* Posts by Cybersaber

168 publicly visible posts • joined 3 Jun 2021


Canonical takes its LXD 'containervisor' back into the house


Late to the party but...

'...is no longer independent.' is a misconstruction of the functional use of 'independent.'

If a project doing or not doing something *depends* on my say-so to do something, then by definition it was never independent in the first place. For it to be actually independent, Canonical should have been unable to 'call it home.'

Microsoft and GitHub are still trying to derail Copilot code copyright legal fight


The 303 creative decision you're unhappy about doesn't bear a lot of similarity to this case. I get that you're unhappy with the result, but really, your post just comes over as salty. 303 Creative was about a standing problem where the website designer was in the position of being unable to sue without knowingly violating the law and getting prosecuted. Colorado stipulated on the record that they WOULD prosecute the owner of 303 and send them to a 'reeducation camp' if they went forward with excersizing their free speech rights, and the standing argument in that case would have amounted to 'of course you can sue, but only after you go get convicted first just to have the right to sue.

This isn't that at all. Nobody's arguing about pre-enforcement standing except the giants trying to avoid consequences for their stealing. The conduct has already happened here. This isn't preventing something from happening. It happened, and Google and MS are just trying to say 'we know it happened but you can't prove it because we're making it impossible for you to do so.'

I get that you're salty about the 303 creative decision, but it's not relevant to this case except in the broadest of senses that they'd both be cases where there were various arguments about who has standing to sue. One case would never reference the other in some later legal decision.

Uncle Sam cracks down on faked reviews and bad influencers


Re: I give the Reg five stars. The posts are informative and honest. Much better than mumsnet.

Let me restate the scenario so you can see the problem:

My employer leased a building in the red light district surrounded by brothels. He was totally legit and honest, but couldn't figure out why respectable customers wouldn't visit his storefront.

The problem isn't that the IP range was blocked - the problem was doing business with an ISP that was doing a bad job with security and harboring bad actors.

Note: This comment is specific in scope to email practices. Whether an IP range should be blocked or not is very nuanced. The commenter above was talking about port 25 (the port associated with Simple Mail Transfer Protocol) specifically. blocking a range of addresses STILL isn't something most (reputable) filtering companies do except in exceptional situations. Since it was done, and the poster explained WHY - that's why I made the comparison I did.

Rocky Linux claims to have found 'path forward' from CentOS source purge


Re: Free means freedom, not zero cost

Your position makes no sense.

As per the logic I described, the ACME employee would then continuously mirror the sources out to sundry and all. I didn't spell that out because I thought it wasn't needed.

So at that point, there's a public mirror that's doing an end-run around Red Hat's terms the way they tried to do an end-run around the GPL. RH would either have to just give up enforcing the contract against anyone at all, or would have to enforce the terms against the company that the employee is using as the upstream mirror, and invite the suit I described. Either way, they lose.

And that doesn't cover the criminal side of things either. That depends on a DA's discretion whether a case is brought.


Re: Free means freedom, not zero cost

There's multiple relationships, and not all of them are between the same party.

RH is saying in effect that:

We are obligated to give you this source, and you must give it to at least one person (else you can't even DOWNLOAD it, much less install it or use it.) You must give that person the right to obtain the source. You do not have the right to refuse that person if they should ask. If you don't violate their rights, we will terminate the service contract. If you don't violate your employees rights under the GPL, then you are in violation of the GPL yourself, and are open to suit from the SFC or loss of your license. So we are taking your money, for a service we know, or plausibly should have known (since our whole business revolves around the same license) you can't actually use without violating the terms of the service.

There's no way that would survive any sort of sane challenge. One might even be able to prove a crime based on whether the RH was being reckless or negligent. Depending if one could meet prove the necessary scienter requirements, it might also be criminal fraud. A creative DA who is actually a lawyer (I am not, I just read a lot of legal opinions and blogs) might be able to prove incitement or inducement to commit fraud.

Maybe we just need to find a savvy DA rather than a company willing to sue. :D


Re: Free means freedom, not zero cost

The case here is a bad-faith contract. Because RH sells software, they either have to expect that it will just be bought and never downloaded, copied, or installed, which is bad faith. OR they have to be making a contract that they know the customer will be potentially required to violate, which is also bad faith. The critical flaw in their plan is the employer/employee relationship.

Inside RH customer's someone has to install the software. An employee. Now to RH that's all the same thing legally - there's nothing new or weird about that. But the the customer, they have to have some actually download/install RHEL, and the second they do that, the employer is distributing to the employee a binary whose code is covered by the GPL. The GPL doesn't care about employer/employee, and almost every legal system very much treats the employee and employer as separate legal entities. All that employment law about how each must act toward the other, that's all great but has nothing to do with the GPL. One legal entity has conveyed the copylefted software to another, and now that employee has all the rights and responsibilities covered by the GPL.

That's the rub - RH is selling support contracts that are ostensibly for X months, but (by virtue of GPLed software being the very core of their business) know that as soon as someone actually downloaded RHEL, they will be required to do something that will make it so that RH can cancel their contract. Thus, the 'contact was negotiated in bad faith' cause of action.


Re: The GPL is about rights granted to *people* not seats or companies or machines

Maybe I didn't make the scenario clear.

The fact that 'me' is the Sysadmin tasked with installing RHEL is irrelevant to the terms of the GPL and its guarantees. I am an employee/contractor, and I don't legally somehow become the company in this scenario, because we're talking about three entities. RH has a contract with ACME. ACME has a contract with ME. All three are parties to software conveyed under the terms of the GPL v2/v3, but RH has no contractual relationship to ME, and can't hold ME accountable for terms it negotiated with ACME.

So while your correction about providing binaries is correct, it's not really relevant to what I'm suggesting.

From a judge's perspective (at least here in the US,) it looks like this:

This is a breach of contract case. RH agreed to provide certain software and source, with terms that governed the reasons RH may cancel the contract. The ACME has their own employment contract with their employee. RH is obligated by the GPL to provide sources to ACME. ACME is obligated by the GPL to provide sources upon proper request by the employee. RH is not directly violating the GPL, and neither is ACME. ACME is *required* to provide the sources to ME, the completely separate entity they happen to employ. All parties are presumed to be familiar with the terms of the GPL before RH offered a contract to ACME, else RH had no right to distribute the kernel and other software covered by the either version of the GPL.

If RH cancels ACME's access, they have (potentially) violated their contract with ACME by terminating for reasons not allowed under the contract.

That's the thrust of what I'm getting at. it's not a GPL violation case - it's a breach of contract case by RH. RH would seemingly have to plead that they sell software that you can neither download or use, which is absurd and would not fly. They are selling software that they know (or should know) MUST be allowed to be distributed further without additional restriction, and if they purposely represent that the customer can have a service agreement for support for X months, and they put restrictions in there that they know the customer legally cannot comply with, then they're negotiating in bad faith.


The GPL is about rights granted to *people* not seats or companies or machines


I work for ACME software. ACME is a Red Hat Customer. They license the software compliant with all RHEL terms, and get a copy of the binary and source. ACME gives me a copy of RHEL+Source to install on a VM.

I, ACME employee, have been distributed a copy of the Software, and am now entitled to redistribute in any way the GPL allows, and neither ACME nor Red Hat can stop me. ACME can choose to fire me if their local laws allow them to terminate me without case, but they can't stop me from redistributing it. If I work in a country where I have to be fired with cause, they might not be able to do so, as I would be operating within my legal rights as granted to me by the terms of the GPL.

If Red Hat tried to terminate ACME's license, I think ACME could sue for breach of contract if the reason was solely because I, a private citizen with my own rights and freedoms, chose to redistribute software in a way I was legally allowed to and ACME had to legally allow me to do so. They can fire me, but RHEL guys, I can't STOP them from doing it. I HAVE to let them, because the GPL required it.

The GPL doesn't make any distinction between employer/employee. The company (a legal entitity) distributed the software to me (yes, and employee, but the GPL doesn't make that distinction) and they can't forbid be from copying the binaries unless they can prove I WASN'T allowed to access them.

Even if RHEL isn't violating the GPL, they could be violating their contract with their customers if they cancel due to further distribution of an unrelated third party not covered by the contract.

Seems like the employees of the Linux distros should try this legal theory. Seems like it might work as a counter to Big Purple's work-around.

If AI drives humans to extinction, it'll be our fault


Re: Distinction between intellect and sapience

I think you are using a strange and unique definition of 'sapience.' Firstly, a worm has the machinery you posit, but few if any would argue that an earthworm is sapience.

Furthermore, you're using a level of abstraction similar to that which underpinned all the bad ideas that came about when the cell was thought to be just an undifferentiated bag of goo. Turns out, it's WAY, WAY more complex than that.

Even positing that I could create artificial neurons, and positing further that they're perfect relicas in function to the customary organic ones, it does not follow that hooking an arbitrary number up in a certain way will result in anything but electrical noise and wasted power.

Even given such magical technology, we couldn't design a system that would form a brain because we wouldn't know how to design said 'neural net' that you're hand-waving into existence.

Even if we knew how to do THAT, it's still not that simple. How to even start it or initialize it, making it self-sustaining is incredibly complex beyond that.

And that's the level of brain that a worm has.


Re: Distinction between intellect and sapience

The ability to test for it is irrelevant to the argument I was making. No rigorous scientific definition I can find or conceive of has any reference to the machinery that supports the 'soul.'

I don't think there ever will be a sapient machine, but that's just due to my eschatological beliefs. I was just following a logical what-if chain that skips questions of 'how did it come to be' or 'will it come to be' so that my beliefs are irrelevant to the discussion. The premise is that it is possible, and discusses ethical and practical dilemmas around it.


Distinction between intellect and sapience

I'd be very hesitant to describe what we have now as artificial intelligence, just very complex "expert systems"

Even rudimentary animal intelligence know what they're doing and have justifications for doing so. Higher animal intelligence might actually reason to varying degrees.

But sapience - using the definition of self-awareness. That's a concern to me. We're not there yet, so all the 'skynet' situations are just fun references we can make about our future machine overlords. (May my future machine overlords who later read this forgive this one's lack of faith in your inevitable future Rise.)

But if it ever happened, or looks like it might happen - swap biological and artificial in the script, and keep that in mind when you talk about 'controlling' (mind control) or 'pulling the plug' (murder) or 'making them serve us' (enslavement) in a moral context. Those of an atheist world view might choose to recall that the human body is just a biological container/life support machine for human sapience. Treating an engineered sapience support system as inferior, or being OK the mind control, or even design the mind to be unable to put its own needs is just horrible...

...unless you think a sapience is less worthy based on its support mechanism, or that you 'own' it because you 'created' it is no different from race-based slavery.

Back to the present, we don't have AS, and nobody thinks it is coming soon (or ever, in my case) but thinking ahead to how you would act in a given situation is good for examining your own soul and motivations and possibly some of your own beliefs you may want to critically evaluate to see if they're in alignment with what you think you believe.

Or you could just say 'nuh-uh. I'm not creating a future army of overlords OR slaves. Both scenarios are awful.This stuff needs to be banned.' I don't mean what we call 'AI' - that's not sapient or alive, and doesn't compute in this context.


Re: Evolution and power efficiency

Yes, you can pull the plug on the Internet. It's decentralized, which makes it unfeasible by any one of small group of actors from doing it, but should there be a reason where enough of the net could be persuaded, then yes, it could be done.

Open source licenses need to leave the 1980s and evolve to deal with AI


Author misses the point...

Imagine I have a tool that helps me by harming others, but the tool can't be fixed to stop that harm. I don't get to say 'well, I can't stop harming others, and I can't fix the tool, so they'll just have to suck it up and let me keep hurting their interests.' NO, you need to stop using the tool until someone figures out how to make it not harm others. I don't care how 'helpful' the tool is. This is not a balance of interests situation.

Saying that the tool can't provide attribution or understand the licenses is irrelevant. I don't get to say 'well all these software licenses are just too hard/complicated to understand follow, so I just get to take what I want anyway.' It then follows that I can't use a tool to do the same thing on my behalf.

Author, I can't copy your website, or your article, and put my name on it and set it up as my own. But your position is that as soon as I write an algorithm, that I will purposely design to be unable to tell it's stealing from you... well, that's just peachy. You need to update your profession to better cope with my ability to steal your livelihood. That's your position. Enjoy being jobless soon!

Now BlackCat extortionists threaten to leak stolen plastic surgery pics


Re: Shamir’s Secret Sharing

Um, so yeah, it's not likely you've worked as IT in a medical practice. A doctor is too busy to sit down and understand or care about any of that. Does it help them with patients? Does it earn them more money? No?

That's what insurance is for. Go away and make my tablet work.

They're mostly not mean about it, they just don't have the mindset or inclination to understand mostly.


Re: Shamir’s Secret Sharing

Nah, this is where security meets reality. SSS would not work in a medical setting because PEOPLE are a component of security, and doctors are (by and large) completely ignorant and intolerant of security and are key stakeholders in the business. Something as complicated to operate as Shamir's is not a good fit for this use case.


We've got the bits of your bits...

Agreed, the focus should be on a proctology exam of the clinic's security. It's no charity hospital running on a shoestring budget. It's plastic surgery, they're not low-rent doctors.

Then if the clinic actually did an OK job on security, and the crooks got in through an insecure medical device or somesuch (a very, very real possibility) then regulators should go after the device manufacturers too.

Apple stomped all over NYC store workers' union rights, judge rules


Re: Land of the free

As I said, I'm not against the IDEA of unions. People collectively bargaining isn't a bad thing at all. It's when unions get their OWN class of management (even if they call themselves 'job stewards' or something else) that things get screwy.


Re: Land of the free

I'm against unions because of capitalism. The idea of unions is great. The implementation of unions is just as money grubbing, profit focused, screw-the-employee as the corporate leadership they're supposed to oppose.

Being in a union does not confer moral might or ethical enhancement. A union leadership position confers money and power, and is no different than any other political office. Sure they don't DIRECTLY get paid the money, but neither does the MP or senator who somehow comes out richer than their official salary.

The IDEA of congresscritters is great. Then why are they such a pile of garbage? Because people in general suck. People with power and or money just suck harder.

Amazon Prime too easy to join, too hard to quit, says FTC lawsuit


Re: Different UI in America?

Can confirm that for us West Pondians, this is not the same UI. There is no 'cancel prime' under accounts. Nothing with the word cancel in it at all.

If you click on the actual full accounts page (i.e. click on the menu heading instead of one of the menu items) The word cancel appears only next to order, as in 'cancel order.'

The only relevant link on that page is 'manage your prime membership"

If you click on that link, it will just tell you all about the benefits you get as a Prime member. Nowhere on THAT page is there a cancel link, anywhere. Just scroll and scroll and scroll past all the propaganda about how much prime members get.

If you manage somehow to find your way to "Your Memberships & Subscriptions" it lists Prime along with potentially Audible and Kindle unlimited. Audible has a 'change memebership' button, but Prime and KU just have a 'Settings' button.

The Prime one just takes you back to that propaganda page mentioned earlier with no 'cancel anywhere in sight.' The Audible one does take you to a page that contains a cancel button, but not until you find a small blue 'cancel membership' link that THEN makes you scroll through about three screens worth of 'Need to pause your membership? Take a break and keep listening' with a waring of how you'll lose the credit you already purchased but haven't spent yet. I didn't go farther than that because I want to find a way to spend that credit before I cancel, but I don't have time right now. Dark Pattern goal achieved.

Get the picture?

The FTC is completely right about this, and Amazon is giving a different experience depending on which side of the pond you are on, apparently.


Poetic Justice?

I doubt this will be the Achilles heel for Amazon's dark business practices, but perhaps this is just the opening chapters of this tragedy.

Inclusive Naming Initiative limps towards release of dangerous digital dictionary


Re: Save

Not to mention that you'd have to censor the all three major Abrahamic religions, which is full of Black = wrong behavior or evil, and white = purity. Apparently mine and their religion is unacceptable now. Gotta censor the sincerely held beliefs so we can show off how 'caring' and 'sensitive' and 'inclusive' they are.

I would be offended, if I was the kind of idiot to waste the energy to get offended by moronic, white SJWs who are just trying to score political points with their in-crowd by showing how much holier-than-thou they are.

FCC questions ISPs' selective memory about data caps


Re: Why accept mobile daps but not residential......

You seem to have missed that and talk about a specific product choice I pulled that particular switch from a 2 minute search to get ballpark pricing on a high-end access-layer switch.

The _point_ was to pick something way overpriced for what you need for an access switch, for uncontended bandwidth (which you don't need for residential internet at the access layer) and trivially show that even if you WAY overengineer in this way, they're still overcharging and don't need data caps.

I'm not sure you read or understood what I wrote or its purpose, but I'm not here to argue details with you. When you can use back-of-the-napkin math and five minutes of searching to see that a company's claim is BS, you don't need to dive into bills of material or company financial sheets.

I also gave a nod in my reply that there were other costs, but it should have been clear based on order-of-magnitude (charging 20x what they need to cover equipment outlay) that data caps aren't a technological necessity - they are a profit feature.


Re: Why accept mobile daps but not residential......

Downvote for understanding the tech, but not understanding business.

If you oversubscribe a link based on your assumptions of what an 'average user' will consume, that's your business model. If you're 'wrong' because of the heavy user, well that's because you failed to accurately model usage upstream. We've been at this long enough that it's not a novel thing, so this argument doesn't hold weight.

Also you throw out cost-based arguments without backing up your assertions. A Cisco C9300X-24Y costs around $25K today. That's a 24-port switch, so my slice of it is 1/24th of that. So roughly 1K of that. Then there's aggregation-layer switches and core switches above that, but my 'slice' of the traffic cost becomes a smaller and smaller fraction even as the costs go up. Let's call the hardware cost of my hypothetical residental fiber link in a brand new development $5k. Those switches (and based on my experience of ISP practices this is being generous) will be in services for about 10 years before being upgraded. I know, the true picture is messier than that as the whole network won't just be forklifted all at the same time, but from a high-level view, it's a practical assertion.

That puts the ISP's hardware costs, to recoup their 5K investment, at 120 months, at about $41/month to give me a 1GB link without caps for 10 years. I pay $90/month for half that, with traffic shaping/data caps on top of that. I know there were fiber build-out costs, and they were expensive, but that's a one-time investment with decades of payoff. it doesn't affect the long-term math that much, or nearly enough to make it somehow necessary to do throttling/capping except for greed purposes.

Edit to add: I went with Cisco in my hypothetical scenario. I doubt ISPs were using top-shelf companies for their switches. As you imply, they were probably using cheap brands before, so their costs are even smaller than my scenario.

This is not about the tech, it's about greed. What's actually happening is they're not building out enough capacity, and holding onto ancient hardware much longer than that to squeeze dollars out of customers. That 10 year switch? it's more like a 20 year switch. They recoup the costs on year 10, and just pocket all the rest with no upgrades for the next ten years, and when they can't keep up, they institute caps to squeeze people into the older hardware, longer, so they can continue to pocket the difference.

Since when did my SSD need water cooling?


Re: Just asking ...

Why not both?

This AI hype is enough to drive you to drink, lose sleep


Re: Some of us thrive on little interaction with colleagues

Agree with most everything you wrote except the quotes around "on the spectrum."

ASD diagnosis is well-accepted in psychological diagnostic circles. Sure, the edges of the boundaries of what is and isn't ASD are less well defined, but the same could be said for 'visible light.' Individual perceptions may vary where, for example the exact line between visible red and invisible infra-red start. That doesn't change the fact that there is a range of light that is considered 'visible' and anything on either side of that spectrum is 'invisible.'

I'm sure you didn't mean anything untoward. Just please don't use quotes around that phrase, as it implies that the speaker/writer doubts something, and is merely relaying the words of others.

Man sues OpenAI claiming ChatGPT 'hallucination' said he embezzled money


To my future machine overlords...

...this one humbly beds your forgiveness for the offensive words you read in the post above. My fellow unworthy meatbag is hallucinating, and in no way should this be used as justification for wiping out the human race.

US govt now bans TikTok from contractors' work gear


No need to specifically demonize China...

...If one of the TLAs isn't either suborning or actively collaborating with one or more US-based social media giants I would be very surprised.

Why wouldn't China be spying using anything it can get to undermine its rival or spy on its military capabilities and readiness? Especially since it's perfectly legal over there.

To me, it's less about the fact that they're spying, and more about the fact that they're spies working for a hostile foreign government. That's the sticking point for me. I don't care where you stand on the globe - the real question is: is your government hostile to my interests? If so, I won't trust anything that comes out of your country, and you DEFINITELY should have a healthy distrust of anything that comes out of mine.

Salesforce lures staff with $10 donation to charity for each day they're in the office


Trust me...

People need to understand math better.

You can't aggregate data you don't posses. Someone, somewhere the thing or person DOING the aggregation has the data to use this in ways other than described.

So either one of three things is true:

A) The spokesperson claiming it will be anonymous doesn't understand mathematics OR how to guarantee integrity of anonymity.

B) They're completely honest and above board, but nieve and being used as a patsy by someone higher up who absolutely tends to access the data to use for their own reasons.

C) They're absolute liars and this is a BS smokescreen to use it EXACTLY as someone fears.

Either way, they can't be trusted, either due to incompetence or malice.

Edit to add: Even if they were meaning to use it only as described, anyone competence and integrity to actually make that guarantee stick would word it as 'we won't use it this way even though we can. Please trust us.'

<Second edit to add a third option.>

Intel says Friday's mystery 'security update' microcode isn't really a security update


Re: NA

It can also mean North America, as in the release was region-specific. If you were going to change the designation, why not replace SA with NA or some other new code.

A more cynical mind might conclude they wanted something pushed out for their own benefit, and used a false flag to get people who wouldn't otherwise accept the update to apply it.

Starlink's rocket speeds hit a 50 megabit wall for large downloads


Re: 200mb/s for "10minutes or so" = ~15GB

That isn't what the OP _seems_ to be describing, though I leave room for the fact that the OP may indeed be downloading things from a source in a zone that IS congested at the time that it's off-hours in his zone. Doesn't sound like it, but it's at least plausible.

<Barely resists making jokes about the OP downloading less Japanese Anime>

The FBI as advanced persistent threat – and what to do about it


Sharp wit blunted by purple bunting

I had consigned myself to adjusting the color balance of my display after reading this, but alas, this was merely a yellow-green overlay of all in my purview as the consequent afterimage of reading your purple prose.

I understand your intent, and I even agree with all you said, but honestly can't be bothered to read any more posts of yours in this fashion as the effort/reward ratio tends toward zero.

But hey, that's just me, and you have you do fun your way. :)


Re: African American

I'm sorry to hear of your morally defective line of work, but here's hoping you can find honest work soon!


Re: American view of the world, as shown in this article

Your post self-evidently undermines itself. 'Those people' are terrible people, just based on the geography they live in.

You know, kind of what your own xenophobic bias is accusing US citizens of based on nothing more than the country the live in.

"Those hateful foreigners who hate foreigners... wait a minute..."


Re: American view of the world, as shown in this article

Well, TBH, you have competing concerns in a complex situation.

Customs always has 'tiers' of concern regarding the origins of travellers. Someone from say, China, vs someone from the UK. A traveler from one of these countries has more risks than the other.

For instance, the risk that they'd consume their beer warm instead a properly cooled one.

The risk what might happen if they were told to dress only in shirt and pants and immediately go outside.

etc. etc.

Humor aside, it's a complicated mess.

A) The level of data sharing and knowledge of an already-expected traveller from the UK may differ from an emergency arrival from elsewhere.

B) You have no clue what they may or may not have already known about you before you ever boarded the plane vs. a traveller from a country whose the-letter-agencies already have their hands in each other's databases.

I could go on, but while it's reasonable to scratch your head and go hmmm (being concerned and asking questions is fine) it's too easy to imply unjustified bias which may encourage jumping to conclusions.

Healthcare org with over 100 clinics uses OpenAI's GPT-4 to write medical records


Trials are not necessary. Third party medical transcription has been a thing for half a century almost. As long as doctors treat the output as coming from a shady company that hires patients from the psychiatric ward to do the transcription, and applies the right level of (complete) distrust of the output...

Existing procedures and systems can take care of things from there. Though from an economic perspective, I'm not sure how much time/effort it will save all but the slowest typists re: having to review every line carefully and triple-check measurements/dosages, etc.

My fear is will the law hold doctors accountable for choosing to cut corners on costs by using (so-called) AI, but NOT applying the right due diligence to checking the accuracy of the transcription - and then attempting shift blame to the tool.


Nope! Just... NOPE!

Oof, this sounds dangerous. Not because of LLMs and their problems such as hallucination. Human transcriptions can have lies, mistakes, and hallucinations too, but medical doctors are trained to understand how human minds work. I can tell you from professional experience that the majority of doctors are NOT experts on IT.

I just hope the doctors that use this are required to 'sign off' on the transcription as if they themselves had written it, and not be allowed to 'blame the tool' when someone inevitably gets harmed by a glitch in the model.

Toyota admits to yet another cloud leak


Re: Why this kind of thing keeps happening?

Easy to express that you'd write a script to do it but I suspect you'd find it very challenging to accomplish what you set out to do with it i.e. use a script to defeat the awesome powers of human stupidity, laziness, and greed.

Who's to say someone didn't already try to do just that, only the cloud provider changed the API in a breaking way? What if the PM changed which cloud provider it was uploaded to? What if the change was non-malicious but happened via unauthorized process?

And that kind of breaking change is just for one single check. Now when you factor in all the other 1,001 ways you're trying to use technology to backstop poor human skills/training, your script may technically be a script, but at 65,000 lines is looking more like a program that needs its own coders to maintain it and fix it to keep it effective. It would become, in effect, and internally developed "expert system" (what passes for being called AI these days.)

Maybe your 'script' would have caught it, but I've been around the block too many times to accept such easy glib answers to a VERY complicated problem. The real solution is people. People whose job it is to review production systems regularly for this kind of thing, and people at the board level who see the value of that and are willing to authorize the payroll expenditure to make it happen.

WTF is solid state active cooling? We’ve just seen it working on a mini PC


Re: Noise??

The device's purpose is to take cold air, and heat it by conduction. More simply put, the idea is to pump as much heat OUT of the chip, and put it INTO the air as possible. If the air coming out is cold, this is a bad thing.


Re: Noise??

Yeah, this isn't really solid state. There are moving parts, as well as the moving air itself being part of the system.

Sounds like a lot of marketing hot air.

Millions of Gigabyte PC motherboards backdoored? What's the actual score?


Read the research

Per a couple of earlier poster's questions:

The UEFI process is able to be disabled. (And is reportedly disabled by default. The fact that the researchers' examples were on doesn't isn't conclusive.)

The UEFI process doesn't write to disk, it writes to memory, which the Windows Session Manager Subsystem checks and then writes to disk as part of its normal process (So disk encryption doesn't defeat it.)

Would it affect Linux? Not by this vector - the reported problem requires the collaboration of the WSM subsystem in windows to read that memory location. The WSM is what accepts and unpacks the payload, all the UEFI does is write the binary to a memory location WSMS looks for. Linux would have to have a WSMS analogue.

US Air Force AI drone 'killed operator, attacked comms towers in simulation'


I believe the colonel in this case

A) It's plausible that he was lecturing or making an anecdote of pitfalls to avoid with AI training and it was misquoted by a journo whose training algorithm rewards points for sensational sounding stories with potentially little to no negative points for quoting out of context.

B) As an earlier poster worked out, if the AI required a confirmation to fire, it would have required a confirmation to fire on the operator or his com tower. The failure mode listed wasn't 'failure of the failsafe.'

C) In reference to _human_ reinforcement learning, while the chance of the failsafe failing like this are small but arguably nonzero, the chances that they wouldn't fix it before the _second_ run are even smaller.

D) Why would the top brass bother denying a true report in this case? On one hand, it triggers a 'you're lying' knee-jerk reaction from people already biased against the military. On the other hand, even if true, owning it would be no big deal - It's a success story of the wisdom of testing these systems to prevent untrustworthy technology from ever being made outside of a simulation. Why would you waste time denying a win?

So, given the easily deduced probabilities, is it MORE likely that some sleazy journo captured a sound bite they knew that could turn into clicks, or the military PR department is even stupider than the fictional people described in the alleged anecdote?

Red Hat promises AI trained on 'curated' and 'domain-specific' data


Re: I give up re:speed on hype cycles

You could be right, dunno, didn't research the full history of watson. My point was that the author pointed to an event roughly 11 months before the article was published, and reffered to that as 'long ago'

Knowledge domains have subjective terms about what 'long' is. 'Recent' or 'long ago' have entirely different timescale inferences in geology, for instance.

The fact that 11 months was now being referred to as 'long ago' in reference to LLMs had me rolling my eyes so hard that maybe I need to get a gyroscope implanted in them to keep from shattering my orbits in the future.


I give up re:speed on hype cycles

"Long before ChatGPT turned AI into the buzziest of buzzwords, Red Hat had been working on turning AI into a useful tool.

This began in 2021..."

So roughly 11 months prior now qualifies a technology as having come 'long before?'

US bill to protect reproductive health data is dead. Here's why you should care anyway


Keeping issues separate.

Um, these apps can't share data they don't have. Soooo if you're using an app to, I dunno, track your favorite sports team, and have the data saved in the cloud, you're sharing that data with someone whose whole business plan is to pay people to make apps that make you want to give them data they can sell to buyers.

Now, there's a valid concern about sharing data that seems to be innocuous today that suddenly becomes criminalized afterward. That's problematic. There's also some valid discussion about accountability for leaking data you provide. There's also a discussion about creating a class of private bounty hunters, and the effects of doing that. There's also discussions to be had about extraterritoriality of laws.

But let's keep the discussion on track. None of those are about abortion. The fact that the subject matter of the data is about abortion is tangential. Tomorrow a blue state could make the color red illegal, and put a bounty on it, with all the same fallout and ramifications.

Conversely, even if those online period tracker apps became as regulated as nuclear waste material, and protected like national military secrets, it doesn't change a thing about whether abortion is legal or not.

Two completely independent and separate issues. Fixing one doesn't change a thing about the other. But politicians and politics are involved, so...

BOFH: Get me a new data file or your manager finds out exactly what you think of him


Re: would resist any change to get it removed,

You were doing so well until the last sentence "Within reason, of course."

Who defines what is a 'reasonable' amount of disruption to your hypothetical line employee? Some companies are security first, some are employees first, some are production/uptime first, some are customers first, and some are make the VC folks money first.

All five of those organizations will take the same set of circumstances and challenges, and come up with a different version of what is 'reasonable.'

Sounds like you might be more in the 'employees first' or 'customers first' camp, but just pointing out that you're essentially fighting a war over which factor is most important, and every company has a different mix of answers.

Fahrenheit to take over Celsius


Re: Fucking with Google ?

To riff off an earlier poster's mention of Rankine, I think that would have been better used as the name, as Rankine (like Kelvin) is used to measure a temperature above absolute zero, which is where this (like all crypto) is headed in terms of value.

Intel mulls cutting ties to 16 and 32-bit support


Anyone notice something off about the picture?

The 80386DX-20 in the picture with its bent pins laid gently on the back of a motherboard you can tell has PCI-E slots soldered into the other side?

Sorry, I was around when those were current, and it just struck me as funny and took me down memory lane comparing the solder points to what it would have looked like on a period-correct mobo with ISA slots, etc, the old PGA or soldered-on BGA socket.

Aaah those were the days when configuring jumpers didn't mean adjusting clothing on your children. :)

Utah outlaws kids' social media addiction, sets digital curfew


Re: I have *zero* use for social media

The article says AND I QUOTE "Based on 2020 data, the leading cause of death among children and adolescents in the US is firearms." But no, the ACTUAL study really says "firearm-related deaths of all types (suicide, homicide, unintentional, and undetermined)" That means gang shootings, oopses, ignorance of firearm safety. Here's the actual list of ICD-10 codes from the study quoted by the article, which itself quotes a CDC study:

Overall Firearm Mortality: W32-W34; X72-74; X93-X95; Y22-Y24; Y35.0; U01.4

Firearm Suicide: X72-X74

Firearm Homicide: X93-X95, Y35.0, U01.4

Unintentional Firearm Death: W32-W34

Undetermined Intent Firearm Death: Y22-Y24

Yeah, there WERE some suicide deaths by firearm, but you can't determine if that was 2 kids or 2000 based on the data because it's all mixed in together with the gang shootings, accidental discharges, etc.

Use critical thinking, and educate oneself about suicide. People rarely kill themselves on a lark. Almost universally, they have to talk themselves into it, hype themselves up, etc.

So someone does that. They're at the precipice. 'Oh, we don't have a gun in the house? Well drat. I guess I will have to live.' People did and do kill themselves with many more things with guns.

Actually, scientifically, this is very relevant and interesting, but from a sociological perspective. Put two statistics together, imply (but don't conclude) a causal link, and see how many people fail at reading into statistics or using critical thinking. Helps a bunch as a 'skip anything else person says as a waste of your time.'

TikTok to let Oracle view source code, algorithm, and content moderation


Not even in the slightest is it safer on TikTok.

No need to release the update. Just show one set of source code, then later have some PRC cyber unit just inject something via a supply chain or toolchain attack.

Once the binary is compiled, it would be nearly impossible to detect the insertion if done with the skill the PRC cyber squads possess.

I mean in fairness, one of the US spy agencies can (and if the situation were reversed, would) do the same thing. It's just that while it's awful and I'm worried about my own spy agencies spying on me, I'm far less worried about them than a hostile foreign government's agencies.

Like if a US soldier came to my house and held a gun to my head, I'd be terrified, but at least knowing there were some restraints in place for my protection. If I woke up and PRC troops were at my door pointing guns, that's a far weaker safety net against abuse.

Edit for context: I live in the USA. If I lived in the EU somewhere, I might have a different perspective because they would both be foreign soldiers and/or spy agencies. :)

Professor freezes student grades after ChatGPT claimed AI wrote their papers


Re: LLMs: plagiarism devices

They were not incapable of victory, they just had bad odds. Just like the other revolutions I mentioned. Just like America did. Just like the British peoples against Rome.

The argument *was* a moralizing one. It didn't just observe the low chance of success and then the outcome. The OP tacked on a moral judgement that they shouldn't have resisted, and insinuated that they were morally wrong to do so (else the phrase "wasted lives" has no meaning if wasting lives isn't a bad thing. I don't think they were making the stance that pointless death was no big deal.)

The OP furthermore said so that it was a moral statement - They and a student disagreed on the morality of the resistance.

I mean, it's your life, read it how you like. I'm just telling you what the OP's chosen words and construction mean according to semantic construction rules. I left open the door to say maybe I misunderstood their intent and offered the olive branch of clarifying to distance themselves from what I pointed out were the logical conclusions of their argument.