tehfishman

@[email protected]
12 Followers
75 Following
833 Posts
"professional" peanut gallery for security stuff
tehfishman17h ago
graste22h ago

"How many products does Microsoft have named 'Copilot'? I mapped every one."
https://teybannerman.github.io/strategy/2026/03/31/how-many-microsoft-copilot-are-there.html

"A few weeks ago, I tried to explain to someone what Microsoft Copilot is. I couldn’t… because the name ‘Copilot’ now refers to at least 75 different things."

tehfishman17h ago
nashMar 5
you ever write code so inefficient they have to update the whole power grid
tehfishman17h ago
Colin2d ago

RE: https://labyrinth.social/@nash/116178591588359360

you ever write code so inefficient you have to secure 80% of the world’s DRAM production

tehfishman1d ago
Show threadTaggart1d ago

@ai6yr Yeah I've had Copilot give me my own Rust code for Windows exploits.

@bob_zim @fhekland @cwebber

tehfishman1d ago
Show threadAI6YR Ben1d ago
@bob_zim @mttaggart @fhekland @cwebber Just like with written text on a very obscure subject, the LLMs are liable to spit out the ONLY source for a very specific, narrow technical problem. I have played with this on ChatGPT and the number of times you end up with a mishmash of the two public examples of "how to code X" (which doesn't run) is extremely high, with the same variable names and the same commenting and all. The risk of 100% regurgitation (IMHO) is very high for things that have only been coded and exposed to the world once or twice in the corpus.
tehfishman1d ago
Show threadZimmie1d ago

@mttaggart @fhekland @cwebber This is accurate, yes. Illicitly acquired code works the same way: you don’t hold the copyright, so you don’t have the ability to license it to others.

There is an open question of what happens when the LLM emits a verbatim chunk of code against that code’s license terms. For example, if you told an LLM to implement ZFS’ spa_activate, it’s extremely likely to emit verbatim chunks of CDDL code without the attribution required by the license. A tool can’t be liable for the infringement, but does the liability rest with the company which included CDDL code in the training corpus, or does it rest with the user who didn’t verify that the output doesn’t infringe preexisting copyright?

tehfishman4d ago
KDE4d ago

It's Trans Day of Visibility everybody! We cannot even begin to stress how important our trans contributors are in pushing KDE's project forward.

Thanks 🏳️‍⚧️folks!

#transgenderdayofvisibility #TDOV

tehfishman4d ago
Show threadjonny (good kind)4d ago

from @sushee over here, (can't attach images in quotes) and apparently discussed on HN so i'm late, but...

They REALLY ARE using REGEX to detect if a prompt is negative emotion. dogs you are LITERALLY RIDING ON A LANGUAGE MODEL what are you even DOING

tehfishman4d ago
Mjack4d ago
Googled my symptoms and it turns out I’m just sober.
tehfishman5d ago
Show threadTaggart5d ago

I really appreciate all the replies and support on this one. It was hard to write. I do want to call out two points that aren't being discussed, and that I felt pretty strongly about:

  • Open source is in trouble, and maintainers need help. Generative code is the help that showed up. What is the expectation here?
  • "The tool requires expertise to validate, but its use diminishes expertise and stunts its growth." What does "responsible use" look like that prevents this obvious and pervasive harm?