Artwork

@ artwork @lemmy.world

Posts

16
Comments

192
Joined

6 mo. ago

...cogito, ergo sum...

Wonderful day!

I've never used the wonderful client yet, but was curious too, and checked the source code.Evidently, it should be "person's score":

    
// ...
val personScore = personTracker.getPersonScore(targetPersonId = personId)
if (personScore != 0) {
  append(" [")
  val s = length
  append(personScore.toString())
  val e = length
  append("]")
// ...

Source: LemmyHeaderHelper.kt

1w ago

Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’

We now ban every reporter Instantly who submits reports we deem AI slop. A threshold has been reached. We are effectively being DDoSed. If we could, we would charge them for this waste of our time.
We still have not seen a single valid security report done with AI help.
~ Daniel StenbergSource [2025]

---

For those of you who don't want to click into linked in, https://hackerone.com/reports/3125832 is the latest example of a invalid curl report
Source: https://news.ycombinator.com/item?id=43907751 [2025-05-06]

1w ago

First Apple M5 memory exploit discovered using Anthropic AI, gives root access on MacOS

Of course, but the possibly LLM-generated article at 8ksec has no actual preview of even undisclosed proof-of-concept (PoC).And the article is used as the main source at the Tom's Hardware article, too.Therefore, the question is, what is the main point of both the articles, if?:

No PoC preview is stated at all;
No LLM use is stated in the initial source (at 8ksec);
An explicit LLM use at 8ksec is mentioned in the Tom's Hardware - Mythos by Anthropic;

In other words, it feels more like an ad for Mythos and Apple but based on absolutely no evidence at this point of time, and Mythos is mentioned at Tom's Hardware article only.

1w ago

First Apple M5 memory exploit discovered using Anthropic AI, gives root access on MacOS

I am sorry, but I didn't see any actual exploit evidence, but just the ad "groundbreaking" Apple's MIE and previous CVEs mentioned.

Nor there is any use of LLM/"AI" explicitly stated, too, except the article itself it refers to, which looks like LLM-written: 8ksec.io/mie-deep-dive-enabling-apps [web-archived]

Update (2026-05-17_13-09_0):- In other words, it feels more like an ad for Mythos and Apple but based on absolutely no evidence at this point of time, and Mythos is mentioned at Tom's Hardware article only.

1w ago

krypt - terminal password manager (tui)

The pass was audited more than the still freaking awesome KeePassXC mentioned (e.g. discussion#9921).Also, no GUI is required, unless you meant keepassxc-cli.

More software supports pass out-of-the-box, including Git, Rclone, Docker etc., which you usually can change/proxy to a KeePass database handler like keepassxc-cli, but still.

Therefore, the KeePass specification is a marvel, too, especially for generally more convenient personal use, but Pass and GPG are just the enterprise/professional standard trusted by marvelous vendors (e.g. DigiCert).

keepassx2pass.py: imports KeepassX XML datakeepass2csv2pass.py: imports Keepass2 CSV datakeepass2pass.py: imports Keepass2 XML data
Source: https://www.passwordstore.org/

1w ago

krypt - terminal password manager (tui)

Artwork @lemmy.world 1w ago

Just to clarify, how is it better than pass?: https://www.passwordstore.org/

1w ago

Roman Letters

Artwork @lemmy.world 1w ago

The website looked as any LLM ("AI") generated one, usually via Claude, considering the design that model frequently uses.

And it is (300,755++ lines from Claude): https://github.com/CraigVG/roman-letters-network

Here, I am sorry, but I just cannot consider it serious nor accountable, since I just cannot trust its data.

If all the information there is valid and verified, every single letter and the authors' word after the LLM's processing, then the "AI" may be dimmed.

Yet, I don't believe so, knowing how unlimitedly every subjective word may change contexts, and using objectified and limited LLM for it?

There's ?scholarly=true GET parameter mentioned in the :/CLAUDE.md, but a quick check of its behavior didn't result in any change.

Regardless, the idea and overall intention that highlights the impact and importance of history, and presents connections between infinitely unique and miraculous people around the infinite world... where every single word carries a life moment... is ineffably magnificent...

Thank you, Craig Vander Galien, for the idea and love in history!

Modern English translations were produced using Claude (Anthropic), working from either the Latin/Greek original or an existing 19th-century English version. Translation work was guided by two internal documents: a translation guide covering late antique epistolary conventions, rhetorical register, and how to handle common formulaic phrases; and a modern voice guide specifying tone, vocabulary level, and how to avoid archaism while remaining faithful to the original.
AI-generated translations are clearly marked in the interface. They are provided for accessibility and research convenience, not as authoritative scholarly translations. The original Latin or Greek is preserved alongside every translation, and 19th-century English versions are shown where available. Corrections from domain experts are welcome.
Source: https://romanletters.org/about/

1w ago

Linux devs are fighting the new age-gated internet

Roger that! Thank you for being a developer and improving the ineffably magnificent world! ✨

In this case, we do relatively the same, and usually in database seeding and model factories, I believe, but personally I am more into the Laravel and Symfony, where the mentioned above PHP library is used there under the hood.

Please to stay safe!

1w ago

Linux devs are fighting the new age-gated internet

A whole library, or a yet another ad for Python, sorry? Why not marvelous Perl, or any lovely PHP's or a JavaScript faker?Why a library in the first place?

In case of PHP (checked in v8.1)

php

    
echo date('Y-m-d', rand(strtotime('-90 years'), strtotime('-18 years')));
// 2007-07-30

And, I had a snippet for JavaScript (tested in the current Chrome's EcmaScript).We get the years in milliseconds, and substract from the current time.

 javascript

    
console.log(new Date(Date.now() - 365*24*60*60*1000 * (18 + Math.random()*72)).toISOString().slice(0, 10));
// 1984-07-20

In shell even! Let's use the common suit GNU coreutils (e.g. v9.4).We have 90y - 18y = 72 years, that is 26,280 days or ~26,297 days (source)

 bash

    
$ date -d "-18 years -$(( RANDOM % 26297 )) days" -- '+%F';
# 1976-04-06

1w ago

Linux devs are fighting the new age-gated internet

"You shouldn't have to choose between open and secure." The implementation backs that up. The friction is one-time for power users, but it's a genuine obstacle for scammers and it makes opportunistic spyware installation meaningfully harder.
Source

---

His argument: power users absorb a one-time inconvenience while vulnerable people (scam victims, children) get protected...The pattern HN picked up immediately...
That's the true believer pattern. The argument is ideological, so persuasion is off the table. He read the laws, decided compliance was the correct response, and went to work. Every objection the community raised went nowhere: that this enables surveillance infrastructure, that lying is trivially easy, that the laws themselves are unconstitutional overreach. He'd already accepted the law as legitimate and moved to implementation...
He hit three separate projects in one week...He agreed entirely, writing that the approach would be "completely ineffective at preventing anyone from lying about their age." He called it "hilariously pointless." Then he said Arch Linux should implement it anyway because the law requires it...
The open source community has always relied on the assumption that contributors act in good faith toward user freedom. Taylor probably believes he does. The laws say collect birth dates, so he collected birth dates, and in his framing that was being helpful.
The reason to name him is the pattern. The surveillance state runs on volunteers: people who do the implementation work for free, out of genuine conviction, with no paper trail connecting them to the money that wrote the laws...
Taylor already has the resume line and knows the codebase well enough to try again. The deadline pressure only grows, the laws are real, and someone will be next. The community needs to recognize the pattern before the PR opens, not after.
Source

2w ago

Permanently Deleted

May I ask what instances you've found the most reliable and informative, considering?:

Not only this one... mainly, SearXNG instances are polluted by requests from the millions of self hosted AI instances these days...Several open-source AI projects have a SearXNG integration / TBH that was never the intention...Source: https://github.com/searxng/searxng/issues/5286#issuecomment-3621869284

2w ago

Permanently Deleted

Thank you! Mostly, because Chromium based are used by the most people around the world, and it's related to my job in web-dev and security, since at least 2014.It's hard to guess what you actually meant, but let's guess...

For a client, do you mean Firefox/LibreWolf/non-vendor? Has less features for modern web-dev. Well, sure, yet the development environment is much more featureful in Chromium.
For a search engine, do you mean a SearXNG instance or such as services as Kagi? Of course, but it's unstable/erroneous from my experience, at this point of life. Yet, is monitored for better times.

2w ago

Permanently Deleted

If required, I've been having the following setup for a years or so. It works like a charm:

Set udm=14 as the default search "engine";
Install an extension to hide the common places, like the following: Hide Google AI Overviews;
Disable buttons in UI as the search/omnibox;

2w ago

Window [OC]

Thank you, heartfelt...

Though, I see hope and peace, for some reason, at this moment, it recalled the following work: Introspection by Dane Forrest ObuchowskiThe soundwork is also featured in a video-game: Strange Horticulture

2w ago

Engineer creates video game of Alaska’s Tracy Arm landslide, which generated a megatsunami

Artwork @lemmy.world 2w ago

He said the game is mostly a simulation, but there are also “Easter egg components.”...
To make something like this, he said he first needed the physics of the event itself to model the landslide and the wave it generated. That information came from a paper nearly 20 people from the science community co-authored, including Lynett.
“You can’t do that with AI. You can’t do that with graphic artistry. You have to do that with modeling them the way we did when we create tsunami inundation zones. It’s the same models that we use. It’s engineering level. It’s design level physics,” he said.
From there, he said graphics artistry is needed. And then all of the scene components can be brought together to make the game playable.
Source [web-archive]

Thank you... heartfelt...

2w ago

I built GitHub Store to 12,500 stars in 6 months – I started at 16

I am very sorry, but why does it scream AI, including the Readme, emojis, the post that mentions the age, as the most of such 1-week projects? As if the whole project was made by an LLM, similar to those dozens per day posted at /r/ClaudeCode? And not to mention, a yet again, politics agitation...

That said, how much human was involved into this project, if I may ask?

I do not want to disrespect anyone, but I just want to trust your project, and to do so I must know how much there is yours of your own mind you trust yourself.

2w ago

Why does songs from non-English countries have random English words? Can you imagine if English songs randomly have Chinese words?