Posts by Filippo 2339 publicly visible posts • joined 24 Nov 2007
Context: manufacturing execution system for a factory
Operator: "The line is not starting."
Me: "Are there any active alerts?"
Operator: "No."
Me: "You sure?"
Operator: "Yes."
Me: "There aren't any alerts?"
Operator: "None."
Me: "What color is the application background?"
Operator: "Red. There's a flashing 'alerts' button."
>Goldman Sachs warns that datacenter investments may fail to pay off if the industry is unable to monetize AI models, but hedges its bets by saying that demand could also overwhelm available capacity by 2030.
"It might go very bad, or it might go very well. Or it might go just bad, or just well. Unless it goes so-so."
And someone got paid, probably a lot of money, to write this?
So, how many gigawatts of reflected energy do you need to install, before this makes a dent in our energy needs? What happens if you beam those gigawatts at the wrong (well, or right, depending on point of view) target? Is China going to be OK with the USA having that? Are the USA going to be OK with China having that? No? Well, then, no space solar power for us.
"Safe" is doing a lot of work there. "Safer than radio or visible light" would be more accurate.
Ultimately, there really isn't a way to make a system that can direct megawatts of energy to arbitrary specific locations "safe". The exact way said energy is directed - radio, light, near-infrared, electricity, falling rocks, falling water, gas pipes, whatever - only serves to determine how it can kill a lot of people and how hard it is to mitigate the risk, not whether it can kill a lot of people. Such is the nature of entropy.
That's true, but it has more to do with the fact that access to knowledge was extremely unequal. When you talk about the scientific progress of mankind, as OP was doing, you are generally considering top knowledge workers, not the general population. Top knowledge workers in the middle ages did know that the Earth isn't flat. As another posted noted, most people in the middle ages couldn't read, but you wouldn't say that writing was unknown.
Honestly, this sounds more like a failure of documentation than a bug. Microsoft probably should put a warning where classes that are nearly always used with web URLs actually also accept file URLs.
That said, in order to make bad things happen here, you need to have an application that takes unvalidated user input and makes a call to it. That's fundamentally wrong. There's endless ways that could go be exploitable, and making the SOAP library reject file URLs does not make it "safe" in any way.
Exactly. The notion that AGI is just a really, really big LLM is something Nvidia and datacenter operators are pushing like hell for obvious reasons, but there's really no hard reason to believe that. In fact, we've been making bigger and bigger LLMs for a while now, and the main problems are not going away.
Brake assist (and similar) helps not only with reducing the number of impacts, but also speed at impact. That fraction of a second of extra braking can have a very large effect on severity.
Ideally, I wish the study compared EVs with ICEs-with-recent-safety-features, rather than EVs with ICEs general.
I like reading sci-fi novels, and one thing that's always true of futuristic computers is that they are apparently very easy to hack. Whether it's an astromech droid or a teen in a hoodie, if the heroes need to get through a computer system, there's someone in the party that can do it in seconds, or minutes if there's some need for drama.
Each time, I wonder: this is set centuries if not millennia in the future, the story imagines amazing advances in all fields of human knowledge... except computer security, which appears to have gone backwards? Why?
Well, now I know.
Well, yes. Western countries aren't saints, but there are obvious differences. For example, you can post what you just posted, and the worst reprisal you're going to get is downvotes. Try denouncing manipulations in Russia or China, I believe the difference will become very obvious, very quickly.
Mass propaganda has always been a thing, but it's not the same as what we have now. Goebbels-style lies needed full control of all available media, same for Stalin or the monarchs of old. You could run propaganda outside your borders, but it was difficult and limited, and you could never overwhelm local discourse entirely.
Today, you can flood rival nations with industrial-scale lies. Or you can flood your own nation without even being in the government. That has never been possible until very recently.
>Liars, cranks, and con artists have always been with us.
Yes, but up until recently, lying was an artisanal business. Every lie was lovingly handcrafted by an expert liar.
Nowadays, lying has been industrialized. Information sources are swamped by incredible amounts of lies, mass-produced by soulless machines. It's hard to find a good old-fashioned lie these days, like my granny used to make, when she told us that if we went swimming after lunch we'd die, just so that she could take a nap.
Seriously; liars have always been with us, but the same is true of coal. And yet, the greenhouse effect has never been a problem, until relatively recently. Why? Because quantity, when there's enough of it, becomes quality.
That is, any phenomenon, once you scale it up by enough orders of magnitude, not only increases known problems, but it also creates entire new problems that weren't there at all before. That's what we're beginning to see with industrial-scale lying. And it's only the beginning. Be afraid.
All access to everyone is, sadly, SOP for a lot of industrial systems I've worked with. The reason is that a bunch of these systems run on ancient versions of Windows and communicate through equally ancient protocols and once setup are very reliable until anything at all changes, at which point they become extremely brittle. Getting this to work alongside modern systems while maintaning security is a nightmare at best, and outright impossible at worst.
Worse, the IT folks that are responsible for the networks very rarely know what they're doing (or they'd be working elsewhere) and very frequently are overworked to hell, so even when all vendors are providing reasonably updated software, they still can't get things like automatically logging on a remote machine to work reliably.
If any of the vendors involved appears to actually have a clue, they'll pester him/her to hell and back to fix things that aren't their responsibility. Which of course they'll resist viciously, knowing that if they cave, then it does become their responsibility.
The fundamental problem is that the least competent vendor is also the most likely one to "solve" its problems by pointing fingers and demanding that everyone else proves it's not their fault, before they even attempt looking into a problem.
Basically, it's an environment where you'll typically have at least three factions, but usually more, in a Game-of-Thrones-like struggle to get everyone else to configure their fucking firewall properly this time and to stop changing it in production without testing anything.
I assure you that, after the sixth time you get a call because someone else has fucked up but the burden of proof is on you, the temptation to just tell them "sorry, the application requires that no firewall is present between it and the database" is very, very strong indeed. I mean, they have bought the thing already anyway, and (sadly) nobody will replace you because of something like that, so who gives a fuck? Substitute firewall for domain controller, database permission, encryption certificate, antivirus, whatever.
This question does not get asked often enough.
I mean, I know the answer, and it is "in most fields of IT, advertising new features attracts more customers than advertising reliable features" whereas if you advertised a car as "has a joystick instead of a steering wheel, but I won't publish numbers on how often the joystick breaks off" you would rightfully go bankrupt.
But then I have to ask why that is the case, and I don't know the answer to that.
Okay, Apple is overtaking Samsung, but is that a meaningful metric?
Surely that's mostly because they are basically the only ones that make something that's not Android, while at the same time the barriers to entry in the Android market are comparatively low? The Android market is very fragmented. If you want iOS, there's only Apple; if you want Android, there's vicious competition. If anything, it's surprising that Samsung has been number 1 for any amount of time.
The really annoying thing is that we won't even get the last laugh. When the bubble bursts, Nvidia and the rest will just be bailed out with public money because "strategic", which will come from more public debt and less public services and more taxes on the middle class and lower, and the people who hyped the hell out of AI in full knowledge that it was snake oil will have made like bandits. Thus reinforcing all of the perverse incentives that led us here.
The invisible hand is attached to an invisible arm. It's emaciated, shaking, full of needle holes, and controlled by an invisible brain that will do anything for another hit.
Back when WhatsApp was acquired by Meta, I uninstalled the app from every device I owned*. Then, I followed the procedure they outline to have my data removed from their registry. Finally, I sent a registered email to WhatsApp asking them to delete all data they had on me, in accordance to GDPR as an EU citizen.
I never got an answer to that email, and people sometimes still tell me "but I sent you this on WhatsApp" when I tell them I never received something they sent me - which means that I'm still on their systems somewhere.
If I was legally inclined, I wonder what I could do with this.
* the reason I did that was that those devices have my business clients' PPI on them, and if an app buries in its T&Cs a line that says "you allow us to harvest phone contacts and do whataver with them", that would put me in violation of GDPR, the penalty for which is potentially crippling. While any app could do that in theory, Meta is the only company that has actually done it for real and whose products I actually used. That makes it radioactive as far as I'm concerned. Following all procedures and sending a registered email legally covers my ass.
>It seems like such a good idea. Consolidate the record labels and streaming distributors, grab as much data as you can to train your AIs claiming fair use, ladle out the results, and collect all the money.
It seems such a good idea, until I, the consumer, realize that if I'm going to get slop anyway, I might as well run a local LLM and give you none of the money.
>Way too many of the one percent, and those who desperately want to be in the one percent [...]
This isn't about the one percent. Globally, probably I am in the 1%, just by virtue of living in a Western country and having a good job.
This is about the one percent of the one percent of the fucking one percent, ogling upwards at the one percent of themselves. Nobody is going to convince me that society is made better by having these categories.
Hi, I make MES and supervisory software for industrial systems. I write the software that would use these libraries to get the production data from you so I can log it, and to give you the recipes when the operator selects a product.
I can confirm that I'm not supposed to deal with safety. Safety must lie in the PLC. If I'm supposed to deal with safety, then someone has made a major fuck up during design, and my new top priority will be to have that rectified. As far as I'm concerned, any competent PLC programmer should assume I'm stark raving mad and might start sending random crap or drop dead at any time, and should make sure nothing explodes regardless.
After all, that's what I assume of the ERP guys on the next layer up...
Right. We don't have superintelligence. We don't even have a decent definition of what it would be. We don't have artificial intelligence, either. We don't have a decent definition of even that. We do not have a path to AGI. We do not even have a path to having a decent definition of what intelligence is. We have LLMs, which, while interesting, do not look like a path to AGI.
So I'm skeptical of the ability of Microsoft to put constraints on something that doesn't exist, that we don't know how to make, and that we can't even really define.
If I had to take a guess, I'd say that the point is that humanoid robots make news. Specifically, they make news that will have "AI" in the headline (or at least in the subheader, like in this case). Gotta keep that bubble up. You don't even have to actually deploy the robots, once the news is published.
Well, the username isn't supposed to be that secret either - but I would still like sites to stop using email as username, simply for the fact that emails are not forever. What happens if I change email provider and lose access to that email? Yes, yes, have your own domain, I know, but the vast majority of people won't do that.
I think Amazon has two problems here.
The first is likely excessive numbers of returns. I expect that the agent, like all LLMs, is basically insane and is probably prone to making weird and wrong purchases, which users then return. I think Amazon generally makes a loss on returns, which only works because returns are statistically unlikely. If Amazon sees a surge on returns because of mad LLMs, the usual return policies become no longer workable. I think this is a fair point for Amazon.
The second is more insidious - the LLM is not susceptible to marketing manipulation (or, more accurately, not the same manipulation that is successful on humans). Amazon really wants to shove its sponsored products down your throat as deep as it can push them. The LLM, on the other hand, might easily go look into page 2+ of the search results, where sellers who (*gasp*) have not paid for privileged positioning might find themselves, even though their product is actually a far better fit for the query than the ones on page 1. This just won't do for Amazon.
>It is also proof of LLMs' inability to reason.
That is true, but the fundamental issue is more subtle than that.
There are plenty of meat-and-blood people that can't reason - well, to be marginally less inflammatory, that fall for propaganda. There are also plenty who don't, or who fall for some opposing propaganda. But with people, you can usually figure out which is which after a brief conversation. After that, you know where they stand, and can take this into consideration when evaluating what they say. This is how you can have useful conversations with biased people (i.e. all of them, one way or the other).
With LLMs, that does not work. LLMs have fixed biases, but only statistically across a large number of instances. You could talk with an LLM for an hour and think you got a solid grasp of its biases... but in the next chat, after a context wipe, the exact same model could easily be displaying a completely different, even diametrically opposite, set of biases. This means that even after interacting with ChatGPT for a long, long time, not only you can never trust it, but you can never even trust that you know its tricks.
Even worse, we now know that LLMs can be poisoned to display specific biases upon receiving a hidden command. So this LLM multiple personality disorder is actually worse than random, because it can be weaponized.
Maybe. A lot of damage was already done well before LLMs, most notably with social media. Most people still don't believe we have a truth problem, or that it's an existential risk. I can only hope that LLMs become a wake-up call. But I suspect we'll just keep getting attention on the symptoms and not the disease.
This is a manifestation of the more general problem, that LLMs cannot be more accurate than the content of their training set. If that training set is "as much of the Internet as we can slurp", that's a low bar.
Disinformation is yet another problem that's not technical in nature, and will not be solved by technical means.
>"We don't have a cybersecurity problem. We have a software quality problem," she said. The main reason for this was software vendors' prioritization of speed to market and reducing cost over safety.
That's actually not wrong.
Where she goes wrong is with the solution. Software vendors put security at a very low priority not because they're dumb or evil (though some are), but because all the economic incentives are extremely in favor of speed to market and cost reduction, and security costs a lot of time and money. As long as the incentives are the same, shifting the problem to AI won't solve it.
>I would make gambling illegal, because it's a criminal business
The problem is that if you ban gambling, then illegal gambling blooms. This isn't a hypothetical; it's been tried many, many times in history and it always has that result.
The smart policy would be to allow gambling; ban gambling advertisement; heavily discourage positive representations of gambling in media; teach everyone in school the problems with gambling; fund recovery from gambling addiction programs. Pay for this (it's not that much actually) with taxes on gambling.
>at roughly one-third the cost of crewed fighters, or about $30 million
Suppose you take a hobby-quality drone and slap some explosive on it and just enough smarts to remember a mission and coordinate somewhat with its neighbors. That'll probably cost around 10k. How does one xbat compare to three thousand of those?
>business leaders now realize that operational resiliency is foundational to keeping the business up and running
No, they don't. They have become aware of the problem, they are starting to think about it, but they are still pretty far from understanding how big it is. Still, that is progress, compared to not that long ago, when they didn't know what the words even meant.
We will be able to tell they have understood the issue, if and when they do, because incidents will actually start decreasing in number and severity. It's a big problem, but, once you take it seriously, it's not impossible to solve or at least effectively mitigate.
Yup, which means that deploying this in the real world would require a system to make damn sure that every single living being or item on board is properly secured. I can't think of any way of doing this that wouldn't add at least a few minutes, and that's being wildly optimistic. You can just about manage that on rollercoaster rides, but only because nobody has luggage or pets or small children, and the rollercoaster has literally no space where a human can reasonably be except their seat, and they've just gotten off a queue where they've been looking for half an hour straight at what's going to happen.
It's far faster, easier, safer and cheaper to just accelerate at a speed that won't kill anyone, and take a few minutes to reach cruising speed. Which means that these absurd accelerations are basically good for nothing more than bragging. I do respect that, it's no mean feat, but it's not something that's ever going to happen on a passenger line.
>There's a fairly cogent argument that such content collections as Reddit and Twitter/Facebook/X/Social implement should not get exclusive rights to control (and collect rent on) all of said content in perpetuity.
They shouldn't. Those rights should always remain with the users. Doing things to my data without my consent is not freedom. It's the opposite of freedom.
The argument that Perplexity should be able to download the whole of Reddit because Reddit shouldn't have exclusive rights to Reddit content is upside-down logic. Reddit should take steps to prevent Perplexity from doing this, specifically because Reddit does not have all rights on my content, and they definitely do not have the right to redistribute it for purposes not explicitly declared in their T&Cs.
This is as if I picked one of those successful web novels that people post on Reddit, reformatted it, printed it, and sold it in libraries. The guy who originally wrote it would come after me, win easily, get all my profits and then some, and damn right he should.
Publishing something does not mean putting it in the public domain; I get that some people believe that, but that diminishes freedom, because it means that rights are taken from me, not given to me.
My rights are mine until I explicitly decide they are not. Taking them against my will isn't freedom, it's merely economic might-makes-right... and corporations will always win that one.
And sci-fi works used to depict AIs as cold minds that can only think in ironclad logic and are really bad at empathy and emotions, while what we actually got are convincing liars and swindlers that can't be stopped from hallucinating and can't be trusted to do any job were accuracy is important. Reality is weird that way.
Actually, most vaccines only reduce chance of infection and/or symptoms and/or rate of transmission, exactly like the COVID vaccine. The influenza vaccines are an obvious example; they are generally a lot less effective than the COVID vaccine, but using them is still a good idea and people don't make such a big deal out of it. Many other vaccines that you'd think make you 100% immune actually might not work if your immune system is sufficiently screwed up for other reasons and your exposure is sufficiently high. All of this has been well known since vaccines were first invented.
It's not a coincidence that only smallpox was eradicated, even though we have effective vaccines for quite a lot of pathogens. That "effective" has never, ever, meant 100%; with COVID specifically, given the absurd transmission rate it has, eradication has never seriously been on the table. Complaining that a COVID shot is not 100% guaranteed to work forever and might have side effects is, essentially, complaining that it's not magical.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
