Yeah, you've got to have some respect for a load of people who've made difficult, error prone changes across a load of code they probably didn't write and don't know super well - not to make anything any different, but just to avoid a possible problem in the future.
Maybe, but I wonder why the thing that's ostensibly there to boot my system even needs to know what users there are on it. Its job is to get you from nothing to login - what happens after that is, frankly, none of its bloody business.
Whilst this fork isn't it, I'm looking forward to someone making 'slimd' - which is a sensible version of systemd that just boots the system and leaves all the other jobs to other processes/projects.
We have a fair bit of this in the UK. Some aren't quite as 'militant' about it, but it's pretty much all headed that way.
For used cars, it makes sense. For used cars, there's practically a formula for working out the value of the car. You then apply some small margin, and that's your sale price. There's very little 'wiggle room' any more, so there's really no haggling space.
Back in the day, you could price a car based on how shiny it was. Someone that knew what they were talking about might haggle you down, but maybe you'd get lucky and sell to a no-nothing for a nice mark up. That just doesn't work any more. People won't even set foot in your lot if your prices are higher than someone elses - and there are plenty of bucket shops selling hundreds of used cars for tiny margins. You might still get a "bargain" at some little tiny one-man-band type lot down the street, but unless you know what you're doing (which most people don't), you could also end up with a lemon. You might pay a bit more at one of the big shops, but whatever you get will be pretty homogenised for whatever money you spent on it. That safety is pretty attractive to most people.
New cars... in the UK at least, a lot of them get bought via salary sacrifice and other schemes, so there's no direct driver-to-dealer conversation. It's all B2B, so there's some haggling, but it's at the fleet level, not the individual car level. For the relatively few people buying a brand new car themselves, there's not much haggling to be done - the dealer gets told what price to sell at, so all dealers are the same price. You might get some floor mats, and maybe a tank of fuel, but that's about all.
Personally, I'd give Tesco the benefit of a lot of doubt - they're super hot on their technology choices, so whatever they decided was for very good reasons. Whilst I'm sure they're mindful of their legacy, I'd also imagine they'd be very happy to clean it up in order to take advantage of something new, if such a move was justified.
Tesco works on tiny profit margins (relatively speaking). They also work at massive scale. Every penny in that place counts, so they definitely don't want to spend it somewhere that isn't giving them good value. That makes moving off VMware a likely choice, and whatever they've moved to a (probably) wise choice for them. Whatever they've decided probably isn't a blueprint for every little company in the UK, although of course a lot of people will think it is.
Where I work, I get a Cursor license (which gets used a fair bit). I'm not sure that'll continue for long after the sale, but we'll see (not sure how, erm, 'sensitive' they are
FWIW, it's actually quite good. It generally does some pretty decent stuff when I point it at some god awful mess and ask it to explain or tidy up. It's also quite good if you say "this code works with system1, make it also work with system2", it figures out permissions and other details quite well (at least as well as I probably would do, if I spent the time on it).
IMHO, it can't answer hypothetical questions though. If you ask "what steps do I need to perform to achieve XYZ?", it ferrets around your code base and says "you've done things like this before, so I'll recommend the same again" - which is not what I asked. By no means a deal breaker, but it throws me over to another AI to get those answers, which doesn't seem very smart if you're trying to 'capture' users (honest question: Does Cursor have a web chatbot you could use for this sort of thing?)
I'm also mindful that it's really very similar to VScode + a Gemini agent (or whatever). There's around zero value in the editor itself, but it does make installing the editor + agent pretty simple, I guess. Either way, if I do lose my Cursor license and get a Claude one instead, I really can't see much changing, other than I'll have to install VScode and put in the usual extensions yet again.
I think it's well accepted this isn't a One True Solution - the government's even acknowledged that people will find ways around it. However, it's the first step of many to rebalance the "settings" handed to society by some tech bros, which we've all just accepted as being "okay", even though there was no research or evidence presented to say that 13 years old was "okay" (and we've since found out that contrary evidence was withheld, and new evidence now exists to suggest there are lots of harms to young people).
I'm not in favour of banning things as a general rule, but wrestling some modicum of control off the silicon valley billionaires and putting it in the hands of the people who will be harmed or benefitted by their technology seems like absolutely the right thing to do. If there's some societal disaster from this change of age restrictions, then I'd imagine we'd have the opportunity to look at it again and find a solution. Our government is pretty slow and dysfunctional, but occasionally The People do get a say in what takes place.
As a parent, this just gives me an additional tool to help guide my kids through the difficulties of growing up in the modern world. Every year that slips by, they get a little more able to handle the onslaught of shitty social media, so by the time they get to 16 years old, with proper training and support from their parents, they'll do just fine. I'm sure we could have managed at 13 too - but 16 is easier. A lot easier.
Okay, so don't apply for jobs that say they need "AI skills".
> That's pretty much what I tried last time I delved into LLMs. It was not impressive. On the somewhat rare occasion it produced working code that was useful, the structure of the code reminded me of when I was hired to cleanup the mess at a startup that had rapidly built their system using outsourced talent and had lost control of their system
Then you need to refine your specs to say what you actually *do* want. You're the senior dev, if the junior's not doing what you want, then you've got to guide them better.
I work for a consultancy which is "AI native". My employer is actually very good at getting things done for clients, and was good at it before AI too, so there's room to argue how much AI really does or doesn't do, but that's besides the point. Clients are asking for it, and my employer genuinely delivers on it.
For anyone looking for work, I'd recommend you spin up a docker container and run $someone's CLI agent in it*. I personally use Gemini at home, but you can use any you're happy with. Run up the CLI, and ask it to do some stuff. It'll go off and do some things, and you'll wonder how this is different from using ChatGPT in the browser. Then you'll realise it can read and write files, so it can look over an existing repository, or perhaps make a fresh one for you.
* You can run agents directly on your laptop too. Be aware they're still absolute crap though (even the good ones). Gemini has memory leaks, so probably has a million other bugs elsewhere that no one is fixing - the same is true of most of the others too. Personally, that's all too risky for me - they get a container and a very small mapped directory and nothing more.
Next, I suggest you look up Spec Driven Development (SDD). This is grown up vibe coding. The idea is you write a load of markdown files which specify what your app does. The AI reads them and generates code. If you don't like the code, you fix the specs and go again. Do that a bit and make an actual app you're actually happy to run for real somewhere.
Anyone 'vibe coding' is essentially the equivalent of the self-taught kid who thinks they're a coder. SDD at least makes you a professional. It takes a bit to get used to it, and to make it do the things you really want and assumed it would do all by itself (but of course it doesn't). That, I guess is the difference between "junior SDD" and "senior SDD" or whatever. The jury's out on deciding if it's actually quicker than just coding, but at least you end up with a stack of documentation (which otherwise no one ever quite gets around to writing).
Honestly, I thought they were already doing this - I thought that was what they used all those "click to like us on facebook" buttons were for...?
Either way, many moons ago, I put a blocker in
For those who don't have an SO addicted to Facebook, you could use a pi hole to do the same sort of thing, I guess...?
You're conflating a few things there, but you're onto something.
To jam GPS, all you need to do is fill the channel with noise, because as you say, GPS is actually below the noise floor when it reaches the ground anyway. However, you do need to fill it with 'edges', rather than just a single continuous tone. I suspect the military receivers are more resistant than consumer because they use a wider band, and so you'd need to cover a much broader area with convincing 'edges' to fully defeat them - but you can definitely cause signal acquisition issues, if not signal lock failures relatively easily.
To actually spoof GPS does indeed take a lot more work. You need to have a lock on at least one satellite, and then relay those signal with at most a few milliseconds of delay. Instead of trying to do that, you'll actually mimic the satellite completely, and by supplying a tiny bit more power than the real satellite, you'll likely fool the receiver into following your signal instead of the real one. Again, this is considerably harder to do against the military bands because they use a much longer spread spectrum key, and those keys are classified. Consumer keys aren't publicly available, but I dare say can be/have been reverse engineered out of receivers a dozen times over. Unless you're trying to do some sort of James Bond type setup to drive someone off-course and over a border or some such, this approach is almost certainly not worth bothering with.
As for Glonass - you may well be onto something there, perhaps they can jam everyone else but not themselves? One wonders what practical application that has, given the Ukrainians have found consumer GPS receivers strapped to downed Russian fighter dashboards. It might mean 'big' things like ships know where they are, but frankly, if you can't figure out where a ship is, you're not really up to much. It's much more interesting to have GPS for small things like drones, and even fighter planes - but for that, you're going to need hundreds of military-band receivers, which observation suggests don't exist.
Lastly, I'll also say that when GPS sats first went up, the Americans enabled "Selective Availability" (SA) on the consumer bands. The idea was that us ordinary folk wouldn't know where we were, but the US military would. The thing was, some of the best minds in the world were working on ways to 'smooth out' the SA so GPS would be useful for ordinary people. Then the US went into Haiti, and realised they didn't have anywhere near enough military GPS receivers, so they went to Bestbuy, bought all the consumer ones they could and turned off SA. When the conflict was over, they turned it back on briefly, but then realised it was probably better to "keep their powder dry" and turned it off again. We all went and dismantled our differential GPS systems, so are vulnerable to it again.
My point is, if there are some "GPS outages" or whatever, then all it's really doing is preparing us for the future. We're a pretty ingenious bunch, and pretty soon we'll have solutions for all these sorts of problems - even at a consumer level.
Either way, as a geek, this makes me want to get a raspberry pi and attach a GPS antenna to the shed to datalog what it 'sees'. Might be an 'early warning' of impending trouble, or maybe just something for my nerdgasm.
I think context is what matters here.
Likely, your dashcam will rotate videos after say a week or a fortnight. You won't even bother to look at any of those videos unless you witness something dangerous.
The glassholes aren't doing that. They very much are personally looking at all the video they collect. What's more, it seems a pretty sizeable proportion of them are then putting those videos on youtube (and others), aiming that content at certain demographics who aren't necessarily so careful about privacy and respect of others.
A case recently in the UK of a woman on a beach being talked to by some bloke, which later became a youtube video without her knowledge or consent. It was a pretty benign conversation, and she seemed perfectly reasonable and polite to me, but once that got onto the Internet, the weirdos were all saying she was the devil incarnate for the way she behaved. Of course a few took it even further than that with some really pretty horrible comments, threats and so on. Needless to say, the tech companies weren't very keen on helping her out.
I'm sure somewhere those same videos have had different heads and bodies grafted onto them and turned into porn films too - there things get really nasty, and again, the victims get very little support.
So you see, just recording things isn't the problem. I'd say it probably isn't even really a problem if you're just keeping those recordings in your wank bank - a bit weird, and if you ever get found out, there'll be trouble, but while no one knows, maybe it's not too bad. It's when people that took the videos choose to share those recordings (without consulting with the other subjects, or gaining consent, etc) is when the trouble starts.
True, but in most cases, the malicious package is created by an attacker, side-stepping the original developer. When they realise they've been side-stepped, they take steps to resolve the problem and delete the malicious package - without even looking in it to see what it does. It doesn't take an actual exploit using the malicious package to trigger some sort of mitigation. That's a very different attack pattern to someone taking years to hit a specific target.
The likes of the cesspool of nodejs/npm could probably have avoided many an actual exploit with even just a 10 day cooling off period.
Agreed, but in practice it requires all your dependencies to do the same. All it takes is one of them to have a missing version and you'll go pulling it in at 'latest'. You can freeze it at that point for your subsequent deploys, but it'll still have shafted you in dev while you were revving some version or other.
Strictly freezing versions of the entire dependency tree is probably the best method there is, but it sure adds to the management overhead. You've still got to vet every single dependency at the versions you've frozen to, say nothing of the upgrade 'dependency hell' type scenarios.
Having a simple "bundle install -days 30" type option seems like a sensible half-way-house, and probably good for when you're first starting a project at the very least. Most malicious updates get spotted and fixed within a few days, so this method, whilst considerably less rigorous is at least _something_.
You absolutely can have an AI agent hack about with the code for your model, and thus "self improve". You'd need to give it some idea of what "improvement" actually is - and truthfully, you're probably going to give it a very narrow definition, with a short runway. Otherwise, you're going to end up writing War and Peace, which is going to get your agent off track. Keeping an agent focussed on a task is a surprisingly hard problem - they tend to go off on a tangent and end up going around in circles on some trivial point quite easily.
Can you have an agent define the improvement requirements? Yes, but can it continue to do that after the first set of improvements has been achieved? I'd say that's doubtful - without some human guide, such things tend to get well off track very quickly (again, off on a tangent, around in circles). I don't imagine a never-endingly genuinely improving model is likely, but it would be interesting to see what it does come up with, I guess. You'll need to spend big on the tokens or with the power company to find out though. Having one endlessly iterate is absolutely possible though, but just don't expect many of those iterations to actually be any use, or else they'll be so similar to the previous ones as to be pointless.
The other thing to know is that the code that makes a model useful is only part of the story. Training is also part of it, and there again, it's going to be a tough ask to have it train on "quality" data more strongly than on the dross.
* * * * * THIS TERMINAL IS IN USE * * * * *
