Hacker Newsnew | past | comments | ask | show | jobs | submit | mixdup's commentslogin

Something to understand here is that Sharepoint is not Windows. Sure it runs on Windows, but the vulnerability here was the application. Are we going to argue that applications that run on Linux cannot have security vulnerabilities? Especially large archaic enterprisey things like this?

I bet Oracle and SAP have similar types of things happen to their application suites but no one runs public websites on Oracle eApplications (yeah, plenty of companies have that exposed to the internet, but it's not The Company's Website)


Edge may be a fork of Chromium but they have the capability of shipping whatever roots they want or setting whatever trust policies they want

And the push-down in certificate age is, or at least was at the beginning, a push from Apple. The others have come around/along for the ride


you're not wrong. the NFT thing would not die until we finally found another use for all these GPUs. AI took over a lot of crypto hype overnight, and while AI has slightly more use than NFTs something will need to come into the room and consume the oxygen

And to your point, I have seen more and more stories about quantum lately. Not a lot, but the noise floor is coming up a little bit


They have been communicating the ending of the email notices for quite a while and have been telling users that you should have some other monitoring in place to avoid just this situation

Yes, but what’s weird is the recommended service they referred people to for new email notifications was not… sending me emails.

So, what gives?


Yeah the recommended service is awful and not nearly as useful as the one they had is.

Which is disappointing because you should be able to recreate the service they had nearly exactly with certificate transparency logs.


Also, beware of the leopard.

If you didn't see their sunset notification emails you wouldn't have seen your cert expiration email either.

I have first initial last name @gmail.com and it is a VERY common English language last name. This phenomenon got so bad I just abandoned that address and account. At some point you can't keep up with it, and marking legit email as spam has consequences of now MY email is getting marked as spam

I did as well. The things I've seen for other people.. <scrubs eyes>

We've been on this train of not caring about the details for so long but AI just amps it up. Non-deterministic software working on things that have extremely precise requirements is going to have a bad outcome

A company may be OK with an AI chatbot being so bad it results in 5-20% of customers getting pissed off and not having a 5-star experience. The SEC and DOJ (and shareholders) are not going to be happy when the books are off by 20% or when a bridge is 5 inches too short to reach the other side


Human accountants are notoriously non-deterministic too, and any sufficiently complex accounting process contains inaccuracies. The question then is always "are these inaccuracies material". I'm actually very impressed by TFA and it seems to me that if we get another order of magnitude improvement, it'll be around the accuracy of human accountants.

Yes but you have: 1. specific explicit training and certifications 2. someone to yell at and who can be fired for non-performance

You can still do that with AI. You hire 1 accountant to use AI to do the work of 20, require them to sign off on all of the work, and yell at them, before firing them, and then hiring an even less experienced one to manage the work of 50.

humans can operate in dynamical systems (where your actions can change the underlying system). LLMs are not trained to do that and have shown to be terrible at it

If the "extremely precise requirements" can be cheaply and automatically validated, it's much easier to have the AI generate spam on a loop until it passes all the tests.

Yes, if we solve the problem the problem will be solved!

You're saying P=NP, I think.

Not to agree with GP, but I think it’s more accurate to say they’re saying “if validation is quick (to code), who cares how long a solution takes an AI because computation is cheap.”

They’re not really making any claims about how quickly the AI can solve relative to the validation, which is what P vs NP is about.


This.

Yes, Cline generates a bunch of junk very quickly and makes dumb mistakes. If I can filter out those dumb mistakes automatically, I don't have to supervise it. It might burn 20¢ on fixing a mistake no human developer would make, but I don't have to pay a human developer.


recruiters in big tech can't screw up or be incompetent?

Calling these robots is like calling a wrench a robot


They have changed this policy with their new plans released last week. You no longer have to use their equipment to get unlimited data


how much of the value chain was actually in the US back then, and, how much could feasibly move to the US?

Even in the 90s, major components were made in Taiwan and Japan. And since that time, the US ability to make what we did previously has atrophied

What do we really get out of Dell moving PC manufacturing to the US if every single part they consume was manufactured in China or Taiwan? Final assembly is the lowest value part of the equation. Apple already did this shell game with the Mac Pro a few years ago and it didn't last long nor did it have a meaningful impact on anything other than the price of the product


Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: