Why ask whether china is eroding the lead; rather than whether the incumbents are maintaining it?

Maybe my faith is weak and if I were huffing the dumb money I'd understand; but it looks awfully like our boisterous little hypebeasts promised that, this time, unlike all the other times in 'AI' we could totally brute force our way to the AGI Omnissiah; briefly tried copium in the form of hoping that competitors would be intimidated by their capex(because there's basically a generation of VCs who think that failure to reach monopoly is indistinguishable from losing); and finally proceeded to speedrun commodification because it turns out that nobody actually had any plan for what would happen if this alley started looking visually impaired even after we plundered the entire internet to feed it.

I realize that it's more fun to focus on what the sinister chinese are doing than what our glorious golden boys are not doing; but let's do the latter anyway; especially since this is one area where you can't just please chinese factory slaves as an inherent price advantage. The guys mechanical-turking out 'training'/'classification' tasks will all go wherever to scrape up the cheapest labor available, then stiff them on promised payments; and (while the process is pretty porous) being not-china is definitely still the best way to get access to premium TSMC processes; and at least not-worse for most of the rest of the most interesting ones.

Either LLMs are fundamentally a technology where being the first mover is a dumb idea; or the 'leaders' are actively fucking it; because, unlike some of the cases involving rare earths mining or finding fast fashion sweatshop sites, this was theirs to lose.

I assume that there's a research OS somewhere that has discovered that this is much harder than it looks for anything nontrivial; quite possibly even worse than the problem that it is intended to cure; but looking at the increasingly elaborate constructs used when sudo is intended to be a granular delegation makes me wonder if the correct approach lies down the path of better permissions rather than ad-hoc lockdown logic.

There are some cases(eg. password-change or login tools often both reflect granularity limits in credential storage; and make reads or edits on your behalf to parts of files that you wouldn't be allowed to touch directly; but also do things like enforce complexity or age requirements that would require a really expansive view of 'permissions' to encompass) where the delegate program is handling nontrivial delegation logic on its own; but in a lot of instances it's hard to escape the impression that you are basically bodging on 'roles' that can't be or aren't normally expressed in object and device permissions by building carefully selectively broken tools.

I obviously don't blame sudo for that; its scope is letting you run a particular thing as someone else if the sudoers file allows it; but a lot of sudoers files might as well just say "there are no roles on this system between 'useless' and 'apocalyptic'"; and that feels like a permissions design problem.

Of note; probably not one to try to NT yourself out of; I'm not sure that you can build a sufficiently expressive set of permissions on classic UNIX style ones; but I've yet to see an NT-derived system that didn't boil down to 'admin-which-can-be-SYSTEM-at-a-whim'/'little people' regardless of the wacky NT ACL tricks you can get up to.

I'm curious if it's a case of the alternatives being tried and largely found to be worse; or if (along with a number of other OS design/architecture fights) the whole thing has mostly been pushed out of mainstream relevance by the degree to which you can just pretend everything inside a worker VM is basically at a homogeneous privilege level if you don't want to deal with it.

LLM crawlers are understandable these days, but who on earth is actively trying to take the FSF down?

A bunch of heathen VIM users trying to stop people from accessing EMACS? What the heck?

Let's say you actually managed to take down the FSF website. Who would even notice or care? How would that help your hacker rep in any way? You'd be a laughingstock for making the attempt.

It's like visual coding or RAD all over again. Whenever suits and PHBs are told there's a magic wand that'll allow them to do without paying people for the nitty-gritty bits, they get all excited and convince each other in their echo chamber that their dream of a company of all managers and no workers is just around the corner.

Then reality says "hi", the hype dies down, a few scam artists got rich and the world continues as it was, with a couple new cool tools in the toolbox of those who know how to use them correctly - which is generally the same people that were supposedly being replaced.

That's how I see AI. I've been writing software for the better part of 40 years. What I see from AI is sometimes astonishing and sometimes pathetic. I would never, ever, ever put AI generated code into production software without carefull checking and refactoring, and I would fire anyone who does.

Code completion is mostly in the "astonishing" part. If I write a couple lines of near-identical stuff, like assigning values from an input to a structured format for processing, the AI most of the time gets right the next line I want to write. Anything more complex than that is hit-and-miss.

Mostly, I use AI the way I would use an intern. "Can you look up how to use this function correctly? What are the parameters and their defaults?" or "Write me some code that's tedious to write (like lots of transformation operations) but not rocket science by far.
Essentially, it does faster and a little bit better what previously I'd have done with Google and Stackoverflow.

I have no fear it'll replace developers anytime soon. Half of the time the code is outright wrong, most of the time it has glaring security issues or isn't half as fault-tolerant as it should be, and for any case where I know how to do it without any research, I'd be faster writing the code myself then going through several iterations with an AI to get it done.

I can't comment on where sudo itself lives on the spectrum from aggressively solid implementation to really-dodgy-smell-around-the-edges; but it seems like its purpose is a fundamentally tricky problem even if its execution were impeccable.

The basic "user is authorized for root; but we'd prefer he be thinking and logged when he uses that authorization" is reasonably cogent use case; but it's more of a reminder than a security barrier. Then you get into the actually-interesting attempts at limited delegation and determine that you'd basically need a different userland for a lot of purposes: aside from the modest number of things(often with setuid already in place) built specifically to carefully do a very particular delegated function on your behalf and provide you with nothing else if they can help it; very little aside from garbage kiosk UIs or web or database-backed applications with user and permission structures mostly orthogonal to those of the underlying OS actually tries to constrain the user's use of the application(within whatever context that user is operating; generally having a privilege escalation is considered bad).

Half of what you run considers having an embedded shell to be a design feature; so including any of that on the sudoers list essentially means being able to chain arbitrary commands from that sudoers entry; and the other half doesn't outright intend to include a shell but would require some really brutal pruning, likely of important features, to prevent being able to chain a couple of interactions into having the ability to run whatever. And that is assuming that sudo itself is working entirely correctly.

And it's a meta-analysis paper, according to the description, and they described the correlation as somewhat questionable. I automatically assume that meta-analysis papers are going to be weak.

So not all of the original studies adjusted for income.

So basically, it sounds like nowhere near all studies adjusted for income, and they think they took that into account, but because this is a meta-analysis, there's a certain degree of garbage-in-garbage-out involved. The only way to really be sure is to exclude studies that don't adjust for everything you care about.

Also, because this is a meta-analysis, the papers you exclude are also kind of important.

I'm not sure why "not outcome of interest" excluded both 45 and 54 papers, but that sort of discrepancy raises some red flags, particularly when there are only 16 included studies.

But the real red flag for me is the confidence interval. If I'm understanding this correctly, without compensating for heterogeneity, the effect on colorectal cancer and heart disease are statistically indistinguishable from zero. This intuitively feels like the sort of study where after a few more studies, you'll see regression to the mean.

And type 2 diabetes tends to be strongly correlated with obesity, and there's no mention of the original studies having adjusted for that. If obese people are more likely to eat processed meat because of it being a quick way to get the calories that they need, then it is also possible that the correlation with type 2 diabetes is entirely spurious.

I'm not seeing a whole lot of actual evidence to go from "we combined a bunch of studies with weak-to-zero correlation and got weak-to-zero correlation" to "eating processed meat likely causes an increase in these conditions".

Most people who aren't at or near the poverty line don't eat a hot dog daily. That's what people eat who can't cook and can't afford take-out food. So yeah, chances are, this correlation would go away if you adjust for other risk factors like poverty.

But I'm not willing to spend $33 just to confirm that. Nothing is more useless than medical journal articles that are locked behind a paywall.

Citation needed.

I always look to people with degrees in 'community development' to tell me whether there are enough spooks in my computer science or not; it's just good sense.

If it's dissociality and/or disinhibition without an LLM fetish it's just an ICD-11 personality disorder.

Saying that, much less in public in a way that suggests you either think that it will be helpful or that people will view you as being helpful, seems like strong evidence of an AICD-11 personality disorder.

Why, exactly, are we listening to someone who passed through software engineering on his way into management claiming that software engineers(presumably now his direct reports) are the most spoiled profession and how it's just terrible that nobody is willing to spend several years working for peanuts to get experience(because the argument from race to the bottom is persuasive now?)

He then meanders over to the theory that if you are a real actually-good software engineer your job is clearly safe, because AI isn't set to replace you; ignoring the fact that entire teams, competent and all, get wiped out when the money sloshes a different way all the time; and 'AI' has seen some cataclysmic levels of frankly irrational money sloshing by some mixture of conmen, cultists, and the good old 'animal spirits' of that definitely rational market.

It's basically the same story about 'web developers' who learned how to knock together some HTML at a bootcamp somewhere, or 'IT' back when that was something where the money attracted some people who had no interest, warmed over and presented as novel; with a side helping of boundless(but notably vague) optimism about all the cool new AI-things that are being created that will need real engineers at some point.

Honestly, it's almost impressive how he manages to be so grating while being so vacuous.

Yes AI may be generating a lot of code now. But you need someone to find where what was generated was weak, or inefficient.

Over time the quality of generated stuff will improve, but since so many companies are generating a lot of code today that is a LOT of technical debt that is building up rapidly.

I especially agree that now is the time to round out your skills - as stated, study design, study platforms you connect to but do not develop on. Study AI tools, find out when they work for things you work on and know well - and when they do not.

Good luck out there everyone!

Well, your buying power would be crippled.