Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers.
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes@tech.lgbt worst game of spot the difference i have ever played
-
Oh look, they’re trying to cover up what they did too
https://github.com/nkuntz1934/matrix-workers/commit/2d3969dd5e795caa3641d0e237e2b52ca0502463
Archive link for posterity:
@JadedBlueEyes This takes it from "lazy and disappointing" to "actively malicious". One quick apology blogpost would fix this, but they're doubling down, aren't they?
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes oh, what a disappointment. I don't understand that much so I trusted their post
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes @dcousineau Nothing like :checks notes: three THOUSAND lines BS in one file: https://github.com/nkuntz1934/matrix-workers/blob/main/src/admin/dashboard.ts and it's not even good code.
-
Oh look, they’re trying to cover up what they did too
https://github.com/nkuntz1934/matrix-workers/commit/2d3969dd5e795caa3641d0e237e2b52ca0502463
Archive link for posterity:
@JadedBlueEyes I recently learned that GitHub allows one to view the activity on a repo, and you can limit it to show force pushes only, which in turn allows you to view the diff between the two states too, even if they span multiple commits.
It's fun to see what kind of things some companies try to hide. (edit: like the original history, which has some fun commits in there!)
-
@JadedBlueEyes @dcousineau Nothing like :checks notes: three THOUSAND lines BS in one file: https://github.com/nkuntz1934/matrix-workers/blob/main/src/admin/dashboard.ts and it's not even good code.
@josh @dcousineau oh god I didn't even look at the client code
-
@JadedBlueEyes OH: @49016 did that for fedi before it was cool
@networkexception @JadedBlueEyes LMAOOO they're really turning its shitposts into satirical reality
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes this is a great case study in how AI can be used to create something of actually inferior quality real fast and just trumpet the fact of its existence as a real improvement on the old ways.
-
@JadedBlueEyes@tech.lgbt worst game of spot the difference i have ever played
@petunia @JadedBlueEyes so like, on an emotional level I understand why people hate ORMs, but on a "people are very bad at databases" level ..................
-
Oh look, they’re trying to cover up what they did too
https://github.com/nkuntz1934/matrix-workers/commit/2d3969dd5e795caa3641d0e237e2b52ca0502463
Archive link for posterity:
@JadedBlueEyes The comments on this commits are absolutely hilarious. Well deserved
-
Rather than implementing the critical state resolution algorithm that's the core of Matrix, they just directly insert the latest state into the database. That'll instantly lead to diverging views of the room and incompatibility with every other implementation - and it's also a massive security hole.
@JadedBlueEyes@tech.lgbt NOT THE STATE RES ALGORITHM
-
@josh @dcousineau oh god I didn't even look at the client code
@JadedBlueEyes @josh oh woooow, using ...innerHtml = `<...>`, inCREDIBLE the kids these days couldn't understand
-
@JadedBlueEyes The comments under this commit make it at least a bit funnier
@wyldtom @JadedBlueEyes for me the funniest part is
> a serverless architecture where operations disappear, costs scale to zero when idle, and every connection is protected by post-quantum cryptography by default.
I don't know about the post-quantum cryptography, but I'll grant them that their homeserver is serveless and costs scale to zero (on account of it not existing)
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes ah yes, AI. The technology of the future right?
...right??
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes@tech.lgbt
What in absolute fuck is a serverless server -
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes
They seem to do there Global deployment this way... -
@wyldtom @JadedBlueEyes for me the funniest part is
> a serverless architecture where operations disappear, costs scale to zero when idle, and every connection is protected by post-quantum cryptography by default.
I don't know about the post-quantum cryptography, but I'll grant them that their homeserver is serveless and costs scale to zero (on account of it not existing)
@elilla@transmom.love @wyldtom@chaos.social @JadedBlueEyes@tech.lgbt Not even a quantum computer can get your data from the system without authorisation.
-
Cloudflare just published a vibe coded blog post claiming they implemented Matrix on cloudflare workers. They didn't, their post and README is AI generated and the code doesn't do any of the core parts of matrix that make it secure and interoperable. Instead it's littered with 'TODO: Check authorisation' and similar
https://blog.cloudflare.com/serverless-matrix-homeserver-workers/
@JadedBlueEyes aewwwww2 crap
-
@elilla@transmom.love @wyldtom@chaos.social @JadedBlueEyes@tech.lgbt Not even a quantum computer can get your data from the system without authorisation.
@flesh @wyldtom @JadedBlueEyes Cloudflare truly has mastered the definite Matrix security approach (not sending messages at all)
-
@JadedBlueEyes I recently learned that GitHub allows one to view the activity on a repo, and you can limit it to show force pushes only, which in turn allows you to view the diff between the two states too, even if they span multiple commits.
It's fun to see what kind of things some companies try to hide. (edit: like the original history, which has some fun commits in there!)
@algernon @JadedBlueEyes "Remove PII" is always a banger of a commit to have public.
