More

OvervCW · 2026-06-10T10:53:35 1781088815

One does not need to be able to create it themselves to evaluate if the output is correct. Consider for example that you can easily determine if a meal tastes delicious without being an expert chef, or the fact that NP problems are very difficult to solve but make for easily verifiable solutions.

OvervCW · 2026-06-09T09:49:42 1780998582

You can use ONNXRuntime with a TensorRT backend, so one does not exclude the other.

OvervCW · 2026-06-08T13:12:02 1780924322

What exactly is the opposite side? Is it actively managing a portfolio? Because most people don't have the time to do that.

OvervCW · 2026-06-02T13:12:40 1780405960

Are we reading the same reddit thread? It looks like most of the people in the comments are against the decision.

OvervCW · 2026-05-20T08:59:02 1779267542

Useless because you can use a camera to take a photo of a synthetic image.

OvervCW · 2026-05-19T08:43:06 1779180186

I actually thought it was a joke comment, but I'm worried now that it's not the case.

OvervCW · 2026-05-01T13:00:25 1777640425

You cannot deny that telling the entire world about this vulnerability before it is patched won't cause a lot of abuse that would not have happened otherwise.

marshray · 2026-05-01T21:59:33 1777672773

AFAICT it was a Linux kernel maintainer who first "told the entire world about the vulnerability" on 2026-03-31: https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryp...

The CVE was officially announced on 2026-04-22: https://lore.kernel.org/linux-cve-announce/2026042214-CVE-20...

Theori were simply the last team to publicly disclose the vulnerability on 2026-04-29, 37 days after reporting it to the vendor. They were simply more effective at communicating it, and they told you that you were vulnerable. That's why you're mad at them instead of the people who put the bug there in the first place, didn't bring its severity to your attention, and silently sat on the patch.

kasey_junk · 2026-05-01T13:43:21 1777643001

I do deny that, mostly because we’ve entered the time of automated vulnerability detection and abuse. A human need not be in the loop at all anymore.

But, even if I agreed with you, how do you propose they tell the patchers this that doesn’t tell the whole world?

akerl_ · 2026-05-01T13:32:23 1777642343

Why not?

OvervCW · 2026-04-30T09:11:40 1777540300

Any program on your computer can just run "sudo" to escalate itself.

hk__2 · 2026-04-30T13:57:14 1777557434

The problem is not the passwordless sudo but running untrusted programs on your computer under your user. They don’t need sudo to steal your SSH keys or inject malicious code in your .bashrc.

OvervCW · 2026-03-11T16:43:54 1773247434

That's exactly what I set out to do with my pet project :)

https://github.com/Overv/outrun

OvervCW · 2026-03-11T16:36:46 1773247006

Yes, world class in causing human suffering.

https://www.youtube.com/watch?v=Q7pgDmR-pWg