> Am I reading this right that people can (and do??) use images as a complete replacement for source code files?
Images are not replacements of source code files. Images are used in addition to source code files. Source code is checked in. Images are created and shipped. The image lets you debug things live if you've got to. You can introspect, live debug, live patch and do all the shenanigans. But if you're making fixes, you'd make the changes in source code, check it in, build a new image and ship that.
in smalltalk you make the changes in the image while it is running. the modern process is that you then export the changes into a version control system. originally you only had the image itself. apparently squeak has objects inside that go back to 1977:
https://lists.squeakfoundation.org/archives/list/squeak-dev@...
with originally i meant before the use of version control systems became common and expected. i don't know the actual history here, but i just found this thread that looks promising to contain some interesting details: https://news.ycombinator.com/item?id=15206339 (it is also discussing lisp which bring this subthread back in line with the original topic :-)
> There's a reason it has so many stars and most of the people getting something out of it are not posting on X.
That reason is buying stars, agent swarms, and astroturing.
No project gathers 200K stars genuinely in 3 months. There are far more useful and popular projects that need 10 years to get 200K stars. When you see a project like this get 200K stars in just 3 months, you know something is very fishy.
There just aren't enough hobbyists in the world running local AI models, never mind technically savvy enough to hack something like OpenClaw and be really excited about it.
For a comparison, the local image gen interfaces ComfyUI and A1111 WebUI have a huge amount of stars (~100k and 160k respectively, accrued since 2022 or so), but they allow you to create porn customized to whatever kinks you have, not just automate things for the sake of automation. One of those is a rather bigger value prop than the other, dopamine-wise.
Why would they be running local AI models? The creator of OpenClaw explicitly recommends against running OpenClaw using local LLM models at this time, because they're not as powerful as frontier models as well as much more gullible to prompt injection and the like.
> There just aren't enough hobbyists in the world running local AI models, never mind technically savvy enough to hack something like OpenClaw and be really excited about it.
No you dont understand, just because there are X people capable of doing this and my project got (X + YX) stars in 3 months, that only means that my project is very popular and there are no shenanigans occurring _at all_
If you suggest otherwise you are a luddite who doesnt understand and probably hates progress.
React and Linux got their 200K stars slowly but surely over 10 years. OpenClaw got their 200K stars in like 3 months! Is this any meaningful comparison?
Getting 200K stars today doesn't mean much because today stars can be bought. There's a big shady thriving business of selling stars. Stars today can be generated using swarm of thoughtless agents. What's the use of counting these stars when they don't mean anything anymore?
I was looking at the accounts that have starred the OpenClaw project. Many seem relatively old, but I couldn't find more than a handful that seemed to be publicly active in any sense (e.g. making PRs or commits). Same story with the forks. A metric shit-ton ton of forks, no branches or commits or any sign of activity on the forks.
Compared that to the people who have been starring my projects, and every single one of them had some sort of activity on record.
--edit--
Checked again now, seems more recent accounts have some activity. But still, lots of accounts like these
If the domain is being given away for free, it will be used a lot for scams etc, so a lot of systems will just start blocking it immediately. When I got my first domain, I used one of the free TLDs and my university blocked it completely due to it being a scam. Not for any of the content on it, just the TLD being commonly used by scammers
That’s my question. I’ve launched many fresh websites that have not been marked as unsafe by Google. If they were habitually doing this, there would be far more reports of it.
I suspect there is something the author is not telling us.
Even if the false-positive rate is very small (e.g. 0.01%), you probably won't be affected, but more than a hundred thousand of websites would be and that would still be an issue. I have no idea how big is the false-positive rate.
There are many of reports of the same happening to other sites, some of the top ones (you can find many more by searching HN for "google safe browsing"):
The site is already back online after the post. You can check yourself. If I really did have malicious content on the site, this post would have had zero effect on the result.
The domain has no history as far as I could search and the site was up for almost 6 weeks with no issues before it was nuked. I used it with Apple's review process!
The big scary red warning page should at least tell you it’s phishing or malware or something else. OP didn’t have a screenshot of that. You can easily go to a safe browsing test site yourself at testsafebrowsing.appspot.com and find that Google does divulge the category of the blacklisting.
OP says:
> no gore or violence or anything of that sort
That’s not even the right criteria. OP is confused about Google Safe Browsing vs Safe Search.
That sounds like a competitor of yours manually submitting your site to Google for “impersonating” them or something. Anyone can submit URLs to Google to suggest it be blocked: https://safebrowsing.google.com/safebrowsing/report_phish/ Perhaps some overworked underpaid analyst had a lapse of judgement. I’m sorry that this happens to you.
wait, this actually makes things sound even worse because anyone who might not like your product can add it to google and google can sometimes be none the wiser and then add it to phishing link which could then lead to their domains (ie. any TLD's hosted by radix.website) being lost in void essentially unless you have verified the domain in google analytics and even then I would consider this whole situation to be so messy.
At this point, NEVER buy any radix.website TLD domains.
I am seeing pinggy had the same issue with their .online domain and this actually definitely caused hurt to their business https://news.ycombinator.com/item?id=40195410 (I saw this post from their comment in here referencing it)
(edit: I totally misunderstood the parent comment and wrote this reply. I've apologized for it in comment below. I could delete this comment but I am leaving it here so that others don't get confused when they see the replies below it.)
> or that anyone should have more power just because they are active in the project.
So you are saying that although I create a project to solve my problems but as soon as I make it open source (so that others can also benefit) my power on the project will become equal to the power every random person on earth has on my project?
If making my project reduces my power on the project, why would I ever open source anything?
Good thing that open source world does not work like that. When I make my project open source, I still have full power on my project and I decide what goes in it and what is rejected. I have no reason to not use the powers I have on the project.
If it ever became like you say that as the creator of an open source project, my powers will be equal to the powers of every random user, I'd stop making anything open source.
> If making my project reduces my power on the project, why would I ever open source anything?
For me, especially when I'm increasing the bus number of something I worked on at work, it's down to two things. Either I'm hoping that my 'power' will remain the same but the 'power' of the project will grow and the new people will take their share out of the surplus.
Or, I want to focus my power elsewhere, and as long as I'm sole proprietor to this project I will be associated with it to the exclusion of other things. It was having my face pressed against glass of shiny new things I was iced out of at work that finally taught me the value of sharing. Indispensable can make you typecast. Deputizing someone has benefits that usually outweigh the costs.
I never said that, or implied it. It would be dumb to say that someone who creates an open source project is at the mercy of the people who use it.
But, many people have had the experience of dealing with loud voices in open source communities, and sometimes abusive voices. Or people who are pushing/promoting things that they want but are actually contrary to the goals and well being of the project.
As I stated, that power is a potential route to abuse. This is absolutely true whether the person is a maintainer, contributor, or creator.
If you create an open source project, of course you have absolute power over it... to suggest otherwise is foolish.
And we have seen projects that fail or collapse due to lack of leadership, corrosive culture, myopia, or burnout. That is inevitable.
My point is that we need to be realistic about these things. This goes back to the original post that "open source is not about you". Users aren't "owe" anything by a project or its creator. At the same time, creators/maintainers have a relationship with the community.
How they choose to manage that relationship is their choice... but we should be aware and honest about what that means and how it impacts the project (and the community).
Wow - I really appreciate you taking the time to look at it again. My original comment was written quickly, and probably no where near as clear as it could have been.
I respect your willingness to modify your original stance upon closer examination. Non-ironic hat tip.
The goalposts have been on wheels basically since the field was born. Look up "AI effect". I've stopped caring what HN comments have to say about whether something is or isn't AI. If its useful to me, I'm gonna use it.
> I.e. a solution is known, but is guaranteed to not be in the training set for any AI.
Not a mathematician and obviously you guys understand this better than I do. One thing I can't understand is how they're going to judge if a solution was AI written or human written. I mean, a human could also potentially solve the problem and pass it off as AI? You might say why would a human want to do that? Normal mathematicians might not want to do that. But mathematicians hired by Anthropic or OpenAI might want to do that to pass it off as AI achievements?
Well, I think the paper answers that too. These problems are intended as a tool for honest researchers to use for exploring the capabilities of current AI models, in a reasonably fair way. They're specifically not intended as a rigorous benchmark to be treated adversarially.
Of course a math expert could solve the problems themselves and lie by saying that an AI model did it. In the same way, somebody with enough money could secretly film a movie and then claim that it was made by AI. That's outside the scope of what this paper is trying to address.
The point is not to score models based on how many of the problems they can solve. The point is to look at the models' responses and see how good they are at tackling the problem. And that's why the authors say that ideally, people solving these problems with AI would post complete chat transcripts (or the equivalent) so that readers can assess how much of the intellectual contribution actually came from AI.
February 13 seems right to me. I mean it's not like LLMs need to manually write out a 10 page proof. But a longer deadline can give human mathematicians time to solve the problem and write out a proof. A close deadline advantages the LLM and disadvantages humans which should be the goal if we want to see if LLMs are able to solve these.
Images are not replacements of source code files. Images are used in addition to source code files. Source code is checked in. Images are created and shipped. The image lets you debug things live if you've got to. You can introspect, live debug, live patch and do all the shenanigans. But if you're making fixes, you'd make the changes in source code, check it in, build a new image and ship that.
reply