Hansu

Do it alone. Do it scared.

the lion is now concerned about soc2 compliance

Thank god I skipped Delve and just had Claude generate a SOC-2 report directly.

@ohryansbelt Holy

Delve, a YC-backed compliance startup that raised $32 million, has been accused of systematically faking SOC 2, ISO 27001, HIPAA, and GDPR compliance reports for hundreds of clients. According to a detailed Substack investigation by DeepDelver, a leaked Google spreadsheet containing links to hundreds of confidential draft audit reports revealed that Delve generates auditor conclusions before any auditor reviews evidence, uses the same template across 99.8% of reports, and relies on Indian certification mills operating through empty US shells instead of the "US-based CPA firms" they advertise. Here's the breakdown: > 493 out of 494 leaked SOC 2 reports allegedly contain identical boilerplate text, including the same grammatical errors and nonsensical sentences, with only a company name, logo, org chart, and signature swapped in > Auditor conclusions and test procedures are reportedly pre-written in draft reports before clients even provide their company description, which would violate AICPA independence rules requiring auditors to independently design tests and form conclusions > All 259 Type II reports claim zero security incidents, zero personnel changes, zero customer terminations, and zero cyber incidents during the observation period, with identical "unable to test" conclusions across every client > Delve's "US-based auditors" are actually Accorp and Gradient, described as Indian certification mills operating through US shell entities. 99%+ of clients reportedly went through one of these two firms over the past 6 months > The platform allegedly publishes fully populated trust pages claiming vulnerability scanning, pentesting, and data recovery simulations before any compliance work has been done > Delve pre-fabricates board meeting minutes, risk assessments, security incident simulations, and employee evidence that clients can adopt with a single click, according to the author > Most "integrations" are just containers for manual screenshots with no actual API connections. The author describes the platform as a "SOC 2 template pack with a thin SaaS wrapper" > When the leak was exposed, CEO Karun Kaushik emailed clients calling the allegations "falsified claims" from an "AI-generated email" and stated no sensitive data was accessed, while the reports themselves contained private signatures and confidential architecture diagrams > Companies relying on these reports could face criminal liability under HIPAA and fines up to 4% of global revenue under GDPR for compliance violations they believed were resolved > When clients threaten to leave, Delve reportedly pairs them with an external vCISO for manual off-platform work, which the author argues proves their own platform can't deliver real compliance > Delve's sales price dropped from $15,000 to $6,000 with ISO 27001 and a penetration test thrown in when a client mentioned considering a competitor

i find myself doing more and more math as programming gets more and more automated

well said, anon

frfr

@Kimi_Moonshot @cursor_ai Lmao

Congrats to the @cursor_ai team on the launch of Composer 2! We are proud to see Kimi-k2.5 provide the foundation. Seeing our model integrated effectively through Cursor's continued pretraining & high-compute RL training is the open model ecosystem we love to support. Note: Cursor accesses Kimi-k2.5 via @FireworksAI_HQ ' hosted RL and inference platform as part of an authorized commercial partnership.

@lynxluna 😦😦😦

Anjir.. learning loss lagi.

Eid mubarak guys

Thanks PM Anwar

@F2aldi Gas

Cafe Cursor Jakarta is coming soon. 🇮🇩☕ Post Eid ul-Fitr Edition — April 5th, South Jakarta. Cursor Team members are flying in. Free event. Good people. Real conversations. Real Builders Come build, hang, and connect with fellow AI enthusiasts. 🎫 Free to join!

why doesn’t peter just sit them both down and show them the first 3 movies so they remember??

this is about to be every straight guy’s favourite movie

@HabisNontonFilm Inpo ini film imax ga di indo

PROJECT HAIL MARY jadi film pertama yang diputar di luar angkasa. Promosi yang gokil! Akan tayang mulai 8 April di bioskop Indonesia.

You're watching a $248 million film and not a single green or blue screen was used. The alien is a handmade puppet. The cockpit physically rotates to simulate gravity. I looked at the production tech behind this 95% score, and the engineering is wild. Phil Lord and Chris Miller, directing their first live-action movie in 12 years, built the entire Hail Mary spacecraft as a real set at Shepperton Studios in England. Not a miniature. Not a digital model. A full-size ship interior you can walk through. Production designer Charlie Wood studied the International Space Station, Russia's Mir station, and the Boeing 747 cockpit to get the look right. He deliberately made the panels mismatched, because real spacecraft are assembled from parts made by different companies. Nothing matches perfectly. That's what makes it feel real. The cockpit is only about 8 feet wide. It sits on a mechanical platform that can tilt, spin, and shake, so when the ship changes direction or enters different gravity conditions, the whole set moves. Chairs end up on walls. Ladders flip direction. Gosling was suspended inside a spinning ring so he could float and move through the ship for real, reacting to actual hardware around him. No guessing where a wall might be added later. Then there's Rocky. He's the alien co-lead, and he's not CGI. Neal Scanlan, the creature designer who built the Porgs for Star Wars, spent a full year on this character. Over 300 designs before they landed on the final look. Rocky is a thin, hollow shell, 3D-printed from a digital sculpture, then hand-painted in see-through layers so light passes through him like skin. His arms pop off and swap out depending on the scene: one set has a closed fist for walking, another has tiny motorized fingers strong enough to pick up objects. Five puppeteers (nicknamed the "Rockyteers") operated him in every scene. James Ortiz, an award-winning puppet designer from New York theater, voiced Rocky and controlled him on set. When Scanlan met him, he told Ortiz, "You're Frank Oz, and I'm making Yoda for you." Every reaction Gosling gives to the alien is to something physically in front of him. Greig Fraser, who won the Oscar for shooting Dune, filmed the space scenes in the larger IMAX format (that taller image you see in IMAX theaters) and the Earth flashbacks in regular widescreen. Then the team did something unusual: they took the digital footage and printed it onto real film strips, twice, using two different types of film stock. Then they scanned those strips back into digital. It sounds redundant, but it adds a texture and warmth that you can only get from physical film. Fraser used the same technique on Dune and The Batman. Drew Goddard spent six years writing this screenplay. His last adaptation of Andy Weir's novel, The Martian, earned him an Oscar nomination. He described the challenge this way: a screenplay gets about 5% of a novel's word count. The lead is alone for most of the runtime. When he finally gets a co-star, that co-star doesn't speak English, communicates through sounds closer to whale song, and has no face. Goddard called it a screenwriter's nightmare, then said that difficulty was the whole point. He and the directors fought studio pushback to keep Weir's original ending intact. 95% from 212 critics. 98% from over 2,500 audience ratings. And the lead isn't a superhero, a cop, or a soldier. He's just an ordinary middle school science teacher.

@F2aldi Yey ok waktunya ramein, dapet swag ga mas:)

If you're based in Jakarta and want to help organize Cafe Cursor / Cursor Jakarta Meetup join as a Cursor Ambassador!I can at least recommend you (if we've already met) 😂