miniblog.

The "line of death", where the browser UI splits between trusted UI elements and UI controlled by the website. Also argues that HTTP warnings are better than HTTPS padlocks, because there's incentive to spoof padlocks lower on the page. https://emilymstark.com/2022/12/18/death-to-the-line-of-death.html

One interesting consequence of the rise of LLMs: there's more demand for tools that handle untrusted input. Arbitrary HTML+JS can be safely run in a browser. Lean can check an arbitrary proof. These work really well with an LLM that can be wrong, but sometimes gives exactly what you want. Are there other tools in this family?

I'm experimenting with diagnostics formatting. * I've added a left margin, showing both the file name and line numbers * I'm showing one line of context above/below the offending line. * I'm using grey for comments. What do you think? Is there anything you'd change?