Earth, 2026. Silently shifting through the mysterious dimensional plans, Cthulhu just jumped in. Thinking it could unleash new level of despair and frights on the mere mortal souls inhabiting this world, it was anticipating it's own jubilation. Throwing a glance omnivision on it however, all sense of joy suddenly vanished from its monstrous mind and to its own surprise, despair was invading it as it was contemplating situations far more awful than what it had ever devised. All self inflicted by small almost-thoughtless meat bags. Shifting back, it tried to convince itself this never happened and in the same time, promise itself to never land again on this desolated place.
Probably more likely to run into a Shoggoth than Cthulhu in the Antarctic, or maybe an Elder Thing if any are still around. Rl'yeh is a bit further north.
To be fair, that’s the recommended way to put out an alkali metal fire. At least according to my grandfather who helped write safety regulations for nuclear subs whose reactors were cooled by liquid sodium.
Not really something I’d want to try out in practice, seems like a fire in a nuclear reactor under the ocean, where the source of the fire explodes on contact with water, is a less-than-ideal situation.
This may be a more accurate analogy... "The Porsche you rented at $200/mo now only allows you a maximum of 100km of travel. You will be automatically charged extra when you go over that."
Yeah, if I go to a petrol station with 50€, but only get a tenth of the amount of petrol I got last week, I may think that the price has in fact changed.
On top of being worth less, the subscriber discounts are gone.
The old plans were $0.033/request for Pro, $0.026/request for Pro+ and $0.04/request for pay-as-you-go. That discount is now gone. They even still advertise "5x the number of requests" for Pro+ over Pro.
I referred to the swapping of cars to a far inferior model than you paid for.
However I do also pay for milage (KM), and extending the rental period does often* NOT extend the milage range. Eg 1 month=1000 KM, 2 months=1000 KM, so you need to split the rental periods yourself and do all that hassle, or pay extra.
(*May of course vary depending on the rental company)
It’s technically true that the plan prices haven’t changed, it’s just the value you get from those plans has plummeted. It’s classic deceptive sales language.
There's no record for the agent to be on - it's always just a bunch of characters that look plausible because of the immense amount of compute we've put behind these, and you were unlucky.
LLMs get things wrong is what we're forever being told.
And the explanation/confession - that's just more 'bunch of characters' providing rationalisation, not confession.
Except the dev that gets AI done in 5 hours will have a poorer mental model of the code. Whether that's important might or might not depend on whether that bites you in the ass at some point.
Don't agree - the dev is productive because they have a good mental model of the problem space and can cajole the agent into producing code that agrees with the spec. The trend is for devs to become more like product managers (which is why you see some whip-smart product managers able to build products _without_ human devs)
I believe these tools change the value of different skill sets in a very profound ways. Being good with rules of a programming language and syntax is no longer as valuable as it used to be.
Understanding the problem space is becoming more valuable. Strength in architecture of a solution is another skill that is becoming very valuable.
We are close to getting to a point where someone with overall general (and perhaps not very detailed) understanding of arch and design and a good understanding of the problem space and having a good taste in usability will be able to create awesome solutinos.
I can't wait to see these solutions being created by one or two person teams.
If you write a program in Python or JavaScript, you have a terrible mental model for how that code is actually executed in machine code. It's irrelevant though, you figure it out only when it's a problem.
Even if you don't have a great mental model, now you have AI to identify the problems and generate an explanation of the structure for you.
No, but you have a great mental model of the interface between your problem domain and the code, which is where you can affect change.
Outsourcing that to an AI SaaS might be ok I guess. Given past form there's going to be a rug-pull/bait-and-switch moment and dividends to start paying out.
> It's irrelevant though, you figure it out only when it's a problem.
For the past decade people have been clawing their eyes out over how sluggish their computers have become due to everything becoming a bloated Electron app. It's extremely relevant. Meanwhile, here you are seemingly trying to suggest that not only should everything be a bloated, inefficient mess, it should also be buggy and inscrutable, even moreso than it already is. The entire experience of using a computer is about to descend into a heretofore unimaginable nightmare, but hey, at least Jensen Huang got his bag.
That is the doom side. However AI has found and fixed a lot of security issues. I have personally used AI to improve my code speed, AI can analyze complex algorithms and figure out how to make them much faster in ways I can do as a developer, but it's a lot of work that I typically wouldn't do. Even just writing various targeted benchmarks to see where the problems really are in my code is something I can do, but would be so tedious I often would not bother. I can tell AI to do it and it will write those.
Only time will tell which version of the future we end up with. It could be good or bad and we will have to see.
In terms of runtime performance of applications, AI is a net win. You can easily remove abstractions like Electron, React, various libraries. Just let the AI write more code. You can even do the unthinkable and write desktop native again.
The hypothesis you're referring to is something like "if everyone uses a 7-day cooldown, then the malware just doesn't get discovered for 7 days?", right?
An alternative hypothesis: what if 7-day cooldowns incentivize security scanners, researchers, and downstream packagers to race to uncover problems within an 7-day window after each release?
Without some actual evidence, I'm not sure which of these is correct, but I'm pretty sure it's not productive to state either one of these as an accepted fact.
Well, luckily, those who find the malicious activity are usually companies who do this proactively (for the good of the community, and understandably also for marketing). There are several who seem to be trying to be the first to announce, and usually succeed. IMHO it should be Microsoft (as owners of GitHub, owners of npm) who should take the helm and spend the tokens to scan each new package for malicious code. It gets easier and easier to detect as models improve (also gets easier and easier to create, and try to avoid detection on the other hand)
That was my first instinct as well but I'm not sure how true it really is.
Many companies exist now whose main product is supply chain vetting and scanning (this article is from one such company). They are usually the ones writing up and sharing articles like this - so the community would more than likely hear about it even if nobody was actually using the package yet.
> This plan works by letting software supply chain companies find security issues in new releases. Many security companies have automated scanners for popular and less popular libraries, with manual triggers for those libraries which are not in the top N.
It looks pretty nice - reminds me of Dorling Kindersley books. But the graphics, whilst stylised, are pretty hit-and-miss. Great idea, just a bit too soon.
reply