It took me too long to understand it’s satire. BP went through stratosphere before I noticed.

Let’s hope one of these fake AI grifters doesn’t take this as a serious idea, raised a couple hundred million, and do real damage.

(I’m not against AI, I just don’t like nonsense either in tech, or people)

Very interesting idea, love the simplicity.

Question about this:

“Threads are positioned in the timeline by the original post’s created_at; replies within a thread are sorted by their own created_at ascending.”

Does this mean, I, as the person replying to the post can manipulate my reply time to say, 3 minutes before person X’s reply?

If so, I can imagine a few adversarial ways of (ab)using this.

I understand this is more for friend groups, just curious if my understanding is correct.

Yes that's correct.

edit: I guess an easy fix is to append a cryptographic hash to the post ID, but yeah currently I'm assuming you trust your friends.

Run 100 parallel instances, and make 250M ARR yourself lol

This would kill SNI proxies, correct?

Can you elaborate this part please?

> The concept itself doesn’t even make sense if you fully understand the intersectional scope of technology and society Societies demands are the things that are unsafe not the technologies themselves

Where can I learn more about it?

Go back to the fundamentals and read society of mind from Marvin Minsky or anything cybernetics from Norbert Wiener

Where can I find some of these researches? Any links or pointers are very much appreciated.

Everything I find by searching is marketing BS, or the same half-baked prompt injection protection that only works for cherry picked problems.

Really need some help here finding the right communities.

Always look at conferences and associated workshops. You can start with NeurIPs and ICML. From there, you will figure out some papers on safety. Then, you can see some patterns of labs which work on it full time.

> ask their opinion on the CISSP

This made me lol.

It's a good test, however, I wouldn't ask it in a public setting lol, you have to ask them in a more private chat - at least for me, I'm not gonna talk bad about a massive org (ISC2) knowing that tons of managers and execs swear by them, but if you ask for my personal opinion in a more relaxed setting (and I do trust you to some extent), then you'll get a more nuanced and different answer.

Same test works for CEH. If they felt insulted and angry, they get an A+ (joking...?).

A bit crude, maybe a bit hurt and angry, but has some truth in it.

A few things help a lot (for BOTH sides - which is weird to say as the two sides should be US vs Threat Actors, but anyway):

1. Detach your identity from your ideas or work. You're not your work. An idea is just a passerby thought that you grabbed out of thin air, you can let it go the same way you grabbed it.

2. Always look for opportunities to create a dialogue. Learn from anyone and anything. Elevate everyone around you.

3. Instead of constantly looking for reasons why you're right, go with "why am I wrong?", It breaks tunnel vision faster than anything else.

Asking questions isn't an attack. Criticizing a design or implementation isn't criticizing you.

Thank you,

One of the "security people".

What are they going to do? continvoucly morge my tirm?

A simple HN-like web app that indexes security (and security adjacent) write-ups.

Imagine you, as a security researcher (or any other persona in the security field), wanted to see what prior works are available around bypassing v8 sandbox using webasm, or if what’s been done or found targeting deserialization in Go.

Using this web app, you can search the indexed and tagged write ups.

Also adding MCP support to it so your agents can search too.

Hopefully going live soon.

P.S: I said HN-like, but tbh it’s just the UI that looks a bit like HN (I’m not a good designer, so got heavy inspiration from HN listing style), otherwise there’s no other overlap in functionality yet.