> But far from demanding more electricity personal computers have become more efficient with laptops mostly replacing large standalone boxes, and software improvements reducing waste.

If only it was true, I reckon we’re using multiple-orders of magnitude more computational per $ of business objectives simply because of the crazy abstractions. For example, I know of multiple small HFT firms that are crypto market makers with their trading bots in Python. Many banks in my country have excel macros on top of SQL extensions on top of COBOL. We’ve not reduced waste in software but rather quite the opposite.

I don’t think this is super relevant to the articles point but I think it’s an under discussed topic.

Excel has already added a =COPILOT() function. Imagine the waste of all those formulas that probably amount to some basic mathematical formula that could be run on a 386.

> We’ve not reduced waste in software but rather quite the opposite.

Indeed. But that is because we optimized (and are still optimizing) for speed of development, not much else.

It’s quite upsetting that if you want a modern car so that you utilise the newest advances in safety, you have to consent to constant tracking, enshitification, subscription services, etc. It would be really cool if you could get something like a ‘67 impala that doesn’t make ‘67 emissions and has actual seatbelts and airbags…

It's really a regulatory problem, where I live my 2025 toyota has a big display saying "the car is unable to send or receive any data if you don't press press accept", pressing decline gives the car that out of cell range symbol. Doesen't prevent targeted surveillance nor mass government surveillance, but those are more about regulations too.

Recent Toyotas can have the DCM physically bypassed fairly easily by unplugging it and/or unplugging a fuse. You lose the front passenger speaker and bluetooth microphone, but those can be re-enabled with a bypass cable or manually jumpering them and putting in an 8v supply IC for the mic.

$0 in rewards for RCE on the Windows build servers is crazy. I understand he didn’t find an actual zero-day, only a configuration issue, but still. Imagine the global havoc you can cause if you can pollute the build environment with backdoored DLLs…

I was a windows build engineer at Microsoft. I am unfamiliar with this specific UI for managing build tools (I think it may have been added after I left), however I would be surprised if it was actually RCE-capable.

I notice that it requires the tool to be pulled from NuGet. While it looks like you could enter any package and NuGet source, I would be very surprised if there wasn’t a locked down whitelist of allowed sources (limited to internal Microsoft NuGet feeds).

Locking down NuGet packages was one of the primary things we (the Windows Engineering System team) were heavily focusing on when I left years ago. We were explicitly prevented from using public NuGet packages at all. We had to repackage them and upload them to the internal source to be used.

I’m ashamed to admit we have a discord channel for each project and we dump secrets there with access control to the channels based on who works on the project.

It’s peak startup opsec.

tbh, that's one reason I asked this question ;)

The README itself is also very much in the style of ChatGPT. It loves the to overuse rhetorical questions.

What I find most interesting is that it apparently didn’t trigger their content filters which, at least previously, were also blocking piracy stuff.

I’m confused.. effective ad blocking is now “piracy?”

I thought TiVo settled that argument long ago.

Edit; maybe not TiVo leading the disruption here: https://modern-counsel.com/2016/tivo/

>you, the person reading this, are not entitled to free 24/7 cloud-streamed music on demand.

I took it anyway. I have a few terabytes of flac that I stream through Plex when I feel like it. I dare anyone to stop me. Pay hard drive manufacturers, not IP companies.

Neither is Spotify owed anything from you. They aren't owed money, unless you agreed to pay them money (actually agreed, not clickwrap). They aren't owed ad views, because clickwrap agreements to watch ads generally don't actually have any legal force. And if they think they do, let them sue you and find out. You don't owe them advance compliance according to what would benefit them the most, but they benefit greatly from you thinking you do.

This applies to a lot of things, not Spotify in particular.

> Kernel level packet filtering to avoid Spotify ads is about the same level of mental gymnastics as the GPT-generated “we’re not pirates” argument in their README.

This jumble of sentences stuck out to me as logically incoherent, but not necessarily LLM-generated. I guess I need to update my mental model a bit to account for more things being being LLM-generated.

Taken straight from the new regulation: “Providers of internet search engine services are not required to implement age assurance measures for end-users who are not account holders.”

How can you argue any of this is NOT in the interest of centralised surveillance and advertising identities for ADULTS when there’s such an easy way to bypass the regulation if you’re a child?

Is there a write up on how you deal with the captchas?

I was also interested in this and couldn't find more information in the docs, even in the deep dive [1].

However, I did find this for their CF Turnstile bypass [2]:

    async def _bypass_cloudflare(
        self,
        event: dict,
        custom_selector: Optional[tuple[By, str]] = None,
        time_before_click: int = 2,
        time_to_wait_captcha: int = 5,
    ):
        """Attempt to bypass Cloudflare Turnstile captcha when detected."""
        try:
            selector = custom_selector or (By.CLASS_NAME, 'cf-turnstile')
            element = await self.find_or_wait_element(
                *selector, timeout=time_to_wait_captcha, raise_exc=False
            )
            element = cast(WebElement, element)
            if element:
                # adjust the external div size to shadow root width (usually 300px)
                await self.execute_script('argument.style="width: 300px"', element)
                await asyncio.sleep(time_before_click)
                await element.click()
        except Exception as exc:
            logger.error(f'Error in cloudflare bypass: {exc}')

[1] https://autoscrape-labs.github.io/pydoll/deep-dive/

[2] https://github.com/autoscrape-labs/pydoll/blob/5fd638d68dd66...

you can check the official documentation, there's a section 'Deep Dive'

great job on zod. it’s an incredible library. also really excited about the locale errors. finally I can push the zod errors directly to the frontend. would love to take responsibility for the BG locale.

at the very least that article was definitely edited with ChatGPT. i had someone on my team write “edgy” copy with ChatGPT last week and it sounded exactly the same. short paragraphs and overuse of bullet points are also a dead giveaway. i don’t think it’s super noticeable if you don’t use ChatGPT a lot but for the people that use these systems daily, it’s still very easy to spot.

my suggestion to OP: this was interesting material, ChatGPT made it had to read. use your own words to explain it. most people interested in this deeply technical content would rather read your prompt than the output.

As someone who overused bullet points before it was AI-cool and doesn’t write with the assistance of AI (not due to a general anti-AI belief, I just like writing by hand) I have also started getting that feedback a lot lately.

Who knows, maybe someone accidentally over-weighted my writing by a factor of a trillion in ChatGPT’s training set?