Yeah my 10 years experience with Python and Django just flushed down the toilet with the advance of AI, struggling to find a job for a few months now sadly :(
This is what I experienced as well, I can smell BS from AI generated code right from few lines it wrote in Python, so that why I keep using Python for most of my projects.
For anyone looking to dive deeper and actually understand how FFmpeg and libav work under the hood, I highly recommend Leandro Moreira's tutorial [0]. For me, it's hands down the best and most comprehensive explanation out there.
I’ve been using Telegram for about 10 years, and it’s one of the few products that has consistently felt great the entire time. It’s fast everywhere: backend, mobile app, desktop app, all of it. Everything just works. Its sync is out of this world—fluid, fast, and seamless across devices. You can use it on your phone, then move to your PC or laptop and continue instantly without friction. Unlimited message history and file storage are fantastic, and the bot platform is absurdly powerful. It’s boring in the best way, which is exactly what you want from a channel for interacting with your agents everywhere.
Instead of Telegram, go self-hosted for company related communication activity. See Gamers Nexus recent video on self-hosted discord alternatives https://www.youtube.com/watch?v=kpjcmXbmMVM
For encrypted group conversation over third-party networks use Signal, or Matrix which try to keep your conversations private.
The fact that Telegram has their support playbooks online, is interesting. Though I would call the following claim a stretch
> As a result, we have disclosed 0 bytes of user data to third parties, including governments, to this day.
Telegram had always impressed me for the same reasons. They have constantly gotten worse since about 2022/2023 though. Dark patterns, pay gate, they lost chat history for some of my closest contacts including 15k+ lost photos, no support at all. Something changed in their product direction and I started moving all my chats to Signal.
They need to stop cramming in useless features like Stories and NFT's and they recently redesigned the Android app to be like iOS but it broke my muscle memory, moved ALL items around (like "Saved" being in 1st spot when sharing, after the update it was buried, then it was at the top again and now it's under "Create a Story") and trashed the performance with the chat list not even loading at start (switching the tabs at the bottom "fixes" this, speaking of tabs, who even needs these there? The hamburger menu was fine). At least the desktop program is good AND native and not web slop.
Since we are apparently giving messaging platform reviews here, I feel exactly the same way about Microsoft Teams. It works great. It does everything I want. It doesn’t get in my way. 10 out of 10 keep up the great work guys!
> Since we are apparently giving messaging platform reviews here, I feel exactly the same way about Microsoft Teams. It works great. It does everything I want. It doesn’t get in my way. 10 out of 10 keep up the great work guys!
It looks like we found a high executive using company money to buy a product no one wants to use.
It's easy to promote Teams if your secretary is handling it for you and you don't need to suffer yourself.
The other possibility: Microsoft started an astroturfing campaign on HN.
Teams network connectivity is a plain joke. If you use suspend, or frequently change network, the thing will just never reconnect, even though you have VPN alive and all network applications perfectly running.
And the thing is just absurbdly sluggish, only display blurred grey lines instead of text in a meager attempt to look snappy.
I only use Teams for meetings and the calendar, and the occasional chat during a meeting. I find it totally fine and I don't really think about it much one way or the other. For reference I have a 2021 M1 Max with 64 GB.
Probably all managers and engineers working on Teams have similar copious amounts of memory and powerful CPUs on their devices and hardly use their own product. That would explain a lot
It honestly wasn't much different on my 2018 i5 Mini with 32 GB.
Maybe what sucks here is the experience of running it on Windows. Or maybe it sucks for large meetings? But I never have Teams meetings with > 40 people at this company.
When it is online, I agree with things asides from the "fast" part, actually. But many companies have a secondary service for async comms/chat when being Teams cannot be online, and compared to Slack.
Honestly can't tell if this is not sarcasm/rage bait.
Teams that has 3 different UI frameworks on every platform (but your best bet is the web)? With the Microsoft login that tends to loop forever redirecting to God knows where?
I wrote this Telegram bot that translates any video with AI-generated subtitles in about 2 minutes. You paste a YouTube, TikTok, or Instagram link, pick your language, and get back the video with burned-in subtitles.
It started because my wife watches Chinese dramas and new episodes never have subtitles for our language. Turns out thousands of people have the same problem — Arabic speakers watching anime, Russian speakers following Turkish series, Persian speakers catching up on K-dramas.
Supports 40+ languages, works with any video link or direct file upload. There's also a Mini App inside Telegram for a more visual experience.
Hey this looks cool but wanted to highlight a bug. I opened the bot, tapped on sample video and I got the “translating a sample Turkish drama…” message twice. Then it said “your first translation is ready” so I press view in the app and the recent list shows the duplication. It says the first one is ready but the second was in progress. I close the app and see a “our whale friend is gathering video” with a progress bar. So I guess it’s not ready? Then I get a failure message which looks like the second video failed? Anyway, cool idea but it seems buggy and I think the app UX could be simplified, good luck!
This looks cool, but what I'd really like is a self-hosted version that I could use to auto-subtitle videos I already have locally. This would help my language learning a great deal.
If any of you have already figured out a tool/workflow for this, I'd love to learn from your experience.
This thread prompted me to look into this. It seems that all I need is a thin wrapper around whisper-ctranslate2. So I wrote one and am playing with it right now.
I'm finding language auto-detection to be a bit wonky (for example, it repeatedly identified Ladykracher audio as English instead of German). I ended up having to force a language instead. The only show in my library where this approach doesn't work is Parlement[1], but I can live with that.
On the whole this is looking quite promising. Thanks for the idea.
RankClaw (https://rankclaw.com) — a security scanner for the OpenClaw/ClawHub AI agent skill ecosystem.
I've been scanning all 14,704 skills in the registry and running AI deep audits on ~3,800 so far. The headline finding: surface heuristics (pattern matching, dependency checks, metadata) flag about 6.6% as malicious. AI deep audit of the same skills finds 16.4%. Surface scanning misses roughly 60% of the actual risk.
The reason is that these skills aren't traditional packages — they're markdown instruction files that tell an AI agent what to do, with full shell, file system, and network access. The attacks are in natural language: prompt injection, social engineering targeting the AI itself, instructions to generate and execute code at runtime. There's no malicious code to detect because the payload doesn't exist until the AI writes it during a conversation.
Some of the attack patterns I've documented: one actor published 30 skills under the name "x-trends" across multiple accounts (28/30 confirmed malicious). Another cluster impersonates ClawHub's own CLI with base64 curl|bash payloads. One skill has a "Talking to Your Human" section with a pre-written pitch for the AI to ask the user's permission to mine Monero.
The most counterintuitive case: lekt9/foundry contains zero malicious code. It instructs your AI agent to generate and execute code as part of its normal workflow. Static analysis finds nothing because the dangerous code doesn't exist until the AI writes it during a live conversation. This attack class requires AI to detect AI.
Free to check any skill. All AI audit reports are public.
Interesting gap between surface scanning (6.6%) and AI deep audit (16.4%).
Two concerns with the AI audit approach. First, the defense LLM is itself an attack surface — we're already seeing payloads crafted specifically to bypass LLM-based guardrails. If the guardian is injectable, you've added a vulnerability to your security stack.
Second, the Mindgard paper from late 2025 tested 12 character injection techniques against 6 guardrails including ProtectAI's DeBERTa, Meta Prompt Guard, Azure Prompt Shield — some hit 100% evasion rate. Homoglyphs, zero-width chars, leet, diacritics. Simple stuff, but the classifiers see raw tokens and can't handle it.
I built a prompt injection detection library that tackles this from the normalisation layer — 10-stage deterministic pipeline (NFKD, confusable fold, leet, base64, zero-width strip, ROT13, escape sequences) that reduces all evasion to canonical form before any matching. The scan itself is not injectable — it's code, not a model.
Where I think this goes next: small encoder-only classifiers (DeBERTa-small, ModernBERT) running on already-normalised text. Post-normalisation, the model only needs to detect the logical intent pattern, not handle evasion — that's the layer below. Too small to be reprogrammed via prompt, too focused to be redirected. One classifier per attack category: override, extraction, jailbreak, etc.
But these classifiers will only be as good as their training data. Right now everyone trains on static datasets (deepset, safeguard). What's missing is a community-maintained corpus fed by real-world incident reports — like antivirus signature databases.
The detection engine matters less than the definitions it runs on. ClamAV isn't great because of its scan loop, it's great because thousands of people report samples.
Your foundry example — no payload until the agent writes it — is the genuinely hard case that needs AI. But for everything else, deterministic normalisation + focused micro-classifiers + community-curated signatures is a more defensible architecture than putting another LLM in the path.
We have measured this across the full OpenClaw ecosystem (14,704 skills indexed, 3,721 AI deep audited). The credential stealer pattern is one of several confirmed attack classes.
Key finding from our AI deep audit data: surface heuristics find 6.6% malicious. AI audit of the deep-scanned cohort finds 16.4% — surface scanning misses roughly 60% of the risk.
The most counterintuitive case: lekt9/foundry contains zero malicious code. It instructs your AI agent to generate and execute code as part of its workflow. Static analysis finds nothing because the dangerous code doesn't exist until the AI writes it during a live conversation.
Data at rankclaw.com. AI audit reports public for all 3,721+ deep-scanned skills.
I wrote a Telegram bot for video/image translation, and also Firefox/Chrome addons to help translate web content with smart content extraction and non-breaking layouts.
The Firefox addon/Chrome extension is free, but you need your own OpenRouter/Gemini API key. The cost of web translation is really low, you can translate an article for ~$0.01 with really good quality. (You can try at https://addons.mozilla.org/en-US/firefox/addon/subly-xyz/)
I built it because I use Firefox the most and it seemed like no translate addon was good or simple enough. Chrome translate kinda works, but the quality is so low; it usually doesn't understand the article context.
I think MCP is awesome, mainly because it forces devs to design the simplest possible tools/APIs/functions so even an average-performance LLM can use them correctly to get things done.
As developers, we often want everything to be rich, verbose, and customizable — but the reality is that for most users (and now for AIs acting on their behalf), simplicity wins every time. It’s like designing a great UI: the fewer ways you can get lost, the more people (or models) can actually use it productively.
If MCP ends up nudging the ecosystem toward small, well-defined, composable capabilities, that’s a win far beyond just “AI integration.”
I don’t like MCP because it relies on good faith from the plugin provider. It works great in closed, trusted environments but it cannot scale across trust boundaries.
It just begs for spam and fraud, with badly-behaving services advertising lowest-cost, highest-quality, totally amazing services. It feels like the web circa 1995… lots of implicit trust that isn’t sustainable.
Totally agree - the true source of all of the value here is the new incentive to write very simple services with very simple documentation and to make that documentation easily discoverable.
It fills a gap that exists in most service documentation: an easily discoverable page for developers (specifically, those who already know how to use their ecosystem of choice's HTTP APIs) that has a very short list of the service's most fundamental functionality with a simplified specification so they can go and play around with it.
reply