HackerLangs
TopNewTrendsCommentsPastAskShowJobs

dspillett

15,074 karmajoined 16 anni fa
email: [email protected]

If you disagree or otherwise think I'm wrong, please reply. I'm always willing to be educated, or to explain myself further if I was unclear before.

If I'm right and this annoys you, downvote without reply and I'll understand.

comments

dspillett
·l’altro ieri·discuss
Derivative works I understand. That would include transforming the content for some/all viewers. Making it mobile-friendly or otherwise reformatting for display, for instance, or adding affordances for accessibility, or for long content adding a generated summary.

Irrevocable and right-to-sublicense are the red flags for me. Nothing a company sells to us is irrevocable, but everything they take from us is expected to be.
dspillett
·l’altro ieri·discuss
TBH, I like that the word “exploit” is in there. It feels more honest and if it were not present!
dspillett
·l’altro ieri·discuss
This is more-or-less standard boilerplate from _long_ before the current AI training even existed. It basically means “we can do anything we like with it, now and at any time in the future, including selling it and passing these rights on to anyone else we chose, but don't take ownership so we can't be held responsible for it”.

Officially it means they can legally do wat you want them to do (present the content to users, perhaps transforming it in various ways for some or all viewers), but of course it covers them being able to do far more than that.
dspillett
·l’altro ieri·discuss
Video content, particularly on youtube, gets very little traction here generally.

I watch his videos, but not from links here and that is probably what you are seeing: those of us who might follow your link have already seen the video (likely via grayjay rather than youtube) and will skip over it to the next interesting new thing. People who don't already watch him will see “[video] (youtube.com), 1 point, discuss” and think “oh, another video that could be a few paragraphs of text which would be much faster to read than watch, that so far no one else has seen as worth interacting with, preceded by two unskippable adverts”.

A link to youtube is only going to get much attention if it is lucky to have a title that jumps out to a few people so it gains the first few votes and/or comments that get the ball rolling. Even then Louis' videos aren't going to get a hot debate going: most people either entirely agree so don't see the point commenting further, or they aren't the sort of people who are reading HN at all or are but don't follow video links.
dspillett
·l’altro ieri·discuss
If this is just counting the kernel, than Linux is probably a bigger target both i terms of current code size and the amount of churn in the codebase as things change over time. Some of the LPEs might (I've not checked) be in modules that are not commonly loaded, which mitigates their overall significance somewhat.

In the less likely even that this is counting what laymen would call Linux or BSD, i.e. both the kernel and common libraries & tools, then Linux definitely has a wider attack surface. Though some of that surface is shared as some userland parts are common to both.

As with your assessment, I'd agree that these flat numbers without looking for further context don't really give enough for a one-is-more-or-less-secure statement.
dspillett
·3 giorni fa·discuss
> It makes me wonder if literate people can regress to illiterate,

Under normal circumstances for a healthy human, I'd say no, at least directly. Not a scientific analysis of course, but I don't feel reading ability in a language that you use regularly is going to degrade that significantly. A very similar problem might come about through a drop in attention span which is definitely an issue for many these days, but I wouldn't count this as a literacy problem: the written letters/words/sentences/… are not the issue and other things are going to be equally impacted.

For a second+ language, especially if you never got to a particularly fluent state, this is probably quite different - for anecdata I did pretty well at Spanish GCSE then never spoke a word the 32 years before starting to relearn last year. But again I would not really call this a general literacy problem.

One place where you do see literacy fall precipitously is due to mental degradation due to common complications of old age, if you have relatives with dementia you will have seen this first hand. While literacy is only part of a massive problem here, reading and writing abilities are things that fall away relatively quickly for many (presumably due to them being relatively complex operations, and needing conscious concentration rather than being autonomic life-preserving functions).
dspillett
·3 giorni fa·discuss
Or with some tweaks to the font code they could see a different URL…

This could be used for good (diverting bots away from where you don't want them) or evil (different destinations for user and other readers of the page could be used to trick people going to undesirable locations, because the apparent URL checks out find according to automated scanners).
dspillett
·3 giorni fa·discuss
Because of lax security in commercial routers, this backdoor being a prime example of what I'm concerned about, I'd have my own shitty box as a firewall between them and my other kit anyway, so there isn't an efficiency saving either way. It is just a choice of where the walls are, and therefor where my shitty box(es) is/are, not whether my shitty box exists or not.

Currently my primary shitty box router does everything wrt external connectivity and a bought AP/router sits inside offering WiFi. I'd like to remove that AP completely with a WiFi adaptor controlled by my shitty box, but I've not got around to that as it would mean learning to configure a mesh (and so at least one more of my own shitty boxes!) to get good coverage everywhere (I only have a small place, but there are still a couple of blind-ish spots depending on where I put the primary AP). Not trusting a bought router/AP to not have back doors like this raises the question: if they are going to add backdoors for direct outside connections, what is to stop the firmware instead/also trying to tunnel out and letting unwanted connections in that way? (other than this having less “plausible deniability” once discovered)
dspillett
·8 giorni fa·discuss
Some time ago, yes. For 128 and there-about & below, not 192+ hence I'm less certain about that (but I'm pretty sure I wouldn't be able to tell the difference).

Not recently, so it is possible that improvements in encoding methods, and changes in my ears, could mean that I'd get a different result now.
dspillett
·8 giorni fa·discuss
> Understand the physical limits of human senses and perceptions to help inoculate yourself against outright scams and grifts

Also understand that while there is an upper limit, we are all different within that. I can hear the difference between 128Kbps and FLAC, at least for some content, but not 256Kbps, maybe not 192. For some content (spoken word etc.), 64Kbps, sometimes less, is perfectly acceptable (to me). There was a time I could hear the difference between some encoders, but that was decades ago and anything in active use is pretty damn good (and my ears are not what they used to be) unless you really crank the bitrate down or tweak other options daftly.
dspillett
·8 giorni fa·discuss
If they are simply filtering out based on signs of AI, then there is no lie.

If they are explicitly asking “was AI used” then yes, there is a direct lie involved.

If there is no explicit question but you are including “lies by omission”, then be aware that there are many things people choose not to say that they would be unfairly judged for if they did state (gender details, certain parts of their history, etc) so that might not be a line we want to draw.

I'm not exactly pro-AI, in fact I'm avoiding it in DayJob to the point where I expect at some point I'll be given the choice “get with the program or leave” (I plan to leave at that point, preferably by my own choice though we'll see how heated the discussion gets!), but if there is a at least one human at the end of the process that is properly testing and cleaning everything up so there can be nothing problematic in the AI output that survives, is that really practically any different to a fully human created contribution?

The problem with AI contributions in the vast majority of cases is the lazy ones, especially considering the sheer number of them. Using signs of AI as a code/documentation smell when it comes to filtering contributions is fine, especially if you have up-front requested no such contributions be sent. Permanently blocking people who have sent obviously AI-generated contributions previously despite you asking them not to, is also fine just as blocking people who have sent in entirely human made contributions that break your other requests/rules is. But banning all AI use when if you can't tell if a good contribution did or didn't use AI aid somewhere in the process, is both a daft extreme and actually impossible (if you can't tell, how do you tell?!).
dspillett
·9 giorni fa·discuss
> > The problem is that a lot of AI contributions are lazily produced without review.

That sounds like a contributor problem. Not an AI problem.


Ish. The tool is not doing the job fully, the contributor is not doing their task properly, checking for that, and fixing the issues.

> I still don't understand a "no AI" policy whose only purpose is to weed out bad PRs. You should be weeding out bad PR's regardless of their source.

Think of it like offering a job, and getting 100s of CVs. You don't have time to review each in detail, so you weed out a chunk of them using superficial cues that have been indicators of issues in the past. They are filtering the other contributions too, the no AI rule is just part initial triage to save a lot of time.

You have missed a key point in what I wrote: "Those that have been properly reviewed for correctness [before being submitted] will be indiscernible from human-only contributions". It is like a Turing test: if you take the effort to make your AI aided contributions good enough to be indiscernible from good human-only contributions then the no-AI filter won't bother you because the people or automations enforcing it won't be able to discern that your contribution was assisted.

> where good code can't be submitted unless the submitter lies.

No. Unless it looks like a good contribution looks.

The problem a lot of projects are facing right now is being inundated by bad PRs from people using AI without the effort to, or likely the knowledge of how to, properly understand and explain & document the change. People have a limited amount of time and if the filter saves a lot of time then maybe losing one or two good contributions due to the filter is worth it - better that than the project stalling under the weight of managing all the PRs.

This is one of the reasons, even pre-AI, some projects declared themselves "open source but not open contribution".
dspillett
·10 giorni fa·discuss
> allows the reviewer to reject it on the "AI" grounds

… but still unfortunately leaves reviewers having to spend time checking submissions and rejecting them.
dspillett
·10 giorni fa·discuss
> I personally wouldn't care if it was AI-generated or not, as long as the content fit the latter category.

The problem is that a lot of AI contributions are lazily produced without review. Those that have been properly reviewed for correctness (tested to ensure actually working with no obvious undesirable side effects, tweaked where needed to be readable and understandable, fitting the other guidelines of the project, etc) will be indiscernible from human-only contributions, but there are a lot of people who make no such effort so the majority are not nearly this good.
dspillett
·10 giorni fa·discuss
> At least system restarts for major updates are announced like a week in advance so there is still some leeway.

Luxury.

My work machine used to do this, but I've had the current laptop reboot without warning while I'm actively using it (not actively giving input, but reading what is on-screen at the time).
dspillett
·10 giorni fa·discuss
> This was at a time when Windows seemingly needed to restart once or twice a day, at least.

Ah, the NT days… An IP address has changed, your computer needs to be rebooted for this to take effect. You have moved your chair, your computer needs to be rebooted for this to take effect. You sneezed, your computer needs to be rebooted…
dspillett
·10 giorni fa·discuss
I have mine set to do this automatically, though it sometimes fails, I think after some updates (though I've not looked into it enough to be confident this is the pattern). In these cases reopening the tabs/windows with ctrl+shft+T reopens most, bit not always all of them, and the ones that are lost seem quite arbitrary (it might be something I've had open for days or longer, or something I was looking as a short time before restarting).

PSA: Chrome's session restore function should not be trusted as a way of accurately maintaining state between restarts. I've not noticed the same with Firefox and Brave, though I don't currently use them as much (I'm slowly moving over to using mostly Brave or Firefox, I've not yet decided which…) so maybe they are no more reliable in this area.
dspillett
·10 giorni fa·discuss
I saw it more as “if you are insulted by this reasonable advice, then you are an immature idiot” rather than a more direct insult. Still passive-aggressive, but no insult intended if the reader isn't triggered.

Source: I use similar phrases this way.
dspillett
·11 giorni fa·discuss
https://en.wikipedia.org/wiki/Nocebo

Sometimes called non-cebo/none-cebo though I avoid that as starting with “nonce” can be a trigger for the easily befuddled and offended (“Could you be experiencing a noncebo type effect?”, “WHAT DID YOU CALL ME?!”).

As the wikipedia page points out, this is not to be confused with knowcebo, which sounds the same. This is where information leaks break blinding measures and render test results less (or completely not) meaningful.
dspillett
·11 giorni fa·discuss
> Everything could change in a presidential election

Not really, not immediately, IMO. And if they could, that would be a problem in itself.

It will take some time to undo what has been done and will still be done in the current term. To change things back quickly would take both someone despotic on “the other side” willing to force things through with executive orders, and have the general support needed to weather the negative PR associated with that, and (perhaps more importantly) insufficient kick-back getting those orders quickly reverted or watered down. Even if they elect someone, and a team around them, who is willing and able to work that way, the changes made recently include changes that will make them harder to roll back on. And even if things do get magically fixed in the next term, that would just prove how quickly they could be unfixed again four years later.