I played GTA III at like 14-16 fps. After a while you brain get used to it and feels a like a smooth experience. Maybe we have frame generation integrated in our brains? or just happens when we are kids? idk.
If you strip out the swarm logic (ie. downloading from multiple peers), you're just left with a protocol that transfers big files via chunks, so there's no reason that'd be faster than any other sort of download manager that supports multi-thread downloads.
Aspera did the chunking and encryption for you, and it looked and acted like SFTP.
The cost of leaking data was/is catastrophic (as in company ending) So paying a bit of money to guarantee that your data was being sent to the right place (point to point) and couldn't leak was a worthwhile tradeoff.
For Point to point transfer torrenting is a lot higher overhead than you want. plus most clients have an anti-leaching setting, so you'd need not only a custom client, but a custom protocol as well.
The idea is sound though, have an index file with and then a list of chunks to pull over multiple TCP connections.
One thing is that they facilitate, not by inaction but by allowing judges to allow the blocks, and another different thing is saying that is the state the one who issues the block.
would it possible to show to alert only when there are potentials threats instead of every time a folder is open? Like showing a big red alert when opening a folder for the first time with a ".vscode" folder in it?
It's not just the .vscode folder though, the Python extension for example executes code in order to provide language services. How could this threat detection possibly be complete? In this new LLM-assisted world a malicious repository could be as innocuous as a plain text prompt injection attack hidden in a markdown file, or some random command/script that seems like it could be legitimate. There are other mitigations in place and in progress to help with the LLM issue, but it's a hard problem.
This demonstrates the actual real-world problem, though. You're saying "this is a complex problem so I'm going to punt and depend on the user to resolve it". But in real life, the user doesn't even know as much as you do about how Code and its plugins interact with their environment. Knowledgewise, most users are not in a good position to evaluate the dangers. And even those who could understand the implications are concentrating on their goal of the moment and won't be thinking deeply about it.
You're relying the wrong people, and at the wrong time, for this to be very effective.
> It's not just the .vscode folder though, the Python extension for example executes code in order to provide language services.
Which code? Its own Code (which the user already trusts anyway), or code from the workspace (automatically)? My expectation with a language-server is that it never code from the workspace in a way which could result in a side effect outside the server gaining understanding about the code. So this makes little sense?
Your expectation is wrong in this case for almost all languages. The design of Pylance (as is sorta forced by Python itself) chooses to execute Python to discover things like the Python version, and the Python startup process can run arbitrary code through mechanisms like sitecustomize.py or having a Python interpreter checked into the repo itself. To my knowledge, Go is one of the few ecosystems that treats it as a security failure to execute user-supplied code during analysis tasks, many languages have macros or dynamic features that basically require executing some amount of the code being analyzed.
It's terrible. The biggest issue is dependencies, but we've solved it by whitelisting what they are sllowed to use in the pipelines along with writing the necessary howtos.
The thing I should have made clearer is probably that I think the horrible code is great. Yes it's bad, but it's also a ton of services and automation which would not have been made before LLM's, because there wouldn't have been enough developer time for it. Now it being terrible code doesn't mean the sollution itself is terrible for the business. You don't need software engineering until you do, and compute is really cheap on this scale. What do we care their code runs up €5 a year if it adds thousands of euros worth of value?
It's only when something stops working. Usually because what started out as a small thing grows into something where it can't scale that we take over.
Did Airbnb really affect house market that much? Hotels got wayyy more expensive now there so I expect less tourism in the future, wonder if it was a good trade off.
reply