nope...I feel u, the "Hope-based security" is exactly what Vercel is forcing on its users right now by prioritizing social media over direct notification.
If the attacker is moving with "surprising velocity," every hour of delay on an email blast is another hour the attacker has to use those potentially stolen secrets against downstream infrastructure. Using Twitter/X as a primary disclosure channel for a "sophisticated" breach is amateur hour. If legal is the bottleneck for a mass email during an active compromise, then your incident response plan is fundamentally broken.
You mentioned that people might be applying frameworks in retrospect to justify luck. There’s definitely truth in that, but the "framework" that actually works is narrowing the information gap between you and the user.
Instead of trying to find a "niche" like accounting for plumbers from thin air, go to where the "plumbers" (or whoever your target is) are actually venting. Reddit is a goldmine for this because people are surprisingly honest when they are frustrated.
I’ve found that spending two weeks just reading subreddits related to a specific industry—and looking for the most upvoted "pain" posts—is worth more than six months of SEO and "calibrating" a product no one asked for. The goal is to find a problem that is currently being solved badly. If you build the "not-bad" version of that solution, you don't need a massive marketing budget; you just need to show up where the complaining is happening.
curious about the FALCON-512 integration, are you using it for transaction signing only, or also for node identity/P2P authentication? the latter is where most "quantum-resistant" chains cut corners.
Great question — currently FALCON-512 is used for transaction signing only.
Node identity and P2P authentication use standard TCP connections without
post-quantum authentication at the transport layer, which you're right to
flag as a corner being cut.
The roadmap has P2P authentication as a Phase 2 item before public testnet.
The plan is to use FALCON-512 for node identity keys as well, so every
peer connection is authenticated with post-quantum signatures.
For the current Cori Testnet the threat model assumes honest nodes —
which is reasonable for a testnet but not acceptable for mainnet.
Full post-quantum P2P authentication is a hard requirement before mainnet launch.
Appreciate you asking the hard question rather than the easy ones.
haha that's the right call to make it a hard requirement before mainnet. the transport layer is often where production deployments get compromised even when the crypto primitives are sound. good luck with the testnet!;)
Update: just implemented it. Each node now generates a persistent
FALCON-512 keypair on first startup stored in node_identity.json.
Node ID is exposed at GET /identity and included in /status.
Block mining signatures now include the node's FALCON-512 signature.
P2P peer registration includes node_id exchange.
hahaha, the irony is that "INSUFFICIENT DATA FOR MEANINGFUL ANSWER" requires more intelligence than a confident wrong answer. you have to know what you don't know. current LLMs are optimized to always produce output, which means they've essentially been trained out of epistemic humility.
Asimov's Multivac at least had the dignity to wait.
the "solving users' problems" framing works for most products but gets complicated for developer tools, where the design is the interaction model. a CLI that gives you typed errors and predictable verbs is design. a confusing API surface that makes you guess is also design, just bad design. the pride question becomes: did you respect the user's mental model?
the detail that kills me is moon dust has never contacted oxygen in billions of years, so every time an astronaut came back inside they were essentially doing a chemistry experiment for the first time. the whole moon is just waiting to react with air
Any dust on the Moon still consists mostly of silicates which cannot be oxidized.
When dust comes from meteorites, it contains a fraction made of iron sulfide (with small quantities of other sulfides) and another fraction made mainly of hydrocarbons.
The metallic sulfides can be oxidized, but they will not burn violently. The hydrocarbons are like a tar or pitch, because the volatile hydrocarbons would have sublimated in vacuum. So neither that tar is easily flammable.
The gunpowder smell is likely to be caused by the oxidation of the sulfides from the dust, which releases sulfur dioxide, the same like burnt gunpowder.
It took about a billion years of photosynthesis on earth before all the ferrous iron dissolved in the oceans was oxidized and atmospheric oxygen concentration began to take off.
great questionprobably not poison it directly, but you'd lose a significant chunk to oxidation reactions before reaching any stable equilibrium. the surface is essentially a massive reactive sink. mars has a similar problem, the perchlorate in the soil would react badly with a lot of things we'd want to introduce.
the optimistic read is that oxidation reactions release energy and eventually reach stability. the pessimistic read is the timescale is geological.
Isn't Mars red due to oxygenation of the rocks? Is that ancient oxygenation or is there some quantity of oxygen in Mars atmosphere today? Does the atmospheric CO2 sometimes break down (maybe under sunlight) and release some small quantity of O2 or might there be another source? Might something underground be respirating atmospheric CO2?
The realistic read would then be, we'd be better off just blowing a giant bubble of water in any number of lagrange point and having ourselves a brand new water park to play with, bring dolphins to, etc ...
Terraforming is an exceptionally energetic endeavor. Even if you had the perfect combination of icy asteroids with just the right amount of water, nitrogen, oxigen etc. and the means to hurl them towards Mars, this kinetic event would be so energetic that it would take centuries to millennia before the surface would cool to habitable temperatures. it's not physically possible to do it ex in the span of a human lifetime.
Ar the scale terraforming entails, the crust reactions with the new atmosphere are closer to a rounding error.
All that kinetic energy needs to go somewhere. It's irrelevant if the asteroid burns up in the atmosphere or if trillions of tiny parachutes heat the atmosphere.
I guess you could devise some scheme where kinetic energy is shed or transformed into useful tasks; for example, delivering to Venus an amount of water similar to Earth requires an icy ball half the diameter of the Moon - and the kinetic energy of this mass traveling at 10km/s is about half of the energy required to spin up Venus to a 24h cycle. So some space elevator like contraptions could hypothetically catch the snowballs and lay them on the surface while at the same time spinning up the planet.
But if you have the required clarketech it's unclear why bother with planets instead of creating exponentially larger and better habitats.
Well, oxygen _is_ poison. It's eager to react (sometimes violently) with almost everything. It rusts and oxidates perfect shiny metals and silicon making everything an oxide!
"Poison" can also refer to a substance toxic to other animals. We say that chocolate is poisonous to dogs for instance. And a good fraction of Earth's biosphere was killed off by oxygen poisoning in the first of Earth's great mass extinctions.
Also, the dose makes the poison and excess oxygen actually can poison humans. Deep sea divers have to worry about excess oxygen inducing seizures if they mess up their breathing gasses enough. And even 100% oxygen at regular pressure will slowly damage the lungs, something ICUs have to worry about.
Nick Lane had a great book about oxygen, Oxygen, which maybe isn't as good as his book about mitochondria but is well worth reading.
Terraforming anything looks really expensive. Ask a finance guy to run numbers on terraforming places with gravity too weak to hold onto a useful atmosphere for any length of time*, and give you his opinion.
There was a time (1930 - 1960) when Futurism believed we could do great things. Now I imagine a Moonbase or Mars base, and then it gets bought by Private Equity who cancel the maintenance budget, double the number of tourists, and when it OceanGate Titans with the loss of everyone, they shrug and the courts don't give them so much as a slap on the wrist.
That would never happen to the Starship Enterprise. Even in Total Recall, where the baddies wanted to kill the poor, they cared about the integrity of the base keeping everyone alive.
Maybe I'm not reading the right techno-utopian stuff - but I've never seen a Moon Base or Mars Base proposal which claimed to both have an actual business plan, and to project sustained profits.*
Having no prospect for sustained profits is pretty good for keep PE away.
(OceanGate Titan was a money-losing obsession project, not a viable business.)
*Except maybe the O'Neill Space Colony idea - where the Moon Base is just a Lunar strip mine, plus mass driver to throw the "ore" into orbit. IIR, they used a load of NASA's 1970's "lies we must tell Congress" numbers in calculating their transportation costs. And their whole scenario is about half a century out of date now.
Stars kinda famously fuse elements up to iron as part of normal operations. And even if you exclude that, the entire solar system is leftovers from a previous star - all that is inside our current star too. Sure, much of it isn't at the surface, but there's not much of a reason to expect that literally zero of it randomly floats up among the lighter elements.
That said, "heavy ions and atomic nuclei of elements such as carbon, nitrogen, oxygen, neon, magnesium, silicon, sulfur, and iron" makes up only "trace amounts" of the solar-wind plasma [1].
agree. the real problem isn't that hard caps are "technically impossible" — it's that the incentive to build them is backwards. a hard cap that stops a runaway process costs the cloud provider money. a "budget alert" that fires after the fact costs the customer money.
the 10-minute delay in billing processing is doing a lot of work in that logankilpatrick comment. at $4k/minute burn rates, that's still a $40k exposure window
I am running a three-person team across three timezones has taught me that the hardest part isn't writing code at odd hours, it's the context-switching cost of partial sleep. You don't feel tired, you just feel slightly wrong all day. Decisions that should take 5 minutes take 30.
The mental stability point rings true. When the product direction feels uncertain, sleep gets worse. When sleep gets worse, product decisions get fuzzier. Haven't fully solved this one.
oh woww, is that the same CEO who went on podcasts to praise the Xiaomi SU7 is now explaining why you shouldn't be allowed to buy one? At least he's consistent about knowing a good car when he sees it.
"Worked with the administration so there's essentially no big impact" is a wild way to say your competitors got tariffed out of the market for you.
If the attacker is moving with "surprising velocity," every hour of delay on an email blast is another hour the attacker has to use those potentially stolen secrets against downstream infrastructure. Using Twitter/X as a primary disclosure channel for a "sophisticated" breach is amateur hour. If legal is the bottleneck for a mass email during an active compromise, then your incident response plan is fundamentally broken.
reply