I fed it my most-read blog post and asked it to identify me and it confidently asserted it was written by Kelsey Piper. Maybe some writers just take outsized importance in Opus' "mind".
> * The first and most important item is the access to hardware accelerators and hardware devices whose technical interface can only be accessed from the kernel mode / supervisor state of the processor. Such support cannot be used from user space except through AF_ALG.
> * When using user space libraries, all key material and other cryptographic sensitive parameters remains in the calling application's memory even when the application supplied the information to the library. When using AF_ALG, the key material and other sensitive parameters are handed to the kernel. The calling application now can reliably erase that information from its memory and just use the cipher handle to perform the cryptographic operations. If the application is cracked an attacker cannot obtain the key material.
> * On memory constrained systems like embedded systems, the additional memory footprint of a user space cryptographic library may be too much. As the kernel requires the kernel crypto API to be present, reusing existing code should reduce the memory footprint.
I can't judge whether this is a good justification, but there is one.
The reason is that this whole push for age verification is nothing to do with actually stopping kids seeing the content. If it was then this kind of solution would be being legislated for. It’s just about making everyone identifiable.
Yeah that's why Tangled didn't go with ActivityPub (Mastodon protocol) and went with ATproto instead, which is specifically built to solve that problem, so individual servers are all aggregated by centralized AppViews (that anyone can host) that give a singular unified "view" of the network that is just as cohesive as a centralized network feels.
Proud dutchie here! I was wondering this morning whether they were going to migrate away from GH. Really glad that they did.
I remember applying for a job (at some weird company) to be put up as an open-source contributor for the dutch government last year. The idea was that I was going to build on top of MuleSoft stuff. They ghosted me a day later, despite me having already done these things for the client they needed me for. I would advise anyone that is looking for OS contributors to not out-source them through companies, as the models don't really align.
Nowadays I'm communicating with people in Utrecht to get partijgedrag to a newer level (the current one is kind of weak). I would love to build some tooling on top of our government APIs, as well. I don't think people realize how much internal tooling is being built with the idea to release them to the public. It's really cool to see.
I used to work for Meta. I quit largely because of intense frustrations with the company. Meta has made a lot of mistakes, overlooked a lot of harms, and made a lot of short-sighted, selfish choices. Many things about the world are worse than they could be because of choices Meta has made.
So that when I say that they really do have a zero tolerance policy for anyone using their internal systems to violate user privacy, it's not because I'm eager to defend them. It's just true (at least, it was when I was there). There are internal systems dedicated to making sure you have access to what you need to do your job, and absolutely nothing else. All content you interact with through internal tools is monitored and logged. If you get caught trying to use whatever access your job gives you for anything other than doing your job, security immediately escorts you out of the building. This is drilled into new hires early and often. For everything Meta gets wrong, they really do take this seriously.
When somebody comments PR with “Incredible work, Jacob. It is an honor to call you my colleague.” then it's safe to assume it's out of the ordinary contribution. Pretty much falling outside of the “in all likelyhood”.
I’m a researcher who for years has been scanning my library’s holdings on my particular discipline for my own use, but also uploading the books to the shadow libraries for everyone else’s benefit. The revelation that LLMs are training on the shadow libraries has made me put a lot more effort into ensuring my scans are well-OCRed. The idea that I could eventually ask ChatGPT or whatever about obscure things in my field, and get useful output (of the "trust but verify" sort), is exciting.
"OpenWarp is a community fork of Warp's open-source code. It is not affiliated with Warp Inc. and follows the upstream AGPL / MIT dual license."
It is rude, and possibly a trademark violation, to fork a project and use the same name. And, how can there be a "community fork" when there is no community? It's just been Open Sourced 24 hours ago.
```As such, the kernel security team strongly recommends that as a reporter of a potential security issue you DO NOT contact the “linux-distros” mailing list UNTIL a fix is accepted by the affected code’s maintainers and you have read the distros wiki page above and you fully understand the requirements that contacting “linux-distros” will impose on you and the kernel community. ```
I recently had my automatic reload double charge me $100. I tried reaching out to Anthropic, but my only option (of course) was a chat agent. After going through a conversation with it, I was told someone would reach out to help with the matter. Never happened. I eventually reached out to my credit-card company and did a dispute, which they just ruled in my favor.
These contractors were hired to view this data. Your defense of Meta here doesn't make sense. Meta fired them for speaking out about the data Meta collects, not because they saw the data they were hired to look at.
Good thing nobody is silly enough to let fully autonomous AI agents run as regular users on these affected operating systems. That could be disastrous given a zero day prompt injection technique.
"A personal example: I created a system prompt for creating announcements for a home automation system. The Gemini model I was using initially responded in a very US-American way, which didn't fit the British voice of my speaker. I told the model, via the system prompt, that the output was being spoken in a British voice, but the result was a bad US-American impersonation of British ("a'waight guv'nor apples and pears" etc etc), so I had to iterate further to 'tone it down' and speak actual British.
In this process, the system prompt becomes tailored to the model. Other models will have different quirks. Things added to the system prompt for one model may be an overcorrection for another."
Spoiler: future versions of mainstream AIs will be fine tuned in the exact same way to subtly sneak in favorable mentions of sponsored products as part of their answers. And Chinese open-weight AIs will do the exact same thing, only about China, the Chinese government and the overarching themes of Xi Jinping Thought.
The site is definitely lacking. It's half in German, half in English.
The concept is that there is this protocol called ITS-G5, which is a European profile of 802.11p. Vehicles and traffic infrastructure can transmit telemetry on 5 GHz. Other vehicles and traffic infrastructure can use it for situational awareness.
This website collects that data using local receivers and aggregates it onto a map, similar to what website like ADSB-Exchange do with ADS-B.
What is concerning is that vehicles appear to broadcast a MAC address. Does this mean that ITS-G5, 802.11p, and C-ITS could be used for persistent tracking?
I'm very thankful I came of age during the golden age of personal computing. I was able to own my own computer(s) and earn a living writing software on them and for them. Fifty years was a good run, and I consider myself lucky to have participated in it.
IMO we've gone full circle: dumb terminals chained to mainframes and the whimsey of someone else's rules, restrictions, and rent-seeking, to my own bought-and-paid-for computer sitting on my desk that did exactly what I told it to do using software that never changed unless I wanted it to change, and now we're back to dumb terminals (browsers) that talk to mainframes (the cloud) that not only harvest and sell my personal information to the highest bidder but constantly change the rules and restrictions on my software and have gone back to renting me the software and pushing changes that I never asked for and never wanted in the first place.
I will never use spicy autocomplete for anything, and I find it depressing that people are being forced to use it in order to keep their job. I see a very dark future for computing if real skills are all replaced with garbage being vomited out by rules engines that harvested their "guess the next word" results from today's internet.
Atproto isn’t “many servers sending messages to each other”. It’s structured more like RSS:
1) there’s an app-agnostic hosting layer (and anyone can run a host, a bit like personal site with RSS)
2) then there’s apps, which aggregate over data from all hosts (a bit like Google Reader or Feedly)
So there’s no such thing as “defederating”. You don’t have many copies of Tangled beefing with each other. It’s more like you can run your own hosting for your own data (if you want), and anyone can build an app that aggregates from everyone’s data (Tangled is one such app).
> Why use someone's project when you can just have the robot write your own?
I've been thinking about this a bunch recently, and I've realized that the thing I value most in software now isn't robust tests or thorough documentation - an LLM can spit those out in a few minutes. It's usage. I want to use software which other people have used before me. I want them to have encountered the bugs and sharp edges and sanded them down.
When I was a kid, I saw an interview with him on 60 minutes. He talked about how he had dropped out of college after letting go of his dreams of being an olympic swimmer. He then served as a medic in Vietnam, and tried to commit suicide by jumping off a navy ship (but of course survived on account of being a near olympic class athlete. With a full head of hair).
Later I saw him in real life give a talk at Cornell University with his old friend geneticist Andy Clark on the human genome. Dude was larger than life, tall, and bald.
A few years later, I moved to San Diego, and got into surfing. Was reading a surfing website, and boom, Craig Venter pops up in an ad for luxury watches! Sailing in the ocean and rocking a Jaeger-LeCoultre watch that was probably worth more than my grad stipend at the time..
A few years after that and I interviewed at one of his companies, Synthetic Genomics. The bioinformatics team had their heads spinning from the number of pivots the company had been doing. They had gone from biofuel production to working on genetically engineering pigs to produce kidneys that could be donated to humans. Lo and behold, within a few years, someone got the idea to actually work.
Basically Venter and his accomplishments have been the background to my entire adult career in biology, genetics, bioinformatics and machine learning.
RIP Craig Venter! Sometimes to get great science to happen you need larger than life personalities!
Personally, myself I have been greatly impacted by this measures. Several services of mine were unavailable because LaLiga said so. No notification, no justification, they block and that's all. It has been a shame since the beginning.
> It is not up to you to deprive anyone their right to use them.
I don't see anyone saying that people don't have the right to use them. I see people saying that they have the right to avoid being anywhere near the people who use them and to disapprove of those people. Which is just as much of a right as the right to wear spy glasses.
