Oh you haven't seen it ... lucky you. Keep it that way. I am, indeed, telling the truth. I think at this point they're just like "well, we have a contract for x more movies, so, really, we can do whatever the hell we want ... let's see just how stupid we can get"
Meta has scraped data from the most-trafficked domains on the internet —including news organizations, education platforms, niche forums, personal blogs, and even revenge porn sites—to train its artificial intelligence models, according to a leaked list obtained by Drop Site News.
By scraping data from roughly 6 million unique websites, including 100,000 of the top-ranked domains, Meta has generated millions of pages of content to use for Meta’s AI-training pipeline.
The sites that Meta scrapes consist of copyrighted content, pirated content, and adult videos, some of whose content is potentially illegally obtained or recorded, as well as news and original content from prominent outlets and content publishers.
They include mainstream businesses like Getty Images, Shopify, Shutterstock, but also extreme pornographic content, including websites advertising explicit sexual content and humiliation porn that exploits teenagers.
The tech giant is sidestepping guardrails that websites use to prevent being scraped, data show, in a move whistleblowers say is unethical and potentially illegal.
IP debate aside, LLM scrapers absolutely annihilate system resources. I host a wordpress site and before setting up cloudflare labyrinth my whole server would get ddos'd at least twice a day.
More than 130,000 Claude, Grok, ChatGPT, and Other LLM Chats Readable on Archive.org
A researcher has found that more than 130,000 conversations with AI chatbots including Claude, Grok, ChatGPT, and others are discoverable on the Internet Archive, highlighting how peoples’ interactions with LLMs may be publicly archived if users are not careful with the sharing settings they may enable.
The news follows earlier findings that Google was indexing ChatGPT conversations that users had set to share, despite potentially not understanding that these chats were now viewable by anyone, and not just those they intended to share the chats with. OpenAI had also not taken steps to ensure these conversations could be indexed by Google.
“I obtained URLs for: Grok, Mistral, Qwen, Claude, and Copilot,” the researcher, who goes by the handle dead1nfluence, told 404 Media. They also found material related to ChatGPT, but said “OpenAI has had the ChatGPT[.]com/share links removed it seems.” Searching on the Internet Archive now for ChatGPT share links does not return any results, while Grok results, for example, are still available.
Dead1nfluence wrote a blog post about some of their findings on Sunday and shared the list of more than 130,000 archived LLM chat links with 404 Media. They also shared some of the contents of those chats that they had scraped. Dead1nfluence wrote that they found API keys and other exposed information that could be useful to a hacker. playlist.megaphone.fm?p=TBIEA2… “While these providers do tell their users that the shared links are public to anyone, I think that most who have used this feature would not have expected that these links could be findable by anyone, and certainly not indexed and readily available for others to view,” dead1nfluence wrote in their blog post. “This could prove to be a very valuable data source for attackers and red teamers alike. With this, I can now search the dataset at any time for target companies to see if employees may have disclosed sensitive information by accident.”
404 Media verified some of dead1influence’s findings by discovering specific material they flagged in the dataset, then going to the still-public LLM link and checking the content.
💡 Do you know anything else about this? I would love to hear from you. Using a non-work device, you can message me securely on Signal at joseph.404 or send me an email at joseph@404media.co.
Most of the companies whose AI tools are included in the dataset did not respond to a request for comment. Microsoft which owns Copilot acknowledged a request for comment but didn't provide a response in time for publication. A spokesperson for Anthrophic, which owns Claude, told 404 Media: “We give people control over sharing their Claude conversations publicly, and in keeping with our privacy principles, we do not share chat directories or sitemaps with search engines like Google. These shareable links are not guessable or discoverable unless people choose to publicize them themselves. When someone shares a conversation, they are making that content publicly accessible, and like other public web content, it may be archived by third-party services. In our review of the sample archived conversations shared with us, these were either manually requested to be indexed by a person with access to the link or submitted by independent archivist organizations who discovered the URLs after they were published elsewhere across the internet first.” 404 Media only shared a small sample of the Claude links with Anthrophic, not the entire list.
Fast Company first reported that Google was indexing some ChatGPT conversations on July 30. This was because of a sharing feature ChatGPT had that allowed users to send a link to a ChatGPT conversation to someone else. OpenAI disabled the sharing feature in response. OpenAI CISO Dane Stuckey said in a previous statement sent to 404 Media: “This was a short-lived experiment to help people discover useful conversations. This feature required users to opt-in, first by picking a chat to share, then by clicking a checkbox for it to be shared with search engines.”
A researcher who requested anonymity gave 404 Media access to a dataset of nearly 100,000 ChatGPT conversations indexed on Google. 404 Media found those included the alleged texts of non-disclosure agreements, discussions of confidential contracts, and people trying to use ChatGPT for relationship issues.
Others also found that the Internet Archive contained archived LLM chats.
Not going to argue with that, but it does pose challenging questions on how to govern digital archival so that certain lines are not crossed. Current restrictive laws push archival into the grey zone where it’s hard to effectively enforce privacy protections.
Personally I sort of wish absolutely everything was saved, with private things only being revealed after everyone involved is dead. It'd be a shame for anything to be lost forever. But doing that while preserving piracy for people who are still alive is hard.
I don't think that's what "sharing" refers to in this case. This is about users who did/didn't modify the settings of their chatbot to make their inputs and outputs publicly available via search. 404's previous reporting on ChatGPT suggested some users may not have understood what the sharing option actually meant in this context.
Nextcloud checks about 50 open-source apps—file storage, groupware, chat/video, notes, project management, and so on. Each tool is weighted the same, and then the category scores are averaged into a single national figure. That design favors a balanced ecosystem over dominance in just one niche.
However, according to Nextcloud, the method favors SMEs and hobbyists—servers hidden behind firewalls, VPNs, or hosted by large enterprises don’t always show up—yet the index still offers a “pretty loud signal” about grassroots tech choices.
Nextcloud’s Digital Sovereignty Index ranks countries by self-hosted tech use, with Finland, Germany, and the Netherlands leading the way in digital independence.
A San Francisco federal court jury on Friday found Meta Platforms Inc. violated the California Invasion of Privacy Act in a landmark data privacy class action, which accused the Big Tech giant of illegally mining sensitive sexual and reproductive hea…
In about:config media.peerconnection.enabled is set to true by default which, by my understanding and that of tools like ipleak.net, means both VPN and home IP addresses will be exposed during useage on platforms like PeerTube.
Is this an oversight, is my understanding wrong, or is this intentional for some reason? Seems like the opposite of user expectation, particulary given the WebRTC settings option is hidden on librewolf.
Jumilla has banned religious events in public sporting spaces, which is seen as a veiled attempt to prevent Muslim gatherings. Local authorities said the move was to "promote and preserve the traditional values."
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
The meeting comes amid debates between Washington and London about the best way to end the wars between Russia and Ukraine, as well as Israel and Hamas.
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
Someone has stolen Jason Hong's 1958 Cessna Skyhawk plane at least four times, taking the red single-engine plane for a joyride, and then returned it at airports in Southern California. Hong, and police, are baffled as to who, and why?
Disclaimer: The article linked is from a single source with a single perspective. Make sure to cross-check information against multiple sources to get a comprehensive view on the situation.
Who owns the 35 most powerful media companies in America? Learn how these giants came to dominate the U.S. media landscape through mergers, acquisition and manipulation.
I feel like I haven’t posted here in a while… basically I decided to take a break from drinking and thus home brewing for a bit. I want to get back into meme spirits, and I also want to make a 0 oxygen beer from ferment to filter to serving, but for now I made a berry wine for the girlfriend from some Aldi frozen fruit. This has been sitting in the fermenter on the fruit for a good 3 months (started it just before my break from alcohol) and then I moved it into a keg, no cold crashing or anything. I then ran it through a 5 micron filter and then a 1 micron filter just to see how it went, I gotta say, it turned out great. I was expecting the filter to clog but it went through like a champ. I also then wanted to try pasteurizing it in the keg using my mash and boil to see if I get some delicious glue and rubber in my mashing vessel but I didn’t! I back sweetened the wine and haven’t had any re-fermentation happen after a few weeks, so project fuck around and find out was a success. I might end up retrying a milk wine again (last one had a few tiny cheese curds floating in it that turned off most people from it) and I definitely want to try making a spicy imperial stout, but for now, I’ve gotta buy wine bottles or give out samples of this wine until my keg is empty.
Trust me it gets worse! I didn’t think to take a light up directly to the unfiltered product, but here you can get an idea of how bad it was pre filter. I imagine the haziness is from the pectin of the mariad of berries I used to make this wine
Yeah, to make things more equal here is that wine post filtering held up to the same light as the original image as of a few minutes ago. I don’t think there was any other filtration that happened with it since I kegged it since it’s been sitting in a warm keg in storage after filtration and backsweetening
next time add some pectinase to the ferment. You can try adding some to this wine now if you want, it works better during primary as the yeast keeps it stirred up in suspension, but it can still work post ferment.
Appreciate it! I will say I’m also super weird, it’s why I wanted to try pasteurizing this wine in one of my beer kegs vs adding stuff to kill the fermentation before backsweetening. Typically I when I make a beverage I try doing things not by the book, it also helps that I don’t mind having hazy beverages, I just turned a house water filter into a fermentation filter with some random fittings and dreams for shits and giggles and that’s definitely the vibe I take with all my brewing lol
Yeah, those whole house filters aren't too uncommon in the homebrewing world, I've also seen them stuffed full of hops or whatever and used as a randall. If you're keeping the keg cold I wouldn't even both with pasteurization.
What are you using for filtering? I'd also like to find a means to do a 1 micron filtering, but they don't sell industrial filter socks to consumers (used to work in chem engineering where I could have nicked one, but those days are past)...
Household water filters are an option, but at 125 € a pop and I'd need a pump and plumbing too. Gravity-run is what I'm hoping to keep it at.
This is my setup, it’s basically an in line/whole house water filter that accepts 10 inch filters. I connected two posts that go onto the liquid line of a Cornelius keg. I then use co2 to basically transfer it between the kegs and through the filter. Over all I think I paid like $40 USD for this set up, and the replacement filters are $5 or so.
Thanks! That's what I was looking at - probably need to shop around to get the price closer to what you paid 😸 Getting inspired here...
Any idea if these kind of filters would manage with the flow at around 80 °C (180 °F)? I'm thinking of running the filtration in a loop on the Kegmenter (a steel keg with a 2-post pressurising lid) for the duration of cooling the wort, which happens by immersing the whole keg in running water in my setup. Doing it like that wouldn't waste CO2 because the liquid volume would be constant, and the hour it takes to cool the wort would probably allow plenty of time to do a thorough filtration.
Edit. Realised this would take three posts on the lid. Oh well 🙄
I imagine it should be fine for the filter material and the plastic that it goes into. I pasteurized in my keg at 68 Celsius for an hour by tossing it into my electric boiling pot. I was expecting the glue on it to melt but it held up just fine. The plastic housing of my filter is also pretty thick, though I haven’t heated it up yet but I don’t see why it wouldn’t work!
From my experience, sqeezing fruit pulf through filter just makes coagulation harder. Just leaving it in fermenter for half year or more results in laser clear fluids upon gentle decantation.
Actually I saw guys filtering red wine into white. You need something like sterilization filter (0.04 um) and tangential flow so that it does not clog. We all should start using tff technology, it's just so awesome.
That’s actually on my list of stuff to try! I want to make a white wine they tastes like a red wine. I was thinking of using activated charcoal but I think that might remove all the flavors, so it might end up being a brandy that’s then watered back down into wine level strength. It’s lower on the list of dumb stuff to try, but definitely there lol
ChatGPT will apologize for anything - even advice it definitely didn't give, and stuff it definitely didn't do. It very much regrets its recommendation that we hire a giraffe as CEO.
I dual boot with win 11, I do so for programming purposes, not gaming. I read online that the game straight up blocks Linux on all fronts (typical EA). So, I booted into win 11 and launched the beta. It still refused to start and complained that secure boot was "disabled". Booted into BIOS and it was enabled, but not active. I had to reset the keys to the windows default keys to be able to play this game. This is a no go for me. Not giving them my money until they stop this bullshit. Just wanted to let everyone know the situation so far.
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
I hope Battlebit Remastered gets popular again. I suppose it's tough to make it as an indie multiplayer video game dev. Everyone expects regular frequent updates
I saw occasional news about progress on a big update someday. Any indie multiplayer has to make it easy from day one for user created content. Maps, server hosting files that's has some easy to configure parameters for fun casual servers like servers that enable model swap outs, skins, etc.
Just looked, still 8000 people playing original counter strike
They did not take the money and run. From my understanding, it just ended up with everything they're working on being tied to some critical update, and making it effectively impossible for them to update the existing version of the game until it's out. It was bad version control management, but not malice.
This merely reinforces my decision to not buy it because it only is going to have manipulative EBMM for its main modes instead of a server browser. Even if Portal has a server browser, they know the average player is going to stick to their match making system.
I bought 2042 and I did play it a lot but my experience was sort of existentially dreadful. I kind of understood its match making was keeping me playing longer by sandbagging my progression on its overly bloated exp requirements. It was like watered down drip feed fun. Fun enough and low barrier enough that I kept jumping on. Every other BF game felt way more mechanically rich and because they lacked match making they were more fulfilling to learn and play. You start out sucking, and you slowly get better, feeling yourself win more often over time. There is satisfaction in starting out bad and being rewarded for your efforts to learn the game that EBMM steals from you.
Its painful for me though. BF6 looks like such a waste. It checks so many boxes for me in that it looks like a great pvp military shooter: fast TTK, robust map editor, point buy loadout system.
There's nothing wrong with Secure Boot and enabling it can prevent a small subset of attack vectors with no real downsides. That being said, the things Secure Boot does protect against aren't likely to be an issue for most users but it's nothing to be afraid of.
This weird hatred around secure boot is baffling to me.
Secure boot isnt even new, it's been around for over a decade. Most Linux distros work well with it. It's like the weird hatred with UEFI when it first became a thing.
Some of it the hate probably amplified by cheaters and cheat makers. Though to be fair anyone can be annoyed at having to go into their BIOS and change settings...
Sure. But that doesn't mean Secure Boot didn't make it harder to create a cheat or limit what kind of cheat they could create this quickly. The cheat was a wall hack one and that is one of the hardest to stop AFAIK.
Personally it's not a hatred for Secure Boot itself. It's a hatred for these companies requiring something that 1) is not necessary for their software to function and 2) offers little to no benefit for their software
I refuse to let these corporations tell me how to use my hardware. Right now, I dual boot and I want to continue to dual boot, at least for the foreseeable future.
I get irritated when people say "it's no big deal, it's easy to enable", etc.
Are you saying this as someone who has gotten a self-signed key to work with their BIOS + kernel + bootloader + dual boot with windows, someone who runs a mainstream enough distro that they convinced manufacturers to ship with support for their key, or someone who doesn't run linux with secure boot at all?
I’m literally dual booting windows 11 and Linux right now. It actually just worked. After install it just asks you to approve the key, you confirm it, and boom it’s done.
Yeah, so that's possible because Canonical has enough sway to get their key to play nice with manufacturers' firmware. If you are on almost any other distro (arch included) or if you build your own kernel, it's a headache just to get it to work at all even without dual boot. It also just might not even be possible due to a bad implementation on your motherboard (results ranging from dual boot windows refusing to boot, to a bricked motherboard).
If you're wondering why it's so complicated, it's because of what secure boot is: you want to be sure you're booting into binary that's signed by a set of special keys. But Linux is not one binary that can be signed by Linus Torvalds, it's a bundle of source code that is built by end-users. So if you decide to make any changes to the kernel you have on ububtu, you won't be able to convince Canonical to sign your build, and you will need to jump through all the hoops on that arch wiki.
There are many reasons for the headache, but primarily I'd say it's because UEFI is closed source, and msft designed Secure Boot for it, and then manufacturers didn't care about supporting it any more than the bare minimum. And all of that together results in an ecosystem of devices that favor MSFT. That's why Linux users don't like secure boot.
I'm saying this as someone who has a self-signed key + kernel + bootloader + dual boot with windows. I have Arch and I dual boot windows, and the setup was literally three commands.
Enable secure boot setup mode and then do the following:
sbctl create-keys to create the keys
sbctl enroll-keys -m to enroll the keys to BIOS, including microsoft keys
sbctl verify | sed -E 's|^.* (/.+) is not signed$|sbctl sign -s "\1"|e' to sign everything that needs to be signed.
And everything is signed automatically on an update with a pacman hook that comes by default when installing sbctl.
That wiki entry lists all the possible ways to do it, for all combinations of bootloaders and secure boot tools. You only need one of them, for example 3.1.4. which is what I just described.
This is with systemd-boot, which I switched to because it's easier to use a unified kernel image with, but it should work just fine with grub as well. The last step will sign everything that needs to be signed, including grub and the kernel images.
You only need to trigger a re-sign if you update grub using grub-install. If you just change the grub config, you don't need to re-sign it because the config is loaded once the signed grub is already booted. This is another reason why I went with systemd-boot and unified kernel images, because I work with sensitive data and maybe I'm a bit too paranoid, and don't want anyone to be able to tamper with my boot in any way. This is also possible with grub and using an encrypted boot partition, but systemd + UKI + full system encryption was just easier. If you're not worried about evil maid attacks and just want secure boot, grub will work with no additional setup.
No issues with the pacman hook, it triggers every time there's a kernel update or nvidia update, and since I'm using mkinitcpio and UKI, the signing is usually already done by mkinitcpio before the pacman hook is ran, so the pacman hook doesn't really ever do anything. It's all done in the mkinitcpio hook.
As for bricking your motherboard, this only happens if your motherboard or any other component uses the microsoft vendor keys as part of the boot sequence, and it's only really a hard brick if it's your motherboard that uses it. If it's any other component, you can remove it and readd the microsoft keys and it'll work again when you add the component back.
And the key part here is replacing the platform keys. If you just always use the -m flag on sbctl enroll-keys, you'll enroll both your own keys and microsoft's, meaning no replacing necessary. If you always use -m, there's no real risk really, because you'll always add the microsoft keys that your hardware might need. Plus, if you're dual booting with windows, you need the -m to have windows secure boot work, anyway.
If you're extra paranoid, you can also add the -f option which should also include all the keys that your motherboard comes with by default, if it contains more than just microsoft's keys, but this shouldn't really be necessary.
If you're not worried about evil maid attacks and just want secure boot...
It is sad to me that that is my situation actually lol. Or rather, a random windows app just wants secure boot to work and is otherwise not worried about evil maid attacks.
Secure boot is a good feature to protect against certain kinds of threats, but "you can't run this entertainment software because you aren't running a completely Microsoft-prescribed system" is a super lame use of it.
Gigabyte motherboards might brick on users turning this on. IIRC you gotta take the cmos battery out and use the motherboard hdmi port to reset it somehow.
To many games out there to fuck with this shit. Have fun playing BF6 yall, I wont be there.
I have an older gigabyte motherboard, it's giving me trouble getting secure boot enabled. But all the other modern games play just fine. No battlefield 6 for me then.
-- In a world where stealing is considered legal, is there at least something real and unique?
-- How can a tool originally created for control and greed save the world without taking away people's freedom and souls in return? Do you think the magic wand will be free?
-- You may end up like those people who believe in fairies if you continue to believe that AI does not pose a serious threat.
-- This post may be deleted in a few seconds, maybe later, but a reason will always be found, and if not, they will make one up on the fly.
-- Well, here is my favorite proverb about the bear: the bear does not negotiate with the bees, when buying honey, he takes and steals the entire hive and eats everything without a trace, and he really does not like it when the bees become impudent and try to hide the remains of the honey from him.
Dopo oltre un anno di analisi, indagini e confronti anche con esperti internazionali, l’Associazione Ricerca Italiana Aliena (A.R.I.A.), guidata dall’ufologo Angelo Maggioni, annuncia di aver risolto uno dei casi più misteriosi degli ultimi tempi: il segnale anomalo captato a Genova da un radioamatore nel febbraio 2024.
A supporto dell’inchiesta sono stati coinvolti vari consulenti, tra cui un esperto di effetti speciali e un ingegnere del suono che aveva individuato alcune anomalie nei dati. Fondamentale è stato anche il confronto con il SETI (Search for Extraterrestrial Intelligence), e in particolare con il dott. Graziano Chiaro dell’INAIF Milano (intervistato dalla stessa associazione qualche tempo fa) , referente per il SETI Italia. Fin da subito erano state avanzate due ipotesi: o si trattava di un segnale davvero anomalo… oppure di un’interferenza provocata da velivoli militari in alta quota.
Le più recenti informazioni confermano che in quei giorni erano attivi voli militari sopra il Nord Italia, probabilmente legati al conflitto in Ucraina e ai corridoi aerei utilizzati per missioni militari europee. Secondo quanto ricostruito, è molto probabile che il misterioso segnale si sia sovrapposto a una normale trasmissione tra radioamatori, creando un’anomalia solo apparente. «Non ci sono stati altri casi simili nelle stesse aree – da Loano a Genova, da La Spezia a Milano e Torino – nemmeno nei momenti in cui abbiamo registrato un picco di avvistamenti UFO tra giugno e luglio», spiega Angelo Maggioni. Tra questi, episodi degni di nota come l'avvistamento di un grande oggetto non identificato da parte di Nicolas P. a Genova, e un altro evento tra Ventimiglia e Nizza.
«Tutti questi elementi ci portano oggi a chiudere il caso: per noi, quel segnale ha un’origine spiegabile. Non c'è mistero, e non ha senso alimentare speculazioni inutili», precisa Maggioni. «A.R.I.A. lavora da sempre con serietà e rigore: evitiamo il sensazionalismo, perché non fa bene né alla ricerca né all’informazione».
L’associazione dichiara quindi ufficialmente declassato il caso da fenomeno anomalo a fenomeno identificato, prendendo le distanze da chi, ancora oggi, tenta di alimentare narrazioni esagerate e infondate.
Avrei potuto mettere il solito titolo :"Consigli da coach" ma anche no. Il consiglio che vorrei dare è molto semplice è strettamente legato a chi fa gare ma credo sia utile anche per chi corre senza nessun obiettivo ma solo per stare bene. Si tratta della periodizzazione, cosa vuol dire? Molto semplicemente chi sta preparando una gara di solito ha 4 fasi: - Preparazione - Carico - Scarico - Gara In poche parole ci si prepara al carico *di sforzo che il corpo dovra ricevere. In termini di chilometri e di qualità delle uscite e poi si da il tempo al corpo di *recuperare, nella fase di scarico e poi per chi gareggia c'è la gara dove il corpo è pronto a sfoggiare le migliorire ricevute nelle fasi precedenti. Per chi non corre invece si avra un bel avanzamento di qualità nella corsa.-
Keep up the good memeing though...
[img=https://community.nodebb.org/assets/uploads/files/1754665617840-0e9ff9ea-6cf0-4934-8160-76831236c48a-image.png]0e9ff9ea-6cf0-4934-8160-76831236c48a-image.png[/img]
::: spoiler Transcript A post by [object Object] (@zzt@mas.to) saying: courtesy of @davidgerard@circumstances.run, Proton is now the only privacy vendor I know of that vibe codes its apps: In the single most damning thing I can say about Proton in 2025, the Proton GitHub repository has a “cursorrules” file. They’re vibe-coding their public systems. Much secure! I am once again begging anyone who will listen to get off of Proton as soon as reasonably possible, and to avoid their new (terrible) apps in any case. circumstances.run/@davidgerard…
It has a reply by the author saying: in an unsurprising update for those familiar with how Proton operates, they silently rewrote their monorepo’s history to purge .cursor and hide that they were vibe coding: github.com/ProtonMail/WebClien…
given the utter lack of communication from Proton on this, I can only guess they’ve extracted .cursor into an external repository and continue to use it out of sight of the public :::
Proton Mail is famous for its privacy and security. The cool trick they do is that not even Proton can decode your email. That’s because it never exists on their systems as plain text — it’s always…
Depends on what you're doing with it. If it's just for normal privacy you could just get a vps and install any of the wireguard packages. If you're using it to evade copyright enforcement (or something similar) I don't have an answer for that, but a VPN with your name attached is no longer a good idea probably.
Yeah it's not just for privacy, hence the port forwarding requirement.
AFAIK nothing has shown issues with the privacy of either email or VPN? At least not something that wasn't caused by blatant idiot user error like the guy with his apple email as recovery email.
You should jump into the other threads about this before you take out your pitchforks. They’re using cursor, it doesn’t prove they are vibe coding. Visual Studio also has AI features, that doesn’t mean you are vibe coding.
Unfortunately so is Visual Studio and VS Code, yet we don't say anything made with them is 'vibe coded'. The text, big and bold, right the top of the screen for VS Code is literally:
Ok, but VS has been around MUCH longer and has been widely used long before any AI features were added. People who have been using VS for years, aren't likely to just switch, especially in professional environments where VS has largely dominated.
Cursor OTOH, was specifically made to leverage AI. You don't just start using Cursor.
You are an Senior SWE at Proton and make sure you do not send any information that is potentially secure in nature. You specialize in building highly-scalable and maintainable Frontend Systems.
what is a cursorfile? I’ve hit things like gpt when devdocs.io isn’t getting me what I want because lots of search engine things like “explain the google maps api” are becoming like searching for a dinner recipe; they contain 300 paragraphs of life story. When I just want to actually RTFM and shit’s hard to find. I don’t copy/paste code into projects just try to find better manuals.
VS Code also has AI features. Would you be telling people to not use other suites if they were being developed in VS Code? Why should they be forced to use an IDE that explicitly excludes AI?
Visual Studio and VS Code have an AI assistant as well, yet we don't decree all programs written with them as 'vibe coding'. The presence of an AI assistant in the IDE isn’t evidence of vibe coding.
Proton’s repo here is open source. What portion of it presents issues? Any?
Mastodon at it again with pitchforks and torches for the slightest inconvenience.
Using Cursor doesn't prove anything. Many people use Cursor as an advanced autocomplete, nothing else. It's not like they're hammering random AI-generated code and merging it without thinking. "Vibe coding" means generating barely-working code you don't understand to try and get thinks working.
This shit is why I hate the mastodon community, it's always strawmen and "you're one of THEM" style witchhunts with them
Yep, anyone who assumes that the presence of a .cursor directory automatically means that:
Developers are vibe coding
The entire team is using cursor
Is either arguing in bad faith or has no idea what they're talking about.
It could be something as simple as one dev trying out cursor (an editor thats literally just a vscode fork with ai features) and accidentally committing their .cursor directory (really easy to do).
The anti-AI circlejerk even here on lemmy is now just about as bad as the pro-AI circlejerk in the general public, no room for nuance or rational thinking, just dunking on everyone who say anything remotely positive about AI, like when I said I like the autocomplete feature of copilot.
People refer to generative AI when they just say "AI" nowadays.
There are a ton of small, single purpose neural networks that work really well, but the "general purpose" AI paradigm has wiped those out in the public consciousness. Natural language processing and modern natural sounding text to speech are by definition AI as they use neural networks, but they're not the same as ChatGPT to the point that a lot of people don't even consider them AI.
Also AI is really good at computing protein shapes. Not in a "ChatGPT is good enough that it's not worth hiring actual writers to do it better" way, in a "this is both faster and more accurate than any other protein folding algorithm we had" way.
Also AI is really good at computing protein shapes. Not in a “ChatGPT is good enough that it’s not worth hiring actual writers to do it better” way, in a “this is both faster and more accurate than any other protein folding algorithm we had” way.
Yeah, people don't realize how huge this kind of thing is. We've been trying for YEARS to figure out how to correctly model protein structures of novel proteins.
Now, people have trained a network that can do it and, using the same methods to generate images (diffusion models), they can also describe an arbitrary set of protein properties/shapes and the AI will generate a string of amino acids which are most likely to create it.
The LLMs and diffusion models that generate images are neat little tech toys that demonstrate a concept. The real breakthroughs are not as flashy and immediately obvious.
For example, we're starting to see AI robotics, which have been trained to operate a specific robot body in dynamic situations. Manually programming robotics is HARD and takes a lot of engineers and math. Training a neural network to operate a robot is, comparatively, a simple task which can be done without the need for experts (once there are Pretrained foundational models).
I'm a pretty big generative AI hater when it comes to art and writing. I don't think generative AI can make meaningful art because it cannot come up with new concepts. Art is something that AI should be freeing up time in our lives for us to do. But that's not how it's shaping up.
However, AI is very helpful for understanding codebases and doing things like autocompletion. This is because code is less expressive than human language and it's easier for AI to approximate what is necessary.
You're not alone. Nuance is just harder to convey, takes more effort to post something nuanced. And so people do it less, myself included. But I think truthfully that many people are not so stuck in one or the other circlejerks. It's lovely to see people in this thread who are annoyed by both.
I'm personally scared of AI (not angry or hateful, actually scared by just how fast it's advancing) and that definitely clouds my judgement of it and makes nuance difficult.
It's like a deal with the devil. You see all these amazing benefits but you just know you're the one being taken advantage of, because, like the devil, AI corporations by definition only think about how you can be of use to them.
Also I don't think most people understand just how ineffective true vibe coding is. I tried it a few times and could barely get something slightly more complex than a demo todo app working, and even if it was working it was barely prototype level quality of user experience, there is zero chance somebody is deploying vibe coded features into a large, serious production system and not suffering major and immediate consequences because shit just didn't work at all.
The best you're going to get out of it is it shortens the amount of time wasted on tiny adjustment to the UI or something.
The best you’re going to get out of it is it shortens the amount of time wasted on tiny adjustment to the UI or something.
This gets into the question of what, if anything, AI "should" be used for.
I've heard responses to this go both ways. Some people argue that saving time on repetitive simple tasks is what AI "should" be used for; but other people say that if you can't even do something as simple and repetitive as a tiny adjustment to the UI, you shouldn't be in a development job to begin with; or that you're stealing the work of other programmers who had their code scraped for training data who are not being paid while you are, and that maybe you should be fired and the people who had their code scraped be hired instead.
IDK what the right answer is, I think this is something I will struggle with for ages while the unscrupulous people use AI for everything and anything.
You are an Senior SWE at Proton and make sure you do not send any information that is potentially secure in nature. You specialize in building highly-scalable and maintainable Frontend Systems.
Here I am just thinking I'm a better programmer without AI (LLMs).
For me it's just glorified autocomplete. I haven't tried it in any real capacity, but my colleagues did and I've seen some examples. It's all basic shit I already know. In no way I felt compelled or even seen anything really useful. It can give you a head start, but I already have the knowledge to have a head start.
Some colleagues are using it for SQL, because they're unfamiliar with it, and I'm like, it's all good if it works for you, but you're not gonna learn properly if you don't try to write stuff yourself.
This touches on another point I don't see too often — I code because I like solving problems. If I outsource that, then what's the point? And it's exactly this that makes me a competent, and dare I say, good programmer. Another issue for me is this chat bot format. I don't what a chat bot! If I have to go out of my way to try and coerce a fucking chat bot into being a useful tool then it already lost its usefulness. The only acceptable format for AI coding is better autocomplete, i. e. ability to autofill boilerplate more, better and, most importantly, as seamlessly as current solutions in modern IDEs.
In general I don't feel threatened by AI and when the tools catch up I'll gladly use them or even retire and code just for fun.
Both are the same price, but one is handmade by a skilled professional with decades of experience, the other is made by a sketchy machine that even it's creators don't really understand... and sometimes uses square wheels instead of round.
"consumer privacy" in this case would be your safety while on said bicycle, imo, and square wheels will send you for a tumble.
AI slop comes with security holes (see recent Tea business, and countless other examples). As a user of Proton services, paying actually quite a bit of money annually for that — and being that they talk a really big game about how secure and private they are — I expect their app to be MORE secure than your average mail client, not the same, and not very possibly LESS secure.
I have tried Tuta out, it's fine from my very limited use, but kinda locked in in ways I don't really care to pay for. Last time I saw it brought up some other folks were recommending mailbox.org. I don't know about it too much, but might be worth looking into as well.
Not an issue, per se. In order to keep the team small they built most the app in a single codebase. It's mostly web code, and the apps are wrappers for it. So it keeps it unified between all clients but it definitely feels like a web wrapper, so it can feel a bit slow or clunky.
Does Proton really support Trump? A deeper analysis (and surprising findings)
Recently, allegations surfaced on Reddit that Proton (or at least Proton’s CEO) supports Trump. Hillary Keverenge from …
Speaking as someone who hates generative AI but has been forced to adapt to using AI in the programming field to stay relevant, this doesn’t suggest they’re vibe coding. The programming world is the only place AI has actually added value (I should note it’s done some neat stuff helping with diagnoses in the medical world too), but like everything, you get what you put into it.
Feed it enough instruction and context, and it can handle the drudgery of things like tech debt updates and other things a programmer knows how to do, but would rather offload to a tool. I’ve had Claude do refactors like that while stepping through and reviewing every single change. It has saved me hours, spared me from hell, and made me look good at work.
That’s my grounded take as a person that has worked with Claude a ton.
But AI everywhere else? Fucking worthless. The whole point is to do the bullshit mundane tasks so that us humans can do art and passionate work, not the opposite.
I’ve had the greatest success with Claude. The company I work for basically let us all go wild with a few to trial, and Claude has been the best for all of us—even better than GitHub Copilot.
I pay for my own pro plan outside of work and use the VSCode plugin. I’d say read the quickstart guide and experiment with it. Start off with having it do smaller changes and don’t be afraid to be verbose. The more context, the better. Point it to existing files you want to follow the patterns of and model after; give it links to resources for best practices, etc. You can also use it in “plan mode” if you want to see its proposed approach before it starts editing.
I also recommend leaving it so that each change it makes requires your approval (it will do this by default and you can step through everything). That way you always have some control and if it does something dumb, you can stop it at that step and pivot with a different instruction. Alternatively, if you want to see it go ham and carry everything out without approval at each step, you can enable auto-accept.
Once you get into it, start looking into how to craft instruction files. You can have those at your disposal for things like writing tests, language-specific guidelines and practices, etc. That way you can make sure it uses those as a reference so you don’t have to give it the same instructions over and over with every prompt.
If you hate writing tests, I’ve had really good luck letting it handle that. I tend to use it more for the bulk tasks that suck. For things where I want more control, I work with it on a piecemeal basis in my project.
Anthropic just dropped a feature that will change how engineers approach complex coding tasks. Plan Mode is fundamental shift toward more thoughtful, senior-level engineering practices.
I use it for obscure methods that I don't know immediately and searching the documentation would take longer than just letting the AI write a code snippet and then looking at the functions that it uses if I don't recognize any.
It's kind of like searching, except I can ask for things in a more vague manner.
The programming world is the only place AI has actually added value
I'd say this is mostly because you can immediately test the AI's results and rule out anything it got wrong, and whatever errors you generate can then be fed back into the AI so it can refine what it's already written. You never have to just trust the AI (assuming you yourself still know how to code) like you have to when using it for research or for solving problems where you don't get immediate feedback.
Whether this means programming is actually a viable niche for generative AI or whether this speaks more to the limitations and inherent unreliability of the "knowledge" the AI has, I can't say.
Also, I don't know if it's just me but I'm more scared by how fast AI is advancing rather than looking forward to what it can do for me. That definitely clouds my perception when something is AI generated and makes me a lot more dismissive of any real benefits AI might have brought.
Yeah, you get immediate feedback, vs a scenario where you have to manually check the “facts” it provides in order to ensure it’s not hallucinating. I’ve had Copilot straight up hallucinate functions on me and I knew that they were bullshit instantly.
I iterate with it a ton and feed it back errors it makes, or things like type mismatches. It fixes them instantly and understands the issue almost every single time.
That’s the trick. Iterate often and always give it new instructions if it does something stupid. Basically be as verbose as needed and give it tons of context, desired standards, pitfalls to avoid, whatever. It helps a ton.
It will allow you to see if the AI has made any syntax or runtime errors. It does not tell you about any logic errors.
Logic errors are already the most dangerous kind of programming error, and using AI just makes them even harder to find.
Using AI will only help you with syntax (which any good IDE should already be able to do) and finding information faster than a search engine (but leaving out important context). AI is not useful for programming anything that will be made public.
The danger of vibe coding is that the people doing it either don't have the skills to or don't think it's importsnt to review the AI changes.
If you work with an AI and instead of taking time typing through boring tasks, take time reading through the changes, them there isn't much of an issue. A skilled software engineer is capable of noticing logic errors in a code they read.
If the generated code is too unmecessarily complex to ensure its logic is okay, then scrap it.
I don't use it in that way (only use JetBrains' line completion AI) but I don't see a problem if it is used that way.
However, if I review a code that was partly generated by AI and notice that the dev let through shitty code without review, the review will be salty.
Just because they are using Cursor, it doesn't mean that they are vibe coding. Anyone grabbing their pitchforks for that and screaming "they are vibecoding" only shows their own incompetence.
If they would be vibecoding, their whole software would've gone to shit long ago.
Just because some random people without an engineering background are using vibecoding to push their broken slop, it doesn't mean that any kind of AI assisted coding is bad.
It's definitely badly communicated and suspicious, I just called out jumping to extreme conclusions based on a suspicion alone. There probably will be people who are gonna review the code and see how much of it is probably LLM generated, and then we will know. I still think that it's pretty much impossible to vibe code something on that scale, but I haven't seen their cursorrules either.
So when they do code reviews and a complete file sliped through what does that say about the quality of their reviews? Either they didnt want this file in there, then their qa is shit or theydid want that file in their, then they are vibe coding to an extend
Youre jumping to conclusions. Bigger companies missed bigger problems in their reviews and QA. Why should they be wanting their cursorrules in there, and what kind of mental gymnastics is it to conclude that they are vibecoding based on that. You don't need it committed, you don't even need it to be in the project directory.
You are an Senior SWE at Proton and make sure you do not send any information that is potentially secure in nature. You specialize in building highly-scalable and maintainable Frontend Systems.
Non programmer here: This is the first time I've seen a cursor file but I genuinely like how it reads. It's like a business analyst wrote a coding requirements doc. I'd be thrilled if my staff asked 4-6 thoughtful questions when given a goal with an open ended approach.
Cursor is just an IDE (integrated development environment), you can set it up to use all sorts of LLMs either directly through Cursor, or with your own API keys for the sources.
This file content just goes into the initial context to help the LLM act how you want.
God dammit, I wish I could reasonably roll my own email, but noooo, spammers and blacklists had to fucking ruin it. Now I get to research a new provider and change email on a bunch of accounts...
Spammers and blacklists may not be as big of an issue as you think, as long as you don't share you real email with untrusted apps (eg: only use email aliases from something like Simplelogin or anonaddy).
Nevertheless you could always setup your own domain with an email service, which lets you more easily migrate platforms.
I believe simplelogin lets you change your mailbox for aliases so in an even that you are changing email address, you can redirect those too.
Oh i guess thats what they meant by blacklist, was not thinking of ip reputation? If that's the issue, I have never experienced it, I believe there are tools you can use to see if your ip is bad and in that case u can probably ask ur isp for a new one (if u pay for static ip).
My other advice for using your own domain still stands, makes it a lot easier to swap around providers.
I dont see any problem with AI coding. It can be done without the editor supporting it by just asking for a function like please implement a sort function given a list of numbers.
Proton code is open source, so all AI agents have already read everything. You as user just have to do the code review, fix it and test. I am not seeing any problem here.
self-hosting email, text based clients and a deeper understanding of the protocol made me start to love email. I didn't think it was possible to love email.
Reports that the Nigerian Copyright Commission had recently shut down a pirate site didn't sound especially interesting. Operating under MovieBox branding, currently seen on endless domains, the local site reportedly received over 130 million visits in the previous three months and was actually still in business. Indeed, plans to develop the MovieBox brand began last month, with an application for intellectual property protection underpinning all kinds of business opportunities.
I want to make posts that include video, and those videos I wish to upload on my own webserver to not rely on external links or expiration dates.
But I fear for bandwith, and I want to know if the videos will be cached on the instance or if every user will be a full web request of the video (that I can of course mitigate via good compression, and/or having a dedicated CDN that won't empty my pockets).
This depends on the instance of the video being used. Some instances clone a copy of the video, some use proxies, and some send the link directly to the user. I don't recommend it if you have limited bandwidth.
Parody of a popular clip from the American-Malayalee television series 'Akkarakazhchakal' (https://en.wikipedia.org/wiki/Akkara_Kazhchakal) advertising Debian. Those unaware, watch the the original...
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.
👤 Quando parli di Linux, Fediverso, Privacy, ecc ... ti guardano strano
Ci sono momenti in cui ti accorgi che il mondo attorno a te non parla la tua lingua. Non quella fatta di parole, ma quella fatta di passioni. Quando dici "sto lavorando su un server", "gestisco un'istanza Fediverse", "mi piace la decentralizzazione", vedi subito gli sguardi cambiare.
Ti osservano come se stessi parlando in codice binario, come se stessi perdendo tempo in un mondo tutto tuo, inutile. E invece no. Quel mondo ha valore, senso, umanità, costruzione, appartenenza.
🧠 Non mi sto isolando: mi sto esprimendo
Quando scegli Linux, il software libero, il Fediverso, non lo fai per moda. Lo fai perché credere nella libertà digitale oggi è un atto rivoluzionario. Lo fai perché vuoi essere parte di qualcosa che non è controllato da pochi, ma costruito da molti, insieme.
Ma per chi ti sta vicino e non conosce questo mondo, sei solo quello "fissato col computer". Se poi – come me – sei anche in carrozzina, allora l’etichetta è servita: "poverino, si rifugia lì perché non ha altro da fare."
E invece no. Quello è il mio modo di essere utile. È lì che metto le mie energie, le mie idee, la mia voglia di contribuire a qualcosa.
🤝 La rete a cui contribuisco nella costruzione è fatta di persone vere
Nel Fediverso ho trovato relazioni autentiche, collaborazione, ascolto. Nel gestire server, istanze, spazi condivisi… ritrovo me stesso. In un mondo che spesso ti fa sentire inutile, lì posso essere parte attiva.
Non serve camminare per muoversi nel mondo digitale. Basta voler esserci davvero.
🙏 Non chiedo comprensione. Chiedo solo rispetto
Non tutti devono capire cosa faccio. Ma almeno, non giudicatelo. Non riducete tutto a "passatempi da nerd", a "roba da smanettoni". Perché per me – e per tanti altri – questo è un modo di vivere, di partecipare, di resistere.
E se qualcuno là fuori si è mai sentito guardato "diverso" per quello che ama, voglio dirti: non sei solo.
Se ti ritrovi in queste parole, rispondi, condividi, racconta. Perché non siamo pochi. Siamo solo troppo sparsi per farci sentire.
ehi che belle cose hai scritto, condivido in pieno e anche se di informatica e computer mi interesso da molto profano come sono (anche se da un bel po' di tempo: il primo incontro con linux fu negli anni novanta ed ero incuriositissimo) la vedo allo stesso modo come scrivi tu. Grazie 🙏 @ghim727
Anch'io condivido l'esser buon esemplare di linuxaro schiappa da almeno 10 anni. Ed anche se senza vanto, perché poi in ottica di riparabilità... 🙁 , la ritengo un'ottima strategia per insistere sui valori della decentralizzazione, cioè sull'uso appropriato di formati e licenze.
Ricordo quando provai a spiegare cos'è Mastodon ad un server Discord di giocatori di picchiaduro, e mi dicevano:
"Ah, ma Mastodon è un social per attivisti? No grazie"
Un discapito più stupido di così non l'ho mai visto. è la conseguenza devastante di quando ti ci abitui nei posti centralizzati dell'internet.
Ma ormai io ho ceduto nel tentare di portare qualcuno a conoscere Mastodon. Prima o poi se ne riparlerà quando l'internet centralizzato perderà credenza grazie a Trump.
@Snow Lemmy non sono uno smanettone, nel senso che non so programmare, ho qualche infarinatura di HTML e con fatica riesco a gestire il mio blog che comunque è una mia creatura, ma per gli altri sono quello "esperto in computer", che poi non sia vero non ha importanza, magari so qualcosa più di loro che in informatica sono fermi all'asilo, ma anch'io a volte ho avuto la stessa impressione tua. Quando ad esempio scrivo di linux mi sento dire "troppo complicato", no non è vero, è complicato spiegarlo a parole, come tutte le cose semplici, ma non è complicato usarlo. Provate a descrivere l'acqua che bolle, una cosa banalissima, non è mica facile, dovete parlare di chimica, fisica, termica, le molecole che impazziscono, ma cosa sono le molecole? Una cosa semplice come l'acqua che bolle spiegata diventa roba da Einstein, eppure basta aprire il rubinetto, riempire una pentola, accendere il gas e mettere la pentola sul fornello, un gesto che facciamo quotidianamente senza neppure pensarci, ma se devo dare una spiegazione la cosa cambia. Così è Linux, più facile a farlo che a dirlo, eppure per tutti (o quasi) è fuori dalla propria portata.
Da una parte c’è Qwant: elegante, europeo, semplice da usare... ma con un piccolo segreto: per anni ha preso in prestito i risultati da Bing. Negli ultimi tempi sta cercando di diventare più indipendente (anche grazie a Ecosia), ma il suo codice resta chiuso e un po’ misterioso. 🤫
Dall’altra parte c’è SearXNG: 💻 open-source, trasparente, senza tracking, personalizzabile al 100% e, se vuoi, pure ospitabile sul tuo server. Nessuna pubblicità invasiva, nessuna azienda curiosa a frugare tra le tue ricerche… insomma: la vera privacy è qui. 🚀
SearXNG: Richiede configurazione o uso di istanze pubbliche
📌 Conclusione? Se vuoi qualcosa di pronto e immediato → Qwant. Se invece la privacy per te non è uno slogan ma un requisito, SearXNG è il tuo migliore amico (anche se dovrai sporcarti un po’ le mani). 😉
By the way, if you're using software that supports following users(Like MBin), you can follow them @ecosia@mastodon.social. Their last post seems to be from a month ago, so I hope it's not abounded
European search engines Qwant and Ecosia said on Wednesday that they have both started serving search queries through an index they developed together, Staan, which aims to be a cheaper, more privacy-focused alternative to Google and Bing.
Last year, French privacy-focused search engine Qwant struck a joint venture with German non-profit search engine Ecosia, to develop a European search index. Called European Search Perspective (EUSP), the JV now aims to serve around 50% of French queries and 33% of German queries by the end of the year.
Qwant said it is using the new index to power some of its features, like AI summaries for search, and Ecosia has plans to add some AI features soon to its platform, too.
EUSP is also in talks with companies to spur the adoption of its index for enabling search within apps. Notably, it is targeting chatbots, presenting Staan as a cheaper alternative to Google and Bing.
“If you’re using ChatGPT or any other AI chatbot, they all do knowledge grounding with web search […] our index can power deep research and AI summary features. Google and Bing’s solutions are also pricey, and our index can offer power search features at a tenth of the cost,” Christian Kroll, CEO of Ecosia, told TechCrunch.
EUSP, like Proton, is pushing to develop a European tech stack that doesn’t rely on technology from the U.S. or China.
“The timing could not be more urgent. The outcome of the 2024 U.S. election has reminded European policymakers and innovators just how exposed Europe remains when it comes to core digital infrastructure. Much of Europe’s search, cloud, and AI layers are built on American Big Tech stacks, putting entire sectors – from journalism to climate tech – at the mercy of political or commercial agendas,” the companies said in a statement.
Kroll added that through this index, combined with European privacy laws, EUSP can offer a more privacy-friendly search solution as compared to its U.S. counterparts.
European search engines Qwant and Ecosia said on Wednesday that they have both started serving search queries through an index they developed together, Staan, that aims to be a cheaper, more privacy-focused alternative to Google and Bing.
Hyacin (He/Him)
in reply to ☆ Yσɠƚԋσʂ ☆ • • •Carl
in reply to Hyacin (He/Him) • • •Hyacin (He/Him)
in reply to Carl • • •darkreader2636
in reply to ☆ Yσɠƚԋσʂ ☆ • • •