@Stefan Eissing
curl maintainer, protocol droid, likes to code.
"Nobody has any idea what is actually going on."
Relays (1)
- wss://relay.ditto.pub – read & write
Recent Notes
Imagine being CEO in your last year in a stellar career, only to taint it all forever by binding your soul to the orange man at the last moment.
Tragic.🫡
(Yes, he did many things wrong. No, I don‘t like todays Apple either. But…have you looked at the other guys?)
Tragic.🫡
(Yes, he did many things wrong. No, I don‘t like todays Apple either. But…have you looked at the other guys?)
„If you hit unexpected limits or these changes just don’t work for you, you can cancel your Pro or Pro+ subscription“
Let me translate that:
Those data centers we talked about? Yeah…didn‘t happen.
Our enterprise customers are way more profitable for us than you plebs. Eat dirt or go away!
You did not like Clippy, you did not like Recall, you call us Slops…we hate you! Go away faster!
https://github.blog/changelog/2026-04-20-changes-to-github-copilot-plans-for-individuals/
Let me translate that:
Those data centers we talked about? Yeah…didn‘t happen.
Our enterprise customers are way more profitable for us than you plebs. Eat dirt or go away!
You did not like Clippy, you did not like Recall, you call us Slops…we hate you! Go away faster!
https://github.blog/changelog/2026-04-20-changes-to-github-copilot-plans-for-individuals/
@nprofile1q... @nprofile1q... "Proof of Concept", commonly just named PoC in security related discussions.
TLAs can be confusing...
TLAs can be confusing...
@nprofile1q... If you use the kernel API to confused kernel internals, it's a valid vulnerability, yes.
Schwester hat unternehmensweite Copilot Lizenz weil man damit so gut Berichte und Powerpoints machen kann. (Claude gefällt ihr besser, aber Unternehmen „ist halt Microsoft“.)
Hölle.🔥🔥🔥
[Hab meine Haustür abgeschlossen - ich da will nicht mehr raus! Die sind alle bekloppt!]
Hölle.🔥🔥🔥
[Hab meine Haustür abgeschlossen - ich da will nicht mehr raus! Die sind alle bekloppt!]
@nprofile1q... They were looking for crashes only because they needed an automated verifier in their pipeline.
Otherwise they‘d have overwhelmingly false positives, as they noted themselves.
Which is expertly throwing spaghetti at walls with ground sensor that detect where they did not stick.😌
Otherwise they‘d have overwhelmingly false positives, as they noted themselves.
Which is expertly throwing spaghetti at walls with ground sensor that detect where they did not stick.😌
Without changing the price, Claude has become 40% more expensive.
„Opus 4.7 uses the same pricing is Opus 4.6 - $5 per million input tokens and $25 per million output tokens - but this token inflation means we can expect it to be around 40% more expensive.“
Forget AI capability and ethics debates, if you make your future life depend on it, you are nuts.
https://simonwillison.net/2026/Apr/20/claude-token-counts/#atom-everything
„Opus 4.7 uses the same pricing is Opus 4.6 - $5 per million input tokens and $25 per million output tokens - but this token inflation means we can expect it to be around 40% more expensive.“
Forget AI capability and ethics debates, if you make your future life depend on it, you are nuts.
https://simonwillison.net/2026/Apr/20/claude-token-counts/#atom-everything
Thinking about this #curl chart: „vulnerabilities in releases“
Every release starts at 0. When a vulnerability is found, it is added to all releases it has, undetected at the time, been present.
My contributions started 2022. Where will they end up at?
Otoh, why dwell on the past when such interesting times are ahead of us? Learning is for the machines now.😌
https://curl.se/dashboard1.html#vulnerabilities-in-releases
Every release starts at 0. When a vulnerability is found, it is added to all releases it has, undetected at the time, been present.
My contributions started 2022. Where will they end up at?
Otoh, why dwell on the past when such interesting times are ahead of us? Learning is for the machines now.😌
https://curl.se/dashboard1.html#vulnerabilities-in-releases
nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpq928etyy4vw0xlqh4ptccgln7snql63d0cn3u85nd3y6yhtnnylfs3d02n7 nostr:nprofile1qy2hwumn8ghj7un9d3shjtnyd968gmewwp6kyqpq7qes6mstpcsn6rg3w9fwnsau68sw9h9...
@nprofile1q... @nprofile1q... @nprofile1q... @nprofile1q...
The speed is enabled by skewing the economics. People can search for bugs using billions of investment at little cost.
Open Source has increased load due to this, but is not at risk. We do not guarantee any fitness for purpose.
Businesses, especially the ones not *always* running the latest version of software, are more exposed.
But we do not see an uptake of investment into project security from the commercial side.
The speed is enabled by skewing the economics. People can search for bugs using billions of investment at little cost.
Open Source has increased load due to this, but is not at risk. We do not guarantee any fitness for purpose.
Businesses, especially the ones not *always* running the latest version of software, are more exposed.
But we do not see an uptake of investment into project security from the commercial side.
AIs have been finding bugs and vulnerabilities in #curl for some time.
Is it work to fix those? Yes.
Has someone paid for this? Partially (wolfSSL and @nprofile1q...)
Are the AIs annoying? Yes, very.
Could humans find the same bugs? Yes, if they‘d somehow avoid being bored to death through it.
Was there something „heartbleed“ like? No.
Were there lots of C mistakes? No, logic bugs mostly.
Do AIs run out of steam? Yes. After a while a model stops finding things. Findings differ per model.
Is it work to fix those? Yes.
Has someone paid for this? Partially (wolfSSL and @nprofile1q...)
Are the AIs annoying? Yes, very.
Could humans find the same bugs? Yes, if they‘d somehow avoid being bored to death through it.
Was there something „heartbleed“ like? No.
Were there lots of C mistakes? No, logic bugs mostly.
Do AIs run out of steam? Yes. After a while a model stops finding things. Findings differ per model.
1
Do I need to watch the original Avatar movie to understand the sequels, or would FernGully cover it?
@nprofile1q... I watched the original, thus avoiding watching any sequels. 💁🏻♂️