As someone who has only had a very basic understanding of how backpropagation works, I found this to be really easy to follow along with, so thanks for that.
The article is also clearly entirely written, or at least drafted, by AI. The explanation is great so I'm not sure how much it matters. It does feel like the myriad of voices and writing styles on the Internet is slowly being drowned out, which makes me a bit sad.
I think a certain level of hype is warranted for a model that can autonomously discover complex 27-year-old 0-days in OpenBSD for $20K[0]. We don't yet know what this does to the balance of attack/defense in OSS security, and we cannot know until the capability is widespread. My most hopeful guess is that it looks heavily in favor of attackers in the first 6-12 months while the oldest 0-days are still waiting to be discovered, before tipping in favor of defenders as the price goes down for Mythos-level models and the practice of using them for vulnerability review becomes widespread.
The absolute best case is at we end up with similar situation to modern cryptography, which is clearly in favor of defenders. One can imagine a world where a defender can run a codebase review for $X compute and patch all the low-hanging fruit, to the point where anything that remains for an attacker would cost $X*100000 (or some other large multiplier) to discover.
Completely agree. NPM has the only registry where massive supply chain attacks happen several times a year. Mainly the fault lies with NPM itself, but much of it is just a terrible opsec culture in the community.
Most package.jsons I see have semver operators on every dependency, so patches spread incredibly quickly. Package namespacing is not enforced, so there is no way of knowing who the maintainer is without looking it up on the registry first; for this reason many of the most popular packages are basically side projects maintained by a single developer*. Post-install scripts are enabled by default unless you use pnpm or bun.
When you combine all these factors, you get the absolute disaster of an ecosystem that NPM is.
*Not really the case for Axios as they are at least somewhat organized and financed via sponsors.
Then our continued existence is reliant on the agent's inability to figure out how to operate and maintain a source of energy. Keep in mind that any AGI will almost immediately be orders of magnitude more intelligent than us, it is limited only by the processing power it is able to harness. Would you take that bet?
Of course there is no AGI existing currently. But don't you see the current boom as a (small) step in that direction? Unless one believes that GI is a phenomenon exclusive to biological life, I don't understand why you would think we won't develop it with enough time. The will and motivation to do so is clearly there already.
The major difference here is that nukes aren't intelligent agents that make their own decisions. An AGI is a completely different ball game, it's difficult to make apt analogies from history when discussing the dangers.
This is not to say I agree with Scott's argument here, but I do believe AI safety (the alignment problem in particular) is absolutely something we should be concerned with, and so far it is looking grim.
(not OP, but) from a European perspective, it means one less GDPR headache. At the company I work for I know having PII going through a 3rd party server for this kind of purpose would be a no-go.
What you write is true, but generally the support and use of electronic identification in Germany is very poor, partially a result of complex and (at times) overly restrictive legislation. Especially compared to the Nordic countries where people use some sort of eID for practically everything.
I have no stats on hand for this, but my work is in developing integrations towards major eID providers in Europe.
Hm. I do find that to be in somewhat poor taste, but only because they've drawn her gender-hurdle as being almost the same size as the one for the girl born in Sahel. I'm willing to bet that if you asked the Gates, they would both say that the girl born in Sahel faces a far more considerable gender hurdle than Melinda did.
The report is saying that where you are born is the most predictive factor in determining how well you will do later in life, compared to other metrics.
By the way, how well do your theories on IQ and "genetic legacy" (nice dog-whistle) perform in combination with the actual data that shows pretty much every country in the world improving under almost every metric? Take Bangladesh now vs. 50 years ago for instance. Did the nation's "genetic legacy" magically improve over that time period?
Though I guess it must be easier to just attribute your situation to genetic superiority, rather than to theories supported by actual data.
I can't find any references in the report to Melinda as an example of gender inequality, and it seems extremly atypical of the Gates' to say that. Which part are you referring to, exactly?
Not a physicist, but: "expansion" is probably understating it. My guess would be something analogous to an insanely powerful neutron bomb. Interesting thought experiment, would love to see someone do the actual maths.
The article is also clearly entirely written, or at least drafted, by AI. The explanation is great so I'm not sure how much it matters. It does feel like the myriad of voices and writing styles on the Internet is slowly being drowned out, which makes me a bit sad.