DP
@dprudente.bsky.social
Building a compliance tool with sveltekit 🧡 → coming Q1 2026
sec + compliance insights |
occasional movie/gadget ramblings
sec + compliance insights |
occasional movie/gadget ramblings
Reposted by DP
#Design #Analyses
AI detection tools? · “They cannot prove that text is AI-generated.” ilo.im/168xou by Sean Goedecke
_____
#Business #Humans #Machines #AI #Detection #Text #Content #ProductDesign #UiDesign #WebDesign
AI detection tools? · “They cannot prove that text is AI-generated.” ilo.im/168xou by Sean Goedecke
_____
#Business #Humans #Machines #AI #Detection #Text #Content #ProductDesign #UiDesign #WebDesign
AI detection tools cannot prove that text is AI-generated
--
ilo.im
December 13, 2025 at 6:15 PM
#Design #Analyses
AI detection tools? · “They cannot prove that text is AI-generated.” ilo.im/168xou by Sean Goedecke
_____
#Business #Humans #Machines #AI #Detection #Text #Content #ProductDesign #UiDesign #WebDesign
AI detection tools? · “They cannot prove that text is AI-generated.” ilo.im/168xou by Sean Goedecke
_____
#Business #Humans #Machines #AI #Detection #Text #Content #ProductDesign #UiDesign #WebDesign
Started using @raycast.com on Windows and I'm just loving it! Very first time for me and being able to make many things faster.
December 13, 2025 at 12:32 PM
Started using @raycast.com on Windows and I'm just loving it! Very first time for me and being able to make many things faster.
Reposted by DP
A security researcher tried to alert Home Depot to the security lapse exposing its backend GitHub source code repos and other internal cloud systems, but was ignored.
Exclusive: Home Depot exposed access to internal systems for a year, says researcher
A security researcher tried to alert Home Depot to the security lapse exposing its backend GitHub source code repos and other internal cloud systems, but was ignored.
techcrunch.com
December 12, 2025 at 4:48 PM
A security researcher tried to alert Home Depot to the security lapse exposing its backend GitHub source code repos and other internal cloud systems, but was ignored.
Reposted by DP
#Design #Approaches
Measuring the impact of features · Meet a simple, repeatable, meaningful UX metric ilo.im/168zw1 by Vitaly Friedman
_____
#Business #Metrics #Features #Conversion #TARS #ProductDesign #UxDesign #UiDesign #WebDesign
Measuring the impact of features · Meet a simple, repeatable, meaningful UX metric ilo.im/168zw1 by Vitaly Friedman
_____
#Business #Metrics #Features #Conversion #TARS #ProductDesign #UxDesign #UiDesign #WebDesign
How To Measure The Impact Of Features - Smart Interface Design Patterns
Meet TARS — a simple, repeatable, meaningful UX metric, designed specifically to track the performance of product features.
ilo.im
December 11, 2025 at 8:24 PM
#Design #Approaches
Measuring the impact of features · Meet a simple, repeatable, meaningful UX metric ilo.im/168zw1 by Vitaly Friedman
_____
#Business #Metrics #Features #Conversion #TARS #ProductDesign #UxDesign #UiDesign #WebDesign
Measuring the impact of features · Meet a simple, repeatable, meaningful UX metric ilo.im/168zw1 by Vitaly Friedman
_____
#Business #Metrics #Features #Conversion #TARS #ProductDesign #UxDesign #UiDesign #WebDesign
Reposted by DP
🚨 Action required: 2 additional newly disclosed vulnerabilities affect multiple versions of React, Next.js, & other RSC-based frameworks.
As w/ last week's disclosure, Netlify has been working w/ the @react.dev & @nextjs.org teams to deploy network-level mitigations against these vulnerabilities. 🧵
As w/ last week's disclosure, Netlify has been working w/ the @react.dev & @nextjs.org teams to deploy network-level mitigations against these vulnerabilities. 🧵
December 11, 2025 at 9:21 PM
🚨 Action required: 2 additional newly disclosed vulnerabilities affect multiple versions of React, Next.js, & other RSC-based frameworks.
As w/ last week's disclosure, Netlify has been working w/ the @react.dev & @nextjs.org teams to deploy network-level mitigations against these vulnerabilities. 🧵
As w/ last week's disclosure, Netlify has been working w/ the @react.dev & @nextjs.org teams to deploy network-level mitigations against these vulnerabilities. 🧵
A new vulnerability class called `IDEsaster` can turn standard IDE features into attack vectors, and 100% of the tested AI coding assistants were vulnerable.
you can check it at maccarita.com/posts/idesas... , written by Arik Marzouk.
you can check it at maccarita.com/posts/idesas... , written by Arik Marzouk.
IDEsaster: A Novel Vulnerability Class in AI IDEs
Don’t want to miss my next post? Follow me on X or connect on LinkedIn Summary We all know AI reshaped how we build software. Autocomplete evolved into AI agents that can autonomously act on behalf of...
maccarita.com
December 11, 2025 at 10:46 AM
A new vulnerability class called `IDEsaster` can turn standard IDE features into attack vectors, and 100% of the tested AI coding assistants were vulnerable.
you can check it at maccarita.com/posts/idesas... , written by Arik Marzouk.
you can check it at maccarita.com/posts/idesas... , written by Arik Marzouk.
Reposted by DP
The massive data breach at the South Korean retail giant Coupang affects more than half of the country's population.
CEO of South Korean retail giant Coupang resigns after massive data breach | TechCrunch
The massive data breach at the South Korean retail giant Coupang affects more than half of the country's population.
techcrunch.com
December 10, 2025 at 9:11 PM
The massive data breach at the South Korean retail giant Coupang affects more than half of the country's population.
Reposted by DP
Anthropic, Block, and OpenAI are backing the Linux Foundation’s new Agentic AI Foundation, donating MCP, Goose, and AGENTS.md to standardize AI agents, boost interoperability, and curb proprietary fragmentation.
OpenAI, Anthropic and Block join new Linux Foundation effort to standardize the AI agent era | TechCrunch
Anthropic, Block, and OpenAI are backing the Linux Foundation’s new Agentic AI Foundation, donating MCP, Goose, and AGENTS.md to standardize AI agents, boost interoperability, and curb proprietary fragmentation.
techcrunch.com
December 9, 2025 at 5:31 PM
Anthropic, Block, and OpenAI are backing the Linux Foundation’s new Agentic AI Foundation, donating MCP, Goose, and AGENTS.md to standardize AI agents, boost interoperability, and curb proprietary fragmentation.
Reposted by DP
Think twice before downloading! 🚨 Unknown browser extensions, freeware, or pirated content can hide malware that steals your data or hijacks your system. Stick to trusted app stores & official vendor websites. When in doubt, don't download it!
December 9, 2025 at 3:54 PM
Think twice before downloading! 🚨 Unknown browser extensions, freeware, or pirated content can hide malware that steals your data or hijacks your system. Stick to trusted app stores & official vendor websites. When in doubt, don't download it!
Reposted by DP
#Design #Misconceptions
Common misconceptions about disability · Understanding disability means understanding real people ilo.im/168vsa by Felicity Miners-Jones
_____
#Inclusion #Disability #Accessibility #ProductDesign #UxDesign #UiDesign #WebDesign #Development #WebDev #Frontend
Common misconceptions about disability · Understanding disability means understanding real people ilo.im/168vsa by Felicity Miners-Jones
_____
#Inclusion #Disability #Accessibility #ProductDesign #UxDesign #UiDesign #WebDesign #Development #WebDev #Frontend
Common misconceptions about disability - TetraLogical
Disability is often misunderstood or misrepresented online and in mainstream media. In this post, we look at some common misconceptions surrounding disability.
ilo.im
December 9, 2025 at 12:02 PM
#Design #Misconceptions
Common misconceptions about disability · Understanding disability means understanding real people ilo.im/168vsa by Felicity Miners-Jones
_____
#Inclusion #Disability #Accessibility #ProductDesign #UxDesign #UiDesign #WebDesign #Development #WebDev #Frontend
Common misconceptions about disability · Understanding disability means understanding real people ilo.im/168vsa by Felicity Miners-Jones
_____
#Inclusion #Disability #Accessibility #ProductDesign #UxDesign #UiDesign #WebDesign #Development #WebDev #Frontend
Reposted by DP
We tested one of the most common prompting techniques: giving the AI a persona to make it more accurate
We found that telling the AI "you are a great physicist" doesn't make it significantly more accurate at answering physics questions, nor does "you are a lawyer" make it worse.
We found that telling the AI "you are a great physicist" doesn't make it significantly more accurate at answering physics questions, nor does "you are a lawyer" make it worse.
December 8, 2025 at 6:32 PM
We tested one of the most common prompting techniques: giving the AI a persona to make it more accurate
We found that telling the AI "you are a great physicist" doesn't make it significantly more accurate at answering physics questions, nor does "you are a lawyer" make it worse.
We found that telling the AI "you are a great physicist" doesn't make it significantly more accurate at answering physics questions, nor does "you are a lawyer" make it worse.
Reposted by DP
Introducing Web Vitals Performance Issues 🌐
a new type of perf issue that's triggered when the highest traffic pages of your app are showing poor vitals metrics for an extended period of time
a new type of perf issue that's triggered when the highest traffic pages of your app are showing poor vitals metrics for an extended period of time
December 8, 2025 at 7:30 PM
Introducing Web Vitals Performance Issues 🌐
a new type of perf issue that's triggered when the highest traffic pages of your app are showing poor vitals metrics for an extended period of time
a new type of perf issue that's triggered when the highest traffic pages of your app are showing poor vitals metrics for an extended period of time
Reposted by DP
AI created visual ads got 20% more clicks than ads created by human experts as part of their jobs... unless people knew the ads are AI-created, which lowers click-throughs to 31% less than human-made ads.
Importantly, the AI ads were selected by human experts from many AI options.
Importantly, the AI ads were selected by human experts from many AI options.
December 6, 2025 at 5:53 PM
AI created visual ads got 20% more clicks than ads created by human experts as part of their jobs... unless people knew the ads are AI-created, which lowers click-throughs to 31% less than human-made ads.
Importantly, the AI ads were selected by human experts from many AI options.
Importantly, the AI ads were selected by human experts from many AI options.
Reposted by DP
#CSS `@custom-media` feature flags
create your own true or false media queries
nerdy.dev/custom-media...
create your own true or false media queries
nerdy.dev/custom-media...
Custom Media Feature Flags · December 6, 2025
Use true or false queries
nerdy.dev
December 6, 2025 at 5:17 AM
#CSS `@custom-media` feature flags
create your own true or false media queries
nerdy.dev/custom-media...
create your own true or false media queries
nerdy.dev/custom-media...
Reposted by DP
A critical vulnerability was recently disclosed in React Server Components (RSC), impacting multiple versions of React, Next.js and other RSC-based frameworks.
This flaw could allow malicious actors to execute arbitrary code within an affected application. 🧵
This flaw could allow malicious actors to execute arbitrary code within an affected application. 🧵
December 3, 2025 at 3:57 PM
A critical vulnerability was recently disclosed in React Server Components (RSC), impacting multiple versions of React, Next.js and other RSC-based frameworks.
This flaw could allow malicious actors to execute arbitrary code within an affected application. 🧵
This flaw could allow malicious actors to execute arbitrary code within an affected application. 🧵
Reposted by DP
#Development #Announcements
Bun has been acquired by Anthropic · The JavaScript runtime will further accelerate Claude Code ilo.im/168uxh by Jarred Sumner
_____
#Anthropic #Claude #AI #JavaScript #Runtime #Bun #NodeJS #WebDev #Frontend #Backend
Bun has been acquired by Anthropic · The JavaScript runtime will further accelerate Claude Code ilo.im/168uxh by Jarred Sumner
_____
#Anthropic #Claude #AI #JavaScript #Runtime #Bun #NodeJS #WebDev #Frontend #Backend
Bun is joining Anthropic
Bun has been acquired by Anthropic. Anthropic is betting on Bun as the infrastructure powering Claude Code, Claude Agent SDK, and future AI coding products & tools.
ilo.im
December 2, 2025 at 9:16 PM
#Development #Announcements
Bun has been acquired by Anthropic · The JavaScript runtime will further accelerate Claude Code ilo.im/168uxh by Jarred Sumner
_____
#Anthropic #Claude #AI #JavaScript #Runtime #Bun #NodeJS #WebDev #Frontend #Backend
Bun has been acquired by Anthropic · The JavaScript runtime will further accelerate Claude Code ilo.im/168uxh by Jarred Sumner
_____
#Anthropic #Claude #AI #JavaScript #Runtime #Bun #NodeJS #WebDev #Frontend #Backend
Reposted by DP
Mistral unveils its Mistral 3 lineup, including a frontier model and efficient small models designed for offline, customizable enterprise use—aiming to prove small, fine-tuned AI can beat closed-source giants.
Mistral closes in on Big AI rivals with new open-weight frontier and small models | TechCrunch
Mistral unveils its Mistral 3 lineup, including a frontier model and efficient small models designed for offline, customizable enterprise use—aiming to prove small, fine-tuned AI can beat closed-source giants.
techcrunch.com
December 2, 2025 at 3:40 PM
Mistral unveils its Mistral 3 lineup, including a frontier model and efficient small models designed for offline, customizable enterprise use—aiming to prove small, fine-tuned AI can beat closed-source giants.
Reposted by DP
The Svelte CLI is a god-send... I've created so many projects for small reproductions and experiments, and it's just flawless.
And the new --from-playground key is even cooler to go from POC to actual project in a flash 🧡
advent.sveltesociety.dev/2025/2
And the new --from-playground key is even cooler to go from POC to actual project in a flash 🧡
advent.sveltesociety.dev/2025/2
Advent of SvelteDay 2: The Svelte CLI - Advent of Svelte 2025
advent.sveltesociety.dev
December 2, 2025 at 2:24 PM
The Svelte CLI is a god-send... I've created so many projects for small reproductions and experiments, and it's just flawless.
And the new --from-playground key is even cooler to go from POC to actual project in a flash 🧡
advent.sveltesociety.dev/2025/2
And the new --from-playground key is even cooler to go from POC to actual project in a flash 🧡
advent.sveltesociety.dev/2025/2
Reposted by DP
#Business #Proposals
The internet needs an AI off switch · “People want the human internet back.” ilo.im/168qo6 by Allan MacDonald
_____
#Business #Humans #Machines #AI #Slop #Content #Design #ProductDesign #UxDesign #WebDesign
The internet needs an AI off switch · “People want the human internet back.” ilo.im/168qo6 by Allan MacDonald
_____
#Business #Humans #Machines #AI #Slop #Content #Design #ProductDesign #UxDesign #WebDesign
ilo.im
November 27, 2025 at 6:30 PM
#Business #Proposals
The internet needs an AI off switch · “People want the human internet back.” ilo.im/168qo6 by Allan MacDonald
_____
#Business #Humans #Machines #AI #Slop #Content #Design #ProductDesign #UxDesign #WebDesign
The internet needs an AI off switch · “People want the human internet back.” ilo.im/168qo6 by Allan MacDonald
_____
#Business #Humans #Machines #AI #Slop #Content #Design #ProductDesign #UxDesign #WebDesign
Reposted by DP
What are code security basics us devs should know about? I turned to Johannes Dahse, a security expert for 20+ years, for his thoughts and tactics
Watch or listen:
• YouTube: www.youtube.com/watch?v=urVf...
• Spotify: open.spotify.com/episode/5cOk...
• Apple: podcasts.apple.com/us/podcast/c...
Watch or listen:
• YouTube: www.youtube.com/watch?v=urVf...
• Spotify: open.spotify.com/episode/5cOk...
• Apple: podcasts.apple.com/us/podcast/c...
November 26, 2025 at 5:32 PM
What are code security basics us devs should know about? I turned to Johannes Dahse, a security expert for 20+ years, for his thoughts and tactics
Watch or listen:
• YouTube: www.youtube.com/watch?v=urVf...
• Spotify: open.spotify.com/episode/5cOk...
• Apple: podcasts.apple.com/us/podcast/c...
Watch or listen:
• YouTube: www.youtube.com/watch?v=urVf...
• Spotify: open.spotify.com/episode/5cOk...
• Apple: podcasts.apple.com/us/podcast/c...
Reposted by DP
Something is moving regarding svelte custom renderers...help us bring this to the finish line! 🧡
Thanks to SuppCo for supporting our Svelte Custom Renderers initiative 🙌
When ready, this API will allow devs to use Svelte to build Native Apps, Terminal, or anything they want. If your company wants to help make custom renderers a reality, make sure to reach out!
svelte-custom-renderers.com
When ready, this API will allow devs to use Svelte to build Native Apps, Terminal, or anything they want. If your company wants to help make custom renderers a reality, make sure to reach out!
svelte-custom-renderers.com
Custom Renderers for Svelte, a Mainmatter Initiative
Help us enable cross-platform UI development with Svelte for endless possibilities.
svelte-custom-renderers.com
November 26, 2025 at 2:02 PM
Something is moving regarding svelte custom renderers...help us bring this to the finish line! 🧡
Reposted by DP
#Development #Milestones
WebGPU now runs in major browsers · ”The future of high-performance web apps is now!” ilo.im/168oza by François Beaufort
_____
#Interoperability #Browsers #WebGPU #JavaScript #API #WebPerf #WebDev #Frontend
WebGPU now runs in major browsers · ”The future of high-performance web apps is now!” ilo.im/168oza by François Beaufort
_____
#Interoperability #Browsers #WebGPU #JavaScript #API #WebPerf #WebDev #Frontend
WebGPU is now supported in major browsers | Blog | web.dev
Read about the biggest web graphics launch since WebGL. WebGPU is supported across major browsers, bringing unparalleled performance to the web.
ilo.im
November 25, 2025 at 11:18 PM
#Development #Milestones
WebGPU now runs in major browsers · ”The future of high-performance web apps is now!” ilo.im/168oza by François Beaufort
_____
#Interoperability #Browsers #WebGPU #JavaScript #API #WebPerf #WebDev #Frontend
WebGPU now runs in major browsers · ”The future of high-performance web apps is now!” ilo.im/168oza by François Beaufort
_____
#Interoperability #Browsers #WebGPU #JavaScript #API #WebPerf #WebDev #Frontend
Reposted by DP
The best approach I know of for reducing the risk here is to make sure that any credentials that are visible to coding agents - like AWS keys - are tied to non-production accounts with strict spending limits
That way if the credentials are stolen the blast radius is limited
That way if the credentials are stolen the blast radius is limited
November 25, 2025 at 9:00 PM
The best approach I know of for reducing the risk here is to make sure that any credentials that are visible to coding agents - like AWS keys - are tied to non-production accounts with strict spending limits
That way if the credentials are stolen the blast radius is limited
That way if the credentials are stolen the blast radius is limited
Reposted by DP
Ilya!!!!
www.dwarkesh.com/p/ilya-sutsk...
www.dwarkesh.com/p/ilya-sutsk...
Ilya Sutskever – We're moving from the age of scaling to the age of research
“These models somehow just generalize dramatically worse than people. It's a very fundamental thing.”
www.dwarkesh.com
November 25, 2025 at 6:07 PM
Ilya!!!!
www.dwarkesh.com/p/ilya-sutsk...
www.dwarkesh.com/p/ilya-sutsk...
Reposted by DP
A historic first today as Opus 4.5 scores 100% on SvelteBench - the first model to do so. We're hard at work on the next version of SvelteBench that will use an agentic approach, if you have feedback, submit it here: github.com/khromov/svel... #svelte #ai
November 25, 2025 at 9:45 AM
A historic first today as Opus 4.5 scores 100% on SvelteBench - the first model to do so. We're hard at work on the next version of SvelteBench that will use an agentic approach, if you have feedback, submit it here: github.com/khromov/svel... #svelte #ai