- void-starI’m beginning to think maybe I’m the only one that read this whole thing. The firmware storage isn’t the security through obscurity problem being talked about here. The hardcoded TLS private key definitely is though. And yes, it deserves shaming… terrible practice leads to terrible outcomes. Nobody is surprised that this is coming from tp-link at this point though.
- I think maybe you’re reading this wrong. Reverse-engineering blog posts like this are just a fun and instructive way of telling the story of how someone did a thing. Having written and read a bunch of these in the past myself, I found this one to be a great read!
Edit: just want to add, the “how I got the firmware” part of this is also the least interesting part of this particular story.
- Probably something closer to ripgrep, if not actually ripgrep.
- Thanks for the clarification. I wasn’t sure if I was right about that hence the question mark.
- It’s notable and interesting this research is coming out of University of Cambridge. Cambridge Analytica spun out of academia there too? Question for folks here who may be familiar: it seems like there’s a strong connection to research (and in the case of CA, commercial application of said research) around social media manipulation and propaganda in the digital age.
Is there any six-degrees type connection to the people doing this research and those involved with the roots of CA? Not as in the same bad actors (which, tbh yes, I consider CA to have been), but as in perhaps the same department and/or professors etc.
- Just want to say: Thanks! I was waiting for this article.
Thanks to Ernie Smith, to tedium.co, to HN, to community.
This is the kind of curious and intelligent response to FUD that I want to find whenever major news outlets start an insane new spin-cycle (as increasingly is the way of things in the world).
I’ll let the HN comment thread spin out (as it must), but amidst that, I just want to say that this right here is the reason I still keep coming back to this place and read all of it. So, thanks!
Great post/read!
- The product reviews are pretty great sometimes. (I didn’t devise this one, just browsed into it)
https://anycrap.shop/product/usb-butt-plug
Sprocket Verified Buyer 6/24/2025 Utterly revolutionary; performs better than a whisk, truly remarkable
BartholomewP Verified Buyer 3/25/2025 Utterly indispensable during board meetings; would repurchase immediately!
- Fart noise apps were the first iPhone killer app for a good long stretch in the early days, dominating the app leaderboards for at least half a year.
Yep… Humanity is… let’s face it, pretty stupid.
I, for one welcome, the latest bubble. And, with it, our new, venerable AI overlords!
Mobile^H^H^H^H^H^HAI first!!!!
- This is really, well... douchey. Emptying anything I have in Coinbase asap (and yes I read the whole thing)
I wonder how likely it is for CEO roles to get taken over by a sophisticated LLM at this point. I’d wager we’d see a 20x increase in value. I use and value llms in my coding and research workflows already but to fire people for careful and slow adoption speaks very poorly to individual and company maturity.
- Yes this! The observation that being specific versus general in the problems you want to solve is a better start-up plan is true for all startups ever, not just ones that use LLMs to solve them. Anecdotal/personal startup experiences support this strongly and I read enough on here to know that I am not alone…
- Really valid points. I agree with the bits about “expertise in getting the computer to do what you want” being the way of the future, but he also raises really valid points about people having strong domain knowledge (a la his colleague with extensive art history knowledge being better at midjourney than him) after saying it’s okay to tell people to just let the LLM write code for you and learn to code that way. I am having a hard time with the contradictions, maybe it’s me. Not meaning to rag on Dr. Ng, just further the conversation. (Which is super interesting to me.)
EDIT: rereading and realizing I think what resonates most is we are in agreement about the antithetical aspects of the talk. I think this is the crux of the issue.
- Right??? Anthropic in particular seems to have directly cribbed from Kurt Vonnegut… and then, made it brown?
https://scienceleadership.org/blog/the_use_of_illustration_i...
- Sketchbook. And pencil… or watercolor… or whatever you can get your hands on. It’s true a picture lasts longer. The memory of the place and experience of creating the image with your own hands does too.
- There have been loads of others but here is a prominent and slightly ironic example of what you are asking about: Tucker Carlson built his early TV career in large part as a conservative pundit on PBS.
- > We might be the last generation in living memory, for a while at least, who could ever say "you had to be there" and mean it.
Can you explain what causes you to say that we will be the last generation to say this? Not rhetorical, although this caused me to question it because I think that this is probably a constant wrt generations passing onto the next and unlikely to change.
- This begs the question: where is the button I can press to see if my personal data is included and a quick and easy way to inform you to remove it from your service?
- I’m not sure whether to call what we have now “nuanced” or whether it isn’t a result of that movement having mostly lost the fight some decade plus, though. Tried using a public library recently?
- Your concern about not wanting to send bytes is totally valid.
As it happens (if memory serves) telnet can send some bytes on connection also, in attempting to negotiate terminal settings with the remote “telnet server”. That said the /dev/tcp trick is indeed great for bash though!
- Thanks I had a hard time finding the original at all. I do remember it was specifically the one with the blue background in my case, though. Probably not “better” or even as accurate but it’s the one that really stuck out in my mind.