@thomasfuchs Definitely not a fad, but it’s been massively oversold as a tool. Cost continues to be a principal issue. When the cost is roughly equivalent to a human worker in many seemingly-compelling use cases, businesses will stick with the people.
It doesn’t look like this cost will meaningfully change in the near future either, considering the limiting input is the fully-matured cloud compute market.
@thomasfuchs So they’ve had an official partnership with OpenAI for a few weeks & still don’t have visibility into the content that’s already been consumed by their partner? That doesn’t indicate the necessary oversight or compliance monitoring required for this large of an effort
@jsrailton I’d have preferred a larger fine given the conduct occurred over the course of more than 5 years, but I can understand why the FTC didn’t throw the book.
BetterHelp agreed to two decades of compliance restrictions and monitoring, which will either prevent reoccurrence or create indisputable liability for breaching it. The agreement is likely to be used as a baseline for other market participants without needing to pass new regulations, which is extremely valuable.
@thomasfuchs “But they’re disrupting classes, exams and graduation!”
As someone who had their last semester upended by 2020’s events and couldn’t walk due to a positive test, it certainly sucks. It’s also not students that are complaining loudly about it. Instead it’s a bunch of wrinkled misanthropes living in a fanciful misrecollection of their youth
@ClimateChris Do you have timestamps for these two captures? That’s a substantial loss of land for what’s at most a decade or two based on the image resolution of the first shot
@thomasfuchs “Website?! That’s how THEY track you to know who has supplies and who’s prepared!
I got Frank from MilitaryRUs to stock me up with MREs and canned food and just about bought all the .305 ammo this side of the county line. It’s a bit too late for you my friend..”
During the 2013-2018 boom when tech workers as a class had maximum leverage, used some of the energy organizing broad tech unions and guilds instead of negotiating for fuck-you money and pulling up the ladder by telling other trades to “learn 2 code noobs”
craft broadly populist multi-union legislation to raise taxes for “infra and natsec basic income fund”, for a living stipend to infra workers: railroad, steelworkers, electricians, OSS maintainers
@analogist What’s most missing is a non-profit to pick these projects up that is funded by what’s essentially a rounding error at big tech’s scale. There are countless libraries that are maintained by a handful of volunteers that are foundational, and at some point that value can either be recognized or allowed to wilt on the vine.
It doesn’t take a lot of resources to maintain most of these projects, but there needs to be an organization that can step in when needed
I’m so glad Apple is really vetting the App Store for quality software.
This is the app for my Bluetooth power meter. It’s half in Chinese. Some buttons don’t do anything at all. There’s dialog boxes that don’t say anything.
The app is called “e_test” and doesn’t have any English description in the App Store.
@thomasfuchs Apple has allowed some wild stuff on their App Store. Used to have a “hidden vault” app with a strange feature to “recover images”. Come to realize during the Pegasus fallout that the feature was almost certainly a sandbox escape…
The app is long gone but the bug it used went unpatched for years prior (and may very well still work)
@thomasfuchs Sampling bias is b**ch. Evangelists and/or profiteers make a lot of noise, but hardly any skeptics are going to take the time to scream into the void (and even fewer will be algorithmically-promoted). In itself, the format of most social media platforms disincentivizes nuance and constructive critique.
At best, a “like” is the most thought people give to posts they agree with before they get distracted again
I don't think most people on the fediverse appreciate how much of things like the GDPR depend on contracts and documentation.
I also don't think most people on the fediverse appreciate how "it's hard to make this meet some bare minimum standards for data privacy" is not an excuse for not doing it.
"Own your data" is the byline that mastodon likes, but it really isn't true, and a lot of for-profit companies do better than the fediverse does in this regard.
@hrefna Do you think that there’s a mechanism to change this ethos that isn’t predicated on financial obligations? GDPR has succeeded in part because it aligned profit incentives with consumer protection practices, but that model doesn’t necessarily map to volunteer-run community projects that often have no assets or legal entity to shield contributors.
Algorithmic feed where a company chooses the algorithm and objective function
And we pretend that "Share of time is a perfect metric for happiness," then this might make sense.
But... time spent isn't a perfect metric for happiness, and there is another option: 3) Algorithmic feed where the user has more control of the algorithm and objective function.
@mekkaokereke How do you suggest measuring those alternative metrics? It’s certainly an interesting concept for FOSS, but these recommendation models improve with the number of data points.
While we're talking about affirmative action, legacy admissions, and college athletic scholarships, here's something that most US folks won't agree with (yet), but that is the only thing that makes sense:
College sports athletic scholarships should be abolished. All of them.
They do much more harm than good. They don't make college accessible for poorest athletes. They make it less accessible.
A scholarship is only worth ~$40K a year of tuition. But it prevents you from earning over $100K?
@mekkaokereke There’s certainly something to be said for moving to a purely needs-based scholarship program, but how large is the population of kids that could pull in $100k? NI&L dollars already overwhelmingly go to that small pool.
No doubt there are men’s football and basketball programs that bring in revenue comparable to professional teams and can absolutely pay their players. How do we handle those ~75 programs in an ocean of programs with comparatively shoestring budgets?
i hate shopping at kroger because their self-checkout stations never have scales that work and so it thinks you’re stealing and in order to scare you it plays back a video of you from above so you’ll stop stealing but i am not so i just get sad because it shows that on the top of your head you are balding and you’re self-conscious and you’re not a thief you are just 30 and you shouldn’t be balding this soon oh why oh why must it be so
@molly0xfff Crypto buzz once again eclipsing a legitimately interesting idea, that being the creation of a market to “bet” on real life events. www.Kalshi.com is the project I’m most familiar with, but they all have interesting impact to economics research.
They essentially take the same dynamics that are used to evaluate risk in financial products and expand it to any observer-verifiable prediction you can think of. People are stupid individually, but the mean is typically freaky accurate.
I hinted at this piece earlier this week, in a rant about the relatively few evil code wizards who are really good at making malware look harmless to security software, and why it makes sense to look at them more closely.
Why Malware Crypting Services Deserve More Scrutiny
If you operate a cybercrime business that relies on disseminating malicious software, you probably also spend a good deal of time trying to disguise or “crypt” your malware so that it appears benign to antivirus and security products. In fact, the process of “crypting” malware is sufficiently complex and time-consuming that most serious cybercrooks will outsource this critical function to a handful of trusted third parties. This story explores the history and identity behind Cryptor[.]biz, a long-running crypting service that is trusted by some of the biggest names in cybercrime.
@briankrebs Really interesting read Brian. Opsec is only as good as it’s weakest link and it seems like you found several potential slip-ups. Makes me wonder whether LE will (or already do) view the site as a potential honeypot target. Did you notice any indications of a dead-man canary/switch that would tip off customers or co-conspirators?
@GossiTheDog If a TA already has desktop access, what’s to stop them from using optical or audio to exfil? A web-app could easily be used to transcode files or texts into a serial bitstream, with the only logged activity being the site visit.
At the end of the day, they could always just write stuff down or take screenshots so there’s certainly a ceiling to how secure an RDP connection is
