Pup Biru

that’s all irrelevant though… the rule is the rule and they got caught

people should be allowed to have awards for games which only use humans, and if a game is caught cheating they should be disqualified

if they want to compete for some awards, these aren’t the awards for them: there are others

an n150 mini pc - largely considered a very efficient package for home servers - consumes ~15w max without the gpu, and ~9w idle

a raspberry pi consumes 3-4w idle

none of that is supporting more than a couple of people streaming 4k like we’re talking about in the case of netflix

and a single hard drive isn’t even close to what we’re talking about… you’re looking at ~30w at least for the disks alone

as for internet cost, it’s likely tiny… my 24 port gigabit switch from 15 years ago sips < 6w… i can only imagine that’s pretty inefficient compared to today’s standards (and 24 port is pretty tiny for a DC, and port power consumption doesn’t scale linearly)

data centres are just straight up way more efficient per unit of processing than your home anything; it pretty much doesn’t matter how efficient your home gear is, or what the workload is unless you switch it off most of the time - which doesn’t happen in a DC

it’s kinda irrelevant to the make it to production part though: the rule is no gen ai used during development… there’s no ifs, buts, or maybes here: there definitively was, and nobody is denying that

it’s irrelevant whether you agree with the rule or not… the award is for games that didn’t use AI during development. the game should not have originally been in contention for the award

i tend to agree this is the right way to use AI assets, but this isn’t the award for them… it doesn’t matter if it was accidental, if it was removed before release, or anything else

self hosting is wildly less efficient… one of the biggest costs in data centres is electricity, and one of the biggest constraints is electrical infrastructure… you have pretty intense power budgets in data centres and DC equipment is pretty well optimised to be efficient

meanwhile a home server doesn’t likely use server hardware (server hardware is far more efficient), is probably about 5-10y or more out of date, and isn’t likely particularly dense: a single 1500w server can probably service ~20 people in a DC… meanwhile an 800w home server could probably handle ~5 people

add the fact that netflix pre-transcodes their vids in many different qualities and formats, whilst home streaming - unless streaming original quality - mostly re-transcodes which is a very energy-hungry process

heck even just the hard drives: if everyone ran their own servers and stored their content that’s thousands if not hundreds of thousands more copies of the data, and all that data is probably on spinning disks

i’d also say manufacturing the devices probably roughly doubles the carbon footprint (same with the car but we’re trying every trick in the book to figure out where the figure came from)

yyyyyyyyes, but also it’s not like he “was driving”… he used a car to break through their fence in order to “save” the dog: he didn’t get in the car to go for a drive and accidentally ram it through the house

that’s not to say it’s okay, but they’re very different things. context and intent are important

The software had a limit on the size of the feature file that was below its doubled size. That caused the software to fail.

this is not a rust problem… nor was the original problem of code writing entries to a file multiple times, and nor is the thing that made it worse: propagation of the poisoned file

the cloudflare issues were configuration… they have nothing even remotely relayed to any of this

github copilot is fantastic for exactly this reason… completes a few lines, auto corrects, automatic find and replace, automatically fills a 3 line function body that would otherwise be an extra dependency

and these browsers are specifically not that… these browsers are intended to do things like categorise tabs, complete forms, etc automatically without your interaction

of course they’ll ask before they do things they consider destructive, but what they consider destructive and what a malicious actor can use are very different things

some of that is certainly benign, but the point with prompt injection is that it can take benign things and make them plausibly malicious

imo anything firefox-based until servo or ladybird matures

i use waterfox, i know a lot of people use librewolf

remember that switching to anything chromium (like vivaldi, brave) still gives google power. on web standards at least, mozilla still fights for us (and is arguably the only one protecting us from shit like putting tracking stabdards directly into the web spec)

sometimes stores have sales that includes gift cards so you can get $500 of apple credit for 20% off

the vuln afaik is for remote code execution via basically a mechanism that’s kinda like a transparent RPC to the server (think like you just write frontend code with like a “getUsers” and it just automatically retrieves and deserializes the results so you can render the UI without worrying about how that data exists in the browser)

i’m not a front end engineer, and haven’t used react server components, but i am a principal software engineer, i do react for personal projects, and have written react professionally

i can’t think of a way it’d be exploitable via purely client-side means

i THINK what they mean is that you can use some of the RSC stuff without the RPC-style interfaces, and in that case they say the server component is still vulnerable, but you still need react things running on your server

a huge majority of react code is client-side only, with server-side code written in other languages/frameworks and interfaces with something like REST or GraphQL (or even RPC of course)

it looks like this only applies react server components, and it doesn’t look like element uses react server components

but i only had a quick skim; could be wrong, but personally i wouldn’t shut it down - not that im running a server myself

this is not something i’ve ever encountered, nor something that i’d ever expect from an LLM specifically… some kind of test-writing-specific AI? sure because its metric is just getting the thing to go green… but LLMs don’t really care about the test going green: they simply care about filling in the blanks, so its “goal” would never include simply making the test pass, and its training data has significantly more complete tests than placeholders

most things scale if you throw enough resources at them. we generally say that things don’t scale if the majority case doesn’t scale… it costs far fewer resources to scale with multiple repos that it does to scale a monorepo, thus monorepo doesn’t scale: i’d argue even the google case proves that… they’ve already sunk so much into dev tooling to make it work… it might be beneficial to the culture (in that they like engineers to work across the entire google codebase), but it’s not a decision made because it scales: scale is an impediment

or fixing windows by only using WSL and reading the arch wiki

that’s a good and bad thing though…

it’s easy to reference code, so it leads to tight coupling

it’s easy to reference code, so let’s pull this out into a separately testable, well-documented, reusable library

my main reason for ever using a monorepo is to separate out a bunch of shared libraries into real libraries, and still be able to have eg HMR

google does a lot of things that just aren’t realistic for the large majority of cases

before kubernetes, you couldn’t just reference borg and say “well google does it” and call it a day