More

gizzlon · 2025-11-26T20:15:43 1764188143

hehe, googd point regarding Google Translate :P

> Yes, curated whitelist of domains sounds good to me.

Has to be a very, very short list. So so many domains contain somewhere users can leave some text somehow

gizzlon · 2025-11-26T19:58:47 1764187127

What are "untrusted URLs" ? Or, more to the point: What are trusted URLs?

Prompt injection is just text, right? So if you can input some text and get a site to serve it it you win. There's got to be million of places where someone could do this, including under *.google.com. This seems like a whack-a-mole they are doomed to lose.

gizzlon · 2025-11-26T19:47:28 1764186448

Can it _never_ _ever_ create a script or a html file and get the user to open it?

kccqzy · 2025-11-28T03:04:01 1764299041

That’s different. Now you are asking the user to do an action.

TeMPOraL · 2025-11-28T08:47:13 1764319633

The user could also be another program, or another AI agent.

gizzlon · 2025-11-26T11:41:41 1764157301

So if you app enters a crash-loop and fails to start an AWS engineer comes in and fixes it? Because that has not been my experience..

The truth is that there's still a lot of things you have to handle, including cloud bugs and problems. And other problems you don't have to think about anymore, especially with fully managed, high-level PaaS- like services.

I ran a cloud backend service for a startup with users, using manged services, and we still had an on-call team. The cloud is not magic.

gizzlon · 2025-11-19T20:18:01 1763583481

https://news.ycombinator.com/item?id=45978308

gizzlon · 2025-11-16T08:54:31 1763283271

Is this a mistake by the author or a bug in the feed reader? I guess it followed a link it shouldn't have?

superkuh · 2025-11-17T14:53:32 1763391212

A mistake by the author. I tried 3 feed readers, including one I wrote myself. None of them were following links. They just don't support cookies. There is more to the web than just browsers.

gizzlon · 2025-11-13T20:34:00 1763066040

> Having said that, MongoDB pricing page promises 99.995% uptime

Or.. what? That's the important part

gizzlon · 2025-11-04T22:01:50 1762293710

You still have the fb app? You know the spied everything you browsed, right?

And if they didn't, it was not for lack of trying... What does it take for people to delete this shit?

RulerOf · 2025-11-05T04:24:34 1762316674

> You know the spied everything you browsed, right?

I remember that this "became news" some time ago, but it's always pretty obvious the moment it loads.

App presenting an SFSafariViewController? "Convenience" that's intended to keep users in the app.

App presenting a WKWebView? Assume it's loaded with spyware scripts.

gizzlon · 2025-11-05T07:45:12 1762328712

no no, not in the fb app, in the mobile browser: https://news.ycombinator.com/item?id=44169115

TBF it's "only" sites with a meta pixel, and on Android. But in my book this does not matter, it shows their intentions

RulerOf · 2025-11-05T13:55:17 1762350917

Ohhh yes I remember that one. Diabolically clever.

I'm sure there's also no user-controlled firewall to stop it on Android either.

gizzlon · 2025-10-29T13:54:35 1761746075

Hm.. I wonder what the risk of a rack going offline is? Maybe 5% in a given year? Less? More?

Compared to all the other things that can and will go wrong, this risk seems pretty small, but I have no data to back that up.

gizzlon · 2025-10-29T13:49:14 1761745754

Sure, but they also create a mess in AWS