Yes - and realistically, if you're $BIGCO who's shipped a billion devices with some obscure curl vulnerability you just discovered, then the hard part is going to be rolling out a patch to all of them anyway, which is still a 'you' problem.
In 2026 there is a considerably cheaper/quicker solution, but that in no way invalidates OSS maintainers' right to enjoy a summer vacation without interruption.
I worry that this will make the bad guys focus on finding zero days during the month they have free to exploit anything they find, but I don't doubt that they need a break.
Actually, submitting hundreds of bogus/low impact AI generated ones while you sit on something big might be a viable strategy to delay a project from fixing a hole you're using
Cool, then it's down to everyone using this library to figure out how they can minimize the impact of a zeroday in curl - security should never be down to a single part of a system.
Is this likely though? If you are an AI slop model that
spams out finding bugs and vulnerabilities, would you
want to become more active when you see that a project
is not actively fixing bugs? Because in my opinion, it
really would not matter for any AI model how active a
project is, when it comes to FINDING existing loopholes.
In other words, I would always go at full speed (as an
evil AI slop model) and most likely never release any
findings of flaws and loopholes, so they can be exploited lateron. Bad folks don't want to be caught; remember the xz utils backdoor.
I am sure some AI slop models are used by criminals.
And they may exploit things at a later time, but they
most likely have found issues already. Not every AI
slop model would report.
The notion of "the bad guys will now be more active" is
strange really in the AI slop age. (We had the stone
age; now we have the slop age)
I don't disagree with the essay, but is there any benefit to being a billionaire? Almost anything I could possibly want could be satisfied by being a humble multi-millionaire.
Do you have a want to please millions of people whose lives are improved by exactly the product that your company sells? I could certainly do without that, but it does sound nice.
Many of these billionaires they're referring to are paper stock billionaires. It gives you access to maintain control/takeover other companies. For example, Elon made an argument that his package payout (if fulfilled) was so large because it served him to be able to retain control of his company.
Another example would be taking over media companies like what Bezos did, the side effect would be being able to waylay/hide any dirty laundry.
I'm not sure there is but if you create a company that successfully serves the world's 8 billion population it often ends up worth more than 12.5 cents per head. Or else it maybe isn't providing that significant a service.
With nearly all the billionaire PG mentions the money is the company valuation rather than cash in the bank.
The Sun is visible from Earth as well, the last time I checked.
In LEO you don't get power 24/7 because you are only 500km above the Earth. Yes the Sun is more attenuated on Earth but what we care about is $/W not raw wattage, and Earth certainly has cheaper $/W than space.
> - coms w/o interruption using existing infra
I'm perplexed how comms might be easier in space than on Earth where you can just run a cable.
> - Rideshare (SPX can build out capacity while other lifts pay some of the bill for lift)
On Earth you don't need to rideshare because you don't have to ride a rocket.
> - Nonregulation
Space is more regulated than Earth. The only way to get to space is via a rocket which is the same as an ICBM. Governments regulate the process of building ICBMs and what payloads can ride on them.
If you want non-regulation then go to international waters or find a bribable government.
> - Very low latency to "places of interest far from USA mountains"
The latency is not terrible in LEO but it's nowhere near as good as on Earth.
We're losing the direct chain of thought here. My assertion is that "Nonexistence of Mountaintop DC is not a counter-example to space DC". That's it. The reasons were spelled out.
Your points: "Mountaintop" is how comms is easier in space vs on earth. Starlink already serves many rural areas simply b/c it is easier to go to/from space in some places than "running a cable". "Latency is nowhere near as good as on earth" is just false. "Mountaintop" is why. But more broadly, my most recent vacation cabin has higher latency than starlink offers. Case closed I guess?
And one more on latency: I was referring to latency in areas of interest far from USA mountaintops / USA in general. You might want to peruse the DARPA programs on low latency in-situ, closed loop comms for in theater (sometimes space based) compute. Something close to the action.
Power: "Mountaintop" is how space has a better power case than earth. Not all of earth. Mountaintop earth.
top level comment was talking about a wind turbine on a mountaintop. That's an attempt at 24h power which is very likely strictly worse.
You can step back and make larger arguments, but this thread is narrower.
"Space is more regulated than Earth". Yes, again, you're talking about wider counts of regulation. Just go look around at the pushback to data centers and you'll see some of the case for DC in space. The path to getting equipment into space is clean - just get permits and launch same as SPX does for starlink. The path to building a data center on a mountaintop probably encounters at least some non-paperwork pushback that's likely to trip big political fights. That's it. Are there a lot of mountaintops that are sufficiently cold to warrant "cooling" arguments that are not part of large state/federal parks?
So going back to the thread - if you believe that a mountaintop datacenter is a counter example to the feasibility of a space-based data center, then I think you're making a category error on some of the above criteria. Your comments don't dissuade me at all about that because they don't address either side of that argument.
Maintenance for a mountaintop data center only requires a team of skilled mountaineers. In space you'd need astronauts. It's at least an order of magnitude cheaper, perhaps two or three.
Nobody is doing maintenance on a small cluster in a satellite. It's disposable with a timespan of less than a decade to recoup all costs. Note that the usual argument to retire hardware is the electrical costs but when you've got lifetime solar you can run it indefinitely.
Nobody is doing maintenance on an orbital data center because it's too expensive and dangerous, not because it wouldn't be useful. Maintenance in space would in fact be way more useful than on land because the redundancy required by a lack of maintenance necessitates extra mass.
If you could pay a few space sherpas $100k to head up into LEO and service the thing, it would definitely be worth it.
I never said it wouldn't be useful, only that it isn't likely to happen. Amortized costs would reflect that. So it seems we agree?
> If you could pay a few space sherpas $100k to head up into LEO and service the thing, it would definitely be worth it.
Would it? Whatever you pay to launch the repair tech plus the replacement parts could instead be spent launching new hardware. Obviously the repair payload is a fraction of the total weight of new hardware but is it a small enough fraction to make repairing things worthwhile? I think it's likely that disposable is cheaper in this scenario.
There's a much simpler explanation: Amazon's business is selling cloud services. Amazon is constantly under threat of attack and anything that disturbs the balance between attackers and defenders is bad for Amazon. Amazon also needs to keep their AWS customers safe.
This is Amazon prioritizing their 100% stake in AWS over their 20% stake in Anthropic. It's also possible that Amazon knows things that are not public.
The fact that Amazon is willing to report this despite owning shares in Anthropic and being close to a liquidation event points to whatever they found being actually serious.
Most of the value of a CS degree is being able to say that you have a degree truthfully. If you don't have a degree then you just lie and say that you do, which is a moral papercut. Nobody really cares about your education though, they just want their world view to be maintained.
All of my professional jobs have been contingent on background checks and validating (to some degree) the things I put in the record. If I say I have a degree, they call to verify. They called to verify work history, although not being able to reach previous employers wasn't a deal breaker. I don't think just claim you have a degree when you don't works.
If you have a degree from a 'good school', that gets you some credibility by itself, but mostly a 4 year degree says 'this person can commit to doing difficult things without an immediate payoff for around 4 years' which is a valuable thing for employers.
The US tried to ban it. djb challenged it on first amendment grounds and the result was that the US government gave up trying to enforce any ban.
AI is different though because these models are private, so they cannot really be considered to be "speech". Although if it were an open model it would likely be protected speech to release it.
You have to squint to see the output of an LLM to be speech. The input is clearly speech but the government is not preventing anyone from writing or publishing prompts, only from running those prompts through the model.
In the case of the crypto export ban, the government was attempting to suppress the release of cryptographic research. For example, if a cryptographic researcher wrote a paper on a cipher and they included a definition of that cipher in the paper, that was an "export" of cryptography. This is very clearly a restraint on speech that violates the first amendment and after much legal wrangling the government agreed and the issue evaporated.
That's just a normal part of Mac development. Apple sees documentation as a net negative for them, something that can constrain them in the future. So they only document the major highways and leave everything else as an exercise to the reader.
If you're using an unstable API they expect you to figure everything out yourself. It doesn't mean that they don't want you to use it though.
> Probably not. But we will.
A pleasant dose of humanity in decidedly inhuman times.
reply