Posts by doublelayer

Re: Cloud is a financial model not a technology

Because they're money now and money continuously, and those are different. Not necessarily as different as accountants like to treat them, but different nonetheless. Have you ever rented somewhere to live? Why didn't you just buy a house? It's just paying for somewhere to live, after all, so surely it's the same. There are sometimes benefits from renting, and sometimes substantial downsides because you've paid a lot more than you needed to and don't have anything at the end, but you can't treat them as the same because there are times where the one that seems the more expensive is the only option that gets you what you need.

Re: So what stops me

Basically there is no method for this to work at all. If the identity tokens are used at all, then someone will get them. They might buy them. They might steal them. They might get an issuer to generate lots of new ones. It falls into the same challenge that has hampered all cryptographic key-based systems since we've had them: key management is hard, especially when the users don't care. All the potential harms you point out are realistic, and there are tons more available. For limited groups and limited uses, this could work as well as anything else, but when you try to apply it to the whole internet, it breaks almost immediately.

Three problems with that:

1. Most things I connect to never see my MAC address.

2. Most things that do see my MAC address will happily accept a randomized one, including a continually randomizing one that changes by the hour. Those that won't work with that, for example corporate networks with MAC allowlists, will need one that doesn't change but don't need it to be globally unique or the one specifically issued by my manufacturer.

3. Most computers and phones allow me to change the MAC address manually if not automatically. That doesn't generally apply to IoT stuff, but a lot of the ones that I use will let me do it.

Re: Kill the 1-to-1 concept of identity

What good would that do? There are places where that's fine, and they already let you do that by using something like an email address as an identifier. There are lots of places that don't want that and won't let you do that, so they'll still use something that's unique per person, and if you take away one, they'll find another one. That's never going to end.

Re: EFF

"Apart from birth and death certificates, passports, ID cards (those countries that have them), driving licences, social security, etc..."

Let me guess. You live somewhere where the paperwork seems to be handled adequately, and you've never had significant problems with yours. Congratulations, but your experience is not that of many other people. Yes, if you need to find a place that has validated paperwork, governments are your best bet, but that doesn't mean they're good. It means that all your other options are even worse.

People manage to get born without getting birth certificates. There are some weird people who see that as a good thing. Often, governments don't notice until many years later when that person tries to get some other documentation and can't prove their identity. As a child, any physical paperwork about me was handled by my parents. What would have happened if they lost it, it was destroyed in some way, etc? Problems, many problems. What happens when one person gets copies of documents and uses them to live as someone else? Chaos. For instance, the real person gets put in a mental institution. That's not entirely due to incompetence. Sometimes, the challenges of establishing an identity are that hard.

That is all in a nice developed country that spends lots of money on those databases. It works even more badly when the government is dysfunctional, the identity database had a bomb drop on it, or a government is specifically trying to delete people from the database. It works badly when people travel without reporting in, either because they didn't feel like it or because it's illegal (there are illegal international migrants of course, but in some countries like China, there can be illegal intranational migrants too and paperwork is messy). Or simply a place where people don't report a birth because they've rarely done it before and don't really see why they need to now.

Re: In-Person Verification

That solves neither set of problems. Unless you make them prove identity, you have no way of knowing whether the person that showed up at your office claiming to be X is X or not, so if you issue them some token they can use later, you'll have done nothing other than proving that, at some point, a person was there. Someone who wants tokens for bots can hire a hundred locals and have them walk through your office giving random names and sending the tokens back to base.

Meanwhile, if you're going to solve this problem by collecting lots of identity details, then you don't have to make them show up physically. You can just use the complicated, dangerous, and useless solution these "researchers" came up with. Since you're unlikely to put offices everywhere humans live, the digital solution, while all the adjectives and some much nastier ones would still apply, would at least be implementable while the physical one would have all the same downsides and also not work.

Why is that desirable? Start with something that's not soft. The soft factors will not be suitable passwords and they're very likely to break. They won't be that hard for someone to impersonate, and they will be very likely to show false negatives just because someone's computer broke and was replaced or they clicked on one of those Google ads and ended up using Chrome even though they didn't want to. You'd be constantly ringing false alarms and gaining nothing for it.

That's to say nothing of the privacy nightmare that would be. I do not give my biometrics to any random site on the web. I don't tell them where else I browse. If something is medium or higher security, let's stick with the direct methods. If something is low security, let's also stick with direct methods but we can use a cookie, which I can allowlist, to remember me and keep me logged in. Neither of those is likely to lock me out at an inopportune time. Neither of those will result in well-deserved GDPR fines as your solution almost certainly would.

Re: Boucher using Claude to write 97 books in less than a year

From the other article, the books being written don't have that many words. Two to five thousand words is a short story. The only question is, without reading them, whether the 40-140 images are making this part of the plot, effectively a short graphic novel.

In his defense, writing a bunch of short stories is a very different thing to writing a bunch of novels. I can't know how much effort has gone into any of the short stories without reading them, and I'm not paying to do that. I'd still think that writing a hundred of them in a year probably means there's not that much in them, but it is conceivable for an author to do that by hand and therefore conceivable that someone could use GPT to generate one, then clean it up to be something worth reading. That doesn't mean that's what he has done. There are lots of people who put in some prompts and sell whatever text comes back, and just because he claims not to be one of them doesn't prove he's not.

Re: "Whether we burn $500 million a year or $5 billion – or $50 billion a year – I don't care"

"Yes, exactly. Sorting them physically into piles, is a known strategy to cope with human well-known cognitive lack."

Which is why I referred to counting things in a microscope. Biologists are not picking up and sorting cells (or whatever it is they're counting).

"Wow, you’ve fallen right into the anthropocentric trap. Why is counting 3 items so much easier for a human? Because the human brain literally has specific circuits for counting in blocks of 2, 3, 4 and 5."

That's not the point. If there are eleven items, which is neither in that list nor an even multiple, it still won't take as long as 237. Quantity is the problem if the question is losing track, and you are the one who brought up the losing track prospect. Of course, a computer has hardware which is great at not losing track, so a program that was able to make use of that to perform cognitive tasks should be much more reliable than a human would. This is all irrelevant because the computer is not trying to count, as you said yourself:

"You just need to understand the tool you have; and want to succeed at the task in hand, rather than trying to catch it out."

Which I will extend "You just need to understand the tool you have; and what it can do (generate some text) and what it can't (guarantee that the text is at all relevant or correct)". That is the only way you will know whether your tool can let you succeed at the task in hand.

Because yes, it can probably write the program "strawberry".count("r"), but with many other tasks, your suggested solution wouldn't work either. Whenever it has to write a program that's a bit more complicated, it fails and badly. For example, I asked it to write a Python script that would count characters from a larger set. It gave me a valid Python program that counts characters. From another set. I asked it to count the number of characters that were in the lowercase alphabet and a small set of punctuation. It gave me a program that counted letters in the lowercase or uppercase alphabet and no punctuation at all. When I pointed this out, it gave me a new program which had the following criteria:

1. The punctuation I asked it to count were mostly not counted.

2. It told me I needed to import the re (regular expression) library, but never used it.

3. It would now count some characters in Unicode code ranges that didn't include the characters I asked for but did include several others.

4. It stopped counting any letters.

5. The only character from the example string that was counted anymore was ".".

But sure, that's a trivial strategy that works flawlessly.

Re: The linguists clearly having kittens...

Easy. Go to a library, book store, or school. Find one book with the words "English" and "Grammar" on the cover. Read that book. You will be guaranteed to get clear rules for how English must be written. Warning: do not read a second book. If you do, you will get another set of rules which will almost certainly differ in some respects from the first set of rules. Both sets of rules will also have some differences between the way people actually speak and write English when attempting to communicate. You can either accept this or become one of those people who like to point out split infinitives even though nobody else cares.

Re: "Whether we burn $500 million a year or $5 billion – or $50 billion a year – I don't care"

What kind of argument is that? Let's consider your 237 items. I have to count them. Without any physical interaction? What does that mean? I can't pick them up? People count things all the time when they can't move them. I've known biologists who have to manually count things through a microscope. Sure, it seems like incredibly boring work, and it's work that I hope has been superseded as often as possible, but they can manage it. I can count tiles without labeling them. So yes, I can eventually count 237 items, it will just take a while. If I lose count, I will either tell you I lost count or decide that the task is pointless enough that I'm refusing to complete it.

However, the argument is bad for another reason, namely that the quantity isn't the same. Asking someone to count 237 items will take them some time. Asking them to count three items is much easier. There are only three Rs in "strawberry". Quantity is not the problem here. The problem in anthropomorphic terms is that the program does not know how to count. The program knows how to respond to sentences with other sentences. It is not adaptable enough to understand the query, and if it was, the problem would pose no difficulty as it could return to the string to count characters. Incidentally, this disproves your other flawed analogy to translation, as the original string is easily read both during the initial tokenization as well as at any other point before a response is returned. The tool is being asked to do something that it was never designed to do, but it appears as if it should be capable of it, and people treat it as if it is capable of it. The tool is not intelligent because it wasn't intended to be intelligent. It is the user's fault and the user's problem when they wrongly assume that it is.

Re: Sometimes I wonder whether I'm talking to a person

I'm not sure how I work, and I wouldn't automatically say that complex statistics couldn't be it. If it was, then yes, I have internal goals, but those goals are derived from statistical inputs about my situation, and I introspect in order to improve the analysis of those statistics, and my emotional responses are artifacts of the process which are created from the statistical analyses and then used as inputs to the next ones (this one I'm more confident about because sometimes they help and sometimes emotions are distractions which reduce my ability to get to my goals). However, even if that's true, it's the next leap in logic that they attempt which loses me. The way they argue, they seem to be following this syllogism:

Our brains are statistical (you appear not to believe it, I think it's possible but unproven). LLMs are statistical. Therefore LLMs are capable of acting in the same way as the human brain. Therefore they already do act in the same way as some of the human brain.

I have problems with both of the therefores, not just because they're unproven, but because I think there is sufficient evidence to call them both false because we do have some understanding of how an LLM is arriving at its answer and our understanding fits well with the many things it gets wrong where a human trained on the same material would not. Thus, whether we are primarily statistical machines or not, which I can't prove, I am not convinced by the broader argument. I see a lot of people anthropomorphize programs. I think that this may be partially due to the use of analogies in terms (training, reading, hallucinating, etc), but since it's been going on back to Eliza if not earlier, I can't blame the terminology for very much of it.

"If a human being (say a student) is told by an authoritative human they trust (say a professor) that they are wrong, will they stick to their guns or will they scrabble around for another answer?"

I might, because the professor is likely to have a point that I need to consider. But sometimes, I have had disagreements with authoritative humans I trusted where I was right and they were wrong, so that option will be considered. Some of the professors I know understood that and, either to vaccinate people against it or just to have fun, took to questioning answers even when they thought they were completely correct. As a student, I didn't really like that because they always asked the question as if I had made an elementary mistake, and when I stopped looking for what it might have been, they told me that they didn't have any problem with it either, but maybe it was helpful.

Good luck ever getting agreement on a definition for AI. Nobody here will agree, and if by some miracle you achieved it, marketers would come along to break the definition almost as soon as we had one. Some people think AI is an if statement. Others won't accept that a computer is an AI until it breaks out of human control and massacres us, and even as they get attacked by robots the computer designed and built they'll still say that it was just mathematics. My guess is that most surveys about who has, is making, plans to make, or will never touch AI don't bother to define it, so you're seeing an amalgamation of respondents' guesses about what it means in this situation.

Re: The written word

They can be quite good at telling jokes. Take a string that's already in the training data as a joke, and print it. At making new ones, pretty terrible. Then again, I can't be sure that the stuff they print wasn't generated by a human, and there are a lot of humans who are bad at writing jokes. In my opinion, humorous people tend to tell comedic stories rather than inventing wonderful two-line jokes, but if you ask for a joke, LLMs will tend to produce the latter rather than going for a longer premise with many funny asides and a good punch line at the end.

Re: The linguists clearly having kittens...

English has precisely-defined rules too. It's just that there isn't a single organization that's considered the final decider. The result is the same: actual people ignore what those organizations say when they want to communicate. For instance, the French Académie Française hates using words from any other language, so when words from other languages start to be used, they can be counted on to make up a new word or phrase from French words (words they got from a language at a time old enough that they're happy with it). That doesn't mean that French speakers defer to those new lists. When most French speakers I know speak of an audio file on an RSS feed, they call it a "podcast", not an "audio à la demande". It also doesn't say what should happen when their opinion about the language differs from either of the authorities in Belgium and Canada which are independent and have different words in their lists, nor with the many countries where people speak French and don't have an authority trying to manage it.

A standard grammar does no good here. An LLM can follow it, and the best it will get them is that the produced sentences look grammatically correct. It won't help make those sentences factually correct, useful, not random, or any of the other things they're supposed to be.

Except that you could have transferred it off that disk to something else at many times, including now if you still had the disk. Then, you could either print it out or just keep transferring the file from medium to medium as you updated your backups. I have files from decades ago that are on modern hardware because it's 135 kB, so no need to clean it out when transferring backups from the small disks to the larger disks. In many cases, the availability of data later on is not due to what it's on, but how much you cared. Lots of paper has been discarded or damaged because the stuff written on it was not stuff I valued at the time, whether I wanted it later on or not.

Large amounts of parallel compute is not a new thing. Before LLMs, there was lots of other machine learning work which people will keep doing. There's also cryptocurrency mining which has fallen lower on the hype list but there are still plenty of people spending lots of money doing it. There are animation studios that use lots of GPUs who will fund manufacturing advancements. If all of those collapse as well, there are always gamers who will need something to drive 8K displays at 144 Hz (sure, they're not doing it now because the chips can't manage it, but I know some who will if they can and I'm not sure if they'll stop there even though it seems overkill to me). GPUs are popular because they're almost as versatile as CPUs were. Everyone needs fast single-threaded performance from time to time, but although not everyone needs reasonably fast parallel compute, so many different use cases can benefit from it that they're going to keep making new chips to do it.

The one area where we agree is that individuals won't be building new raw models like GPT4. Those require too much training data and training to go somewhere. They will certainly take the ones that have already been trained and keep building things on top of those, though. I'm also not convinced that an AI winter will mean that nobody is doing LLMs anymore. I can easily see some companies deciding that they'll never make their money back and they're out, but I don't think we'll get them all to stop. Somewhere, a company will decide that there are enough clients who want to fire their remaining customer service people and are willing to pay for the LLM that does it, and those people will keep spending.

"Who and what is going to continue pushing down the cost of the chips if the massive tech giants who were driving most of those sales in the first place are no longer interested?"

Moore's law, same as before. One of two things will happen to the chips involved, mostly Nvidia's products.

1. Someone else will come up with a use case for tons of parallel compute, so they'll keep buying those chips. Nvidia will continue to receive money and invest it into faster chips. Those who want to use the chips for LLMs will be able to buy them.

2. Nobody will find any other uses for those chips. The price will fall, and improvements in manufacturing will make it easier to keep making them. Those who want to build LLMs will use more than one of them.

Option 1 is a lot more likely. Even if there was an AI winter, it's not like everyone everywhere would stop developing something around them, and even if they did, progress could still be made on those tools. Whether that progress will ever get something that can be trusted is less clear.

The reason they won't is that's not at all a clean slate. Running atop Linux means bringing in all the things Linux has had to do for decades. That has some advantages, because they don't have to write their own implementations of filesystems or the many other components that Linux has installed, but it also means they can't do any of the things that designing from the ground up generally lets you do. They would be trading the 1990s restrictions that went into the NT kernel, many of them based on older restrictions carried over from VMS, DOS, OS/2, and other operating systems for a different set of 1990s restrictions, many of them based on older restrictions from Unix and BSD. If they want to run anything natively, they'll also have to keep around quite a few of the first set as well.

Designing that way doesn't let them do any of the things that starting from scratch and building an NNT kernel might. Not that I expect them to do that either, but if you're going to go through a long and expensive migration project, doing one that lets you design anew is probably considered more worthwhile than doing one that, if successful, means everyone is at the same place they were before and it's easier for people to stop using the product.

I've heard it before and I'll hear it again, and I probably won't believe it then either. In my estimation, Windows will stay Windows while people are still buying it and running legacy applications. If enough people stop doing that that it's not worth keeping around, then it will die, and people will use something else and use VMs or compatibility layers for emulating it when necessary. I don't think that will happen soon, as I don't know what is likely to replace it in the near future. A ground-up reimplementation seems unlikely at all, and if it happens, I see no reason why it would use a Unix or Linux base.

"When one considers what companies might put up some stiff competition against RedHat / IBM, MS is probably one of the likely candidates whom may even be acceptable to many in the OSS community."

I don't know why you assume that, and I might be wrong, but I don't think MS would be accepted. It's pretty ingrained in many free software advocates that Microsoft is the enemy, has always been the enemy, and will always be the enemy. When Microsoft builds in a Linux layer, I see people crying "embrace, extend, extinguish" at it. When Google builds Linux into operating systems, then denies users the ability to do anything with it, I see people trying to convince me that Android should be counted as a Linux system and means that open source is winning. I think that Microsoft could develop many useful tools that work well with Linux, but if they tried to make their own distribution, I expect lots of people to refuse to run it on principle.

It is not the intent of the ruling, though it wouldn't be hard to extrapolate it into doing that anyway. However, it is exactly what the original post in this thread would get if their idea was implemented. From previous posts, I'm guessing they're one of the people who don't like how moderators removed or posted additional information around something they agree with, and they want that to be illegal, but they haven't considered that the law they're trying to gut is the main reason that any similar posts are available at all.

"now we need to get the other side. Allow all speech and keep protections, but when you decide to block certain topics, now you're a publisher and liable."

You do realize that, with something that stupid, the law would then say that everything at all would have to be posted to keep the protections. I.E. unless you keep up the terrorist beheading videos, you're liable. You would effectively prevent all public posting, including these forums, except for those places so extreme that they don't mind hosting literally anything, no matter how illegal, that someone decided to upload. That goes for the places you like as well. Maybe you're into some conspiracy theories and you're tired of those being moderated. Sorry, but if the sites that are keeping those up ban anything, be it even more extreme ones that you don't believe in or people disagreeing, they can now be sued for anything they keep up, meaning they're much less likely to decide to keep up the stuff you want to see or get away with it if they do.

"Given that it seems likely to have been a generic error fixing it one case at a time isn't going to help."

But that's the main purpose of many of the employees AI companies have hired. They have to quickly patch prompts or predefine answers every time someone comes up with another thing that breaks them. Does it print copyrighted material when you ask it? Does it show off its training when repeating words? Can an odd phrase cause it to go into gibberish mode? Does it tell people to do dangerous or lethal things? Does it start emulating a crazy person who you would run away from? Just patch over each of those holes and a lot of people will pretend it never did those things and certainly won't do it again.

Of course, paraphrasing the original sentence is often enough to make it break again, but they're not interested in making it not do the undesirable things. They're interested in having negative news stories, a user putting in the prompt that broke something, seeing something reasonable, and decide that the news story was blowing it out of proportion. That is how we can still have people post here saying that it doesn't print copyrighted content even though it has on numerous occasions.

Maybe we send and receive different types of mail. I frequently have things that I want to send. Let's take an example.

I've just found an interesting paper produced by a university. This paper can be found at https://ee.engineering.someuniversity.ac.uk/ce/2018/~efermi/archives/2016/rgaaf-pg15-38.pdf

I want to tell my colleague about this because it has something relevant in it. How should I do it. I could include the URL, but evidently, that makes me bad at communication. So maybe I should give them the last search string I used to find this from a search engine. Except that search string is confusing because I was using it to replace the absent or malfunctioning search box on the university's site, so it has a site: filter and a few words that look like I just picked them out of a bag. Also, I used DuckDuckGo and they're using Google, so their results might be different. So I tell them to go to DDG, enter this search string, select result number 5, and oh right, this PDF was not what result number 5 links to. Result number 5 links to a personal page from graduate student R Feynman who worked on a paper about something else with professor Teller. I'm not interested in that, but fortunately, Feynman mentioned when linking to Teller that Teller also works on the kind of thing I'm interested in, so I click on that link and go to a page that Teller wrote. Only there do I find the link to a different paper that Teller wrote with Professor Fermi, which is why the PDF is under Professor Fermi who I hadn't heard about before. So maybe giving a search term isn't the best option.

So instead of that, maybe I should take the link I have and see if I can find a path back to the university's home page. If I'm lucky, I may be able to tell my colleague to navigate to the home page of Some University, and if they don't know that they can always google it, then find the link to the engineering departments, then the twenty more links needed to arrive at this professor's page. So that is not much better and there's a decent chance they'll take a wrong turning and end up at the wrong URL entirely.

If I have somewhere that I want someone else to go, a URL is the way to ensure they arrive there and not somewhere else. This is why, when I tell people to download something, I always make sure to give as clear a URL as possible and never give them a search string. Frequently, when I have used other methods, bad things happen. For example, they Googled something, clicked on an ad that I didn't see because I block them, and ended up in some sketchy site that's more than happy to provide them software downloads, just not the software download I told them to use.

Re: Priorities?

The argument was that email is the weakest link due to technical limitations. There are a few technical problems with email that could be improved, but in many cases, they are not necessary and not used for successful phishing attacks. Email is the most often used path into an organization not because it's technically weaker, but because that's the most common way for an external party to communicate with the organization. I can't hop on a company's internal Slack or Teams groups without hacking an account (although an attacker might hack an account so people need to know that phishing can happen there as well), but I can send them email. If email were removed, then most phishing would come through whatever external communication method replaced it.

It is popular to see phishing as a technology problem. IT people like it because we are already used to trying to solve most problems with technology because we can and it doesn't require any of the less reliable methods of trying to solve it. Non-IT people like it because it means they can tell IT to fix it and stop paying attention. It sometimes makes more sense to file it there because sometimes it is attached to things that are actually IT problems such as malware or account compromise. The problem is that it's not really an IT problem any more than scam letters were a post office problem. No matter what technology-based solution you try, the improvement will be marginal. Since nothing else is being done, by all means find any technical hammer and hit that nail. However, if you expect a lot of movement, to not have to train people to be vigilant, or to not have failures, you will never get any of those things.

Re: Aaaaand another parsing error

"http": doesn't match the pattern because you need another character after the colon, so it doesn't cause a crash, but "http":/ does. Just tested it. The Settings app didn't like it.