[ my public key: https://keybase.io/grayhatter; my proof: https://keybase.io/grayhatter/sigs/j8azbrA5Q7W1ecOwaYaZfMwmWh95MA06i5YpVRIhmno ]
- grayhatterThat was my read too, he's making a public offer, and setting the minimum negotiation price.
- CEOs are well known for turning down money, and always resisting the urge to squeeze every last drop of good will from an acquired property, right?
I think it's an apt warning, I'd have to read the literal interview transcripts to really draw a conclusion one way or the other. But the simple fact that this is on his mind, and felt like mentioning killing ad block was something Mozilla could do, and is considering doing, was a safe thing to say to a journalist... There's not a chance in hell I'd say anything remotely like that to a journalist.
When someone tells you who they are, believe them.
- > I know this is a good thing,
strongly disagree.
Increasing complexity in a system rarely makes it more robust. It primarily makes it more expensive.
- They do understand, this is moat digging.
- > But Let's Encrypt is not responsible for this move, and did not vote on the ballot.
"Did not vote", and "not responsible", is definitely a take...
They could call their bluff. I would. The CA/browser forum made a mistake here. And they can only get away with it if the players involved comply.
Browers have an incentive to increase the complexity, good engineers would resist that.
- It might not be lying... he might me a complete idiot!
If it took me a month to patch a data leak vulnerability on a web app, I'd resign, and probably retire... That's an embarrassing timeline, and the people involved should feel bad.
- I don't think I'd call anything that only works with a proprietary Internet hosted LLM (one you need an account to use) open-source.
This is less voice dictation software, and much more a shim to [popular LLM provider]
- what makes you think the webscrapers care what pages they request?
- > Is this viable?
no
for many reasons
- > What if it were ten different humans writing ten different-but-related pieces of code, and an eleventh human piecing them together? What if it were 1,000 different humans?
What if it was just a single person? I take it you didn't read any of the code in the ocaml vibe pr that was posted a bit ago? The one where Claude copied non just implementation specifics, but even the copyright headers from a named, specific person.
It's clear that you can have no idea if the magic black box is copying from a single source, or from many.
So your comment boils down to; plagiarism is fine as long as I don't have to think about it. Are you really arguing that's ok?
- > That is not, cannot be, and shouldn't be, the bar for peer review.
Given the repeatability crisis I keep reading about, maybe something should change?
> 2. The software is also self-contained. That's "prodcution". But a scientific paper does not necessarily aim to represent scientific consensus, but a finding by a particular team of researchers. If a paper's conclusions are wrong, it's expected that it will be refuted by another paper.
This is a much, MUCH stronger point. I would have lead with this because the contrast between this assertion, and my comparison to prod is night and day. The rules for prod are different from the rules of scientific consensus. I regret losing sight of that.
- > Do other PR reviewers not do this?
Some do, many, (like peer reviewers), are unable to consider the consequences of their negligence.
But it's always a welcome reminder that some people care about doing good work. That's easy to forget browsing HN, so I appreciate the reminder :)
- I disagree you could do that and claim to be reasonable.
But I agree, because I'd rather discuss the pragmatics and not bicker over the semantics about an analogy.
Introducing a token error, is different from plagiarism, no? Someone wrote code that can't compile, is different from someone "stealing" proprietary code from some company, and contributing it to some FOSS repo?
In order to assume good faith, you also need to assume the author is the origin. But that's clearly not the case. The origin is from somewhere else, and the author that put their name on the paper didn't verify it, and didn't credit it.
- > incompetent or even malicious
sufficiently advance some competences indistinguishable from actual malice.... and thus should be treated the same
- > This is true, but here the equivalent situation is someone using a greek question mark (";") instead of a semicolon (";"),
No it's not. I think you're trying to make a different point, because you're using an example of a specific deliberate malicious way to hide a token error that prevents compilation, but is visually similar.
> and you as a code reviewer are only expected to review the code visually and are not provided the resources required to compile the code on your local machine to see the compiler fail.
What weird world are you living in where you don't have CI. Also, it's pretty common I'll test code locally when reviewing something more complex, more complex, or more important, if I don't have CI.
> Yes in theory you can go through every semicolon to check if it's not actually a greek question mark; but one assumes good faith and baseline competence such that you as the reviewer would generally not be expected to perform such pedantic checks.
I don't, because it won't compile. Not because I assume good faith. References and citations are similar to introducing dependencies. We're talking about completely fabricated deps. e.g. This engineer went on npm and grabbed the first package that said left-pad but it's actually a crypto miner. We're not talking about a citation missing a page number, or publication year. We're talking about something that's completely incorrect, being represented as relevant.
> So if you think you might have reasonably missed greek question marks in a visual code review, then hopefully you can also appreciate how a paper reviewer might miss a false citation.
I would never miss this, because the important thing is code needs to compile. If it doesn't compile, it doesn't reach the master branch. Peer review of a paper doesn't have CI, I'm aware, but it's also not vulnerable to syntax errors like that. A paper with a fake semicolon isn't meaningfully different, so this analogy doesn't map to the fraud I'm commenting on.
- > No. [...] how can I do minimum possible work
I don't know, I still think this describes most of the reviews I've seen
I just hope most devs that do this know better than to admit to it.
- I'll continue calling them hallucinations. That's a much more fitting term when you account for the reasonableness of people who believe them. There's also equally a huge breadth of different types of errors that don't pattern match well into, "made up bullshit" the same way calling them hallucinations do. There's no need to introduce that ambiguity when discussing something narrow.
there's nothing wrong with anthropomorphizing genai, it's source material is human sourced, and humans are going to use human like pattern matching when interacting with it. I.e. This isn't the river I want to swim upstream in. I assume you wouldn't complain if someone anthropomorphized a rock... up until they started to believe it was actually alive.
- > The reviewer is not a proofreader, they are checking the rigour and relevance of the work, which does not rest heavily on all of the references in a document.
I've always assumed peer review is similar to diff review. Where I'm willing to sign my name onto the work of others. If I approve a diff/pr and it takes down prod. It's just as much my fault, no?
> They are also assuming good faith.
I can only relate this to code review, but assuming good faith means you assume they didn't try to introduce a bug by adding this dependency. But I would should still check to make sure this new dep isn't some typosquatted package. That's the rigor I'm responsible for.
- > When something posted on Reddit that sounds far fetched (fun to believe, but unlikely), we should default to skepticism/critical thinking, rather than assuming it’s true without evidence that it is.
That's my point. This doesn't sound at all far fetched if you've spent time with people recovering from psychosis with visual hallucinations.
I'm normally a very skeptical person, and while I both agree claims require evidence. I don't find the comment thread from before very compelling evidence.
Fake or not, I do believe that an ad with the text from the troll image would show up on a smart fridge, I don't trust Samsung to tell the truth^1, and importantly the minimal description from the linked post describes an experience similar to one I've seen before working with a patient. (But from a print ad.)
Even if this exac is fiction, this kinda stuff actually happens. Perhaps I'm wrong, to believe it's plausible, but dismissing it outright is a mistake. You don't want to acknowledge hallucinations are real, but more important than that, you don't want to tell someone that they're lying without positive proof.
edit ^1: I read that exactly prior to reading your reply, and yes I do agree that explanation seems to be correct; that wasn't what I was basing my take on. i.e. true or not it's less important to my original objection. Or I find it plausible than even a small advert would result in the same event.