Tell HN: Litellm 1.82.7 and 1.82.8 on PyPI are compromised

[ipython]

But now you have compromise _at scale_. Before poor plebs like us had to artisinally craft every back door. Now we have a technology to automate that mundane exploitation process! Win!

[MuteXR]

You still have a human who actually ends up reviewing the code, though. Now if the review was AI powered... (glances at openclaw)

Delve – Fake Compliance as a Service

[ipython]

> the price quickly dropped to just $6,000 when they realized we were serious about going elsewhere, and they would throw in ISO 27001 and a 200 hour penetration test as well.

I'm sorry, but... $6,000 / 200 == $30 / hour? Just assuming the value of the actual certifications is $zero?

Wouldn't that raise some serious red flags?

[codegeek]

$6000 for both SOC 2 and ISO 27001 with Pen tests ? lol. I paid over $8k just for ISO 27001 for our small company and have been quoted a lot more for SOC 2.

Iran war energy shock sparks global push to reduce fossil fuel dependence

[ipython]

Well, lets not forget that Europe was downwind of the worst nuclear accident in world history. https://radioactivity.eu.com/articles/nuclearenergy/chernoby...

That sort of event doesn't fade away quickly and definitely influenced energy policy that persists to this day. Thankfully the tide is turning due to safer designs.

Polymarket gamblers threaten to kill me over Iran missile story

[ipython]

And hence why a prediction market including bets on the time and date of specific acts of violence… could present a moral hazard?

Claude now creates interactive charts, diagrams and visualizations

[ipython]

Already happened. :)

https://www.reddit.com/r/dataisugly/comments/1mk5wdb/this_ch...

Show HN: Axe – A 12MB binary that replaces your AI framework

[ipython]

it's written in golang. 12MB barely gets you "hello world" since everything is statically linked. With that in mind, the size is impressive.

[nuxi]

golang doesn't statically link everything by default (anymore?), this is from FreeBSD:

    $ ls -l axe
    -rwxr-xr-x  1 root wheel 12830781 Mar 12 22:38 axe*
    
    $ ldd axe
    axe:
        libthr.so.3 => /lib/libthr.so.3 (0xe2e74a1d000)
        libc.so.7 => /lib/libc.so.7 (0xe2e74c27000)
        libsys.so.7 => /lib/libsys.so.7 (0xe2e75de6000)
        [vdso] (0xe2e7366b000)

[mccoyb]

I know off topic, but is that mostly coming from the Go runtime (how large is that about?)

[emmanueloga_]

The excessive size of Go binaries is a common complain. I last recall seeing a related discussion on Lobsters [1]. Who knows, maybe the binary could be shrunk a bit? IMHO 12mb binary size is not that big of a deal.

--

1: https://lobste.rs/s/tzyslr/reducing_size_go_binaries_by_up_7...

Big data on the cheapest MacBook

[ipython]

Kinda comparing apples to oranges. AWS was using EBS and not local instance storage. So you’re easily looking at another order of magnitude latency when transmitting data over the network versus a local pcie bus. That’s gonna be a huge factor in what I assume is a heavy random seek load.

[mjlee]

I wrote a longer comment already (https://news.ycombinator.com/item?id=47352526) but looking at the hot run performance and making big hand wavy guesses, the performance difference might not be as big as you'd expect.

Whistleblower claims ex-DOGE member says he took Social Security data to new job

[ipython]

This admin has no problems doxxing people for harassment, listing their personal home address on official social media posts: https://x.com/dhsgov/status/1912567112733753563?s=46. So why the double standard?

[charcircuit]

The court filing provides more information than just giving ammo to harassers so I do not see them as directly equivalent. I also do not agree with the premise that if one person does something bad it would justify someone else in doing so.

[ipython]

The publicly available filing does not include the home address of the individual. See https://casesearch.courts.state.md.us/casesearch/inquiryByCa... and search for case 0502SP019272021.

Plus - you’re telling me that highlighting an individual and posting their home address on an official government account is not “giving ammo to harassers”?

[charcircuit]

Not "just".

[ipython]

What other purpose did that unredacted post serve?

[lovich]

How does it feel to experience cognitive dissonance this hard?

Whistleblower claims ex-DOGE member says he took Social Security data to new job

[ipython]

Typically you prevent publishing the names of minors accused of a crime /s

That said there is a list by propublica: https://projects.propublica.org/elon-musk-doge-tracker/

US Court of Appeals: TOS may be updated by email, use can imply consent [pdf]

[ipython]

You can probably do even better with a prepaid mvno at this point