Hacker News: thombles

New comment by thombles in "Why I email complete strangers"

thombles — Mon, 15 Jun 2026 22:47:18 +0000

A low-risk way to dip your toes in is to email a blogger to say that you enjoyed their post or that you found it helpful. The message doesn’t have to have useful information in it, just be sincere. Per OP, often there won’t be a reply but also often it’s much appreciated - particularly by non-mainstream writers.

New comment by thombles in "Apple Foundation Models"

thombles — Mon, 15 Jun 2026 07:50:11 +0000

There are already on-device models that you can use through this framework as a developer. Claude would just be an additional one.

New comment by thombles in "Claude Opus 4.8"

thombles — Fri, 29 May 2026 07:31:23 +0000

That's my initial experience, yes. It's hard to compare these things cleanly of course. I went through several new contexts on GPT and it just couldn't get traction -- it became hard to keep it focused on "yes there's clearly a race but what actual persistent state got broken"? It just wanted to change the thread priorities so that the problem didn't occur and kept doubling down on that as the solution. Opus made some missteps too but it responded well to my corrections - 2 or 3 significant ones along the way - and it was prepared to keep digging on my exact goal until it found the real issue.

New comment by thombles in "Claude Opus 4.8"

thombles — Fri, 29 May 2026 07:16:17 +0000

Today I was a few hours into chasing down a very tricky timing-dependent bug with GPT 5.5 and we were starting to go into circles. I noticed Opus 4.8 had showed up in GitHub Copilot so I switched over and pointed it at my notes so far. Another hour of steady progress and it tracked it down to some missing synchronisation in an upstream library which was occasionally corrupting a linked list. N=1 but worth every one of those rather expensive 15x requests today. 15x... yeah.

New comment by thombles in "Project Glasswing: An Initial Update"

thombles — Fri, 22 May 2026 22:30:48 +0000

As one of those commenters on the previous post - yep, that theory appears to have been comprehensively trounced. Unless anything comes to light that mythos was applied poorly to curl, the evidence suggests that it’s not uniquely effective vs other AI-assisted approaches. I’ll be interested to see what’s reported in the next curl release.

New comment by thombles in "Mythos Finds a Curl Vulnerability"

thombles — Mon, 11 May 2026 11:46:41 +0000

We will see. As for "testing that could have been done before", Mozilla's posts indicate otherwise. Use of Opus 4.6 led to 22 security-sensitive bugs vs Mythos' 271 (https://blog.mozilla.org/en/privacy-security/ai-security-zer...). They already had the methodology in place when the more powerful model came along (https://hacks.mozilla.org/2026/05/behind-the-scenes-hardenin...):

> Once the end-to-end pipeline is in place, it’s trivial to swap in different models when they become available. Building this pipeline early helped us find a number of serious bugs using publicly-available models, and it also helped us hit the ground running when we had the opportunity to evaluate Claude Mythos Preview. In our experience, model upgrades increase the effectiveness of the entire pipeline: the system gets simultaneously better at finding potential bugs, creating proof-of-concept test cases to demonstrate them, and articulating their pathology and impact.

New comment by thombles in "Mythos Finds a Curl Vulnerability"

thombles — Mon, 11 May 2026 10:53:56 +0000

The question is how many security vulnerabilities are actually left in the code after all the recent AI attention. Either Mythos is a nothingburger, or it's substantially more powerful but there's nothing left to do. Even a large amount of C can be correct eventually. Curl has the _potential_ to become a good data point maybe 6-12 months from now - if researchers and new tools find many more vulnerabilities then Mythos is proved to be hype. If they don't, then maybe Mythos is overkill for today's curl and its capabilities are better deployed elsewhere (like Firefox, apparently).

New comment by thombles in "Mythos Finds a Curl Vulnerability"

thombles — Mon, 11 May 2026 10:08:55 +0000

Curl simply isn't a good data point. It's one of the most picked-over codebases in existence with extensive security testing practices. All the researchers using not-quite-Mythos models have had plenty of time to report bugs up to this point. Daniel may be right that Mythos hasn't been a game changer for curl but the preconditions are different for virtually any other codebase. Perhaps the real marketing here is his own modesty about curl's maturity.

New comment by thombles in "Zig → Rust porting guide"

thombles — Tue, 05 May 2026 02:33:27 +0000

The answer is in the next sentence: "Bun owns its event loop and syscalls." They clearly want to manage their use of threads explicitly, which is not _unusual_ for systems programming but probably less common. Note that `rayon` is different from most of these in that it has nothing to do with async Rust - it's a tool for spreading computation over a thread pool, very popular in non-async projects, but it would also go against their goals here.

New comment by thombles in "BYOMesh – New LoRa mesh radio offers 100x the bandwidth"

thombles — Sun, 03 May 2026 20:58:22 +0000

Is the poster maybe confusing bandwidth (range of frequencies over which a single board can work) with bandwidth (data transfer speeds in bits per second)?

New comment by thombles in "VS Code inserting 'Co-Authored-by Copilot' into commits regardless of usage"

thombles — Sat, 02 May 2026 21:26:07 +0000

I saw this the other day and was pretty confused - I prefer to write my own commit messages and wondered if I’d accidentally let the AI do it this time. Nope, just MS changing things behind my back. Sigh.

New comment by thombles in "Ghostty is leaving GitHub"

thombles — Tue, 28 Apr 2026 20:36:56 +0000

I didn’t read this as a flex. More a rueful admission of his connection/addiction to GitHub.

New comment by thombles in "Cal.com is going closed source"

thombles — Wed, 15 Apr 2026 23:30:26 +0000

It's a meaningful difference for SaaS. Most likely an attacker doesn't have access to your running binary let alone source code, and if they probe it like a pentester would it will be noisy and blocked/flagged by your WAF.

New comment by thombles in "Microsoft is employing dark patterns to goad users into paying for storage?"

thombles — Fri, 10 Apr 2026 06:56:44 +0000

Microsoft could tone it down a bit (especially all the full screen harassment after windows updates) but I wonder how many casual users have had their bacon saved precisely because their documents and desktop got pushed to the cloud?

New comment by thombles in "Microsoft is employing dark patterns to goad users into paying for storage?"

thombles — Fri, 10 Apr 2026 06:54:20 +0000

It’s super hostile. I realised I was going to press it by accident eventually so I switched to Fossify Gallery before I did.

New comment by thombles in "Microsoft is employing dark patterns to goad users into paying for storage?"

thombles — Fri, 10 Apr 2026 06:47:48 +0000

It doesn’t? I use the OneDrive app for scanning documents all the time. + button then “Capture”

New comment by thombles in "I'm betting on ATProto"

thombles — Tue, 31 Mar 2026 03:00:43 +0000

I understand your pedantic point but let me give a realistic reply. If your account, or the account of somebody you like corresponding with, happens to be on an instance that falls into disfavour (not uncommon in my time there) then server bans come out and conversations become broken, even between parties who had no knowledge of the overarching drama. Good luck even understanding it if you aren’t a techie.

New comment by thombles in "Copilot edited an ad into my PR"

thombles — Mon, 30 Mar 2026 07:36:34 +0000

Oof. Why can’t it just do its one job? My interest level in trying these agents has gone from lukewarm to zero.

New comment by thombles in "Windows 3.1 tiled background .bmp archive"

thombles — Mon, 23 Mar 2026 23:37:02 +0000

If you want your nostalgia in multimedia - https://canyonmid.com/

Tangled: Our €3,8M seed round

thombles — Mon, 02 Mar 2026 09:55:27 +0000

Article URL: https://blog.tangled.org/seed

Comments URL: https://news.ycombinator.com/item?id=47215839

Points: 12

# Comments: 7