HackerTrans
TopNewTrendsCommentsPastAskShowJobs

brutusurp

no profile record

comments

brutusurp
·3 anni fa·discuss
Quite sure I reported this JS vulnerability to Google in of December 2022. I also detailed it in a report to SEC. And I kept reporting the issue to Google teams, to which they responded for me to "check their privacy and security docs." See also https://news.ycombinator.com/threads?id=burna_aws_acct, where I commented about it on HackerNews.

But yea, give credit to Clement Lecigne of Google's Threat Analysis Group (TAG), Google's own team. This isn't the first time they've done this either.

Just lost even more respect for that entire operation at Google. So whack.

Off to make another HN account, since I just burned this one...
brutusurp
·3 anni fa·discuss
Pretty sure this is not a new thing (e.g., https://www.pcgamer.com/war-thunder-fan-says-tank-is-inaccur...)
brutusurp
·3 anni fa·discuss
Love to see it.
brutusurp
·3 anni fa·discuss
"I've worked with some of the leading AI practitioners and thought leaders to create a framework that outlines a new regulatory regime that would prevent potentially catastrophic damage to our country while simultaneously making sure the US advances and leads in this transformative technology."

Who are the leading AI practitioners and thought leaders?

'Finally, for the protect part, developers would have to demonstrate their AI systems are aligned with American values and that "AI developers deliver on their promise to create a better world."'

How are "American values" defined? IMO, it is especially important to have a clear understanding of what American values are moving forward, as grey area leads to interpretation "loopholes" in the audit, test, and review phases.

The article also mentions NTIA issuing a formal request for comment on "AI Accountability Policy"[1]. Deadline is 12 June 2023.

[1]https://ntia.gov/issues/artificial-intelligence/request-for-...
brutusurp
·3 anni fa·discuss
I'll just use Signal.
brutusurp
·3 anni fa·discuss
Wow. The zero glyphs are superb. The differentiation in shape between "O", "o" and "0" increase readability. The ligatures, while expressive, are intuitive and not over the top. Satisfying simplicity and style.

I didn't need to spend $75 on a typeface, until now.
brutusurp
·3 anni fa·discuss
Just tested it out. The Kandinsky 2.1 model does render high-quality images accurate to input prompt. Each iteration of a prompt produces more robust interpretation; exciting. Still working through the relationship between the positive and negative prompts.

There is a bit of a gap in understanding metaphor and reverse polarity. For instance if I include in the prompt "move away from negativity" Kandinsky produces images of sad faces (e.g., mouth curved down, downward-focused eyes). However I expected there to be an inferred "towards positivity" interpretation (e.g., eyes closed/looking forward or upward, and mouth relaxed/smiling). Trying to see how much this outcome can be achieved leveraging the negative prompt field.

Overall I'm happy with the results and will continue to use it. Thanks for sharing!
brutusurp
·3 anni fa·discuss
Lots of errors in this article. Was it AI-generated?
brutusurp
·3 anni fa·discuss
IMO this is to drive adoption. Without customers using your product, it doesn't how much anything costs; there's no revenue. Give it away, increase usership, get feedback, improve performance, and then put a price tag on it. Per usual, Amazon is tardy to the party, and must now compete against an established Copilot product (and GPT).
brutusurp
·3 anni fa·discuss
Exactly this.
brutusurp
·3 anni fa·discuss
Brave has had this "new feature" as a default setting (i.e., block cross-site cookies). Glad Firefox has finally implemented a basic privacy feature such as this, though like you mention perhaps it's a little late.

As far as fingerprinting issue, Brave again does a better job than most, again as a default:

"If you need to use Chromium, then Brave browser is a good choice. It also randomizes fingerprint for each session, making it harder to link your browsing sessions."[1]

[1]https://www.bitestring.com/posts/2023-03-19-web-fingerprinti...

Makes me wonder how much of this is real improvement vs. publicity.
brutusurp
·3 anni fa·discuss
Seriously. Perhaps this article written from a multi-verse perspective, one in which the author lives in a version of the world that didn't experience one of the greatest wealth grabs of all time by C-suite and the like (their reward for repeated execution of poor and ill-timed investments, of course).

Since when is freelance "stable"? Since when is any job "stable"? It's a job, one we have to do because capitalism and healthcare. That's not stability; it's coercion.
brutusurp
·3 anni fa·discuss
Apparently the new Amazon delivery trend is "empty box" according to Reddit [1][2][3][4][5].

[1]https://www.reddit.com/r/amazonprime/comments/11uqmn4/ordere...

[2]https://www.reddit.com/r/amazonprime/comments/11eixo2/got_em...

[3]https://www.reddit.com/r/amazonprime/comments/12fzsb4/i_rece...

[4]https://www.reddit.com/r/amazonprime/search/?q=empty&restric...

[5]https://www.reddit.com/r/amazonprime/search/?q=delivery+&res...
brutusurp
·3 anni fa·discuss
Linking the conversation on the Huggingface-AWS partnership, which preemptively calls out Amazon for taking credit for the accomplishments of HuggingFace: https://news.ycombinator.com/item?id=34885117.
brutusurp
·3 anni fa·discuss
So, Proxmark3: https://www.amazon.com/s?k=proxmark3+rdv4&crid=8NFHBEDKSLEF&...?
brutusurp
·3 anni fa·discuss
Agree. Will Amazon stop carrying Raspberry Pi's and Arduino's too?
brutusurp
·3 anni fa·discuss
Not exactly human trafficking, however there's the "Amazon-owned Whole Foods got caught using child labor" scandal that was recently exposed[1].

[1] https://www.nytimes.com/2023/02/25/us/unaccompanied-migrant-...
brutusurp
·3 anni fa·discuss
It's really bad. We probably want to not have monopolies like Amazon moving forward. So much so that we could probably pass laws to prevent it. Just in case we forget.
brutusurp
·3 anni fa·discuss
It's well known, at least internally, that there are "data isolates" throughout AWS. Like some have said, it does preserve privacy. It also is hard to figure out what do with it after time. Do you hold? Do you delete? Is delete soft or hard? Is delete based on metadata? If yes, do you share the metadata that was used in the delete vs. no-delete decision? It's a hard problem. So, "data isolates" it is.
brutusurp
·3 anni fa·discuss
Welcome to the "mic drop" portion of the comment stream.