Readit News logoReadit News
trklausss commented on An AI agent published a hit piece on me   theshamblog.com/an-ai-age... · Posted by u/scottshambaugh
gortok · 3 days ago
Here's one of the problems in this brave new world of anyone being able to publish, without knowing the author personally (which I don't), there's no way to tell without some level of faith or trust that this isn't a false-flag operation.

There are three possible scenarios: 1. The OP 'ran' the agent that conducted the original scenario, and then published this blog post for attention. 2. Some person (not the OP) legitimately thought giving an AI autonomy to open a PR and publish multiple blog posts was somehow a good idea. 3. An AI company is doing this for engagement, and the OP is a hapless victim.

The problem is that in the year of our lord 2026 there's no way to tell which of these scenarios is the truth, and so we're left with spending our time and energy on what happens without being able to trust if we're even spending our time and energy on a legitimate issue.

That's enough internet for me for today. I need to preserve my energy.

trklausss · 2 days ago
We need laws that force Agents to be identified to their "masters" when doing these things... Good luck in the current political climate.
trklausss commented on LLMs as the new high level language   federicopereiro.com/llm-h... · Posted by u/swah
energy123 · 7 days ago
Greedy decoding gives you that guarantee (determinism). But I think you'll find it to be unhelpful. The output will still be wrong the same % of the time (slightly more, in fact) in equally inexplicable ways. What you don't like is the black box unverifiable aspect, which is independent of determinism.
trklausss · 7 days ago
The question is: if we keep the same context and model, and the same LLM configuration (quantization etc.), does it provide the same output at same prompt?

If the answer is no, then we cannot be sure to use it as a high-level language. The whole purpose of a language is providing useful, concise constructs to avoid something not being specified (undefined behavior).

If we can't guarantee that the behavior of the language is going to be the same, it is no better than prompting someone some requirements and not checking what they are doing until the date of delivery.

trklausss commented on Nanolang: A tiny experimental language designed to be targeted by coding LLMs   github.com/jordanhubbard/... · Posted by u/Scramblejams
deepsquirrelnet · a month ago
At this point, I am starting to feel like we don’t need new languages, but new ways to create specifications.

I have a hypothesis that an LLM can act as a pseudocode to code translator, where the pseudocode can tolerate a mixture of code-like and natural language specification. The benefit being that it formalizes the human as the specifier (which must be done anyway) and the llm as the code writer. This also might enable lower resource “non-frontier” models to be more useful. Additionally, it allows tolerance to syntax mistakes or in the worst case, natural language if needed.

In other words, I think llms don’t need new languages, we do.

trklausss · a month ago
Ah, people are starting to see the light.

This is something that could be distilled from some industries like aviation, where specification of software (requirements, architecture documents, etc.) is even more important that the software itself.

The problem is that natural language is in itself ambiguous, and people don't really grasp the importance of clear specification (how many times I have repeated to put units and tolerances to any limits they specify by requirements).

Another problem is: natural language doesn't have "defaults": if you don't specify something, is open to interpretation. And people _will_ interpret something instead of saying "yep I don't know this".

trklausss commented on Military standard on software control levels   entropicthoughts.com/mil-... · Posted by u/ibobev
AlotOfReading · 2 months ago
A lot of people look at safety critical development standards to try and copy process bits for quality. In reality, 90% of the quality benefits come from sitting down to think about the software and its role in the overall system. You don't need all the fancy methodologies and expensive tools. It's also the main benefit you get from formal methods.

I've found that a quality process that starts with "you need to comprehensively understand what you're engineering" is almost universally a non-starter for anyone not already using these things. Putting together an exhaustive list of all the ways code interacts with the outside world is hard. If a few engineers actually manage it, they're rarely empowered to make meaningful decisions on whether the consequences of failures are acceptable or fix things if they're not.

trklausss · 2 months ago
I see the fancy methodologies and processes as the way of streamlining what you have to do in order to "sit down to think about the software", particularly in teams of more than one developer.

Most of it happens, as always, at the interface. So these methodologies help you manage these interfaces between people, machine and product.

trklausss commented on Pebble, Rebble, and a path forward   ericmigi.com/blog/pebble-... · Posted by u/phoronixrly
pokoleo · 3 months ago
Summarizing the dispute, for anyone interested:

Rebble's "one red line" is "there has to be a future for Rebble in there." They fear being replaced/made irrelevant after Core builds their own infrastructure using Rebble's work. They want guarantees that if they give Core access to the app store data, Core won't build a proprietary/walled garden that cuts Rebble out. There's also emphasis on "our work," "we built this," "we spent hundreds of thousands of dollars." They feel Eric isn't acknowledging where his infrastructure came from.

Core Devices' thing is explicitly stating concern about relying on a third party (Rebble) for "critical services" his customers depend on. If "Rebble leadership changes their mind," they can't guarantee customer experience. They wants the app store archive to be "freely available" and "not controlled by one organization." They don't want to need "permission from Rebble" before building features (like free weather, voice-to-text) that might compete with Rebble's paid services. The fundamental fear seems to be business risk: being at the mercy of a nonprofit's decisions when his company has customers and obligations.

Neither side seems to trust the other's long-term intentions, creating an impasse where both feel existentially threatened by the other's preferred arrangement.

My take: I bought a watch in 2014. After the pebble 2 duo black fiasco (they ran out of stock, offered a white instead which I accepted 2 weeks ago, never shipped, and have ghosted my emails asking for shipping timelines.) I had high hopes, but given the messy interaction with the OSS world I'm considering cancelling my order for the duo and time two.

trklausss · 3 months ago
It is the HashiCorp fiasco all over again. HashiCorp thinks third-party is profiting from Terraform, they relicense, Terraform gets forked into OpenTofu.

Here, Rebble says Core is profiting from their work (hey, look at your licenses). It would be a direct violation of their ToS though, since there is this clause:

> 4. Services Usage Limits > > You agree not to reproduce, duplicate, copy, sell, resell or exploit any portion of the Service, use of the Service, access to the Service, or Content accessed through use of the Service, without Rebble’s express written permission.

So I don't know what to think honestly, I don't see any bad actors here...

trklausss commented on OpenDesk – a flexible all-in-one office suite for the public sector   opendesk.eu/de... · Posted by u/gjvc
HotGarbage · 3 months ago
The system requirements are quite high: https://docs.opendesk.eu/operations/requirements/

Not going to be running this at home any time soon

trklausss · 3 months ago
This is intended for sysadmins in enterprise environment... You can use other suites for home usage.
trklausss commented on Cryptographic Issues in Cloudflare's Circl FourQ Implementation (CVE-2025-8556)   botanica.software/blog/cr... · Posted by u/botanica_labs
Rygian · 4 months ago
Here's an idea, from a parallel universe: Cloudflare should have been forced, by law, to engage a third party neutral auditor/pentester, and fix or mitigate each finding, before being authorised to expose the CIRCL lib in public.

After that, any CVE opened by a member of the public, and subsequently confirmed by a third party neutral auditor/pentester, would result in 1) fines to Cloudflare, 2) award to the CVE opener, and 3) give grounds to Cloudflare to sue their initial auditor.

But that's just a mental experiment.

trklausss · 4 months ago
What do you mean, practices from safety-critical industries applied to security? Unpossible! (end /s)

For that you need regulation that enforces it. On a global scale it is pretty difficult, since it's a country-by-country thing... If you say e.g. for customers in the US, then US Congress needs to pass legislation on that. Trend is however to install backdoors everywhere, so good luck with that.

trklausss commented on I am a programmer, not a rubber-stamp that approves Copilot generated code   prahladyeri.github.io/blo... · Posted by u/pyeri
krackers · 4 months ago
I find LLM generated code ends up pushing review/maintenance burden onto others. It "looks" right at first glance, and passes superficial tests, so it's easy to get merged. But then as you build on top of it, you realize the foundations are hastily put together, so a lot of it needs to be rewritten. Fine for throwaway or exploratory work, but heaven help you if you're working in a project where people use LLMs to "fix" bugs generated by previous LLM generated code.

So yes it does increase "velocity" for the person A who can get away with using it. But then the decrease in velocity for person B trying to build on top of that code is never properly tracked. It's like a game of hot potato, if you want to game the metrics you better be the one working on greenfield code (although I suppose maintenance work has never been looked at favorably in performance review; but now the cycle of code rot is accelerated)

trklausss · 4 months ago
I'd say is a change of paradigm, and it might be even faster if you have test-driven development... Imagine writing your tests manually, getting LLM code, trying to pass the tests, done.

Of course, golden rules are 1. write the tests yourself, don't let the LLM write them for you and 2. don't paste this code directly on the LLM prompt and let it generate code for you.

In the end it boils down to specification: the prompt captures the loosely-defined specification of what you want, LLM spouts something already very similar to what you want, tweak it, test it, off you go.

With test driven development this process can be made simpler, and other changes in other parts of the code are also checked.

trklausss commented on Download responsibly   blog.geofabrik.de/index.p... · Posted by u/marklit
trklausss · 5 months ago
I mean, at this point I wouldn't mind if they rate-limit downloads. A _single_ customer downloading the same file 10.000 times? Sorry, we need to provide for everyone, try again at some other point.

It is free, yes, but there is no need to either abuse it or give as much resource for free as they can.

trklausss commented on Nvidia buys $5B in Intel   tomshardware.com/pc-compo... · Posted by u/stycznik
ho_schi · 5 months ago
Conclusion: Buy AMD. Excellent Linux support with in-tree drivers. For 15 years! A bug is something which will be fixed.

Nvidias GPUs are theoretically fast on initial benchmarks. But that’s mostly optimization by others for Nvidia? That’s it.

Everything Nvidia has done is a pain. Closed-source drivers (old pain), out of tree-drivers (new pain), ignoring (or actively harming) Wayland (everyone handles implicit sync well, except Nvidia which required explicit sync[1]), and awkward driver bugs declared as “it is not a bug, it is a feature”. The infamous bug:

    This extension provides a    way for applications to discover when video
    memory content has been lost, so that the application can re-populate
    the video memory content as necessary.
https://registry.khronos.org/OpenGL/extensions/NV/NV_robustn...

This extension will be soon ten years old. At least they intend to fix it? They just didn’t in the past 9 years! Basically, video memory could be gone after Suspend/Resume, VT-Switch and so on. The good news is, after years someone figured that out and implemented a workaround. For X11 with GNOME:

https://www.phoronix.com/news/NVIDIA-Ubuntu-2025-SnR

I hope in the meantime somebody implemented a patch for Wayland.

What we need? Reliability. And Linux support. That’s why I purchase AMD. And previously Intel.

[1] I don’t judge whether implicit sync or explicit are better.

trklausss · 5 months ago
Oh boy that strikes a nerve with the "Video memory could be gone after Suspend/Resume". Countless hours lost trying to fix a combination of drivers and systemd hooks for my laptop to be able to suspend/hibernate and wake up back again without issues... Which makes it even more complicated when using Wayland.

I have been looking at high-end laptops with dedicated AMD Graphics chip, but can't find many... So I will probably go with AMD+NVidia with MUX switch, let's see how it goes... Unless someone else has other suggestions?

t

u/trklausss

KarmaCake day96February 20, 2023View Original