My biggest problem with AI safety is that, simply, the problem they envisage doesn't exist yet (generally, at a minimum, relying on the existence of "AGI"). Hence discussions about it have to make a huge amount of assumptions about a whole range of aspects of what the AI threat will be - what the AI will be capable of, what it's impact will be - before getting on to what possible solutions might be relevant to preventing it. But given the first two are so undefined, the later is pure speculation - one that is difficult to criticise directly, because any specific critisms can usually be easy deflected by adjusting any of the above assumptions without making a substantial change to the "inevitable" conclusion.
That's why it feels like an apocalypse cult to me - it's a conclusion, that has little strong evidence today, stacked on top of a constantly shifting set of assumptions, allowing adherents to avoid backing their arguments with evidence.
As are geologists who do “proper geology” research that aids the identification of underground oil wells. Yet it’s still relevant to point out where their funding comes from when it’s an oil company.
I’m pretty sure that’s fully accurate. Filippo mentioned one of his backers is the Interchain Foundation [1], and several others of his backers are at the very least cryptocurrency/web3 adjacent. Note, the GP didn’t say that Filippo is working directly on cryptocurrency - but that the funding is likely (at least in part) coming from cryptocurrency profits.
So, I have recently returned to Python development after several years out. In my first project [1], I was building on an existing library that was already using Poetry - so obviously I went with that for my work. Although it was a bit of a learning curve, I quickly got accustomed to it, but still wondered why it had come about given my recollections of the other tools (virtualenv et al.) being “good enough”.
Then, more recently, I had to run a different project that lacked any documentation as to how I was to run it, had a setup.py file, a Pipfile, and more in it. In trying to get this to run, I managed to make a real pigs ear such that (no doubt thanks to my lack of experience with those tools) I eventually had to delete all my virtual environments, as none of them worked anymore…
So yes, I am 100% in the “one tool to rule them all” camp these days - and although PDM does look promising, right now it isn’t offering me anything above Poetry that I care that strongly about.
As far as I know, it’s only believed that the attackers have the encrypted vaults of LastPass users.
However, that does mean they can attempt to “brute force” the encryption, trying any number of passwords as often as they like - and it seems some earlier versions of LastPass used rather poor choices with that cryptography, meaning the amount of effort needed to make an attempt is lower than other similar services (plus some users may have rather poor master passwords, making them easier to guess).
But there’s also a difference between “secure” and “confidential”.
Many definitions of security include integrity and availability as a properties to protect - and storing data in multiple locations can definitely help protect both of those.
I understand your opinion about affiliate links - but I use several review websites that use such links for all products they review, and have both positive and negative reviews for products. So I wouldn’t say it necessarily follows that affiliate links = biased reviews.
King of Tokyo (and it’s sequel, King of New York) were rather popular gateway/filler games (i.e., getting people into board gaming or as a quick game before/between/after a big game) for a while. Nothing comparable to the success of Magic though.
Citation? The best I could find with a quick Google was her NYT opinion piece [1], which pretty clearly couched her statements about Delta possibly being the last surge in hospitalisations and deaths in the US as a potential scenario and not a certainty.
Whilst I agree that she (and most other science reporters!) use simplistic models for immune system responses (possibly more for her readers), I’m yet to come across anything she’s written that has been very clearly wrong or she hasn’t later corrected/clarified.
That definitely wasn’t true when I developed my watch face (https://github.com/kelnage/digital-simplicity) - the Garmin IDE compiled it down to a single IQ file which can then be transferred directly to the device via USB.
Of course if you want to distribute it via their App Store you have to apply (it was free when I did it), and the way changing settings used to work (through a convoluted path on the connected mobile device and via the store) it was often best to do that. But you could also use the settings file software Garmin included in their IDE to do it (or now do it directly on the device).
I believe FB is being purposely disingenuous with its statement there - using the language of user privacy and security to protect itself from third-party academic research.
The authorisation it talks about here is not the users - it’s their authorisation. The privacy concerns are the advertisers (yes, really - they claimed at one point some adverts include names and contact details for the advertiser, and hence constitute private information). That’s why they say “people’s privacy” without explicitly identifying the people they are protecting.
In one of the of the organisations I mentioned, they had a strict policy against using any GPL dependencies, let alone the AGPL. I tried discussing this with the legal policy person but they were quite resolute - they feared it’s use could “infect” our code and therefore must be avoided.
I frankly doubt there’s any sort of cost-benefit analysis being done here. Certainly in my experience it was much more driven by legal uncertainty and risk-aversion.
Elastic, like others at the time, have used open source to their advantage - to start. The obvious one is that it is built around the Apache Lucene, and I have no doubt that this is one of the reasons ES ended up being initially released under the Apache license.
Secondly, being released under a permissive open source license definitely helped with its adoption. I was working as a senior developer in a UK Government department in 2013 and we had need for a full-text search engine for a project - and even before v1, ES was a contender, and it was eventually selected once v1 was released. This was largely due to a) ease of set-up/use and b) it’s release under an open source license. If it had been under AGPL, would we have still used it? Yes, probably - our specific use case wouldn’t have been affected by such a license, and the dept. was relatively open to more complex OSS licenses - but I have worked for several other orgs. where even just the AGPL would have resulted in a hard “no”.
Thirdly, ES has had contributions from a wide range of people. I honestly don’t know how I’d even begin to evaluate how much value ES has got from community contributions, but I feel it’s likely to be greater than the costs of managing those contributions.
But of course eventually Elastic got funding and had shareholders to placate. I don’t really have much sympathy for them about this conflict - their early choices were in part clearly made to maximise their value, and they decided to cash in on that value at a later date - the fact that those decisions had implications for their value should have been somewhat obvious to any investor who did any due diligence. I’m still not entirely convinced that the open source model is antithetical to commercialisation, but I think it does highlight how early decisions around OSS licensing can affect such processes.
Perhaps they’ve learned from a recent US administration that “National Security” is a very broad brush, which is hard to contradict, and thus is an easy card to play when you don’t want to reveal your actual motives! [1]