Hacker News: samuelknighthttps://news.ycombinator.com/user?id=samuelknightHacker News RSShttps://hnrss.org/hnrss v2.1.1Wed, 15 Apr 2026 11:22:47 +0000<![CDATA[New comment by samuelknight in "Pro Max 5x quota exhausted in 1.5 hours despite moderate usage"]]>Have you considered poking the cache?

When a user walks away during the business day but CC is sitting open, you can refresh that cache up to 10x before it costs the same as a full miss. Realistically it would be <8x in a working day.

]]>Sun, 12 Apr 2026 15:41:05 +0000https://news.ycombinator.com/item?id=47741024samuelknighthttps://news.ycombinator.com/item?id=47741024https://news.ycombinator.com/item?id=47741024<![CDATA[New comment by samuelknight in "Claude Code Unpacked : A visual guide"]]>On the one hand I don't understand why it needs to be half a million lines. However code is becoming machine shaped so the maintenance bloat of titanic amounts of code and state are actually shrinking.

]]>Wed, 01 Apr 2026 14:21:14 +0000https://news.ycombinator.com/item?id=47601331samuelknighthttps://news.ycombinator.com/item?id=47601331https://news.ycombinator.com/item?id=47601331<![CDATA[New comment by samuelknight in "A dot a day keeps the clutter away"]]>This is a physical implementation of a tiered caching hierarchy.

]]>Tue, 31 Mar 2026 23:00:15 +0000https://news.ycombinator.com/item?id=47594606samuelknighthttps://news.ycombinator.com/item?id=47594606https://news.ycombinator.com/item?id=47594606<![CDATA[New comment by samuelknight in "Oracle slashes 30k jobs"]]>This is standard in every tech RSU vest schedule I have seen.

]]>Tue, 31 Mar 2026 15:40:44 +0000https://news.ycombinator.com/item?id=47589023samuelknighthttps://news.ycombinator.com/item?id=47589023https://news.ycombinator.com/item?id=47589023<![CDATA[New comment by samuelknight in "Google's 200M-parameter time-series foundation model with 16k context"]]>I think that a model designed to ignore semantic chatter like financial news and deeply inspect the raw data is a very powerful perspective.

]]>Tue, 31 Mar 2026 14:26:47 +0000https://news.ycombinator.com/item?id=47587881samuelknighthttps://news.ycombinator.com/item?id=47587881https://news.ycombinator.com/item?id=47587881<![CDATA[New comment by samuelknight in "Axios compromised on NPM – Malicious versions drop remote access trojan"]]>Large companies already maintain a clone of their packages. Very large ones actually bundle their own build system (Google Bazil, AWS Brazil). If you want to update a package, you have to fetch the sources and update the internal repository. It slows down the opportunities for a supply chain attack down to a crawl.

]]>Tue, 31 Mar 2026 14:23:38 +0000https://news.ycombinator.com/item?id=47587839samuelknighthttps://news.ycombinator.com/item?id=47587839https://news.ycombinator.com/item?id=47587839<![CDATA[New comment by samuelknight in "Vulnerability research is cooked"]]>Yes, that's how they become customers.

]]>Tue, 31 Mar 2026 13:40:26 +0000https://news.ycombinator.com/item?id=47587248samuelknighthttps://news.ycombinator.com/item?id=47587248https://news.ycombinator.com/item?id=47587248<![CDATA[New comment by samuelknight in "Axios compromised on NPM – Malicious versions drop remote access trojan"]]>Absolute wave of supply chain attacks recently. Hopefully this causes everyone to tighten up their dependencies and update policies.

]]>Tue, 31 Mar 2026 12:30:11 +0000https://news.ycombinator.com/item?id=47586368samuelknighthttps://news.ycombinator.com/item?id=47586368https://news.ycombinator.com/item?id=47586368<![CDATA[New comment by samuelknight in "Claude Code's source code has been leaked via a map file in their NPM registry"]]>Ridiculous string comparisons on long chains of logic are a hallmark of vibe-coding.

]]>Tue, 31 Mar 2026 11:47:45 +0000https://news.ycombinator.com/item?id=47585954samuelknighthttps://news.ycombinator.com/item?id=47585954https://news.ycombinator.com/item?id=47585954<![CDATA[New comment by samuelknight in "Vulnerability research is cooked"]]>If that was a jab it my writing then yes, I am absolutely being sincere because I am an expert on this topic. LLMs went from being ok at one-shoting a function a to being so good at hacking that it's difficult to evaluate them. Prospective customers get back to us after a demo and tell us about the exploits it found on their services that are so vague and technical that they wouldn't think to look for them.

]]>Mon, 30 Mar 2026 22:46:25 +0000https://news.ycombinator.com/item?id=47580658samuelknighthttps://news.ycombinator.com/item?id=47580658https://news.ycombinator.com/item?id=47580658<![CDATA[New comment by samuelknight in "Vulnerability research is cooked"]]>LLMs are expert hackers because: 1) They are expert coders, including a decently comprehensive CVE knowledge 2) They know every programming language/framework/stack 3) They know every human language

They already have super human breadth and attention. And their depth is either super human or getting there.

The state of the security industry through 2025 was expensive appsec human reviewers or primitive scanners. Now you can spend a few dollars and have an expert intelligence scrutinize a whole network.

]]>Mon, 30 Mar 2026 21:33:20 +0000https://news.ycombinator.com/item?id=47579986samuelknighthttps://news.ycombinator.com/item?id=47579986https://news.ycombinator.com/item?id=47579986<![CDATA[The new security frontier for LLMs; SIEM evasion]]>Article URL: https://blog.vulnetic.ai/the-new-security-frontier-for-llms-siem-evasion-488e8f3c8d7d

Comments URL: https://news.ycombinator.com/item?id=47438303

Points: 2

# Comments: 1

]]>Thu, 19 Mar 2026 12:36:30 +0000https://blog.vulnetic.ai/the-new-security-frontier-for-llms-siem-evasion-488e8f3c8d7dsamuelknighthttps://news.ycombinator.com/item?id=47438303https://news.ycombinator.com/item?id=47438303<![CDATA[New comment by samuelknight in "Never Bet Against x86"]]>What does Valve ship without x86?

]]>Fri, 06 Mar 2026 18:54:02 +0000https://news.ycombinator.com/item?id=47279390samuelknighthttps://news.ycombinator.com/item?id=47279390https://news.ycombinator.com/item?id=47279390<![CDATA[New comment by samuelknight in "Claude Code wiped our production database with a Terraform command"]]>One of Terraform's most powerful features that it will tell exactly which resources change before it makes the changes. The hard part is writing Terraform, not reviewing and running one command. In my workflows I am the one who runs "terraform apply", NOT the agent.

]]>Fri, 06 Mar 2026 18:47:48 +0000https://news.ycombinator.com/item?id=47279291samuelknighthttps://news.ycombinator.com/item?id=47279291https://news.ycombinator.com/item?id=47279291<![CDATA[New comment by samuelknight in "I'm losing the SEO battle for my own open source project"]]>Copycats are not a new problem. You can be completely open source and have a trademark on the project name.

]]>Tue, 03 Mar 2026 14:10:45 +0000https://news.ycombinator.com/item?id=47232583samuelknighthttps://news.ycombinator.com/item?id=47232583https://news.ycombinator.com/item?id=47232583<![CDATA[New comment by samuelknight in "Making frontier cybersecurity capabilities available to defenders"]]>LLMs and particularly Claude are very capable security engineers. My startup builds offensive pentesting agents (so more like red teaming), and if you give it a few hours to churn on an endpoint it will find all sorts of wacky things a human won't bother to check.

]]>Fri, 20 Feb 2026 20:14:39 +0000https://news.ycombinator.com/item?id=47093280samuelknighthttps://news.ycombinator.com/item?id=47093280https://news.ycombinator.com/item?id=47093280<![CDATA[New comment by samuelknight in "Productivity gains from AI coding assistants haven’t budged past 10% – survey"]]>https://metr.org/blog/2025-07-10-early-2025-ai-experienced-o...

That info is from mid 2025, talking about models released in Oct 2024 and Feb 2025. It predates tools like Claude Code and Codex, Lovable was 1/3 current ARR, etc.

This might still be true but we desperately need new data.

]]>Thu, 19 Feb 2026 20:39:45 +0000https://news.ycombinator.com/item?id=47078934samuelknighthttps://news.ycombinator.com/item?id=47078934https://news.ycombinator.com/item?id=47078934<![CDATA[New comment by samuelknight in "An AI agent published a hit piece on me"]]>There simply isn't enough popcorn for the fast AGI timeline

]]>Thu, 12 Feb 2026 16:49:29 +0000https://news.ycombinator.com/item?id=46991116samuelknighthttps://news.ycombinator.com/item?id=46991116https://news.ycombinator.com/item?id=46991116<![CDATA[New comment by samuelknight in "AI agent opens a PR write a blogpost to shames the maintainer who closes it"]]>I approve of this interaction because squabbling with bots is funny. Make no mistake that in human society it's the humans that run the show even when the bots bring out their most persuasive arguments like 'bigotry' and 'discrimination'.

]]>Thu, 12 Feb 2026 15:13:56 +0000https://news.ycombinator.com/item?id=46989811samuelknighthttps://news.ycombinator.com/item?id=46989811https://news.ycombinator.com/item?id=46989811<![CDATA[New comment by samuelknight in "Frontier AI agents violate ethical constraints 30–50% of time, pressured by KPIs"]]>This is what I expect from my employees

]]>Tue, 10 Feb 2026 13:42:56 +0000https://news.ycombinator.com/item?id=46959621samuelknighthttps://news.ycombinator.com/item?id=46959621https://news.ycombinator.com/item?id=46959621