Well, what is your definition of "super reliable in the output", and is it a quantifiable/measurable target or just a feeling?

Is it "more than humans", "more than senior developers", "almost perfect", "perfect"?

> It might behave differently than specified and a human is required to validate every output carefully or else.

Sure, just like meatbag developers. All the security flaws AI finds today were introduced years/decades ago by humans and haven't been found (that we know) by humans in ages.

They also have failures, then again most companies have failures as well at all points in the product cycle.

This site though is pretty useful; first it serves as a central location to point people to with short links in chats/emails/whatever, then it has a quick visual explainer and a link to the detailed technical report for those who want more info. Pretty neat.

Last but not least, buying the domain must have taken 5 minutes, prompting the page must have taken 30 minutes and posting it on HN must have taken 1 minute. So it certainly wasn't a lot of work in the grand scheme of things and probably did not deter the team from doing other important things.

> But it won’t just troubleshoot for you at 2 a.m. Agent Lee will also fix the problem for you on the spot.

Want to hack a site? Just bombard it with security scans at 2 a.m, causing a sudden increase in errors, then lean back and wait a few minutes for the Cloudflare Agent to helpfully disable the security rules for you to drive through.

Would you publish a blog post titled "the XXX test suite proved there was no bug. And then I found one"?

It would be a bit silly, right?

> Q: Why the heck did you hyperlink [the malware installer]?

> A: If someone reads this and they still click the download then they kind of deserve the virus tbh

Basically zero traction here recently, while I would have intuitively thought the vision would spread with recent trends: AI spread, privacy concerns, OS enshittification, disinformation wars, device attestation/control, GDPR...

In our world where most PC owners typically perform dozens and dozens of completely independant tasks (gaming, emailing, banking, streaming, doom scrolling, online buying, web browsing, maybe working even) from a single machine, the current attack surface is enormous and, consequently, the benefits of turning that single machine into dozens of contextual yet independant VMs around a stripped down secure kernel have always appealed to me.

However, searching through HN posts and comments I can't find much (if any) discussion about Qubes OS or its vision, even in the numerous recent threads where people here lament constant data leaks, compromised NPM packages stealing API keys, fake hiring agencies that manipulate you into installing a RAT as part of the process, IA-generated video phishing, etc.

Curious to know more about why that is; surely in 13 years many on Hacker News have heard of Qubes. So why isn't usage of VM isolation in general and of Qubes OS in particular more discussed and more prevalent outside of cybersec and related fields (incident response, offense, malware analysis, activism).

Is there a particular bias against the team or the project? Is it so difficult to use not even HN technophiles even try?

Comments URL: https://news.ycombinator.com/item?id=47687910

Points: 7

# Comments: 6