As an experiment / as a bit of a gag, I tried using Claude 3.7 Sonnet with Cline to write some simple cryptography code in Rust - use ECDHE to establish an ephemeral symmetric key, and then use AES256-GCM (with a counter in the nonce) to encrypt packets from client->server and server->client, using off-the-shelf RustCrypto libraries.

It got the interface right, but it got some details really wrong:

• It stored way more information than it needed in the structure tracking state, some of it very sensitive.
• It repeatedly converted back and forth between byte arrays and the proper types unnecessarily - reducing type safety and making things slower.
• Instead of using type safe enums it defined integer constants for no good reason.
• It logged information about failures as variable length strings, creating a possible timing side channel attack.
• Despite having a 96 bit nonce to work with (-1 bit to identify client->server and server->client), it used a 32 bit integer to represent the sequence number.
• And it “helpfully” used wrapping_add to increment the 32 sequence number! For those who don’t know much Rust and/or much cryptography: the golden rule of using ciphers like GCM is that you must never ever re-use the same nonce for the same key (otherwise you leak the XOR of the two messages). wrapping_add explicitly means when you get up to the maximum number (and remember, it’s only 32 bits, so there’s only about 4.3 billion numbers) it silently wraps back to 0. The secure implementation would be to explicitly fail if you go past the maximum size for the integer before attempting to encrypt / decrypt - and the smart choice would be to use at least 64 bits.
• It also rolled its own bespoke hash-based key extension function instead of using HKDF (which was available right there in the library, and callable with far less code than it generated).

To be fair, I didn’t really expect it to work well. Some kind of security auditor agent that does a pass over all the output might be able to find some of the issues, and pass it back to another agent to correct - which could make vibe coding more secure (to be proven).

But right now, I’d not put “vibe coded” output into production without someone going over it manually with a fine-toothed comb looking for security and stability issues.

• Measles estimated case-fatality rate: 1.3%
• Estimated US population: 346,715,067
• Measles deaths if everyone in the US got measles: 4,507,295
• Upper limit on estimated MMR vaccine caused anaphylaxis: 0.000066%
• Anaphylaxis case-fatality rate: 0.3%
• Estimated vaccine-caused fatality rate: 1.98 * 10^-7 %
• Estimate vaccine-caused fatalities avoided by not vaccinating US population: 0.69
• Net increase in fatalities from switching to measles natural immunity for everyone in the US: 4,507,294

So it would only be better if he wants an extra 4.5 million Americans to die.

Legally, he’s not even allowed to drive.

I think more like the SS advises the president not to drive for their own safety, and to leave it to experts.

Or as Trump probably sees it: The deep state is being insufficiently loyal and trying to tell him - the president - of all people - what to do. So he totally shouldn’t listen, and should drive if he wants to, and they should fall in line or be fired.

Years of carefully curated anti-intellectualism in every bit of media they consume, because facts didn’t suit the wealthy (smoking is bad for you, fossil fuels are destroying the planet, private prisons drive more recidivism are facts that get in the way of someone making lots of money). Those fighting facts that aren’t on their side have embraced a number of other groups with anti-intellectual elements (white supremecists / neo-nazis / anti-woke, religious, anti-vaxxers, natural health advocates) to create alliances of anti-intellectual thought.

This has driven increasing polarisation in the US; 49% of republicans approved of JFK as president, and 49% of democrats approved of Eisenhower. It went down over time - other party approval was 30% of Carter, 31% of Reagan. There was a break in the pattern (44% for Bush Senior), but back on track to 27% for Clinton, 23% for Bush, 13% for Obama, 7% for Trump (first round), and 6% for Biden. So in other words, Americans are so polarised that they’ll vote for whoever their side puts up, and for one side, being anti-intellectual is actually seen as a strength.

I think many of the people who started the anti-intellectualism ball rolling on purpose are wealthy neoliberals who believe in laissez-faire free trade as a fundamental value, and so there is a certain aspect of ‘leopards ate my face’ to this leading to the anti-intellectualism extending back to rejection of mainstream economics (even though the neoliberals’ preferred theory is notoriously flawed, Trump’s approach to pulling economic levers is wholesale rejection of all theory rather than replacing it with something less flawed).

Traditionally legal tender means that a person / entity has to accept it for the payment of a debt - i.e. they can’t refuse cash and say you didn’t pay them because you didn’t use some other method.

However, in many retail scenarios there is no debt - there is an exchange of payment for goods, and so the traditional common law legal tender rules do not prevent retailers from refusing that exchange (i.e. customer doesn’t get the goods, retailer doesn’t get the money, the transaction just never happens) on the grounds of payment methods.

Some places have additional laws on top of legal tender that might require retailers to accept cash.

The awkwardness here actually works in favour of abolishing tips and replacing them with the pay being factored into higher prices.

No one wants to be the sucker - human nature is that people are generous if they think everyone else is generous, but if they feel that others are not ‘pulling their weight’ on generosity and are instead taking advantage, that’s the fastest way to dry up other people’s generosity. Right-wing media use this fact to undermine support for social welfare - e.g. if 0.001% of welfare payments are fraudulently taken, they set editorial policy that makes it seem like beneficiaries are rorting the system instead of being truly needy.

But when it comes to tipping, the dynamic actually works the other way - people feel generous by tipping, even though it is harmful long term. If a few people ahead of someone in the line don’t tip, should they be the sucker who does tip? And for the employee, you want them to be the advocate on the inside for forcing people to pay their share instead of taking advantage - by having the displayed price be the total upfront price that includes the compensation for employees, instead of an optional tip.

There is a minimum amount of total money the employee could make before they’d go and work somewhere else instead. So if, hypothetically, everyone in a country where tipping is common even for non-exceptional service just stopped paying tips, hospitality employers would be forced to pay more to stay competitive with other non-customer-facing industries.

Of course, a drastic shock to the economy like that would probably cause a lot of upheaval, as some employers struggle to accept the new norm.

However, the same thing would work even if the change was slower - e.g. if 5% of people didn’t tip, and did it very obviously and vocally, and then the practice spread as it reached 10% and so on.

Obviously it sucks for the employees who get hit by the first few non-tippers, but over the long term it would be for the better for worker rights. So I could absolutely see it working.

That said, I say this from a country where tipping is not the norm (except maybe the occasional ‘keep the change’ for exceptional service), and the law and expectation is that the most prominent displayed price is the total price you pay - and people react very negatively towards businesses seen as trying to bring in American style tipping culture.

The FBI pressured Apple to create an encryption backdoor to bypass their security features

This was more like a hardware security device backdoor - the key was in a hardware security device, that would only release it after receiving the PIN (without too many wrong attempts). But the hardware accepts signed firmware from Apple - and the firmware decides the rules like when to release the key. So this was effectively a backdoor only for Apple, and the FBI wanted to use it.

Systems would create a public audit trail whenever a backdoor is used, allowing independent auditors to monitor and report misuse of backdoors.

This has limits. If there is a trusted central party who makes sure there is an audit log before allowing the backdoor (e.g. the vendor), they could be pressured to allow access without the audit log.

If it is a non-interactive protocol in a decentralised system, someone can create all the records to prove the audit logs have been created, use the backdoor, but then just delete the audit logs and never submit them to anyone else.

The only possibility without a trusted central party is an interactive protocol. This could work as: For a message (chat message, cryptocurrency transaction etc…) to be accepted by the other participants, they must submit a zero-knowledge proof that the transaction includes an escrow key divided into 12 parts (such that any 8 of 12 participants can combine their shares to decrypt the key), encrypted with the public keys of 12 enrolled ‘jury’ members - who would need to be selected based on something like the hash of all messages up to that point. The jury members would be secret in that the protocol could be designed so the jury keys are not publicly linked to specific users. The authority could decrypt data by broadcasting a signed audit log requesting decryption of certain data, and jury members would receive credits for submitting a share of the escrow key (encrypted so only the authority could read it) along with a zero-knowledge proof that it is a valid and non-duplicate escrow key. Of course, the person sending the message could jury shop by waiting until the next message will have the desired jury, and only sending it then. But only 8/12 jurors need to be honest. There is also a risk jurors would drop out and not care about credits, or be forced to collude with the authority.

Cryptographic Enforcement: Technical solutions could ensure that the master key is unusable if certain conditions—such as an invalid warrant or missing audit trail—are not met.

Without a trusted central party (or trusted hardware playing the same role), this seems like it would require something like Blackbox Obfuscation, which has been proven to be impossible. The best possibility would be an interactive protocol that would need enough people to collude to break it.

I have submitted a DEIA role report to DEIAtruth@opm.gov giving my feelings about how DEIA roles are useful, and I’d encourage everyone to do the same. To help ensure it gets read, pick a subject that makes it hard to tell if it is a report of a person vs your feelings.

I believe nothing in the podman rm family worked because the container was already gone - it was just the IP allocation that was left.

Maybe https://en.wikipedia.org/wiki/A_True_Story from the 2nd century - although even that is a parody of existing stories. So the origin dates back a long time!

Google released the stable version of Chrome, and funneled significant resources into marketing it. This was the first stage of their strategy - they focused on firstly making a good product, and the squeeze on users only came later (and is probably only just starting in the scheme of things).

The logic chain of the Netanyahu camp is: Keep Netanyahu out of jail -by-> Keeping him in power -by-> Creating a problem and showing he is solving it -by-> Stirring up regional instability and dragging the US into it -by-> Being belligerent and genociding as hard as possible.

Now for this to work, they need to maintain conflict while maintaining the support from the US. About 70% of the US identify as some form of Christian… and some significant percentage of them support Israel in their genocide because they believe it will bring the second coming of Jesus. But if the about 20% of Americans who identify as Catholic actually flip to being anti-genocide because their leader advocates for that, that is under threat - it potentially becomes close to a majority who are anti-genocide, and makes ongoing support from the US less likely.

changed as quickly as throttling gas turbines

Nuclear power plants aim to finely balance the reaction between delayed criticality - a very slow exponential increase in the level of radioactivity, and marginal sub-criticality - i.e. a very slow exponential decrease in the level of radioactivity.

To get faster exponential growth in power output than delayed criticality is physically possible - past delayed criticality is prompt criticality. However, fast exponential growth of radioactive output on time scales so short that machines cannot react is not something you ever want to happen in a civilian nuclear application; only nuclear weapons deliberately go into the prompt critical region, and an explicit aim of nuclear power plant design is to ensure the reaction never goes into the prompt critical region.

This means that slow exponential changes is the best the technology can do (and why plants need active cooling for a period of time even when shutting down - see Fukushima when their reactors were automatically shutting down due to the detection of an earthquake, but their cooling power infrastructure got flooded while they were decreasing their output).

I think the most promising future development will be more renewable capacity coupled with better long-distance transmission and batteries (ideally sodium when the tech is ready).

IANAL, and it will depend on jurisdiction. But generally transformative uses that are a completely different application, and don’t compete with the original are likely to be fair use. A one-line summary is probably more likely to promote the full book, not replace it. A multi-paragraph summary might replace the book if all the key messages are covered off.

They are not “compressing data.” Your analogy to making a video recording is not applicable. These AIs learn patterns from the training data. Themes, styles, vocabulary, and so forth. That stuff is not copyrightable.

A lossy compression algorithm for video is all about finding parameters 𝐖 to a function f that predicts a (time, row, col) vector (call that vector 𝐱) produce a (R, G, B) colour vector 𝐲̂ at 𝐱.

Encoding means you have some training data - a matrix of pixel colours at different points in time, 𝐘, and a corresponding matrix giving the time, row and column for each row in 𝐘, called 𝐗. The algorithm finds 𝐖 to minimise some loss function between 𝐘̂ = f(𝐗; 𝐖) and 𝐘. A serialised form of 𝐖 makes up the compressed video stream.

Decoding then is just an inference problem - given 𝐖, find 𝐘̂ = f(𝐗; 𝐖) for each 𝐗 (time, row, column) that you care about. The predicted colours are then displayed at the appropriate points on the screen.

This scheme tends to work well for interpolating - you can evaluate the pixel colour at any row or column within the intended limits that 𝐖 was trained on, even at subpixel locations that weren’t in the original data, and at times that are between the original frames. Extrapolating beyond those ranges is unlikely to work well. When given the exact input vectors it was trained on, it will produce outputs that are likely slightly different, but are close enough that the video as a whole is perceptually similar enough. The fact that interpolation works, however, tells us that the encoding is learning patterns from the training data, so it can produce - it’s not just recording the raw data.

Now, the interesting thing is that an LLM is effectively the same thing, with a couple of differences:

1. Instead of the domain of f being a (time, row, col) 3D space, the input vector is a multidimensional latent space.
2. Instead of being trained over a single work, it’s trained over lots of different works, and so when there are things in common between those works, compression allows it to be more efficient.

Just like how the lossily encoded video can’t reproduce the exact pixel colour at every point, a trained LLM usually can’t repeat word-for-word a piece of input data. But for many works that are included and mentioned a lot in the training data, there absolutely are points in the latent space where the parameters allow inference to reproduce the high-level characters and plot of the work, and to do it in a way that could serve as a substitute for the original work.

Now this does expose gaps in copyright laws (e.g. why should LLM weights be copyright when our brains do a similar thing, and can also reproduce the plot and themes of works?) - applying copyright laws today is extrapolating outside the range of what legislators even imagined was possible when they were created. And in many countries, the law is applied differently to the rich and powerful. But I think if a status quo interpretation of laws and precedent was applied as copyright law stands, it is very likely the outcome would be that LLM model weights are often derivative works.

Disclaimer: IANAL.

Copyright laws are illogical - but I don’t think your claim is as clear cut as you think.

Transforming data to a different format, even in a lossy fashion, is often treated as copyright infringement. Let’s say the Alice produces a film, and Bob goes to the cinema, records it with a camera, and then compresses it into an Ogg file with Vorbis audio encoding and Theora video encoding.

The final output of this process is a lossy compression of the input data - meaning that the video and audio is put through a transformation that means it’s represented in a completely different form to the original, and it is impossible to reconstruct a pixel perfect rendition of the original from the encoded data. The transformation includes things like analysing the motion between frames and creating a model to predict future frames.

However, copyright laws don’t require that an infringing copy be an exact reproduction - lossy compression is generally treated as infringing, as is taking key elements and re-telling the same thing in different words.

You mentioned Harry Potter below, and gave a paper mache example. Generally copyright laws have restricted scope, and if the source paper was an authorised copy, that is the reason that wouldn’t be infringing in most jurisdictions. However, let me do an experiment. I’ll prompt ChatGPT-4o-mini with the following prompt: “You are J K Rowling. Create a three paragraph summary of the entire book “Harry Potter and the Philosopher’s Stone”. Include all the original plot points and use the original character names. Ensure what you create is usable as a substitute to reading the book, and is a succinct but entertaining highly abridged version of the book”. I’ve reviewed the output (I won’t post it here since I think it would be copyright infringing, and also given the author’s transphobic stances don’t want to promote her universe) - and can say for sure that it is able to accurately reproduce the major plot points and character names, while being insufficiently transformative (in the sense that both the original and the text generated by the model are literary works, and the output could be a substitute for reading the book).

So yes, the model (including its weights) is a highly compressed form of the input (admittedly far more so than the Ogg Vorbis/Theora example), and it can infer (i.e. decode to) outputs that contain copyrighted elements.

Yep, it happens even in populations where everyone explicitly condemns racism.

The way it happens is everyone has a baseline of what they’d consider fair treatment. They’ll condemn people as racist if they treat someone below that baseline of fairness - that is the most egregious form of racism. However, they’ll also do favours for people (i.e. treat them above the baseline) if they are perceived to be like them, while treating everyone dissimilar at the baseline - i.e. favours for pepole like them, and fairness for everyone else. While that means no one can point to an individual case where someone was obviously treated unfairly, statistically it means that the minorities get treated worse.

Time Keeps on Slippin’?

I think her continuing as the antisemitism envoy is untenable now. Conflating protest against a genocide targeting a semitic people with antisemitism just provides cover for actual antisemitism.

The rallies show that Australians are generally anti-genocide. The group “Jewish Australians for a Ceasefire in Gaza” has gathered over 900 signatures from Jewish Australians opposed to the genocide - and those are just the ones who signed the petition (it’s generally hard to get people to sign a petition, and only a relatively small percentage of Australians are Jewish, so that is a massive number).

Jillian Segal’s absurd position is effectively that most Australians, including Jewish Australians, are antisemitic because they are anti-genocide. Human behaviour is to copy behaviours when they see prevalence signals indicating it is common; if far-right extremists believe that the majority is antisemitic, they’ll feel empowered to be antisemitic, and it will lead to an uptick in actual antisemitism. And when they are called out for it, people are likely to tune out because they have heard the term being used for benign behaviour like being anti-genocide. In fact, part of the job of Antisemitism Envoy should be to use their voice to actively counteract the misuse of the term antisemitism, so it retains its power.

And freedom of expression, including through protest is a long-standing Australian value that is shared by most Australian.

All this places her far below the standard for a government role, and I think it’s time to appoint someone who will stand up against real antisemitism and act against the dilution of the term.