Is there a reason this has to happen client side with extra pre-flight requests? Taking your example, why couldn't Facebook's server just check the origin header and then reject all request from unapproved origins server side instead?
A revocation list can often be lazily replicated and doesn't require the complexity of distributed synchronization.
If you store sessions then you need to ensure the session has been replicated to every node before you can return it to the user. For revocation lists it is often acceptable that the token is still valid for a short while at some nodes while it is being replicated.
A revocation list is also not considered highly sensitive data, which would be another complexity layer when working with distributed data.
So I just wasted my time reading through this garbage and I can't find anything that debunks what you claimed it does? The whole thing boils down to Israel fired a lot of ammunition, therefore it was actually Israel killing all the civilians.
On top of that, the whole article is mainly sourcing from "The Electronic Intifada", which definitely seems like the most objective source for objective truth on Oct 7th.
The amount of steering necessary is rapidly decreasing. You're looking at a way too small timeline if you think this will be sustainable, or you're hoping that LLMs will hit their peak very soon.
I guess it's up to interpretation, but I read it the complete opposite way, as in Linux distributions should not think so highly of themselves as to expect OpenBSD to conform and adapt to their mess, and OpenBSD rightfully should not be expected to "give a flying Fedora about Linux".
The standard itself being open is irrelevant. I'm not sure why this is always brought up for attestation standards. It is fundamentally impossible to trust the signature from open-source software or hardware, so a signature from open-source software is essentially the same as no signature.
So now, if we were to start marking all images that do not have a signature as "dangerous", you would have effectively created an enforcement mechanism in which the whole pipeline, from taking a photo to editing to publishing, can only be done with proprietary software and hardware.
This is not an easy fix. Charge backs will lead to life-time permanent bans. Which means you're now forced to buy an iPhone in order to pass store attestation for essential applications like banking apps, government ID, age verification, etc.
That's irrelevant, a blocked account justified or not should not prevent you from canceling your subscription. It should in fact automatically cancel any subscription upon account suspension.
My experience with actually trying this is that current LLMs benefit greatly from having a framework to build on.
More code in the context window doesn't just increase the cost, it also degrades the overall performance of the LLM. It will start making more mistakes, cause more bugs, add more unnecessary abstractions, and write less efficient code overall.
You'll end up having to spend a significant amount of time guiding the AI to write a good framework to build on top of, and at that point you would have been better off picking an existing framework that was included in the training set.
Maybe future LLMs will do better here, but I wouldn't recommend doing this for anything larger than a landing page with current models.
You wouldn't even have to be a high profile target like a sanctioned judge. Simply getting your account banned by some automated process that marked you as "suspicious" will basically render you excluded from society.
It is absolutely insane to put this amount of power in 2 foreign companies that will be able to destroy your life with zero reason, oversight, or due process.
> It takes five minutes to explain how an idea could open up a new market segment. It takes two seconds to say "that sounds risky." But in a meeting, the two feel equivalent.
In what world do these sound equivalent? Simply saying that something “sounds risky” is not serious criticism and wouldn’t hold any weight at any place I’ve ever worked at. You would have to actually explain why it sounds risky and point to something tangible.
Most common use cases are social media, messaging (WhatsApp, Messanger, Telegram, no one is using SMS anymore), ID apps, payment and banking apps.
You could skip social media, but without the others you would basically have to carry around a second phone or be severely handicapped just trying to live a normal life.
Beside all of that, the idea that a $1000 iPhone is usable without an account because you can SMS and check emails is laughable disingenuous.