- t0mas88Well this was a JetBlue airliner, presumably full of American tourists. Probably not a very popular move to shoot that down.
- That's the normal setup, but the parent comment made it sound like theirs would build every commit?
- It made the group of people that could do it much larger. A tech savvy person they knew some HTML was not able to create such an app from scratch in an afternoon before AI, it would take them weeks of googling and figuring things out with a high likelihood of getting stuck. Now that same type of person using Claude Code writes an app in an afternoon.
Reading things Claude creates and asking some critical questions is much easier than writing the same code from scratch.
Quality may not be amazing, but this whole thing is less than 2 years old. It's not hard to imagine that quality will go up further and more people will learn to use it well.
- It's expected for military operations to fly without transponder, they don't want to have their location visible. But it's crazy that they're also doing it in Curacao controlled airspace without agreeing a restricted area.
Even for training they set up restricted/military areas in airspace all the time. Not doing it here, in allied (Curacao is part of the kingdom of the Netherlands) airspace is unacceptable. They could have coordinated this in the normal ways so ATC would route civilian traffic around the military operations or talk to the military controllers (who can see both types of traffic) before sending an aircraft through the shared airspace.
This isn't new, it's how military operations are done all the time.
- I've mostly seen this done for things where there is no prefect commercial tool because it's a small market.
For example a flight school that I work with has their own simple rental administration program. It's a small webapp with 3 screens. They use it next to a SaaS booking/planning tool, but that tool never replaced their administrative approach. Mainly because it wouldn't support local tax rules and some discount system that was in place there. So before the webapp they used paper receipts and an spreadsheet.
I think the challenge in the future with lots of these tools is going to be how they're maintained and how "ops" is done.
- But the attacker could just create a branch, merge request and then merge that?
- If you push a branch with many commits, does it run CI on each commit? In sequence or with some parallelism?
- Because it happend much longer ago. If the US wanted they could leapfrog that step and go straight to federal laws covering the same things. It's just that there is no majority that wants it.
- When they wrote that 3 providers were honest about all locations I have to admit my first thought was "Mullvad, and who would the other two be?"
With their reputation and trackrecord they really can't do any shady tricks. Imagine if they weren't among the 3 honest providers? That would be HN frontpage news.
- Those things can also be part of law, see Europe.
The challenge with having good worker protection laws and high minimum wage is that at some point local labour becomes less competitive with foreign low cost options. Then you'll need tariffs or other import rules to keep your local industries alive.
- Exactly, it's that overwhelmed state with resulting tunnel vision or chasing the wrong thing that is so common in aviation incidents. If you have a big issue, the ECAM screen lights up light a Christmas tree. There is logic in the system to ensure messages are prioritised, but in the end the humans still have to systematically figure out what's going on.
What causes more issues in flight is that you have to maintain control of the aircraft while determining the issue and making a plan. Which in zero visibility doing manual flight has a significant mental load by itself, so if the automation is affected by whatever issues you have, one crew member can't sit back and 100% think.
It's probably hard to simulate that extra load/stress for cyber incidents. For MCC training it's done in a flight simulator so all the noise, alarms, and having to maintain control is there.
- Is AI energy consumption a stable 24x7 kind of thing? Inference load obviously changes with consumer traffic, so it will have a daily rhythm. But do the large providers use the rest of the capacity for training? Or are those separate clusters?
If it's a stable 24x7 load it would be ideal for nuclear energy, low carbon, but slow to adapt to changes in demand.
- It may also be relevant to study what in aviation is called MCC, Multi-Crew Cooperation. That's all about catching errors and making decisions under pressure as a team.
For example, two crew in the simulator, one as captain and the other as first officer, with some external resources like a dispatcher on the ground and air traffic control. The scenario is a flight over high terrain with zero visibility, the trainer then introduces a failure for example an engine fire with inability to maintain altitude.
You could as captain start making decisions immediately but you'll then loose the input of your FO and not optimally use the resources you have. Or you could start a long conversation together about what to do, but you would crash into a mountain (or burn) due to being too slow.
MCC is about how to get the team on the same page quickly, avoid tunnel vision and rushed wrong decisions, while being fast enough to deal with the problem. And making effective use of outside resources like air traffic contol. Of course it's quite aviation specific, but there are several concepts that work in other areas as well.
- Power usage is the main limitation of using these as a home server. They have a high idle power use.
- Why would it not be enforceable? If you own the copyright on your software anybody that wants to use it has to get a license from you. The traditional way is for you to sell those licenses for money, but you could also decide to give them away based on how much you like the buyer.
Or a hybrid, sell them, but refuse to sell to certain entities and discount up to 100% to others based on how much you like them.
- It's a choice for the authors to make based on what type of free they believe in. I think free under MIT and GPL are two different philosophies on how you see "free".
MIT: free for anyone, do whatever you want
GPL: free if you also make your software free
AGPL: GPL but SaaS can't circumvent the requirement to make your software free
I see why principled open source proponents would select GPL or AGPL. They don't just want their code to be used freely by others, they also believe more software should be free and using GPL helps with that.
GPL restrictions don't make software under the GPL not "free" as in freedom. Just a different philosophy.
- The table from the report shows that the tools do crack the window but don't break it. Which is probably the main difference between old glass and the newer layered glass? If you crack an outer layer it is no longer usable, but you can't escape through it.
- It's tricky to do for large public websites, because routing happens at the IP level while users want to input a domain name.
That domain could constantly resolve to different IPs, requiring updates to the routing rules, and those IPs could be shared with many other domain names that the user didn't list (for example Cloudflare IPs). So the mapping isn't clean and you're likely to miss some IPs some of the time or incorrectly intercept some traffic that the user didn't want to route through the VPN.
A proxy would not have this problem, it gets to inspect the request and hostname and then decide how to reach that host.
- Why would they do that? (Not a rhetorical question, just curious). It would suffice to block UK IPs for compliance, if visitors use a VPN to circumvent that Imgur would get more traffic and more ad revenue. No reason to put extra work into blocking those users.
- Ideally you would not change the computer at all so your type certificate doesn't change. If you have to (or for commercial reasons really want to) make a change you would try very hard to keep that the same type certificate or at most a variant of the same type certificate. If you can do that then it will be flown with the same type rating and you avoid all the crew training cost issues.
But to do that you'll still have to prove that the changes don't change any of the aircraft characteristics. And that's not just the normal handling but also any failure modes. Which is an expensive thing to do, so Airbus would normally not do this unless there is a strong reason to do it.
The crew is also trained on a lot of knowledge about the systems behind the interface, so they can figure out what might be wrong in case of problems. That doesn't include the software architecture itself but it does include a lot of information on how redundancy between the systems work and what happens in case one system output is invalid. For example how the fail over logic works in case of a flight control computer failure, or how it responds to loosing certain inputs. And how that affects automation capabilities, like: no autoland when X fails, no autopilot and degradation to alternate contol law when Y fails, further degradation if X and Z fail at the same time. Sometimes also per "side", not all computers are connected to all sensors.
The computer change can't change any of that without requiring retraining.