The good news is it generally isn’t necessary to reverse engineer browser behavior when writing a browser. Since it’s mostly fairly standardized, there’s a decent test suite, and the major browsers are all open source.

Though this comes with some caveats:

• There are exceptions like the CSS viewport spec which was reverse engineered from an iphone.
• There are a lot of specifications because browsers have been around for decades and Chromium keeps implementing stuff, and it can be hard to find enough programmers to write all of them / catch up from a fresh start
• This is a somewhat unstable situation; if we lose even a single major browser engine it’s easy to imagine Chrome maybe not bothering with standardization and just telling people to read the blog posts and code.
• Web pages will do nonsense like break themselves if you provide a User-Agent string they don’t like. Mozilla has an ongoing compatibility effort where they sometimes have to override the UA string for specific pages. So less popular browsers are already playing from a disadvantageous position.

This doesn’t directly answer your question but I guess I had a rant in me so I might as well post it. Oops.

It’s possible to write tools that make point changes or incremental changes with targeted algorithms in a well understood problem space that make safe or probably safe changes that get reviewed by humans.

Stuff like turning pointers into smart pointers, reducing string copying, reducing certain classes of runtime crashes, etc. You can do a lot of stuff if you hand-code C++ AST transformations using the clang / llvm tools.

Of course “let’s eliminate 100% of our C code with a chatbot” is… a whole other ballgame and sounds completely infeasible except in the happiest of happy paths.

In my experience even simple LLM changes are wrong somewhere around half the time. Often in disturbingly subtle ways that take an expert to spot. Also in my experience if someone reviews LLM code they also tend to just rubber stamp it. So multiply that across thousands of changes and it’s a recipe for disaster.

And what about third party libraries? Corporate code bases are built on mountains of MIT licensed C and C++ code, but surely they won’t all switch languages. Which means they’ll have a bunch of leaf code in C++ and either need a C++ compatible target language, or have to call all the C++ code via subprocess / C ABI / or cross-language wrappers. The former is fine in theory, but I’m not aware of any suitable languages today. The latter can have a huge impact on performance if too much data needs to be serialized and deserialized across this boundary.

Windows in particular also has decades of baked in behavior that programs depend on. Any change in those assumptions and whoops some of your favorite retro windows games don’t work anymore!

In the worst case they’d end up with a big pile of spaghetti that mostly works as it does today but that introduces some extra bugs, is full of code that no one understands, and is completely impossible to change or maintain.

In the best case they’re mainly using “AI” for marketing purposes, will try to achieve their goals using more or less conventional means, and will ultimately fall short (hopefully not wreaking too much havoc in the progress) and give up halfway and declare the whole thing a glorious success.

Either way ultimately if any kind of large scale rearchitecting that isn’t seen through to the end will cause the codebase to have layers. There’s the shiny new approach (never finished), the horrors that lie just beneath (also never finished), and the horrors that lie just beneath the horrors (probably written circa 2003). Any new employees start by being told about the shiny new parts. The company will keep a dwindling cohort of people in some dusty corner of the company who have been around long enough to know how the decades of failed code architecture attempts are duct-taped together.

Yep! These are the sorts of cursed horrors I come to awful systems for! Even if that video should have been 15 minutes at most.

The misgendering / anti-woke nonsense seemed to be a huge elephant in the room in the video so I’m a little disappointed that Karl Jobst didn’t address it or defend her or share her perspective*. Like it is incredible that someone can spend 1.5 hours talking about a obviously anti-trans harassment campaign fueled by a bunch of gamergate types and then not bring up the topic once.

It’s almost as if he’s giving space to the idea that maybe all the transphobic losers just coincidentally took issue with her decently good aiming and her gender was a completely unrelated. But Karl is terrified of forming or expressing any sort of subjective opinion so I’m not too surprised.

* The best of which is this quote:

noticing that so many people with backgrounds in professional play are defending me, and a lot of 50 year old dads think im cheating

Popular RPG Expedition 33 got disqualified from the Indie Game Awards due to using Generative AI in development.

Statement on the second tab here: https://www.indiegameawards.gg/faq

When it was submitted for consideration, representatives of Sandfall Interactive agreed that no gen AI was used in the development of Clair Obscur: Expedition 33. In light of Sandfall Interactive confirming the use of gen AI art in production on the day of the Indie Game Awards 2025 premiere, this does disqualify Clair Obscur: Expedition 33 from its nomination.

ModRetro, retro gaming company infamous for being helmed by terrible person Palmer Luckey, has put out a version of their handheld made with “the same magnesium aluminum alloy as Anduril’s attack drones” (bluesky commentary, the linked news article is basically an ad and way too forgiving).

So uhh… they’re not beating those guilt by association accusations any time soon.

I don’t love the title but it’s the best I could come up with to fit within the 80 character limit.

A half dozen people might still be reading hackernews on punchcards so they ha-

ve no choice but to argue about how to shorten “long” titles every day.

Lol talk about mixed messages.

Mozilla’s CEO yesterday:

[Firefox] will evolve into a modern AI browser

Firefox’s social media account today:

Firefox is not becoming an AI browser.

It’s most obvious on the cat which is all around nightmare material.

The image also comes with alt text:

a bizarre collection of ai-generated illustrations including a sign that reads wood of of year and a chyron that reads breaking news

It certainly comes across a little different when said by someone who thinks cisgender is a slur and that changing one’s sex is some sort of great moral evil.

Turning into a butterfly is a cool sci-fi future but those trans people are a bridge too far.

Also like it’s just hard to listen to, being drug hazed ramblings-- I want some actually fun sci-fi speeches!

This is old news but I just stumbled across this fawning 2020 Elon Musk interview / award ceremony on the social medias and had to share it: https://www.youtube.com/live/AF2HXId2Xhg?t=2109

In it Musk claims synthetic mRNA (and/or DNA) will be able to do anything and it is like a computer program, and that stopping aging probably wouldn’t be too crazy. And that you could turn someone into a freakin’ butterfly if you want to with the right DNA sequence.

It’s very meta for Yud to write a story all about how the story isn’t all about himself.

I was vaguely aware of the calibre vulnerabilities but this is the first I’ve actually read the thread and it’s wild.

There were like 11 or so Proof of Concept exploits over the course of that bug? And he was just kicking and screaming the whole time about how fine his mount-stuff-anywhere-as-root (!!?) code was.

I’m always fascinated when people are so close to getting something-- like in that first paragraph you quoted. In any normal software project you could just put that paragraph as the bug report and the owners would take is seriously rather than use it as an excuse for why their software has to be insecure.

It’s even way too long a read and full of footnotes, as is tradition!

Heck it’s even long enough that I just came across the second flashcard break, and I’m 1/4th of the way through part 1…

Dang that judge was angry.

Here’s docket #170: https://storage.courtlistener.com/recap/gov.uscourts.mied.384571/gov.uscourts.mied.384571.170.0.pdf – the complaining about not being allowed to use AI is on page 14 and 16 (it’s pretty awful reading I almost gave up before reaching that point)

a pro se litigant should not be threatened with per-citation fines before any violation.

lmao

The documentation for “Turbo mode” for Google Antigravity:

Turbo: Always auto-execute terminal commands (except those in a configurable Deny list)

No warning. No paragraph telling the user why it might be a good idea. No discussion on the long history of malformed scripts leading to data loss. No discussion on the risk for injection attacks. It’s not even named similarly to dangerous modes in other software (like “force” or “yolo” or “danger”)

Just a cool marketing name that makes users want to turn it on. Heck if I’m using some software and I see any button called “turbo” I’m pressing that.

It’s hard not to give the user a hard time when they write:

Bro, I didn’t know I needed a seatbelt for AI.

But really they’re up against a big corporation that wants to make LLMs seem amazing and safe and autonomous. One hand feeds the user the message that LLMs will do all their work for them. While the other hand tells the user “well in our small print somewhere we used the phrase ‘Gemini can make mistakes’ so why did you enable turbo mode??”

deleted by creator

deleted by creator

Virus Alert! Hi, I am an AI generated virus but because of poor technology in my training data unfortunately I am not able to harm your computer. Please be so kind to delete one of your important files yourself and then forward me to other users. Many thanks for your cooperation! Best regards, AI virus. [Yes] [No] [Cancel]

As a C++ programmer some Rust people can come on a little strong, as if I’ve never thought about the importance of memory safety before and don’t know how to write secure code (well excuse me for building on top of decades of libraries that no one thought to write in rust in the '80s).

But that’s normal programmer flame war stuff. Rust people tend to be young and enthusiastic about security which is all good.