upvote

points

by staticassertion4 hours ago |
comments
upvoteby cj3 hours ago|
next
[-]
Your comment matches my experience closer than the OP.

A link disappearing isn’t a major issue. Not something I’d worry about (but yea might show up as a finding on the SOC 2 report, although I wouldn’t be surprised if many auditors wouldn’t notice - it’s not like they’re checking every link)

I’m also confused why the OP is saying they’re linking to public documents on the public internet. Across the board, security orgs don’t like to randomly publish their internal docs publicly. Those typically stay in your intranet (or Google Drive, etc).

reply
upvoteby staticassertion2 hours ago|
parent|
[-]
> although I wouldn’t be surprised if many auditors wouldn’t notice

lol seriously, this is like... at least 50% of the time how it would play out, and I think the other 49% it would be "ah sorry, I'll grab that and email it over" and maybe 1% of the time it's a finding.

It just doesn't match anything. And if it were FEDRAMP, well holy shit, a URL was never acceptable anyways.

reply
upvoteby yorwba2 hours ago|
prev|
[-]
> I feel like I'm missing something

You're missing the existence of technology that allows anyone to create superficially plausible but ultimately made-up anecdotes for posting to public forums, all just to create cover for a few posts here and there mixing in advertising for a vaguely-related product or service. (Or even just to build karma for a voting ring.)

Currently, you can still sometimes sniff out such content based on the writing style, but in the future you'd have to be an expert on the exact thing they claim expertise in, and even then you could be left wondering whether they're just an expert in a slightly different area instead of making it all up.

EDIT: Also on the front page currently: "You can't trust the internet anymore" https://news.ycombinator.com/item?id=47017727

reply
upvoteby staticassertion2 hours ago|
parent|
[-]
I don't really see what you're getting at, it seems unrelated to the issue of referencing URLs in compliance documentation.
reply
upvoteby trevwilson2 hours ago|
parent|
next
[-]
They're suggesting that the original comment is LLM generated, and after looking at the account's comment history I strongly suspect they're correct
reply
upvoteby staticassertion1 hours ago|
parent|
[-]
Oh, I sort of wondered if that was the case but I was really unsure based on the wording. Yeah, I have no idea.
reply
upvoteby stavros2 hours ago|
parent|
prev|
[-]
I think they meant that, now that LLMs are invented, people have suddenly started to lie on the Internet.

Every comment section here can be summed up as "LLM bad" these days.

reply
upvoteby yorwba1 hours ago|
parent|
[-]
No, now that LLMs are invented, a lot more people lying on the Internet have started to do so convincingly, so they also do it more often. Previously, when somebody was using all the right lingo to signal expert status, they might've been a lying expert or an honest expert, but they probably weren't some lying rando, because then they wouldn't even have thought of using those words in that context. But now LLMs can paper over that deficit, so all the lying randos who previously couldn't pretend to be an expert are now doing so somewhat successfully, and there are a lot of lying randos.

It's not "LLM bad" — it's "LLM good, some people bad, bad people use LLM to get better at bad things."

reply