On the one hand, I get that it's a Sunday, and the CEO can't just write a mass email without approval from legal or other comms teams.

But on the other hand... It's Sunday. Unless you're tuned-in to social media over the weekend, your main provider could be undergoing a meltdown while you are completely unaware. Many higher-up folks check company email over the weekend, but if they're traveling or relaxing, social media might be the furthest thing from their mind. It really bites that this is the only way to get critical information.

Outside of software development, a lot of things that AI can do still require a human to understand and do it. I can't tell Claude to change my oil, or ChatGPT to bake me a cake. I can use them as tools to teach me what to do, same as the Internet, or TV programs, or books, or any other "invention."

Anyone who's launched anything on the web -- anything at all -- and looked at the logs will see all sorts of endpoints being requested for /wp-admin/ or random WordPress plugins, even if their site has never, and will never, run WordPress. Imagine this at scale, with every possible attack method imaginable, blindly hitting everything on the web. That's where I think we're headed, and closed source won't fix that.

The fewer videos they have in focus at a time, the more accurate their algorithms can be.

What type of advertisers would want to advertise next to an AI chat window? How often would ads show? Would the users still enjoy using the platform if you showed enough ads to offset the cost of running the service?

Lot of questions that all boil down to "it depends." None of the big players want to dilute their product with ads (yet). But I definitely think some will be willing.

I hope domain re-verification is fairly automatic once implemented. If I remove my Bluesky information from my DNS, it should be a safe assumption that the affiliated account will soon lose its username, maybe within a week or two. Same if I'm buying a domain; I wouldn't want lingering accounts for months or years after the fact. If it's a more manual process, that could be annoying, especially since you can also use subdomains -- someone could be "admin.example.com" and fly under the radar when selling example.com.

Bluesky (the platform) doesn't, and they acknowledge that. It's centrally owned, and is prone to all of the risks that any other centralized platform offers.

> if I do something controversial or using regulatory arbitrage, I'm interested in how AT is useful for managing that risk.

AT is completely decentralized, like email.

If your account is @motohagiography.example.com, other AT instances will make a DNS query to example.com to see if that has an entry that the AT protocol recognizes. If so, it will make a connection to that instance, and gather your content for display.

However, if a particular instance sees their a volume of unwanted accounts from example.com, they could blacklist that domain from interacting with their instance, so, even with this setup, you are at the mercy of the "big players" respecting you — just like if you try to send email to users using Gmail and Google decides you're suspect.

And, if you violate the laws of where you're located, law enforcement will handle that the same as they would if you violating the laws over HTTP or over email.

You could get by with requiring a unique phone number, but that still risks excluding users, and can get expensive if you intend on catering to an international audience. Even in that case, some people may have a landline and a cell phone, or they may use a friend/spouse/relative’s phone to circumvent your limits.

I think part of the problem is that I knew that some videos were fake, so I was looking to see if their lips matched other movements. If somebody is talking fast, but their body language/movements are far slower than their talking, then it’s a pretty obvious tell.

If I had just seen one of these videos out in the wild, I can’t say if I’d immediately notice they’re fake, since that wouldn’t be the first thing on my mind. I think it’s probably impossible to get an accurate test given this limitation, but this test would be good for more casual people to try (i.e., people outside of HN).

I view it vastly more likely that this isn't anything personal, it's just a new corporate decision to limit who has access to the code. If someone's job is a bit more complicated, but they can still do their work, while the company is far more protected, that is a good trade-off for lots of folks.

Also, your company "looking to reduce expenses" doesn't mean anything. Every company is. You will hear that, in some form or another, in almost any organization. If they have to increase spend for cybersecurity, they will.

Turn off your YouTube history/algorithm. It’s free, and it immediately prevents the Shorts tab from working, and kills your homepage. This means you have to actively subscribe to YouTube channels you enjoy, or search for topics you want to know about in that moment. I cannot recommend it enough.

The silver lining is that, their idea (which they later reveal that they “forgot to mention” will also include full banking support and the issuance of cards) is very complicated and will require years of non-stop planning and paperwork before a single customer can be onboarded.

This isn’t handing your friend the keys to a jet and letting them fly a plane, this is your friend wanting to enroll in pilot school. It’s good to try, and, if you realize it’s not for you, there’s nobody harmed as a result.

But the 80% number may be hard to reach, depending on what your current intake is. And since there’s no real way to measure what your intake is, and how low you get, it’ll be much harder.

Moving to a farm won’t necessarily help. You still need to buy things to run a farm, many of which are packaged in plastic. You still need clothes. There will always be some element of risk involved.

A better phrase may be "Don't say things that will hurt the feelings of those who are grieving," but that doesn't roll off the tongue so easily.

With CHIPS, you can login to Facebook.com and your cookies are stored in the "cookie jar" labelled "facebook.com." Then, when you go to example.com, the "cookie jar" that the Facebook embed can use is "example.com->facebook.com." This means that Facebook cannot use cookies to track you across every website.

Unlike outright blocking cookies, however, CHIPS still allow well-behaved embeds to function. This allows customer service chatrooms to retain history, videos to remember where you last stopped, and so forth, even on subsequent refreshes, since they can read and write to their own "example.com->[embedded site domain]" cookie jar.

This compromise perfectly breaks cross-site tracking, while allowing useful third-party embeds to still operate.