It doesn't for me at all. If I go to the URL I provided in the OP, the Google server responds with a 301 status code and Location header. Both when logged into a Google account and without logging in. Strange that it behaves in a different way (?) for you.
It will probably filter the URL through Google Safe Browsing, but that doesn't help much for phishing as they mostly use new or reputable domains, and browsers check that list on default settings anyway.
"Shopify CEO doesn't understand how to install a DICOM viewer application which is widely available and open source for any platform [1], so decides to let Claude Code plagiarize one / use widely available open source DICOM libraries."
The plagiarism of open source accusation is interesting. If you didn't know you are using open source code, is it plagiarism not to acknowledge it? What if you have enough knowledge of how LLMs work that you should have known? Does it help any to include an acknowledgement that you probably used some open source code but don't know which?
I'd parse it the same way as for natural intelligence. If I ask Bob how to do it, and he tells me from what he learned from open source, neither of us are plagiarizing open source.
Claude Code mostly copies and amalgamates codes from others, without attribution. But you could argue that's very similar to what humans do.
In this case it's very likely that Claude Code used some library to parse DICOM (and not outright reproducing it), while the Shopify CEO passed it off as something very innovative or difficult. But that isn't plagiarism either.
It was more of a figure of speech to emphasize that nobody (and no tool) did the actual work here, and the party that did the work did not get any credit.
Perhaps we could call it paraplagiarism.
> I'd parse it the same way as for natural intelligence. If I ask Bob how to do it
Not to detract from your point, but Claude Code is a very much a tool, not another person with their own responsibilities. "natural intelligence" and "artificial intelligence" are not simply interchangeable here.
Are you passing off work you didn't do as your own? If so, it's plagiarism. Doesn't matter exactly where the work came from or how it was laundered, since you know you didn't do it. Simple as that.
Tobi Lutke very explicitly did not pass off the work as his own. He attributed it to Claude. Does the fact that he didn't know about and include all of Claude's sources make it plagiarism? Would he have had the same obligation if he learned it from Bob?
> Tobi Lutke very explicitly did not pass off the work as his own. He attributed it to Claude. Does the fact that he didn't know about and include all of Claude's sources make it plagiarism?
Yes. The OP wrote:
>>>> so decides to let Claude Code plagiarize one
Read it carefully: Claude Code is the actor that's doing the plagiarizing.
What Tobias Lutke is doing is gushing about plagiarism like it's original work.
It's like if I gave you a copy of To Kill a Mockingbird, but with my name as the author, and you then went around telling everyone how impressive of a writer I am.
Note the "general line". You know, bombing boats in international waters, abducting awful dictators and "running" the country sidelining the opposition, threatening to take over an autonomous territory of Denmark, meddling with German and British politics and generally behaving very much like fascists and a wannabe dictator.
The Italian 'piracy shield' is indeed reprehensible, but the tweet is very far out there as well. For all I care Cloudflare blocks the entirety of Europe for a week or so in protest, but aligning yourself with the bunch of fascists now in charge of the US government and prefacing that with "while there are things I would handle differently than the current U.S. administration" is pretty insane as Cloudflare will be at the complete mercy of their lawlessness, if not now, then in the future.
I'm on the opposite side: I paid extra for a PS5 with disc drive, but I have never since bought a disc game. Although I have used the drive this year to watch some old DVDs.
It doesn't fit into the list as a revolution (or even 'evolution') as it's just a high-density, compact and cheap battery [1] that turns out to be quite unsafe [2].
> Looking at it now, German TFR has been well below replacement for nearly 60 years, so I suppose it makes sense.
That's really dumb. It's not that hard to look up population statistics [1]. Without having to say anything on the validity of your last paragraph (I'd have to apply Hanlon's razor before I would be able to argue in good faith), it really has nothing to do with your random tourist observation. There are very much 'white' children (which you probably meant to say, but didn't for some reason) running around in Nuremberg (not "Nuremburg").
I think the suggestion of pinning the public key and keeping the same private key across certs is the best option. But if you don't want that, perhaps this is a (high complexity, high fragility) alternative:
- Make sure your app checks that enough trusted embedded Signed Certificate Timestamps are present in the certificate (web browsers and the iOS and Android frameworks already do this by default).
- Disallow your app to trust certificates that are more recently requested than N hours. This might be hard to do.
- Set up monitoring to the certificate transparency logs to verify that no bad actor has obtained a certificate (and make sure you are always able to revoke them within N hours).
- Make sure you always have fresh keys with certificates in cold storage older than N hours, because you can't immediately use newly obtained certificates
It will probably filter the URL through Google Safe Browsing, but that doesn't help much for phishing as they mostly use new or reputable domains, and browsers check that list on default settings anyway.
reply