I'm not sure most systems programmers would agree that a language with GC is suitable for their work.
"No syntactic sugar" and "no macros" sounds like a recipe for boilerplate that will be offputting for many.
Please consider adding some code samples to the front page of documentation, as syntax can be important to people.
I disagree with some other details, but I do think that a low level GC language that doesn't have some of Go's particular warts (particularly nil and error checking) is worth pursuing.
Writing the initial compiler in Typescript is an interesting choice but I suppose that won't matter after it's bootstrapped.
Ultimately it's hard for me to take the project seriously at such an early stage but I don't think it's fundamentally flawed. Good luck
Currently, this compiler is not at such an early stage.
There’s no need to post any code samples on the website right now. If you’re willing to try the compiler, just dump the spec packaged with the release into the LLM and let the LLM write the code.
My understanding is that 50% of people in the state of Utah are mormon. I'm not saying there wasn't corruption, but it could very well be pure chance with those odds.
If cops are pulling over another person from Utah probably not a big deal but when dealing with an outsider from out of state the situation is different.
Hate to break it to you but the Mormon belt extends well up into Idaho (probably all the way to Montana on the East side) and down into Arizona, and diffuses out quite far from there. Probably need to go through Montana or skirt the Mexican border areas to avoid it, but border areas these days come with their own issues self created by our government...
I lived in Idaho Falls (well within the majority Mormon area that extends farther North at least to Rexburg) and never had an issue, but I definitely knew I was not part of the club.
Utah Mormons are of a different mindset, they're on home turf in their promised land and they act like it.
There's a Mormon that runs a local business in my area. One day he puts his business up for sale because he wants to move to Utah to get closer to his faith. Ends up moving back and reopening a couple of years later -- turns out he was Mormon, but not Mormon enough. They don't like outsiders, not even the Mormons from out of state, which kind of makes sense with being a historically polygamous group which expels the young men who aren't in the "in" group. Breeds a mindset of exclusivity.
Yeah the Mormons in Utah are of a much more vapid culture than those from out of state, I can say from experience. All of the out-of-stater Mormons I've met that were here for BYU and such, they all said they can't stand the people here. Don't blame them one bit.
Drives me crazy too, but headline writers/editors were addicted to "quietly" long before LLMs. Online journalism has been full of these types of tropes for ages.
I hate it. I was on a history subreddit yesterday, reading a submission that was an AI generated history piece —- but seemed to be sourced entirely from a fictional hollywood movie
I only knew that because i saw the movie, but it’s a clear sign that the internet is going to shit for quality information
I thought at first when you said “fictional hollywood movie” that you were saying that not only were the details in the submission made up, but the movie that they got them from was also made up.
Well, I suspect the non-LLM ones will become much more expensive than they are now due to the specialist knowledge they’d require to make combined with the smaller pool of people willing to pay for the difference
Even running a port scanner is enough to face disciplinary action at many US colleges. Taking down the network for the entire school for 15 minutes surely deserved more consequences than were doled out here. I'd encourage the author to focus their efforts and talents on something more constructive.
Why would they deserve “more consequences”? Academia isn’t the real world. It’s a place where people can learn how to interact with the world as an adult. People should be encouraged to experiment (within reason) and if there is no actual bad intent, consequences should focus on learning rather than punishment.
Maybe my net worth is too low but I just don't see a value proposition. I don't want daily emails from LLMs and if I need updates on my investments any more often than quarterly (at most), I should probably seek safer investments. I am a bit interested in budgeting tools, but I want them to be completely deterministic. For me at least, financial planning is pretty uneventful and time spent optimizing expenses more than I already have would be better spent seeking a higher paying job.
I use actualbudget.org to track all spending, but only update investment accounts ("off-budget" in Actual Budget terms) once a month. Completely deterministic, as all things related to numbers should be.
I have pointed my LLM at the SQLite DB and asked it to tell me what it could see from my last five years of transactions, and I was impressed with the things it picked up, and what it reminded me of, but I'm not sure I saw any value in the sense of anything I would change.
I'm going to have it review things monthly to see if that helps me, but I'm not sure it will. I'm generally already aware of how my finances are going because of my budget updates.
There's many reasons why this piece wasn't made for me, so I don't want to begrudge anyone, but I wonder how much we can do to alieve this as a society by normalizing childlessness. I never wanted to have kids, but if I did, I doubt I would've been willing to endure what the author did for it. You can (and honestly I think most people should) live a long and fulfilling life without having kids. Myself and so many of my peers were raised in households that really were not good places for children. I'm of course grateful to exist and indebted to my mother for her countless sacrifices, but it pains me to think about how much happier she might have been if she didn't feel compelled to become a mother. I hope someday having children becomes the exception rather than the norm, because it doesn't feel like something that should be taken lightly. I hope that finding out you're infertile can be met with "Oh, okay. I guess I'll do something else then," the same way that folks with imperfect vision can't be pilots or astronauts and those with tremors can't be surgeons. I'm glad IVF is available for people who want to pursue it, I just want to live in a world where no one has kids "by default" without truly accepting the toll it will take.
Another quick thought - so long as we live in a world where children in need of adoption exist, I hope we can make adopting more normal too. If you're in a position to become a parent, why on Earth would adoption not be the default? It seems much better for everyone involved. The fixation on breeding and having children whose genetics perfectly match your own is strange and mildly alarming to me.
Although I agree with your sentiment, it should be remembered that the fixation on breeding is fundamentally baked into our psychology by evolution. We can argue against it logically, but we can't tell people to just stop feeling a certain way.
Adoption is incredibly, incredibly hard. Especially in Western countries, there are actually more people who want to adopt than there are kids to adopt. When you add in overseas adoption, it gets even harder and more expensive.
In short, adoption is incredibly expensive, stressful, and not a sure thing.
> hope someday having children becomes the exception rather than the norm, because it doesn't feel like something that should be taken lightly.
Doesn't this seem extremely selfish?
The fewer mothers there are, the more children each mother will have to give birth to.
If one in two women decide to become mothers, then each mother needs to have four children. If one in four become mothers, then it means each mother needs to give birth to eight children.
Since you are depending on those children to work for you during retirement, you're essentially leeching off other people's children.
No wonder mothers no longer think they are sacrificing themselves for their children, but rather for a capitalist machine that requires more bodies.
I'm confused. Your second to last paragraph implies an anti-capitalist stance, and yet the rest of your post reiterates capitalist propaganda. All of your “has to”s/“needs to”s fall under this. Needs to for what? For the grass to grow and the birds to sing? No, it's for the capitalist machinery to chug along.
You also talk about selfishness but at same time are implying that you want children to work so that you can have your cushy retirement. Our society should just stick together in solidarity; to paint this as “leeching” is also capitalist propaganda.
While I agree the name change has not (yet) been made with the proper authority, I'm quite partial to the name and prefer to use it despite its prematurity. I think it does a better job of communicating the types of work actually done by the department and rightly gives people pause about their support of it. Though I'm sure that wasn't the administration's intention.
For context, lobste.rs has been struggling lately with a high uptick in posts on the front page that were either clearly vibecoded themselves or just about vibecoding something small, while the userbase is polarizing itself into two groups: one that dislikes ai for usually ethics-related reasons and makes anti-ai comments on every post that mentions it, and a smaller but still present pro-ai group that tries to discuss using coding models in good faith. Imo it's something of an identity crisis for lobste.rs.
I realize that this comment comes off as pro-ai, but I mostly agree with the first group that a lot of these posts are low effort and annoying. To me "This weekend I used Claude Code to poorly copy someone else's markdown editor here's Claude's story of how it did it" and similar is about as interesting as "I copied a bunch of code snippets I don't understand from stack overflow, here's all the links to them."
Somehow or another, HN has done a better job of keeping up a greater variety of content on the front page so it's not as much of an issue for me here, though it does still happen on e.g. days with big model releases.
The article is nearly useless for users of the software who want to know how their data may have been affected. The researchers' website is more descriptive, especilly wrt specific findings.
That's much better, thanks. According to the Bitwarden blog post: https://bitwarden.com/blog/security-through-transparency-eth... which contains its full cryptography report at the end, all the issues have been fixed except a few which are considered part of the design (see below), so if I understand correctly you have nothing to worry about if you don't use organizations and use a strong password.
Issue 5: Organisation Key Injection (Medium)
When users interact with organizations, a trust relationship is established through the exchange
of cryptographic keys. A malicious server could add users to arbitrary organizations by
encrypting an organization symmetric key under the user's public key and including it in sync
responses. The client would silently accept the new organization membership. Alternatively,
when a user creates an organization, the malicious server could substitute the newly created
organization's keys with attacker-controlled keys during the post-creation sync.
Issue 7: Disable KDF Bruteforce Protection (Low)
Bitwarden uses Password-Based Key Derivation Functions (PBKDF2 or Argon2id) to derive the
master key from the user's master password. The iteration count – currently defaulting to
600,000 for PBKDF2 – provides brute-force resistance. The researchers identified that KDF
settings are stored on the server without authentication, allowing a malicious server to reduce
the iteration count and receive a master key hash that is faster to brute-force.
Issue 9: Malleable Vault Format and Unencrypted Metadata (Low)
The researchers identified that while individual fields are encrypted, metadata about field positions and item structure is not integrity-protected, potentially allowing field reordering or item manipulation
Issue 10: Access Violation in Organisation Collections (Low)
Organization collections enable shared access to vault items among organization members. By
design, the organization symmetric key is shared with all organization members, allowing them
to access collection contents to which they have specifically been granted access
"All issues have been addressed by Bitwarden. Seven of which have been resolved or are in active remediation by the Bitwarden team. The remaining three issues have been accepted as intentional design decisions necessary for product functionality."
For clarity, one of the "Accepted" vulnerabilities is that attackers who control the Bitwarden servers can set the PBKDF iteration count to "1". They set the severity of this to "low".
They've also "accepted" a vulnerability --- BW01 from the paper, I believe --- that allows a malicious server to read all vault items from a user as soon as they accept any invitation (real or not) to an "organization".
No matter how compromised a server gets, ideally the client should never be able to provide it unencrypted data, or data is encrypted in a way such that the server can decrypt it. It is unclear if Bitwarden has fixed this core issue or not.
"No syntactic sugar" and "no macros" sounds like a recipe for boilerplate that will be offputting for many.
Please consider adding some code samples to the front page of documentation, as syntax can be important to people.
I disagree with some other details, but I do think that a low level GC language that doesn't have some of Go's particular warts (particularly nil and error checking) is worth pursuing.
Writing the initial compiler in Typescript is an interesting choice but I suppose that won't matter after it's bootstrapped.
Ultimately it's hard for me to take the project seriously at such an early stage but I don't think it's fundamentally flawed. Good luck
reply