I’ll admit that I should have been more clear that I was paraphrasing and interpreting instead of actually quoting you. The previous message was right above mine, though, so I though it was pretty clear.

Just as you have written me off, I’ve done the same for you. I’m just responding for anyone else who reads this far down and finds this thread, and only because I’m in a waiting room and this is more interesting than HGTV.

I said, and I quote:

I still don’t get your angle. Why are you defending this…

I assume the lack of a defense is clear enough proof that you don’t have one.

Palantir scouring the internet, cloud cameras like Flock, Facebook and Google retaining your data forever to maximize profit. None of that is defensible. We should be sounding alarms like OP did and making sure people are aware. Putting others down for ‘not having caught on yet’ (interpreted, you can still correct me if I’m misunderstanding) is counterproductive. We can still resist or reverse the power these huge companies have… but there might be a point where it becomes too late.

Would you prefer to be someone who helped fight, or someone who complained it was futile until it was?

Call your Senators and Representatives. Demand privacy. Elect and support people who are against these kinds of overreach if the current ones won’t.

Love you!

edit: dammit, the quote formatting ate a line break. fixed.

“Anyone could already do this, so why bother being worried that it’s easier now” they said.

I still don’t get your angle. Why are you defending this, or at the very least downplaying it’s impacts? You seem to also be aggravated by this data collection and spying, so why are you so mad that other people are catching on?

“Oh, I’m so smart” they said. Enjoy your useless internet points?

The situation is actually different now, in the last few years. This is less relevant to the OP, but we/they are building automated snitches that will tattle on you, and more importantly be wrong with a statistical significance. See Flock mistaking license plates and calling the police on innocent people. Sure, we might catch a few violent criminals, but when your government decides that your online activity complaining about them is now criminal, your data can be correlated in real time in a way that wasn’t possible in our parent’s time.

Your dismissal of this seems insane. Stop arguing with me about how long it’s been possible and help me/us fight against it.

No, that’s not what I said. Widespread data collection and searching used to be something only state actors could accomplish and there were at least theoretically guard rails. Now the barrier of entry has been seriously reduced, the data is owned by a corporation, and being fed to AI. That has a chilling effect as well as being ripe for abuse.

I don’t see an upside.

I’m going to say that this is actually spooky.

Not that it’s unreasonable, but that the scale of what AI can surveil is so vast that there’s no more personal security-via-obscurity.

It used to be that unless someone had a reason to start looking at you, anything you did online or off was effectively impossible to search. You might be caught on some store’s CCTV, Or your cell provider might have location pings, but that wasn’t online for anyone and needed a warrant to have the police use it to track your activities. Now cities are using Flock and similar tools to enable tracking vehicles across the country without any reason, and stores are using cloud-service AI cameras to attempt to track your mood as you move through the store. These tools can and have been abused.

Now, due to the harvesting of this data for AI, anything that’s ever been recorded (video footage, social media posts, etc) and used as training data can be correlated much more easily, long after it occurred, and without needing to be law enforcement with a warrant.

I’d call that spooky.

We can learn a few things from the French. They seem to have good ideas about how to protest for sure.

A question: How do you think you get to the point where the quiet majority feels confident enough to show up in force? To ‘disrupt the system’?

We Americans, by our own devices, have become a very insular people. We have social media, which puts us all in our little bubbles and cellphones, which distract us from the actual people around us. We sit in despair about rising prices and the tragedies inflicted on ourselves or our neighbors, our world. We watch our rights get eroded.

These protests are a symbol that we are not alone. That there are others out there that are also mad. These protests burst the bubble that technology has trapped us in. Read through the comments with this in mind: How many people were surprised at the turnout being larger than expected. And for each of those, there’s a comment indicating it could be larger. As we come to terms with how many allies we have, we gain collective power. Sure, we have it now, but we’re not willing to wield it yet. Building the confidence that you will be one among many is the key to wielding that power. Ten people protesting will be intimidated by the local police. Ten thousand will intimidate the police instead. Ten million will intimidate the government.

I write actual responses to throwaway comments all the time. I don’t do this for Auli or Fresh, I do this for those that might agree with you on the surface. This protest was not intended to make immediate change. It was intended to build pressure, to unite the people and to show support for the cause. When we show up and make a scene, we provide a shield for those who are not as willing to be in front to join in. When they join in, we grow and are able to pull in even more. Every thumbs-up from a car is someone who is on our side, but due to life commitments or fear did not attend… this time.

Edit: Followup: If you want faster change… do it. What’s your idea? Build a movement and implement or shut the fuck up. You might find that it’s hard to find other people willing to risk their safety and arrest to block a street, or to risk losing their job to strike with only a few people involved. When we have the numbers to make the system fear what we could do, we will win, even if we never have to do it.

I’m going to expand on TrickDacy’s comment:

Every both sideser is either extraordinarily lazy or a closeted right winger

and instead state: It is OKAY to be mad at democratic politicians. Especially the spineless ones we have an abundance of right now. And there is certainly some rage we can all aim at the DNC as an organization, which appears to be trying to hamstring any actually progressive candidates.

But there really isn’t a competition in the race for ‘who is most evil’ between D and R. One side is at least appearing to fight for worker rights, healthcare, equality, peace and other progressive/liberal goals. The other side is actively dismantling the government… like actively and they told us they were going to. There’s no both sides here.

So, by ‘closeted right winger’, what I think Trick means is that anyone boldly claiming ‘both sides’ falls into one of a few categories:

• lazy: Doesn’t “do politics” and gets their news from tiktok, fox, cnn, their buddy at work, and doesn’t put in the critical thinking to make their own decisions. “Both Sides” lets them get away with not caring enough and just moving on with life.
• gullible: Believes they are thinking critically, but are swayed by media, social or conventional, into thinking that all politicians are shit, and if one is corrupt then they all are.
• malicious: Knows they are being disingenuous, but knows the other categories exist. If they claim ‘both sides’ are doing something, then when one side actually gets caught doing it, the public just kinda shrugs it off. This also depresses voter turnout in general, because of the lazy group.

So. What is your purpose in your post. Are you lazy, and just know that democrats also suck, but want to sound smart on the internet? Are you gullible, and really think that democrats would be just as bad if they had power? Or are you malicious, and trying to make the people that would otherwise “do politics” give up and become lazy?

If you are not trying to make people give up, STOP. There is no both sides. There is the fascist, authoritarian, oligarchic, billionaire side, and then there are the people. If you want to make a real difference and move the needle, then the time is now, but it’s not in a forum post saying ‘both sides are bad.’ It’s going to be in your local democratic organization, trying to find candidates to run for local or regional offices and then supporting them. The people THERE are definitely on our side, since they are just us. And if we can build strong networks THERE, then we can push people into the national stage who will also fight for us.

The democrats who act like republicans need a strong local network to primary them. Be the change you want to see.

I don’t see what value you think you’re getting from this conversation – other than expressing your anger, which is valid. Your anger is valid, if you are sincere, and many of us feel it too. We really are your allies here, and not your enemy. Your language suggests your are not a US citizen.

Yes, Kamala lost and due in part to her stances around Israel/Palestine and her chasing the ‘moderate’ vote she was unlikely to win. By blaming the losing party for the bullshit the winning party is doing, you are in part blaming the victims. We don’t want this either.

Literally anybody could have won if spineless cowards like you had supported them, but […]

What’s to say that village604 didn’t vote for her? That huge numbers of people didn’t vote for her even while they were unhappy with some of her decisions. Literally anyone could have won if “we” would just vote for them!?

I will highlight that we, “liberal” voters (language matters), did not get a chance to choose someone as our candidate. That’s a real issue and we need to hold the DNC accountable for that. We also had large amount of content (somewhat like yours) that ‘Kamala/Biden are bad because …’ but ignored that trump would clearly be worse in all cases. I can’t imagine that this didn’t depress her votes. This is hard to prove, but it seems unlikely that this was not in part built by non-US actors who wanted to destabilize us.

Long-story-short, we “liberal” voters are partially to blame for not turning out enough to get Kamala elected… but we also have a larger body (quantitatively) of trump voters who did show up. THEY are responsible for his policies. And the constant harping on “liberal” voters is doing nothing useful to make things better. I can only imagine that you are one of those non-US actors.

You stand for absolutely nothing, you deserve Trump and worse.

I stand for empathy and compassion. For those that live in my neighborhood, my city, my state, my country and my world. I stand for Palestine. I stand for the homeless. I stand for the disabled, the war veterans, the disadvantaged. I am wealthy (comfortable, not millionaire), white, male, and a citizen of the US. When given the opportunity to vote for those causes, I will every time. I will happily pay higher taxes to let someone sleep tonight with a full belly. Your blanket statements against people like me only make things worse. Stop. Be nice to each other.

And you are a hero to that plow driver. And others like you are heroes to the people that also had to be out on terrible weather days and holidays.

I assume a gas station could run without anyone present, leaving the convenience store part closed, but having someone on-hand to hit an e-stop if needed is pretty important.

My goal is not to devalue your work, but rather to support it. “Essential workers” are called that for a reason. We should work to ensure that they are paid their worth. Just because it’s not necessarily a “skilled” job doesn’t mean it’s not important. The bro running the local hedge fund is providing way less actual value than anyone in a service job.

This is so me.

I live in a neighborhood with a school. Lots of children roam the streets. Presumably, they are taught to always look both ways, expect cars to misbehave, and otherwise look out for their safety. I haven’t heard of any injuries from cars.

I constantly watch cars, especially the oversized trucks, blow through stop signs, or accelerate to 35 mph on a 1/4 mile stretch of road with side street parking. It really boggles my mind when these same drivers then stop just before the school and drop their kids off to walk the rest of the way. Do you not understand that you put local neighborhood kids at risk from the driving you do, just to save a few moments of avoiding the actual car rider line? Where child safety is a priority.

“Nice stop!”

And then at night, delivery drivers blast through the area. Ignoring stop signs, driving excessively fast past parked cars. Kids live here, and they don’t always remember to look. Especially at dusk, when kids are still playing, but visibility is poor. These drivers gamble with three lives: the inexperienced child, their own, and that of the family that would grieve. For what? A few seconds?

Be nice to each other!!!

Thanks for your reply, and I can still see how it might work.

I’m curious if you have any resources that do some end-to-end examples. This is where I struggle. If I have an atomic piece of code I need and I can maybe get it started with a LLM and finish it by hand, but anything larger seems to just always fail. So far the best video I found to try a start-to-finish demo was this: https://www.youtube.com/watch?v=8AWEPx5cHWQ

He spends plenty of time describing the tools and how to use them, but when we get to the actual work, we spend 20 minutes telling the LLM that it’s doing stuff wrong. There’s eventually a prototype, but to get there he had to alternate between ‘I still can’t jump’ and ‘here’s the new error.’ He eventually modified code himself, so even getting a ‘mario clone’ running requires an actual developer and the final result was underwhelming at best.

For me, a ‘game’ is this tiny product that could be a viable unit. It doesn’t need to talk to other services, it just needs to react to user input. I want to see a speed-run of someone using LLMs to make a game that is playable. It doesn’t need to be “fun”, but the video above only got to the ‘player can jump and gets game over if hitting enemy’ stage. How much extra effort would it take to make the background not flat blue? Is there a win condition? How to refactor this so that the level is not hard-coded? Multiple enemy types? Shoot a fireball that bounces? Power Ups? And does doing any of those break jump functionality again? How much time do I have to spend telling the LLM that the fireball still goes through the floor and doesn’t kill an enemy when it hits them?

I could imagine that if the LLM was handed a well described design document and technical spec that it could do better, but I have yet to see that demonstrated. Given what it produces for people publishing tutorials online, I would never let it handle anything business critical.

The video is an hour long, and spends about 20 minutes in the middle actually working on the project. I probably couldn’t do better, but I’ve mostly forgotten my javascript and HTML canvas. If kaboom.js was my focus, though, I imagine I could knock out what he did in well under 20 minutes and have a better architected design that handled the above questions.

I’ve, luckily, not yet been mandated that I embed AI into my pseudo-developer role, but they are asking.

I think this is what will kill vibe coding, but not before there’s significant damage done. Junior developers will be let go and senior devs will be told they have to use these tools instead and to be twice as efficient. At some point enough major companies will have had data breaches through AI-generated code that they all go back to using people, but there will be tons of vulnerable code everywhere. And letting Cursor touch your codebase for a year, even with oversight, will make it really tricky to find all the places it subtly fucked up.

I have 3 questions, and I’m coming from a heavily AI-skeptic position, but am open:

1. Do you believe that providing all that context, describing the existing patterns, creating an implementation plan, etc, allows the AI to both write better code and faster than if you just did it yourself? To me, this just seems like you have to re-write your technical documentation in prose each time you want to do something. You are saying this is better than ‘Do XYZ’, but how much twiddling of your existing codebase do you need to do before an AI can understand the business context of it? I don’t currently do development on an existing codebase, but every time I try to get these tools to do something fairly simple from scratch, they just flail. Maybe I’m just not spending the hours to build my AI-parsable functional spec. Every time I’ve tried this, asking something as simple as (and paraphrased for brevity) “write an Asteroids clone using JavaScript and HTML 5 Canvas” results in a full failure, even with multiple retries chasing errors. I wrote something like that a few years ago to learn Javascript and it took me a day-ish to get something that mostly worked.

2. Speaking of that context. Are you running your models locally, or do you have some cloud service? If you give your entire codebase to a 3rd party as context, how much of your company’s secret sauce have you disclosed? I’d imagine most sane companies are doing something to make their models local, but we see regular news articles about how ChatGPT is training on user input and leaking sensitive data if you ask it nicely and I can’t imagine all the pro-AI CEOs are aware of the risks here.

3. How much pen-testing time are you spending on this code, error handling, edge cases, race conditions, data sanitation? An experienced dev understands these things innately, having fixed these kinds of issues in the past and knows the anti-patterns and how to avoid them. In all seriousness, I think this is going to be the thing that actually kills AI vibe coding, but it won’t be fast enough. There will be tons of new exploits in what used to be solidly safe places. Your new web front-end? It has a really simple SQL injection attack. Your phone app? You can tell it your username is admin’joe@google.com and it’ll let you order stuff for free since you’re an admin.

I see a place for AI-generated code, for instant functions that do something blending simple and complex. “Hey claude, write a function to take a string and split it at the end of every sentence containing an uppercase A”. I had to write weird functions like that constantly as a sysadmin, and transforming data seems like a thing an AI could help me accelerate. I just don’t see that working on a larger scale, though, or trusting an AI enough to allow it to integrate a new function like that into an existing codebase.

I’d wager that the votes are irrelevant. Stock overflow is generously <50% good code and is mostly people saying ‘this code doesn’t work – why?’ and that is the corpus these models were trained on.

I’ve yet to see something like a vibe coding livestream where something got done. I can only find a lot of ‘tutorials’ that tell how to set up tools. Anyone want to provide one?

I could… possibly… imagine a place where someone took quality code from a variety of sources and generate a model that was specific to a single language, and that model was able to generate good code, but I don’t think we have that.

Vibe coders: Even if your code works and seems to be a success, do you know why it works, how it works? Does it handle edge cases you didn’t include in your prompt? Does it expose the database to someone smarter than the LLM? Does it grant an attacker access to the computer it’s running on, if they are smarter than the LLM? Have you asked your LLM how many 'r’s are in strawberry?

At the very least, we will have a cyber-security crisis due to vibe coding; especially since there seems to be a high likelihood of HR and Finance vibe coders who think they can do the traditional IT/Dev work without understanding what they are doing and how to do it safely.

This is my fear. It’s still possible, barely, to buy a dumb TV. When my current fridge/dishwasher/stove/etc dies in a few years, will there even be a dumb version? Will it cost 5x the price of a spyware version? How about my thermostat. HVAC? Car? And will attempting to disable any of this spyware land me in prison?

Right now, uninformed/unaware/stupid people are affected by this. Pretty soon, everyone will be, or they will have to forego things we consider to be necessities now, like refrigeration and cell phones or be rich enough to buy the privacy-focused models.

I can’t immediately find it, but I just saw another post about a new privacy-focused cellphone with a huge price tag. The established manufacturers have a cost advantage. Samsung et al. can easily make a new fridge with fewer consumer rights, but a new company will have to spend tons of capital to make a factory to put out a comparable product; and they won’t have the advantage of selling your data to subsidize the price.

Privacy is and will become more-so a commodity unless we fight for it.

This was an interesting article. I’m not a service provider, nor in the EU, so I have little personal exposure to this change. I like the customer freedom it will probably provide me as splash damage, though.

The thing I really want to call out is the tone of the article: “This thing we relied on is going away. Instead of gnashing your teeth and being mad, here’s how to leverage it to make your offering more attractive than your competition.”

That new hire might eat resources, but they actually learn from their mistakes and gain experience. If you can’t hold on to them once they have experience, that’s a you problem. Be more capitalist and compete for their supply of talent; if you are not willing to pay for the real human, then you can have a shitty AI that will never grow beyond a ‘new hire.’

The future problem, though, is that without the experience of being a junior dev, where do you think senior devs come from? Can’t fix crappy code if all you know how to do is engineer prompts to a new hire.

“For want of a nail,” no one knew how to do anything in 2030. Doctors were AI, Programmers were AI, Artists were AI, Teachers were AI, Students were AI, Politicians were AI. Humanity suffered and the world suffocated under the energy requirements of doing everything poorly.

I fully agree: Companies and their leadership should be held accountable when they cut corners and disregard customer data security. The ideal solution would be that a company is required to not store any information beyond what is required to provide the service, a la GDPR, but with a much stricter limit. I would put “marketing” outside that boundary. As a youtube user, you need literally nothing, maybe a username and password to retain history and inferred preferences, but trying to collect info about me should be punished. If your company can’t survive without targeted content, your company should not survive.

In bygone days, your car’s manufacturer didn’t know anything about you and we still bought cars. Not to start a whole new thread, but this ties in to right-to-repair and subscriptions for features as well. I did not buy a license to the car, I bought the fucking car; a license to use the car is called a lease.

I understand what you are saying, and what you want… but admitting fault publicly is a huge liability, as they have then stated it was their negligence that caused the issue. (bear with me and read this wall of text – or skip to the last paragraph)

I’ve worked in the Sec Ops space, and it’s an arms race all the time. There are tools to help identify issues and breaches quickly, but the attack surface is just not something that can be managed 100%. Even if you know there is a problem, you probably have to send an issue to a developer team to update their dependency and then they might need to change their code as well and get a code review approved and get a window to promote to production. A Zero-Day vulnerability is not something you can anticipate.

You’ve seen the XKCD of the software stack where a tiny peg is propping up the whole thing? The same idea applies to security, but the tiny peg is a supply chain attack where some dependency is either vulnerable, or attacked by malicious actors and through that gain access to your environment.

Maybe your developers leverage WidgetX1Z library for their app, and the WidgetX1Z library just updated with a change-log that looks reasonable, but the new code has a backdoor that allows an attacker to compromise your developers computer. They now have a foothold in your environment even with rigorous controls. I’ve yet to meet a developer who didn’t need, or at least want, full admin rights on their box. You now have an attacker with local admin inside your network. They might trip alarms, but by then the damage might be done and they were able to harvest the dev database of user accounts and send it back home. That dev database was probably a time-delayed copy of prod, so that the developer could be entirely sure there were no negative impacts of their changes.

I’m not saying this is what happened to Plex, but the idea that modern companies even CAN fully control the data they have is crazy. Unless you are doing full code reviews of all third-party libraries and changes or writing everything in-house (which would be insane), with infallible review, you cannot fully protect against a breach. And even then I’m not sure.

The real threat here is what data do companies collect about us? If all they have is a username, password and company-specific data, then the impact of a breach is not that big – you, as a consumer, should not re-use a password. When they collect tons of other information about us such as age, race, location, gender, sex, orientation, habits, preferences, contacts, partners, politics, etc, then those details become available for anyone willing to pay. We should use breach notifications like this to push for stronger data laws that prevent companies from collecting, storing, buying or selling personal data about their customers. It is literally impossible for a company to fully protect that information, so it should not be allowed.

To me, this is one of the largest issues. I don’t know – or historically have needed to know – where my goods actually come from. I buy a thing for a price and it is delivered to me. When I buy common goods, I probably go to a store, but for anything that is uncommon, like a machine part, I’ll find it online.

The internet and internet commerce has done wonders to allow us to buy a type 34 widget from ACME without having to spend hours finding a store that carries it or can custom-order it.

The de minimis exemption revocation does two things in the short term: increase the price of a type 34 widget due to tariffs, and add uncertainly as to whether it will come with unexpected overhead like a flat customs fee (sorry, reddit link), delays, or paperwork. People will choose to not buy items, from anywhere, when the rules are both constantly changing and unclear.

The rest applies to tariffs in general, and not the de minimis exemption.

In the long term, we’re also fucked. Orange-D’s policies have been struck down multiple times. In this case, I think he’s asked the Supreme Court to rule on a tariff appeal in the last few days. Almost regardless of the outcome of that, our goods prices will rise, since the companies that sell them will never reduce the price just because the tariffs are removed.

This is the scam: If you are in on the timing, you can buy-low-sell-high when news hits about tariffs and make a ton of money off stocks. We don’t have that info, so we can’t act on it without guessing. Instead, the regular citizen just has to eat the added price of goods.

Two comments, and I know this is now old news: it’s insane to see someone/somegroup get SO pissy for being hit with a soft, non-lethal projectile; and while I understand how he was likely carrying it, upon further review the clip above seems to show that this man is a sandwich-mancer and can summon subs from thin air.

I don’t normally like to use the AI summary of a search, but this one was funny: Force of rubber bullet vs sandwich

I’m glad they failed to indict him, and I hope he finds success in another place.