I suspect it's an imperfect correlation. Other factors like level of income inequality, efficacy/harshness of law enforcement, societal cohesion, would likely influence.
I use Kimi at home via a kimi.com subscription and Kimi CLI (sometimes running inside Zed, sometimes not). My favorite model by far. And it's just $20.
I have to use a supposedly frontier model at work and I hate it.
Nethack runs as a setgid process that hides save files from users.
Kind of old fashioned now that almost every Unix system is a single user system. There are still public servers for those that want the temptation to be taken away from them.
As to spoilers... Everybody reads the spoilers. I doubt anyone has ever ascended spoiler-free.
A friend once showed me a post on rec.games.roguelike.nethack where someone was finally begging for a hint because they'd gone deep in the dungeon and couldn't figure out anything to do next. They couldn't find any staircases down, though they had found a weird vibrating square, and none of the many weird items they'd collected seemed to do anything to help.
This is one of the things that makes a spoiler free run hard to imagine. I think the Oracle can tell you about the ritual but geez it would take you forever to figure this stuff out
There is a story of a purported very deep spoiler-free run [1]. The person made a journal of everything the Oracle had to say (over multiple games) and was able to figure out a lot on their own as well.
The ! command. If you run as SUID anything, and the UNIX you had, had a SUID bug, then the shell command SUID as root. Scary when you were running on a "secure" version of UNIX, and it had a SUID bug.
On DOS, the ! Command, gave you access to the levels files, for which you could make a closet level.
I always started a few rounds as every role, and watched the hilarity begin with the stupid ways to kill yourself, which after a few months, were always hillariously fun to read.
IIRC, there was always a way to filter out certain messages (or that may be an alt.org customization, but it's been a part of my config file for a while now).
Interesting Cuecat story: LibraryThing bought a massive stock of Cuecats and, 20 years later, they still sell them, repurposed to scan ISBNs from books for cataloging purposes: https://wiki.librarything.com/index.php/CueCat_Guide
Don't publish. You already notified them, your shell escape isn't a big deal, publishing it will only be a pain for the volunteers running the service.
You can't have it both ways: if it's not a big deal, then he can publish it.
If you say "Don't publish", then you acknowledge that it's a big deal.
I say to GP: "Congrats for finding a shell escape, it's always a big deal. But don't publish it... Yet".
Give them a chance to fix it. But it they don't even answer to the emails, even just saying: "thx we're busy we can't fix right now but will do", then at some point you just publish.
It doesn't take long to answer an email saying "thanks, we'll fix it eventually".
"We'll fix it eventually" is not good enough. If a human can find a flaw, then a bot can find the same flaw, and the bots are always watching and always testing. If someone can't commit to immediate security response when running a public-facing internet service then they should not be running that service, because the rest of the internet will not forgive them when their machine gets popped and becomes everyone else's problem.
If they can't commit to a hard timeline of less than a few days, then publish. What happens next is not your fault - it was inevitable anyway.
Edit for clarity: This is just in general, not specifically SDF or small orgs or large orgs. The internet does not care about the difference. The internet just does not care period. Nobody is going to give anyone else any breaks, and especially not a botnet.
I "wrote" (vibe-coded) a non-chronological RSS reader. I crawled the blogrolls of some blogs I liked, fetched all the posts (with full text) and ran a clustering algorithm on them. LLMs classify the content to filter out meta/political/personal posts. And a LLM gives names to the clusters by sampling the contents.
It's an amazing source of long things to read. There is so much stuff worth reading that has been posted in several decades of blogging.
reply