That is exactly what I would want from a junior developer - make sure the bug exists, find a way to fix it, verify the bug is fixed.

The problem, as was correctly identified in the blog post - is that instead of stopping and asking for elevated permission it relentlessly tries to find a hack on it's own. (An equivalent situation for a human developer would be needing some access to a third-party sandbox, and instead of asking a senior for credentials, tries to setup his own sandbox from scratch)

Since everyone should already know by now that you can't strap on an AI on an existing system without a lot of guardrails this feels like a very high level of incompetence.

No one should be putting AI on top of any production system without having a default deny policy on actions and slowly adding new capabilities with proper guardrails.

Even if you use AWS and the like, if you aren't building your app with redundancy across multiple AZs, then you'll have some downtime occasionally.

And even if you do build redundancy with multiple AZ, some services might fail anyway as AWS is not entirely isolated. So you might have downtimes.

So just accept downtimes and use the best tool for you (unless they are really bad, like GitHub level bad). If you cannot accept any downtime, you'll have to spend millions of dollars and months of work to have the confidence to expect no downtime. Something like Netflix's chaos monkey and infrastructure would be enough.

So what, we take every function and every vulnerability type and just run the agents millions of times?

I would expect Mythos to be able to find vulnerabilities without pointing it out for him, otherwise it's no better from other agents. It's just has a better harness.

The title is pretty enticing, even if the content is slop trash.

We mostly played games on it. It's really not fun playing games in the living room while everyone is around you doing other stuff.

It's like being the only one watching TV on the sofa while others are reading or working.

As long as they revert the charge when notified of scenarios like this , and they have historically done so for many cases, it's fine. It's an acceptable workaround for a hard problem and the cost of doing business ( just like Credit Cards accept a certain amount of loss to fraud as part of business)

Which from what I gather isn't very true - being smart can often lead to over confidence and making mistakes, and also a lot of crime is not premeditated.

The user discovery happens because the act he performs provides the exact intent you need to give him the shortcut.

Also for clarity this is only relevant for content based sites and not apps. It is vanishingly rare for users to scroll up when reading content unless they want to reach the top

First time I'm seeing a "no AI" used to differentiate a work for hire.

Can't say this wasn't obviously coming. Boutique hand-coded consultancies/software-houses are probably going to spring up a lot.

It is the first thing I suggest to anyone when I see someone didn't implement it.

I've never heard a complaint about it until now.

This would be the first time taxes are paid in a different currency in Israel history.

Pretty wild that it's such a large acquisition it can affect a nation's monetary policy.

Comments URL: https://news.ycombinator.com/item?id=47240868

Points: 1

# Comments: 0

I've never heard of something like that. Usually the requirement for being director level manager of engineers is to at least have managed people as an EM for several years before.

Product manager titles can have completely disjoint scopes of work between organizations - in one org they might be what was once systems designer role - getting requirements and writing specs, in another they might basically be doing UI or UX (even creating pages in figma), in others they are basically project managers.

It is not very useful in giving you confidence your changes would not cause unexpected side effects, which is usually the main problem working with legacy code.

If you want confidence when working with legacy code, your best bet is to do a strangler fig pattern - find a boundaries for the module you want to work on, rewrite the module (or clone and make your changes), run both at the same time in shadow mode, monitor and verify your new module is working the same as the old one, then switch and eventually delete the old module.

If your particular use of a SaaS is not susceptible to security issues (for example you can use it on your local laptop) then a slither of features that are insecure is exactly the thing for you.

Not everyone is going to replace SaaS with half-baked personal implementations, especially the big companies that most SaaS are aimed at, but it will gnaw out some of the long tail of SaaS subscription revenue for sure.