HackerTrans
TopNewTrendsCommentsPastAskShowJobs

cferry

no profile record

comments

cferry
·24 giorni fa·discuss
"Cher compatriote, voici, rédigé avec mes clavier et mulot, mon programme de l'an 2000 que j'ai après la dissolution..."
cferry
·mese scorso·discuss
Get ready to hear something along the lines of "Rules for thee but not for me"...
cferry
·2 mesi fa·discuss
My belief is that the AI business is all about data collection. The value isn't so much in the quality of the models (that's what enterprise customers and developers pay to get), but in the amount of data that comes "for free" to whoever hosts the models. And then it's worth whoever buys it thinks it is, like insurers or advertisers.
cferry
·3 mesi fa·discuss
I make the analogy with a company, because on that front, ownership seems to matter a lot in the Western world. It's like it had to have unfaithful management appointed by another company they're a customer of, as a condition to use their products. Worse, said provider is also a provider for every other business, and their products are not interoperable. How long before courts jump in to prevent this and give back control to the business owner?
cferry
·3 mesi fa·discuss
A little bit of imagination, and we end up with hardware-backed attestation required to contribute source code, that certifies the author isn't an AI!
cferry
·4 mesi fa·discuss
I believe the solution to this kind of problems is that enough legislators (thinking of USA, EU) make it illegal to require a certain implementation of a software client to use an online service, whether this restriction is built into the communications protocol or checked through a side channel. Then the owner of the client device decides which implementation they'd like to use - so corporations can keep requiring the proprietary "official" one on their own corporate devices, but customers / end users who own their devices get to choose. Like, basic rights that come with ownership.

This would essentially take us back to what online services were 20 years ago, by outlawing a business model that relies on providers controlling stuff on users' devices. What's on the server is the company's business, what's on the client is the user's, and the boundary is clear. On the one hand, services that would persist would likely no longer have free tiers (which would essentially mean free lunch for customers); since it's a commercial service run by a company that has costs, it's just normal to pay for it as a user, there's no free beer anywhere. On the other hand, by paying for something, you'd get that thing and nothing else, as there's always going to be a client that doesn't leak data not necessary for the service to perform whatever you paid for, or impose arbitrary restrictions on its use. If any, these need to be server-side.
cferry
·5 mesi fa·discuss
Historically, these have been issued by "consumer credit" specialized banks like Sofinco; and retail chains ("carte Aurore"); traditional banks would seldom advertise them, if offered at all.

Things have been changing a bit in recent years. Since the "debit" and "credit" nature of the card is now written on them, French folks have started to request "credit" ones for travelling (to rent a car for instance).

My understanding is that for car rental purposes, anything using Visa/MC (and not a national debit network like Visa Debit in the US) will work, it doesn't actually need to be backed by a revolving credit. At a US gas pump, a Frenchie needs to select "credit" even though the card has "debit" written on it. Still, should the clerk refuse the card because it reads "debit" without running it... better have this "credit"-labeled one.
cferry
·5 mesi fa·discuss
The "they" is any corporation that has an interest in the user not controlling their system, and whom this technology caters to. This sea has plenty of fish already. Streaming services serving Hollywood content, banks, dating apps...

Lastly I even faced another one. Something as simple as a gym token wants GMS, attestation and GPS positioning because it treats its users as liars prima facie. That's the new norm this attestation enables. No conspiracy needed, simple business interest and greed to juice "customers" to the last penny drives you there.
cferry
·5 mesi fa·discuss
Exactly. It's beyond me that people have to fight to use what they own as they please, or even are asked to justify themselves...
cferry
·5 mesi fa·discuss
> any IP in a /64 is the same as a single IP in a /32 in IPv4

This is very commonly true but sadly not 100%. I am suffering from a shared /64 on which a VPS is, and where other folks have sent out spam - so no more SMTP for me.
cferry
·5 mesi fa·discuss
That's the thing. I can only provide a piece of software with the guarantee it can run on my OS. It can trust my kernel to let it run, but shouldn't expect anything more. The editor is free to run code it wants to guarantee the integrity of on its own infrastructure; but whatever reaches my machine _may_ at best run as the editor intends.
cferry
·5 mesi fa·discuss
Whoever uses this seeks to ensure a certain kind of behavior on a machine they typically don't own (in the legal sense of it). So of course you can make it optional. But then software that depends on it, like your banking Electron app or your Steam game, will refuse to run... so as the user, you don't really have a choice.

I would love to use that technology to do reverse attestation, and require the server that handles my personal data to behave a certain way, like obeying the privacy policy terms of the EULA and not using my data to train LLMs if I so opted out. Something tells me that's not going to happen...
cferry
·5 mesi fa·discuss
Please don't bring attestation to common Linux distributions. This technology, by essence, moves trust to a third party distinct of the user. I don't see how it can be useful in any way to end users like most of us here. Its use by corporations has already caused too much damage and exclusion in the mobile landscape, and I don't want folks like us becoming pariahs in our own world, just because we want machines we bought to be ours...
cferry
·8 mesi fa·discuss
You will be able to do this kind of filtering only on systems where you'll be allowed to run arbitrary code. This capability will be exclusive from running mainstream apps, because of device attestation.
cferry
·9 mesi fa·discuss
The 10-year-old me is still trying to understand why altering the lyrics of his song, in the metadata of a WMA file, does not change what's heard on the record... Byrne has to be a landmark in the personal history of many of us with computers.