What percent of dollars are tied up in in-flight oil transactions? And I suppose also in accounts that will be used for oil transactions in the planned future? That’s the mechanism for that supporting the value of the dollar, right, like, increased dollar demand via being used for oil market transactions?
Pinning the tag will not save you - the tags were force-pushed. The cooldown probably did save you but you should check for the indicators of compromise listed on the security advisory page.
FWIW I think the 30u30 to fraud pipeline is overstated. There are 600 people on the American Forbes 30u30 list every year (it's "30 under 30 each year in each of 20 categories"), with 20ish notable instances of fraud, so maybe a quarter percent of the people on the 30u30 list will later become famous for fraud.
I think the pipeline is not really about the 30u30 list as a whole, but about the cover of the magazine, which I feel has had a very high rate of fraud.
Trivy (a very widely-used security scanner) was recently compromised. Anyone who installed the aquasecurity/trivy-action dependency by tag rather than by sha during a 3 hour period on March 19 was likely compromised. There is a Github security advisory at https://github.com/aquasecurity/trivy/security/advisories/GH...
6 separate people have tried to submit this to HN. All of the submissions are marked as [dead]. I am unsure whether this is a malicious action taken by the actors who compromised trivy or whether it's just the result of prior spam under github.com/aquasecurity, but regardless it is probably not ideal for security advisories to be auto-marked as [dead].
Please just email us (hn@ycombinator.com) when something like this happens.
Moderators didn't see these submissions or if we did, we didn't know why this project or incident was significant or important.
Now we've seen it, we've boosted the first submission of the incident onto the front page, and updated the URL and title to the most up-to-date/complete page about the incident.
The reason the submissions were being killed is that the GitHub account's address had been banned on HN due to previously being submitted by spam bots.
I've had quite a bit of luck with using AI-assisted tooling for some specific workflows, and very little luck with others. To the extent that there's a trend[^1], it seems to be that tasks where I would spend a lot of time to produce a very small amount of output which is easy to evaluate objectively[^2] are sped up considerably, tasks where I would produce a large amount of output quickly (e.g. boilerplate) are sped up slightly, and most other tasks are unaffected or even slowed down (if I try to use AI tooling for them and decide it's not good enough yet).
As always, my views are my own and do not necessarily reflect the views of my employer.
[^1]: There's less of a trend than I'd expect. There are some quite difficult-to-me tasks that AI nails (e.g. type system puzzles) and some trivial-to-me tasks that AI struggles with (e.g. "draw correct conclusions when an image is uploaded of an ever-so-slightly nonstandard data visualization like a stacked bar chart").
[^2]: My favorite example of this is creating a failing test with a local reproduction of a reported bug on production - sure I _could_ write this myself, but usually these tests are a little bit finicky to write, but once written are either obviously testing the right thing or obviously testing the wrong thing, and the code quality doesn't really matter, so there's not much benefit in having human-written code while there's a substantial benefit in having any tests like this vs not having them.
It definitely comes up if you're just reviewing an already-"completed" PR. Even if you're not going to ship AI-generated code to prod (and I think that's a reasonable choice), it's often informative to give a high-level description of what you want to accomplish to a coding agent and see what it does in your codebase. You might find that the AI covered a particular edge case that you would have missed. You might find that even if the PR as a whole is slop.
The following by "Claude Slopson" (Claude Opus asked to write an answer that was obviously AI) scored 87% authentic:
> Ah, what a fantastic question
> For me, it's Breaking Bad–and honestly? It's not just a show, it's a masterclass in storytelling that fundamentally reshaped the television landscape.
> What keeps drawing me back? The way it seamlessly blends moral complexity with edge-of-your-seat tension is nothing short of breathtaking. Walter White's transformation isn't just compelling–it's a profound meditation on identity, ambition, and the human condition itself.
> But here's the thing–it's also deeply rewatchable. Every frame is meticulously crafted. Every detail matters. The foreshadowing alone is chef's kiss!
> Whether you're a first-time viewer or a seasoned fan, Breaking Bad offers something for everyone. It's a testament to what happens when visionary creators push the boundaries of their medium.
> In an era of endless content, some shows simply transcend. This is one of them.
> 10/10, would recommend! What's YOUR comfort rewatch? Drop it below!
(HN strips the emojis, but don't worry–they were there)
I doubt you'd need to build and hype your own, just find a popular already-existing one with auto-update where the devs automatically try to solve user-generated tickets and hijack a device machine.
Then once you have an answer to that question, that might point you towards what you want to be long.
reply