I agree, the rhythm of the rhyming feels great - tight and (dare I say it) artistic.
@franze is that something you have control over - is the prompting so detailed / accurate that you can specify that? Or is there some other tool that can adjust an initial revision? Or is it simply a roll of the dice?
A lot goes into the lyrics. And yes, I found using existing (public domain) poems as a basis greatly improves the ChatGPT created lyrics.
With suno there is a lot of difference between the models (v3 vs v3.5) and then it is a lot of sometimes pretty random style prompts and a lot and lots roll of dices.
It can get quite frustrating, i.e.: https://www.instagram.com/p/C7oeyGzt0jd/ its unfinished and I like it a lot - but I never got Suno to recreate this exact style again.
This sibling comment (https://hackernews.hn/item?id=38439016) and google searches do not support your numbers - the CO2 impact of producing a car is roughly equivalent to one year's use, both are give-or-take 5 metric tons.
If that's the case, what can be done about reducing that distortion? My layman's understanding is that it's like mercator projection - you simply cannot make a two-dimensional photo of a wide field of view without distorting.
And that’s exactly what the face tracking feature does. That shot is a still from the wide angle cam, and not in a framing you’d normally use for video calls.
I have a M1 Mini with 16GB memory. The machine's SSD is incredibly fast, so it swaps very well.
Whereas my 2019 MBP will suffer incredibly when I start running out of memory (it literally becomes unusable and requires a hard reboot), the M1 will transparently start swapping, and I generally don't even notice.
Just the other day I noticed a python process was running slower than expected, and it was a bug in my Pandas code so I had allocated 85GB of memory. The rest of the system was operating normally - Chrome, VSCode, Music were all fine.
I regularly kick off a data pipeline process with 8x concurrency, even though each process uses between 4-6GB memory. It's probably inefficient in some way, but overall is still much faster than running at 2x concurrency (where everything would fit in memory and it wouldn't need to swap).
I've worked for my company for 7 years now, and I "get paid well for it". The actual $ figure isn't important, other than "it's enough for me". I'm sure it's less than the average software developer with my experience, and certainly it's less than the incredible figures that the big SV companies apparently pay.
But I love working here, the company mission is very inspiring, and my coworkers are excellent. And my salary is enough that my needs are met. So I'm really not interested in keeping score.
Thanks for sharing this, I've not been (and never will be) a SV employee, so it's interesting to see such a different perspective.
The big question that I didn't quite get from the post, is why did promotion matter so much to you? Everything seemed to hinge on that, but you didn't quite explain why it was so important, other than "what a great title - people would be so impressed". It sounds like when you were happy with your title, you were happy with your work - you "lovingly" fixed the old pipeline, wrote documentation, helped colleagues etc. Were there particular benefits to being promoted that would have increased your daily happiness?
It was mostly just the status. I think having the title of Senior Software Engineer has a lot of value in itself because it brings better job offers and more credibility if I go off on my own.
Also, people tended to be assigned more interesting projects the higher their level.
I'd enjoy the extra compensation, but that wasn't as strong a factor.
The only successful SQL injection attack I've encountered in the wild was interesting, because the injection point had no visible output. But by injecting timing calls (eg "SLEEP()") and appropriate conditionals, the attacker was able to extract a few bits of information each request. Their script executed some tens of thousands of requests, and they managed to extract all the table names, and start to extract data from our "users" table.
In retrospect such an attack is obvious, and presumably tools like metasploit make them trivial to execute. But previously I'd had the idea that SQL injection was usually "literal raw data output".
Another frequent type of blind SQL injection is when the server gives an error or a slightly different output on some queries. The server code may for example travel down a different path if the query doesn't output any results and then shows an error. Even if the error doesn't show the contents of the query, it can also be used to slowly extract data through generated yes/no questions.
In one case I managed a successful blind attack for a client because their server showed an English site for valid queries returning the right results, and a German one for unexpected queries.
You should take a look at https://sqlmap.org : this tool runs SQL attacks with « raw data output » as you say, but also without outputs (Blind SQL injections).
> it occurred to me that they probably are hosting this site with github but are using their own domain name
That is exactly what they are doing, and in itself this is not at all a problem.
But presumably the link worked for the original poster, so either there is a dynamic DNS problem (we are being sent to an address that serves the .github.com certificate an not the "right" one but he was sent somewhere that does have a certificate for that name) or* someone is resigning content and his machine is set to trust their CA certificate. This latter cause could be normal/expected (his company having a MiTM policy for regulatory monitoring reasons) or his machine could be cracked by an external entity.
SQLmap is a great tool for automated scanning and exploiting of SQLi vulnerabilities. Like everything though, it can miss the occasional exploit, where someone with the expertise might be better suited, but generally speaking it’s an awesome place to start.
It also has sane defaults, which means scriptkiddies chancing their luck with it should be easily spotted in your access.log, or depending on your environment a WAF/IDS/IPS should block/detect quickly.
This is a 'blind' sql injection attack. Tools like sqlmap make finding and exploiting sql injection very easy. sqlmap includes excellent support for blind sqli exploitation.
SQL injection is very common in our space which is WordPress. (I'm the Wordfence founder) There are over 40,000 plugins for WP and around 25k developers and writing PHP with a sqli vulnerability is really easy to do accidentally so it is super common.
I recommend having a read of this CTF writeup[0], and the Albatar framework that was used to solve it (cannot be done with sqlmap, I tried). It's incredible how far people can go with SQLi.
I have this friend who runs this forum out of self-made software- not a prefabbed PHP-bb, but home made software. Nonetheless, he had thousands of members who all shared the same particular hobby.
One time I decided to test his inputs, and surprisingly- one of those inputs contained a vulnerability in that it allowed you to post ANY text script or characters without sanitization. I quickly hobbled together a cookie-stealing script and proved how serious this hack was by stealing the password of an alternate dummy account just by visiting my poisoned user/info page.
I told my friend about it, and it took him a surprising long amount of time to actually get around to fixing it.
@davycro just said "it’s a tough skill to learn without a solid background in anatomy". If you have your home ultrasound and cannot accurately locate / track your baby, you may identify the wrong thing, and worry "it's not moving!"
Our first child came very late, and in those last weeks we downloaded a "baby heart monitor" on our iphone - it simply used the microphone with some isolation / amplification. We pressed the microphone end of the phone into the abdomen wall, and when it works we heard an amplified heartbeat out the speakers - very reassuring. But when it didn't work - when we couldn't find the heartbeat - we worried. Is it a false negative? Or should we rush to the hospital?
Why is this even worse? I assume you're suggesting it would potentially give a false sense that everything is ok when it isn't. But since such apps aren't intended as diagnostic tools, is it really a problem?
@franze is that something you have control over - is the prompting so detailed / accurate that you can specify that? Or is there some other tool that can adjust an initial revision? Or is it simply a roll of the dice?