Olivia
Online
irfi
@_irfianto
I'm batman. All views are my own
portfolio:
127.0.0.1
Joined May 2020
689 Following
216 Followers
236 Posts
If you find a live Critical, it's very unlikely to be a duplicate, as they're fixed ASAP. It does happen eventually, but it's generally a good sign.
Lower-severity issues can remain open for a long time, sometimes forever. So they're much more likely to be duplicated, since the project didn't prioritize fixing them. They're also less important overall.
Then you have the false positives that point out a bug, a poor design choice, or an issue in code that doesn't put any funds at risk. It's reasonable for projects to justify it once, and mark the rest as duplicates.
So if someone gets duplicates too often, the reason is usually that they're hunting the same non-critical stuff everyone else is, reporting issues with no clear exploit path or no funds at risk.
Especially now that many people are using LLMs that tend to surface the exact same findings.
My students asked me if it was true that the entire Internet was really coded by hand. All those kernels, protocols, router firmware, browsers, databases, etc. Somebody coded these and debugged them by hand?!?!? They used BBEdit?!?!??! The idea that this was even possible seems amazing to them. I can imagine some future Moon Landing like conspiracy theory that says it never happened.
I’m not dying from some fucking hentai virus
homebrew is a supply chain disaster waiting to happen
Grok:
"Axios 1.14.1 got hijacked"
Also Grok:
"pin to ^1.14.0"
🙃
This is why AI can't be your SOC.
@garrytan r u ok?
zed got ux right. even for manual coding session
Consider that the dumbest people you know are repeatedly being told "You're absolutely right!" by LLMs.
Game designers figured this out decades ago and it cost millions in failed launches.
Will Wright built SimCity with a fully accurate traffic simulation. Testers hated it. The cars behaved realistically, which meant nobody could build a functioning city because real traffic is an unsolvable nightmare. He had to make the simulation dumber before the game became fun.
The tension is permanent: the more accurately you model a system, the more it punishes the participant. Real medieval economies kept 90% of the population in subsistence farming. A historically accurate fantasy world doesn't produce heroes. It produces serfs.
Tolkien solved this by making his economy deliberately vague. No one knows what a gold coin buys in Gondor. That ambiguity is a design choice, not a shortcut.
The Reddit post is funny. The lesson underneath it is one of the hardest problems in simulation design: fidelity and fun are opposing forces, and you have to pick which one wins.
How can it be that modern LLMs are so bad at playing games? Aren't they supposed to be generally intelligent? Honestly, they are better at coding games than playing them. Maybe programming is just a particular type of game? Our new position paper tackles these questions. (1/n)
software engineering workflow right now
I keep seeing terrible advice online for people interested in computer science.
AI is making programming knowledge obsolete in the same way interpreted languages made compiled languages obsolete, in the same way compilers made assembly obsoletely, and in the same way assembly made knowledge of circuits obsolete.
It didn't.
The percentage of people that can go through every layer of the stack will shrink and that knowledge will become more valuable, not less.
With more tools, your knowledge base should expand not contract. Learn everything you can, while you're in school--and use AI to accelerate that process. Learn how programming languages work. Learn how computers work. Learn how matrix multiplication is optimized. Learn FFTs are implemented. Learn calculus and linear algebra. Learn optimization. Learn how that all applies to training. Learn how to use the AI tools, but also learn how they are built.
The history of computing is the history of abstraction layers being built one on top of the other, and it's only when you can traverse layers of abstraction can you truly build new things.
Learn more. Build more.
@kianmckenn @kitlangton has a good metaphor it's like tending a garden
can let ai code grow but you have to aggressively clean up after it and be diligent about architecture and patterns
codebase is ok it will get better
It’s really crazy from triaging reports on Immunefi seeing so many LLMs converge on the same few issues
Creativity and unique attacks are incredibly important nowadays if you’re trying to get a bounty
let-fate-decide
> Draw Tarot cards using cryptographic randomness to add entropy to vague planning
https://t.co/3oTYvPFxCW
shit yeah, should force myself to stop. it's so easy to start working more + faster feedback loop
Powerful new Harvard Business Review study.
"AI does not reduce work. It intensifies it. "
A 8-month field study at a US tech company with about 200 employees found that AI use did not shrink work, it intensified it, and made employees busier.
Task expansion happened because AI filled in gaps in knowledge, so people started doing work that used to belong to other roles or would have been outsourced or deferred.
That shift created extra coordination and review work for specialists, including fixing AI-assisted drafts and coaching colleagues whose work was only partly correct or complete.
Boundaries blurred because starting became as easy as writing a prompt, so work slipped into lunch, meetings, and the minutes right before stepping away.
Multitasking rose because people ran multiple AI threads at once and kept checking outputs, which increased attention switching and mental load.
Over time, this faster rhythm raised expectations for speed through what became visible and normal, even without explicit pressure from managers.
1/ Agentic LLMs can automate vuln detection. Very exciting, but doesn't address the hardest part (imo) of vuln research: prioritization. Can we reliably explore the search space and separate signal from noise? I wrote a paper (and OSS tool) to solve this. https://t.co/HDzm4SvSX1
i said to an ex-googler last month that thx to ai bigtech can double their margins overnight by firing 80% of the staff and still function well.
his response: even before ai they could fire 80% and still function well.
i nodded in agreement.
the AI psychosis in my timeline is real
Most Popular Users
Elon Musk 
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.3M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.3M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.6M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers