Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers.
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
-
Oh look, they’re trying to cover up what they did too
https://github.com/nkuntz1934/matrix-workers/commit/2d3969dd5e795caa3641d0e237e2b52ca0502463
Archive link for posterity:
@JadedBlueEyes did anyone fork thier repo?
-
For those of you that don't know, I develop https://continuwuity.org - a Rust based Matrix homeserver that actually works, and that you can run on a Raspberry Pi, rather than someone else's centralized cloud infrastructure
@JadedBlueEyes does it scale? does it have the ability to delete CSAM when stupid edgelords device to upload it to your homeserver and then get you swatted?
as always I want to believe there is a usable matrix homeserver... but it seems there is always a catch.
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes I stopped reading after:
"But there is a "tax" to running it. Traditionally, operating a Matrix homeserver has meant accepting a heavy operational burden. You have to provision virtual private servers (VPS), tune PostgreSQL for heavy write loads, manage Redis for caching, configure reverse proxies, and handle rotation for TLS certificates. It’s a stateful, heavy beast that demands to be fed time and money, whether you’re using it a lot or a little."Mine runs on a small NAS
️ -
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes internet is dead
-
I swear every iteration of the blogpost is somehow worse. No, your starting point wasn’t Synapse either. Your starting point was the claude opus chatbox
@JadedBlueEyes a bit later in the posts it's still
> The key insight from porting Tuwunel
instead of Synapse
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes So, in layman's terms, does this mean they claimed they did a thing but did not actually do the thing, and no one checked whether they did the thing before they published the blog claiming they did the thing?
-
@JadedBlueEyes This is almost a minor criticism in comparison to all the other crap, but I am so sick of companies calling things 'serverless' when what they really mean is "servers, but only ours and they're really opaquely billed and impossible to replace with someone else's servers so you're stuck with us, and also they're managed in a totally custom way so none of your normal sysadmin skills are portable to it but you still have to learn how to manage it"
@JadedBlueEyes @joepie91 we've just gone back to managed databases again: overpriced, billed by metrics that aren't easy to price, and totally impossible to manage.
-
S simonjust@mstdn.dk shared this topic
-
@JadedBlueEyes So, in layman's terms, does this mean they claimed they did a thing but did not actually do the thing, and no one checked whether they did the thing before they published the blog claiming they did the thing?
@Legit_Spaghetti Yep. They claimed to do an extremely hard thing which is notorious for having security issues, and did not do it.
-
@GossiTheDog @JadedBlueEyes fucking OUCH
-
I swear every iteration of the blogpost is somehow worse. No, your starting point wasn’t Synapse either. Your starting point was the claude opus chatbox
@JadedBlueEyes
They probably asked claude or chatgpt or whatever the name of the latest slop machine that's just gpt with a different initial prompt is to fix the blogpost, too. -
@JadedBlueEyes@tech.lgbt
What in absolute fuck is a serverless server@ivan @JadedBlueEyes someone elses server
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes Granted I don't know shit about serverless or quantum blablabla but that blog read like lorem ipsum text??? I guess if the project is underspecified and sufficiently novel Opus will just shit the bed. I think I want to write a bunch of .md files less than I want to write code which is already very little...
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes This is literally how some of the pull requests look today at work. People vibe code; don't even look at the output; git push if the app works; ask for review/approvals; get annoyed, when you question why there are two identical files; pass your comments to the bot; push again without checking when it finishes; manager advises you to tame down your perfectionism; also asks why do you do less tickets than others.
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes seems like the sort of thing @davidgerard would like to read
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes sasuga Buttflare
-
@JadedBlueEyes seems like the sort of thing @davidgerard would like to read
@beejeebus @JadedBlueEyes for horrified and appalled levels of "like"
so i guess that's a yes
-
https://lobste.rs/s/csxfc6/cloudflare_claimed_they_implemented#c_gychiy
Quoting from one of my chat rooms:
> Distributed protocols get extra complex once cryptography and security get in the mix and without a domain expert
authentication isn't "extra complex", you literally removed signature checking. and hashes. And fucking authentication.
> ensure this handles the myriad of edge cases that regularly plague Matrix implementations
YOU REMOVED. AUTHENTICATION. THIS ISN'T SOME WEIRD EDGE CASE WITH STATE RESETS. YOU REMOVED AUTHENTICATION AND VALIDATION.
Are they upload the code to public repo AS IS?
If so, we are in a deep shit.
If not, maybe they publish the open-source boilerplate, when the auth was proprietary -
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes
It's just like that time I implemented Matrix in ActivityPub! -
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes Slop like this is so disrespectful to the time of everyone who reads the blog post. Jerks who are too lazy to do their job properly and expect others to fix their careless mistakes existed before LLMs but I swear this technology is like rocket fuel for these people.
