Posts by doublelayer

Re: Have an upvote

"It would not necessarily mean having to commit money into escrow but having their accounts frozen so that payments by then need approval of the plaintiffs."

Whenever you think of ideas like this, check whether they work if reversed. Let's say that Musk cancels his longstanding policy of making logical, well-considered decisions not at all based on who he happens to be unhappy with this morning and starts suing anyone he can think of. Let's say that he's going to sue that guy who told him he was wrong about how the Twitter app worked for breaching the NDA. By releasing some information, he has cost Twitter priceless information. If you could use an action like that to prevent the defendant from paying money, you could prevent them paying for a lawyer, force them into picking the cheapest lawyer if the court refused that last idea, or deny them simple expenses. It works the same way with a company, probably even worse because they're less sympathetic and have a lot more bills to pay than the average person. That could be a great weapon for winning court cases.

A slightly better version would be to require the approval of a judge, rather than the plaintiffs. While better, it's still bad; now you've just got to get a judge that is willing to let you use this mechanism as a weapon and you can use a suit to lock up someone else's money, probably also costing their ability to contest the case well. If it is dangerous and produces injustice when a big company uses it against a small one or an individual, it should not be allowed. Yes, when the big company is on the other side, it may feel nicer having a bigger hammer, but it won't justify the damage done in all the other cases.

Re: It's not just about the technology

Businesses have ways to deal with large capital expenses, and they have to do it for all sorts of things. They can manage it for computers as well. It may look nice on the paperwork and they may be able to use it to make a specific financial statement look good when they switch on, but it usually doesn't bring that much to the business's financial situation.

The primary case where the difference becomes important is when a business needs to buy a lot of computers right now, and the cost of outright purchase would be higher than temporarily renting them. Or in other words, it's the spiky use cases with extreme scaling requirements that is the most obvious case where cloud is useful. In most other cases, there won't be much of a crisis to treat it as capital expenses; if it's small, the expenses aren't going to be very large, and if it's a lot of servers, then you can get the same kind of expenditure flow by buying replacement hardware on a staggered schedule.

Cloud can be useful and there are times when it can be cheaper, but how it appears on the statement isn't particularly important in most cases.

Re: Obvious???

"I think it should be obvious that if I am paying someone else to do something for me, it's likely costing them in the ballpark of what it would cost me, plus they're going to add a bit on top. [...] It really is economics 101, straight out of Adam Smith."

It's so entirely contrary to one of Smith's core points that this really needs countering. It's the concept of comparative advantage. I could generate electricity, but I don't have the skills to do it well, I don't have the scale to do it efficiently, and I don't have the business to sell it to anybody other than my own use. Hence, it would not cost me about as much to generate electricity as it does for me to buy it. Even if I don't value my time at all, I would have to spend significantly more currency per joule I generate. That's not automatically true of everything, but it is not only not obvious that the costs are the same, it's flat out wrong.

Smith made this point at length as he was arguing against the tendencies of governments to use this flawed logic, restricting their ability to use resources efficiently. To use the famous quote, it's not that he bought from the butcher and baker because he didn't want to spend the time butchering and baking, but also because they were better able to do that than he was; years of skill and having a town willing to buy helps.

This doesn't mean that you have a comparative disadvantage in running servers. You're posting here, so you're probably in the group that has an advantage. That is why your employer hires you to do it rather than deciding that "Well it will cost us about what they're going to charge and they're going to want a salary, so let's try to skip them". You're better able to administer systems than they are so they hire you to do it, and if you decided that a certain way of storing and operating the servers was most advantageous, it could be true whether you did the housing or hired someone else to.

"Hosting your own hardware will always be cheaper in the long run than hosting someone else's simply because you're not paying the "someone else" tax"

That's very flawed logic, and it doesn't work with most other things. Consider your response if I said one of these things:

"Generating your own electricity will always be cheaper in the long run than buying someone else's simply because you're not paying the "someone else" tax"

"Growing your own food will always be cheaper in the long run than eating someone else's simply because you're not paying the "someone else" tax"

"Carrying your own packages from your house to your recipient, even if they live on another continent, will always be cheaper in the long run than using someone else's delivery service simply because you're not paying the "someone else" tax"

I'm guessing that you don't own a farm, power plant, and global mail system. You might own one of these things, but usually only if you're the someone else providing your service to people who would definitely not be doing better if they were trying to do it. This doesn't automatically mean that on prem is more expensive, and for many use cases it will be cheaper, but your reasons why it is are bad. If you use the wrong reasons to defend your stance, it may harm you when those reasons are proven invalid but there are right ones that could have done the trick.

Re: Good luck with it, but

That sounds very similar to the tip proposal. Both of them require that somebody who uses the code decides to voluntarily pay well for it. I'm not sure how yours differs other than the fact that you're focusing on big companies whereas the tip proposal works for any size of company. Unless either is widely adopted, it's likely to produce some relatively small donations.

It's also likely to limit which projects get support; the big tech companies already donate large (for us, not for them) amounts to open source projects, but not to every project that gets used somewhere in their company, since that's less tracked. That's why the Linux kernel gets a ton of donations from big tech companies, because it's a single, large project that they understand that they rely on a lot. The tip proposal appears to be focused on automatically following dependencies to distribute the funding to all of them, which will work better for the deep tree that is Node dependency hell and not bad for a structured package repository like Python has, but not so well for a bunch of libraries pulled in from GitHub or internal clones.

Re: Seriously....

"Either Twitter didn't want to be seen to crap on disabled people or they didn't know he was disabled. I think probably the latter."

So the contract specifically saying it, agreeing on accommodations, signed by the company didn't tip you off that they might have known a thing about it? Musk probably didn't know, but the company did. This also suggests they did, in fact, do some investigation into what they were buying and they thought it wasn't going to cause problems they couldn't handle. And, since he was in a job that involved a lot of managing between teams, his mobility restrictions probably weren't that big a problem until Musk was looking for an excuse and still chose wrong.

I'm also not sure why you think that Twitter agreeing to let someone work from home when they were using a policy where everyone could work from home and for an employee in a different country who presumably didn't want to move across eight time zones counts as "woke". However, since you used the word, I can safely assume that your logic would be incomprehensible or stupid and thus I don't have to look into it too deeply.

Re: How do I upload a PDF file to ChatGPT?

Maybe they just did a select all on the text layer and pasted that text into the chat window. It wouldn't help with images and some layout would have been lost, but the words would have gotten through.

"I drummed into these newbies over and over again, never say anything in email that you wouldn't be happy to see on the front page.

The same is true today, but also includes web forms of all descriptions. It just defies common sense that people would feed anything confidential into a system they do not control"

Maybe they did it because your advice was absolute to the point of uselessness. Before those businesspeople used email, they would say the information into the phone, connected to lines they also didn't control, or sent through the post, which they likewise didn't control. Neither was encrypted, both could be intercepted as easily as email could, and there was no available alternative that had more security short of in person only meetings. Some might have interpreted your warnings to mean that email was especially bad at security, which compared to existing mass-market technologies it wasn't. Those who understood that they were both insecure probably thought about your advice, realized they hadn't been told about a better option, so went with it anyway.

People have a poor understanding of security, most often due to not caring to learn about the details. It doesn't really help to give them unrealistic standards that they won't be able to meet, because they'll come to the incorrect conclusion that computers are never to be trusted and they have to decide between living off the grid or having no security. If you present someone with that false dichotomy, they're likely to be among those who decide that, if everyone is spying on them and there's nothing they can do about it, why not hand over all their data to Facebook, Google, and any page that suggests you log in, because at least that's convenient.

User education is hard. I get the idea that it might be better to overstate the risks in order to err on the side of security. The problem is that simplistic answers may lead the users into errors they wouldn't make if the more difficult work is done or if the IT security team makes the decision for the company and uses network blocks and warnings to enforce it.

It's the other way around. It doesn't keep the data and reprocess it because it isn't designed to be easily retrained on new data. In order for this type of model to get new data permanently added, it has to be added to the training set and the training routine run over again. That full retraining takes a lot of time and money, so they try to do it as little as possible. Technical limitations prevent them from automatic reingestion.

Re: They copied all the source code, entered it into ChatGPT, and inquired about a solution

"And if everything that gets asked of it also gets re-ingested back into the model, then anything commercially sensitive will automatically become available to everyone else who uses it, making it a total no-go area for anything to do with your business if you have any sense."

Everything said during a session is not ingested into this model, because the model can't do that. It is trained once and if you want to put some more data in, you have to start training it again from scratch, so that never happens. That's why GPT tends to be at least a few months out of date and can't explain anything that involves something happening recently. This means that if you put in some fact it didn't already know, it's not going to show up in anyone else's conversations, nor even yours if you have a later one. That is not a risk.

What still is a risk is that you've still sent a bunch of data to a different company without analyzing what they say they're going to do with it and what they actually do. Nothing prevents them from using that to train the next version of the chatbot, being hacked, or selling your conversation history, so unless you have a legal contract, that could still be a risk.

Re: So....

Just because they would have to delete the account doesn't mean they could take your money or would give you any. That's still illegal, so even if they decided to interpret this literally, it would just make the process of closing an account faster. If they actually deleted the account without finding out where you wanted its contents sent, the money they gained is still legally yours and has to be turned over to you. If they can't find you, they give it to the government to do that. Governments do that in a variety of ways, but many have offices to handle it (not very efficiently, but they do).

Re: So....

"So, if I delete my Barclays banking app account, then all my bank accounts will be closed and the money disappear?"

No, if you push the button marked "delete account" on one of your bank accounts, then that account would be closed and the money would have to be transferred somewhere else. If you happen to have a separate account just for online access and the bank doesn't do that automatically without the extra online account, then deleting that account would just take away your online access but the accounts with money in them would stay around. I doubt you'll even be able to do either of those because since when can you set up a bank account just in an app. Whenever I've done it, there have been more forms to fill out that could be doable on a website but in some cases required physical writing on paper in one of their buildings. If the app doesn't let you open an account, it's not required to close them.

Re: Process

That will be the excuse Apple provides for why phones have to have all parts locked so that you can't use them for spares. It will make some sense when they say that, which is why they won't mention how it also gets them plenty of business for unlocking those components from devices that weren't stolen. Depending on the models, the criminals might be able to use some of the parts as spares, but with a lot of pieces that will be unusable after they're removed or because of serial locking.

Re: Human error

As long as you collect a bunch of data, you can have this, so the solution tends to be not collecting data you don't need to, like video when the car is off. I'm also not convinced they even got much use from video when the car was on, and there's no way I would have opted in to that. Some misuse will happen whenever there are humans, but we can still take some relatively basic steps to limit the misuse anyone can do.

Re: The BOFH had a term for this

Rule number zero of troubleshooting (and design):

User behavior and ability to miss details are more unreliable than mechanical parts and, therefore, the first place you should look if there's a problem.

Before checking whether the switch isn't engaging right or the cable is not working, check that the switch has been set to on and the cable is connected to the right things and those things appear to be working. It's related to the first step of troubleshooting: verify that there is a problem and that you understand what the problem is, not what the report said.

Re: This is a job for .... Justin Case!

"Stupidly? If there's downtime to make the cut-over it's a very sensible time."

Probably not. To do a proper switch, you need plenty of staff there who can make the switch, quickly back out the switch if it goes wrong, and detect problems that would either be big enough to require rolling back or making emergency changes to the system. That's a lot of staff. You might also need the people who managed the switch if there's any part of this that would need approvals. Making all of those people work over a holiday wouldn't be popular when you could try using a weekend for it instead. This is all if all the people needed for a switch are in your company. If there's a chance you need to call someone else for support, a holiday is not a great time to rely on that.

There is probably a lot less downtime from the perspective of how many users are using the system than there is from the perspective of how many people are there actively working on the system. It's not guaranteed that failing the system during a holiday will be safer than failing it some other time, and if the fewer staff means that it takes longer to fix than it would at another time, it could make it worse. For operational reasons, there's a reason not to do it, and for a not having your technical staff angry that they had to work on a holiday and the management who decided this do not reason, there's another.

Exactly, or even a variation with a predictable floor. For example, if you're sharing desktops on a big server, then you could theorize variation where you get more of the power of that server if your desktop happens to be the only one or one of few operating at a certain point. This would be a nice bonus during low-utilization times, and it would mean that benchmarks taken then wouldn't be reflected when a more typical load was using the resources. However, you'd still need some agreed lowest level of performance so you know what you're paying for. Microsoft's offering doesn't appear to have that.

I'm also still not sure what the point of the desktops are when you're running them from a machine that's likely as powerful. Using cloud for more powerful servers or ones that need better connections to a lot of data makes sense. Using them for user desktops isn't efficient since you'll still be providing hardware to the users that could be doing the job. I don't think there will be much savings in downgrading the hardware to be a thin client.

Re: Benchmarks are important sometimes..

"The risks of getting things wrong are debatably higher too, as the number of "hacks" on S3 buckets shows."

This is more just standard failure to do the obvious security, and in AWS's case, they've changed defaults to try to help with that problem. If someone doesn't check that their buckets aren't publicly accessible, they may not be checking whether their internal files on the public server can be accessed without authentication. If you intend to shoot yourself in the foot by not checking any configs, you can do that pretty easily on cloud or off it. Competence to at least check the basic things is unfortunately not universal, and if someone thinks that switching to cloud or avoiding cloud will help with that, they're looking in the wrong direction.

Re: Asked it to respond as if it were the planet Pluto

Alright, I'll give it a shot.

Hi human. I'm Pluto, and I don't care about any of your problems. You're way over there. I couldn't care less what you do for your father's birthday. Also, tell NASA to cut it out with the probes. I've seen two of them just fired past me out into the rest of the universe and one that was poking around much closer. I'm sure they don't want those probes out there, and don't you even think about trying to land one over here. Bye now, and by the way, I'm going to last a lot longer than your planet will when the sun vaporizes it in a while.

Re: ChatGPT isn't good enough yet

I think the suggestion is that, because the raw GPT output wouldn't receive a good grade because it is too bad, that students could start with that and modify it into a good essay. The modification would be equivalent to the work required to write the essay from scratch. This works well as long as the GPT output is really that bad, because any student who knows what they're doing could create a valid essay and would probably realize the GPT output wasn't helpful. It breaks down if GPT can generate working answers for some questions without requiring the student to do a complete rewrite, which might mean that the proposed policy is only useful in the classes the poster teaches and not necessarily anyone else's.

Re: ChatGPT isn't good enough yet

"My experience, from asking chatGPT to generate answers to various exam questions I have set, is that chatGPT answers would get 2ii marks at best, and that it is pretty obvious that they were not written by a human, or at least someone with a good grasp of structuring an argument and use of evidence."

I suggest that this may be due to a small sample set. If you are setting more advanced exams, your questions may be the kind that a chatbot can't answer plausibly. This will affect the lower level classes first, because the answers in those cases are simpler to generate without really knowing the content. Any student that takes something sufficiently difficult will find that GPT is no longer useful, but it could create problems for those taking prerequisites where the questions are easier. I'd expect this to be faced by teachers of younger students before they get to you.

Re: Doesn't add up!

I think it's two independent statistics. Their model probably provides a confidence number based on how likely it thinks the text is to be AI-generated. That number is generated by an opaque process and isn't necessarily correct. They've looked at how well the model is predicting this, but not to try improving the results. Instead, they just ask themselves how high their threshold needs to be to have a marketable statistic for accuracy.

They need to do this because, if their false positive rate is too high, they'll have universities and students alike protesting at their offices. Students told that their self-written essays have been rejected because a computer decided it might be AI-generated and there's no way to prove that it wasn't are not going to be in a charitable mood, and they would be right about that. Universities don't want students to get that angry. To keep this rate down, it's likely that this software is letting all sorts of AI-generated stuff through on the theory that it's better to let a bunch of guilty students through than to punish more than 1% of innocent ones. I suppose I have to agree that false positives are a lot worse than false negatives, but I'm dubious that this software is great on either.

Re: A rather important question

"the fundamental purpose of education itself (to facilitate individual growth of understanding) has been abandoned."

When you're growing individuals' understanding, they start by not understanding something that everyone in the field will need to understand. You need to teach them the basics and then verify that they understand them. Let's take computer science as an example. When you're doing early CS education, the basic code the students write isn't groundbreaking, because they're demonstrating that they understand basic concepts. One student's recursive factorial function will look a lot like everyone else's. Even at higher levels, students doing the same assignment will end up producing similar results. I graded a bunch of students' basic HTTP servers in C. Yes, they all looked a little different, but nobody came up with a radical reinterpretation of how to implement a protocol as simple as HTTP. They were demonstrating that they could write a program that implemented a spec, manage network resources to deal with a bunch of incoming connections, and didn't use up too many resources in doing so. Had they gone to any of the other schools that has an HTTP server as an assignment, they could have gotten someone else's code and I wouldn't have been able to instantly detect it. That's it.

Essays can be similar. Not all of them are new original research. Some of them are intended to check that the student knows about the topic they're talking about, has correctly interpreted what they've read, and can get results from that. Eventually, they will need to do more original work than that, but not at the earlier levels where demonstrating understanding and the ability to describe what they know is being tested. As things get more complex, sending a prompt through GPT will become worse and worse. Even for earlier essays, GPT is liable to end up spitting out wrong answers and causing the cheaters to submit flawed essays. That isn't guaranteed, though, which is why chatbot-generated essays are still an issue.

Re: pointless

Depending on the level, the essay might have two purposes: making sure they understand the topic and helping them improve their writing. They'll eventually have to write something to express their ideas. Those who do not do well with the written word probably need to learn more about how to write well, because in our world, it's rarely optional. That's not universally true, but low-level education is trying to train everyone in general skills, and writing is one of the most general ones out there.

"you're not going to get kids who don't want to do the work to retain any of the knowledge by forcing them to write an essay."

How are you going to get them to retain the knowledge? Some kids are lazy about doing the work in whatever form but understand it, and that's great, but for those who don't want to do the work and don't understand it by themselves, do you have a plan for checking whether they understand it and fixing this problem? I don't think homework in a different form is going to change things very much. You'll have students who don't want to present in front of a class, don't want to have one-on-one discussions with teachers about the subject, and don't want to do the homework assignments. That's a problem with not wanting to do the work, not an indication that we need to change what the work is. There are cases where the essay is poorer than alternative methods, and change makes sense in that case, but not just to deal with students who don't want to do it.

Re: pointless

"If the essay can be fully automated by ChatGPT it likely means the entire subject can be automated (and removed from human jobs)"

Yep, definitely. Writing an essay describing how the cleaning process of a historical oil spill went wrong can be automated, so let's just let the AI figure out how to do the next one. The point of the work isn't writing it up, but understanding what didn't work, being able to explain why it didn't work, and being able to use that to figure out what will work later. Why does C4 explode? Easy to automate, but future chemists need to know that not so they can answer a quiz question, but so that their new compound that hasn't been described online yet doesn't explode unless they wanted it to. Other examples are available.

It's been that way no matter what tool was used. A simple calculator can automate all the primary school arithmetic assignments as long as you can explain to a student that you read from left to right, push all the buttons that have the symbols, then write down the thing the calculator says. If you let them use a more complex calculator, it can handle the next few levels as well without much human input. This would be great for jobs that just involve adding up numbers, but spreadsheets eliminated most of those. We still teach it so that the people know what numbers and operations to put into the spreadsheets, because numerical jobs don't involve a list of formulas people just want solved.

"Nope. Closest model is paying for services. Businesses tweet to drive traffic, subscription fees and ad revenues. Businesses would expect to pay for TV or radio ads, why should they expect the Internet to do that for free? Especially when again, they've been busily implementing paywalls,"

Because posting on Twitter isn't advertising. They also advertise on Twitter for which surprise! they pay money. Posting on Twitter is free. Twitter is within its rights to make it not free, but they haven't, so people don't voluntarily pay them for the privilege. The paper could pay for a tick icon, but like everyone else's tick icon, it is worthless. I don't pay for worthless things and neither will most companies.

"look on the bright side, if the NYT, Pelosi or even the Whitehouse lose their ticks, it'll make it easier for them to deny they ever said stuff."

No, it wouldn't, since it is still easy enough to check the history without a tick icon, but given your list of suspects, I doubt you ever do that level of research.

Re: Zuck on that

"here we have a bunch of people who could afford to pay refusing to do so. And the only principle in play seems to be that they're cheap."

Maybe their principle is that they don't pay for nothing, and right now, their tick means nothing. It no longer serves to verify to people that they are who they say they are, since it only translates to "they give us money". If El Reg came out with a new feature where I could pay them something and they'd turn off the ads, I'd consider it (I'm blocking the ads again because something must have gone wrong with the ads in the past, but still I'd consider it). If they had a plan where they took away my badge icon which I didn't ask for but I could pay to get it back, I wouldn't be paying. It's not because I'm cheap, but because the badge icon has no value to me and a meaningless blue tick may have no value to the people who have lost it now that it no longer means what it once did. It may not have had much value to them even then, but it certainly won't now.