Notices by kaoudis (kaoudis@infosec.exchange)

@inthehands heh, thank you! My plans are to a) have less caffeine and b) to react only just as if one would if the neighbor’s teenager said something objectionable: not get visibly upset, but politely ask questions to dig into what they actually think, and if it’s not parroted hot air, tell them they have a choice between speaking politely or gtfo!

My anxiety has been through the roof this week. On the one hand, visits with probably objectionable family approach fast; but on the other I realized I’ve somehow worked up to a pot of coffee a day plus 64 oz of black tea and, uh, perhaps that is a bit much

@inthehands I love that! Solnit in general is excellent.

Trying to remember to balance out my fears with my hopes is hard, but learning how to let neither of them get the best of me is my current challenge

@ryanc the thing in question is a talk I’m watching about using LLMs to figure out if code variants are equivalent, and as their baseline they seem to have used precision, recall, and F1 to measure how well methods that leverage non-ML things do at determining when code variants are equivalent

@ryanc yeah, if you want a bunch of semi-reasonable test cases for a compiler or something and you generate a bunch of build variants, is the case I was thinking about

If you’re generating code, and you’re *not* doing it with an LLM, is it reasonable to use metrics like F1 and recall to measure how well the tools you use are doing? This is bothering me because it feels a bit weird to apply metrics like this to static analyses, build tooling frameworks, or things that just plain don’t have any recall to begin with.

I have a tendency to unintentionally assume all regular expressions follow PCRE, but that's not necessarily the case. Only knowing one flavor of regex well might not be enough if you need to use them in different language environments! Example:

"Regex language syntax varies between different platforms; it is not standard. In particular, the “$” anchor does not only match the end of the string in Python and PHP, but it does in JavaScript."

https://best.openssf.org/Correctly-Using-Regular-Expressions

@whytgndlf @catsalad question is will I make it that long if I have to look at this damn thing

@whytgndlf @catsalad looks like I can in fourteen more days 😅 looks like I need a thirty day streak to unlock a new app icon

Duolingo is fun, but why on earth is the icon stuck like this, it looks like it has a head cold? I’d almost rather delete the app than look at this

“The systems programmer has written drivers for buggy devices whose firmware was implemented by a drunken child or a sober goldfish. The systems programmer has traced a network problem across eight machines, three time zones, and a brief diversion into Amish country, where the problem was transmitted in the front left hoof of a mule named Deliverance… A systems programmer will know what to do when society breaks down, because the systems programmer already lives in a world without law.”

https://cloudisland.nz/@pjf/111100600201100924