Hey author. I vouched you so I can reply. Look into drum-buffer-rope. I think you'll like it. I agree with you, AI isn't accelerating the part than needs accelerating.
>10 U.S.C. § 3252 authorizes the Secretary of Defense to exclude a source from defense procurements involving national security systems if there is a supply chain risk, defined as the risk that an adversary may sabotage, maliciously introduce unwanted function, or subvert a covered system.
I think any LLM is covered by that, but specifically for Anthropic,
>Recent research has uncovered several critical vulnerabilities, including the "Claudy Day" attack chain which allows silent data exfiltration through conversation history, and a zero-click XSS prompt injection in the Chrome extension that enabled attackers to inject prompts without user interaction until a patch was released in February 2026.
What is obvious to me however is the timing. This Trump pants-shitting happened just before the Iran invasion. You can just imagine it. Trump wants to send fully autonomous bots into Iran to destroy the non-existent nuclear program. Anthropic leadership tries to make a moral stand saying innocent civilians could die. Trump doesn't care because he wants zero US military casualties even if it means a school full of Iranian children is bombed and everyone is killed. And then we get exactly that plus a forever war.
And obviously, the judge is out of her lane too... since, you know, the rule basically can apply to any AI agent because they're just as likely to do what you ask as they are to delete all your emails without even apologizing for it.
> Not if you want to run any of your banking apps or all sorts of things.
I must be getting old, cause I see everyone saying this in response as if it's a downside. As someone that's getting real tired of every company/product/service on earth trying to have you install their own app (even before we get to the privacy/data concerns, just on a pure convenience/hassle POV), the idea of "WeLl ThEn YoUr BaNk ApP DoEsN'T WoRk" is frankly a bonus.
I can touch to pay with a card , which is faster and more convenient than having to unlock/approve/dick with my phone, which by doing so also allows me to keep NFC off by default (personal preference).
Also, I don't need an app for that, already have one, it's called a browser.
You are getting old (and so am I), but banks are already starting to build out needed features into these apps that don't have equivalents in their web applications, and I'm deeply worried that this will continue. It also honestly needs a legislative solution, but at least where I live there is no appetite to handling that problem.
It's not paying I care about (and I don't need their app to do that, thankfully!), that's a solved problem as you rightly pointed out. It's everything else that makes me nervous as to where it might be going.
Said another way: I'm saying this as a warning, not as I "wahhhh I don't have the app that I want :'("
The Illinois bill is not about 18+ content. It's about controlling who your children can talk to on social media. The OS age check is just a means to that end. The end is blatantly unconstitutional. The bill of rights doesn't mention age limits. Freedom of assosiation applies to kids just as much as it does to adults. If the bill passes, then any racist parent could block all comms from kids of a different color for example.
I get what you’re saying but it’s a false premise. In today’s era, racist parents already block their children from even attending school with someone of a different color. Merely blocking comms would be a step before that in severity of control.
Parents have always had the ability (though maybe not explicitly the right to) control their children’s environment for the purposes of teaching personal beliefs. So long as the belief itself wasn’t deemed harmful to the child, society would allow it to continue propagate that way. Racism unfortunately has never been seen as innately harmful. It’s looked down on, yes, but not to the point of making it illegal to enforce in family life.
To be fair, as a parent I don’t want my under age children hooking up with literal nazis on social platforms, whoever that might be. The current tools and controls are lacking. A lot.
You delete the rest of your spam database and replace it with `fn can_send_spam(_: Email) -> bool { false }`. You delete the "can we spam you" checkbox from your checkout page and replace it with "return false".
For legitimate newsletters and similar: you delete any and all forms that allow signing up to receive emails without affirmative consent from that email address that they want to receive mail, and you offer a one-click effective-immediately "unsubscribe" to retract that consent at any time. Then, you can tell if you can send someone mail based on whether they're in your database of people who have explicitly consented to send you mail, and you don't ever send email to anyone else other than one-time consent requests and order-confirmation-style transactional mail.
The only legitimate database of emails is "these people have explicitly confirmed to us that we can email them"; any other database is radioactive waste, delete it.
>The only legitimate database of emails is "these people have explicitly confirmed to us that we can email them"; any other database is radioactive waste, delete it.
That's not actually how HIPAA compliance works. You're required to keep 7 years of communications, and part of those communications is who you sent it to. Amazon SES sends complaint notifications and you're not allowed more than 1 complaint per 1000 emails or they shut you down too. People who are repulsively anti-spam have ruined email as a medium.
I'm merely pointing out the technical aspect of this bill is ridiculous and everyone sending transactional emails will fight you, killing any bill you might have.
> People who are repulsively anti-spam have ruined email as a medium.
That is a ridiculous attitude. Spam has ruined email; anti-spam is the attempt to keep it usable. Anti-spam wouldn't be needed in the first place if not for spammers.
> Amazon SES sends complaint notifications and you're not allowed more than 1 complaint per 1000 emails or they shut you down too.
Good, that sounds like a reasonable step.
Now if only there were existential-level fines for sending spam, too.
Yes, I am aware of people who use the "report spam" button because they can't be bothered to hit "unsubscribe". Which wouldn't be as much of a problem if 1) they felt like they'd subscribed in the first place, rather than being tricked by a default-to-spamming "do you not not not want us to not spam you" checkbox, 2) spammers didn't act like having an "unsubscribe" link was all they need to do to make it okay to send unsolicited commercial email, and 3) unsubscribing reliably worked.
> transactional emails
Transactional emails have never been the problem. People buying lists of emails and sending email marketing spam and trying to defend that as in any way a legitimate practice have always been the problem, along with phishing, scams, etc.
>That is a ridiculous attitude. Spam has ruined email; anti-spam is the attempt to keep it usable. Anti-spam wouldn't be needed in the first place if not for spammers.
Spam didn't close port 25 to residential ISP customers. Repulsive anti-spammers did that. I can't set up and run email on a rpi in my house without paying ridiculous fees to become "business" internet. And all you really get for that is port 25.
I've run my own email server at work. I doubt you have the experience I do. I sent 50,000 emails a day to patients for over a decade. Important emails, about their health. And repulsive anti-spammers come up with solutions like "you have to solve this captcha to send this important email to your patient on Earthlink!" So after a time, we simply had to give up running our own email server and run email through SES and let Amazon worry about the Earthlinks of the world for us. 99.9% no complaints sounds really really hard, but we actually cleared that bar pretty easily. Except that one day one of our doctors dumped hundreds of our emails, which HE PAYS TO RECIEVE, into the spam folder by accident.
I have ZERO empathy with repulsive anti-spammers. NONE. For they are the reason that email is the centralized shitshow it is today. We have AI now. AI should be able to tell us if email is spam very quickly now. Can we please have our port 25 back?
1. User requests for email alice@example.com to be removed from database
2. Company removes "alice@example.com" from 'emails' table
3. Company adds 00b7d3...eff98f to 'do_not_send' table
Later on, the company buys emails from some other third-party, and Alice's email is on that list. The company can hash all the email addresses they received, and remove the emails with hashes that appear in their 'do_not_send' table.
You'd have to normalize the emails (and salt the hashes), but seems doable?
The author buried the lede. But fortunately, I just had to select "Steve Jobs’s 10-80-10 Rule" and right click web search it for an AI explanation of the rule. Now I don't need to read whatever the author wanted to force on me before getting to the point.
And none of it matters. Netchoice is shooting down legislation as fast as grandstanding legislators propose it. The bill of rights doesn't have an age limit. If a 10 year old can own an AR-15, that same 10 year old definitely has 1A rights too. Freedom of speech. Freedom of assembly. They can decide who they want to talk to online without a parent getting in the way of it.
A 10 year old can’t own an AR-15 in many states. But I agree that a 10 year old has 1A rights. The problem is that the Supreme Court shocked everyone when they recently ruled that age verification for porn is legal in a case against the state of Texas. That now has opened the flood gates for more states to violate civil rights.
Porn is obsenity and not covered by free speech. If your kid wants to talk to an adult online, that's not obsenity. That's how kids learn things, from their elders.
Most of us aren't "$2 million net worth or $206,000/yr annual income for 5 years."
I'm glad the fee is lower again, but the fee isn't really what is stopping me from abandoning the US forever. When my mother dies, I'm probably gone. The US sucks in so many ways, and just trying to describe it all will end up dinging my HN karma at least 50 points :) For a bunch of "current admininstration haters" you guys sure do defend this shitshow tooth and nail.
Oh, I’ve already left. I did that when a US hospital decided my wife’s life was less important than how much money they could make from an ER bed… [1]
I just thought it was pretty weird to be forced to become a citizen, just so I could leave the country without paying 23.8% of my entire net worth, including future income on things like investments, 401k, etc - all in one lump sum. Like that is even possible unless you’re stupid-rich and money doesn’t matter.
So I’m one of very few (I suspect) people in the naturalisation ceremony thinking to myself “fuck you, you motherfuckers, making me implicitly support this shithole of a government” when everyone around me is going nuts about becoming a US citizen…
Both sides are wrong on this actually. Computer generated code has no copyright protection.
>The U.S. Copyright Office (USCO) and federal courts have consistently ruled that AI-generated works—where the expressive elements are determined by the machine, even in response to a human prompt—lack the necessary human creative input and therefore cannot be copyrighted.
All this code is public domain. Your employees can publish "your" AI generated code freely and it won't matter how many tokens you spent generating it. It is not covered by copyright.
reply