> No one has ever made a purchasing decision based on how good your code is.
absolutely false.
> The general public does not care about anything other than the capabilities and limitations of your product.
also false.
People may not know that the reason they like your product is because the code is so good, but everyone likes software that is mostly free from bugs, performs extremely well, helps them do their work quickly, and is obviously created by people the care deeply about the quality of the product they produce (you know, the kind that acutally read bug reports, and fix problems quickly).
The longer your product exists the more important the quality of the code will be. This obsession so many have with "get it out the door in 5 seconds" is only going to continue the parade of garbage software that is slow as a dog, and uses gigabytes of memory to perform simple tasks.
You don't have to pick on camp over the other. In my opinion, if you want to make a good product for a user, you should also treat the code you produce for them as your craft. There is no substitute for high quality work.
You don't have to believe. If you have a 401k you will be an investor 15 days after launch.
The IPO will go great, because the company will float a fairly small issuance. The big shareholders will not immediately sell. They will hold on and maybe even buy to support the price.
Then, after 15 days, it will enter the indexes and everyone's 401k will start auto-buying this stock.
You might say this is an obvious flaw in how the indexes work if they start immediately accept a brand new IPOed stock with limited float. You'd be right, which is why they won't list for a year.
The headline seems pretty misleading. Here’s what seems to actually be going on:
> Every time you open LinkedIn in a Chrome-based browser, LinkedIn’s JavaScript executes a silent scan of your installed browser extensions. The scan probes for thousands of specific extensions by ID, collects the results, encrypts them, and transmits them to LinkedIn’s servers.
This does seem invasive. It also seems like what I’d expect to find in modern browser fingerprinting code. I’m not deeply familiar with what APIs are available for detecting extensions, but the fact that it scans for specific extensions sounds more like a product of an API limitation (i.e. no available getAllExtensions() or somesuch) vs. something inherently sinister (e.g. “they’re checking to see if you’re a Muslim”).
I’m certainly not endorsing it, do think it’s pretty problematic, and I’m glad it’s getting some visibility. But I do take some issue with the alarmist framing of what’s going on.
I’ve come to mostly expect this behavior from most websites that run advertising code and this is why I run ad blockers.
No, they didn't raise $122B as the HN title implies. A big chunk of that $122B is a "maybe" that depends on various things that need to happen in the future.
Oh, man... I can't wait to see where this is going. Might not be pretty after all.
Key point is that Claude did not find the bug it exploits. It was given the CVE writeup[1] and was asked to write a program that could exploit the bug.
That said, given how things are I wouldn't be surprised if you could let Claude or similar have a go at the source code of the kernel or core services, armed with some VMs for the try-fail iteration, and get it pumping out CVEs.
If not now, then surely not in a too distant future.
It's pretty wild that we live in a world where the actual FBI has recommended we use ad blockers to protect ourselves, and if everyone actually listened, much of the Internet (and economy) as we know it would disappear. The FBI is like "you should protect yourself from the way that the third largest company in the world does business", and the average person's response is "nah, that would take at least a couple of minutes of my time, I'll just go ahead and continue to suffer with invasive ads and make sure $GOOG keeps going up".
There are now several comments that (incorrectly?) interpret the undercover mode as only hiding internal information. Excerpts from the actual prompt[0]:
NEVER include in commit messages or PR descriptions:
- The phrase "Claude Code" or any mention that you are an AI
- Co-Authored-By lines or any other attribution
BAD (never write these):
- 1-shotted by claude-opus-4-6
- Generated with Claude Code
- Co-Authored-By: Claude Opus 4.6 <…>
This very much sounds like it does what it says on the tin, i.e. stays undercover and pretends to be a human. It's especially worrying that the prompt is explicitly written for contributions to public repositories.
At this point, nearly every online service should be considered hostile. If they can make a small amount of money by compromising your privacy or your identity, they will. If they can make a small amount of money by stealing your attention and addicting you, they will.
Are there exceptions? I'm sure. Will I be erring sometimes by being cautious? Definitely. But, there is really not much of an alternative these days.
I find most developers fall into one of two camps:
1. You treat your code as a means to an end to make a product for a user.
2. You treat the code itself as your craft, with the product being a vector for your craft.
The people who typically have the most negative things to say about AI fall into camp #2 where AI is automating a large part of what they considered their art while enabling people in group #1 to iterate on their product faster.
Personally, I fall into the first camp.
No one has ever made a purchasing decision based on how good your code is.
The general public does not care about anything other than the capabilities and limitations of your product. Sure, if you vibe code a massive bug into your product then that'll manifest as an outcome that impacts the user negatively.
With that said, I do have respect for people in the latter camp. But they're generally best fit for projects where that level of craftsmanship is actually useful (think: mission critical software, libraries us other devs depend on, etc).
I just feel like it's hard to talk about this stuff if we're not clear on which types of projects we're talking about.
> You don't have to pick on camp over the other. In my opinion, if you want to make a good product for a user, you should also treat the code you produce for them as your craft. There is no substitute for high quality work.
Exactly, thank you for putting it like that.
So far it’s been my observation that it’s only the people who think like the OP who put the situation in the terms they did. It’s a false dichotomy which has become a talking point. By framing it as “there are two camps, it’s just different, none of them is better”, it lends legitimacy to their position.
For an exaggerated, non-comparable example meant only to illustrate the power of such framing devices, one could say: “there are people who think guns should be regulated, and there are people who like freedom”. It puts the matter into an either/or situation. It’s a strategy to frame the conversation on one’s terms.
I cringe every time I see Claude trying to co-author a commit. The git history is expected to track accountability and ownership, not your Bill of Tools. Should I also co-author my PRs with my linter, intellisense and IDE?
A 500k line codebase for an agent CLI proves one thing: making a probabilistic LLM behave deterministically is a massive state-management nightmare. Right now, they're great for prompting simple sites/platforms but they break at large enterprise repos.
If you don't have a rigid, external state machine governing the workflow, you have to brute-force reliability. That codebase bloat is likely 90% defensive programming; frustration regexes, context sanitizers, tool-retry loops, and state rollbacks just to stop the agent from drifting or silently breaking things.
The visual map is great, but from an architectural perspective, we're still herding cats with massive code volume instead of actually governing the agents at the system level.
Improving developer skills is not valuable to your company. They don't tell a customer how many person-hours of engineering talent improvement their contract is responsible for. They just want a solved problem. Some companies comprehend how short-sighted this is and invest in professional development in one way or another. They want better engineers so that their operations run better. It's an investment and arguably a smart one.
Adoption of AI at a FOMO corporate pace doesn't seem to include this consideration. They largely want your skills to atrophy as you instead beep boop the AI machine to do the job (arguably) faster. I think they're wrong and silly and any time they try to justify it, the words don't reconcile into a rational series of statements. But they're the boss and they can do the thing if they want to. At work I either do what they want in exchange for money or I say no thank you and walk away.
Which led me to the conclusion I'm currently at: I think I'm mostly just mourning the fact that I got to do my hobby as a career for the past 15 years, but that’s ending. I can still code at home.
I really wish more people were aware of this. It's a major scandal and definitely not being talked enough about.
Nevermind SpaceX, which at least have some importance for US defense industry, but xAI ? We will be investing in Elon's private venture, at the price that he himself set and which is at least 2 orders of magnitude too high...
A big mistake here was simply underestimating the scale of Iran. Iran has 90,000,000 people. More than 2x Ukraine. More than 2x Germany. More than 2x Iraq. More than any country in Europe. About 2/3 of Russia. Expecting to win a war on the cheap was a fantasy. Especially since Iran has been fighting Israel for years.
On the naval front, Ukraine sunk the Moskva with a few truck-mounted missiles.
That finally made it undeniable that sending naval vessels anywhere near a hostile shore is a thing of the past. Countermeasures can take out some attacking missiles, but not all of them.
This is a real problem for the U.S. Navy, because they've invested heavily in craft intended to operate near hostile shores. Littoral combat ships and amphibious assault ships are intended to operate offshore of trouble spots. This worked a lot better when the trouble spots couldn't do much to them.
The size of Iran means that knocking out drone and missile production for long won't work. Russia has been trying to do that to Ukraine for years now. Ukraine produced 4 million drones last year, and production continues to increase. Ukraine even exports drones now. Saudi Arabia, Kuwait, and the UAE have been making deals with Ukraine for air defense systems. Iran exports drones to Russia.
Mass-produced drones today are a simple airframe, a lawnmower engine, and the smarts of a cell phone.
Ukraine has people making them in basements. Presumably, so does Iran.
The US can't just pull out, either. The enemy gets a vote on when it's over. Israel, Iran, and Yemen now all have to agree. Probably the best deal the US can get at this point is a cease fire with Iran collecting tolls on the Strait of Hormuz.
Worst outcome is the US attacks Cuba, Cuba allies with Iran, it turns out that Cuba has been stocking up on Iranian drones, and Cuba becomes a forward base for drone and missile attacks on the southern US.
It is very disconcerting to see so many completely disregarding incredible technological innovation because other problems exist, especially on HN.
If we were not allowed to progress technology until everybody is 100% free of suffering, we'd never be able to create technological that may potentially lead to the alleviation of suffering. It all feels very crabs in a bucket - "I don't feel happy so nobody else should, and nothing should happen unless it is things that directly, immediately do things I want and solve problems I care about."
Regardless of whether this particular mission is perfectly planned, this is precisely the kind of thing that will help humanity outgrow the dark age of war, inequality and climate mismanagement.
It is a noble endeavor - science, engineering and peaceful exploration hold the keys to our survival and prosperity.
It is also important psychologically to our survival - a reminder there is a bigger pie, that we can solve hard problems, that progress can be made, that competence and education counts, as does courage, and that we can work together for a common cause.
This is the best of America, and for a while we can be proud of the human race.
It is a bit chilling to watch these astronaut profiles having just read yesterday about the heat shield issues observed on the prior mission, and that this will be the first time we can test the heat shield in the actual pressures and temperatures that it will have to endure.
> The scan doesn’t just look for LinkedIn-related tools. It identifies whether you use an Islamic content filter (PordaAI — “Blur Haram objects, real-time AI for Islamic values”), whether you’ve installed an anti-Zionist political tagger (Anti-Zionist Tag), or a tool designed for neurodivergent users (simplify).
I will be watching the launch from Europe, so it will be not earlier than half past midnight for us. My kids (9 and 10) are sleeping on the couch in front of the projection screen, so that they do not even have to get up when I wake them up at midnight, which I promised.
Just wanted to add my grain of positivity here. Godspeed Artemis 2!
I cannot bring myself to care about distillation, when these companies have built their empires on top of everyone else's stolen data, while at the same time telling the world they're out to replace us all.
After that, the exciting work will be in Starship making LEO and testing propellant transfer (a humanity first) [1] and Blue Origin testing its rocket and lunar lander [2], both scheduled for 2026, to enable Artemis II (EDIT: III), currently scheduled—optimistically, in my opinion—for next year.
How is probing your browser for installed extensions not "scanning your computer"?
Calling the title misleading because they didn't breach the browser sandbox is wrong when this is clearly a scenario most people didn't think was possible. Chrome added extensionId randomization with the change to V3, so it's clearly not an intended scenario.
> vs. something inherently sinister (e.g. “they’re checking to see if you’re a Muslim”)
They chose to put that particular extension in their target list, how is it not sinister? If the list had only extensions to affect LinkedIn page directly (a good chunk seem to be LinkedIn productivity tools) they would have some plausible deniability, but that's not the case. You're just "nothing ever happens"ing this.
If Cloudflare really have radically changed their software development philosophy lately, this would actually be an interesting project, being based on Astro and coming with some APIs for programmatic management.
Them being so happy about the „cost of software development“ and not going very deep into ecosystem, community or project management doesn’t convince me that this is going to be a worthwhile project, even if, unlike their previous vibe coding demos, this one actually works.
I don't think it's the code that makes WordPress valuable. I've been learning WordPress recently and haven't been too impressed with the internals. WordPress is valuable because of the ecosystem and support. I have no doubt that WordPress will still be a thing in ten years. What's the support plan for EmDash? I see commits are mostly from a single developer.
E: Oh, I think it's an April fools joke, I'm embarrassed.
It is so rich hearing that America can attack anybody, but godforbid an attack on the "homeland" is an unforgivable act that will invoke nukes immediately.
absolutely false.
> The general public does not care about anything other than the capabilities and limitations of your product.
also false.
People may not know that the reason they like your product is because the code is so good, but everyone likes software that is mostly free from bugs, performs extremely well, helps them do their work quickly, and is obviously created by people the care deeply about the quality of the product they produce (you know, the kind that acutally read bug reports, and fix problems quickly).
The longer your product exists the more important the quality of the code will be. This obsession so many have with "get it out the door in 5 seconds" is only going to continue the parade of garbage software that is slow as a dog, and uses gigabytes of memory to perform simple tasks.
You don't have to pick on camp over the other. In my opinion, if you want to make a good product for a user, you should also treat the code you produce for them as your craft. There is no substitute for high quality work.