Apple could make settings for controlling exactly what is shared with the various assistants installed including Siri itself. No need for defaulting to full access.

Apple is not abiding, because they want to use time to really ensure they have the best assistant, before they allow competitors to build assistants for iPhone that can replace Siri (in the EU only probably)

EU rejected that. DMA says that 3rd parties must have the same access to data as Apple does, and obviously Apple does not want to turn Siri into a cookie banner party.

Apple don’t want you to be able to say “Hi Alexa” or “Ok Google” to your iPhone, and wake it up.

We have all kinds of data access controls, these could probably also be built around Siri and competitors.

Anymore than Amazon or Google want you to say "Hey Siri" to wake up their devices.

But if you look behind yourself your head is pointing away from the screen.

Typically people don’t use 1:1 movement when using something like this. It’s a much higher ratio so you only have to slightly move your head to look around. It allows you to do it quicker but also avoids exactly what you’re describing.

It's not a 1:1 link with these, turning your head only slightly is enough to look behind in game.

Not necessarily if you've got a curved ultra-wide display. Combine this with some rotation factor and you can look around while still looking at the screen.

> The first proper zero auth password reset I've seen in production.

LinkedIn had one back in the day, before you got paid for discovering it I guess, never got a decent reply from them, but they eventually solved it.

It went like this: they assumed that if you could read mail sent to some address, that address was yours and could be added to your account.

So if I send you a LinkedIn invite to an email address, and you click the accept invite button, that email address was added to your account. You could then send this email to any address you controlled (let’s say foo@example.com), then use the invite button link in a forged email and send it to someone else on their email, whenever they clicked foo@example.com was added to their account without them knowing.

When you got the response that you were friends, you also knew that you know had an email address added to that users account and you could do a full password reset by using the foo@example.com that you initially sent the email to.

I found it because someone invited a whole mailing list and after clicking it the mailing list email was suddenly added to various peoples accounts.

> someone invited a whole mailing list

IIRC, LinkedIn would email everyone in your "address book" (or anything else it could find) back in the day.

You recall correctly. It is too bad they have been rewarded for it instead of the lot of c suite being sent to jail and ill gotten gains clawed back

Yes. When someone with Hotmail signed up it mauled all your contacts somehow with an invite.

20 years ago this was not unheard of. One exam we had to translate C code to assembly for one of the exercises, convert to numbers to IEEE754 representations and similar, both tasks where access to a laptop would make it possible to cheat. Also had to modify some small computer architecture diagrams if I recall correctly.

For the linear algebra written exam it didn’t work as if you learned to solve the 4 previous years exams, you could be sure most of it was familiar, so you could just prepare for a few standard exercises without really understanding the content.

Our advanced algorithm course used a bit of a combination, with a project take home exam (knapsack like optimization problem - competing for the fastest implementation) combined with a two hour written exam with multiple choice answers, but again only with books, pencil and paper to get to the right answer. This I think could work today, having both the opened ended project + some multiple choice with pencil/paper.

Roundabouts with with 5-10 bicycles going in and out from the different roads all the time during rushhour (Copenhagen, Denmark)? I would love to see them looking for people’s tiny hand gestures and not just get stuck in our traffic over here.

I've driven in the Netherlands once for a week. Now I have nightmares involving bicycles.

Reminds me of Peter Naurs Turing award lecture: https://video.ku.dk/video/12592041/turing-laureate-peter-nau...

I think it depends on what you find enjoyable. I think people who like the tinkering and the actual act of coding, debugging, etc. will find it less and less fun to be in this area, but people who like to look at the big picture, and solve problems, will see that they will now be better at both getting overview of larger and larger codebases and that technical debt that was never attainable to solve before can now be “outsourced” to LLM’s.

I find that fun. I work in a 50 year old IT company, with lots of legacy code and technical debt which we have never been able to address - suddenly it’s within reach to really get us to a better place.

The best way to have a big picture view of a project is to build a mental model of that project in your head. Coding with LLMs removes that ability, and replaces it with an illusion.

Well if you have experience reviewing other people’s code, it is not that different than finding an idea, asking copilot to do it, and then review just as if you had a ton of junior engineers to write code for you, which also can go too far in one direction before asking for feedback.

So it really depends on your reviewing ability how maintainable code you will get. It is a bit of effort to review something “you have done” as thoroughly as something a colleague have done. Somehow I still feel sense of ownership even though the LLM did it.

I like reviewing using GitHub’s interface, so I often do a thorough review in that familiar interface while the PR is still draft, and before I have invited others to review. If I review my own code directly in my editor when the agent is done, my brain isn’t in the right context and can get distracted or skip over something.

Does the thing work like I want it in the end? Is it fast, reliable, enjoyable to use, maintainable, cheap, efficient, resilient, etc?

If so, I don't care if I wrote it by hand or with an LLM. People who think that building something with an LLM somehow dooms the something to mediocrity are engaging in magical thinking. I can simply use as much or as little LLM as will allow me to meet my quality criteria.

You listed "maintainable", but how do you know your project is maintainable, if you yourself have no understanding of the code base? Presumably the reason is that the AI has managed to maintain the project so far, so it follows that it will be able to do so in the future. But that's not a given. It's more of a prayer.

You forgot maintainable.

Added a few more adjectives and an "etc", to cover all pedantic bases that don't matter to my argument.

> "I think it depends on what you find enjoyable"

Exactly this. I use agents every day to either produce tests for code I've written according to the guidelines I set out for it, or to produce the boilerplate code (which is seldom enjoyable) before I get to add the cool stuff.

Furthermore, when I inevitably get stuck on a thornier section of new code, or revisiting a codebase which I've not investigated for some time, I can use the agent to provide ideas and suggestions of where/how to start/get unstuck.

Like any tool - it's how you apply it to the job in hand (and ensuring the job is relevant) that counts.

That, and never 100% trusting the output.

One way of framing this is that people that prefer to solve problems are actually bad at tinkering and writing good code. Hence the existence of terrible codebases written by devs thet “liked to solve problems for the customers”. It is not that clear cut that problem-solvers have that in addition to the tinkering part nor it is guaranteed that tinkerers don’t like to solve problems. Two independent axis!

This is a false dichotomy. There are people who prefer solving problems and are very good at coding, because they've been solving problems with code.

I'm as nerdy as they come (my current project is the fourth compiler I've worked on), and I absolutely love this new way of working. There's a lot more time spent in discussion with the agent (an extremely frustrating discussion, to be fair). All of a sudden, there's an extremely high payoff to investing in good fundamentals (namely, clarity of requirements, good tools, etc.), which are the things I want to invest in anyway! If you get these fundamentals right, you can let the agent rip and produce hundreds of PRs that are correct, or create workflows that are actually not slop or ship code that is, while not yet as high quality as if you wrote it manually, quite close, at easily five times the speed.

And throughout this, if I'm ever curious about how the ideas relate to some other topic, I can just ask the agent, "Are we designing XYZ right now? Categorically, is it this?" Lots of really cool discussions to be had.

I might be less enthusiastic if I was just shipping CSS changes and the like.

I have been trying this as well, and you can quickly come very far.

However, I fear that agents will always work better on programming languages they have been heavily trained on, so for an agent-based development inventing a new domain specific language (e.g. for use internally in a company) might not be as efficient as using a generic programming language that models are already trained on and then just live with the extra boilerplate necessary.

That's my hope but Google has unlimited cash to throw at model development and can basically burn more cash can openai and anthropic combined. Might tip the scale in the long run.