600k of 25 million Picross puzzles have been solved so far, with 1,400 people currently playing #

Every time I get into an online conversation about prompt injection it's inevitable that someone will argue that a mitigation which works 99% of the time is still worthwhile because there's no such thing as a security fix that is 100% guaranteed to work.

I don't think that's true.

If I use parameterized SQL queries my systems are 100% protected against SQL injection attacks.

If I make a mistake applying those and someone reports it to me I can fix that mistake and now I'm back up to 100%.

If our measures against SQL injection were only 99% effective none of our digital activities involving relational databases would be safe.

I don't think it is unreasonable to want a security fix that, when applied correctly, works 100% of the time.

(I first argued a version of this back in September 2022 in You can’t solve AI security problems with more AI.)

Tags: sql-injection, security, prompt-injection

Interactive visualization of technological history.

Microservices only pay off when you have real scaling bottlenecks, large teams, or independently evolving domains. Before that? You’re paying the price without getting the benefit: duplicated infra, fragile local setups, and slow iteration.

— Oleg Pustovit, Microservices Are a Tax Your Startup Probably Can’t Afford

Tags: software-architecture, startups, microservices

David Remnick, in a fine short piece for The New Yorker on Signalgate:

This is an Administration that does not have to slip on a Signal banana peel to reveal its deepest-held prejudices and its painful incapacities. You get the sense that we would learn little if we were privy to a twenty-four-hour-a-day live stream of its every private utterance. Part of what was so appalling about Trump and Vance’s recent meeting with Volodymyr Zelensky was not just their penchant for channelling the world view and negotiating points of Vladimir Putin but their comfort in expressing them, barking them, at the Ukrainian President in front of reporters in the Oval Office.

Stupidity and ignorance as a governing style. That’s it. They are exactly who they claim they are, and in private speak how they do in public. There is no secret plan.

These idiots do not believe polluting the atmosphere with carbon emissions has caused calamitous damage to our climate, despite the fact that experts, decades ago, almost universally predicted it would. Few issues in science had as much expert consensus.

These idiots think vaccines — one of the great breakthroughs in the history of science and medicine — are a bigger health risk than the diseases they immunize against. Now there are unvaccinated American kids dying from measles, a disease that was effectively wiped out in the modern world by the time I was born.

These idiots think the universe is 4,000 years old.

Now they’re bringing the same sort of idiocy, unbound by critical thinking, history, or anything recognized as economic expertise, to trade policy.

The Graphing Calculator Story

Utterly delightful story from Ron Avitzur in 2004 about the origins of the Graphing Calculator app that shipped with many versions of macOS. Ron's contract with Apple had ended but his badge kept working so he kept on letting himself in to work on the project. He even grew a small team:

I asked my friend Greg Robbins to help me. His contract in another division at Apple had just ended, so he told his manager that he would start reporting to me. She didn't ask who I was and let him keep his office and badge. In turn, I told people that I was reporting to him. Since that left no managers in the loop, we had no meetings and could be extremely productive

Via Kellan

Tags: apple, computer-history