That page says that the affected versions are ">=0". Does that seem right? That page also says:
> Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
No. A now unavailable version, `debug@4.4.2` was unpublished by npm, which is the only vulnerable version in question.
Edit: However, I think the reason the security advisory marks the entire package at the moment, is because there is no mechanism in npm to notify users a version with an exploit is currently installed. `npm audit` looks at the versions configured, not installed.
The security advisory triggering this warning forces everyone to reinstall packages today, in case 4.4.2 was installed.
I agree 100% with you. The author starts the essay with the very technique that he uses later on the essay: frame the conversation in his terms (that LLMs are _not_ inevitable), and then once that's done, anyone who disagrees can be dismissed.
The irony is that he's doing it, just in the opposite direction of those he disagrees with.
Some things _are_ economically inevitable, and it's wishful thinking to ignore them. For example, it is inevitable that solar will be the primary form of electricity generation in the coming decades (and I am thankful that this is the case). For those that were watching closely, this was clear several years ago, and it is even more clear today.
People whose fortunes are built on the fossil fuel industry might wish it were otherwise, and they might dismiss "solar inevitabilists" with the same technique as the author. But those people would be wrong.
If someone says that something is inevitable, they could be wrong. But they could also be right.
A little context: this dive into Fortran is part of the excellent work George has been doing on WebR, to get R running in the browser. The R sources contain a fair bit of Fortran code, and I believe WebR originally used f2c to compile the Fortran to C first, before compiling that to wasm.
With the patches to LLVM Flang, WebR can be built with a real Fortran compiler.
I think George didn't want to say it directly in the blog post, but he has said that he's hoping that Flang would take his patches or implement better ones. That would be a win-win -- these patches wouldn't need to be maintained separately, and since unmodified Flang would be able to compile to wasm, it would benefit other projects out there that use Fortran.
Pull requests are always welcome (https://github.com/llvm/llvm-project), and one can contact the general LLVM Fortran development community (https://discourse.llvm.org/c/subprojects/flang/33) for help. I am focused on things needed to complete development for Nvidia's Fortran product and don't have any time left for things like this, myself.
Now that the poll is leaning toward "yes", Elon is adding conditions, namely, you have to invest your life savings. Lex Fridman volunteered to do it for free, and Elon replied:
> One catch: you have to invest your life savings in Twitter and it has been in the fast lane to bankruptcy since May.
Lex‘s subreddit (where he is a mod) is also famous for removing any posts that don’t enthusiastically agree with Lex. A lot of confused Lex fans are surprised to find themselves banned from his subreddit after making the mistake of questioning something he said.
Podcast skills aside, this is not a guy with a track record of healthy social media engagement or moderation.
I have no doubt he’d end up as a puppet for Musk’s whims. Perhaps a great fall guy if Musk wants to blend into the background without actually ceding control.
That looks to be the plan. Whoever takes this job at this point is setting themselves up for failure. Anybody smart enough to run Twitter will pass and anybody stupid enough to try will end up being blamed even though there isn't a thing they could do about it at this point.
I'm open to being surprised.
Plan 'C':
Musk eats his loss, re-IPO's twitter at 10 cts on the dollar, prays the investors will cut him a deal and the new owners will do what they can to salvage the wreck. That would probably still be a dicey proposition. The cat is out of the bag now, Mastodon and a couple of others are now suffering growth pains for the first time in a long time and the most active users are all wondering if they should bail or have already done so.
It's the biggest self-own in the history of tech. But hopefully it will result in centralized social media becoming a thing of the past. That at least would be one positive thing to come out of this.
That's what he says but then in his interview he just praises the person and then plays softball of same old questions like meaning of life, is universe simulation, what will AGI do etc. Few minutes in his interview of Kanya West was the only moment I recall he tried to diverge from this modus operandy.
That guy hasn't asked a hard question in his life. He has guests spew obvious nonsense and then responds with IKR before lobbing his next softball. He would be a yes man to the people who report to him.
In all fairness, that's the whole point of the block feature - to avoid interaction with people you don't want to interact.
I'm definitely off an opinion that people should block and mute as much as possible to sanitize their social media exchanges. After all, how often do people turn around on strangers that were worthy of a block?
People who wants to create their bubble chamber shouldn’t be in open social networks, IMO. Sure, you can say that it’s personal preference. Block feature is like a knife and should be used responsibly when someone has malintent and harassment. It should not be used to suppress opposing argument in respectful debates. To add insult to injury, Lex continues to deceive the public that he is all about loving everyone and respects all sides of arguments. At least, this behavior is damaging if a person is influencer and can impact public policies. It definitely isn’t acceptable behavior from future Twitter CEO.
I disagree, nobody is entitled to my time. I think exercising control over your social interaction is really the only way to stay healthy. If you plug into the matrix and just consume everything thrown at you, you'll surely be overwhelmed as attacks are ifninitely cheaper than rebutals.
I think CEO that understand the importance of social sanitization would be a good thing.
He has blocked almost everyone. He has blocked extremely well respected researchers and academics at top institutes who don't even follow him or even haven't tweeted at him just because he disagrees with his views. He once blocked someone for praising danish pastry.
My prediction is that once the poll finishes with Yes winning, he’ll say that he cannot find a replacement so the only option is for him to shut Twitter down, but of course, it must be polled, so he will do a poll asking if he should shut Twitter down and when No wins, he’ll say “guess I’ve got to stay!”.
The thing is this didn't have to be his bomb to hold in the first place. He made what appeared to be an impulsive decision to offer an overpriced acquisition deal and waived due diligence leading him trapped in a position he couldn't back out of without consequences.
That looks fantastic. It also looks like you also have Pyright running in the browser. Is that right? I thought Pyright only supported running on NodeJS.
It appears to be the Zero-Clause BSD, but for some reason, it says Microsoft holds the copyright. Could original author must have used something with the same license to write Wordle? If it isn't a free license and I am misinterpreting the code, I would be happy to take my version down.
I just want to say that I really enjoyed reading this article. It's among the clearest, most accessible writing about a technical subject that I've encountered in a while.
On human scales, the time dimension is much "bigger" than the space dimensions...
This is really interesting, and it made me wonder how to convert between space and time. I mean, one meter up is equivalent in magnitude to one meter forward, is equivalent to one meter to the right. Is _c_ the conversion between space and time? In other words, is 300 million meters equivalent in magnitude to one second of time?
It is bigger only because you travel slowly in the spacial dimensions. You always travel thorugh spacetime with a constant speed (the speed of light). What happens is that you're usually going with 460 m/s (as Earth revolves around the Sun) and this is not really comparable to your `t` speed in the x/y/z/t coordinate system. So when you are still your speed is something like 230/230/0/299.791.998.
That page says that the affected versions are ">=0". Does that seem right? That page also says:
> Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated immediately from a different computer. The package should be removed, but as full control of the computer may have been given to an outside entity, there is no guarantee that removing the package will remove all malicious software resulting from installing it.
Is this information accurate?