Hacker News new | ask | show | jobs
by Tiberium 27 days ago
This article is completely AI-generated, anyone who reads LLM output often can confirm that. And Pangram confirms it as well. It's one of the more reliable LLM detectors and has an extremely low false positive rate, although in this case it marked Markdown parts too (they're irrelevant since it's a web article, not a normal post).

https://www.pangram.com/history/c68104cd-6072-4f7a-850b-e534...
1 comments
milch 27 days ago
To be fair here if you look at their "supporting evidence" most of it is pointing at markdown formatting. Some of the other things it points to are also just common in human writing, though the overuse leans more towards coming from an LLM, e.g. two instances of groups of three back to back with inconsistent use of the Oxford comma:

> If you're building a web app, a mobile app, or a first-party API: JWT is the wrong default and you should stop reaching for it. A row in Postgres with a bearer token in front of it is faster, simpler and strictly more secure.

link
Tiberium 27 days ago
Supporting evidence isn't what makes Pangram mark something as AI-generated, though. And I did call out that in my post specifically. But the post is still 100% generated, it has a distinct Claude-adjacent LLM style.

Some of the extremely obvious examples:

> The pitch is: the server signs it, the client carries it, every subsequent request only needs a signature verification — no database round-trip.

> You can't. That's the answer. The token is valid until it expires, full stop.

> A single opaque token, looked up in Redis with Postgres as the backing store, gives you the same security in one line of middleware. No refresh. No second token. No retry loop. Nothing.

> With opaque tokens this is just… how it works. No mismatch, no hidden tax, no "did they implement the checks correctly" question to lose sleep over.

link