More

up2isomorphism · 2026-04-05T14:26:44 1775399204

A big factor the author ignored, is this potential “strategy” he speculates no longer works in a multi-polar world, especially when there is a thing called China. It is not exactly true if reopening Hormuz is simply a will of US or not.

The damage of loosing even 1 carrier is much much higher than 20 years ago because of this. But US force itself to play this unfavorable game that its enemies can not even dream about.

up2isomorphism · 2026-04-05T06:24:08 1775370248

Not sure why people have to upgrade to the newest major kernel version as soon as it is released.

conradludgate · 2026-04-05T06:36:06 1775370966

It's the performance team's job to test these things. Doesn't mean they're going to deploy it immediately.

Someone should be testing these things and reporting regressions

jeltz · 2026-04-05T09:20:25 1775380825

If nobody tests and reports these things when the version is released the regression would not be fixed when people start using it in production.

IshKebab · 2026-04-05T07:30:12 1775374212

Don't make excuses.

up2isomorphism · 2026-04-04T02:42:52 1775270572

But on the other hand, Claude might introduce more vulnerability than it discovered.

yunnpp · 2026-04-04T03:02:32 1775271752

Code review is the real deal for these models. This area seems largely underappreciated to me. Especially for things like C++, where static analysis tools have traditionally generated too many false positives to be useful, the LLMs seem especially good. I'm no black hat but have found similarly old bugs at my own place. Even if shit is hallucinated half the time, it still pays off when it finds that really nasty bug.

Instead, people seem to be infatuated with vibe coding technical debt at scale.

qsera · 2026-04-04T10:51:34 1775299894

> Code review is the real deal for these models.

Yea, that is what I have been saying as well...

>Instead, people seem to be infatuated with vibe coding technical debt at scale.

Don't blame them. That is what AI marketing pushes. And people are sheep to marketing..

I understand why AI companies don't want to promote it. Because they understand that the LCD/Majority of their client base won't see code review as a critical part of their business. If LLMs are marketed as best suited for code review, then they probably cannot justify the investments that they are getting...

up2isomorphism · 2026-04-05T06:33:00 1775370780

Real deal in this case or not does not necessarily mean the Claude code usage is a positive net gain to the software security overall. In fact it is likely the opposite.

It will hurt some CC heavy user’s feeling but that’s a different thing.

khalic · 2026-04-04T11:44:34 1775303074

Guys please read the article before commenting...

up2isomorphism · 2026-04-04T02:39:17 1775270357

LLM won’t help.

up2isomorphism · 2026-03-27T20:49:10 1774644550

I am always skeptical about making anything useful "free". Because unless there is no cost associated with that, "free" is a fake term, which only means someone else absorbs the cost. There are cases which makes sense, but not sure "civic tech" is one of them.

up2isomorphism · 2026-03-27T15:17:50 1774624670

Another dev who doesn’t show respect to what has been done and expect a particular language will do wonders for him. Also I don’t see this is much better in term of readability.

maverwa · 2026-03-27T16:20:03 1774628403

Where do you see the lack of respect? The author wanted to learn how gzip works and chose to implement it in a language they like to do so. As a learning tool, not because the world needs another gzip decompressor.

mianos · 2026-03-27T21:39:12 1774647552

Chose to paste the C into an LLM and said 'make it rust'?

flykespice · 2026-03-27T22:44:05 1774651445

What is your source for that accusation?

Rexxar · 2026-03-28T01:13:52 1774660432

Original zlib code: https://github.com/madler/zlib/blob/develop/contrib/puff/puf...

The code of the article: https://github.com/ieviev/mini-gzip/blob/main/src/main.rs

Top level declarations of the C code:

    #define MAXBITS 15   
    #define MAXLCODES 286
    #define MAXDCODES 30
    #define MAXCODES
    #define FIXLCODES 288

    struct state

    local int bits(struct state *s, int need)
    local int stored(struct state *s)

    struct huffman

    local int decode(...)
    local int construct(...)
    local int codes(...)

    local int fixed(...)
    local int dynamic(...)
    int puff(...)

Top level declarations of the Rust code:

    const MAXBITS: usize = 15;
    const MAXLCODES: usize = 286;
    const MAXDCODES: usize = 30;
    const FIXLCODES: usize = 288;
    const MAXDIST: usize = 32768;
    struct State<'a> 
    struct Huffman<'a>

    fn decode
    fn construct
    fn codes
    fn fixed
    fn dynamic
    fn stored
    pub fn inflate

flykespice · 2026-03-28T13:28:43 1774704523

..that doesn't proves anything.

it's just convenient configuration macros and generic procedures names being reused to implement the steps for the DEFLATE algorithm.

There are only finites ways for you to express a piece of code in a language.

hybrid_study · 2026-03-27T15:44:02 1774626242

he does mention https://github.com/trifectatechfoundation/zlib-rs not just https://github.com/madler/zlib, but it would be interesting to hear from those developers also

up2isomorphism · 2026-03-23T19:59:53 1774295993

Yeah, just because you can grab from your refrigerator a piece of raw meat and put it in a cup of milk in 10 secs and it tastes bad doesn’t mean the refrigerator should be blamed because of this.

volemo · 2026-03-23T21:50:13 1774302613

Yeah, but if the refrigerator is built in a way that makes it very easy to grab some refrigerant when you want to pour yourself a glass of milk (to the point that one has to be careful and skilled to safely drink milk), maybe we should get a new refrigerator.

up2isomorphism · 2026-03-21T14:43:11 1774104191

Go Generic? It sucks.

up2isomorphism · 2026-03-21T03:34:22 1774064062

Why would someone want to learn Unix Programming using OCAML? Not a smart choice. Also this does not look easier to read than a shell script either.

let rec copy_rec source dest = let infos = lstat source in match infos.st_kind with | S_REG -> file_copy source dest; set_infos dest infos | S_LNK -> let link = readlink source in symlink link dest | S_DIR -> mkdir dest 0o200; Misc.iter_dir (fun file -> if file <> Filename.current_dir_name && file <> Filename.parent_dir_name then copy_rec (Filename.concat source file) (Filename.concat dest file)) source; set_infos dest infos | _ -> prerr_endline ("Can't cope with special file " ^ source)

hrmtst93837 · 2026-03-21T10:43:25 1774089805

[flagged]

uecker · 2026-03-21T14:23:58 1774103038

IMHO modern C (with modern tooling) is very reasonable.

up2isomorphism · 2026-03-18T22:50:29 1773874229

Even agree with most of the stuff he said, however in real life, you won't be able to win a fight using these arguments. You can only create a environment to execute these strategies first to get a good product and them use them as a propaganda afterwards.