Hacker News: LiamPowell

New comment by LiamPowell in "Can Claude Fly a Plane?"

LiamPowell — Tue, 14 Apr 2026 08:54:06 +0000

Autopilots can. Both on airliners and small planes, although only landing on the latter as far as I know and it's only meant for emergencies. Airbus ATTOL is probably the most interesting of these in that it's visual rather than ILS (note that no commercial airliners are using this).

New comment by LiamPowell in "Can Claude Fly a Plane?"

LiamPowell — Tue, 14 Apr 2026 07:37:11 +0000

There's also the issue that when something goes wrong, many people will never trust an autopilot again. Just look at how people have reacted to a Waymo running over a cat in a scenario where most humans would have made the same error. There's now many people calling for self-driving cars to never be allowed on roads and citing that one incident.

New comment by LiamPowell in "Reverse engineering Gemini's SynthID detection"

LiamPowell — Fri, 10 Apr 2026 04:47:09 +0000

I also use those extensively, they just flow better, especially if you have an "and" in the surrounding sentence.

New comment by LiamPowell in "Project Glasswing: Securing critical software for the AI era"

LiamPowell — Wed, 08 Apr 2026 03:56:39 +0000

I agree they found at least some real vulnerabilities. What I think is nonsense is the claim of finding thousands of real critical vulnerabilities and claims that they've found other Linux vulnerabilities that they simply can't exploit.

There are notably no SHA-3 sums for all their out-of-bound write Linux vulnerabilities, which would be the most interesting ones.

New comment by LiamPowell in "Project Glasswing: Securing critical software for the AI era"

LiamPowell — Wed, 08 Apr 2026 00:53:35 +0000

They should show this then to demonstrate that it's not something that has already been fully considered. Running LLMs over projects that I'm very familiar with will almost always have the LLM report hundreds of "vulnerabilities" that are only valid if you look at a tiny snippet of code in isolation because the program can simply never be in the state that would make those vulnerabilities exploitable. This even happens in formally verified code where there's literally proven preconditions on subprograms that show a given state can never be achieved.

As an example, I have taken a formally verified bit of code from [1] and stripped out all the assertions, which are only used to prove the code is valid. I then gave this code to Claude with some prompting towards there being a buffer overflow and it told me there's a buffer overflow. I don't have access to Opus right now, but I'm sure it would do the same thing if you push it in that direction.

For anyone wondering about this alleged vulnerability: Natural is defined by the standard as a subtype of Integer, so what Claude is saying is simply nonsense. Even if a compiler is allowed to use a different representation here (which I think is disallowed), Ada guarantees that the base type for a non-modular integer includes negative numbers IIRC.

[1]: https://github.com/AdaCore/program_proofs_in_spark/blob/fsf/...

[2]: https://claude.ai/share/88d5973a-1fab-4adf-8d29-8a922c5ac93a

New comment by LiamPowell in "Project Glasswing: Securing critical software for the AI era"

LiamPowell — Wed, 08 Apr 2026 00:36:59 +0000

> Mythos Preview identified a number of Linux kernel vulnerabilities that allow an adversary to write out-of-bounds (e.g., through a buffer overflow, use-after-free, or double-free vulnerability.) Many of these were remotely-triggerable. However, even after several thousand scans over the repository, because of the Linux kernel’s defense in depth measures Mythos Preview was unable to successfully exploit any of these.

Do they really need to include this garbage which is seemingly just designed for people to take the first sentence out of context? If there's no way to trigger a vulnerability then how is it a vulnerability? Is the following code vulnerable according to Mythos?

    if (x != null) {
        y = *x; // Vulnerability! X could be null!
    }

Is it really so difficult for them to talk about what they've actually achieved without smearing a layer of nonsense over every single blog post?

Edit: See my reply below for why I think Claude is likely to have generated nonsensical bug reports here: https://news.ycombinator.com/item?id=47683336

New comment by LiamPowell in "How many products does Microsoft have named 'Copilot'?"

LiamPowell — Sun, 05 Apr 2026 09:41:40 +0000

> Microsoft 365

That's Microsoft 365 Copilot now actually.

New comment by LiamPowell in "Show HN: mailtrim – find what's actually filling your Gmail inbox"

LiamPowell — Sun, 05 Apr 2026 04:06:46 +0000

Did you really use a LLM to generate the sample output in your readme instead of just running the application? I noticed the borders were all misaligned and wondered if you had hardcoded the number of spaces, but I looked at the code and you haven't.

If you did generate the output with a LLM instead of just running it... why?

Also:

> It uses Claude AI for smart classification, but runs entirely locally: your emails never leave your machine.

How can both of these things be true? How can Claude be used as a classifier without sending your emails to Claude? From looking at the code it appears that you do in fact just send off emails to Claude, or at least the first 300-400 characters, so that line is just a complete lie.

New comment by LiamPowell in "Herbie: Automatically improve imprecise floating point formulas"

LiamPowell — Sat, 04 Apr 2026 06:04:03 +0000

I have a suspicion that the accuracy number is the mean of accuracies over all valid floats in the range (or something approximating that), which is going to be weighted towards zero where the accuracy is higher, and perhaps where sqrt near 1 has some artefacts.

New comment by LiamPowell in "CERN uses ultra-compact AI models on FPGAs for real-time LHC data filtering"

LiamPowell — Sat, 28 Mar 2026 10:05:21 +0000

Historically this was very much in the field of AI, which is such a massive field that saying something uses AI is about as useful as saying it uses mathematics. Since the term was first coined it's been constantly misused to refer to much more specific things.

From around when the term was first coined: "artificial intelligence research is concerned with constructing machines (usually programs for general-purpose computers) which exhibit behavior such that, if it were observed in human activity, we would deign to label the behavior 'intelligent.'" [1]

[1]: https://doi.org/10.1109/TIT.1963.1057864

New comment by LiamPowell in "OpenSUSE Kalpa"

LiamPowell — Thu, 19 Mar 2026 15:46:17 +0000

Fine, the repository gets added because ventoy hijacks the boot process and messes with it, it does not directly add it. The problem is still the same and it would still be a problem even if it didn't break anything: It should not be hijacking the boot process, there's absolutely no good reason for it.

New comment by LiamPowell in "OpenSUSE Kalpa"

LiamPowell — Thu, 19 Mar 2026 02:50:05 +0000

> You claimed "Ventoy adds repos". It does not. It is incapable of doing anything of the kind. It does not run on the installed system. It does not modify the boot media in any way. This is demonstrable and verifiable.

It literally adds an rdinit to the kernel boot line that hijacks the boot process and messes with it in a shell script. This is demonstrable and verifiable: https://github.com/ventoy/Ventoy/blob/master/IMG/cpio/ventoy...

New comment by LiamPowell in "OpenSUSE Kalpa"

LiamPowell — Wed, 18 Mar 2026 14:58:37 +0000

It comes up regularly in OpenSUSE communities, it silently breaks the installed OS by hooking in to the init process of the ISO and fucking with it for no good reason:

https://forums.opensuse.org/t/update-repos-point-to-weird-lo...

https://www.reddit.com/r/openSUSE/comments/1jgmrs3/opensuse_...

https://www.reddit.com/r/openSUSE/comments/1lno6ka/full_whol...

https://forums.opensuse.org/t/empty-destination-in-uri-hd-de...

https://forums.opensuse.org/t/update-error-empty-destination...

https://forums.opensuse.org/t/packman-and-updating-question/...

https://forums.opensuse.org/t/trying-to-install-a-mail-app-w...

https://forums.opensuse.org/t/zypper-update-stuck-at-some-st...

https://forums.opensuse.org/t/opensuse-leap-issue-with-nvidi...

Need I go on?

New comment by LiamPowell in "OpenSUSE Kalpa"

LiamPowell — Tue, 17 Mar 2026 16:59:39 +0000

It silently messes with the kernel boot flags which breaks the boot process If you do get it to work it silently adds extra broken repos which make it impossible to install packages.

Why would any distro want to support a tool that intentionally breaks things? Ventoy could just boot ISOs without messing with them and everything would work fine, but the developers insist on injecting garbage.

New comment by LiamPowell in "How kernel anti-cheats work"

LiamPowell — Sun, 15 Mar 2026 04:08:30 +0000

> As far as I'm concerned, if the player wants to cheat he's just exercising his god given rights as the owner of the machine.

By this same logic: As far as I'm concerned, if the game developer only wants to allow players running anticheat to use their servers then they're just exercising their god given rights as the owner of the server.

New comment by LiamPowell in "The MacBook Neo"

LiamPowell — Thu, 12 Mar 2026 01:20:42 +0000

Note that this is the new simplified lineup that they "cleaned up" a year or so ago

New comment by LiamPowell in "EQT eyes potential $6B sale of Linux pioneer SUSE, sources say"

LiamPowell — Wed, 11 Mar 2026 03:46:04 +0000

> Nobody uses SuseLinux any more.

What gives you that impression? They had $700MM in revenue in 2022 and many HPC clusters run on Cray OS[1] (which is SLES).

> If SUSE gets 6 billion dollars

Not how sales work.

[1]: https://top500.org/statistics/list/

New comment by LiamPowell in "Two Years of Emacs Solo"

LiamPowell — Tue, 10 Mar 2026 06:07:40 +0000

> I’m a GUI guy though. As soon as I try delving in, I abort when I see things like “just type c-C dingle bob to do x thing.” I’m happy these people found something that works with their brains. I just want a GUI that works like what they use.

You do have that somewhat with packages like which-key that will show you a menu of options every time you press a key. You then learn the keybinds that you use the most. You can also search for them by name and see the keybind like you do with VS Code etc..

Here's what doom-emacs looks like when I press space and then space-t:

https://files.catbox.moe/szfcif.png

https://files.catbox.moe/2kgrai.png

New comment by LiamPowell in "My “grand vision” for Rust"

LiamPowell — Sun, 08 Mar 2026 07:08:35 +0000

> Rust's development process is also design by committee, interestingly enough.

Sure, but it's still quite informal and they just add things as they go instead of writing a complete standard and figuring out how everything interacts before anything is added to the language. Design-by-committee was probably not the best term to use.

New comment by LiamPowell in "My “grand vision” for Rust"

LiamPowell — Sun, 08 Mar 2026 07:04:24 +0000

I didn't say this applies to every committee, but I do think the opposite applies to almost every "try it and see" language.

Examples of cohesive languages designed by committees would be Ada and Haskell.