Hacker News new | past | comments | ask | show | jobs | submit | wis's comments login

FWIW, It appears one of the people who saw this post asked in a comment in an issue on GitHub [1]:

  > @seproDev unrelated, but what you think about https://news.ycombinator.com/item?id=42040600
.. and one of the main maintainers (ranked #14th by #commits, but a recently active maintainer) replied the following:

  > False positive in virus total. Calling yt-dlp without any arguments makes no web requests.
  > To expand a bit more. Our releases are built with github runners and they report back the sha hash during build. https://github.com/yt-dlp/yt-dlp/actions/runs/11656153929 for the release from yesterday
  > You can see the commit that was built, what we merged in the last couple days, and the hash of the resulting files to check against the files in the release section.
  > Those network requests are likely just other processes on the machine. I remember windows executable would regularly show microsoft servers in the "connections made" list due to windows update and telemetry still running.
[1] https://github.com/yt-dlp/yt-dlp/issues/11451#issuecomment-2...

Can you link to the issue?

Sure: https://github.com/yt-dlp/yt-dlp/issues/11451#issuecomment-2...

I edited my reply too.

Edit: I'd caution against spamming the maintainers though (not caution you specifically), the possibility of that happening is what swayed me to not post the link originally.


Ah yeah that makes sense. I just wanted to confirm it because I couldn't really find anything when I was searching.

They implemented the censoring of "Claude" and "Anthropic" using the system prompt?

Shouldn't they have used simple text replacement? they can buffer the streaming response on the server and then .replace(/claude/gi, "Llama").replace(/anthropic/gi, "Meta") on the streaming response while streaming it to the client.

Edit: I realized this can be defeated, even when combined with the system prompt censoring approach.

For example when given a prompt like this: tell me a story about a man named Claude...

It would respond with: once upon a time there was a man called Llama...


> Shouldn't they have used simple text replacement?

They tried that too but had issues.

1) Their search and replace only did it on the first chunk of the returned response from Claude.

2) People started asking questions that had Claude as the answer like "Who composed Clair de lune?" for which the answer is supposed to be "Claude Debussy" which of course got changed to Llama Debussy, etc.

It's been one coverup-fail after another with Matt Shumer and his Reflection scam.


Why do LLMs understand markdown really well? (besides the simple, terse and readable syntax of markdown)

They say "LLMs are trained on the web", are the web pages converted from HTML into markdown before being fed into training?


I think it says in the Anthropic docs they use markdown internally (I assume that means were trained on it to a significant extent).


I think Anthropic actually uses xml and OpenAI markdown.


They're trained on lots of code, and pretty much every public repo has markdown in it, even if it's just the README.


To add to what sibling commenters have said, you can also configure this extension to use a specific Neovim binary on your system, and you can also configure it to use/load the same Neovim config you use when you use Neovim in the terminal. That's what I do.

It's really the better (Neo)?vim extension in my opinion, but it has a lot less installs than the other popular extension, called just "Vim" (6.656M installs vs. 400K installs) that extension AFAIK actually emulates Vim in JavaScript, I used it for about a year in 2018, before the other extension "VSCode Neovim" was released in 2019 and remember not having a good experience using it then (to compare, the extension "Vim" was released in Nov. 2015).


I can't find it in the settings for Google Search, has it been removed?


Idk, I don't have a google account (you don't need one to use search).


I've been seeing this specific type of sock puppet spam on YouTube for years, the same exact modus operandi, my earliest distinct memory of seeing this specific kind of sock puppet spam comments promoting a financial scam is from early 2020, just before the breakout of COVID19.

The screenshots shows how they are the top comment on the video, as a result of manipulating YouTube's comment ranking algorithm, with the sock puppet comments. (note: it's a big screenshot, you might need to zoom in)

How is it that Google has not fixed this yet? How can spam email classification in Gmail be so good while this is allowed to go on?

I believe a small finetuned LLM can easily identify this kind of sock puppeting spam.

Google should do something about this specific kind of sock puppeting comment spam that promotes financial scams and shadow ban them.

Can somebody who knows someone that works at Google ask them to raise this internally?

It infuriates me and makes my blood boil how they specifically target old people. and they intentionally target YouTube videos that old people are more likely to watch.


> Soon, developers will be able to withdraw the stars earned by their bots in Toncoins via Fragment.

So it's backed by Telegram's own cryptocurrency, or at least soon gonna be. reading this killed the little excitement I had.


Telegram doesn't have a crypto, and likely never will. The SEC made sure of that. What they do is heavily promote and support the Toncoin community.


How the heck did it automatically pan the map to my current location, my small town, in an Incognito window, on page load?

Is IP geolocation this accurate and accessible to every website nowadays?

If this website can do this I assume every website I visit can do it too?


Geo-IP through Cloudflare:

    <script id="cflocation"> 
        window.CFLocation = {"lat":####,"lng":####};window.CFDsm=null;
    </script>
See https://developers.cloudflare.com/network/ip-geolocation/.

Mine's off by more than 100 miles (Comcast Business fiber), it's not magic.


It's probably either just the lat long of the PoP or some magic based connection latency?


Cloudflare only gives you the country



Then how did the website end up just about a mile from my house?


You should probably try what one of the few online demos of IP geolocation tell about your IP... (just to cite one among many, quality varies a lot across services and geographic zones: https://www.maxmind.com/en/locate-my-ip-address)


This makes me glad I have iCloud Private Relay turned on for all of my devices and my wife’s devices. Clicking on this link showed my location as Birmingham, Alabama, more than 1000 miles away from my actual location in northern Iowa. Several of the other IP geolocation sites others have linked in this thread showed places like Chicago (closer), and Dallas (much further).


Well, the jokes on you: Now we all know that you're in northern Iowa.


obviously, that's yet another layer of misdirection. They're probably in Nebraska, laughing at all of us.


That’s narrowing things down to a 200km radius for me and while I am within that circle it’s center is over 100km from me.


Interesting. I have a static IP, and have kept that same IP through multiple moves around the state, but it knows my current zip code. I wonder if that is because my ISP shares the zip code, or through association with data collected from other sites.

And yet every site that uses IP geolocation for useful purposes thinks I'm in a completely different state that bounces around every few months, if I don't let the browser share my location.


I work for IPinfo.io (feel free to check your location data with us to see if we are correct as well). It is most likely that your ISP is sharing your zip code via a WHOIS/geofeed record.


For me, Firefox and without iCloud Private Relay engaged, Maxmind is within about 2km and doesn't get the city correct (but we're right on a border), and IPinfo is about 15km as the crow flies (and gets the city entirely wrong).


That is very unfortunate. If you reach out to support and drop a correction with us, that will be quite helpful.


I thought the same. It's the first time I've ever seen IP geolocation get my home IP address correct. It usually thinks I'm in North Carolina (I'm in Florida).


Same here. But knowing my ISP, it'll change throughout the day, sometimes by quite a lot.


It is very cheap and easy. Even the free versions of the database available from maxmind are plenty accurate for town level.

At my last job, I built a little docker image that used the free maxmind DB and kept it up to date, and ran a node server which returned some JSON telling estimated lat/long, city name, country, etc.


Cheap, easy, and wrong. It puts me a clear 800km away from where I'm actually sitting, and I'm sitting in a major UK city.

It's put me on the wrong continent before now. That was fun.


Cheap, easy, and generally correct for the majority of people*

Just because it’s 800km off for your IP does not mean it’s 800km off for every IP and Maxmind is generally considered one of the reliable providers of this information.


I guess the accuracy really depends on your location or ISP.

I believe my ISP rarely or never rotates IP addresses, and on top of that I think my ISP provided router is assigned an IPv6 address and it prioritizes using it, because when I visit whatismyipaddress.com with JS disabled, it can only show my IPv6 address, but if I enable JS it can show an IPv4 address too (I assume through the WebRTC IP leak method, which requires JS)


When I built the thing I mentioned, and even if i did so now, I'd just not make an AAAA record for it, because it's still safe to assume ipv4 connectivity exists (and not just via some remote proxy or something), and I think at least the database I had access to was for ipv4.

I don't think they need any hackery to get your IPv4, they just need a separate hostname configured that they can fetch from, which only has an ipv4 (A) record.


Where do we locate you? https://ipinfo.io/

If the location data is incorrect, you can always submit a correction with us: https://ipinfo.io/corrections


Mine was about 600 km wrong but the correct country at least. It's reporting the ISP's location but it's a country wide ISP.


If you reach out to support and drop a correction with us, that will be quite helpful. This is an unusually high deviation, so we would like to investigate it.


Better! Still 200km out, but better!


200 KM means there is room for improvement. If you reach out to support and provide a correction, that will be quite helpful. If you mention that you came from HN, I can report back on why we had such a deviation.


> It's put me on the wrong continent before now

What did you expect after leaving Europe? /s


Mine started in a different city about 520km away. And I wasn't incognito. Probably a lot more to do with your country, your ISP or coincidence than anything else.


I can't speak for this website specifically but Cloudflare makes it pretty easy to geolocate users based on request headers.


A VPN should help with that. E.g. for the Mac folks, Private Relay on vs off was a delta of about 100 city blocks for me.


FWIW it placed me 10 miles away.

Right city, completely wrong part. Maybe that's where my ISP has their connection?


That is crazy. Even Google Maps isn't this accurate for me with location turned off.


Nice! I bookmarked it and I'm gonna start using it, thank you.

For a quick and dirty save, you can press Ctrl+P to open the print window/dialog and select "Save as PDF", or you can press Ctrl+S and save as a single HTML file.

Edit: to make the text cursor focus automatically when the page loads, you can add the autofocus attribute to the body tag.


Following might work to save as well.

     data:text/html,<html contenteditable onload="document.body.innerHTML = localStorage['text']" oninput="localStorage['text'] = document.body.innerHTML" style="line-height:1.5;font-size:20px;">


While you can't save to localStorage as my sibling commenters have shown, greyface- down below in the thread posted a version that saves to the hash fragment of the URI. Saving to the (Data) URI has a benefit over localStorage of allowing you to save by bookmarking, which also enables you to save many notes, not just one.

I code-golfed greyface-'s code and made the text cursor autofocus on page load:

  data:text/html,<body contenteditable autofocus oninput="history.replaceState(0,0,'%23'+btoa(this.outerHTML))" onload="location.hash&& document.write(atob(location.hash.slice(1)))">#


Dug into this for a bit, sadly:

> Webstorage is tied to an origin. 'data:' URLs have unique origins in Blink (that is, they match no other origins, not even themselves). even if we decided that 'data:' URLs should be able to access localStorage, the data wouldn't be available next time you visited the URL, as the origins wouldn't match.


It will need a hostname or a page at least.

  Failed to read the 'localStorage' property from 'Window': Storage is disabled inside 'data:' URLs.


Google, (the Google Chrome team), have stated before that "[JPEG XL] doesn't provide significant benefits over existing image formats" [1] and have been vocal in there disinterest in shipping support for it (they deprecated experimental support) [1]

My guess is that the newest/latest JPEG encoder developed by Google researchers, Jpegli[2], has a lot to do with this. Jpegli has been described in a Reddit comment as "a JPEG encoder that was developed by the JXL [JPEG XL] folks and the libjxl psychovisual model" and described to have superior performance to WebP (lossy WebP) [3]. that whole reddit thread has comments relevant to this discussion, specifically about the tradeoffs of supporting extra formats in browsers.

[1] https://www.techspot.com/news/101764-google-once-again-accus...

[2] https://opensource.googleblog.com/2024/04/introducing-jpegli...

[3] https://www.reddit.com/r/programming/comments/1ajq7bj/commen...


Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: