* Posts by mpi

448 publicly visible posts • joined 15 Nov 2021


MPs ask: Why is it so freakin' hard to get AI giants to pay copyright holders?

mpi Silver badge

Re: Begging the question

> you don't copy and store.

Well, does AI training?

Sure, the system likely includes some caching mechanism (as do browsers btw.), but the ultimate end product, that is, the ML model, doesn't store of the ingested data (barring effects like overfitting, which are not intended to begin with).

Not saying what they do is okay, just pointing out that if we slap them for it, things are moving to really thin ice. Because, if I can shut down any copy mechanism, however transient, then where does it end?

Does a browsers cache (which can store images for days or even weeks depending on what the header says) count as an illicit copy of copyrighted material? What about the caching mechanisms of proxies, VPNs, ...?

mpi Silver badge

> except for nVidia and the like

You know what they say: When there is a gold rush ... start selling shovels.

Irish power crunch could be prompting AWS to ration compute resources

mpi Silver badge

Re: Economics are a PITA, aren't they?

> This is the problem with fads like cryptocurrency and AI. Everyone's looking at the technology uses or outputs, but nobody's looking at the hardware costs or power draw.

That isn't a problem with any specific tech, that's a problem of politics powers of foresight being limited to the end of the next news cycle.

If I paint my country as THE location for big tech to be in, and ignore the fact that datacenters need lots of power (because who wants to think about all that boring infrastructure stuff, when its so much cooler to be in lots of photo-ops about how amazing awesome much techy stuff is now in the country) then powergrid goes brrrrr, it's as simple as that.

Broadcom has willingly dug its VMware hole, says cloud CEO

mpi Silver badge

Re: Joke's on them

The logic flaw in those very "clever" MBA types thinking: Large customers also want to pay as little as possible, and have the resources to move their stack if the calculation is no longer in BCs favor.

Tough luck, bosses, AI is coming for your job, too

mpi Silver badge

What if indeed.

"what if organizations shared worker metrics data from AI management systems and that influenced future hiring decisions involving said workers"

Well, I imagine these organisations better have a really large, really good, and very non-AI powered legal department, and enough money to cover getting slapped with GDPR based lawsuits so hard, they won't know their arses from their elbows any more.

Software engineer helped put Sam Bankman-Fried behind bars, say prosecutors

mpi Silver badge

Re: And yet

It always was and always will be.

Cryptoshit, by definition, is a zero sum game. Even if we took crypto-bros at their word and actually believed that this crap is viable as a non-state-controlled form of currency: Any currency not state-controlled, is also not state backed, meaning it's automatically a zero sum game. Or to put this in simpler words: A system that can only dole out the exact amount of cash that has been put in, and not a penny more, as there is no mechanism for value generation.

So inevitably, the only way for this system to benefit any investor, is by some other investors to lose.

It really is that simple.

mpi Silver badge

Re: denied deliberately committing crimes

> You have to know something of the law and how it pertains to your work, regardless.

Or, at the very least, some goddamn common sense and human decency. Because those should already suffice to tell most people, that taking funds customers entrusted the company for what's basically gambling, or cutting corners in critical system engineering where human lifes are at stake, are wrong.

It doesn't hurt to know something of the law as well of course.

Why Microsoft's Copilot will only kinda run locally on AI PCs for now

mpi Silver badge

Ah yes...

...I was beginning to wonder how Redmond would somehow try to incentivize new and expensive hardware with AI.

Do not touch that computer. Not even while wearing gloves. It is a biohazard

mpi Silver badge

Missed opportunity right there

> "As soon as I took the side cover off, the smell became several orders of magnitude worse,"

Don't you mean several odours of magnitude?

Thank you, thank you! You're a wonderful audience! I'll let myself out...

CEO of UK's National Grid warns of datacenters' thirst for power

mpi Silver badge

No! Yes! Oh....

I mean, who could have seen it coming that, in the epoch we have dubbed "The information age", where everyone runs around with a smartphone, and we stuff computers into everything from hydroelectric dams to underwear, there would be an increased need for the infrastructure to power all these things...

European Commission broke its own data privacy law with Microsoft 365 use

mpi Silver badge

Well, it's not like the tools to get out of big techs tentacles didn't exist.

It would requite funding and, most importantly the political will to do so, but it is doable, and worth it.

Unfortunately, the political ruling class is completely disinterested in this. And so is the electorate failing to punish them for this incompetence at the voting booth.

Companies flush money down the drain with overfed Kubernetes cloud clusters

mpi Silver badge

Re: "analysis of more than 4,000 clusters [..] prior to optimization"

Yeah, that argument doesn't really fly with me.

Because one of the MAJOR selling points that powered the entire cloud-hypetrain, was and is it's flexibility. Need more compute/storage/bandwidth/servers? No problem, very flexible, much cloud.

So how does that fit with constant, and apparently long running, overprovisioning? Shouldn't the oh so flexible cloud make it easy for companies to adapt their provisions (and thus their costs) to the actual usage? Shouldn't it make it easy to ramp up if and when the need arises, or downsize when it doesn't?

mpi Silver badge

Re: "analysis of more than 4,000 clusters [..] prior to optimization"

> Once the project is rolling in production, it's easy to know what resources you need after a while.

That "while" has come and gone long ago, and the resources are still provisioned. What's the next explanation?

The batteries on Odysseus, the hero private Moon lander, have run out

mpi Silver badge

Well USA, you learned an important lesson didn't you?

Let's recap:

a) Moon landings and space exploration isn't something you get on a budget

b) No, the market will not fix it

India did it. China did it. And they will likely do it again. How you ask? The same way you did in the 60s and 70s, by having an entire nations worth of backing and resources, and making this about national efforts and pride, and not about some companies.

If I'm wrong, and you did not learn that lesson, and your quarreling 2-party system will continue to slash budgets and rely on "the market" to somehow magically fix it, then the aforementioned countries will run circles around you, again, and again, and again.

Europe probes Microsoft's €15M stake in AI upstart Mistral

mpi Silver badge

Stage 1:


Mamas, don't let your babies grow up to be coders, Jensen Huang warns

mpi Silver badge

Sure thing. All that's needed now...

...is an end user, who can write a comprehensive spec outlining what the program should, and shouldn't do, covering everything from error handling, over UX, to security.

And do you know what we call the format of a spec that fulfills these requirements?

Code. It's called code.

U-Haul tells 67K customers that cyber-crooks drove away with their personal info

mpi Silver badge

Like that analogy.

I wonder if there will also be people stating that their computers are fine and getting hacked only makes them stronger. Or that ransomware is just like the common spam email, nothing to worry about.

Or if anyone will recommend bleach to rid a server of malware.

mpi Silver badge

Guess there was a great hauling and gnashing of teeth.

Thank you, thank you! You are a wonderful audience!

I'm gonna let myself out...

Save the Mars Sample Return mission, plead Congresscritters

mpi Silver badge

Re: Delay, delay, red tape, delay

First he has to get his space cigar to orbit without it blowing up.

Meta says risk of account theft after phone number recycling isn't its problem to solve

mpi Silver badge

Re: I can't understand why WhatsApp is tolerated

> I really cannot understand why mobile companies put up with WhatsApp.

Because, and this is a very good thing, telcom providers don't get to decide what data their users send over their wires, or what applications they run on the devices attached to their infrastructure.

mpi Silver badge

Re: > Hanff, in a LinkedIn post, argued this is unacceptable.

> was entirely in their control.

Except no, it really isn't. Market forces exist. Having more sophisticated MFA mechanisms in place raises the barrier of entry. We are not talking about administrative software for professionals here, we are talking about social media logins. Their competition favors a design that is as simple as possible to the end user. SMS is simple, it comes with your phone. The fact that it sucks from a security point of view isn't relevant in the mindspace of most consumers.

mpi Silver badge

Re: > Hanff, in a LinkedIn post, argued this is unacceptable.

> The solution is simple

I'm listening...

> The most appropriate way to manage this is MFA via an app such as TOTP

Ahh, so we went from "simple" to "appropriate". Well done, because now we have arrived at the crux of the matter.

Note that I never advocated for the use of phone numbers as a 2nd factor. The problem here is: Having your customers install a separate app on their phone to authenticate with their service, raises the barrier of entry. This is something that people in IT tend to overlook: Most people are not tech savy. Understanding why that 2nd app would be a good idea to have is a really hard sell when one of the design principles of your service is that it can be used by as many people as possible.

mpi Silver badge

> Hanff, in a LinkedIn post, argued this is unacceptable.

"We do not say 'Well we know that passwords with low entropy can be hacked very quickly, but we are not responsible for people using password busting technology so we will continue to allow four-character passwords consisting of only lower-case letters in the first half of the alphabet,'" he wrote.

No, but we do say: "Well, if your email address is your 2nd factor, and you are using an email provider that allows bad passwords and set yourself a bad password, and get hacked because of this, then that's not our problem."

Services have control over their password requirements.

Services don't have control over external providers.

How are services supposed to deal with a proble that is actually caused by something they don't have ANY control over like, for example, telcom providers reusing numbers? The only way I can think of, is by disabling Phone Number based password recovery methods altogether.

Which is fine by me, I'll be the first one to say that SMS 2FA is a *really* bad idea, and always was. Problem is, what do you offer instead that is similarly low barrier and easy to use?

Raspberry Pi Pico cracks BitLocker in under a minute

mpi Silver badge

Oh I thought that was clear from context: The attack, similar to the one described in the article, cannot rely on the user typing in his password.

Nice try though. Next.

mpi Silver badge

Re: A brilliant testament to analysis

> explain to me how this can be done, securely...

Happy to. Have the encryption key itself encrypted and requiring a passphrase to unlock it. You know, how LUKS works.

> Many problems (and supposed solutions) in security involve just moving the problem somewhere else.

Yes, and as it turns out, there is a correct place to move the problems to: user convenience. Aka. make it a little less convenient (for example by requiring a passphrase when booting) and a lot more secure. Even the attack described in the article can be prevented by requiring an unlocking PIN on the device.

This is not rocket science, and has been known to designers of security systems since basically ever: A curtain is much more convenient to go through than a heavy oak door with a steel lock, however the former is unlikely to be as good as the latter at deterring looters.

In security as everywhere else, one cannot have their cake and eat it to.

mpi Silver badge


Please, do explain: How does physical access assist an attacker in decrypting a LUKS encrypted drive?

The problem here isn't "physical access". The problem here is an incredibly bad design decision, that requires the encryption key to be passed to the CPU unencrypted.

GitOps pioneer Weaveworks unravels after funding fabric frays

mpi Silver badge

Re: 5 year rule

5 year is a bit of an arbitrary number, but venture capitalism, in its current form is not something that benefits society as a whole.

Apple Vision Pro is creating a new generation of glassholes

mpi Silver badge

Re: Glassholes

> It always seemed a bit of an over-reaction

Question, if someone across from you in the subway takes out his phone and starts filming you, how do you react?

Now imagine that person doing that to everyone and everything he meets, all the time. In fact the person doing the filming may not even be aware that hes doing so.

Now imagine that the device hes using, comes from a company that makes it's money by gathering as much data about people as possible.

Geez, I wonder why people took issue with that ...

Elon Musk's brain-computer interface outfit Neuralink tests its tech on a human

mpi Silver badge

Re: Why don't people see the bigger picture?

> is also the holy grail of human-computer interface design.

I don't know what you think the neuralink chip actually does, but it really isn't.

This thing does exactly one thing, and one thing only...if it works, that is: Control a prosthesis.

That's it. Move some step motors etc. in a prosthetic limb. No telepathy. No music player. No communicating with a computer. No downloading information. No in-brain virtual reality. Not even chat.

So no, this is not "the holy grail" of anything. If it works, it's just a novel way of doing something, that is already possible, because prosthetics attached to remaining motoric nerves already exist.


Windows Server 2022 patch is breaking apps for some users

mpi Silver badge

Re: Browsing from a server?

From localtesting a webservice, to using a localhost analytic page, to the simple fact that a goddamn chromium-based webbrowser comes as part of the OS anyway there are many good reasons why people would want to run a browser on a Windows Server, and why Microsoft should test this.

mpi Silver badge

Remind me again what exactly we are paying those licensing fees for?

> The latest Windows Server 2022 patch has broken the Chrome browser, and short of uninstalling the update, a registry hack is the only way to restore service for affected users.


'nuf said.

Musk claims that venting liquid oxygen caused Starship explosion

mpi Silver badge

Alright Elon, then how about you riddle me this:

If all you needed was payload, any payload, you know, for your rocket-testing...how about you get a bit of sand or some other disposable material, stuff it into suitable containers and, oh, I don't know, load that into your rocket?

The idea of "ballast" has been understood for several centuries. This is, quite literally, not rocket science.

Not even poor Notepad is safe from Microsoft's AI obsession

mpi Silver badge

How about instead they implement...

...line numbering, sane line wrapping, allow the app to load large files w.o. shitting itself, actually good search and replace, whitespace display capabilities and basic syntax highlighting?

You know, the kind of features a text editor out of every hobbyist project has?

But nooo, that would probably make too much sense. So windows will continue to not even provide what most people consider basics in its basic text editor , but lo and behold, it gets "AI" that noone asked for, probably because that's what some "Analysts" said is where the most money can be made.

It wouldn't even matter if Linux was still as hard to install as 10 years ago, given what Windows has become, Linux would still have a better user experience if I had to compile the kernel myself.

Here's a list of thousands of artists Midjourney's AI is ripping off, creatives claim

mpi Silver badge

Re: Disclaimer:

And what specifically about this example refutes what I write, or answers any of my questions?

mpi Silver badge

Re: Disclaimer:

I think we are long past the question whether making a copy for the purposes of processing it in a computer system violates copyright or not.

mpi Silver badge

Re: Piles of styles

> But creating something "in the style of": That's a much greyer area.

What about this is a "grey area" if I may ask? There is no such thing as a copyright on styles.

mpi Silver badge


I am not a lawyer. So the following is just my opinion.

"sued by artists claiming these machine-learning houses lifted copyrighted images to train models, and made those models available so netizens can produce infringing works on demand, without permission and without recompense. The creatives allege their rights were trampled, that the software can be used to flood the market with knock-off work to their detriment, and they want damages from and other measures levied against the startups."

Alright, let's go through this:

- "lifted copyrighted images" ... what exactly does accessing images available on the open internet have to do with "lifting", or "copyright" for that matter?

- "to train models!" ... Question, what does the copyright status of these images have to do with training models on them? Is training copyright infringement? Which court or law says so? Very relevant link on the topic..

- "can produce infringing works on demand" ... What's an infringing work in that context if I may ask? One that emulates the style of an artist? Styles are not copyrightable for good reason. One that mimicks a specific work of an artist? Photocopiers can do that as well. As can cameras. And pencils, for that matter.

- "allege their rights were trampled" ... what rights specifically?

- "that the software can be used to flood the market with knock-off work to their detriment," ... copyright law doesn't grant protection from market forces or technological innovation, so what exactly is the complaint here?

Brain boffins think they've found the data format we use to store images as memories

mpi Silver badge


> They observed a direct inverse relationship between sensing and memory portions of the brain and where they light up when making or recalling a memory.

...how exactly does this prove the thesis? If the same image, in the same person, invokes the same, lets say "Image-Description-Encoding", then wouldn't this also light up the same regions on a functional MRI?

What the AI copyright fights are truly about: Human labor versus endless machines

mpi Silver badge

Re: They're not

> After all it's just fair, that if someone is making money by building on your works, you also get to make some money off that.


So a library buys a textbook on, say, aerospace engineering for 40$, of which, after publishers, copyright middlemen, etc. get their due, a few coins make it to the authors hands.

The library then, over a year or two, lends this book to 200 students, who use it to prepare for tests, which raises their chances later in life to finish their studies and land a high paying job as an aerospace engineer. Aka. the students "make money buy building on the authors work". Note that the number of students doesn't matter here...the library might lend it to 20, students, or 200, or 2000. It's still the same book (although granted, with 2000 lendings over just 2 years, a single copy might not cut it).

So, should all these students be required to pay the author? A portion of their income in later life perhaps? Or is there maybe a tiny flaw in that logic?

Google password resets not enough to stop these info-stealing malware strains

mpi Silver badge

Passwords are dead! Let's entrust all our authentications to big tech companies!

What could possibly go wrong...

A tale of 2 casino ransomware attacks: One paid out, one did not

mpi Silver badge

Re: Like horse thieves

> look for other ways of costing the host nation money - for example add selected Chinese banks to the anti-laundering lists

Look, I understand the mindset of a harder stance on the organizations, including nations, that are behind this, but unfortunately, it's not that easy. To stay with your example, do you think the CCP would just take that sitting down and not retaliate at all? Of course they would retaliate, and make sure this move costs us easily as much money as it does them.

You are talking about starting trade wars here. And sorry to say this, but at some point, we need to do a simple cost-benefit-analysis when talking about such options.

> And of course we should start at home with prison time for Western execs whose companies pay ransoms.

Not paying ransom is, unfortunately, not always an option for companies in this situation. The article outlines a few of the hairy scenarios.

mpi Silver badge

Re: All because of crypto

> Let's still be honest about the realities involved in both the ransomware industry

Alright, let's do that.

One of those realities is (and that is true for almost all crimes where a transfer of money from a victim to the criminal is involved), that receiving the payment from the victim is one of the most dangerous steps from the point of view of the criminal.

Because payments, especially large sums of money, have a tendency to either leave a paper trail, or require physical presence, or both. At least this is the case when we talk about FIAT currency. With crypto, the situation becomes a lot murkier, which is why it is the perfect payment vehicle for these groups.

So: Let's take that away from them.

I never claimed (and if you disagree: show me were I did) that this is a silver bullet that will magically solve all cybercrime. This is about making it HARDER for these people, and force them to use methods that are a lot less convenient, and involve a lot more risk for them to get caught.

mpi Silver badge

Re: All because of crypto

It's not about making it impossible. It's about making it harder than it currently is.

Sure, there were ways to pay dark money before crypto. But none as convenient, that is simultaneously so hard to track.

Plus, with crypto being essentially nothing but an internet-sized exercise in the Greater Fool Theory, the practical, non-criminal, real world applications of which have mostly failed to materialize in the 14 years since bitcoin was invented, and an enormeous waste of energy and hardware on top of it, there really is no downside to shutting this crap down.

mpi Silver badge

Re: Like horse thieves

Other than the horse thieves, which conveniently operated from inside the country that outlawed their actions and had jurisdiction and manpower to deal with them, these guys don't operate from a place where such simple solutions can be applied.

There is a very sizeable list of nation-state level actors which are essentially safe havens for these groups. Many of them simply don't give a damn about it. And several other nations actively encourage the extortion groups (as long as they don't attack the hand that feeds them), or even RUN them in the first place.

And THAT is the real problem here.

New York Times sues OpenAI, Microsoft over 'millions of articles' used to train ChatGPT

mpi Silver badge

Re: If it's free on the Internet

> minimal transformations

Please explain how ingesting half the internet and outputting a bunch of float32 numbers is "minimal transformation".

Here's who thinks AI chatbots will eventually be smart enough to be your coworker

mpi Silver badge

Re: wasting an enormeous amount of time with meetings-that-should-really-be-emails.

> AI driven Email storms as users AIs consult with manglement AIs who need to schedule meetings about scheduling meetings while HR AIs are inventing new courses

Very relevant video about this topic.

mpi Silver badge

I have a question:

>In the future, instead of having to check your calendar and message back and forth with someone to settle on a time and date for a meeting, for example, Lindy's agents can connect to your calendar and email apps to automatically find a free time slot, and write and send the email asking them to meet.

It is both, supremely amusing and incredibly saddening to me, that humanity has arrived at a point where it is technologically capable of creating artificial intelligence capable of doing this ... while simultaneously still wasting an enormeous amount of time with meetings-that-should-really-be-emails.

To put this another way: Why do we use our technological prowess to automate away the pointless rituals we invented to busy ourselves, instead of doing away with the rituals, and use the compute powering our AIs to do something more productive?

Doom is 30, and so is Windows NT. How far we haven't come

mpi Silver badge

> Since then… well, what big advances can you name?

How about the fact that I can ask a computer to create an oil painting of a really classy penguin wearing a top hat, or instruct it to write a sea shanty about a sad C++ programmer, and it will do that? Or feed it a 4 page article and ask it to summarize that in a list of bulletpoints, but in JSON format? Or that I can use that same system to rubber-duck my code to, while writing the code, by a direct binding in my editor? And the fact that I can do that on consumer hardware, that is sitting on my desk, and cost less than a months payment to procure, using code and data I can freely download from the internet?

I'd call that a pretty revolutionary advancement.

Tesla Cybertruck no-resale clause vanishes faster than a Model S in Ludicrous Mode

mpi Silver badge

You mean along the lines of explaining basic consumers rights, ownership rights, and how "selling things" works?

Lapsus$ teen sentenced to indefinite detention in hospital for Nvidia, GTA cyberattacks

mpi Silver badge

Re: "broke into Rockstar Games using an Amazon Firestick, his room's TV, and a phone"

Usually when impressive "hacks" like this are being presented to the press, it all seems very "Password Swordfish" - Level impressive.

Then later, 99/100 times, it turns out that a) someone was simply duped over the phone or b) someone else did the actual legwork or c) similar unimpressive reality.