LinkedIn: http://www.linkedin.com/in/eykanal
Blog: http://shadyacres.tumblr.com/
Twitter: https://twitter.com/#!/eykanal
- eykanal parentThis is some real antimemetics stuff here :) (https://scp-wiki.wikidot.com/antimemetics-division-hub if you're not familiar)
- Now seems like a good time to remind folks of the Stanford dead fish fMRI study: https://law.stanford.edu/2009/09/18/what-a-dead-salmon-remin...
fMRI has always had folks highlighting how shaky the science is. It's not the strongest of experimental techniques.
- Now seems like a good time to remind folks of the Stanford dead fish fMRI study: https://law.stanford.edu/2009/09/18/what-a-dead-salmon-remin...
fMRI has always had folks highlighting how shaky the science is. It's not the strongest of experimental techniques.
- This exactly. Worth mentioning that "censoring" can occur in any of a number of ways; blocking select traffic, slowing select traffic, "forgetting" specific nodes, redirecting other nodes at will, performing MITM attacks (if the protocol isn't secure), etc etc.
Also, beyond just no positive incentives, there are nontrivial negatives... they're hubs for an entire network, which can be a lot of traffic and bandwidth if peers are sharing anything other than text. That's a potentially significant cost for literally just being a dumb router. The idea of charging for this doesn't make sense... you don't choose a router, it's automatic based on location, so there's no incentive for quality. That ends up being a race to the bottom, which there's no room for arbitrage; prices are driven down to near-zero profit.
Abuse-wise, the model is fundamentally flawed. Economically, the idea kinda works so long as hub traffic is low enough to be swallowed in background noise for whoever manages the hub. Beyond that the model breaks pretty quickly.
- I read this as "Disney approached OpenAI and threatened to sue them into oblivion --> OpenAI negotiated that Disney will use OpenAI internally for free, and will buy $1B of equity to have an ownership stake in the company".
Disney comes out pretty good from this one; they're going to have a ton of people using the service to create all sorts of stuff that will—on the whole—increase brand awareness and engagement with Disney.
OpenAI comes out pretty good from this, with a customer who's probably not paying much (if anything), $1B additional runway, but reduced ownership of the company.
I think Disney is the winner here.
- > ...Assange and Snowden...
I'd argue that for every Assange and Snowden, there are 100 (1k? 100k?) people using Tor for illegal, immoral, and otherwise terrible things. If you're OK with that, then sure, fine point.
> SSH keys
Heartbleed and Terrapin were both pretty brutal attacks on common PKI infra. It's definitely serviceable and very good, but vulnerabilities can go for forever without being noticed, and when they are found they're devastating.
- The problem with this paper is that, while technically true, there are many website owners who have found that CAPTCHAs have effectively reduced the spam on their site to zero. The fact that a CAPTCHA _can_ be bypassed doesn't mean that it _will_, and most spam bots are not using cutting-edge tech because that's expensive.
To say "it's worthless from a security perspective" is a pretty harsh and largely inaccurate representation. It's been tremendously useful to those who have used it. If it wasn't valuable, it wouldn't be so widely used.
Definitely agree with the whole "tons of free $$$ for Google", but that's kind of their business model, so yeah, Google is being Google. In other breaking news, water is still wet.
- Link: https://www.thrillist.com/news/nation/how-does-the-duck-hunt... Super low-tech and amazing ingenuity in making something work within the limitations of the tech they had then.
- Just piling on here because upvotes are not visible. The one thing you can guarantee is that your good faith is not reciprocated by the university. Get a lawyer.
To make it easier: it sounds like you're still registered. University of Washington offers Student Legal Services ( https://depts.washington.edu/slsuw/ ). Set up a referral with one of them and talk to them. Even if they're employees of the university and don't want to work with you to sue the university itself they may be able to give you good advice about how to proceed.
- It's worth mentioning that this really isn't programming-specific, or even engineering-specific, at all. The exact same story applies to the guy doing finance, or marketing, or project management, or legal work, or whatever. This is basically a reminder that your role as a cog in the wheel is to make the wheel move, and you shouldn't forget what the wheel is doing.
That said, working for a US military contractor while not being supportive of the US military mission is kind of a silly thing to do.
- Can we just link directly to the story rather than through longreads? https://www.technologyreview.com/2024/10/10/1105034/weeds-cl...
- > [...]the movements in the cluster began to show an atypical pattern with diverging paths
What the heck does this mean?
> Insurtech utilises technologies such as artificial intelligence, big data analytics, blockchain, and machine learning, to support the insurance industry.
Holy buzzword soup, batman.
Why is this being upvoted? This is a meaningless article.
- This seems like a great idea designed for well-intentioned people. Unfortunately, the internet is running a bit short on well-intentioned people.
The potential for abuse here is enormous. I have a difficult time seeing this becoming anything other than a cesspool of ads, 4chan-style joke links, and general inanity.
- So, IIUC, passkeys are a form of public key authentication. You register a public key with a service and then prove you have the private key. It sounds like this article is blaming "big tech" for not creating a universal, seamless, transparent private key sharing mechanism. That seems... silly?
As a user, sure, I'd like to share my private keys around, and maybe one day we'll get there. However, exporting keys manually—which is what it sounds like proton is doing—sounds pretty sucky as well from a user experience standpoint. Now instead of having a password, I have a bunch of private keys that I have to manage and do... something... with on different services.
This article would do well to acknowledge that this is a very hard problem rather than just ring the "big tech suxxorz" bell again.
- This seems to be ~4 years old. Have any cryptographers reviewed / audited this protocol in the interim? A quick google search comes up empty [1], and google scholar doesn't show anything [2].
[1]: https://www.google.com/search?&q=Theseus+dht+protocol+%22aud...
[2]: https://scholar.google.com/scholar?q=theseus+dht+protocol
- Saying "I don't want censorship" is equivalent to saying "I'm fine with people using my tool for coffee meetups, genocide planning, bridge club, and drug deals." It's an attempted handwashing of moral responsibility under the cover of software purity.
At this point, it's pretty well documented that social media _as a tool_ has increased young female mental illness; the question is only "how much" [1]. To try to wave away responsibility for this by saying "but I'm just making a tool!" is beyond irresponsible at this point; it's morally reprehensible.
[1]: https://jonathanhaidt.substack.com/p/social-media-mental-ill...
- Its pretty well known that fingerprints _by themselves_ are a pretty poor replacement for passwords. (a) They're public, in that it's pretty easy to get someone's fingerprint... just find something they touched recently. (b) If they're compromised its impossible to change them.
I don't think this gets around either of those points, but I am curious if this somehow makes it much more difficult to either compromise the fingerprint hash (fingerprint fingerprint?) or makes the resultant hash less useful once compromised.
- From the comments here, it sounds like the main issue is payment processors needing to accommodate "vice laws" or something. Can someone explain why OnlyFans can't simply use non-US payment processors to get around this? My understanding is that many European countries are much less concerned with vice than the US.
- > This is virtually indistinguishable from a protection racket: It is a fee that developers must pay if they want to stay in business. And it is a fee which ultimately harms consumers because these fees are indirectly passed on to users, either through higher prices, or through fewer competing products in the marketplace.
I guess this would be great, if it were true. There are over two million competing apps in the market [1], and the vast majority are priced ridiculously competitively at less than a dollar each [2]. That's the average cost, not the median, which would be significantly lower.
I'm sure proton isn't happy about this, but considering the ridiculously high salaries app developers are able to command [3] but the market doesn't seem to agree with their assessment.
Now, this may be more true about app companies, but the numbers there tell a different story. Based on this analysis [4], the thing killing them isn't the developer fees, its that its ridiculously hard to make any sort of living if your only product is a phone app. The majority of apps simply make no money at all. Adding 30% to 0 doesn't do much for anyone.
[1]: https://www.statista.com/statistics/263795/number-of-availab...
[2]: https://www.statista.com/statistics/267346/average-apple-app...
[3]: https://www.businessofapps.com/app-developers/research/ios-a...
[4]: https://medium.com/@sm_app_intel/a-bunch-of-average-app-reve...