Veracrypt to work with the Mac, via FUSE, but I don't know how safe/robust that is. It's probably more secure than anything Apple has. It's certainly more secure than anything Microspot has.

But, yeah, it's getting extremely irritating that useful stuff is being taken out of commercial OS' and junk put in.

Slashdot Top Deals

Type louder, please.

Working...