Posts by Michael Wojcik 12269 publicly visible posts • joined 21 Dec 2007
Indeed. I used VMS for a few university classes, and one of the first things students were shown was how the file versioning worked, and how many versions our accounts were configured to keep. (Three, if memory serves, which was enough to protect from accidents and few enough to teach an important lesson about backing things up.)
Non-compete clauses are at the very bottom of my list of things I'd worry about if I were looking for a new job. Far more pressing are in-office mandates (no one has an office near where I live), the tiresome processes of shopping my resumé around and interviewing, the reluctance of employers to hire people with experience, compensation for losing retention benefits, changes to medical insurance (because of course US medical-insurance policies are not at all fungible), having to vet prospective employers for their business practices and ethics and product quality, the risk of being forced to use tools I dislike, paperwork hassles, the hit to my credit rating for changing employers... Hell, I haven't even entertained unsolicited offers in decades. No one's come to me with a high-enough offer to make the cost and risk worthwhile.
There are a lot of factors which penalize changing jobs. Non-compete clauses don't even show up on my radar. Has anyone who's not a really prominent figure ever actually been sued over one of those?
The likely outcome would be that companies would simply stop using them
This would also be the preferred outcome. Public code repositories are toxic, and software vendors should not be pulling from them – particularly not as part of the build process. If there's justification for using an Open Source component (and often there isn't), pull a version, put it in your own internal repository, check its provenance as much as possible, perform due diligence (static and dynamic analysis and so on), and if it was updated recently wait a while before using it to see if any issues are reported.
This business of "oh, CI just pulls the latest from npm and puts it in the release build", or pulling Javascript directly from external sites into a production app, is unprofessional and ludicrously dangerous.
Some people do want them, some don't, and most don't care and just want a car
Indeed. I don't want an EV, because it doesn't fit my use case. If one did, then I'd consider it – except, well, I wouldn't, because I'm pretty sure all the EVs sold in the US come with touchscreens, and I will not buy a car with a touchscreen. (Which likely means I'll never buy another new car.) But as far as just the engine technology goes, if an EV could satisfy my use case, I'd give it a look.
Some other people do want an EV, for various reasons.
But the post upthread that pointed out demand for fueling stations and motor vehicles in the first place was driven by demand is correct. The proportion of the population that wanted to switch from horses to motor vehicles greatly exceeds the proportion that now wants to switch from ICE to EV, and can feasibly do so. The past several decades of motoring-infrastructure build-out had a much stronger economic driver than EV build-out does.
I have no idea what it's like elsewhere in the country, but my local electric co-op was quoting 14-18 months for a residential pole transformer last year, and I don't believe the situation has improved. So, yeah, I don't see any signs of the necessary infrastructure ramp-up either.
There may be time to do it, but that only helps if someone actually does.
And electric utilities have plenty of other worries.
And if there happen to be any such chargers available on the route, that might be a persuasive argument.
There are no – zero – EV chargers of any sort on the 10-hour trip I take once a month or so, much less "fast-charge" ones. I don't know how far I'd have to deviate from my route to find any chargers, or how much extra time that would cost, but it would be significant.
And even when traveling through more densely-populated states I much prefer rural routes.
EVs won't be practical for the majority of my motor-vehicle use for the foreseeable future. Probably not as long as I'm still able to drive.
On the other hand, crooks gonna crook. The opportunity to use Fox Hunt as a cover for criminal activity is real, so it's implausible that some criminals wouldn't be doing just that.
There's all sorts of wickedness around. The public and private sectors are equally capable of it.
Perhaps because there are many alternatives, so why expose yourself to Google's miniscule attention span?
Frankly, if you're not already tracking at least some of this information – like all of your dependencies, their provenance, their versions, their licenses – already in-house, you have a big problem that Yet Another Google Toy will not solve.
In a LessWrong post ("AI #4"), Zvi quoted Siqi Chen:
chinese tech ceo explaining to me why china is falling way behind on AI tech over dinner:ceo: “chinese LLMs can’t even count to 10”
me: “what? why?”
ceo: “you can’t count to 10 without also generating 8,9 and ‘89 is a politically sensitive, censored year”
not making this up.
I've read, though made no attempt to verify, other accounts of the Chinese government banning ordinary words and phrases because they could represent topics the government does not want discussed. If this is true – and, again, I have not attempted to verify any of it – then this looks like an impossible task for Chinese firms wanting to make LLMs available to the public, though perhaps if they make a show of it they can get by on "good enough". I wouldn't want to be an officer of a company walking that close to the cliff edge, though.
To be fair, it's pretty rare for politicians anywhere to use terms in their technical poli-sci or philosophical senses. As you note this is true of many words, and indeed is how natural languages have always worked; but it's particularly common in the political sphere where diction bows to rhetorical effect.
Take the use of "liberal" in the US, which has been largely reduced to a Republican dog-whistle and indiscriminantly applied to concepts which are both "liberal" in the political-science sense and in how the term was commonly used in European and US political discourse prior to it becoming a right-wing shibboleth (e.g. freedom of expression), concepts which are more novel but are clearly poli-sci liberal (e.g. transgender rights), and concepts which are very much not poli-sci liberal (e.g. environmental regulations). Outside a technical context the word (as a political descriptor) is basically meaningless, and when you see someone using it, you can be pretty sure they're just signalling tribal affiliation. Which is what the Chinese government is doing with "socialism".
The fundamental (and probably insuperable) probem[sic] of course is that this automaton has zero understanding about the meaning of the ideas it's trying express.
Wouldn't that describe a large part of the (disenfranchised) human population too?
It arguably includes the entire human population, since pinning down what "meaning" means is one of the thornier epistemological problems. It is entirely possible that what we think of as "meaning" is simply a complex of associated concepts, and eventually transformer-like models1 might have a valid claim to be doing something equivalent.
So calling that a "fundamental" problem is rather an article of faith.
1I'd argue not the current crop of transformer LLMs, at least not until they're scaled up to the point where something like Boltzmann brains can spontaneously arise in parameter space. Unidirectional MLP or softmax transformer stacks (and linear transformer stacks even less so) simply aren't doing anything sufficiently complicated or with enough recurrence.
Exactly. And in fact water sources in the US Southwest tend to be quite high in mineral content. The water we get from our well in northern New Mexico has around 200 ppm of calcium dissolved in it (and a pH of 9, both of which are outside EPA recommendations). Which is what you'd expect; dig down half a meter and you come to a karst ("caliche" is the local term) layer that's about 50-100cm deep, a white streak through the ground that's calcium (and some magnesium) leached out of upstream soils and percolated down into the ground from natural flows and three centuries of irrigation.
Our situation is better for cooling than Phoenix's, because at our altitude things cool off very quickly once the sun sets. Our house doesn't have A/C or evaporative cooling and we don't need it; nighttime passive cooling and lots of thermal mass keep the daytime temperatures comfortable. I wouldn't want to run a DC here though.
The US fixation on incarceration (and our use of it as government-mandated, if often privatized, slavery) is a huge problem. Holmes is way, way down on my personal list of prisoners to feel concern for, though. She can get her turn after we release and compensate the huge population of non-violent drug offenders, for example.
It's not impossible that she wanted kids for the reasons parents more commonly cite1 and also thought it'd help with her defense, sentencing, or subsequent treatment.
But to me she seems like someone who quite possibly has antisocial personality disorder and doesn't really care about the effects her decisions have on others. Running the Theranos scam would certainly support that conclusion. People are capable of enormous self-deception; but it's a bit much to swallow the idea that you toyed with peoples' lives for years, and then tried to weasel your way out when caught, yet have some capability for sympathizing with others.
1You know, like, um, wanting to have children. Actually now that I think about it, I'd rather not wade into the quagmire of what the "correct" reasons for having children are. Let's just assume there are some and move on.
The US distinguishes physical custody, which Holmes will indeed have to relinquish, and legal custody. The latter involves such matters as choices in medical care and schooling. It would be entirely possible for family court to grant the husband sole physical custody (possibly to be reevaluated when Holmes is out of the clink) but shared legal custody.
I think he knows it's doomed, so he's doing a bunch of random stuff to appeal to what remains of his rabid fan base, who will eagerly tell everyone within hearing that it's "four-dimensional chess". It's like the old saying: He's crazy like a narcissist who doesn't care about consequences or other people and lives to see his name in the press fox.
ADT is owned by Google, per the article, so any experience with them prior to that acquisition is unlikely to predict future performance.
I've used some ADT systems in commercial settings, and they weren't horrible, but their reputation in the physical-security research community doesn't seem to be very good. I've read a few discussions of bypassing their security systems, and of the willingness of their operators to believe anyone who picks up the phone and tells them it's a false alarm.
Mostly my impression of ADT is that their fearmongering advertisements are both obnoxious and a signal that they live on marketing, not product quality. Any firm that plays the "woman and children in peril" card (oh no! no man around to save them!) is off my consideration list forever.
Better than average ≠ "reasonable".
Sure, I wouldn't touch this crap with a bargepole. But consumers bought it in good faith, and discontinuing support after only a few years is a dick move. If Google are slightly less horrible than other vendors, that's hardly to their credit.
A kill switch is a good idea, but bear in mind you don't want to switch off the alarm when you flip it
Oh, yes, I would. When has a car alarm ever done anything other than annoy people in the area?
When I were a lad, many of my friends had kill switches of some sort in their cars, whether the cars were at all desirable or not. It was one of the first projects for the aspiring home mechanic. Just pick up a toggle switch at Radio Shack and wire it into the ignition wire under the dash, then mount it in an inconspicuous location. Easy to defeat but it takes a bit of time.
That still doesn't require a CAN connection to the headlamp. A lamp failure can be detected electrically, and that signal can be detected by a CAN-connected component in the engine compartment.
Having CAN connections easily exposed to the exterior of the vehicle is a security failure, plain and simple. It's done for convenience, not necessity.
I still don't understand why cars aren't using asymmetric keys
Because the branch of the threat tree that asymmetric cryptography would protect against, which isn't protected by a pre-shared secret assigned when the car is manufactured, is largely negligible, and doesn't justify the additional fragility and power consumption that would be added to the key fob. Asymmetric cryptography isn't some magic solution to everything. It's primarily useful when there's no secure channel for initial secret agreement, and for cars there is: it's called the factory.
That's assuming asymmetric cryptography would be implemented properly, with a protocol that actually provided additional security. And that's pretty damn unlikely when we're talking about auto manufacturers.
Asymmetric cryptography wouldn't help with relay attacks, which are the most common attacks against the unlocking protocol. What does help with relay attacks is requiring user interaction on the key-fob end, but we can't have that because people are too damn lazy.
And, of course, this attack has nothing to do with defeating the unlocking protocol.
This is one of those religious issues. I don't think anyone is ever persuaded, probably because there are reasonable arguments on both sides which can't be reconciled.
Years ago Bruce Schneier declared that no one ever needed to keep email messages for a year. Yet I frequently – once or twice a week at least – search through my email collection, which goes back twenty years or more (and that's despite the fact that it's in Outlook, which is horrible for searching; even the stupid mbox format would be better). Not infrequently I find important information in messages from a decade or more ago. Institutional memory is important. Personal chronicles are important.
So it depends on your threat model. I'd rather have information. Of course that has more to do with my background than with rational calculation; I was an academic as well as a professional developer for many years, and I've always lived with academics and librarians and compulsive readers. Discarding written material just seems wrong.
Kookery of the Week right here. Even better than your usual efforts, Ilya.
There are a zillion papers, blog posts, etc freely available discussing Quantum Key Agreement and the issues with extending it over long distances, if anyone's actually interested in the technical details. Schneier did a writeup on the most common scheme some years back on his blog, for example. And people have been working on diamond semiconductors and optics for decades. It's not clear to me what, if anything, is new here. Maybe De Beers trying to extend their domination into the industrial-diamond market.
I really wish that back in the '80s GE had just told them to go fuck off and started producing gem-quality diamonds. Bring the whole damn diamond-jewelry industry down. It's hard to see how everyone outside the cartel wouldn't have been better off for it.
I'd quite enjoy having a lot of extra money, without needing to live an extravagant lifestyle. No worries about budgeting. Buy a few more things here and there – small things, maybe a vintage project car at the upper end. My wife could retire immediately rather than waiting a few more years. Modest gifts to friends and family members. When the grandkids reach college age, help them with the cost of schooling. Charitable contributions. An annual vacation to a quiet spot – lakeshore or national park or the like. Maybe every few years a trip overseas, but at a normal tourist budget, just to experience something new.
There are plenty of ways to spend money without being a ass about it.
Drove a high-speed vehicle? Horrors!
What sort of vehicle that you "drive" isn't a "high-speed" one these days? Hell, even my 1992 Toyota pickup can get going fast enough to do serious damage.
My Spanish isn't good enough to guess whether this is an artifact of translation or just a ridiculous euphemism. Police forces do have great affection for the latter.
And continual vigilance is simply impossible for humans. It consumes too much cognitive resources. We're not physically capable of considering the security implications of every decision, or even of considering every decision, period.
And we know from the past several decades of IT debacles that blaming the users just doesn't help. It achieves nothing. Some level of training is worthwhile, but you hit the point of diminishing returns pretty quickly, and punishing people only makes them hide things, which delays incident response.
You just have to have good information controls at multiple levels – including restricting access to low-value services like LLMs. (I am utterly unpersuaded by the arguments I've seen so far about "developer productivity". If an LLM improves your productivity significantly, you're not a good developer.)
Not to mention harvesting keys and credentials from GitHub repositories. Or people throwing coredumps up on Pastebin for someone to look at. Or a hundred other things.
Your point is well taken: if an information service is writable, on the open Internet, and doesn't have tight information controls enforced from the beginning, people are going to leak information into it.
Updating the model on new inputs would also play merry hell with the post-training phases, such as fine-tuning and RLHF. It's simply Not How Any Of This Works.
Of course, if (when) the next generation is trained in a similarly indiscriminate manner to this one, hoovering up all available corpora, then it'll pick up a lot of LLM-generated content. Microsoft/OpenAI and Google and the other LLM trainers aren't going to be any better at filtering that stuff out than anyone else is.
"Cyber Force"? Ugh. Further abuse of Norbert Wiener's once-useful, now-ruined coinage – the use of the prefix "cyber" ought to be banned by law – and it sounds like the title of one of those horrible independent "kid-friendly" comics from the '80s. Or one of the horrible TRON- and "cyberpunk"1-inspired comics from the '80s. Take your pick, it's horrible either way.
I mean, "Code Guard" is right there in front of you. We could at least try for a little originality with our stupid names.
Or be consistent. Army, Navy, ITy. Junior officers could be known as "ITy Bitties".
1Death, I say. Death to this prefix. It is awful and meaningless and has nothing to do with cybernetics. You must all stop using it immediately or I detonate the Doomsday Device.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
