> Another concern I have is whether a compromise of Tailscale's own infra could let an attacker just add itself to my network. Apparently the "Tailnet Lock" feature mitigates this, but it is off by default.
Yeah, we use "tailnet lock" to sort of cover that. AFAIK its the only option available.
I say "sort of" because "tailnet lock" is a bit half-assed in its design and implementation.
For example, you cannot sign new nodes from mobile devices (e.g. iOS). And as we know, locking down iOS is easier than a full desktop machine. So that's a bit of a missed opportunity. And as usual, there's a Tailscale Github issue open for it for years ...
And in practice, the "tailnet lock" addition is done through the `tailscale` software on the desktop/laptop. Its click a button or run a CLI without further authentication/authorisation required. So basically anyone could do it. And the keys are, of course, open to exfiltration.
So, yeah, "better than nothing" is the way I would summarise "tailscale lock".
There are plenty of northern climate countries that get by just fine without DST. Also, if it’s genuinely a problem in a specific location for some reason, that specific location can just say, “Let’s all start work at 9 rather than 8 for the winter months” rather than impose an absolutely absurd song and dance on the entire time zone.
Or you have the regrets when you needed to speak up and you didn't because you value your job security more than your duty: crooked or woefully incompetent boss. In the army instructors strongly warned about jumping chain of command. But you know, sometimes it gets very ugly, specially when they come after you.
It's a good idea. Executed well. I would say for adults it's a little easy but I think perfect for 9 years up to adult. Would be nice to be able to admire the puzzle at the end and look at stats etc
I think there's a secondary competitor to certain types of process-SaaS like Vanta for smaller orgs: a smart Fractional (CISO, in the compliance case) paired with good AI. The purchaser gets proper human judgement, and you can handle the record-keeping bit with an ai-enabled DB like notion.
It's just an assumption that residential proxying hasn't become a legitimate industry by now. Security professionals just assume it's still based on botnets.
Smaller companies probably use a small subset of the features in the SaaS. This means one of two devs with an AI can implement the used subset fairly easily.
Bigger companies probably use more features and have more advanced requirements and the SaaS is integrated in different ways within different departments of the company. This means more developers are required, more interaction with different departments and thus less benefits of AI versus the traditional way of developing without AI (as the actual work is more in coordination, specification etc, than the actual coding bit).
The memory requirement is actually not a problem, because you may be able to stream the mp3 from a harddisk ( easily 159 KB per second from a 2.5 inch ide disk when used on a 7mhz 68000 of amiga 600) or maybe even from a floppy ( 10 KB per second on a double density floppy ).
The actual problem is that mp3 decoding requires lots of math, and the total cpu usage to decode at 22Khz mono is the equivalent of a 68030 running at 50mhz, which is more or less 5 times as much CPU as a 68000 running at 16mhz.
Re: style-transfer, I simply point it at examples of my writing and asks it to use sub-agents and review paragraph by paragraph for consistency with my writing-style. I do the "paragraph by paragraph" thing because the main agent otherwise tends to get sloppy.
Some checks for repetition and particularly egregious quirks that are not style specific tends to also be helpful (e.g. Claude at least used to have a thing for using numbers ending in "47" if something calls for random numbers), but most stylistic ticks are fixed by the above.
Depends if you just want it to not sound obnoxious or whether you want to fool an AI checker - the latter would benefit from more, but it's not really something I care about.
I think that's a fair analogy actually. I grew up in Brooklyn in 1990s and it was basically guaranteed that you'd have some criminal encounter in the neighborhood sooner or later. People still left the house because running that risk was better that entombing yourself inside the house.
Hello, I'm the developer behind Neverclick. Neverclick doesn't use accessibility apis. It uses local computer vision so it works in every app.
I've had a poor experience with accessibility apis, they're clunky, slow, and unpredictable, and as you said many apps aren't built with accessibility in mind. With computer vision you don't have to worry about that.
This might sound strange, but the cv system in Neverclick actually runs significantly faster than UI Automation (which is the accessibility api on windows) in nearly all of my personal tests. I can't believe that accessibility apis are so poorly optimized that raw pixel analysis is faster lol. Also, I have users that use Neverclick on 10 year old hardware and they tell me that the cv runs instantly whereas UI Automation is super laggy for them.
Also, accessibility apis typically don't give you useful bounding boxes for text in text editors, this is another advantage of the cv approach.
I really wish the title of the post was "Desktop application for performing mouse actions with your keyboard using computer vision" so that it's more obvious that it uses cv, although it's my fault since the current title is how I have it in the readme and they probably just copied that.
Excuse my likely stupid question, but has anybody had some success using Claude Code with frontier agents (or Junie or anything else) to invoke local LLMs for specific sub-tasks or wrapped as skills? In other words, is there a way to use expensive, frontier models as orchestrators that manage local models to do the specialised coding tasks?
One party made certain IP addresses valuable, the other party responded by totally randomising their IP addresses, and the world is worse off for it. Who's responsible? They weren't using random IP address proxies when IP addresses weren't treated as a status symbol.
There is one main difference, that makes UN recognizes Gibraltar as a colony and not Ceuta and Melilla: days before Gibraltar was conquered 100% of the people that lived there was moved out. This is why Gibraltar is a colony and Ceuta and Melilla not. So I don't have clear opinion if people in Gibraltar should have auto-determination or not.