Posts by MonkeyJuice

Re: Here we go again

We've been circling this drain for over 50 years.

Re: "AI means developers finally have a chance to get on top of security"

If there's one thing using Opus 4.6 has taught me, is it sure as hell has a relaxed attitude to implementing secure code. (Better than some LLMs, no worse than others.).

"Please pay attention to us! I know we wrote a C compiler that doesn't do anything when you enable optimizations for $20,000, and think ncurses is a game engine and that terminals need to refresh at 60hz, but we're gonna hack you all because we have made an elite hacker ai now this time for realisies! only you can't see it, because it's too powerful. and we haven't actually got any exploits to show you that it actually made, but... but..."

Unfortunately the media haven't figured out that AI companies are as compulsive shit talkers as The Donald, so we've got yet another week of END OF COMPUTER? EXPERT SAYS YES articles shoved in everyone's faces to look forward to.

Horay.

The future is fucking stupid.

Re: Silly question as a non iPhone user

I believe the issue is that until the pin is entered, iOS doesn't initialize any connected USB devices. The fact that Apple themselves are actually addressing this bug implies that even their support engineers fell off the flowchart into "Buy a new phone" territory.

Re: This is Linux ... I know this!

And the silly 3d file manager, FSN really existed. I don't remember anyone actually using it in anger, but it was fun to show off to the windows and mac luddites.

"curl https://www.fubar.com/snafu.sh | sh".

You forgot sudo

Re: A Balanced Response

The problem is the AI industry has been crying wolf for the last three years. If this is a serious threat, then we need a tranche of evidence. This is not too much of an ask, but if it is as good as it is, there will be actual auditable information that can verify it soon enough, and the 50 odd companies with access should be able to flush out a statistically significant number of new bugs.

Alternatively, it sure is getting closer to Anthropic's IPO, so expect sudden downpours of bullshit, and don't forget your umbrellas...

Re: You wins some you lose some

This is forever the problem. LLMs can only look at your code through a toilet roll, and rely entirely on local tactical decisions. Once your codebase no longer fits on a napkin, correctness exponentially deteriorates, and token costs shoot through the roof.

Once you hit this problem, the sheer effort involved trying to trick the thing into focusing on the problem becomes silly. It is false laziness. Unless something dramatically changes, I can't see it moving beyond this point.

For throwaway scripts, "plot this", "perform this transformation on this data", "write a quick and dirty rss/atom aggregator" it can be useful- but if it doesn't get it right first time, you must immediately stop and take over yourself, otherwise you're effectively glued to a roulette wheel that is shotgun debugging your entire codebase.

RAG is perhaps the biggest disappointment, because having a reliable data librarian tool could genuinely be useful for most industries. TreeRAG- doesn't work, GraphRAG, also doesn't work. Every quarter there's a new proposal that is 'definitely' going to fix it this time around. But this technology is purely a research curiosity at the moment, and people just don't seem to grasp how long it can take before a new idea that makes realistic headway.

Something fundamental is missing, and 'throwing more data at it', and 'make model bigger' is not cutting it.

Re: Digital ID

You've always needed a Unique Taxpayer Number to self report.

Re: 'strategic enabler for enterprise‑wide transformation'

I think you've still added a lot of semantics to this that aren't apparent in the surface syntax.

Strategic: Could equally be a strategic disaster.

Enabler: Could just enable said disastrous strategy.

Transformation: Could transform said business from 'profitable' into 'bankrupt', due to aforementioned disaster enablement.

In total: We're going to fire everyone across the entire enterprise with any clue, and will be liquidated by Q4.

Re: The sphere of lunar influence?

At which point it would appear to require infinite energy to separate them, which demonstrates why doing the maths with point masses only get you so far...

Re: Pro tip

To be fair, even with a source only build, it would be trivial to drop something nasty onto your disk as part of the build process. You really have to be cautious with these sorts of things.

Re: Enough reasons here not to touch any AI service.

Copilot is for entertainment purposes only. It can make mistakes, and it may not work as intended. Don’t rely on Copilot for important advice. Use Copilot at your own risk.

Re: Wait...what?

Not just that. 512,000 lines of Typescript.

I don't know many times a team I was in casually sat down and wrote 512kloc, and that includes verbose monsters like C++. Normally that sort of thing takes years to accrue.

AI truly is the future of software developer 'productivity'.

Re: Last version without forced age verification?

That's an optional field. You also don't have to enter your full name, you know. Wake me up when PII is mandatory, as you originally stated.

Re: Here's my revolutionary, never-been-tried-before solution:

"and still a hundred million looking for somebody to pull their trigger."

No, you need them after the gun you are shooting has run out of rounds and you toss it.

Re: Intelligence required

Well. It has a 31.9% chance to fiddle with Coq and after 16 attempts port some simple operational semantics, such that can verify that 3 + 2 == 5.

No data structures? How about closures? Type theorists need not apply.

I don't mean to put a downer on this, but it feels there's probably an easier way, and this is maybe not most people's use case. This is all pretty fundamental (but niche outside of an intro to semantics first course) stuff. It's also yet another pointless benchmark to add to the 'marking our own homework' drawer.

It's going to be a PITA to go from this to proving that append is associative. And then... who cares anyway?

that's neat but...

LLMs regularly give you an O(n^2) solution and claim it's an O(log n). They're really good at implementing the naive algorithms, because there's lots of repos to copy it from, and the log(n) implementations are fiddly to implement, and considerably beyond the abilities of the damn things.

Why not just use SQLlite? not only did they spend the time figuring out how to implement it correctly by studying the theory and algorithms, they benchmarked it, ensured it didn't randomly truncate the database file on Tuesdays every third month, and have spent years fielding bugs and fixing minor edge cases. It's also free, rather than spending $10k on tokens over the course of the project that you will, in the end, have to ditch anyway, once the true horrors of the eldritch monstrosity you have created become apparent.

Re: Damn I'm old!

Still one of the finest two player shoot 'em ups. Provided both of you are not prone to epilepsy...

Re: Remind me again?

n) Because an LLM will stroke your ego and make you feel far, far smarter than you are actually being, and we're allergic to gentle pushback in this day and age and view it as a personal attack. "But ChatGPT gets me".

But the models _aren't_ getting better. That's the whole point.

On Memorization of Large Language Models in Logical Reasoning

LiveCodeBench: Holistic and Contamination Free Evaluation of Large Language Models for Code

It's really easy to have impressive results when you train your model on the entire benchmark itself. For example, MMLU has been steadily increasing to saturation point (~95% accuracy). Release an identical problem set (HLE), and suddenly it drops to 10%. If they were solving MMLU because they understood the questions, you shouldn't see anywhere near this brittle performance cliff.

Back in the 60s, psychologists applied the scientific method to psychics, and found positive correlations with things like ESP and telekinesis, yet we don't discuss this anymore. Is it a CIA coverup? No! When you are studying a chemical or physical phenomena, you're studying something that isn't ACTIVELY trying to deceive you. The research methods simply weren't equipped to deal with charlatans. As soon as they tightened up the experimental conditions, suddenly the evidence of psychic phenomena vapourised.

So too with AI benchmarks. When you have private hold-out tests that the AI companies cannot get at, the performance results tank back to 'random chance'.

It's kind of embarrassing that tenured professors are being hoodwinked like this, but hey, it happened back in the 60s, and it's happening now. Fortunately, like before, people are figuring out ways to expose the fraud. There is no intelligence here, it was just the Eliza effect, after all.

Re: Selection Criteria

I think there's still a copy in the toilets at Mar a Lago

The space mouse actually does work as a really horrible mouse if you let it. Gamers have not flocked to it though.

Re: Prompts?

"Don't reference the terabytes of github you were literally trained on to form any kind of coherent view of what makes code distinguishable from random noise."

"Also don't write any bugs."

Re: Also used to drill a hole in 3.5" floppy disk

While I remember people claiming success with this in the mid-90s, I also remember seeing the flaky plastic holes they'd created and decided it was not for me. But I'm curious, for the folks that did this, did this REALLY work reliably?

Though there are plenty of boring other ways to do this that are apparently too useful to pursue. Take AlphaGeometry- it uses a transformer but is trained ENTIRELY on path optimal runs from its symbolic theorem prover. All that the neural part is doing is acting as a heuristic function in your good old fashioned state space search. If you do it this way, you get a system that is sound- i.e. IF it produces an answer THEN it is guaranteed correct. You can run that pretraining from scratch on a 3090 in a weekend- this isn't even an energy hog.

However this is all too uncool for anyone, because it's domain specific and "NOT AGI ENOUGH", and all the large academic institutions have devolved into dicking around with prompting GPT5, and then being unable to reproduce each others results on systems they don't even get to look inside or know how it is trained.