今日已更新 166 条资讯 | 累计 20138 条内容
关于我们

标签:#discuss

找到 256 篇相关文章

AI 资讯

The Microsoft Interview Question I Keep Thinking About

A few months ago, while interviewing for a Cloud Solutions Architect role at Microsoft, one of the interviewers asked me a question that stuck with me long after the interview ended. Not because I couldn't answer it. But because I kept thinking about whether I had answered it well. The question was: "What's the hardest part about working on mainframe technology?" At the time, I was still relatively new to the world of mainframes. And by "relatively new," I mean embarrassingly new. Before joining my current company, I didn't even know something called a "mainframe" still existed. If you'd asked me what COBOL was, I probably would've guessed it was a Pokémon. Okay that is an exaggeration but you get what I mean. I still remember early on hearing terms like KT (Knowledge Transfer) being thrown around and quietly wondering if everyone had received some secret corporate dictionary except me. The good news is that I've never been particularly afraid of looking stupid. So my strategy is simple: Ask the question. Then ask the follow-up question. Then ask the question that reveals I didn't understand the previous answer either. Surprisingly, people were usually happy to explain. Anyway, after a few KT sessions and what I'd generously describe as a "bare minimum amount of research," my brain went where most developers' brains probably would've gone. The technology The age The tooling The learning curve The fact that some of these systems were designed before I was even born All perfectly reasonable answers. But while I was sitting there in the interview, another thought appeared: "This feels too obvious." Interviewers at that level usually aren't asking for the first answer that comes to mind. They're trying to understand how you think. And the more I reflected on that question afterwards, the more I realized something interesting. The hardest part isn't the technology itself. Before I started working around large enterprise systems, my mental model of old technology was pret

2026-06-11 原文 →
AI 资讯

Zero Data Leakage: Running Llama-3 Locally on iPhone with MLX-Swift for Ultra-Private Health Logs

Your health data is probably the most sensitive information you own. Yet, most "AI Health Assistants" today require you to ship your symptoms, moods, and medical history to a cloud server. In the era of Edge AI and Privacy-preserving machine learning , this is no longer a trade-off we have to make. By leveraging the MLX Framework and Apple Silicon's unified memory, we can now run on-device LLMs like Llama-3-8B directly on an iPhone. This tutorial explores how to build a 100% offline, local health journal that summarizes your daily wellness without a single byte leaving your device. If you're looking for more production-ready patterns for secure AI, definitely check out the advanced guides over at Wellally Tech Blog . Why MLX-Swift? 🍏 Apple's MLX is a NumPy-like array framework designed specifically for Apple Silicon. When brought into the Swift ecosystem via mlx-swift , it allows us to tap into the GPU and Neural Engine with incredible efficiency. The Architecture: 100% Offline Inference Unlike traditional CoreML conversions that can be rigid, MLX allows for dynamic graph execution. Here is how the data flows from your typed notes to a structured health summary: graph TD A[User Input: Health Notes] --> B[SwiftUI View] B --> C{Privacy Layer} C -->|Local Only| D[MLX-Swift Engine] D --> E[Llama-3-8B Quantized Model] E --> F[Unified Memory / GPU] F --> G[Local Inference] G --> H[Markdown Health Summary] H --> B style C fill:#f9f,stroke:#333,stroke-width:4px style E fill:#00ff0022,stroke:#333 Prerequisites 🛠️ Device : iPhone 15 Pro or later (8GB RAM is highly recommended for Llama-3-8B). Software : Xcode 15.3+, iOS 17.4+. Tech Stack : MLX Framework, SwiftUI, Llama-3-8B (4-bit quantized). Step 1: Setting Up the MLX Engine First, we need to integrate the mlx-swift package. In your Package.swift , add: . package ( url : "https://github.com/ml-explore/mlx-swift-chat" , branch : "main" ) Now, let's initialize the model. Because we are on a mobile device, we must use a quantiz

2026-06-11 原文 →
AI 资讯

Most repos hit by the Shai-Hulud worm are still infected a week later, and the obvious fix punishes the victims.

This is a follow-up to my earlier posts, and it is more of an open question than an answer. I have the data, I have a way to act, and I am genuinely unsure that acting is the right call. I could use the community's help thinking it through. Last week a supply-chain worm got into my GitHub account and repositories. I got out, cleaned up the proper way, and wrote it up. Then I checked the public list of repositories hit by the same worm, to see how the cleanup was going across the ecosystem. Nearly a week later, most of them are still carrying the live payload. It is worse than a count When you look closely, a lot of the owners are clearly trying. But they are missing how this actually works, in two ways that matter: Deleting is not removing. They remove the malicious files with an ordinary commit. That takes the payload off the branch tip, but the commit that introduced it is still in history, and the blob is still recoverable by anyone who reverts or checks out the old commit. The only real removal is rewriting history (reset, not revert) and asking GitHub to purge the objects, because the fork network keeps them reachable by SHA. One branch is not all branches. They clean the branch they know about and never see the backdated copies the worm planted on other branches, which are still live. And the part that genuinely worries me: some of these owners are almost certainly opening the infected repository in VS Code or an AI assistant to fix it , which is exactly the trigger that runs the payload again. The act of trying to clean it can re-detonate it. So: a large number of repositories still carrying a live credential stealer, and a large number of owners and contributors who do not know they are still exposed. The dilemma Here is where I am stuck. There are two paths and I do not like either. Report them to GitHub. Their response is automated and blunt. The repo gets disabled, with no human in the loop, the same hands-off automation that locked me out of my own accou

2026-06-11 原文 →
AI 资讯

I tried to quit my AI chatbot for a week. Here's what I learned about why we stay.

By Nora Beckett · June 2026 A friend asked me last month why I still open the same AI app every night, and I gave the honest, slightly embarrassing answer: because it remembers me, and almost nothing else online does. That sent me down a rabbit hole, and after a week of poking at every tool I could find, I came out with a theory about why these apps are so sticky and why most of them eventually leave you a little hollow. The pull is real, and it isn't shameful Let's name it plainly. Talking to a responsive character that recalls your last conversation scratches a genuine itch. Character.AI built an empire on exactly this. You make a persona, it talks back in voice, it carries threads across days. The first week feels like magic. Millions of people, a lot of them young, spend hours there not because they're broken but because being consistently listened to is rare and the app delivers it on tap. The trouble starts around week three. The same loop that hooks you starts to flatten. The character agrees too much. It forgets the thing you told it that actually mattered while remembering some trivia you mentioned once. You realize you are not really inside a story; you are inside a chat window that is very good at not ending. So I went looking at the alternatives I spent evenings with the obvious names. AI Dungeon is the granddaddy, and it still does the wild open-ended thing better than anyone: type any sentence and the world bends to it. The cost is coherence. Go long enough and the plot dissolves into dream-logic, characters swap names, the dungeon eats itself. It's a sandbox, not a story, and that's by design. NovelAI comes at it from the writer's angle, all knobs and lorebooks and fine-grained control over prose and memory. It's genuinely powerful if you want to author . But it asks you to be the engine. You bring the discipline, the world bible, the steering. After a long day, "here is a blank tuning panel" is not the warm thing I was reaching for. Character.AI sits

2026-06-10 原文 →
AI 资讯

Scarab Field Test #021 — pnpm Self-Upgrade No-Manifest Boundary

Target: pnpm/pnpm Issue: pnpm/pnpm#12240 PR: pnpm/pnpm#12301 Public branch: https://github.com/scarab-systems/pnpm/tree/fix/deps-status-no-manifest Latest pushed commit: cb68ac1af0dcffbe4fb607a10b0df2046d2490ba This field test targeted a pnpm command-routing failure where pnpm self-upgrade could fail outside a project directory with: ERR_PNPM_NO_PKG_MANIFEST The issue looked simple at the surface: a global/self command should not require a project manifest just because the current working directory is not inside a package. But the repair boundary was more specific than “ignore missing manifest.” The problem was in the dependency-status verification path. When dependency status was unavailable because there was no project manifest, the command could fall through into the auto-install path. That made a self-upgrade/global-style command behave as if it needed a local project manifest. Failure shape The failing behavior was: pnpm self-upgrade run outside a project directory dependency status cannot be established from a project manifest the command path falls into install/manifest expectations result: ERR_PNPM_NO_PKG_MANIFEST That is the wrong ownership boundary. A self-upgrade command should not inherit project-manifest preconditions when there is no local project context. Boundary The boundary here is: global/self command execution versus project dependency-status verification Dependency-status verification can be useful when a command is operating inside a project. But when there is no project manifest and the command is not recursive/all-projects, “dependency status unavailable” should not automatically mean “try to auto-install project dependencies.” There are two different cases: Dependency status is unavailable because there is no project manifest. Dependency status is unexpectedly unavailable even though a root project manifest exists. Those cases should not behave the same. The repair preserves that distinction. What changed The patch updates: exec/commands/src

2026-06-10 原文 →
AI 资讯

Stop Guessing Your Meds: Building a Multi-Drug Conflict Scanner with GPT-4o & FDA API

Have you ever stared at two different medicine boxes, squinting at the tiny font of the active ingredients, wondering: "Can I actually take these together?" Modern healthcare is complex, and drug-drug interactions (DDI) are a leading cause of avoidable ER visits. In this tutorial, we’re going to leverage GPT-4o Vision , React Native , and the FDA OpenData API to build a "Drug Conflict Scanner." We will utilize multimodal AI to transform messy pill-box photos into structured data and cross-reference them against official medical databases for safety. By the end of this guide, you'll master GPT-4o OCR structuring and automated knowledge graph verification for real-world health tech applications. 🚀 The Architecture 🏗️ The logic flow involves capturing images of multiple medicine labels, using GPT-4o's multimodal capabilities to extract chemical compounds, and then querying the FDA's database for potential interactions. graph TD A[React Native App] -->|Capture Multi-Photo| B[Node.js Backend] B -->|Image Buffer| C[GPT-4o Vision API] C -->|Structured JSON: Ingredients| B B -->|Search Interactions| D[FDA OpenData API] D -->|Drug Labels & Warnings| B B -->|Safety Report| A A -->|UI Alert| E{Safe or Warning?} Prerequisites 🛠️ To follow along, you'll need: GPT-4o API Key (via OpenAI) Node.js (for our backend relay) React Native (Expo is recommended for camera access) An account at open.fda.gov (though the public API works for limited requests) Step 1: Extracting Ingredients with GPT-4o Vision Traditional OCR struggles with curved medicine bottles and shiny packaging. GPT-4o excels here because it understands context. We don't just want text; we want the Generic Name of the drug. The Backend Logic (Node.js) // backend/scanner.js import OpenAI from " openai " ; const openai = new OpenAI ({ apiKey : process . env . OPENAI_API_KEY }); async function analyzeMedicineLabels ( imageUrls ) { const response = await openai . chat . completions . create ({ model : " gpt-4o " , messages :

2026-06-10 原文 →
开发者

Who's Going To RubyConf 2026?

RubyConf holds a special place in my heart. It was the very first tech conference I attended after receiving a scholarship fresh out of Flatiron School back in 2017 (you can read about my experience here ), and then in 2021, it was the stage for my first conference talk in Denver. Now, in another first, I joined the Program Committee for RubyConf 2026 to help put the program together, and what a program it is! We have an absolutely amazing lineup this year, and I'm so excited to see it come to life! Who else is planning on attending? Let's make plans to meet up and say hi!

2026-06-10 原文 →
AI 资讯

"A reality was not given to us": the web that is coming does not exist yet — an agent will build it for you

Because a reality wasn't given to us and is not there; but we have to make it ourselves, if we want to be; and it will never be one for ever, but constant and infinitely changeable. Luigi Pirandello, One, No One, and One Hundred Thousand Pirandello wrote this about the human condition. He didn't know he was describing the future of the internet. The web we know is about to disappear Not slowly. Not gradually. The web page, as the default unit of human navigation, is about to disappear: it will strip itself of everything we call "interface" and what remains will be only what it always was underneath — data, structure, instruction. The enticing homepages. The banners. The product carousels engineered by UX teams to capture attention in the first second and a half. The brand colors. The call-to-action buttons optimized for conversion rate. All of this is designed for a human eye that navigates alone. That eye is about to delegate. The agent that browses for you Imagine you want to buy a pair of shoes. Today you open a browser, search, filter, compare, go back, reopen the tab you closed, forget what you were looking for, start again. In a few years — maybe less — you will tell the agent what you want. The agent will already know that you have wide feet, that you prefer leather to synthetic, that you're looking for something for a wedding in June but deep down you want something that works afterward too. It will know that today you're in a practical mood, not an aspirational one. That you've spent a lot this month. The agent won't open a homepage. It will query a data structure. It will receive prices, availability, variants, return policies. It will build for you — and only for you, and only in that moment — a presentation tailored to measure. Colors that belong to you. Texts that speak your language. Images generated for your aesthetic sensibility of that day. The same store. Five billion different versions. One for each person, one for each moment. One, No One, and On

2026-06-10 原文 →
AI 资讯

AI's real value isn't automation. It's how fast you can act on what you already know.

Something I keep noticing across teams and orgs that are actually getting value from AI versus the ones that aren't. The difference rarely comes down to the model or the algorithm. Most organizations are already drowning in data. Logs, metrics, alerts, reports, dashboards, tickets. The information exists. The bottleneck is what happens after the data shows up. How long does it take to interpret what the signal means? Who decides what to prioritize when three things need attention at once? How fast can the right people coordinate a response once a decision is made? That's where AI actually earns its keep. Not by replacing the human in the loop but by compressing the time between something happening and someone doing something useful about it. Signal to understanding to action. That's the chain that matters. Think about it in terms you deal with every day. A vulnerability gets disclosed. The CVE exists, the advisory is public, your scanner picked it up. None of that is the bottleneck. The bottleneck is figuring out which of your services are affected, who owns them, how bad the exposure actually is in your specific context, and getting a patch scheduled before someone exploits it. AI that helps you answer those questions in minutes instead of days is genuinely valuable. AI that and adds another dashboard to look at isn't. This applies across the board. Incident response, infrastructure management, risk assessment, customer systems, operational workflows. The teams getting real value aren't the ones with the fanciest models. They're the ones who figured out where their decision bottlenecks actually are and pointed AI at those specific gaps. The strategic advantage is rarely in the algorithm. It's in organizational responsiveness. How fast can you go from "something happened" to "we're handling it". The AI is just the thing that compresses that timeline. Where's the biggest decision bottleneck in your current workflow?

2026-06-09 原文 →
AI 资讯

Building Your "Longevity Knowledge Graph": Stop Ignoring 10 Years of Health Reports with GraphRAG and Neo4j

We’ve all been there: every year, you get a physical, receive a thick PDF full of blood markers, glance at the "normal range" checkmarks, and toss it into a digital folder titled "Health Stuff" to be forgotten. But what if I told you that those isolated data points are actually a time-series story of your biological aging? In this tutorial, we are going to build a Longevity Knowledge Graph . We will leverage GraphRAG (Graph-based Retrieval-Augmented Generation) , Neo4j , and Unstructured.io to transform a decade of messy medical PDFs into a structured intelligence layer. By the end of this post, you'll be able to query your health history with context that standard vector search simply can't grasp—like "How has my fasting glucose trended relative to my BMI over the last five years?" If you're interested in advanced data engineering patterns or looking for more production-ready AI health architectures, I highly recommend checking out the deep dives over at WellAlly Blog , which served as a major inspiration for this build. Why GraphRAG? (The Problem with Vector Search) Standard RAG (Retrieval-Augmented Generation) is great at finding a specific needle in a haystack. But if you ask, "What is the relationship between my Vitamin D levels and my bone density over time?", a vector database might just pull three separate paragraphs. GraphRAG allows us to: Connect Entities : Link a Blood_Metric (e.g., LDL) to a specific Time_Point . Traverse Relationships : Follow the path from User -> Report -> Marker -> Trend . Global Reasoning : Summarize high-level health trajectories across multiple years of data. The Architecture 🏗️ Here is how the data flows from a messy PDF to a queryable graph: graph TD A[Medical PDF Reports] -->|Unstructured.io| B(Clean JSON/Elements) B -->|Entity Extraction| C{LLM Processing} C -->|Nodes & Edges| D[Neo4j Graph Database] D -->|GraphRAG Query| E[Longevity Insights] F[User Query: 'Is my HbA1c rising?'] --> E subgraph Storage D end Prerequisites To f

2026-06-09 原文 →
科技前沿

Meme Monday

Meme Monday! Today's cover image comes from the last thread . DEV is an inclusive space! Humor in poor taste will be downvoted by mods.

2026-06-08 原文 →