self @ self @awful.systems

Posts

99

Comments

2,012

Joined

2 yr. ago

Moderating

---

time for you to go

yud-length posts like these that boil down to “nuh-uh” are why we have the “no debate unless it’s amusing debate” rule, and I can see by the downvotes from local and the reactions that you’ve failed to be amusing

if I were you I’d reconsider this thread

putting you on a PIP because you’ve failed to innovate past innovation

making is running the version of the configuration I intend to deploy, so if it works for you there it should (hopefully) work in prod too

thanks! I tried to link it in the usual way, but I think a bug might have blanked the url box before I hit post.

oh you fucking know it

also all 3 parts of Das Kapital and the full text of My Immortal

like god fucking damn what did keepassxc do that made all these little fuckers pledge allegiance to it? what about this mediocre blog post is convincing? did y’all miss the context that this post is accompanied by a bunch of posts on other official keepassxc accounts where they give incorrect and potentially dangerous information in defense of their use of LLMs?

according to the slop coders, their slop isn’t slop? oh do tell!

not saying it’s always programming.dev but

gonna have to start cleaning up some of the posts from the more long-winded assholes with opinions that aren’t more complex than “well I trust them to not let the technology known for creating security vulnerabilities run wild on their codebase, because they made the exact same promises every other project makes when they go all-in on slop”

for a fucking password manager of all things

oh no what happened to that thin veneer of reasonable centrism when you were defending a password manager of all fucking things incorporating slop code? could it be you just fucking love slop?

hopefully I have a little credibility here.

LLMs do make decent first-pass code reviewers

hahahaha nope

I saw that! fortunately once iocaine is configured it seems to just work, but it's also very much software that kicks and screams the entire way there. in my case the problem wasn't even nginx-related, I just typoed the config section for the request handler and it silently defaulted to the mode where it returns garbage for every incoming request.

nope, you’ve been getting caught in the fallout from us not having this yet. the scrapers have been so intense they’ve been crashing the instance repeatedly.

things are happening

I'm still kicking the tires but if this works then there might be a bit of downtime soon to make sure scrapers see more of this

oh wow you’re just like this all the time huh

no wonder you came in here to scream for a disgusting chicken sandwich incorrect one of my posters about their use of a common English phrase and post yet more LLM apologia barely disguised as critique

yeah nah we don’t need this centrist AI booster crap here but thanks anyway

But from all sides really, also wild to just claim they don’t know what a zero day is and that’s just made up.

some motherfuckers really see a security vendor claim a zero day can’t be exploited at scale for a local application, ignoring gigantic classes of vulnerability enabled by misconfiguration, combined exploits, or malware, and go “woof, maybe it’s true! they do make my favorite password manager after all, who are you to say they’re wrong” as a bunch of Russians walk off with their bank info

you like 80% of the claptrap keepassxc posts? no wonder you came into this kfc asking for a double down. we haven’t even served those since, like, the mid-2010s

the project’s sudden commitment to code review excellence is the exact same shit every other project pulls when there’s justified backlash in response to a policy that allows, and therefore encourages, slop code. that keepassxc keeps officially posting through it, defending code-oriented LLMs as “generally accurate”, and fucking up and showing that they don’t understand their own threat model, is the double down. I don’t particularly give a fuck that they’ve remained remarkably consistent in their policy of accepting garbage into their codebase, or that their blog’s response to the backlash has been, golly gosh, so measured! if this is how their team conceptualizes risks to a piece of software whose breach would constitute a catastrophic event.

“blackjack”? kfcs don’t allow gambling, what the fuck are you on about

And it might be debatable whether that’s a risky game.

debate the merits of slop code in a password manager elsewhere, thx

it’s only a double down if it’s a kfc sandwich where the bread is replaced by chicken. i see no chicken sandwich here, alleged posters, unlike in fuck ai where it’s chicken sandwiches all day

itt some fucker thinks slop code in a security-critical project is justifiable