Oh no, not sure I will be able to handle this Scaleway price increase.

Stardust instances are fun. They would be "free" if you didn't need a IPv4

https://www.scaleway.com/en/blog/a-transparent-update-on-scaleway-pricing/

Clearing up my tabs I found this, it's a wild ride, but worth a read about what people will do to abuse free tiers.

https://blog.mulerun.com/p/ai-immortality-postmortem/

So it's time again for the yearly https://noscript.it/ advertisement (because I renewed it again).

tl.dr. it's a noscript (no javascript) proxy/iframe which allows you to share js-free links with your friends

To celebrate, I had claude clean up the code and do some QoL improvements.

Save megabytes of data for free, and see 100% less ads and get 99.9% less tracking (I do use goatcounter to count the number of visitors but there is no profiling...)

Also updated the "Show me" links to include how much less crap you get when using the JS-less version.

I know the no-js train mostly sailed, but I just don't want to give up on it. Downloading and running code from someone else just to view a website is insecure, and inefficient, except if it's an actuall web app. Or actually same there but slightly less insecure than downloading code and running it on your machine as the browser sandboxes are decent nowadays.

Interesting, Microsoft has (started?) putting up a warning on repos that host exploit code.
From the description it sounds like the code itself would be malicious but afaik this is "just" a PoC.

The interesting part is to see if they start doing this everywhere or just when it's windows exploits that make them look silly :-)

it's a interesting world we live in where the rewrite-in-rust army has now gotten nuclear weapons in the form of LLM's, and they are not afraid to use them :-D

The backstory for why I started thinking about this is that CIRCL.lu runs this vulnerability-lookup project, which is great. But I had some ideas how to improve the notification emails so I wanted to look into what it would need to self-host in order to customise it for my use.

But I got distracted by this, I rewrote it in rust, issue.

Someone just had a LLM reimplement everything in rust, I think in order to reduce the system requirements for running the project.

I mean, I'm very divided. I love efficient computing. I am not going to (want to) self-host vulnerability-lookup if it needs 7 different services and 16 GiBs of RAM. So a efficient rust implementation would be interesting.

But after looking at the code, I am not sure this is the right approach. I told codex to look at it before deploying it and there are so much unnecessary stuff in there. Is it slop? I don't know, I guess that depends if someone keeps maintaining and improving it for more than a month.

Just because you can does not mean you should.

Would it have been better to take those tokens and spend it on improving the slow or resource intensive parts of the original project?