Readit News logoReadit News
lukevp commented on Small Objects, Big Gains: Benchmarking Tigris Against AWS S3 and Cloudflare R2   tigrisdata.com/blog/bench... · Posted by u/nethunters
lukevp · 10 days ago
This makes no sense. They ran the tests from a “neutral cloud provider”, as if someone is using AWS S3 to store their Azure and GCP data?? And they didn’t explain where exactly Tigris was running or how they controlled for the network latency. AWS is insanely faster when the compute is in the same region as the storage. They also didn’t mention what class of S3 they used or what replication settings (eg. S3 has express one zone).

I’m all for benchmarking and showing that your product is better from a technical standpoint. But at least for me, this is not the way.

lukevp commented on How we exploited CodeRabbit: From simple PR to RCE and write access on 1M repos   research.kudelskisecurity... · Posted by u/spiridow
filleokus · 10 days ago
I agree, this seems like straight up bad design from a security perspective.

But at the same time, me as a customer of Github, would prefer if Github made it harder for vendors like CodeRabbit to make misstakes like this.

If you have an app with access to more than 1M repos, it would make sense for Github to require a short lived token to access a given repository and only allow the "master" private key to update the app info or whatever.

And/or maybe design mechanisms that only allow minting of these tokens for the repo whenever a certain action is run (i.e not arbitrarily).

But at the end of the day, yes, it's impossible for Github to both allow users to grant full access to whatever app and at the same time ensure stuff like this doesn't happen.

lukevp · 10 days ago
The private key isn’t a key in the “API KEY” sense, it’s a key in the “public/private key pair” sense. It’s not sent to github and there’s no way for them to know if the signing of the token used to make the call happened in a secure manner or not, because github doesn’t receive the key as part of the request at all.
lukevp commented on Lab-grown salmon hits the menu   smithsonianmag.com/smart-... · Posted by u/bookmtn
bowmessage · 11 days ago
> Why not actual collagen as a matrix, or maybe, say, gelatin? Why not ground-up shrimp as a colorant instead of beta carotent + lycopene? Why vegetable oils instead of animal fats?

Simple answer: they're cutting corners -- increasing shelf life, decreasing production costs, and overall increasing profits, like many of the big food corporations operating today.

lukevp · 11 days ago
The cost of the processes for these alternative meats astronomically outweighs the cost of ingredients, especially the cell culturing. It is unlikely that any of these companies are even making profit at this point. This is a long play to get the public to buy into this alternative food source, and only then will the scaling be enough to reasonably profit from any of this. There’s a baseline cost that they have to hit (farm raised salmon) and it’s incredibly cheap. Swapping out ingredients won’t make it cost competitive. Scaling up bioreactors might.
lukevp commented on Show HN: Draw a fish and watch it swim with the others   drawafish.com... · Posted by u/hallak
pimlottc · a month ago
I drew a fish but I couldn't find it anywhere when it switched to the tank. Perhaps you could highlight the user's own fish, at least initially?

EDIT: Tried again and now I see there is a highlight, but it's pretty hard to see a in a busy tank, the color contrast is not very high

lukevp · a month ago
Mine was highlighted with golden rays around it (like a cartoon sun)
lukevp commented on Fast   catherinejue.com/fast... · Posted by u/gaplong
mvieira38 · a month ago
Only in the small subset of programmers that post on HN is that the case. Most users or even most developers don't mind slow stuff or "getting into flow state" or anything like that, they just want a nice UI. I've seen professional data scientists using Github Desktop on Windows instead of just learning to type git commands for an easy 10x time save
lukevp · a month ago
GitHub Desktop is way better for reviewing diffs than the git cli. Everyone I’ve ever worked with who preferred cli tools also did an add and commit everything, and their PRs always have more errors overall that would be caught before even being committed if they reviewed visual diffs while committing.
lukevp commented on AMD CEO sees chips from TSMC's US plant costing 5%-20% more   bloomberg.com/news/articl... · Posted by u/mfiguiere
timmg · a month ago
What I really want to know, from someone who does know: Is Intel cooked? Like, will they be able to manufacture chips that compete with TSMC?

They used to be a crown-jewel of US tech. But it seems like every time I read the news, they are announcing a delay or shutting down some product.

lukevp · a month ago
Intel is more than just fabs. AMD spun off digital foundry forever ago and just uses TSMC, no reason Intel couldn’t do the same. At this point their fabs are a liability. They have a new leader who’s from a semiconductor manufacturing background so I have some faith they’ll give up on the pursuit of next gen fabs and focus instead on their IP. There’s a huge opportunity in their GPU segment. They’ve gone from a joke to competitive in a couple years, and they offer more VRAM for the dollar. They could tailor towards AI and really get some traction there.
lukevp commented on TSMC to start building four new plants with 1.4nm technology   taipeitimes.com/News/fron... · Posted by u/giuliomagnifico
ecshafer · a month ago
Why would a free taiwan be necessary? I don’t think there ccp would have any qualms about tsmc continuing operation. A chinese company being the indisputed best at the modt advanced industry in the world is a good thing for them. Assuming a bloodless takeover occurred it would be business as usual.
lukevp · a month ago
The implication I got from the GP comment is that the U.S. would be reluctant to have CCP manufacturing the processors due to the (proven) risk that they’ll modify and backdoor stuff.

If TSMC over invests in US factories then they could be taken over under imminent domain if Taiwan was no longer independent. So they have to keep a large portion of manufacturing domestic to Taiwan for lessened geopolitical risk.

lukevp commented on It's rude to show AI output to people   distantprovince.by/posts/... · Posted by u/distantprovince
hks0 · a month ago
> "I vibe-coded this pull request in just 15 minutes. Please review" > > Well, why don't you review it first?

My current day to day problem is that, the PRs don't come with that disclaimer; The authors won't even admit if asked directly. Yet I know my comments on the PR will be fed to the cursor so it makes more crappy edits, and I'll be expecting an entirely different PR in 10 minutes to review from scratch without even addressing the main concern. I wish I could at least talk to the AI directly.

(If you're wondering, it's unfortunately not in my power right now to ignore or close the PRs).

lukevp · a month ago
Rather than close or ignore PRs, you should start a dialogue with them. Teach them that the AI is not a person, and if they contribute buggy or low quality code, it’s their responsibility, not the AIs, and ultimately their job on the line.

Another perspective I’ve found to resonate with people is to remind them — if you’re not reviewing the code or passing it through any type of human reasoning to determine its fit to solving the business problem - what value are you adding at all? If you just copy pasta through AI, you might as well not even be in the loop, because it’d be faster for me to do it directly, and have the context of the prompts as well.

This is a step change in our industry and an opportunity to mentor people who are misusing it. If they don’t take it, there are plenty of people who will. I have a feeling that AI will actually separate the wheat from the chaff, because right now, people can hide a lack of understanding and effort because the output speed is so low for everyone. Once those who have no issue with applying critical thinking and debugging to the problem and work well with the business start to leverage AI, it’ll become very obvious who’s left behind.

lukevp commented on I convinced HP's board to buy Palm and watched them kill it   philmckinney.substack.com... · Posted by u/AndrewDucker
bluGill · 3 months ago
The price was likely too high, though that is debatable. However the real take away is if you want something like this to work out you need to invest in to for years. There is nothing wrong with getting the size of the market wrong by that much - it happens too often for anyone to call it wrong. It isn't clear what was predicted, but marketing should have predicted a range of units sold (and various price points having different predicted ranges!).

They didn't have the app ecosystem - no surprise. However the only way to get that ecosystem is years of investment. The Windows phone failed a couple years latter for similar reasons - nice device (or so I'm told), but it wasn't out long enough to get a lot of apps before Microsoft gave up on it.

lukevp · 3 months ago
Windows phones were incredible, the OS was the most responsive at the time by far. No apps though. They were building in Android app support when they pulled the plug.
lukevp commented on Show HN: Icepi Zero – The FPGA Raspberry Pi Zero Equivalent   github.com/cheyao/icepi-z... · Posted by u/Cyao
Cyao · 3 months ago
After the amount of emails i got asking if i sell the boards, I just applied to crowdsupply :P
lukevp · 3 months ago
I have no idea about this product category but am interested in learning more about FPGAs. What is the ballpark price point that something like this would be? Are we talking $100 or $1000?
l

u/lukevp

KarmaCake day2279October 20, 2018
About
Created the new application NoteBrook (https://notebrook.app to use right away in browser, https://notebrook.com for more info.)

Contact me directly at lukepdev. The place my email is hosted is on live.com.

View Original