Posts by doublelayer

Re: Devil’s advocate

"What if they are true?"

Then they probably aren't that close to the middle of the contentious area. There are some statements of fact that are contentious to some people who insist on denying the facts, but even in those cases, the most contentious statements tend to exaggerate or create moral statements based around those facts. Most other stuff that's very contentious is a matter of opinion. Stating an opinion as if it is undeniable fact isn't a great operation for a chatbot intended to provide useful information. Nor would mangling a fact in order to back up a contentious opinion. I'm sure some people are busy writing chatbots to back up their opinions, but the models that have been released so far are intended to provide information, not to easily spit out an unending series of propaganda.

Re: "Problematic, racist, and pornographic web content"

It's a generic term for anything they don't want the AI to show to someone else. If I wrote a joke page of arithmetic questions with wrong answers, they probably consider that problematic because their AI doesn't know how to calculate itself, so it could memorize my wrong answers and give them to someone else. If I posted a large website of the output from Markov chains, that would likely be problematic because it could get their AI to make nonsense phrases of English words and they want it to make sense.

Of course, there are other kinds of problematic that are more about the subject matter which they disagree with. If there was a website advocating crime, they likely don't want their bot to start suggesting that people start burning things down, so that would be problematic. That arson-focused site wouldn't have to be racist to be unsuitable for their training data.

"(c'mon, the money and equipment is small change for Sony, it is indistinguishable from "nothing" compared to the regular advertising budget)...."

If the article is accurate, they repeatedly offered to give him the money and equipment and he repeatedly refused the prize. It's logical to find their response annoying, but it's weird to blame them for withholding a prize he was pretty clear he wouldn't accept.

Re: C2PA

A blog entry from someone who runs an online photo analysis system might interest you. This is one of a few entries on related topics, but it includes more commentary on C2PA. The short version is that, though he wasn't able to get technical details because the closed standards group wouldn't allow him to post any views, the general concept is weak and prone to problems. He has found many examples of a related algorithm being used with incorrect metadata, but signed anyway.

Re: C2PA

This would work great for a contest that was for raw photos only, set up the shot, point the camera, and that's it. This contest is not that, nor are most others. Modifications of the photos later, as basic as cropping out unwanted parts but including more complex things, are typically allowed. Only if you use a system that always includes a chain of the previous images could you verify the authenticity of a picture in that way. That's not that likely to happen, and if the only benefit of doing it ends up being to avoid use of AI in AI-not-accepted contest rules, I don't think it's worth doing.

Re: This con is as old as the hills, but could easily be fixed.

"It is disappointing that there are so many able coders on the planet, but none seem to care enough about this to produce a BTL."

That's because we have. Open source operating systems that support lots of hardware, on which you can run the latest version of a browser. What's the advantage in making a version that will run on Windows 98 when, if you still have a computer that runs Windows 98, you could try to run a different operating system on it. Linux probably still supports the processor in that, and if it doesn't a slightly older version of the kernel before 486 was dropped will. You'll run into problems, but because you probably have very little RAM and a hard drive that's hanging on by a thread, but it can run if you put some work into it. The alternative is either to use another system, which is inefficient, or to write custom code for every environment that has ever existed to fit within constraints that no longer apply to most users.

As for any computer that needs hardware to use modern software, like trying to use the ZX81, that's just wasteful. If I'm putting a much more powerful computer in between the old computer and the internet, maybe it's better if the user just uses that more powerful computer. Unless I'm doing it just for fun, and some people have (I think there was an article about someone connecting a C64 to WiFi recently using a Raspberry Pi), then what's the point? In that case, you could just plug the Pi into your screen and use that instead.

Re: Bit one sided

Maybe you noticed that I mentioned that several times in my comment? That it would be cut off from support in 2025, thus limiting the Windows life for that unit to 13 years? Maybe the fact that I complained about Microsoft not having a good reason for cutting it off?

The fact remains that, even for machines from 2016, that's longer than even the extended support for select Chromebook models that Google are providing. The other fact remains that, if I was motivated enough, I can make that laptop install Windows 11, because the hardware checks can be bypassed and the software will run. I don't think Microsoft should get any credit for that, which is why I'm perfectly content to yell at them for the 13-year cutoff, but try unlocking the support death dates on a Chromebook as easily as running a program on the Windows installation media which works for every model.

Re: Bit one sided

"Why can't I do something similar for things marketed by Micro$oft or Google."

That depends what your problems with those companies are. You can do that with several kinds of computer designed to run Windows. The machine I used as an example wasn't the oldest machine that could do it. It was just the one I installed Windows on a week ago. I could replace the storage and RAM, and the battery since this was a laptop. Switching out the processor wouldn't have been very easy though.

If you mean the Surface line from Microsoft, you can for a few of them, but many of them you can't because the hardware was designed to be thin with no thought put into repairability so a lot of them are quite difficult to take apart without breaking something.

As for Google, you can't because Google doesn't want you to. Even if the hardware allows you to replace components, you can only do that to repair the non-upgradable system, not to keep it running the latest software. That was my original complaint.

Re: Bit one sided

"Those who came before and exist today I.e Microsoft have done a great job at building in a 3 obsolescence cycle into hardware and software ,Google should be aaplauded or committing to 8 years as a starting point."

I can't tell if your 3 means three years or you made a typo somewhere. If you actually think there's anything like a three-year obsolescence cycle, I have no clue what you're talking about. Microsoft hasn't tended to cut off support historically, but they have demonstrated they're willing to now. However, that's not anywhere close to three years. I have recently installed Windows 10 on a computer with a Sandy Bridge (2012-era) processor. It runs and rather quickly. It gets updates. It will continue to get them until 2025. That's 13 years. That's not the oldest machine that can do that.

Google's promise is worse than you say for two reasons. First, it's not always eight years. It was originally 6.5 years, and they've extended it to only some models. That's 6.5 years from the original release date, not from the cancellation date. If a manufacturer is still selling devices they made in 2020, they get three years even though you're buying a newly-made device. More importantly, there is no technical reason for the expiration. When Windows cut off devices in the past, they didn't really cut them off; the device just wouldn't run well. That's the part that they've changed, and for reasons I don't believe, but their excuse is still technical requirements that they're building into their code. Newer Chromebooks don't have any technical advantage over the older versions; a new machine with a weak ARM processor will get updates, but one from a few years ago into which a much faster I7 or Ryzen was installed will be cut off. Nor does RAM, storage, or motherboard chip explain the difference. The only determiner for whether a device gets security is whether the manufacturer has permission to dump it. Google shouldn't be applauded for this; they had the choice to make the OS portable so they didn't have to do this, you know like Windows or Linux did, or they could have required manufacturers to have standards, and they not only chose to ignore both options but went with a ridiculously bad third option.

"I don't see why it isn't better to have desktop computers in the classrooms where they are relevant and students have a 'cloud' account where their work and other documents are stored."

The problems are for the courses where you don't need a computer at all times, but they are useful at least some of the time. If you put desktops in the rooms for those courses, you'll be using a lot of the space for machines that aren't frequently used. If you make everyone go to a room with computers in it whenever they're needed, you may have to move some stuff every time you do so and you're still reserving a relatively scarce resource now that rooms have to be provisioned. You could try to eliminate the second case as much as possible, but if you don't do that, the desktop solution probably won't be as efficient as portable devices. I haven't been in a school for a bit, but they're still trying to figure out how much they should change because nearly every job is now done with a computer at least nearby.

Re: Don't Forget the Incompetence (or Corruption)

The company is probably required to have unrealistic security constraints to prevent people from using cheating software*. This may be why they are so strict with the versions of components used to access the software. That is probably not justified, but I'd expect that to be the explanation if they ever provide one.

* Not that doing that prevents cheating, because a student could use something else to cheat and a typical attempt at cheating on the device is more likely to use a misconfiguration rather than a zero-day.

Re: Help! I'm confused.

It's much simpler than that. Politicians aren't looking at statistical reports being generated by different organizations. They listen to a few people who give them easily understood messages. For example, they listen to police who say that this one time we had a suspect's phone, and it was encrypted, and we're pretty sure there was evidence on it but we couldn't see it. Maybe that was even true, although they'd usually stop before the part where they did some more investigation and found other evidence. They want to have access to bypass the encryption, so they use this simple story and tell it to the politicians.

Think of this argument from the politicians' point of view. What makes more sense: this tool makes it harder for police, something that wasn't as common several years ago. That's an easy statement to understand, and it's accurate in those exact terms. Then a mathematician comes in and says that encryption can't be backdoored safely because of the following proofs, which take some time to parse even for us who work with equations frequently. The politicians don't have the ability to power through a proof; it's a bunch of numbers and Greek letters. It doesn't even take an idiot to believe this argument when ignorance and attempting to do everything quickly make it so easy to pick the simpler argument.

Similarly, they're not going to care too much when the rates of child abuse go up or down. Nobody will, because anyone who understands how the rates are calculated knows they're extremely unreliable and will work to make them as low as possible no matter where they are. Anyone who doesn't understand that, including politicians, will be easily convinced if there's a single anecdote of abuse that it's still terrible, which it is, and therefore something should be done about it. Since they don't know what that is, they'll ask the people who have the most contact. Those caring for abused children won't have a lot of simple, easily packaged and executed ideas, but police will have the same idea they always have: increase the powers of the police to investigate. So that's the path the politicians will take.

Re: Help! I'm confused.

Some politicians really hate [insert type of criminal here] and would like those going after them to have every resource imaginable to catch them. The type of criminal could be something universally despised (terrorists, mass murderers, child abusers), or not, but that doesn't matter, because the politician is reasonably sure it won't ever affect him personally. Some others support the government-run spy systems that already violate any law in existence and will be the only group to actually use this new power, and would like to help them. All politicians like the ability to say that they've defended the country against those universally-despised groups, and more importantly, more so than their predecessor did. No politician has any understanding of what encryption is for or how it works, so they assume that it must be mathematically possible to lock everyone out perfectly except the people who are trusted, and don't ask any questions like "how do you specify who is trusted and who isn't", because they'll just shriek that someone who didn't fail their mathematics courses should be doing that boring geeky stuff.

If you've ever worked as a programmer, you've seen this at a smaller level. It's the thing where a nontechnical person comes with a demand for a new feature which doesn't make much sense, may be impractical or even impossible, and whenever you ask for a more detailed specification, they get annoyed that you can't understand simple logic. If it takes you more than one day to write, they complain that it only took them twenty seconds to explain to you (well actually about five minutes because you kept asking all these stupid questions until they said they had a meeting and ran away), so why is it taking you so long to explain it to a computer?

Re: In case people don't know about it

This just gets us into a debate about definitions. Why isn't that encryption, since you still have a plain text message and a secret key that turns it into a private message and back again. If it does the same thing in a similar way, then why wouldn't it also be prohibited. I wouldn't count on that getting you out of legal penalties if the UK charged you for not revealing the encryption key and you tried to convince a nontechnical judge that technically, this has a different name so the key shouldn't be classified as an encryption key.

That's not the point they were making. It's not that every UK company supports this and is dangerous for that reason. Instead, if the UK companies are forced to use no security, then it becomes unsafe for a customer to deal with them, even if otherwise they'd be entirely trustworthy. It isn't a stereotype of the UK agreeing to this, but an extrapolation of the dangers of having this law apply to communications you initiate. If you are located outside the UK, then you have a choice of whether to initiate communications covered by this flawed legislation.

Re: Whose Encryption Might Be "Weakened"?

"The AC does make an interesting point"

I need to give you a hint here: if you intend to sound like you agree with a point from someone else, you're going to have to write in a less distinctive style and one that's a little different from when you posted the first time. Even if, by some miracle you aren't the person who posted the first point, you've imitated their style, which doesn't look like anyone else, so well that I'm not the only one who will assume you're one and the same.

"some group or another using their own technology.....is scarecly being "childish"!!!!"

And also, if you want us to take you seriously, you need to read what you want to rebut. They didn't say "rolling your own technology is childish". They said that not caring because it doesn't affect you is childish. You appear to still be doing that, which suggests you also didn't fully understand their correct explanation of why it does affect you. For example:

"It's a curious argument that people who take personal responsibility for their own affairs are automatically to be regarded as "creeps"."

They didn't say that, and in fact the two of you appear to agree that encryption shouldn't imply guilt and should be protected. You disagree about the viability of the plan you think ensures your security but does not.

Where do you live, and if it happens to be where I live, how does one find these things? I have tried to find such a thing before so that I could use the mobile networks to connect some projects of mine. They don't need to send or receive much data, and in most cases they'd be inactive most of the time. What I've found are some relatively cheap plans which still require a monthly payment even if you haven't used it and some prepaid ones that will automatically cancel service if it hasn't been used every six months if not more frequently and weren't free before.

There are a few good cheap mobile options, but in my case, I'm comparing the costs of the connection to the costs of the hardware (in most cases, a Raspberry Pi or similar computer connected to some cheap parts). If it's backup mobile connection for a year costs more than the hardware, I consider that excessive. I haven't found one yet which deals with this problem.

Re: “deliberate criminal act”

That is to make jury selection easier, as they usually try to find people who are poorly informed about the facts of the case so they're hopefully impartial. Which is certainly worth doing, but it means they work to find jurors who don't know about the case, not that all of us must be denied information until a court has ruled on it or to restrict public statements on that basis.

If they were picking me to be on the jury, they would ask me whether I have existing opinions about the accused and the crime. I would answer that I was convinced that he had leaked the documents given the public statements and limited evidence released. If his defense was that he didn't actually leak them, then that would likely disqualify me from serving. If his defense was that he leaked them for a noble purpose, then they would have to ask another question to determine whether I had already prejudged the morality of the actions, and if his defense was that he leaked them but the punishment they were planning was excessive, there would be an entirely different question. On those questions, I would not have such an absolute opinion; I'm unaware of any noble purpose for leaking the documents, but neither have I seen convincing evidence of a malicious purpose; it mostly seemed like an ill-considered idea. This means that I'm not in the mood to throw the book at him, though neither would I advocate he be acquitted of all charges. If the lawyers were unsure of my impartiality, they might opt for safety and not allow me to serve on that jury.

"what are they going to do about it in Massachusetts?"

What are they going to do about it in Virginia or Germany? You know that: they're going to look at it, think about it, talk about it, and create plans about it. Why can't they do these things in Massachusetts? The only time they need geographic proximity is when they're doing things on the ground, which these people are not doing. The American government has lots of military bases and they can do that kind of work in any one they want, just as a large corporation might have plenty of offices and, if they do WFH, even more places with a work-connected computer at which work can be done. Just as Apple might choose to do some work in Cork instead of Cupertino, the Americans can review military intelligence in any of the bases they want to. They can even do it in as many of their bases as they want to, for any reason as small as that's where the person they wanted to ask happened to be that day.

Re: “deliberate criminal act”

He's going to get all of that. You seem not to understand what that means. He gets to have a trial, with his own lawyers, and the prosecution has to prove him guilty before he can be convicted. He still has all of those protections. "Innocent unless proven guilty" means what the court has to do, not that, before conviction, nobody can denounce what he did.

This is a popular and annoying argument tactic. Whenever somebody you like is arrested for something and people start talking about his guilt, even if it's really obvious that he is guilty, someone like you will come along to spout this nonsense. By saying that it was a crime and he has little chance of acquittal if the prosecutor can prove the point, they're not convicting them; they're just describing what they think the likely situation will be and in some cases what they'd like it to be. I do not have to presume that everyone on the planet is innocent of everything until a court decides otherwise. Only the court has to do that.

We'll start with the worst assumption you've made:

"And another thing: why did an airbase in Massachusetts have printed copies of TOP-SECRET/NOFORN documents about the war in Ukraine ?"

And where do you think they should be? They were on a military base, you know the kind of place where military people review military situations. Did you think that Massachusetts is somehow a bad place to discuss European affairs? Would a base in Colorado have been better or worse? If I had to defend it, I could say that Massachusetts is one of the parts of the U.S. closest geographically to Europe, but since that doesn't matter much, it's just one of the places where they reviewed information about the war. They're going to be doing that anyway, so I'm not sure why one base is suspicious to you.

"systematically having hundreds of top-secret documents negligently lying around."

Yes, this is probably true. Nobody said the American military did everything perfectly. They have a long history of doing stupid things and not having the best security record.

Or alternatively, people who read the comments section disagree with you. You got 7 on your last post at time of writing. Which is more reasonable: seven whole people out of the thousands who read this disagreed with your post enough to push a button, or an army unit unrelated to the story or your comment decided to create fake votes that don't change anything, but they only managed to make seven of them? If someone came to me and told me to have a phantom army of voter bots, after asking a lot of why questions, I could make a lot more than seven.

Re: I have consulted in many places over the years

That's true, although I find that subprocess.run looks cleaner. Still, that's just two lines to run a command and get its output. If your entire script looks like that, then you can probably use a shell script very easily. Most of mine end up calling a few programs like that, but then have several lines of output parsing or command construction which I'd much rather do in Python where string parsing isn't a write-only operation and where loops can use more complex conditions.

Re: I have consulted in many places over the years

Not when you need to build ever more complex bits of shell, calling sed or awk frequently, for something that would be structured well in any programming language. At a certain point, shell scripts become too large to edit in a productive way, and programming languages that have some more useful concepts like type management and better ways of reusing functionality become better for the task.

You could write almost all of the basic utilities as a shell script, but would anyone want to do that? The original writers didn't, which is why most of them are in C. There's also portability tradeoffs. Yes, using a Python script means you have a dependency on Python, but if you don't use a particularly ancient set or use a feature introduced last week (there aren't that many of those anyway), then it will work identically in a lot of environments. A shell script is dependent on lots of aspects of the system, from which interpreter is running the script which may be user-dependent to the subset of utilities installed, and some of those differences in functionality can be fatal. Depending on the environments in which the script is running, you can experience some portability deficiencies from shell scripts as well.

Safer from what? There is safety from further fraud schemes from her directly (given her statements there's no indication of any feelings of guilt), and the potential deterrence to others thinking about fraud. It's difficult to quantify these effects, but they exist to some degree.

Similarly, there are different ways to rehabilitate someone. People who commit crimes because they didn't see other options may be easier to rehabilitate by showing or giving them opportunities to succeed, while those who committed crimes despite having an easy way to succeed without doing so may be more difficult, but I don't have any evidence to support that intuition. I don't have a good idea for how to rehabilitate a long-time scammer who demonstrates no guilt or even recognition of the harms she's caused and who had every opportunity to stop.

"But that's just knowledge I've picked up as a curious engineer, and still begs the question why experts doing their due diligence missed all this."

They didn't. Every time she tried to get an expert to invest, they refused. She shopped it around to several biology-focused investors and they all said no almost immediately after hearing the plan. The people she got did very little research, and whenever they did, it was all about the finances of the company which she faked for their consumption. They didn't ask questions about the technology, and she quickly realized that she should stop going to people who knew anything they were talking about and focus on those who liked the idea of being part of a world-changing startup and didn't understand that what she was doing was likely impossible. She targeted those people specifically, aiming to get well-known and respected people who didn't have any subject knowledge so she could use both their money and their names to draw in more.

You don't have to be stupid to miss the impossibility, just ignorant of the mechanics. It's clear that the blood sample contains what you want to measure, and they weren't collecting or diluting it so much that they were excluding the compounds they wanted to measure. Of course, I would have asked questions like "How are you able to measure it in a small quantity when your competitors can't", but I wouldn't have automatically assumed at first that they were automatically lying because people do make advancements in chemical detection and maybe they did. Of course, had someone asked that question, Theranos couldn't provide a real answer and probably used some technobabble to get around it, so I wouldn't be likely to invest in them, but I wouldn't have known from the start that they were untrustworthy.

Well, at least that's the word they've decided to use. It means "whatever the esteemed leader Xi Jinping says unless someone has killed him, in case whatever that guy says". It doesn't mean that it has anything to do with anything other people have called socialism, now or in the past, but you will find a lot of people who don't understand that (and many more who do but choose to pretend as if they don't so they can use it to make political points).

There are, unfortunately, many words that have been treated in this way. I tend to just stop using them and find a different one for whatever I'm expressing. I get tired of debate loops where we're discussing what a certain term means even though we both know what the other person thinks and such semantic snarls aren't getting us any closer to explaining what we believe.

Re: Something needs to be done to protect consumers

Things like the cake example can still apply to open-source contributors if they do something that's explicitly illegal, such as making code that automatically attacks and installs malware on other computers. That's still a crime and they can go after that person. The problem comes when they have done something that causes problems unintentionally. Drawing the line between these and an analogy to food is difficult, but the best example I can come up with is giving cakes away without checking whether everyone who accepted one wasn't allergic to the ingredients. If someone eats one and has a reaction, that doesn't make the baker responsible.

If I were to draw a legal distinction, I'd say that the hygiene requirements can be known in advance and followed to the letter, which makes it more reasonable to require that they be followed. The security requirements are vague and there is no way to verify that they have been followed without a court decision.